From ea1a5f35e42d119d128c66ce985d1f9f6e884acb Mon Sep 17 00:00:00 2001 From: TCY16 Date: Wed, 15 Dec 2021 12:29:11 +0100 Subject: [PATCH] add todo for tests and fix EDE codes for DNSKEY missing --- testdata/ede.tdir/ede.test | 2 +- validator/validator.c | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/testdata/ede.tdir/ede.test b/testdata/ede.tdir/ede.test index dac5793d1..a747afd61 100644 --- a/testdata/ede.tdir/ede.test +++ b/testdata/ede.tdir/ede.test @@ -196,7 +196,7 @@ fi # @TODO DNSSEC indeterminate - +# @TODO touch other validator codepath: val_inform_super() # teardown kill_pid $UNBOUND_PID diff --git a/validator/validator.c b/validator/validator.c index 7bdaaab0d..c38a9d72a 100644 --- a/validator/validator.c +++ b/validator/validator.c @@ -1858,7 +1858,7 @@ processValidate(struct module_qstate* qstate, struct val_qstate* vq, vq->chase_reply->security = sec_status_bogus; vq->chase_reply->reason_bogus = LDNS_EDE_DNSSEC_BOGUS; errinf_ede(qstate, "while building chain of trust", - LDNS_EDE_DNSSEC_BOGUS); + LDNS_EDE_DNSKEY_MISSING); if(vq->restart_count >= ve->max_restart) key_cache_insert(ve->kcache, vq->key_entry, qstate); return 1; @@ -2327,7 +2327,7 @@ primeResponseToKE(struct ub_packed_rrset_key* dnskey_rrset, "could not fetch DNSKEY rrset", ta->name, LDNS_RR_TYPE_DNSKEY, ta->dclass); if(qstate->env->cfg->harden_dnssec_stripped) { - errinf(qstate, "no DNSKEY rrset"); + errinf_ede(qstate, "no DNSKEY rrset", LDNS_EDE_DNSKEY_MISSING); kkey = key_entry_create_bad(qstate->region, ta->name, ta->namelen, ta->dclass, BOGUS_KEY_TTL, *qstate->env->now); @@ -2697,7 +2697,7 @@ process_ds_response(struct module_qstate* qstate, struct val_qstate* vq, * @param origin: the origin of msg. */ static void -process_dnskey_response(struct module_qstate* qstate, struct val_qstate* vq, + process_dnskey_response(struct module_qstate* qstate, struct val_qstate* vq, int id, int rcode, struct dns_msg* msg, struct query_info* qinfo, struct sock_list* origin) { -- 2.47.2