diff options
| author | Vladimír Čunát <vladimir.cunat@nic.cz> | 2024-03-04 19:20:37 +0100 |
|---|---|---|
| committer | Vladimír Čunát <vladimir.cunat@nic.cz> | 2024-03-05 10:09:33 +0100 |
| commit | db29c94ac6ad52758a360bb91f1620f521ab33f5 (patch) | |
| tree | fd15eb02edd542609ffe15146662078dbc98e576 /modules | |
| parent | Merge branch 'forward-auth-port' into '6.0' (diff) | |
| download | knot-resolver-db29c94ac6ad52758a360bb91f1620f521ab33f5.tar.xz knot-resolver-db29c94ac6ad52758a360bb91f1620f521ab33f5.zip | |
lib/dnssec: refactor kr_dnssec_key_*
- The "ksk" and "zsk" in names were confusing,
as they did NOT match the normal terms of KSK and ZSK.
- Add _usable() as a more useful function than _zsk() was.
- don't use 16-bit flag-sets; it's way easier to extract on byte level
- use inline for the simplified code
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/ta_update/ta_update.lua | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/ta_update/ta_update.lua b/modules/ta_update/ta_update.lua index 2361e167..3c059f85 100644 --- a/modules/ta_update/ta_update.lua +++ b/modules/ta_update/ta_update.lua @@ -58,7 +58,7 @@ end -- Evaluate TA status of a RR according to RFC5011. The time is in seconds. local function ta_present(keyset, rr, hold_down_time) - if rr.type == kres.type.DNSKEY and not C.kr_dnssec_key_ksk(rr.rdata) then + if rr.type == kres.type.DNSKEY and not C.kr_dnssec_key_sep_flag(rr.rdata) then return false -- Ignore end -- Attempt to extract key_tag @@ -212,7 +212,7 @@ local function check_upstream(keyset, new_keys) local ta = ta_find(keyset, rr) table.insert(process_keys, ta) - if rr.type == kres.type.DNSKEY and not C.kr_dnssec_key_ksk(rr.rdata) then + if rr.type == kres.type.DNSKEY and not C.kr_dnssec_key_sep_flag(rr.rdata) then goto continue -- Ignore end |