Commit 492419d5 authored by Marek Vavruša's avatar Marek Vavruša

Merge branch 'master' into resolver_compat

Conflicts:
	Knot.files
	src/knot/nameserver/update.c
	src/knot/nameserver/update.h
	src/knot/server/tcp-handler.c
	src/knot/zone/events.c
	src/knot/zone/zone.c
	src/knot/zone/zone.h
	src/libknot/packet/net.c
	src/libknot/rdataset.c
	src/utils/nsupdate/nsupdate_params.h
parents 8abb2dee a9044f62
......@@ -41,8 +41,6 @@ src/common-knot/hex.c
src/common-knot/hex.h
src/common-knot/hhash.c
src/common-knot/hhash.h
src/common-knot/print.c
src/common-knot/print.h
src/common-knot/ref.c
src/common-knot/ref.h
src/common-knot/slab/alloc-common.h
......@@ -69,6 +67,8 @@ src/common/mem.c
src/common/mem.h
src/common/mempool.c
src/common/mempool.h
src/common/print.c
src/common/print.h
src/common/sockaddr.c
src/common/sockaddr.h
src/common/strlcpy.c
......@@ -164,6 +164,8 @@ src/knot/updates/changesets.c
src/knot/updates/changesets.h
src/knot/updates/ddns.c
src/knot/updates/ddns.h
src/knot/updates/zone-update.c
src/knot/updates/zone-update.h
src/knot/worker/pool.c
src/knot/worker/pool.h
src/knot/worker/queue.c
......@@ -228,6 +230,8 @@ src/libknot/packet/net.h
src/libknot/packet/pkt.c
src/libknot/packet/pkt.h
src/libknot/packet/wire.h
src/libknot/processing/overlay.c
src/libknot/processing/overlay.h
src/libknot/processing/process.c
src/libknot/processing/process.h
src/libknot/processing/requestor.c
......@@ -240,6 +244,7 @@ src/libknot/rrset-dump.c
src/libknot/rrset-dump.h
src/libknot/rrset.c
src/libknot/rrset.h
src/libknot/rrtype/aaaa.h
src/libknot/rrtype/dnskey.h
src/libknot/rrtype/nsec.h
src/libknot/rrtype/nsec3.c
......@@ -291,8 +296,6 @@ src/zscanner/error.c
src/zscanner/error.h
src/zscanner/functions.c
src/zscanner/functions.h
src/zscanner/loader.c
src/zscanner/loader.h
src/zscanner/scanner.h
src/zscanner/scanner.rl
src/zscanner/scanner_body.rl
......@@ -301,7 +304,6 @@ src/zscanner/tests/processing.h
src/zscanner/tests/tests.c
src/zscanner/tests/tests.h
src/zscanner/tests/zscanner-tool.c
src/zscanner/zscanner.h
tests/Makefile.am
tests/acl.c
tests/base32hex.c
......@@ -322,6 +324,7 @@ tests/hattrie.c
tests/hhash.c
tests/journal.c
tests/node.c
tests/overlay.c
tests/pkt.c
tests/process_answer.c
tests/process_query.c
......@@ -337,10 +340,7 @@ tests/slab.c
tests/wire.c
tests/worker_pool.c
tests/worker_queue.c
tests/zone-update.c
tests/zone_events.c
tests/zonedb.c
tests/ztree.c
src/libknot/rrtype/aaaa.h
src/libknot/processing/overlay.h
src/libknot/processing/overlay.c
tests/overlay.c
......@@ -271,8 +271,6 @@ The signing keys can be generated using ISC ``dnssec-keygen`` tool
only and there are some limitations:
* Keys for all zones must be placed in one directory.
* Algorithms based on RSA, DSA, and ECDSA are supported, support for
GOST algorithm is not finished yet.
* Only key publication, activation, inactivation, and removal time
stamps are utilized. Other time stamps are ignored.
* It is required, that both ``.private`` and ``.key`` files for each
......@@ -280,6 +278,7 @@ only and there are some limitations:
(even for verification only).
* There cannot be more than eight keys per zone. Keys which are not
published are not included in this number.
* Single-Type Signing Scheme is not supported.
Example how to generate NSEC3 capable zone signing key (ZSK) and key
signing key (KSK) for zone ``example.com``::
......
