]> git.ipfire.org Git - thirdparty/knot-resolver.git/commit
projects / thirdparty / knot-resolver.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 48f5742) | patch
validator: set EDE code if SEP does not match or DNSKEY is revoked.
authormenakite <29005531+menakite@users.noreply.github.com>
Tue, 13 Aug 2024 16:52:45 +0000 (18:52 +0200)
committerVladimír Čunát <vladimir.cunat@nic.cz>
Fri, 6 Sep 2024 10:26:40 +0000 (12:26 +0200)
commitfd7066d0033a45ecf58108e64a8c1865e5aaff3a
treedfd12133d0552e2325e3f121b4764c376657e9eatree
parent48f57424c33496fd354300300af0a183f0f50e87commit | diff
validator: set EDE code if SEP does not match or DNSKEY is revoked.

If the tag and algorithm of DS and DNSKEY do not correspond, or in case
the DNSKEY is revoked, set EDE code "DNSKEY Missing".
If both match, but the algorithm is not supported, set EDE code
"Unsupported DNSKEY Algorithm".
In case RRSIGs for DNSKEY exist, but can't be validated due to a key
error, set EDE code "RRSIGs Missing".
lib/layer/validate.c diff | blob | blame | history
Mirror of https://gitlab.nic.cz/knot/knot-resolver.git