[Unbound-users] libunbound validation
W.C.A. Wijngaards
wouter at NLnetLabs.nl
Fri Aug 6 14:04:55 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Ondřej,
The r->bogus is true.
if(r->bogus) printf("bogus: %s\n", r->why_bogus);
that shows you why it was bogus.
(as an aside, r->secure is true when it is signed. Unsigned domains are
not secure and not bogus ...)
Best regards,
Wouter
On 08/06/2010 03:44 PM, Ondřej Surý wrote:
> Hi Wouter,
>
> I have a very simple code:
>
> #include <string.h>
> #include <stdio.h>
> #include <unbound.h>
> #include <ldns.h>
>
> int main(int argc, char **argv) {
>
> struct ub_ctx *ctx;
> struct ub_result *r;
>
> ldns_pkt *pkt;
>
> ldns_rdf rdf;
>
> int x = 0;
>
> ctx = ub_ctx_create();
> ub_ctx_add_ta(ctx, ". IN DS 19036 8 2
> 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5");
> ub_ctx_hosts(ctx, NULL);
> ub_ctx_resolvconf(ctx, NULL);
>
> ub_resolve(ctx, "www.rhybar.cz", LDNS_RR_TYPE_AAAA, LDNS_RR_CLASS_IN, &r);
>
> ldns_wire2pkt(&pkt, r->answer_packet, r->answer_len);
>
> printf("%s\n", ldns_pkt2str(pkt));
>
> ub_ctx_delete(ctx);
>
> return 0;
> }
>
> And it resolvers www.rhybar.cz (which it shouldn't) without any problems.
>
> What I am doing wrong?
>
> Ondrej
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkxcFocACgkQkDLqNwOhpPhNPgCfU2Cu1Ut728v2HwPsWigrKupf
hTIAoJZ8Puz+p5UKszx+cmiNTuiwQL54
=21pY
-----END PGP SIGNATURE-----
More information about the Unbound-users
mailing list