......@@ -51,13 +51,13 @@ If you want to control the daemon directly, use ``SIGINT`` to quit the process o
Actions:
stop Stop server.
reload Reload configuration and changed zones.
refresh [zone] Refresh slave zone (all if not specified).
refresh <zone> Refresh slave zone (all if not specified).
flush Flush journal and update zone files.
status Check if server is running.
zonestatus Show status of configured zones.
checkconf Check current server configuration.
checkzone [zone] Check zone (all if not specified).
memstats [zone] Estimate memory consumption for zone (all if not
checkzone <zone> Check zone (all if not specified).
memstats <zone> Estimate memory consumption for zone (all if not
specified).
Also, the server needs to create several files in order to run properly. These
......
......@@ -289,6 +289,8 @@ libknotd_la_SOURCES = \
knot/updates/ddns.h \
knot/updates/apply.c \
knot/updates/apply.h \
knot/updates/zone-update.c \
knot/updates/zone-update.h \
knot/worker/pool.c \
knot/worker/pool.h \
knot/worker/queue.c \
......
......@@ -80,7 +80,7 @@ static trie_node_t* alloc_trie_node(hattrie_t* T, node_ptr child)
for (i = 0; i < NODE_CHILDS; ++i) node->xs[i] = child;
return node;
}
/* iterate trie nodes until string is consumed or bucket is found */
static node_ptr hattrie_consume_ns(node_ptr **s, size_t *sp, size_t slen,
const char **k, size_t *l, unsigned min_len)
......@@ -190,6 +190,39 @@ static value_t* hattrie_find_rightmost(node_ptr node)
return hhash_indexval(node.b, node.b->weight - 1);
}
static value_t* hattrie_find_leftmost(node_ptr node)
{
/* iterate children from left */
if (*node.flag & NODE_TYPE_TRIE) {
for (int i = 0; i <= TRIE_MAXCHAR; ++i) {
/* skip repeated pointers to hybrid bucket */
if (i < TRIE_MAXCHAR - 1 && node.t->xs[i].t == node.t->xs[i + 1].t) {
continue;
}
/* nest if trie */
value_t *ret = hattrie_find_leftmost(node.t->xs[i]);
if (ret) {
return ret;
}
}
/* use trie node value if no children found */
if (node.t->flag & NODE_HAS_VAL) {
return &node.t->val;
}
/* no non-empty children? */
return NULL;
}
/* node is hashtable */
if (node.b->weight == 0) {
return NULL;
}
/* return leftmost value */
assert(node.b->index);
return hhash_indexval(node.b, 0);
}
/* find node in trie and keep node stack (if slen > 0) */
static node_ptr hattrie_find_ns(node_ptr **s, size_t *sp, size_t slen,
const char **key, size_t *len)
......@@ -665,7 +698,7 @@ value_t* hattrie_tryget(hattrie_t* T, const char* key, size_t len)
return hhash_find(node.b, key, len);
}
static value_t* hattrie_walk(node_ptr* s, size_t sp,
static value_t* hattrie_walk_left(node_ptr* s, size_t sp,
const char* key, value_t* (*f)(node_ptr))
{
value_t *r = NULL;
......@@ -701,6 +734,41 @@ static value_t* hattrie_walk(node_ptr* s, size_t sp,
return NULL;
}
static value_t* hattrie_walk_right(node_ptr* s, size_t sp,
const char* key, value_t* (*f)(node_ptr))
{
value_t *r = NULL;
while (r == NULL) {
/* if not found next in table, it should be
* the leftmost of the nodes right of the current
*/
node_ptr visited = s[sp].t->xs[(unsigned char)*key];
for (int i = *key + 1; i <= TRIE_MAXCHAR; ++i) {
if (s[sp].t->xs[i].flag == visited.flag)
continue; /* skip pointers to visited container */
r = f(s[sp].t->xs[i]);
if (r) {
return r;
}
}
/* use trie node value if possible */
if (s[sp].t->flag & NODE_HAS_VAL) {
return &s[sp].t->val;
}
