diff --git a/validator/val_utils.c b/validator/val_utils.c index e3677e1d9..e4eff1b25 100644 --- a/validator/val_utils.c +++ b/validator/val_utils.c @@ -54,6 +54,7 @@ #include "util/net_help.h" #include "util/module.h" #include "util/regional.h" +#include "util/config_file.h" #include "sldns/wire2str.h" #include "sldns/parseutil.h" @@ -914,7 +915,7 @@ void val_reply_remove_auth(struct reply_info* rep, size_t index) } void -val_check_nonsecure(struct val_env* ve, struct reply_info* rep) +val_check_nonsecure(struct module_env* env, struct reply_info* rep) { size_t i; /* authority */ @@ -955,7 +956,7 @@ val_check_nonsecure(struct val_env* ve, struct reply_info* rep) } } /* additional */ - if(!ve->clean_additional) + if(!env->cfg->val_clean_additional) return; for(i=rep->an_numrrsets+rep->ns_numrrsets; irrset_count; i++) { if(((struct packed_rrset_data*)rep->rrsets[i]->entry.data) diff --git a/validator/val_utils.h b/validator/val_utils.h index 051824aba..649adc2d6 100644 --- a/validator/val_utils.h +++ b/validator/val_utils.h @@ -306,10 +306,10 @@ void val_reply_remove_auth(struct reply_info* rep, size_t index); * So that unsigned data does not get let through to clients, when we have * found the data to be secure. * - * @param ve: validator environment with cleaning options. + * @param env: environment with cleaning options. * @param rep: reply to dump all nonsecure stuff out of. */ -void val_check_nonsecure(struct val_env* ve, struct reply_info* rep); +void val_check_nonsecure(struct module_env* env, struct reply_info* rep); /** * Mark all unchecked rrset entries not below a trust anchor as indeterminate. diff --git a/validator/validator.c b/validator/validator.c index c1f5f57f6..5f4a1eb4e 100644 --- a/validator/validator.c +++ b/validator/validator.c @@ -2128,7 +2128,7 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq, * a different signer name). And drop additional rrsets * that are not secure (if clean-additional option is set) */ /* this may cause the msg to be marked bogus */ - val_check_nonsecure(ve, vq->orig_msg->rep); + val_check_nonsecure(qstate->env, vq->orig_msg->rep); if(vq->orig_msg->rep->security == sec_status_secure) { log_query_info(VERB_DETAIL, "validation success", &qstate->qinfo);