From c799c10ffe5f3a641aa6bd4365412c19cc0c0d2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Thu, 9 Nov 2017 15:18:39 +0100 Subject: [PATCH] [v9_9] Minor improvements to code handling managed keys 4812. [bug] Minor improvements to stability and consistency of code handling managed keys. [RT #46468] (cherry picked from commit 54c1627c6fdf22727fa8cee3cd96402ce9f1f391) --- CHANGES | 3 +++ contrib/check5011.pl | 2 +- lib/dns/zone.c | 10 +++++----- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/CHANGES b/CHANGES index 63d4b8ca29..5692b8ba79 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +4812. [bug] Minor improvements to stability and consistency of code + handling managed keys. [RT #46468] + 4810. [test] The chain system test failed if the IPv6 interfaces were not configured. [RT #46508] diff --git a/contrib/check5011.pl b/contrib/check5011.pl index 0751a80d49..78b0a4c612 100644 --- a/contrib/check5011.pl +++ b/contrib/check5011.pl @@ -43,7 +43,7 @@ sub printstatus ($) { my $a = shift; if ($a->{removehd} ne "19700101000000") { printf " untrusted and to be removed at %s\n", ext8601 $a->{removehd}; - } elsif ($a->{addhd} lt $now) { + } elsif ($a->{addhd} le $now) { printf " trusted\n"; } else { printf " waiting for %s\n", ext8601 $a->{addhd}; diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 4f31afdf44..6558e0b2c2 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -9126,7 +9126,7 @@ zone_refreshkeys(dns_zone_t *zone) { } /* Acceptance timer expired? */ - if (kd.addhd < now) + if (kd.addhd <= now) timer = kd.addhd; /* Or do we just need to refresh the keyset? */ @@ -9228,12 +9228,10 @@ zone_refreshkeys(dns_zone_t *zone) { isc_time_formattimestamp(&zone->refreshkeytime, timebuf, 80); dns_zone_log(zone, ISC_LOG_DEBUG(1), "retry key refresh: %s", timebuf); - - if (!fetching) - DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_REFRESHING); } - UNLOCK_ZONE(zone); + if (!fetching) + DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_REFRESHING); dns_diff_clear(&diff); if (ver != NULL) { @@ -9242,6 +9240,8 @@ zone_refreshkeys(dns_zone_t *zone) { } dns_db_detach(&db); + UNLOCK_ZONE(zone); + INSIST(ver == NULL); }