]> git.ipfire.org Git - thirdparty/systemd.git/commit - src/resolve/resolved-dns-dnssec.c
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: beef6a5) | patch
resolved: fix DNSSEC canonical ordering logic
authorLennart Poettering <lennart@poettering.net>
Mon, 4 Jan 2016 19:27:45 +0000 (20:27 +0100)
committerLennart Poettering <lennart@poettering.net>
Mon, 4 Jan 2016 19:27:45 +0000 (20:27 +0100)
commit85aeaccc10b111e8d16d3879b7c30a219ee6e10a
tree39294da33c7a7b69cfd643a9ba02c213499f79a9tree | snapshot
parentbeef6a5fc5d53be33568c3e4267c540717b791fccommit | diff
resolved: fix DNSSEC canonical ordering logic

When applying canonical DNSSEC ordering for an RRset only order by the
wire format of the RRs' RDATA, not by the full wire formatting. The RFC
isn't particularly clear about this, but this is apparently how it is
done. This fixes validation of pentagon.gov's DS RRset.
src/resolve/resolved-dns-dnssec.c diff | blob | blame | history
src/resolve/resolved-dns-rr.h diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.