Commit 0436d5cc authored by Evan Hunt's avatar Evan Hunt Committed by Mark Andrews
Browse files

Report KSK's that are missing from DS/DLV RRset

parent 4c041542
......@@ -170,9 +170,9 @@ def checkds(zone, masterfile = None):
(ds.rrname.strip('.'), ds.keyalg,
ds.keyid, DSRR.hashalgs[ds.hashalg]))
found = True
if not found:
print ("No DS records found covering %s/DNSKEY" % zone)
else:
print ("No DS records found for KSK %s/%03d/%05d" %
(ds.rrname, ds.keyalg, ds.keyid))
return found
......@@ -216,9 +216,9 @@ def checkdlv(zone, lookaside, masterfile = None):
(dlv.parent, dlv.keyalg, dlv.keyid,
DLVRR.hashalgs[dlv.hashalg], dlv.dlvname))
found = True
if not found:
print ("No DLV records found covering %s/DNSKEY" % zone)
else:
print ("No DLV records found for KSK %s/%03d/%05d in %s" %
(dlv.parent, dlv.keyalg, dlv.keyid, dlv.dlvname))
return found
......
......@@ -100,7 +100,7 @@ ret=0
$CHECKDS missing.example > checkds.out.$n || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'DS missing' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
......@@ -110,7 +110,7 @@ ret=0
$CHECKDS -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'DS missing' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
......@@ -120,7 +120,7 @@ ret=0
$CHECKDS -l dlv.example missing.example > checkds.out.$n || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'DS missing' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
......@@ -130,7 +130,7 @@ ret=0
$CHECKDS -l dlv.example -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'DS missing' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment