[Dnsmasq-discuss] [PATCH] Treat records signed using unknown algorithms as unsigned instead of bogus

Simon Kelley simon at thekelleys.org.uk
Wed Dec 30 22:36:02 GMT 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256



> The only remark I have this time is that it might be nice to also 
> include digest/signing algorithms in DS query logs.  Seeing
> something like this in your logs can be confusing:
> 
> reply caint.su is DS keytag 697 reply caint.su is DS keytag 697 
> reply caint.su is DS keytag 697 (not supported)
> 
> Instead, something like this could be written:
> 
> reply caint.su is DS keytag 697, algo 5, digest 1 reply caint.su is
> DS keytag 697, algo 5, digest 2 reply caint.su is DS keytag 697,
> algo 5, digest 3 (not supported)
> 
> It's just a thought, though.
> 

OK, extra logging is there now.

Cheers,

Simon.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBCAAGBQJWhFxRAAoJEBXN2mrhkTWiWHkP/jacuGUU1TIXIT/4xS0okiDb
OgOcZnWPE88JJCMV2KL+p+rm1hGgd/D72Mzw3+I3QffsCqOyZTTAcNJCW+EJfpZH
negRhJDopTDhcrbe0a6FH8Vhwp+j8cVvufelACt8ATkD0sYHBO7Rseb4GKNq1/ia
xGILbSO6KoPgPW2Md7oD0KFj+gVU2eppmCLp7EIoa3es5aDpIjG+XBecYIyrv/1K
T6FYSLfN62OcstJiwF3hprBYSYiMci9Q2PqrxRoKhHRTX+fCMzIRxMwb+1vaSlVV
nPqjFIFPG09vwCeTOBfAo4XEZDmBAoUWmtzdy8WXuW6PBh/tDgvoMcAPT1Vig9WQ
AL4OWG1yC1lopYe4Dd9WpLFa5+h6Y6S7LJweBticzZ+Qy8Q975y7nNc8tVTcD2AS
aKXZDMHFfQERGYVg7Prxvj8EDBh/PEn7j34Ki06amIumYRNNYv10ovsRgezaxVpm
2ZbZkiB/Xt3rvqnMaj8iwEg8Tit4x5Z6PtfEB8zBKK/BGFkKVCstz9gRMcPWj2He
GQ+J25d5csnkic23Zed0Iq75amuDEBJoQMkVwSIBBhEt2Ex5a9fF3hquxkuYoslT
UD9Ml193TZHwyvX0y/EyznjBjbZw9wzt2hFz8Kqyx5pHYykW/9EQG3wkWjf+Uo9J
8hFvEXiCMWC/49Yy1pWf
=pVgL
-----END PGP SIGNATURE-----



More information about the Dnsmasq-discuss mailing list