upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-04 19:52:03 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Move onto the next RRSIG on DNS_R_SIGEXPIRED or DNS_R_SIGFUTURE

Browse source
This commit is contained in:
Mark Andrews 2024-02-17 09:22:58 +11:00 committed by Ondřej Surý
parent 1f1685ef67
commit 82ca80c2e9
No known key found for this signature in database
GPG key ID: 2820F37E873DEA41
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lib/dns/validator.c
View file

@ -1590,6 +1590,10 @@ validate_answer(dns_validator_t *val, bool resume) {
}
vresult = verify(val, val->key, &rdata, val->siginfo->keyid);
if (vresult == DNS_R_SIGEXPIRED || vresult == DNS_R_SIGFUTURE) {
resume = false;
continue;
}
if (vresult != ISC_R_SUCCESS) {
val->failed = true;
validator_log(val, ISC_LOG_DEBUG(3),