]> git.ipfire.org Git - thirdparty/pdns.git/commitdiff
projects / thirdparty / pdns.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c86e1f2)
pdnssec check-zone, fix DNSKEY checks 1104/head
authorKees Monshouwer <mind04@monshouwer.org>
Wed, 13 Nov 2013 22:26:06 +0000 (23:26 +0100)
committermind04 <mind04@monshouwer.org>
Wed, 13 Nov 2013 22:26:06 +0000 (23:26 +0100)
pdns/pdnssec.cc patch | blob | blame | history

diff --git a/pdns/pdnssec.cc b/pdns/pdnssec.cc
index 48c33c894262405577f6e840cd05af6d232e50e8..e3fb8fca04e4f661b953c04a0b52c8e23e644e74 100644 (file)
--- a/pdns/pdnssec.cc
+++ b/pdns/pdnssec.cc
@@ -477,24 +477,21 @@ int checkZone(DNSSECKeeper &dk, UeberBackend &B, const std::string& zone)
       continue;
     }
 
-    if(rr.qtype.getCode() == QType::DNSKEY)
+    if(!presigned && rr.qtype.getCode() == QType::DNSKEY)
     {
-      if(presigned)
+      if(::arg().mustDo("experimental-direct-dnskey"))
       {
-        if(::arg().mustDo("experimental-direct-dnskey"))
+        if(rr.ttl != sd.default_ttl)
         {
-          if(rr.ttl != sd.default_ttl)
-          {
-            cout<<"[Warning] DNSKEY TTL of "<<rr.ttl<<" at '"<<rr.qname<<"' differs from SOA minimum of "<<sd.default_ttl<<endl;
-            numwarnings++;
-          }
-        }
-        else
-        {
-          cout<<"[Warning] DNSKEY at '"<<rr.qname<<"' in non-presigned zone will mostly be ignored and can cause problems."<<endl;
+          cout<<"[Warning] DNSKEY TTL of "<<rr.ttl<<" at '"<<rr.qname<<"' differs from SOA minimum of "<<sd.default_ttl<<endl;
           numwarnings++;
         }
       }
+      else
+      {
+        cout<<"[Warning] DNSKEY at '"<<rr.qname<<"' in non-presigned zone will mostly be ignored and can cause problems."<<endl;
+        numwarnings++;
+      }
     }
 
     if(rr.qtype.getCode() == QType::URL || rr.qtype.getCode() == QType::MBOXFW) {
Unnamed repository; edit this file 'description' to name the repository.