log expired rrsig on dnskeys

author bert hubert <bert.hubert@netherlabs.nl>

Wed, 24 Aug 2016 07:25:30 +0000 (09:25 +0200)

committer bert hubert <bert.hubert@netherlabs.nl>

Wed, 24 Aug 2016 07:25:30 +0000 (09:25 +0200)
author bert hubert <bert.hubert@netherlabs.nl>
Wed, 24 Aug 2016 07:25:30 +0000 (09:25 +0200)
committer bert hubert <bert.hubert@netherlabs.nl>
Wed, 24 Aug 2016 07:25:30 +0000 (09:25 +0200)
diff --git a/pdns/validate.cc b/pdns/validate.cc

index e1bf751bb21eb67e34dbaa36a8f2431d7bb57363..83f7b973a1183dfb83782875fac66b059446f059 100644 (file)
--- a/pdns/validate.cc
+++ b/pdns/validate.cc
@@ -311,6 +311,9 @@ vState getKeysFor(DNSRecordOracle& dro, const DNSName& zone, keyset_t &keyset)
               std::shared_ptr<DNSCryptoKeyEngine> dke = shared_ptr<DNSCryptoKeyEngine>(DNSCryptoKeyEngine::makeFromPublicKeyString(j.d_algorithm, j.d_key));
               isValid = dke->verify(msg, i->d_signature);
             }
+            else {
+              LOG("Signature on DNSKEY expired"<<endl);
+            }
           }
           catch(std::exception& e) {
             LOG("Could not make a validator for signature: "<<e.what()<<endl);
author	bert hubert <bert.hubert@netherlabs.nl>
	Wed, 24 Aug 2016 07:25:30 +0000 (09:25 +0200)
committer	bert hubert <bert.hubert@netherlabs.nl>
	Wed, 24 Aug 2016 07:25:30 +0000 (09:25 +0200)