From 34b5d194886fc1c9427672c98cdec917ca317fc3 Mon Sep 17 00:00:00 2001
From: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Date: Mon, 27 Jul 2015 19:34:23 +0100
Subject: [PATCH] Update DNSSEC timestamp file on process TERM.

---
 src/dnsmasq.c |  9 +++++++++
 src/dnsmasq.h |  1 +
 src/dnssec.c  | 11 +++++------
 3 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/src/dnsmasq.c b/src/dnsmasq.c
index 514e10b..04d5758 100644
--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
@@ -1321,6 +1321,15 @@ static void async_event(int pipe, time_t now)
 	if (daemon->lease_stream)
 	  fclose(daemon->lease_stream);
 
+#ifdef HAVE_DNSSEC
+	/* update timestamp file on TERM if time is considered valid */
+	if (daemon->back_to_the_future)
+	  {
+	     if (utime(daemon->timestamp_file, NULL) == -1)
+		my_syslog(LOG_ERR, _("failed to update mtime on %s: %s"), daemon->timestamp_file, strerror(errno));
+	  }
+#endif
+
 	if (daemon->runfile)
 	  unlink(daemon->runfile);
 	
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index de146c6..e4035db 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -992,6 +992,7 @@ extern struct daemon {
 #endif
 #ifdef HAVE_DNSSEC
   struct ds_config *ds;
+  int back_to_the_future;
   char *timestamp_file;
 #endif
 
diff --git a/src/dnssec.c b/src/dnssec.c
index 55cf90b..0aa41ce 100644
--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -427,13 +427,12 @@ static int serial_compare_32(unsigned long s1, unsigned long s2)
 */
 
 static time_t timestamp_time;
-static int back_to_the_future;
 
 int setup_timestamp(void)
 {
   struct stat statbuf;
   
-  back_to_the_future = 0;
+  daemon->back_to_the_future = 0;
   
   if (!daemon->timestamp_file)
     return 0;
@@ -447,7 +446,7 @@ int setup_timestamp(void)
 	  /* time already OK, update timestamp, and do key checking from the start. */
 	  if (utime(daemon->timestamp_file, NULL) == -1)
 	    my_syslog(LOG_ERR, _("failed to update mtime on %s: %s"), daemon->timestamp_file, strerror(errno));
-	  back_to_the_future = 1;
+	  daemon->back_to_the_future = 1;
 	  return 0;
 	}
       return 1;
@@ -487,17 +486,17 @@ static int check_date_range(unsigned long date_start, unsigned long date_end)
      and start checking keys */
   if (daemon->timestamp_file)
     {
-      if (back_to_the_future == 0 && difftime(timestamp_time, curtime) <= 0)
+      if (daemon->back_to_the_future == 0 && difftime(timestamp_time, curtime) <= 0)
 	{
 	  if (utime(daemon->timestamp_file, NULL) != 0)
 	    my_syslog(LOG_ERR, _("failed to update mtime on %s: %s"), daemon->timestamp_file, strerror(errno));
 	  
-	  back_to_the_future = 1;	
+	  daemon->back_to_the_future = 1;
 	  set_option_bool(OPT_DNSSEC_TIME);
 	  queue_event(EVENT_RELOAD); /* purge cache */
 	} 
 
-      if (back_to_the_future == 0)
+      if (daemon->back_to_the_future == 0)
 	return 1;
     }
   else if (option_bool(OPT_DNSSEC_TIME))
-- 
2.39.2