Commit 657daef2 authored by Daniel Salzman's avatar Daniel Salzman

Merge branch 'key_events' into 'master'

dnssec: minor fix of rollover logging

See merge request !788
parents 95f106d4 da247ba9
...@@ -375,14 +375,16 @@ int knot_dnssec_key_rollover(kdnssec_ctx_t *ctx, zone_sign_reschedule_t *resched ...@@ -375,14 +375,16 @@ int knot_dnssec_key_rollover(kdnssec_ctx_t *ctx, zone_sign_reschedule_t *resched
ret = generate_key(ctx, true, ctx->now); ret = generate_key(ctx, true, ctx->now);
} }
reschedule->plan_ds_query = true; reschedule->plan_ds_query = true;
if (ret == KNOT_EOK) {
reschedule->keys_changed = true;
}
} }
if (!ctx->policy->singe_type_signing && ret == KNOT_EOK && !key_present(ctx, DNSKEY_FLAGS_ZSK)) { if (!ctx->policy->singe_type_signing && ret == KNOT_EOK && !key_present(ctx, DNSKEY_FLAGS_ZSK)) {
ret = generate_key(ctx, false, ctx->now); ret = generate_key(ctx, false, ctx->now);
if (ret == KNOT_EOK) {
reschedule->keys_changed = true;
}
} }
if (ret == KNOT_EOK) {
reschedule->keys_changed = true;
}
if (ret != KNOT_EOK) { if (ret != KNOT_EOK) {
return ret; return ret;
} }
...@@ -422,6 +424,7 @@ int knot_dnssec_key_rollover(kdnssec_ctx_t *ctx, zone_sign_reschedule_t *resched ...@@ -422,6 +424,7 @@ int knot_dnssec_key_rollover(kdnssec_ctx_t *ctx, zone_sign_reschedule_t *resched
next = next_action(ctx); next = next_action(ctx);
reschedule->next_rollover = next.time; reschedule->next_rollover = next.time;
} else { } else {
log_zone_warning(ctx->zone->dname, "DNSSEC, key rollover [%d] failed (%s)", (int)next.type, knot_strerror(ret));
reschedule->next_rollover = knot_time_add(knot_time(), 10); // fail => try in 10seconds #TODO better? reschedule->next_rollover = knot_time_add(knot_time(), 10); // fail => try in 10seconds #TODO better?
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment