if (result == 1) {
return LDNS_STATUS_OK;
} else {
- dprintf("error in verify: %d\n", result);
return LDNS_STATUS_CRYPTO_BOGUS;
}
}
(unsigned int)ldns_buffer_position(sig), rsakey) == 1) {
result = LDNS_STATUS_OK;
} else {
- ERR_load_crypto_strings();
- ERR_print_errors_fp(stdout);
-
result = LDNS_STATUS_CRYPTO_BOGUS;
}
}
offset = 1;
if (T > 8) {
- dprintf("%s\n", "DSA type > 8 not implemented, unable to verify signature");
return NULL;
}
if (ldns_rrsig2buffer_wire(sign_buf, current_sig) != LDNS_STATUS_OK) {
ldns_buffer_free(sign_buf);
- dprintf("%s\n", "couldn't convert to buffer 1");
/* ERROR */
return NULL;
}
/* add the rrset in sign_buf */
if (ldns_rr_list2buffer_wire(sign_buf, rrset_clone) != LDNS_STATUS_OK) {
- dprintf("%s\n", "couldn't convert to buffer 2");
ldns_buffer_free(sign_buf);
return NULL;
}
}
if (!b64rdf) {
/* signing went wrong */
- dprintf("%s", "couldn't sign!\n");
return NULL;
}
ldns_rr_rrsig_set_sig(current_sig, b64rdf);
ldns_resolver_usevc(local_res));
ldns_resolver_set_random(res,
ldns_resolver_random(local_res));
- ldns_resolver_set_recursive(local_res, false);
+ ldns_resolver_set_recursive(local_res, true);
ldns_resolver_set_recursive(res, false);
ldns_resolver_set_dnssec_cd(res, false);
if ((st = ldns_verify(key_list, key_sig_list, key_list, NULL)) ==
LDNS_STATUS_OK) {
print_rr_list_abbr(stdout, key_list, OK);
+
+ ldns_rr_list_push_rr_list(trusted_keys, key_list);
} else {
print_rr_list_abbr(stdout, key_list, BOGUS);
}
}
if (ds_sig_list) {
if (ds_list) {
- if ((st = ldns_verify(ds_list, ds_sig_list, key_list, NULL)) ==
+ if ((st = ldns_verify(ds_list, ds_sig_list, trusted_keys, NULL)) ==
LDNS_STATUS_OK) {
print_rr_list_abbr(stdout, ds_list, OK);
} else {
while((pop = ldns_resolver_pop_nameserver(res))) { /* remove it */ }
puts("");
}
+/*
+ ldns_rr_list_print(stdout, trusted_keys);
+*/
+
return NULL;
}
projects / thirdparty / ldns.git / commitdiff
