Add checkds log notice

When the checkds published/withdrawn is activated, log a notice. Can
be used for testing, but also operationally useful.

diff --git a/lib/dns/keymgr.c b/lib/dns/keymgr.c
index 1d47da8c332a68c24c61ab24bdd7783c3a1b6e9f..b0a6f96c8f72c6374cbc9265e956fc7003f2b1c8 100644 (file)
--- a/lib/dns/keymgr.c
+++ b/lib/dns/keymgr.c
@@ -2245,6 +2245,19 @@ keymgr_checkds(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
                dst_key_settime(ksk_key->key, DST_TIME_DSDELETE, when);
        }
 
+       if (isc_log_wouldlog(dns_lctx, ISC_LOG_NOTICE)) {
+               char keystr[DST_KEY_FORMATSIZE];
+               char timestr[26]; /* Minimal buf as per ctime_r() spec. */
+
+               dst_key_format(ksk_key->key, keystr, sizeof(keystr));
+               isc_stdtime_tostring(when, timestr, sizeof(timestr));
+               isc_log_write(dns_lctx, DNS_LOGCATEGORY_DNSSEC,
+                             DNS_LOGMODULE_DNSSEC, ISC_LOG_NOTICE,
+                             "keymgr: checkds DS for key %s seen %s at %s",
+                             keystr, dspublish ? "published" : "withdrawn",
+                             timestr);
+       }
+
        /* Store key state and update hints. */
        isc_dir_init(&dir);
        if (directory == NULL) {