From dda3dfa9de3b2cb6a983efac1f4b869c106f03ae Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@NLnetLabs.nl>
Date: Mon, 5 Sep 2011 09:30:24 +0000
Subject: [PATCH] Oops, even defines for ecdsa are nog given without USE_ECDSA.
 Also rearrangement of variable declaration to stop splint complaining.

---
 dnssec.c        | 9 ++++-----
 dnssec_verify.c | 8 ++++----
 2 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/dnssec.c b/dnssec.c
index 0bb524f1..2e7e0bc1 100644
--- a/dnssec.c
+++ b/dnssec.c
@@ -535,18 +535,17 @@ ldns_key_rr2ds(const ldns_rr *key, ldns_hash h)
 		ldns_rr_free(ds);
 		return NULL;
 #endif
-	case LDNS_SHA384:
 #ifdef USE_ECDSA
+		/* Make similar ``not implemented'' construct as above when 
+		   draft-hoffman-dnssec-ecdsa-04 becomes a standard
+		 */
+	case LDNS_SHA384:
 		digest = LDNS_XMALLOC(uint8_t, SHA384_DIGEST_LENGTH);
 		if (!digest) {
 			ldns_rr_free(ds);
 			return NULL;
 		}
                 break;
-#else
-		/* not implemented */
-		ldns_rr_free(ds);
-		return NULL;
 #endif
 	}
 
diff --git a/dnssec_verify.c b/dnssec_verify.c
index 9413266d..69b8f29b 100644
--- a/dnssec_verify.c
+++ b/dnssec_verify.c
@@ -1080,6 +1080,9 @@ ldns_fetch_valid_domain_keys(const ldns_resolver *res,
 {
 	ldns_rr_list * trusted_keys = NULL;
 	ldns_rr_list * ds_keys = NULL;
+	ldns_rdf * prev_parent_domain;
+	ldns_rdf *      parent_domain;
+	ldns_rr_list * parent_keys = NULL;
 
 	if (res && domain && keys) {
 
@@ -1091,10 +1094,7 @@ ldns_fetch_valid_domain_keys(const ldns_resolver *res,
 			/* No trusted keys in this domain, we'll have to find some in the parent domain */
 			*status = LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY;
 
-			ldns_rdf * parent_domain = ldns_dname_left_chop(domain);
-			ldns_rdf * prev_parent_domain;
-			ldns_rr_list * parent_keys = NULL;
-      
+			parent_domain = ldns_dname_left_chop(domain);
 			while (ldns_rdf_size(parent_domain) > 0) {
 				/* Fail if we are at the root */
 	
-- 
2.47.3