shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-02-10 13:57:25 +03:00
Code

resolved: be stricter when searching for a DS RR for a DNSKEY RR

Browse Source
This commit is contained in:
Lennart Poettering 2015-12-22 18:20:09 +01:00
parent 6b2f709364
commit d1c4ee3248
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/resolve/resolved-dns-dnssec.c
View File

@ -831,6 +831,15 @@ int dnssec_verify_dnskey_search(DnsResourceRecord *dnskey, DnsAnswer *validated_
if (ds->key->type != DNS_TYPE_DS)
continue;
if (ds->key->class != dnskey->key->class)
continue;
r = dns_name_equal(DNS_RESOURCE_KEY_NAME(dnskey->key), DNS_RESOURCE_KEY_NAME(ds->key));
if (r < 0)
return r;
if (r == 0)
continue;
r = dnssec_verify_dnskey(dnskey, ds);
if (r < 0)
return r;