2 October 2008: Wouter
- fixup unlink of pidfile.
+ - fixup SHA256 algorithm collation code.
30 September 2008: Wouter
- fixup SHA256 DS downgrade, no longer possible to downgrade to SHA1.
/**
* Fillup needed algorithm array for DNSKEY set
* @param dnskey: the key
- * @param num: number of DNSKEY RRs.
* @param needs: array per algorithm.
* @return the number of algorithms that need valid signatures
*/
static size_t
-dnskeyset_needs(struct ub_packed_rrset_key* dnskey, size_t num,
- uint8_t needs[])
+dnskeyset_needs(struct ub_packed_rrset_key* dnskey, uint8_t needs[])
{
uint8_t algo;
size_t i, total = 0;
+ size_t num = rrset_get_count(dnskey);
memset(needs, 0, sizeof(uint8_t)*256);
for(i=0; i<num; i++) {
return sec_status_bogus;
}
- numneeds = dnskeyset_needs(dnskey, num, needs);
+ numneeds = dnskeyset_needs(dnskey, needs);
for(i=0; i<num; i++) {
sec = dnskeyset_verify_rrset_sig(env, ve, *env->now, rrset,
dnskey, i, &sortree);
/* see which algorithm has been fixed up */
if(sec == sec_status_secure) {
- uint8_t a = (uint8_t)dnskey_get_algo(dnskey, i);
+ uint8_t a = (uint8_t)rrset_get_sig_algo(rrset, i);
if(needs[a] == 1) {
needs[a] = 0;
numneeds --;
projects / thirdparty / unbound.git / commitdiff
