resolved: fix DNSSEC `missing-key` error

author Fabian Möller <fabianm88@gmail.com>

Wed, 22 Jan 2025 12:33:12 +0000 (13:33 +0100)

committer Lennart Poettering <lennart@poettering.net>

Wed, 5 Feb 2025 21:11:55 +0000 (22:11 +0100)
author Fabian Möller <fabianm88@gmail.com>
Wed, 22 Jan 2025 12:33:12 +0000 (13:33 +0100)
committer Lennart Poettering <lennart@poettering.net>
Wed, 5 Feb 2025 21:11:55 +0000 (22:11 +0100)
diff --git a/src/resolve/resolved-dns-dnssec.c b/src/resolve/resolved-dns-dnssec.c

index aff185a2dd9b4f15c6c72bcbf45dcb2cb464964d..5f0152c278cc2b40b0d92b6bd76781466c5502e3 100644 (file)
--- a/src/resolve/resolved-dns-dnssec.c
+++ b/src/resolve/resolved-dns-dnssec.c
@@ -1470,7 +1470,7 @@ int dnssec_verify_dnskey_by_ds_search(DnsResourceRecord *dnskey, DnsAnswer *vali
  
                  r = dnssec_verify_dnskey_by_ds(dnskey, ds, false);
                  if (IN_SET(r, -EKEYREJECTED, -EOPNOTSUPP))
-                        return 0; /* The DNSKEY is revoked or otherwise invalid, or we don't support the digest algorithm */
+                        continue; /* The DNSKEY is revoked or otherwise invalid, or we don't support the digest algorithm */
                  if (r < 0)
                          return r;
                  if (r > 0)
author	Fabian Möller <fabianm88@gmail.com>
	Wed, 22 Jan 2025 12:33:12 +0000 (13:33 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Wed, 5 Feb 2025 21:11:55 +0000 (22:11 +0100)