diff options
| author | Lennart Poettering <lennart@poettering.net> | 2016-01-07 17:03:31 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2016-01-11 19:39:59 +0100 |
| commit | d424da2ae0860268ab863ce8945a425aa79e3826 (patch) | |
| tree | d201349da41342ef1075cf7bc85a2d2da969dfc7 /src/resolve/resolved-dns-trust-anchor.h | |
| parent | resolved: look for revoked trust anchors before validating a message (diff) | |
| download | systemd-d424da2ae0860268ab863ce8945a425aa79e3826.tar.xz systemd-d424da2ae0860268ab863ce8945a425aa79e3826.zip | |
resolved: rework trust anchor revoke checking
Instead of first iterating through all DNSKEYs in the DnsAnswer in
dns_transaction_check_revoked_trust_anchors(), and
then doing that a second time in dns_trust_anchor_check_revoked(), do so
only once in the former, and pass the dnskey we found directly to the
latter.
Diffstat (limited to 'src/resolve/resolved-dns-trust-anchor.h')
| -rw-r--r-- | src/resolve/resolved-dns-trust-anchor.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/resolve/resolved-dns-trust-anchor.h b/src/resolve/resolved-dns-trust-anchor.h index 303c4088d1..054c98da70 100644 --- a/src/resolve/resolved-dns-trust-anchor.h +++ b/src/resolve/resolved-dns-trust-anchor.h @@ -40,4 +40,4 @@ void dns_trust_anchor_flush(DnsTrustAnchor *d); int dns_trust_anchor_lookup_positive(DnsTrustAnchor *d, const DnsResourceKey* key, DnsAnswer **answer); int dns_trust_anchor_lookup_negative(DnsTrustAnchor *d, const char *name); -int dns_trust_anchor_check_revoked(DnsTrustAnchor *d, DnsAnswer *rrs, const DnsResourceKey *key); +int dns_trust_anchor_check_revoked(DnsTrustAnchor *d, DnsResourceRecord *dnskey, DnsAnswer *rrs); |