Fix keymgr key init bug

The 'keymgr_key_init()' function initializes key states if they have
not been set previously. It looks at the key timing metadata and
determines using the given times whether a state should be set to
RUMOURED or OMNIPRESENT.

However, the DNSKEY and ZRRSIG states were mixed up: When looking
at the Activate timing metadata we should set the ZRRSIG state, and
when looking at the Published timing metadata we should set the
DNSKEY state.

diff --git a/lib/dns/keymgr.c b/lib/dns/keymgr.c
index 009c06b1952183ff0018548edca98d18c84aa147..05ee2e74e49580fd68ce234084c272454b54cd61 100644 (file)
--- a/lib/dns/keymgr.c
+++ b/lib/dns/keymgr.c
@@ -1549,23 +1549,23 @@ keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now) {
        /* Get time metadata. */
        ret = dst_key_gettime(key->key, DST_TIME_ACTIVATE, &active);
        if (active <= now && ret == ISC_R_SUCCESS) {
-               dns_ttl_t key_ttl = dst_key_getttl(key->key);
-               key_ttl += dns_kasp_zonepropagationdelay(kasp);
-               if ((active + key_ttl) <= now) {
-                       dnskey_state = OMNIPRESENT;
+               dns_ttl_t zone_ttl = dns_kasp_zonemaxttl(kasp);
+               zone_ttl += dns_kasp_zonepropagationdelay(kasp);
+               if ((active + zone_ttl) <= now) {
+                       zrrsig_state = OMNIPRESENT;
                } else {
-                       dnskey_state = RUMOURED;
+                       zrrsig_state = RUMOURED;
                }
                goal_state = OMNIPRESENT;
        }
        ret = dst_key_gettime(key->key, DST_TIME_PUBLISH, &pub);
        if (pub <= now && ret == ISC_R_SUCCESS) {
-               dns_ttl_t zone_ttl = dns_kasp_zonemaxttl(kasp);
-               zone_ttl += dns_kasp_zonepropagationdelay(kasp);
-               if ((pub + zone_ttl) <= now) {
-                       zrrsig_state = OMNIPRESENT;
+               dns_ttl_t key_ttl = dst_key_getttl(key->key);
+               key_ttl += dns_kasp_zonepropagationdelay(kasp);
+               if ((pub + key_ttl) <= now) {
+                       dnskey_state = OMNIPRESENT;
                } else {
-                       zrrsig_state = RUMOURED;
+                       dnskey_state = RUMOURED;
                }
                goal_state = OMNIPRESENT;
        }