Combine validator_log and marksecure

When we mark RRsets as secure, we most of the time also log a debug
message. Combine this the same way as 'markanswer()' does.

diff --git a/lib/dns/validator.c b/lib/dns/validator.c
index fd3a530ad628ce73ab01e1642be02ddf23163570..069942488eebd8dd66e8ff6ed688dcc5eddf776c 100644 (file)
--- a/lib/dns/validator.c
+++ b/lib/dns/validator.c
@@ -217,7 +217,8 @@ markanswer(dns_validator_t *val, const char *where) {
  * Mark the RRsets in val->vstat with trust level secure.
  */
 static void
-marksecure(dns_validator_t *val) {
+marksecure(dns_validator_t *val, const char *where) {
+       validator_log(val, ISC_LOG_DEBUG(3), "marking as secure (%s)", where);
        dns_rdataset_settrust(val->rdataset, dns_trust_secure);
        if (val->sigrdataset != NULL) {
                dns_rdataset_settrust(val->sigrdataset, dns_trust_secure);
@@ -1834,9 +1835,7 @@ validate_answer_finish(void *arg) {
        }
 
        if (val->result == ISC_R_SUCCESS) {
-               marksecure(val);
-               validator_log(val, ISC_LOG_DEBUG(3),
-                             "marking as secure, noqname proof not needed");
+               marksecure(val, "noqname proof not needed");
                validate_async_done(val, val->result);
                return;
        }
@@ -2039,8 +2038,7 @@ validate_dnskey_dsset_done(dns_validator_t *val, isc_result_t result) {
                /* Abort, abort, abort! */
                break;
        case ISC_R_SUCCESS:
-               marksecure(val);
-               validator_log(val, ISC_LOG_DEBUG(3), "marking as secure (DS)");
+               marksecure(val, "validate_dnskey (DS)");
                break;
        case ISC_R_NOMORE:
                if (val->unsupported_algorithm != 0 ||
@@ -2948,9 +2946,7 @@ validate_nx(dns_validator_t *val, bool resume) {
 
                if (FOUNDNOQNAME(val) && FOUNDCLOSEST(val) && !FOUNDOPTOUT(val))
                {
-                       validator_log(val, ISC_LOG_DEBUG(3),
-                                     "marking as secure, noqname proof found");
-                       marksecure(val);
+                       marksecure(val, "validate_nx (noqname proof found)");
                        return ISC_R_SUCCESS;
                } else if (FOUNDOPTOUT(val) &&
                           dns_name_countlabels(
@@ -3001,7 +2997,8 @@ validate_nx(dns_validator_t *val, bool resume) {
                validator_log(val, ISC_LOG_DEBUG(3),
                              "nonexistence proof(s) found");
                if (val->message == NULL) {
-                       marksecure(val);
+                       marksecure(val,
+                                  "validate_nx (nonexistence proofs found)");
                } else {
                        val->secure = true;
                }