From: TCY16 Date: Wed, 15 Dec 2021 11:29:11 +0000 (+0100) Subject: add todo for tests and fix EDE codes for DNSKEY missing X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ea1a5f35e42d119d128c66ce985d1f9f6e884acb;p=thirdparty%2Funbound.git add todo for tests and fix EDE codes for DNSKEY missing --- diff --git a/testdata/ede.tdir/ede.test b/testdata/ede.tdir/ede.test index dac5793d1..a747afd61 100644 --- a/testdata/ede.tdir/ede.test +++ b/testdata/ede.tdir/ede.test @@ -196,7 +196,7 @@ fi # @TODO DNSSEC indeterminate - +# @TODO touch other validator codepath: val_inform_super() # teardown kill_pid $UNBOUND_PID diff --git a/validator/validator.c b/validator/validator.c index 7bdaaab0d..c38a9d72a 100644 --- a/validator/validator.c +++ b/validator/validator.c @@ -1858,7 +1858,7 @@ processValidate(struct module_qstate* qstate, struct val_qstate* vq, vq->chase_reply->security = sec_status_bogus; vq->chase_reply->reason_bogus = LDNS_EDE_DNSSEC_BOGUS; errinf_ede(qstate, "while building chain of trust", - LDNS_EDE_DNSSEC_BOGUS); + LDNS_EDE_DNSKEY_MISSING); if(vq->restart_count >= ve->max_restart) key_cache_insert(ve->kcache, vq->key_entry, qstate); return 1; @@ -2327,7 +2327,7 @@ primeResponseToKE(struct ub_packed_rrset_key* dnskey_rrset, "could not fetch DNSKEY rrset", ta->name, LDNS_RR_TYPE_DNSKEY, ta->dclass); if(qstate->env->cfg->harden_dnssec_stripped) { - errinf(qstate, "no DNSKEY rrset"); + errinf_ede(qstate, "no DNSKEY rrset", LDNS_EDE_DNSKEY_MISSING); kkey = key_entry_create_bad(qstate->region, ta->name, ta->namelen, ta->dclass, BOGUS_KEY_TTL, *qstate->env->now); @@ -2697,7 +2697,7 @@ process_ds_response(struct module_qstate* qstate, struct val_qstate* vq, * @param origin: the origin of msg. */ static void -process_dnskey_response(struct module_qstate* qstate, struct val_qstate* vq, + process_dnskey_response(struct module_qstate* qstate, struct val_qstate* vq, int id, int rcode, struct dns_msg* msg, struct query_info* qinfo, struct sock_list* origin) {