projects
/
dnssec-prover
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
3f6d034
)
Correct proof validation for records at a zone root
author
Matt Corallo
<git@bluematt.me>
Tue, 6 Feb 2024 05:46:31 +0000
(
05:46
+0000)
committer
Matt Corallo
<git@bluematt.me>
Tue, 6 Feb 2024 05:46:31 +0000
(
05:46
+0000)
src/validation.rs
patch
|
blob
|
history
diff --git
a/src/validation.rs
b/src/validation.rs
index 5ce75306717cb32379d573d3b531652be256252c..30a541ac76231ddc0246969f01764ce17c86651a 100644
(file)
--- a/
src/validation.rs
+++ b/
src/validation.rs
@@
-293,7
+293,7
@@
pub fn verify_rr_stream<'a>(inp: &'a [RR]) -> Result<VerifiedRRStream<'a>, Valid
min_ttl = cmp::min(min_ttl, rrsig.orig_ttl);
for rrsig in inp.iter()
.filter_map(|rr| if let RR::RRSig(sig) = rr { Some(sig) } else { None })
- .filter(move |rrsig| rrsig.key_name.as_str() == zone && rrsig.
name.as_str() != zone
)
+ .filter(move |rrsig| rrsig.key_name.as_str() == zone && rrsig.
ty != DnsKey::TYPE
)
{
if !rrsig.name.ends_with(zone) { return Err(ValidationError::Invalid); }
let signed_records = inp.iter()