When we introduced "dnssec-policy insecure" we could have removed the
'strcmp' check for "none", because if it was set to "none", the 'kasp'
variable would have been set to NULL.
if (strcmp("none", name) == 0) {
return (false);
}
+ if (strcmp("insecure", name) == 0) {
+ return (false);
+ }
if (strcmp("default", name) == 0) {
return (false);
}
/*
* Only update DNSKEY TTL if we have a policy.
*/
- if (kasp != NULL && strcmp(dns_kasp_getname(kasp), "none") != 0)
- {
+ if (kasp != NULL) {
ttl = dns_kasp_dnskeyttl(kasp);
}