[master] clarify dnssec-checkds output

3426. [bug] dnssec-checkds: Clearer output when records are not found. [RT #31968]
2026-05-28 04:34:54 -04:00 · 2012-11-27 14:52:36 -08:00 · 2012-11-27 14:52:36 -08:00 · 4d077be135
commit 4d077be135
parent 2e22f903da
2 changed files with 23 additions and 4 deletions
--- a/3
+++ b/3
@ -1,3 +1,6 @@
+3426.	[bug]		dnssec-checkds: Clearer output when records are not
+			found. [RT #31968]
+
 3425.	[bug]		"acacheentry" reference counting was broken resulting
 			in use after free. [RT #31908]

--- a/bin/python/dnssec-checkds.py.in
+++ b/bin/python/dnssec-checkds.py.in
@ -169,6 +169,10 @@ def checkds(zone, masterfile = None):

    fp.close()

+    if (len(dsklist) < 1):
+        print ("No DNSKEY records found in zone apex")
+        return False
+
    found = False
    for ds in dsklist:
        if ds in dslist:
@ -177,8 +181,12 @@ def checkds(zone, masterfile = None):
                    ds.keyid, DSRR.hashalgs[ds.hashalg]))
            found = True
        else:
-            print ("No DS records found for KSK %s/%03d/%05d" %
-                   (ds.rrname, ds.keyalg, ds.keyid))
+            print ("DS for KSK %s/%03d/%05d (%s) missing from parent" %
+                   (ds.rrname.strip('.'), ds.keyalg,
+                    ds.keyid, DSRR.hashalgs[ds.hashalg]))
+
+    if not found:
+        print ("No DS records were found for any DNSKEY")

    return found

@ -217,6 +225,10 @@ def checkdlv(zone, lookaside, masterfile = None):

    fp.close()

+    if (len(dlvklist) < 1):
+        print ("No DNSKEY records found in zone apex")
+        return False
+
    found = False
    for dlv in dlvklist:
        if dlv in dlvlist:
@ -225,8 +237,12 @@ def checkdlv(zone, lookaside, masterfile = None):
                    DLVRR.hashalgs[dlv.hashalg], dlv.dlvname))
            found = True
        else:
-            print ("No DLV records found for KSK %s/%03d/%05d in %s" %
-                   (dlv.parent, dlv.keyalg, dlv.keyid, dlv.dlvname))
+            print ("DLV for KSK %s/%03d/%05d (%s) missing from %s" %
+                   (dlv.parent, dlv.keyalg, dlv.keyid, 
+                    DLVRR.hashalgs[dlv.hashalg], dlv.dlvname))
+
+    if not found:
+        print ("No DLV records were found for any DNSKEY")

    return found