dr.dnskeyNames.add(optarg);
} else if (opt.equals("debug")) {
dr.debug = Boolean.parseBoolean(optarg);
+ rootLogger.setLevel(Level.TRACE);
} else {
System.err.println("Unrecognized option: " + opt);
usage();
// If so, an additional check will need to be made in the authority
// section.
wc = ValUtils.rrsetWildcard(rrsets[i]);
+ // if the wildcard expansion equals the orig name, then we
+ // have the actual wildcard record and no actual wildcard
+ // expansion happened, so we shouldn't do the extra
+ // validation.
+ if (wc.equals(rrsets[i].getName())) {
+ wc = null;
+ }
// Notice a DNAME that should be followed by an unsigned CNAME.
if ((qtype != Type.DNAME) && (rrsets[i].getType() == Type.DNAME)) {
// If after all this, we still haven't proven the positive wildcard
// response, fail.
if ((wc != null) && !wcNSEC_ok) {
- // log.debug("positive response was wildcard expansion and "
- // + "did not prove original data did not exist");
+ mErrorList.add("Positive response was wildcard expansion " +
+ "and did not prove original data did not exist.");
m.setStatus(SecurityStatus.BOGUS);
return;
}
ValUtils.ResponseType subtype = ValUtils.classifyResponse(message, zone);
-
+ log.debug("Response was classified as a " + subtype);
switch (subtype) {
case POSITIVE:
log.trace("Validating a positive response");
git://blacka.com / captive-validator.git / commitdiff