Commit 64cf5144 authored by Ondřej Surý's avatar Ondřej Surý

libdns: Change check_dnskey_sigs() return type to void to match the reality...

libdns: Change check_dnskey_sigs() return type to void to match the reality how the function is used
parent 309dca41
......@@ -1499,7 +1499,7 @@ check_apex_rrsets(vctx_t *vctx) {
* The variables to update are chosen based on 'is_ksk', which is true when
* 'dnskey' is a KSK and false otherwise.
*/
static isc_result_t
static void
check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
dns_rdata_t *rdata, bool is_ksk)
{
......@@ -1513,25 +1513,26 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
standby_keys = (is_ksk ? vctx->standby_ksk : vctx->standby_zsk);
goodkey = (is_ksk ? &vctx->goodksk : &vctx->goodzsk);
if (dns_dnssec_selfsigns(rdata, vctx->origin, &vctx->keyset,
if (!dns_dnssec_selfsigns(rdata, vctx->origin, &vctx->keyset,
&vctx->keysigs, false, vctx->mctx))
{
if (active_keys[dnskey->algorithm] != 255) {
active_keys[dnskey->algorithm]++;
}
} else if (!is_ksk &&
dns_dnssec_signs(rdata, vctx->origin, &vctx->soaset,
&vctx->soasigs, false, vctx->mctx))
{
if (active_keys[dnskey->algorithm] != 255) {
active_keys[dnskey->algorithm]++;
}
return (ISC_R_SUCCESS);
} else {
if (standby_keys[dnskey->algorithm] != 255) {
standby_keys[dnskey->algorithm]++;
if (!is_ksk &&
dns_dnssec_signs(rdata, vctx->origin, &vctx->soaset,
&vctx->soasigs, false, vctx->mctx))
{
if (active_keys[dnskey->algorithm] != 255) {
active_keys[dnskey->algorithm]++;
}
} else {
if (standby_keys[dnskey->algorithm] != 255) {
standby_keys[dnskey->algorithm]++;
}
}
return (ISC_R_SUCCESS);
return;
}
if (active_keys[dnskey->algorithm] != 255) {
active_keys[dnskey->algorithm]++;
}
/*
......@@ -1540,7 +1541,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
*/
if (vctx->secroots == NULL) {
*goodkey = true;
return (ISC_R_SUCCESS);
return;
}
/*
......@@ -1549,7 +1550,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
result = dns_dnssec_keyfromrdata(vctx->origin, rdata, vctx->mctx,
&key);
if (result != ISC_R_SUCCESS) {
return (result);
goto cleanup;
}
result = dns_keytable_findkeynode(vctx->secroots, vctx->origin,
......@@ -1560,10 +1561,6 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
* No such trust anchor.
*/
if (result != ISC_R_SUCCESS) {
if (result == DNS_R_PARTIALMATCH || result == ISC_R_NOTFOUND) {
result = ISC_R_SUCCESS;
}
goto cleanup;
}
......@@ -1592,7 +1589,6 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey,
if (key != NULL) {
dst_key_free(&key);
}
return (ISC_R_SUCCESS);
}
/*%
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment