From e4752ae279cca86b80581bf9df305c8a48a4d0ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Wed, 7 Jun 2017 09:02:06 +0200 Subject: [PATCH] [v9_10] Clarify error message printed by dnssec-dsfromkey 4663. [cleanup] Clarify error message printed by dnssec-dsfromkey. [RT #21731] (cherry picked from commit c150f686098666d138bad432e6acc76d1c1d6090) --- CHANGES | 3 +++ bin/dnssec/dnssec-dsfromkey.c | 2 +- bin/tests/system/dnssec/clean.sh | 1 + bin/tests/system/dnssec/tests.sh | 12 ++++++++++++ 4 files changed, 17 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 953610a2d9..fdfe071e5b 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +4663. [cleanup] Clarify error message printed by dnssec-dsfromkey. + [RT #21731] + 4662. [performance] Improve cache memory cleanup of zero TTL records by putting them at the tail of LRU header lists. [RT #45274] diff --git a/bin/dnssec/dnssec-dsfromkey.c b/bin/dnssec/dnssec-dsfromkey.c index 0a83d82b05..d3298fefb2 100644 --- a/bin/dnssec/dnssec-dsfromkey.c +++ b/bin/dnssec/dnssec-dsfromkey.c @@ -191,7 +191,7 @@ loadkey(char *filename, unsigned char *key_buf, unsigned int key_buf_size, result = dst_key_fromnamedfile(filename, NULL, DST_TYPE_PUBLIC, mctx, &key); if (result != ISC_R_SUCCESS) - fatal("invalid keyfile name %s: %s", + fatal("can't load %s.key: %s", filename, isc_result_totext(result)); if (verbose > 2) { diff --git a/bin/tests/system/dnssec/clean.sh b/bin/tests/system/dnssec/clean.sh index dbab82ac3c..941b98d5a1 100644 --- a/bin/tests/system/dnssec/clean.sh +++ b/bin/tests/system/dnssec/clean.sh @@ -27,6 +27,7 @@ rm -f canonical?.* rm -f delv.out* rm -f delve.out* rm -f dig.out.* +rm -f dsfromkey.out.* rm -f keygen.err rm -f named.secroots.test* rm -f nosign.before diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh index 5151c55229..74a0875a44 100644 --- a/bin/tests/system/dnssec/tests.sh +++ b/bin/tests/system/dnssec/tests.sh @@ -2109,6 +2109,18 @@ n=`expr $n + 1` if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` +# Intentionally strip ".key" from keyfile name to ensure the error message +# includes it anyway to avoid confusion (RT #21731) +echo "I:check dnssec-dsfromkey error message when keyfile is not found ($n)" +ret=0 +key=`$KEYGEN -q -r $RANDFILE example.` || ret=1 +mv $key.key $key +$DSFROMKEY $key > dsfromkey.out.$n 2>&1 && ret=1 +grep "$key.key: file not found" dsfromkey.out.$n > /dev/null || ret=1 +n=`expr $n + 1` +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + echo "I:testing soon-to-expire RRSIGs without a replacement private key ($n)" ret=0 $DIG +noall +answer +dnssec +nottl -p 5300 expiring.example ns @10.53.0.3 | grep RRSIG > dig.out.ns3.test$n 2>&1