From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Fri, 8 Mar 2024 10:34:17 +0000 (+0100)
Subject: validate: Remove unused harvestCSPFromRecs()
X-Git-Tag: dnsdist-1.10.0-alpha0~2^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F13877%2Fhead;p=thirdparty%2Fpdns.git

validate: Remove unused harvestCSPFromRecs()
---

diff --git a/pdns/validate.cc b/pdns/validate.cc
index 6833ab9baa..20b87d57e9 100644
--- a/pdns/validate.cc
+++ b/pdns/validate.cc
@@ -705,7 +705,7 @@ dState getDenial(const cspmap_t &validrrsets, const DNSName& qname, const uint16
 
         if (g_maxNSEC3sPerRecordToConsider > 0 && nsec3sConsidered >= g_maxNSEC3sPerRecordToConsider) {
           VLOG(log, qname << ": Too many NSEC3s for this record"<<endl);
-          context.d_limitHit = true;          
+          context.d_limitHit = true;
           return dState::NODENIAL;
         }
         nsec3sConsidered++;
@@ -1103,34 +1103,6 @@ vState validateWithKeySet(time_t now, const DNSName& name, const sortedRecords_t
   return vState::BogusNoValidRRSIG;
 }
 
-// returns vState
-// should return vState, zone cut and validated keyset
-// i.e. www.7bits.nl -> insecure/7bits.nl/[]
-//      www.powerdnssec.org -> secure/powerdnssec.org/[keys]
-//      www.dnssec-failed.org -> bogus/dnssec-failed.org/[]
-
-cspmap_t harvestCSPFromRecs(const vector<DNSRecord>& recs)
-{
-  cspmap_t cspmap;
-  for(const auto& rec : recs) {
-    //        cerr<<"res "<<rec.d_name<<"/"<<rec.d_type<<endl;
-    if (rec.d_type == QType::OPT) {
-      continue;
-    }
-
-    if(rec.d_type == QType::RRSIG) {
-      auto rrc = getRR<RRSIGRecordContent>(rec);
-      if (rrc) {
-        cspmap[{rec.d_name,rrc->d_type}].signatures.push_back(rrc);
-      }
-    }
-    else {
-      cspmap[{rec.d_name, rec.d_type}].records.insert(rec.getContent());
-    }
-  }
-  return cspmap;
-}
-
 bool getTrustAnchor(const map<DNSName,dsmap_t>& anchors, const DNSName& zone, dsmap_t &res)
 {
   const auto& iter = anchors.find(zone);
diff --git a/pdns/validate.hh b/pdns/validate.hh
index 034839fca0..f739bb7bab 100644
--- a/pdns/validate.hh
+++ b/pdns/validate.hh
@@ -107,7 +107,6 @@ vState validateWithKeySet(time_t now, const DNSName& name, const sortedRecords_t
 bool isCoveredByNSEC(const DNSName& name, const DNSName& begin, const DNSName& next);
 bool isCoveredByNSEC3Hash(const std::string& hash, const std::string& beginHash, const std::string& nextHash);
 bool isCoveredByNSEC3Hash(const DNSName& name, const DNSName& beginHash, const DNSName& nextHash);
-cspmap_t harvestCSPFromRecs(const vector<DNSRecord>& recs);
 bool getTrustAnchor(const map<DNSName,dsmap_t>& anchors, const DNSName& zone, dsmap_t &res);
 bool haveNegativeTrustAnchor(const map<DNSName,std::string>& negAnchors, const DNSName& zone, std::string& reason);
 vState validateDNSKeysAgainstDS(time_t now, const DNSName& zone, const dsmap_t& dsmap, const skeyset_t& tkeys, const sortedRecords_t& toSign, const vector<shared_ptr<const RRSIGRecordContent> >& sigs, skeyset_t& validkeys, const OptLog&, pdns::validation::ValidationContext& context);