* Allow -T flag to be used together with drill -x
* Python bindings compile with swig 4.0
Thanks Jitka PlesnĂková
+ * bugfix #4248: drill -DT fails for CNAME domain
+ Thanks Thom Wiggers
1.7.0 2016-12-20
* Fix lookup of relative names in ldns_resolver_search.
p = get_dnssec_pkt(res, labels[i-1], LDNS_RR_TYPE_DS);
(void) get_ds(p, labels[i-1], &ds_list, &ds_sig_list);
if (!ds_list) {
- ldns_pkt_free(p);
- if (ds_sig_list) {
+ ldns_rr_list_deep_free(ds_sig_list);
+ (void) get_dnssec_rr( p, labels[i-1]
+ , LDNS_RR_TYPE_CNAME
+ , &ds_list, &ds_sig_list);
+ if (ds_list) {
+ st = ldns_verify( ds_list, ds_sig_list
+ , correct_key_list
+ , current_correct_keys);
+
+ if (st == LDNS_STATUS_OK) {
+ printf(";; No DS record found "
+ "for ");
+ ldns_rdf_print(stdout,
+ labels[i-1]);
+ printf(", but valid CNAME");
+ } else {
+ printf("[B] Unable to verify de"
+ "nial of existence for ");
+ ldns_rdf_print(stdout,
+ labels[i-1]);
+ printf(", because of BOGUS CNAME");
+ }
+ printf("\n");
ldns_rr_list_deep_free(ds_sig_list);
+ ldns_pkt_free(p);
+ ldns_rr_list_deep_free(ds_list);
+ ds_list = NULL;
+ ds_sig_list = NULL;
+ p = NULL;
+ } else {
+ ldns_rr_list_deep_free(ds_sig_list);
+ ldns_pkt_free(p);
+ p = get_dnssec_pkt(res, name,
+ LDNS_RR_TYPE_DNSKEY);
+ (void) get_ds(p, NULL
+ , &ds_list, &ds_sig_list);
}
- p = get_dnssec_pkt(res, name, LDNS_RR_TYPE_DNSKEY);
- (void) get_ds(p, NULL, &ds_list, &ds_sig_list);
}
if (ds_sig_list) {
if (ds_list) {
projects / thirdparty / ldns.git / commitdiff
