Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 10:18:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Log signature algo with DNSKEY and DS, also digest with DS.

Browse Source
This commit is contained in:
Simon Kelley
2015-12-21 18:31:55 +00:00
parent efef497b89
commit 15379ea1f2
3 changed files with 14 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/dnssec.c
View File

@@ -1115,11 +1115,12 @@ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, ch
}
else
{
a.addr.keytag = keytag;
a.addr.log.keytag = keytag;
a.addr.log.algo = algo;
if (verify_func(algo))
log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %u");
log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu");
else
log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %u (not supported)");
log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu (not supported)");
recp1->addr.key.keylen = rdlen - 4;
recp1->addr.key.keydata = key;
@@ -1241,11 +1242,13 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
}
else
{
a.addr.keytag = keytag;
a.addr.log.keytag = keytag;
a.addr.log.algo = algo;
a.addr.log.digest = digest;
if (hash_find(ds_digest_name(digest)) && verify_func(algo))
log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %u");
log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu");
else
log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %u (not supported)");
log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu (not supported)");
crecp->addr.ds.digest = digest;
crecp->addr.ds.keydata = key;