]> git.ipfire.org Git - thirdparty/pdns.git/commitdiff
projects / thirdparty / pdns.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 647d15b)
--trace logging with more details about trust anchors, plus ttl of auth data 5876/head
authorbert hubert <bert.hubert@netherlabs.nl>
Mon, 30 Oct 2017 10:15:15 +0000 (11:15 +0100)
committerbert hubert <bert.hubert@netherlabs.nl>
Mon, 30 Oct 2017 10:15:15 +0000 (11:15 +0100)
Print more details of trust anchors. In addition, the --trace output that mentions if data from authoritative servers gets accepted now also prints the TTL and clarifies the 'place' number previously printed.

pdns/syncres.cc patch | blob | blame | history

diff --git a/pdns/syncres.cc b/pdns/syncres.cc
index 8611d5e2759ae7f2d8cb6a7a8928dc92888b44d1..69e9f410b472a132acb977cf0858f8a9bd17a01e 100644 (file)
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@ -1440,20 +1440,24 @@ vState SyncRes::getTA(const DNSName& zone, dsmap_t& ds)
   auto luaLocal = g_luaconfs.getLocal();
 
   if (luaLocal->dsAnchors.empty()) {
+    LOG(d_prefix<<": No trust anchors configured, everything is Insecure"<<endl);
     /* We have no TA, everything is insecure */
     return Insecure;
   }
 
   std::string reason;
   if (haveNegativeTrustAnchor(luaLocal->negAnchors, zone, reason)) {
-    LOG(d_prefix<<": got NTA for "<<zone<<endl);
+    LOG(d_prefix<<": got NTA for '"<<zone<<"'"<<endl);
     return NTA;
   }
 
   if (getTrustAnchor(luaLocal->dsAnchors, zone, ds)) {
-    LOG(d_prefix<<": got TA for "<<zone<<endl);
+    LOG(d_prefix<<": got TA for '"<<zone<<"'"<<endl);
     return TA;
   }
+  else {
+    LOG(d_prefix<<": no TA found for '"<<zone<<"' among "<< luaLocal->dsAnchors.size()<<endl);
+  }
 
   if (zone.isRoot()) {
     /* No TA for the root */
@@ -1860,7 +1864,7 @@ RCode::rcodes_ SyncRes::updateCacheFromRecords(unsigned int depth, LWResult& lwr
       LOG(prefix<<qname<<": OPT answer '"<<rec.d_name<<"' from '"<<auth<<"' nameservers" <<endl);
       continue;
     }
-    LOG(prefix<<qname<<": accept answer '"<<rec.d_name<<"|"<<DNSRecordContent::NumberToType(rec.d_type)<<"|"<<rec.d_content->getZoneRepresentation()<<"' from '"<<auth<<"' nameservers? "<<(int)rec.d_place<<" ");
+    LOG(prefix<<qname<<": accept answer '"<<rec.d_name<<"|"<<DNSRecordContent::NumberToType(rec.d_type)<<"|"<<rec.d_content->getZoneRepresentation()<<"' from '"<<auth<<"' nameservers? ttl="<<rec.d_ttl<<", place="<<(int)rec.d_place<<" ");
     if(rec.d_type == QType::ANY) {
       LOG("NO! - we don't accept 'ANY' data"<<endl);
       continue;
Unnamed repository; edit this file 'description' to name the repository.