/* consumed whole stack */
if (sp == 0) {
break;
}
/* pop stack */
--key;
--sp;
}
return NULL;
}
int hattrie_find_leq (hattrie_t* T, const char* key, size_t len, value_t** dst)
{
/* create node stack for traceback */
......@@ -713,7 +781,7 @@ int hattrie_find_leq (hattrie_t* T, const char* key, size_t len, value_t** dst)
int ret = 1; /* no node on the left matches */
node_ptr node = hattrie_find_ns(&ns, &sp, NODESTACK_INIT, &key, &len);
if (node.flag == NULL) {
*dst = hattrie_walk(ns, sp, key, hattrie_find_rightmost);
*dst = hattrie_walk_left(ns, sp, key, hattrie_find_rightmost);
if (ns != bs) free(ns);
if (*dst) {
return -1; /* found previous */
......@@ -741,7 +809,7 @@ int hattrie_find_leq (hattrie_t* T, const char* key, size_t len, value_t** dst)
--key;
}
/* walk up the stack of visited nodes and find closest match on the left */
*dst = hattrie_walk(ns, sp, key, hattrie_find_rightmost);
*dst = hattrie_walk_left(ns, sp, key, hattrie_find_rightmost);
if (*dst) {
ret = -1; /* found previous */
} else {
......@@ -753,6 +821,49 @@ int hattrie_find_leq (hattrie_t* T, const char* key, size_t len, value_t** dst)
return ret;
}
int hattrie_find_next (hattrie_t* T, const char* key, size_t len, value_t **dst)
{
/* create node stack for traceback */
size_t sp = 0;
node_ptr bs[NODESTACK_INIT]; /* base stack (will be enough mostly) */
node_ptr *ns = bs; /* generic ptr, could point to new mem */
ns[sp] = T->root;
/* find node for given key */
node_ptr ptr = hattrie_find_ns(&ns, &sp, NODESTACK_INIT, &key, &len);
if (ptr.flag == NULL) {
*dst = hattrie_walk_right(ns, sp, key, hattrie_find_leftmost);
if (*dst) {
return 0; /* found next. */
} else {
return 1; /* no next key found. */
}
}
int ret = 0;
if (*ptr.flag & NODE_TYPE_TRIE) {
/* Get next using walk. */
ret = 1;
} else {
ret = hhash_find_next(ptr.b, key, len, dst);
}
if (ret == 1) {
/* we're retracing from pure bucket, pop the key. */
if (*ptr.flag & NODE_TYPE_PURE_BUCKET) {
--key;
}
*dst = hattrie_walk_right(ns, sp, key, hattrie_find_leftmost);
if (*dst) {
ret = 0; /* found next. */
} else {
ret = 1; /* no next key found. */
}
}
return ret;
}
int hattrie_del(hattrie_t* T, const char* key, size_t len)
{
node_ptr parent = T->root;
......
......@@ -73,6 +73,8 @@ value_t* hattrie_tryget (hattrie_t*, const char* key, size_t len);
/** Find a given key in the table, returning a NULL pointer if it does not
* exist. Also set prev to point to previous node. */
int hattrie_find_leq (hattrie_t*, const char* key, size_t len, value_t** dst);
/** Find a next value for given key, returning NULL if it does not exist. */
int hattrie_find_next (hattrie_t* T, const char* key, size_t len, value_t **dst);
/** Delete a given key from trie. Returns 0 if successful or -1 if not found.
*/
......
......@@ -432,6 +432,25 @@ int hhash_find_leq(hhash_t* tbl, const char* key, uint16_t len, value_t** dst)
return 1;
}
int hhash_find_next(hhash_t* tbl, const char* key, uint16_t len, value_t** dst)
{
*dst = NULL;
if (tbl->weight == 0) {
return 1;
}
int k = BIN_SEARCH_FIRST_GE_CMP(tbl, tbl->weight, CMP_LE, key, len);
hhelem_t *found = tbl->item + tbl->index[k];
/* Found prev or equal, we want next */
if (k + 1 < tbl->weight) {
found = tbl->item + tbl->index[k + 1];
*dst = (value_t *)KEY_VAL(found->d);
return 0;
} else {
return 1;
}
}
/* Private iterator flags. */
enum {
HH_SORTED = 0x01 /* sorted iteration */
......
