Commit 83dc5a70 authored by Evan Hunt's avatar Evan Hunt

report when NTAs added to multiple views

- the text returned by "rndc nta" when adding NTAs to multiple views
  was incorrectly terminated after the first line, so users only saw
  on NTA added unless they checked the logs.
parent 07f29a08
......@@ -938,7 +938,8 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig,
/* We don't need trust anchors for the _bind view */
if (strcmp(view->name, "_bind") == 0 &&
view->rdclass == dns_rdataclass_chaos) {
view->rdclass == dns_rdataclass_chaos)
{
return (ISC_R_SUCCESS);
}
......@@ -14344,18 +14345,23 @@ named_server_nta(named_server_t *server, isc_lex_t *lex,
view != NULL;
view = ISC_LIST_NEXT(view, link))
{
if (viewname != NULL &&
strcmp(view->name, viewname) != 0)
static bool first = true;
if (viewname != NULL && strcmp(view->name, viewname) != 0) {
continue;
}
if (view->nta_lifetime == 0)
if (view->nta_lifetime == 0) {
continue;
}
if (!ttlset)
if (!ttlset) {
ntattl = view->nta_lifetime;
}
if (ntatable != NULL)
if (ntatable != NULL) {
dns_ntatable_detach(&ntatable);
}
result = dns_view_getntatable(view, &ntatable);
if (result == ISC_R_NOTFOUND) {
......@@ -14378,6 +14384,11 @@ named_server_nta(named_server_t *server, isc_lex_t *lex,
isc_time_set(&t, when, 0);
isc_time_formattimestamp(&t, tbuf, sizeof(tbuf));
if (!first) {
CHECK(putstr(text, "\n"));
}
first = false;
CHECK(putstr(text, "Negative trust anchor added: "));
CHECK(putstr(text, namebuf));
CHECK(putstr(text, "/"));
......@@ -14392,6 +14403,11 @@ named_server_nta(named_server_t *server, isc_lex_t *lex,
} else {
CHECK(dns_ntatable_delete(ntatable, ntaname));
if (!first) {
CHECK(putstr(text, "\n"));
}
first = false;
CHECK(putstr(text, "Negative trust anchor removed: "));
CHECK(putstr(text, namebuf));
CHECK(putstr(text, "/"));
......@@ -14411,11 +14427,10 @@ named_server_nta(named_server_t *server, isc_lex_t *lex,
"for view '%s': %s",
view->name, isc_result_totext(result));
}
CHECK(putnull(text));
}
CHECK(putnull(text));
cleanup:
if (msg != NULL) {
(void) putstr(text, msg);
......
......@@ -25,3 +25,4 @@ rm -f nsupdate.out.*.test*
rm -f python.out.*.test*
rm -f rndc.out.*.test*
rm -f ns*/managed-keys.bind* ns*/*.mkeys*
rm -f ns*/*.nta
......@@ -14,7 +14,6 @@ options {
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };
recursion no;
};
key rndc_key {
......@@ -31,8 +30,17 @@ controls {
inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
view all {
match-clients { any; };
recursion no;
zone "." {
type hint;
file "../../common/root.hint";
};
};
zone "." {
type hint;
file "../../common/root.hint";
view none {
match-clients { none; };
};
......@@ -656,5 +656,14 @@ grep "address family not supported" rndc.out.1.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo_i "check rndc nta reports adding to multiple views ($n)"
ret=0
$RNDCCMD 10.53.0.3 nta test.com > rndc.out.test$n 2>&1 || ret=1
lines=`cat rndc.out.test$n | wc -l`
[ ${lines:-0} -eq 2 ] || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment