From 924ebc605db798e2a383ee5eaaebad739e7c789c Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Thu, 24 Jan 2019 10:24:44 +0100 Subject: [PATCH 1/3] Print in dump-file stale ttl This change makes rndc dumpdb correctly print the "; stale" line. It also provides extra information on how long this data may still be served to clients (in other words how long the stale RRset may still be used). --- lib/dns/include/dns/rdataset.h | 10 ++++++++++ lib/dns/masterdump.c | 25 ++++++++++++++++--------- lib/dns/rbtdb.c | 2 ++ lib/ns/query.c | 2 +- 4 files changed, 29 insertions(+), 10 deletions(-) diff --git a/lib/dns/include/dns/rdataset.h b/lib/dns/include/dns/rdataset.h index 6a07d214c9..027e60fd93 100644 --- a/lib/dns/include/dns/rdataset.h +++ b/lib/dns/include/dns/rdataset.h @@ -108,6 +108,7 @@ struct dns_rdataset { unsigned int magic; /* XXX ? */ dns_rdatasetmethods_t * methods; ISC_LINK(dns_rdataset_t) link; + /* * XXX do we need these, or should they be retrieved by methods? * Leaning towards the latter, since they are not frequently required @@ -116,12 +117,19 @@ struct dns_rdataset { dns_rdataclass_t rdclass; dns_rdatatype_t type; dns_ttl_t ttl; + /* + * Stale ttl is used to see how long this RRset can still be used + * to serve to clients, after the TTL has expired. + */ + dns_ttl_t stale_ttl; dns_trust_t trust; dns_rdatatype_t covers; + /* * attributes */ unsigned int attributes; + /*% * the counter provides the starting point in the "cyclic" order. * The value UINT32_MAX has a special meaning of "picking up a @@ -129,11 +137,13 @@ struct dns_rdataset { * increment the counter. */ uint32_t count; + /* * This RRSIG RRset should be re-generated around this time. * Only valid if DNS_RDATASETATTR_RESIGN is set in attributes. */ isc_stdtime_t resign; + /*@{*/ /*% * These are for use by the rdataset implementation, and MUST NOT diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index 1eff6f5383..74b5df9624 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -81,6 +81,9 @@ struct dns_master_style { */ #define DNS_TOTEXT_LINEBREAK_MAXLEN 100 +/*% Does the rdataset 'r' contain a stale answer? */ +#define STALE(r) (((r)->attributes & DNS_RDATASETATTR_STALE) != 0) + /*% * Context structure for a masterfile dump in progress. */ @@ -1040,8 +1043,11 @@ dump_rdatasets_text(isc_mem_t *mctx, const dns_name_t *name, /* Omit negative cache entries */ } else { isc_result_t result; - if (rds->ttl < ctx->serve_stale_ttl) - fprintf(f, "; stale\n"); + if (STALE(rds)) { + fprintf(f, "; stale (for %u more seconds)\n", + (rds->stale_ttl - + ctx->serve_stale_ttl)); + } result = dump_rdataset(mctx, name, rds, ctx, buffer, f); if (result != ISC_R_SUCCESS) dumpresult = result; @@ -1509,13 +1515,14 @@ dumpctx_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, dctx->do_date = dns_db_iscache(dctx->db); if (dctx->do_date) { - /* - * Adjust the date backwards by the serve-stale TTL, if any. - * This is so the TTL will be loaded correctly when next started. - */ - (void)dns_db_getservestalettl(dctx->db, - &dctx->tctx.serve_stale_ttl); - dctx->now -= dctx->tctx.serve_stale_ttl; + /* + * Adjust the date backwards by the serve-stale TTL, if any. + * This is so the TTL will be loaded correctly when next + * started. + */ + (void)dns_db_getservestalettl(dctx->db, + &dctx->tctx.serve_stale_ttl); + dctx->now -= dctx->tctx.serve_stale_ttl; } if (dctx->format == dns_masterformat_text && diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c index bf70561b2a..9ed7c943f4 100644 --- a/lib/dns/rbtdb.c +++ b/lib/dns/rbtdb.c @@ -2979,6 +2979,8 @@ bind_rdataset(dns_rbtdb_t *rbtdb, dns_rbtnode_t *node, rdataset->attributes |= DNS_RDATASETATTR_PREFETCH; if (STALE(header)) { rdataset->attributes |= DNS_RDATASETATTR_STALE; + rdataset->stale_ttl = + (rbtdb->serve_stale_ttl + header->rdh_ttl) - now; rdataset->ttl = 0; } rdataset->private1 = rbtdb; diff --git a/lib/ns/query.c b/lib/ns/query.c index 0798e2c817..b6c20fb185 100644 --- a/lib/ns/query.c +++ b/lib/ns/query.c @@ -149,7 +149,7 @@ do { \ #define NOQNAME(r) (((r)->attributes & \ DNS_RDATASETATTR_NOQNAME) != 0) -/*% Does the rdataset 'r' contains a stale answer? */ +/*% Does the rdataset 'r' contain a stale answer? */ #define STALE(r) (((r)->attributes & \ DNS_RDATASETATTR_STALE) != 0) From a2d115cbfc29fa5749a5f08abf1edf44539148bd Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Thu, 24 Jan 2019 10:28:41 +0100 Subject: [PATCH 2/3] Add tests for dumpdb stale ttl This adds a test for rndc dumpdb to ensure the correct "stale comment" is printed. It also adds a test for non-stale data to ensure no "stale comment" is printed for active RRsets. In addition, the serve-stale tests are hardened with more accurate grep calls. --- bin/tests/system/serve-stale/ans2/ans.pl | 10 +++ bin/tests/system/serve-stale/clean.sh | 1 + .../system/serve-stale/ns1/named1.conf.in | 3 +- .../system/serve-stale/ns1/named2.conf.in | 3 +- .../system/serve-stale/ns3/named.conf.in | 4 +- bin/tests/system/serve-stale/tests.sh | 72 ++++++++++++------- lib/dns/masterdump.c | 3 +- 7 files changed, 64 insertions(+), 32 deletions(-) diff --git a/bin/tests/system/serve-stale/ans2/ans.pl b/bin/tests/system/serve-stale/ans2/ans.pl index c3a1fcceb3..3873847b8f 100644 --- a/bin/tests/system/serve-stale/ans2/ans.pl +++ b/bin/tests/system/serve-stale/ans2/ans.pl @@ -46,6 +46,7 @@ my $A = "ns.example 300 IN A $localaddr"; # Records to be TTL stretched # my $TXT = "data.example 1 IN TXT \"A text record with a 1 second ttl\""; +my $LONGTXT = "longttl.example 600 IN TXT \"A text record with a 600 second ttl\""; my $negSOA = "example 1 IN SOA . . 0 0 0 0 300"; sub reply_handler { @@ -115,6 +116,15 @@ sub reply_handler { push @auth, $rr; } $rcode = "NOERROR"; + } elsif ($qname eq "longttl.example") { + if ($qtype eq "TXT") { + my $rr = new Net::DNS::RR($LONGTXT); + push @ans, $rr; + } else { + my $rr = new Net::DNS::RR($negSOA); + push @auth, $rr; + } + $rcode = "NOERROR"; } elsif ($qname eq "nxdomain.example") { my $rr = new Net::DNS::RR($negSOA); push @auth, $rr; diff --git a/bin/tests/system/serve-stale/clean.sh b/bin/tests/system/serve-stale/clean.sh index 80469ef1ff..1e5f23f9cd 100644 --- a/bin/tests/system/serve-stale/clean.sh +++ b/bin/tests/system/serve-stale/clean.sh @@ -14,3 +14,4 @@ rm -f ns3/root.bk rm -f rndc.out.test* rm -f */named.run */named.memstats rm -f ns*/managed-keys.bind* +rm -f ns*/named_dump* diff --git a/bin/tests/system/serve-stale/ns1/named1.conf.in b/bin/tests/system/serve-stale/ns1/named1.conf.in index 5e3fc8f658..5e7caec3fe 100644 --- a/bin/tests/system/serve-stale/ns1/named1.conf.in +++ b/bin/tests/system/serve-stale/ns1/named1.conf.in @@ -27,8 +27,9 @@ options { listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion yes; + dump-file "named_dump1.db"; max-stale-ttl 3600; - stale-answer-ttl 1; + stale-answer-ttl 2; stale-answer-enable yes; }; diff --git a/bin/tests/system/serve-stale/ns1/named2.conf.in b/bin/tests/system/serve-stale/ns1/named2.conf.in index 3ab76d643a..f330fd45cf 100644 --- a/bin/tests/system/serve-stale/ns1/named2.conf.in +++ b/bin/tests/system/serve-stale/ns1/named2.conf.in @@ -26,9 +26,10 @@ options { pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; + dump-file "named_dump1.db"; recursion yes; max-stale-ttl 7200; - stale-answer-ttl 2; + stale-answer-ttl 3; stale-answer-enable yes; }; diff --git a/bin/tests/system/serve-stale/ns3/named.conf.in b/bin/tests/system/serve-stale/ns3/named.conf.in index fb06af082e..ac80830372 100644 --- a/bin/tests/system/serve-stale/ns3/named.conf.in +++ b/bin/tests/system/serve-stale/ns3/named.conf.in @@ -27,8 +27,8 @@ options { listen-on { 