......@@ -169,6 +169,14 @@ void hhash_build_index(hhash_t* tbl);
*/
int hhash_find_leq(hhash_t* tbl, const char* key, uint16_t len, value_t **dst);
/*!
* \brief Find a key that is a lexicographic successor.
*
* \retval 0 if successor found.
* \retval 1 if couldn't find a successor.
*/
int hhash_find_next(hhash_t* tbl, const char* key, uint16_t len, value_t** dst);
/*! \brief Hash table iterator. */
typedef struct htable_iter {
unsigned flags; /* Internal */
......
......@@ -107,7 +107,8 @@ static struct log_sink *sink_setup(unsigned logfiles)
/*! \brief Publish new log sink and free the replaced. */
static void sink_publish(struct log_sink *log)
{
struct log_sink *old_log = rcu_xchg_pointer(&s_log, log);
struct log_sink **current_log = &s_log;
struct log_sink *old_log = rcu_xchg_pointer(current_log, log);
synchronize_rcu();
sink_free(old_log);
}
......@@ -277,7 +278,7 @@ static int emit_log_msg(logsrc_t src, int level, const char *msg)
}
// Print
ret = fprintf(stream, "%s%s", tstr, msg);
ret = fprintf(stream, "%s%s\n", tstr, msg);
if (stream == stdout) {
fflush(stream);
}
......@@ -481,7 +482,7 @@ int log_reconfigure(const struct conf_t *conf, void *data)
if (facility == LOGT_FILE) {
facility = log_open_file(log, facility_conf->file);
if (facility < 0) {
log_error("Failed to open logfile '%s'\n",
log_error("Failed to open logfile '%s'",
facility_conf->file);
continue;
}
......
......@@ -84,7 +84,7 @@ static void cf_print_error(void *scanner, const char *msg)
filename = new_config->filename;
}
log_error("config error in '%s' (line %d token '%s'): %s\n",
log_error("config error in '%s' (line %d token '%s'): %s",
filename, lineno, text, msg);
_parser_res = KNOT_EPARSEFAIL;
......@@ -226,7 +226,7 @@ static int conf_process(conf_t *conf)
/* Check for ACL existence. */
if (!EMPTY_LIST(conf->ctl.allow)) {
log_warning("control 'allow' statement does not "
"affect UNIX sockets\n");
"affect UNIX sockets");
}
} else if (sockaddr_port(&ctl_if->addr) <= 0) {
sockaddr_port_set(&ctl_if->addr, REMOTE_DPORT);
......@@ -365,7 +365,7 @@ static int conf_process(conf_t *conf)
) {
log_zone_str_notice(zone->name, "automatic "
"DNSSEC signing enabled, disabling "
"incoming XFRs\n");
"incoming XFRs");
WALK_LIST_FREE(zone->acl.notify_in);
WALK_LIST_FREE(zone->acl.xfr_in);
......@@ -393,13 +393,13 @@ static int conf_process(conf_t *conf)
/* Check paths existence. */
if (!is_existing_dir(zone->storage)) {
log_error("storage directory '%s' does not exist\n",
log_error("storage directory '%s' does not exist",
zone->storage);
ret = KNOT_EINVAL;
continue;
}
if (zone->dnssec_enable && !is_existing_dir(zone->dnssec_keydir)) {
log_error("DNSSEC key directory '%s' does not exist\n",
log_error("DNSSEC key directory '%s' does not exist",
zone->dnssec_keydir);
ret = KNOT_EINVAL;
continue;
......@@ -820,8 +820,9 @@ char* strcpath(char *path)
char* remainder = strchr(path,'~');
if (remainder != NULL) {
if (remainder[1] != '/') {
log_warning("cannot expand non-login user home"
"directory '%s', use full path instead", path);
log_warning("cannot expand non-login user home "
"directory '%s', use full path instead",
path);
}
// Get full path
......
......@@ -21,7 +21,6 @@
#include "common/lists.h"
#include "common/mem.h"
#include "knot/zone/node.h"
#include "zscanner/zscanner.h"
#include "libknot/descriptor.h"
// Addition constants used for tweaking, mostly malloc overhead
......
......@@ -27,7 +27,7 @@
#pragma once
#include "common-knot/hattrie/hat-trie.h"
#include "zscanner/zscanner.h"
#include "zscanner/scanner.h"
// Mutiplicative constant, needed because of malloc's fragmentation
static const double ESTIMATE_MAGIC = 1.0;
......
