vendor/unbound/1.6.2

author: Dag-Erling Smørgrav <des@FreeBSD.org> 2018-05-12 11:53:39 +0000
committer: Dag-Erling Smørgrav <des@FreeBSD.org> 2018-05-12 11:53:39 +0000
commit: 6cacf549d3c2d5bddb0dcadd620e1db2897c7f26 (patch)
tree: e187e7d708a063f1628697fe779e2bb101d451b8 /validator/val_sigcrypt.c
parent: fbdb9ac866a647da0919b224f05cca039afc02fa (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/validator/val_sigcrypt.c b/validator/val_sigcrypt.c
index b0b2e970ff259..25278a8f3ac0f 100644
--- a/validator/val_sigcrypt.c
+++ b/validator/val_sigcrypt.c
@@ -51,6 +51,7 @@
 #include "util/module.h"
 #include "util/net_help.h"
 #include "util/regional.h"
+#include "util/config_file.h"
 #include "sldns/keyraw.h"
 #include "sldns/sbuffer.h"
 #include "sldns/parseutil.h"
@@ -318,12 +319,17 @@ int ds_digest_match_dnskey(struct module_env* env,
 	size_t dslen;
 	uint8_t* digest; /* generated digest */
 	size_t digestlen = ds_digest_size_algo(ds_rrset, ds_idx);
-	
+
 	if(digestlen == 0) {
 		verbose(VERB_QUERY, "DS fail: not supported, or DS RR "
 			"format error");
 		return 0; /* not supported, or DS RR format error */
 	}
+#ifndef USE_SHA1
+	if(fake_sha1 && ds_get_digest_algo(ds_rrset, ds_idx)==LDNS_SHA1)
+		return 1;
+#endif
+	
 	/* check digest length in DS with length from hash function */
 	ds_get_sigdata(ds_rrset, ds_idx, &ds, &dslen);
 	if(!ds || dslen != digestlen) {
author	Dag-Erling Smørgrav <des@FreeBSD.org>	2018-05-12 11:53:39 +0000
committer	Dag-Erling Smørgrav <des@FreeBSD.org>	2018-05-12 11:53:39 +0000
commit	6cacf549d3c2d5bddb0dcadd620e1db2897c7f26 (patch)
tree	e187e7d708a063f1628697fe779e2bb101d451b8 /validator/val_sigcrypt.c
parent	fbdb9ac866a647da0919b224f05cca039afc02fa (diff)