}
bool
-ldns_nsec_covers_name(const ldns_rr *nsec, ldns_rdf *name)
+ldns_nsec_covers_name(const ldns_rr *nsec, const ldns_rdf *name)
{
ldns_rdf *nsec_owner = ldns_rr_owner(nsec);
ldns_rdf *nsec_next = ldns_rr_rdf(nsec, 0);
ldns_lookup_table *lt;
const ldns_rr_descriptor *descriptor;
+ ldns_dname2canonical(name);
+
pkt = ldns_pkt_clone(pkt_o);
if (!name) {
mesg("No name to chase");
nsecs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_NSEC, LDNS_SECTION_ANY_NOQUESTION);
result = LDNS_STATUS_CRYPTO_NO_RRSIG;
+ ldns_rr_list2canonical(nsecs);
+
for (nsec_i = 0; nsec_i < ldns_rr_list_rr_count(nsecs); nsec_i++) {
/* there are four options:
* - name equals ownername and is covered by the type bitmap
/**
* Checks coverage of NSEC RR name span
+ * Remember that nsec and name must both be in canonical form (ie use
+ * \ref ldns_rr2canonical and \ref ldns_dname2canonical prior to calling this
+ * function)
+ *
* \param[in] nsec The NSEC RR to check
* \param[in] name The owner dname to check
* \return true if the NSEC RR covers the owner name
*/
-bool ldns_nsec_covers_name(const ldns_rr *nsec, ldns_rdf *name);
+bool ldns_nsec_covers_name(const ldns_rr *nsec, const ldns_rdf *name);
/**
* verify a packet
ldns_pkt_set_edns_do(ldns_pkt *packet, bool value)
{
if (value) {
- packet->_edns_z = packet->_edns_z & LDNS_EDNS_MASK_DO_BIT;
+ packet->_edns_z = packet->_edns_z | LDNS_EDNS_MASK_DO_BIT;
} else {
packet->_edns_z = packet->_edns_z & !LDNS_EDNS_MASK_DO_BIT;
}
projects / thirdparty / ldns.git / commitdiff