This diff is collapsed.
......@@ -140,17 +140,17 @@ int proc_update_privileges(int uid, int gid)
if ((uid_t)uid != getuid() || (gid_t)gid != getgid()) {
if (setgroups(0, NULL) < 0) {
log_warning("failed to drop supplementary groups for "
"UID '%d': %s\n", getuid(), strerror(errno));
"UID '%d': %s", getuid(), strerror(errno));
}
# ifdef HAVE_INITGROUPS
struct passwd *pw;
if ((pw = getpwuid(uid)) == NULL) {
log_warning("failed to get passwd entry for UID '%d': %s\n",
log_warning("failed to get passwd entry for UID '%d': %s",
uid, strerror(errno));
} else {
if (initgroups(pw->pw_name, gid) < 0) {
log_warning("failed to set supplementary groups "
"for UID '%d': %s\n", uid, strerror(errno));
"for UID '%d': %s", uid, strerror(errno));
}
}
# endif /* HAVE_INITGROUPS */
......@@ -159,15 +159,15 @@ int proc_update_privileges(int uid, int gid)
/* Watch uid/gid. */
if ((gid_t)gid != getgid()) {
log_info("changing GID to '%d'\n", gid);
log_info("changing GID to '%d'", gid);
if (setregid(gid, gid) < 0) {
log_error("failed to change GID to '%d'\n", gid);
log_error("failed to change GID to '%d'", gid);
}
}
if ((uid_t)uid != getuid()) {
log_info("changing UID to '%d'\n", uid);
log_info("changing UID to '%d'", uid);
if (setreuid(uid, uid) < 0) {
log_error("failed to change UID to '%d'\n", uid);
log_error("failed to change UID to '%d'", uid);
}
}
......@@ -184,7 +184,7 @@ int proc_update_privileges(int uid, int gid)
assert(lfile != NULL);
FILE* fp = fopen(lfile, "w");
if (fp == NULL) {
log_warning("storage directory '%s' is not writable\n",
log_warning("storage directory '%s' is not writable",
zone->storage);
ret = KNOT_EACCES;
} else {
......@@ -210,18 +210,18 @@ char *pid_check_and_create()
/* Check PID for existence and liveness. */
if (pid > 0 && pid_running(pid)) {
log_error("server PID found, already running\n");
log_error("server PID found, already running");
free(pidfile);
return NULL;
} else if (stat(pidfile, &st) == 0) {
log_warning("removing stale PID file '%s'\n", pidfile);
log_warning("removing stale PID file '%s'", pidfile);
pid_remove(pidfile);
}
/* Create a PID file. */
int ret = pid_write(pidfile);
if (ret != KNOT_EOK) {
log_error("couldn't create a PID file '%s'\n", pidfile);
log_error("couldn't create a PID file '%s'", pidfile);
free(pidfile);
return NULL;
}
......
......@@ -411,7 +411,7 @@ int remote_bind(conf_iface_t *desc)
char addr_str[SOCKADDR_STRLEN] = {0};
sockaddr_tostr(&desc->addr, addr_str, sizeof(addr_str));
log_info("binding remote control interface to '%s'\n", addr_str);
log_info("binding remote control interface to '%s'", addr_str);
/* Create new socket. */
mode_t old_umask = umask(KNOT_CTL_SOCKET_UMASK);
......@@ -424,7 +424,7 @@ int remote_bind(conf_iface_t *desc)
/* Start listening. */
int ret = listen(sock, TCP_BACKLOG_SIZE);
if (ret < 0) {
log_error("could not bind to '%s'\n", addr_str);
log_error("could not bind to '%s'", addr_str);
close(sock);
return ret;
}
......@@ -563,7 +563,7 @@ static void log_command(const char *cmd, const remote_cmdargs_t* args)
}
}
log_info("remote command: '%s%s'\n", cmd, params);
log_info("remote command: '%s%s'", cmd, params);
}
int remote_answer(int sock, server_t *s, knot_pkt_t *pkt)
......@@ -657,7 +657,7 @@ static int zones_verify_tsig_query(const knot_pkt_t *query,
assert(tsig_rcode != NULL);
if (query->tsig_rr == NULL) {
log_info("TSIG: key required, query REFUSED\n");
log_info("TSIG: key required, query REFUSED");
*rcode = KNOT_RCODE_REFUSED;
return KNOT_TSIG_EBADKEY;
}
......@@ -667,7 +667,7 @@ static int zones_verify_tsig_query(const knot_pkt_t *query,
*/
knot_tsig_algorithm_t alg = tsig_rdata_alg(query->tsig_rr);
if (knot_tsig_digest_length(alg) == 0) {
log_info("TSIG: unsupported algorithm, query NOTAUTH\n");
log_info("TSIG: unsupported algorithm, query NOTAUTH");
/*! \todo [TSIG] It is unclear from RFC if I
* should treat is as a bad key
* or some other error.
