Commit af2ca1df authored by JINMEI Tatuya's avatar JINMEI Tatuya
Browse files

[1938] logged "notauth" NOTIFYs.

also improved in-auth and not-auth cases of logs with the sender endpoint
information.
parent 5b1c236c
......@@ -266,9 +266,16 @@ bug ticket for this issue.
This is a debug message issued when the authoritative server has received
a command on the command channel.
% AUTH_RECEIVED_NOTIFY received incoming NOTIFY for zone name %1, zone class %2
% AUTH_RECEIVED_NOTIFY received incoming NOTIFY for zone %1/%2 from %3
This is a debug message reporting that an incoming NOTIFY was received.
% AUTH_RECEIVED_NOTIFY_NOTAUTH received bad NOTIFY for zone %1/%2 from %3
The authoritative server received a NOTIFY message, but the specified zone
doesn't match any of the zones served by the server. The server doesn't
process the message further, and returns a response with the Rcode being
NOTAUTH. Note: RFC 1996 does not specify the server behavior in this case;
responding with Rcode of NOTAUTH follows BIND 9's behavior.
% AUTH_RESPONSE_FAILURE exception while building response to query: %1
This is a debug message, generated by the authoritative server when an
attempt to create a response to a received DNS packet has failed. The
......
......@@ -747,6 +747,8 @@ AuthSrvImpl::processNotify(const IOMessage& io_message, Message& message,
std::auto_ptr<TSIGContext> tsig_context,
MessageAttributes& stats_attrs)
{
const IOEndpoint& remote_ep = io_message.getRemoteEndpoint(); // for logs
// The incoming notify must contain exactly one question for SOA of the
// zone name.
if (message.getRRCount(Message::SECTION_QUESTION) != 1) {
......@@ -780,6 +782,8 @@ AuthSrvImpl::processNotify(const IOMessage& io_message, Message& message,
dsrc_clients->find(question->getName(), true, false).exact_match_;
}
if (!is_auth) {
LOG_DEBUG(auth_logger, DBG_AUTH_DETAIL, AUTH_RECEIVED_NOTIFY_NOTAUTH)
.arg(question->getName()).arg(question->getClass()).arg(remote_ep);
makeErrorMessage(renderer_, message, buffer, Rcode::NOTAUTH(),
stats_attrs, tsig_context);
return (true);
......@@ -795,7 +799,7 @@ AuthSrvImpl::processNotify(const IOMessage& io_message, Message& message,
}
LOG_DEBUG(auth_logger, DBG_AUTH_DETAIL, AUTH_RECEIVED_NOTIFY)
.arg(question->getName()).arg(question->getClass());
.arg(question->getName()).arg(question->getClass()).arg(remote_ep);
const string remote_ip_address =
io_message.getRemoteEndpoint().getAddress().toText();
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment