report when NTAs added to multiple views

- the text returned by "rndc nta" when adding NTAs to multiple views
  was incorrectly terminated after the first line, so users only saw
  on NTA added unless they checked the logs.

(cherry picked from commit 83dc5a704a13f4b73cde99caa7b01f9702e84f5b)

diff --git a/bin/named/server.c b/bin/named/server.c
index cccf60ba1cc71e529a85ca0dd089d20f0e2a96b8..2071898a96be0a10623caaaef2633e54531cc2b7 100644 (file)
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -939,7 +939,8 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig,
 
        /* We don't need trust anchors for the _bind view */
        if (strcmp(view->name, "_bind") == 0 &&
-           view->rdclass == dns_rdataclass_chaos) {
+           view->rdclass == dns_rdataclass_chaos)
+       {
                return (ISC_R_SUCCESS);
        }
 
@@ -14384,18 +14385,23 @@ named_server_nta(named_server_t *server, isc_lex_t *lex,
             view != NULL;
             view = ISC_LIST_NEXT(view, link))
        {
-               if (viewname != NULL &&
-                   strcmp(view->name, viewname) != 0)
+               static bool first = true;
+
+               if (viewname != NULL && strcmp(view->name, viewname) != 0) {
                        continue;
+               }
 
-               if (view->nta_lifetime == 0)
+               if (view->nta_lifetime == 0) {
                        continue;
+               }
 
-               if (!ttlset)
+               if (!ttlset) {
                        ntattl = view->nta_lifetime;
+               }
 
-               if (ntatable != NULL)
+               if (ntatable != NULL) {
                        dns_ntatable_detach(&ntatable);
+               }
 
                result = dns_view_getntatable(view, &ntatable);
                if (result == ISC_R_NOTFOUND) {
@@ -14418,6 +14424,11 @@ named_server_nta(named_server_t *server, isc_lex_t *lex,
                        isc_time_set(&t, when, 0);
                        isc_time_formattimestamp(&t, tbuf, sizeof(tbuf));
 
+                       if (!first) {
+                               CHECK(putstr(text, "\n"));
+                       }
+                       first = false;
+
                        CHECK(putstr(text, "Negative trust anchor added: "));
                        CHECK(putstr(text, namebuf));
                        CHECK(putstr(text, "/"));
@@ -14432,6 +14443,11 @@ named_server_nta(named_server_t *server, isc_lex_t *lex,
                } else {
                        CHECK(dns_ntatable_delete(ntatable, ntaname));
 
+                       if (!first) {
+                               CHECK(putstr(text, "\n"));
+                       }
+                       first = false;
+
                        CHECK(putstr(text, "Negative trust anchor removed: "));
                        CHECK(putstr(text, namebuf));
                        CHECK(putstr(text, "/"));
@@ -14451,11 +14467,10 @@ named_server_nta(named_server_t *server, isc_lex_t *lex,
                                      "for view '%s': %s",
                                      view->name, isc_result_totext(result));
                }
-
-               CHECK(putnull(text));
-
        }
 
+       CHECK(putnull(text));
+
  cleanup:
        if (msg != NULL) {
                (void) putstr(text, msg);

diff --git a/bin/tests/system/rndc/clean.sh b/bin/tests/system/rndc/clean.sh
index df8aa77210fc6546474750073439e1b6c4c3d7e8..884280ea96dda63163622495e6b074c042debabf 100644 (file)
--- a/bin/tests/system/rndc/clean.sh
+++ b/bin/tests/system/rndc/clean.sh
@@ -24,3 +24,4 @@ rm -f ns*/named.conf
 rm -f nsupdate.out.*.test*
 rm -f python.out.*.test*
 rm -f rndc.out.*.test*
+rm -f ns*/*.nta

diff --git a/bin/tests/system/rndc/ns3/named.conf.in b/bin/tests/system/rndc/ns3/named.conf.in
index e8dbfc4aeb9656d4401ea2bbaf8ce517ff092ce3..dd3529559e02729cdb96ed59232a336c82f3393b 100644 (file)
--- a/bin/tests/system/rndc/ns3/named.conf.in
+++ b/bin/tests/system/rndc/ns3/named.conf.in
@@ -14,7 +14,6 @@ options {
        pid-file "named.pid";
        listen-on { 10.53.0.3; };
        listen-on-v6 { none; };
-       recursion no;
 };
 
 key rndc_key {
@@ -31,8 +30,17 @@ controls {
        inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
 };
 
+view all {
+       match-clients { any; };
+
+       recursion no;
+
+       zone "." {
+               type hint;
+               file "../../common/root.hint";
+       };
+};
 
-zone "." {
-       type hint;
-       file "../../common/root.hint";
+view none {
+       match-clients { none; };
 };

diff --git a/bin/tests/system/rndc/tests.sh b/bin/tests/system/rndc/tests.sh
index 488ee841a62952a160106af3b372aeb80f71bcbb..ae27ef1abf903678d6ca5a25d2b20c7e174bfcf8 100644 (file)
--- a/bin/tests/system/rndc/tests.sh
+++ b/bin/tests/system/rndc/tests.sh
@@ -656,5 +656,14 @@ grep "address family not supported" rndc.out.1.test$n > /dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
+n=`expr $n + 1`
+echo_i "check rndc nta reports adding to multiple views ($n)"
+ret=0
+$RNDCCMD 10.53.0.3 nta test.com > rndc.out.test$n 2>&1 || ret=1
+lines=`cat rndc.out.test$n | wc -l`
+[ ${lines:-0} -eq 2 ] || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1