......@@ -710,7 +710,7 @@ static int zones_verify_tsig_query(const knot_pkt_t *query,
if (mac_len > digest_max_size) {
*rcode = KNOT_RCODE_FORMERR;
log_info("TSIG: MAC length %zu exceeds maximum size %zu\n",
log_info("TSIG: MAC length %zu exceeds maximum size %zu",
mac_len, digest_max_size);
return KNOT_EMALF;
} else {
......@@ -790,7 +790,7 @@ int remote_process(server_t *s, conf_iface_t *ctl_if, int sock,
uint64_t ts_tmsigned = 0;
if (match == NULL) {
log_warning("denied remote control for '%s', "
"no matching ACL\n", addr_str);
"no matching ACL", addr_str);
remote_senderr(client, pkt->wire, pkt->size);
ret = KNOT_EACCES;
goto finish;
......@@ -802,7 +802,7 @@ int remote_process(server_t *s, conf_iface_t *ctl_if, int sock,
if (tsig_key) {
if (pkt->tsig_rr == NULL) {
log_warning("denied remote control for '%s', "
"key required\n", addr_str);
"key required", addr_str);
remote_senderr(client, pkt->wire, pkt->size);
ret = KNOT_EACCES;
goto finish;
......@@ -811,7 +811,7 @@ int remote_process(server_t *s, conf_iface_t *ctl_if, int sock,
&ts_trc, &ts_tmsigned);
if (ret != KNOT_EOK) {
log_warning("denied remote control for '%s', "
"key verification failed\n", addr_str);
"key verification failed", addr_str);
remote_senderr(client, pkt->wire, pkt->size);
ret = KNOT_EACCES;
goto finish;
......
......@@ -121,7 +121,7 @@ static int shallow_copy_signature(const zone_node_t *from, zone_node_t *to)
if (knot_rrset_empty(&from_sig)) {
return KNOT_EOK;
}
return node_add_rrset(to, &from_sig);
return node_add_rrset(to, &from_sig, NULL);
}
/*!
......@@ -179,7 +179,7 @@ static void free_nsec3_tree(zone_tree_t *nodes)
knot_rdataset_t *rrsig = node_rdataset(node, KNOT_RRTYPE_RRSIG);
knot_rdataset_clear(nsec3, NULL);
knot_rdataset_clear(rrsig, NULL);
node_free(&node);
node_free(&node, NULL);
}
hattrie_iter_free(it);
......@@ -283,7 +283,7 @@ static zone_node_t *create_nsec3_node(knot_dname_t *owner,
assert(apex_node);
assert(rr_types);
zone_node_t *new_node = node_new(owner);
zone_node_t *new_node = node_new(owner, NULL);
if (!new_node) {
return NULL;
}
......@@ -294,14 +294,14 @@ static zone_node_t *create_nsec3_node(knot_dname_t *owner,
int ret = create_nsec3_rrset(&nsec3_rrset, owner, nsec3_params,
rr_types, NULL, ttl);
if (ret != KNOT_EOK) {
node_free(&new_node);
node_free(&new_node, NULL);
return NULL;
}
ret = node_add_rrset(new_node, &nsec3_rrset);
ret = node_add_rrset(new_node, &nsec3_rrset, NULL);
knot_rrset_clear(&nsec3_rrset, NULL);
if (ret != KNOT_EOK) {
node_free(&new_node);
node_free(&new_node, NULL);
return NULL;
}
......
......@@ -44,7 +44,7 @@ static int init_dnssec_structs(const zone_contents_t *zone,
zone->apex->owner,
nsec3_enabled, zone_keys);
if (result != KNOT_EOK) {
log_zone_error(zone->apex->owner, "DNSSEC: failed to load keys: %s\n",
log_zone_error(zone->apex->owner, "DNSSEC, failed to load keys: %s",
knot_strerror(result));
knot_free_zone_keys(zone_keys);
return result;
......@@ -72,7 +72,7 @@ static int zone_sign(zone_contents_t *zone, const conf_zone_t *zone_config,
const knot_dname_t *zone_name = zone->apex->owner;
log_zone_info(zone_name, "DNSSEC: signing started\n");
log_zone_info(zone_name, "DNSSEC, signing started");
uint32_t new_serial = zone_contents_next_serial(zone, zone_config->serial_policy);
dbg_dnssec_verb("changeset empty before generating NSEC chain: %d\n",
......@@ -92,7 +92,7 @@ static int zone_sign(zone_contents_t *zone, const conf_zone_t *zone_config,
result = knot_zone_create_nsec_chain(zone, out_ch,
&zone_keys, &policy);
if (result != KNOT_EOK) {
log_zone_error(zone_name, "DNSSEC: could not create NSEC(3) chain: %s\n",
log_zone_error(zone_name, "DNSSEC, could not create NSEC(3) chain: %s",
knot_strerror(result));
knot_free_zone_keys(&zone_keys);
return result;
......@@ -104,7 +104,7 @@ static int zone_sign(zone_contents_t *zone, const conf_zone_t *zone_config,
result = knot_zone_sign(zone, &zone_keys, &policy, out_ch,
refresh_at);
if (result != KNOT_EOK) {
log_zone_error(zone_name, "DNSSEC: error while signing: %s\n",
log_zone_error(zone_name, "DNSSEC, error while signing: %s",
knot_strerror(result));
knot_free_zone_keys(&zone_keys);
return result;
......@@ -115,7 +115,7 @@ static int zone_sign(zone_contents_t *zone, const conf_zone_t *zone_config,
// Check if only SOA changed
if (changeset_empty(out_ch) &&
!knot_zone_sign_soa_expired(zone, &zone_keys, &policy)) {
log_zone_info(zone_name, "DNSSEC: no signing performed, zone is valid\n");
log_zone_info(zone_name, "DNSSEC, no signing performed, zone is valid");
knot_free_zone_keys(&zone_keys);
assert(changeset_empty(out_ch));
return KNOT_EOK;
......@@ -128,8 +128,8 @@ static int zone_sign(zone_contents_t *zone, const conf_zone_t *zone_config,
result = knot_zone_sign_update_soa(&soa, &rrsigs, &zone_keys, &policy,
new_serial, out_ch);
if (result != KNOT_EOK) {
log_zone_error(zone_name, "DNSSEC: not signing, cannot update "
"SOA record: %s\n", knot_strerror(result));
log_zone_error(zone_name, "DNSSEC, not signing, cannot update "
"SOA record: %s", knot_strerror(result));
knot_free_zone_keys(&zone_keys);
return result;
}
......@@ -138,7 +138,7 @@ static int zone_sign(zone_contents_t *zone, const conf_zone_t *zone_config,
dbg_dnssec_detail("zone signed: changes=%zu\n",
changeset_size(out_ch));
log_zone_info(zone_name, "DNSSEC: successfully signed\n");
log_zone_info(zone_name, "DNSSEC, successfully signed");
return KNOT_EOK;
}
......@@ -195,7 +195,7 @@ int knot_dnssec_sign_changeset(const zone_contents_t *zone,
ret = knot_zone_sign_changeset(zone, in_ch, out_ch,
&zone_keys, &policy);
if (ret != KNOT_EOK) {
log_zone_error(zone_name, "DNSSEC: failed to sign changeset: %s\n",
log_zone_error(zone_name, "DNSSEC, failed to sign changeset: %s",
knot_strerror(ret));
knot_free_zone_keys(&zone_keys);
return ret;
......@@ -204,7 +204,7 @@ int knot_dnssec_sign_changeset(const zone_contents_t *zone,