community
/
dns
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Some tweaks are still needed for nsec3

This commit is contained in:
Miek Gieben 2012-01-21 22:12:44 +01:00
parent 2d7e833173
commit 37f396a05b
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
TODO.markdown
View File

@ -9,10 +9,10 @@ things that need to be fixed.
* Add handy zone data structure (r/b tree)?
* Use the Exchange structure to deal with errors when resolving, esp. Timeout
* IsSubdomain, IsGlue helper functions;
* NSECX covers/matches helper function
* SaltLength in NSEC3 is ugly to set, should be automatically done. There are prolly a few more
settings just like that -- need to look at them.
-edns NSID is another
## Examples to add
* Nameserver, with a small zone, 1 KSK and online signing;

4
examples/q/q.go
View File

@ -168,9 +168,9 @@ func sectionCheck(set []dns.RR, server string) {
fmt.Printf(";? DNSKEY %s/%d not found\n", rr.(*dns.RR_RRSIG).SignerName, rr.(*dns.RR_RRSIG).KeyTag)
}
if err := rr.(*dns.RR_RRSIG).Verify(key, rrset); err != nil {
fmt.Printf(";- Bogus signature, %s does not validate with DNSKEY %s/%d\n", shortSig(rr.(*dns.RR_RRSIG)), key.Header().Name, key.KeyTag())
fmt.Printf(";- Bogus signature, %s does not validate (DNSKEY %s/%d)\n", shortSig(rr.(*dns.RR_RRSIG)), key.Header().Name, key.KeyTag())
} else {
fmt.Printf(";+ Secure signature, %s validates with DNSKEY %s/%d\n", shortSig(rr.(*dns.RR_RRSIG)), key.Header().Name, key.KeyTag())
fmt.Printf(";+ Secure signature, %s validates (DNSKEY %s/%d)\n", shortSig(rr.(*dns.RR_RRSIG)), key.Header().Name, key.KeyTag())
}
}
}