PATCH: add updater's signer-name to log

Jan-Piet Mens jpmens.dns at gmail.com
Fri Mar 11 17:14:55 UTC 2011


Hello,

[ originally sent to Michael Graff, but this is probably the better
  place for it :]

When BIND processes a dynamic update it doesn't log the name of the key
with which an update was signed. This tiny patch (tested with 9.8.0)
adds that functionality, giving log entries such as

09-Mar-2011 14:16:29.618 client 127.0.0.1#50093: \
    view internal: signer upd.example.com \              <------------
    updating zone 'a.aa/IN': adding an RR at 'time.a.aa' TXT

We find this is very useful in attributing updates to a particular
customer.

Would this be suitable for inclusion in an upcoming BIND?

Best regards,

        -JP

-------------- next part --------------
*** bind-9.8.0/bin/named/update.c.original	Wed Mar  9 14:07:19 2011
--- bind-9.8.0/bin/named/update.c	Wed Mar  9 14:15:08 2011
***************
*** 246,251 ****
--- 246,252 ----
  	va_list ap;
  	char message[4096];
  	char namebuf[DNS_NAME_FORMATSIZE];
+ 	char signerbuf[DNS_NAME_FORMATSIZE] = "nosig";
  	char classbuf[DNS_RDATACLASS_FORMATSIZE];
  
  	if (client == NULL || zone == NULL)
***************
*** 263,271 ****
  	vsnprintf(message, sizeof(message), fmt, ap);
  	va_end(ap);
  
  	ns_client_log(client, NS_LOGCATEGORY_UPDATE, NS_LOGMODULE_UPDATE,
! 		      level, "updating zone '%s/%s': %s",
! 		      namebuf, classbuf, message);
  }
  
  /*%
--- 264,273 ----
  	vsnprintf(message, sizeof(message), fmt, ap);
  	va_end(ap);
  
+ 	dns_name_format(&client->signername, signerbuf, sizeof(signerbuf));
  	ns_client_log(client, NS_LOGCATEGORY_UPDATE, NS_LOGMODULE_UPDATE,
! 		      level, "signer %s updating zone '%s/%s': %s",
! 		      signerbuf, namebuf, classbuf, message);
  }
  
  /*%


More information about the bind-workers mailing list