From 4a7c78b2901ac022d81d0672d0efab7be4b2a129 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Wed, 9 Nov 2022 12:12:07 +0000
Subject: [PATCH] Report the key name that failed in retry_keyfetch

When there are multiple managed trust anchors we need to know the
name of the trust anchor that is failing.  Extend the error message
to include the trust anchor name.

(cherry picked from commit fb7b7ac4959be1f8b038a6cb53a8ba823ee7f7da)
---
 lib/dns/zone.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 089e717ef5..4fe775c7d1 100644
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -11033,6 +11033,11 @@ retry_keyfetch(dns_keyfetch_t *kfetch, dns_name_t *kname) {
 	isc_time_t timenow, timethen;
 	dns_zone_t *zone = kfetch->zone;
 	bool free_needed;
+	char namebuf[DNS_NAME_FORMATSIZE];
+
+	dns_name_format(kname, namebuf, sizeof(namebuf));
+	dnssec_log(zone, ISC_LOG_WARNING,
+		   "Failed to create fetch for %s DNSKEY update", namebuf);
 
 	/*
 	 * Error during a key fetch; cancel and retry in an hour.
@@ -11044,8 +11049,6 @@ retry_keyfetch(dns_keyfetch_t *kfetch, dns_name_t *kname) {
 	dns_rdataset_disassociate(&kfetch->keydataset);
 	dns_name_free(kname, zone->mctx);
 	isc_mem_putanddetach(&kfetch->mctx, kfetch, sizeof(*kfetch));
-	dnssec_log(zone, ISC_LOG_WARNING,
-		   "Failed to create fetch for DNSKEY update");
 
 	if (!DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING)) {
 		/* Don't really retry if we are exiting */