Bug#804596: pdns-server: New version fails to sign axfrs

2015-11-09 Thread James Cloos 
> "CH" == Christian Hofstaedtler  writes:

CH> Upstream suggested to run 'pdnssec check-zone' on any zone that
CH> shows this behaviour, as they think that "just failing it" should be
CH> covered by their testsuite.

That helped.  Now only one zone fails (even though only two zones had
any errors, and previously all zones failed), and it gives a different
error pattern:

 pdns[25904]: Signing thread died because of std::exception: Reading from 
socket in Signing Pipe loop: Connection reset by peer

but I cannot tell from the log which zone failed.  The AXFR which
initiated just before that log succeeded.

And each of them have the correct (new) SOA values on the secondaries.

So it looks like running check-all-zones changed something.

Thanks for the quick reply.  Given that running check-all-zones seems to
have cured things (notwithstanding that one std::exception), I think we
can close this (or at least lower its severity) and I'll followup on the
upstream mailing list.

-JimC
-- 
James Cloos  OpenPGP: 0x997A9F17ED7DAEA6

Bug#804596: pdns-server: New version fails to sign axfrs

2015-11-09 Thread Christian Hofstaedtler 
* James Cloos  [151109 23:34]:
> > "CH" == Christian Hofstaedtler  writes:
> 
> CH> Could you please check if completely installing those packages makes
> CH> the error go away?
> 
> I removedf the geodns backend -- wasn't using it anyway -- and
> re-upgraded the two remaining packages (server and pgsql backend).
> 
> The error remains.

Ok, thanks.

Upstream suggested to run 'pdnssec check-zone' on any zone that
shows this behaviour, as they think that "just failing it" should be
covered by their testsuite.

If that doesn't find anything, could we see some zones that exhibit
the error?

Thanks,
-- 
 ,''`.  Christian Hofstaedtler 
: :' :  Debian Developer
`. `'   7D1A CFFA D9E0 806C 9C4C  D392 5C13 D6DB 9305 2E03
  `-

Bug#804596: pdns-server: New version fails to sign axfrs

2015-11-09 Thread James Cloos 
> "CH" == Christian Hofstaedtler  writes:

CH> Could you please check if completely installing those packages makes
CH> the error go away?

I removedf the geodns backend -- wasn't using it anyway -- and
re-upgraded the two remaining packages (server and pgsql backend).

The error remains.

Using dpkg to downgrade back to:

  pdns-server_3.4.6-3+b1_amd64.deb
  pdns-backend-pgsql_3.4.6-3+b1_amd64.deb

gets things working again.

-JimC
-- 
James Cloos  OpenPGP: 0x997A9F17ED7DAEA6

Bug#804596: pdns-server: New version fails to sign axfrs

2015-11-09 Thread Christian Hofstaedtler 
Hi,

* cl...@jhcloos.com  [151109 21:15]:
> As of the latest update pdns-server cannot sign zones.
> 
> All AXFRs fails with errors like:
> 
>  pdns[26913]: Signing thread died because of std::exception: All data was not 
> consumed
>  pdns[26913]: Signing thread died because of std::exception: failed in 
> writen2: Broken pipe
>  pdns[26913]: Signing thread died because of std::exception: failed in 
> writen2: Broken pipe
>  pdns[26913]: TCP Connection Thread died because of STL error: Reading from 
> socket in Signing Pipe loop: Connection reset by peer


> Versions of packages pdns-server suggests:
> ii  pdns-backend-geo [pdns-backend]3.4.6-1
> iu  pdns-backend-pgsql [pdns-backend]  3.4.7-1

Could you please check if completely installing those packages makes
the error go away?

Thanks,
-- 
 ,''`.  Christian Hofstaedtler 
: :' :  Debian Developer
`. `'   7D1A CFFA D9E0 806C 9C4C  D392 5C13 D6DB 9305 2E03
  `-

Bug#804596: pdns-server: New version fails to sign axfrs

2015-11-09 Thread cloos 
Package: pdns-server
Version: 3.4.7-1
Severity: grave
Justification: renders package unusable

As of the latest update pdns-server cannot sign zones.

All AXFRs fails with errors like:

 pdns[26913]: Signing thread died because of std::exception: All data was not 
consumed
 pdns[26913]: Signing thread died because of std::exception: failed in writen2: 
Broken pipe
 pdns[26913]: Signing thread died because of std::exception: failed in writen2: 
Broken pipe
 pdns[26913]: TCP Connection Thread died because of STL error: Reading from 
socket in Signing Pipe loop: Connection reset by peer

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages pdns-server depends on:
ii  adduser 3.113+nmu3
ii  debconf [debconf-2.0]   1.5.58
ii  init-system-helpers 1.24
ii  libboost-program-options1.58.0  1.58.0+dfsg-4
ii  libboost-serialization1.58.01.58.0+dfsg-4
ii  libbotan-1.10-1 1.10.10-6+b1
ii  libc6   2.19-22
ii  libgcc1 1:5.2.1-23
ii  liblua5.1-0 5.1.5-8
ii  libpolarssl71.3.9-2.1
ii  libsqlite3-03.9.2-1
ii  libstdc++6  5.2.1-23
ii  lsb-base9.20150917
ii  ucf 3.0030

pdns-server recommends no packages.

Versions of packages pdns-server suggests:
ii  pdns-backend-geo [pdns-backend]3.4.6-1
iu  pdns-backend-pgsql [pdns-backend]  3.4.7-1
pn  pdns-recursor  

-- debconf information:
* pdns-server/localaddress: 198.147.22.87
* pdns-server/allowrecursion: 127.0.0.1