10.53.0.3; }; listen-on-v6 { none; }; recursion yes; - // max-stale-ttl 3600; - // stale-answer-ttl 3; + dump-file "named_dump3.db"; + // This configuration has no serve-stale options set. }; zone "." { diff --git a/bin/tests/system/serve-stale/tests.sh b/bin/tests/system/serve-stale/tests.sh index b6dea11260..fa7719089c 100755 --- a/bin/tests/system/serve-stale/tests.sh +++ b/bin/tests/system/serve-stale/tests.sh @@ -27,10 +27,19 @@ n=0 #$DIG -p ${PORT} @10.53.0.2 ns.example AAAA #$DIG -p ${PORT} @10.53.0.2 txt enable #$DIG -p ${PORT} @10.53.0.2 ns.example AAAA -##$DIG -p ${PORT} @10.53.0.2 data.example TXT +#$DIG -p ${PORT} @10.53.0.2 data.example TXT #$DIG -p ${PORT} @10.53.0.2 nodata.example TXT #$DIG -p ${PORT} @10.53.0.2 nxdomain.example TXT +n=`expr $n + 1` +echo_i "prime cache longttl.example ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.1 longttl.example TXT > dig.out.test$n +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "prime cache data.example ($n)" ret=0 @@ -73,7 +82,7 @@ n=`expr $n + 1` echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: on (stale-answer-ttl=1 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 +grep '_default: on (stale-answer-ttl=2 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -83,7 +92,16 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "data\.example\..*2.*IN.*TXT.*A text record with a 1 second ttl" dig.out.test$n > /dev/null || ret=1 +# Run rndc dumpdb, test whether the stale data has correct comment printed. +# The max-stale-ttl is 3600 seconds, so the comment should say the data is +# stale for somewhere between 3500-3599 seconds. +$RNDCCMD 10.53.0.1 dumpdb > rndc.out.test$n 2>&1 || ret=1 +awk '/; stale/ { x=$0; getline; print x, $0}' ns1/named_dump1.db | + grep "; stale (will be retained for 35.. more seconds) data\.example.*A text record with a 1 second ttl" > /dev/null 2>&1 || ret=1 +# Also make sure the not expired data does not have a stale comment. +awk '/; answer/ { x=$0; getline; print x, $0}' ns1/named_dump1.db | + grep "; answer longttl\.example.*A text record with a 600 second ttl" > /dev/null 2>&1 || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -93,7 +111,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -103,7 +121,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$n grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -118,7 +136,7 @@ n=`expr $n + 1` echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: off (rndc) (stale-answer-ttl=1 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 +grep '_default: off (rndc) (stale-answer-ttl=2 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -159,7 +177,7 @@ n=`expr $n + 1` echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: on (rndc) (stale-answer-ttl=1 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 +grep '_default: on (rndc) (stale-answer-ttl=2 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -169,7 +187,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "data\.example\..*2.*IN.*TXT.*A text record with a 1 second ttl" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -179,7 +197,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -189,7 +207,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$n grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -204,7 +222,7 @@ n=`expr $n + 1` echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: off (rndc) (stale-answer-ttl=1 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 +grep '_default: off (rndc) (stale-answer-ttl=2 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -243,7 +261,7 @@ n=`expr $n + 1` echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: on (rndc) (stale-answer-ttl=1 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 +grep '_default: on (rndc) (stale-answer-ttl=2 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -253,7 +271,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "data\.example\..