diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2017-08-31 11:43:21 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2017-08-31 11:43:21 +0000 |
| commit | 31f8d531e1359c7acd82cff9ab798cdeac277adc (patch) | |
| tree | 74b9481c018d906030292f2585498c41393f1bac | |
| parent | bd51c20871bac7a49ea0adc443050f2894cfd5f3 (diff) | |
Merge upstream r4302 to support multiple concurrently valid anchors.
Notes
Notes:
svn path=/vendor/unbound/dist/; revision=323048
| -rw-r--r-- | validator/autotrust.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/validator/autotrust.c b/validator/autotrust.c index a2fcc871e7b1..416f48fa986d 100644 --- a/validator/autotrust.c +++ b/validator/autotrust.c @@ -1571,6 +1571,11 @@ key_matches_a_ds(struct module_env* env, struct val_env* ve, verbose(VERB_ALGO, "DS match attempt failed"); continue; } + /* match of hash is sufficient for bootstrap of trust point */ + (void)reason; + (void)ve; + return 1; + /* no need to check RRSIG, DS hash already matched with source if(dnskey_verify_rrset(env, ve, dnskey_rrset, dnskey_rrset, key_idx, &reason) == sec_status_secure) { return 1; @@ -1578,6 +1583,7 @@ key_matches_a_ds(struct module_env* env, struct val_env* ve, verbose(VERB_ALGO, "DS match failed because the key " "does not verify the keyset: %s", reason); } + */ } return 0; } |