upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- zonemd, fix order of bogus printout string manipulation.

Browse source
This commit is contained in:
W.C.A. Wijngaards 2021-08-13 15:24:53 +02:00
parent c8c2dfff22
commit 4034c009bb
2 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
doc/Changelog
View file

@ -4,6 +4,7 @@
and udp send, they are visible at higher verbosity settings.
- Fix zonemd verification of key that is not in DNS but in the zone
and needs a chain of trust.
- zonemd, fix order of bogus printout string manipulation.
12 August 2021: George
- Merge PR #514, from ziollek: Docker environment for run tests.

6
services/authzone.c
View file

@ -8104,7 +8104,7 @@ auth_zone_verify_zonemd_key_with_ds(struct auth_zone* z,
keystorage->rk.dname_len = apex->namelen;
keystorage->rk.type = htons(LDNS_RR_TYPE_DNSKEY);
keystorage->rk.rrset_class = htons(z->dclass);
auth_zone_log(z->name, VERB_QUERY, "zonemd: verify zone's DNSKEY with DS");
auth_zone_log(z->name, VERB_QUERY, "zonemd: verify zone DNSKEY with DS");
sec = val_verify_DNSKEY_with_DS(env, ve, keystorage, ds, NULL,
why_bogus, NULL);
regional_free_all(env->scratch);
@ -8117,11 +8117,11 @@ auth_zone_verify_zonemd_key_with_ds(struct auth_zone* z,
} else {
/* bogus */
*is_insecure = 0;
if(*why_bogus == NULL)
*why_bogus = "verify failed";
auth_zone_log(z->name, VERB_ALGO,
"zonemd: verify DNSKEY RRset with DS failed: %s",
*why_bogus);
if(*why_bogus == NULL)
*why_bogus = "verify failed";
}
return NULL;
}