*2.*IN.*TXT.*A text record with a 1 second ttl" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -263,7 +281,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -273,7 +291,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$n grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -295,7 +313,7 @@ n=`expr $n + 1` echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: on (stale-answer-ttl=1 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 +grep '_default: on (stale-answer-ttl=2 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -305,7 +323,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "data\.example\..*2.*IN.*TXT.*A text record with a 1 second ttl" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -315,7 +333,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -325,7 +343,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$n grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -340,7 +358,7 @@ n=`expr $n + 1` echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: off (rndc) (stale-answer-ttl=1 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 +grep '_default: off (rndc) (stale-answer-ttl=2 max-stale-ttl=3600)' rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -362,7 +380,7 @@ n=`expr $n + 1` echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: off (rndc) (stale-answer-ttl=2 max-stale-ttl=7200)' rndc.out.test$n > /dev/null || ret=1 +grep '_default: off (rndc) (stale-answer-ttl=3 max-stale-ttl=7200)' rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -408,7 +426,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "data\.example\..*1.*IN.*TXT.*A text record with a 1 second ttl" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -418,7 +436,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.3 nodata.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*1.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -428,7 +446,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.3 nxdomain.example TXT > dig.out.test$n grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*1.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -499,7 +517,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "data\.example\..*1.*IN.*TXT.*A text record with a 1 second ttl" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -509,7 +527,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.3 nodata.example TXT > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*1.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -519,7 +537,7 @@ ret=0 $DIG -p ${PORT} @10.53.0.3 nxdomain.example TXT > dig.out.test$n grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 -grep "example.*1.*IN" dig.out.test$n > /dev/null || ret=1 +grep "example\..*1.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index 74b5df9624..6872dd35ad 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -1044,7 +1044,8 @@ dump_rdatasets_text(isc_mem_t *mctx, const dns_name_t *name, } else { isc_result_t result; if (STALE(rds)) { - fprintf(f, "; stale (for %u more seconds)\n", + fprintf(f, "; stale (will be retained for " + "%u more seconds)\n", (rds->stale_ttl - ctx->serve_stale_ttl)); } From d17b79fe6abaaf677ef353c41044b052c15b05e8 Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Wed, 30 Jan 2019 13:58:50 +0100 Subject: [PATCH 3/3] CHANGES --- CHANGES | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGES b/CHANGES index 74de9002a3..ef3f6d8be3 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,7 @@ +5149. [func] "rndc dumpdb" now prints a line above a stale RRset + indicating how long the data will be retained in the + cache for emergency use. [GL #101] + 5148. [bug] named did not sign the TKEY response. [GL #821] 5147. [bug] dnssec-keymgr: Add a five-minute margin to better