From: W.C.A. Wijngaards Date: Fri, 13 Aug 2021 13:24:53 +0000 (+0200) Subject: - zonemd, fix order of bogus printout string manipulation. X-Git-Tag: release-1.14.0rc1~73 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4034c009bb8fc78299996b0a23154653ede7c30a;p=thirdparty%2Funbound.git - zonemd, fix order of bogus printout string manipulation. --- diff --git a/doc/Changelog b/doc/Changelog index c1548dd67..3ec77a522 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -4,6 +4,7 @@ and udp send, they are visible at higher verbosity settings. - Fix zonemd verification of key that is not in DNS but in the zone and needs a chain of trust. + - zonemd, fix order of bogus printout string manipulation. 12 August 2021: George - Merge PR #514, from ziollek: Docker environment for run tests. diff --git a/services/authzone.c b/services/authzone.c index 71b0331ca..d4a17f06e 100644 --- a/services/authzone.c +++ b/services/authzone.c @@ -8104,7 +8104,7 @@ auth_zone_verify_zonemd_key_with_ds(struct auth_zone* z, keystorage->rk.dname_len = apex->namelen; keystorage->rk.type = htons(LDNS_RR_TYPE_DNSKEY); keystorage->rk.rrset_class = htons(z->dclass); - auth_zone_log(z->name, VERB_QUERY, "zonemd: verify zone's DNSKEY with DS"); + auth_zone_log(z->name, VERB_QUERY, "zonemd: verify zone DNSKEY with DS"); sec = val_verify_DNSKEY_with_DS(env, ve, keystorage, ds, NULL, why_bogus, NULL); regional_free_all(env->scratch); @@ -8117,11 +8117,11 @@ auth_zone_verify_zonemd_key_with_ds(struct auth_zone* z, } else { /* bogus */ *is_insecure = 0; + if(*why_bogus == NULL) + *why_bogus = "verify failed"; auth_zone_log(z->name, VERB_ALGO, "zonemd: verify DNSKEY RRset with DS failed: %s", *why_bogus); - if(*why_bogus == NULL) - *why_bogus = "verify failed"; } return NULL; }