]>
Commit | Line | Data |
---|---|---|
1e1b03d5 MF |
1 | From 3b799c826db05fc2da1c6d15cbe372e394209d27 Mon Sep 17 00:00:00 2001 |
2 | From: Simon Kelley <simon@thekelleys.org.uk> | |
3 | Date: Thu, 17 Dec 2015 16:58:04 +0000 | |
4 | Subject: [PATCH] Fix brace botch in dnssec_validate_ds() | |
5 | MIME-Version: 1.0 | |
6 | Content-Type: text/plain; charset=utf8 | |
7 | Content-Transfer-Encoding: 8bit | |
8 | ||
9 | Thanks to MichaÅ\82 KÄ\99pieÅ\84 for spotting this. | |
10 | --- | |
11 | src/dnssec.c | 34 +++++++++++++++++----------------- | |
12 | 1 file changed, 17 insertions(+), 17 deletions(-) | |
13 | ||
14 | diff --git a/src/dnssec.c b/src/dnssec.c | |
15 | index ddae497..1f8c954 100644 | |
16 | --- a/src/dnssec.c | |
17 | +++ b/src/dnssec.c | |
18 | @@ -923,11 +923,11 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in | |
19 | /* The DNS packet is expected to contain the answer to a DNSKEY query. | |
20 | Put all DNSKEYs in the answer which are valid into the cache. | |
21 | return codes: | |
22 | - STAT_OK Done, key(s) in cache. | |
23 | - STAT_BOGUS No DNSKEYs found, which can be validated with DS, | |
24 | - or self-sign for DNSKEY RRset is not valid, bad packet. | |
25 | - STAT_NEED_DS DS records to validate a key not found, name in keyname | |
26 | - STAT_NEED_DNSKEY DNSKEY records to validate a key not found, name in keyname | |
27 | + STAT_OK Done, key(s) in cache. | |
28 | + STAT_BOGUS No DNSKEYs found, which can be validated with DS, | |
29 | + or self-sign for DNSKEY RRset is not valid, bad packet. | |
30 | + STAT_NEED_DS DS records to validate a key not found, name in keyname | |
31 | + STAT_NEED_KEY DNSKEY records to validate a key not found, name in keyname | |
32 | */ | |
33 | int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int class) | |
34 | { | |
35 | @@ -1224,13 +1224,13 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char | |
36 | } | |
37 | ||
38 | p = psave; | |
39 | - | |
40 | - if (!ADD_RDLEN(header, p, plen, rdlen)) | |
41 | - return STAT_BOGUS; /* bad packet */ | |
42 | } | |
43 | - | |
44 | - cache_end_insert(); | |
45 | + if (!ADD_RDLEN(header, p, plen, rdlen)) | |
46 | + return STAT_BOGUS; /* bad packet */ | |
47 | } | |
48 | + | |
49 | + cache_end_insert(); | |
50 | + | |
51 | } | |
52 | else | |
53 | { | |
54 | @@ -1828,10 +1828,10 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key | |
55 | ||
56 | /* Check signing status of name. | |
57 | returns: | |
58 | - STAT_SECURE zone is signed. | |
59 | - STAT_INSECURE zone proved unsigned. | |
60 | - STAT_NEED_DS require DS record of name returned in keyname. | |
61 | - STAT_NEED_DNSKEY require DNSKEY record of name returned in keyname. | |
62 | + STAT_SECURE zone is signed. | |
63 | + STAT_INSECURE zone proved unsigned. | |
64 | + STAT_NEED_DS require DS record of name returned in keyname. | |
65 | + STAT_NEED_KEY require DNSKEY record of name returned in keyname. | |
66 | name returned unaltered. | |
67 | */ | |
68 | static int zone_status(char *name, int class, char *keyname, time_t now) | |
69 | @@ -2028,7 +2028,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch | |
70 | if (rc == STAT_SECURE) | |
71 | rc = STAT_BOGUS; | |
72 | if (class) | |
73 | - *class = class1; /* Class for NEED_DS or NEED_DNSKEY */ | |
74 | + *class = class1; /* Class for NEED_DS or NEED_KEY */ | |
75 | } | |
76 | else | |
77 | rc = STAT_INSECURE; | |
78 | @@ -2045,7 +2045,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch | |
79 | { | |
80 | /* Zone is insecure, don't need to validate RRset */ | |
81 | if (class) | |
82 | - *class = class1; /* Class for NEED_DS or NEED_DNSKEY */ | |
83 | + *class = class1; /* Class for NEED_DS or NEED_KEY */ | |
84 | return rc; | |
85 | } | |
86 | ||
87 | @@ -2115,7 +2115,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch | |
88 | if ((rc = zone_status(name, qclass, keyname, now)) != STAT_SECURE) | |
89 | { | |
90 | if (class) | |
91 | - *class = qclass; /* Class for NEED_DS or NEED_DNSKEY */ | |
92 | + *class = qclass; /* Class for NEED_DS or NEED_KEY */ | |
93 | return rc; | |
94 | } | |
95 | ||
96 | -- | |
97 | 1.7.10.4 | |
98 |