Skip to content

D
Dnsmasq
Commit 3b799c82 authored by Simon Kelley's avatar Simon Kelley
Browse files
Options

Fix brace botch in dnssec_validate_ds() 

Thanks to Michał Kępień for spotting this.
parent b40f26c0
Show whitespace changes
Inline Side-by-side
Showing with 17 additions and 17 deletions
src/dnssec.c
View file @ 3b799c82
...@@ -927,7 +927,7 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in ...@@ -927,7 +927,7 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
STAT_BOGUS No DNSKEYs found, which can be validated with DS, STAT_BOGUS No DNSKEYs found, which can be validated with DS,
or self-sign for DNSKEY RRset is not valid, bad packet. or self-sign for DNSKEY RRset is not valid, bad packet.
STAT_NEED_DS DS records to validate a key not found, name in keyname STAT_NEED_DS DS records to validate a key not found, name in keyname
STAT_NEED_DNSKEY DNSKEY records to validate a key not found, name in keyname STAT_NEED_KEY DNSKEY records to validate a key not found, name in keyname
*/ */
int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int class) int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int class)
{ {
...@@ -1224,13 +1224,13 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char ...@@ -1224,13 +1224,13 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
} }
p = psave; p = psave;
}
if (!ADD_RDLEN(header, p, plen, rdlen)) if (!ADD_RDLEN(header, p, plen, rdlen))
return STAT_BOGUS; /* bad packet */ return STAT_BOGUS; /* bad packet */
} }
cache_end_insert(); cache_end_insert();
}
} }
else else
{ {
...@@ -1831,7 +1831,7 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key ...@@ -1831,7 +1831,7 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key
STAT_SECURE zone is signed. STAT_SECURE zone is signed.
STAT_INSECURE zone proved unsigned. STAT_INSECURE zone proved unsigned.
STAT_NEED_DS require DS record of name returned in keyname. STAT_NEED_DS require DS record of name returned in keyname.
STAT_NEED_DNSKEY require DNSKEY record of name returned in keyname. STAT_NEED_KEY require DNSKEY record of name returned in keyname.
name returned unaltered. name returned unaltered.
*/ */
static int zone_status(char *name, int class, char *keyname, time_t now) static int zone_status(char *name, int class, char *keyname, time_t now)
...@@ -2028,7 +2028,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch ...@@ -2028,7 +2028,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
if (rc == STAT_SECURE) if (rc == STAT_SECURE)
rc = STAT_BOGUS; rc = STAT_BOGUS;
if (class) if (class)
*class = class1; /* Class for NEED_DS or NEED_DNSKEY */ *class = class1; /* Class for NEED_DS or NEED_KEY */
} }
else else
rc = STAT_INSECURE; rc = STAT_INSECURE;
...@@ -2045,7 +2045,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch ...@@ -2045,7 +2045,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
{ {
/* Zone is insecure, don't need to validate RRset */ /* Zone is insecure, don't need to validate RRset */
if (class) if (class)
*class = class1; /* Class for NEED_DS or NEED_DNSKEY */ *class = class1; /* Class for NEED_DS or NEED_KEY */
return rc; return rc;
} }
...@@ -2115,7 +2115,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch ...@@ -2115,7 +2115,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
if ((rc = zone_status(name, qclass, keyname, now)) != STAT_SECURE) if ((rc = zone_status(name, qclass, keyname, now)) != STAT_SECURE)
{ {
if (class) if (class)
*class = qclass; /* Class for NEED_DS or NEED_DNSKEY */ *class = qclass; /* Class for NEED_DS or NEED_KEY */
return rc; return rc;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment