- Fix interface-automatic for OpenBSD: msg.controllen was too small,
also assertions on ancillary data buffer.
- check for IP_SENDSRCADDR for interface-automatic or IP_PKTINFO.
+ - for NSEC3 check if signatures are cached.
15 March 2010: Wouter
- unit test for util/regional.c.
#include "validator/val_nsec3.h"
#include "validator/validator.h"
#include "validator/val_kentry.h"
+#include "services/cache/rrset.h"
#include "util/regional.h"
#include "util/rbtree.h"
#include "util/module.h"
size_t i;
enum sec_status sec;
for(i=0; i<num; i++) {
+ struct packed_rrset_data* d = (struct packed_rrset_data*)
+ list[i]->entry.data;
if(list[i]->rk.type != htons(LDNS_RR_TYPE_NSEC3))
continue;
+ if(d->security == sec_status_secure)
+ continue;
+ rrset_check_sec_status(env->rrset_cache, list[i], *env->now);
+ if(d->security == sec_status_secure)
+ continue;
sec = val_verify_rrset_entry(env, ve, list[i], kkey, reason);
if(sec != sec_status_secure) {
verbose(VERB_ALGO, "NSEC3 did not verify");
projects / thirdparty / unbound.git / commitdiff
