mirror of
https://codeberg.org/anoncontributorxmr/monero.git
synced 2024-11-30 03:03:17 +00:00
dns_util: add new DNSSEC trust anchor for rollover
It should be useful from the 11th of october 2018. The old key is still trusted for now. https://www.icann.org/resources/pages/ksk-rollover
This commit is contained in:
parent
91c7d68b2d
commit
5083614ffa
1 changed files with 14 additions and 4 deletions
|
@ -97,11 +97,16 @@ get_builtin_cert(void)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/** return the built in root DS trust anchor */
|
/** return the built in root DS trust anchor */
|
||||||
static const char*
|
static const char* const*
|
||||||
get_builtin_ds(void)
|
get_builtin_ds(void)
|
||||||
{
|
{
|
||||||
return
|
static const char * const ds[] =
|
||||||
". IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5\n";
|
{
|
||||||
|
". IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5\n",
|
||||||
|
". IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D\n",
|
||||||
|
NULL
|
||||||
|
};
|
||||||
|
return ds;
|
||||||
}
|
}
|
||||||
|
|
||||||
/************************************************************
|
/************************************************************
|
||||||
|
@ -240,7 +245,12 @@ DNSResolver::DNSResolver() : m_data(new DNSResolverData())
|
||||||
ub_ctx_hosts(m_data->m_ub_context, NULL);
|
ub_ctx_hosts(m_data->m_ub_context, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
ub_ctx_add_ta(m_data->m_ub_context, string_copy(::get_builtin_ds()));
|
const char * const *ds = ::get_builtin_ds();
|
||||||
|
while (*ds)
|
||||||
|
{
|
||||||
|
MINFO("adding trust anchor: " << *ds);
|
||||||
|
ub_ctx_add_ta(m_data->m_ub_context, string_copy(*ds++));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
DNSResolver::~DNSResolver()
|
DNSResolver::~DNSResolver()
|
||||||
|
|
Loading…
Reference in a new issue