diff --git a/validator/val_utils.c b/validator/val_utils.c index e3677e1..e4eff1b 100644 --- a/validator/val_utils.c +++ b/validator/val_utils.c @@ -54,6 +54,7 @@ #include "util/net_help.h" #include "util/module.h" #include "util/regional.h" +#include "util/config_file.h" #include "sldns/wire2str.h" #include "sldns/parseutil.h" @@ -914,7 +915,7 @@ void val_reply_remove_auth(struct reply_info* rep, size_t index) } void -val_check_nonsecure(struct val_env* ve, struct reply_info* rep) +val_check_nonsecure(struct module_env* env, struct reply_info* rep) { size_t i; /* authority */ @@ -955,7 +956,7 @@ val_check_nonsecure(struct val_env* ve, struct reply_info* rep) } } /* additional */ - if(!ve->clean_additional) + if(!env->cfg->val_clean_additional) return; for(i=rep->an_numrrsets+rep->ns_numrrsets; irrset_count; i++) { if(((struct packed_rrset_data*)rep->rrsets[i]->entry.data) diff --git a/validator/val_utils.h b/validator/val_utils.h index 051824a..649adc2 100644 --- a/validator/val_utils.h +++ b/validator/val_utils.h @@ -306,10 +306,10 @@ void val_reply_remove_auth(struct reply_info* rep, size_t index); * So that unsigned data does not get let through to clients, when we have * found the data to be secure. * - * @param ve: validator environment with cleaning options. + * @param env: environment with cleaning options. * @param rep: reply to dump all nonsecure stuff out of. */ -void val_check_nonsecure(struct val_env* ve, struct reply_info* rep); +void val_check_nonsecure(struct module_env* env, struct reply_info* rep); /** * Mark all unchecked rrset entries not below a trust anchor as indeterminate. diff --git a/validator/validator.c b/validator/validator.c index e8b6317..5f4a1eb 100644 --- a/validator/validator.c +++ b/validator/validator.c @@ -113,8 +113,6 @@ val_apply_cfg(struct module_env* env, struct val_env* val_env, { int c; val_env->bogus_ttl = (uint32_t)cfg->bogus_ttl; - val_env->clean_additional = cfg->val_clean_additional; - val_env->permissive_mode = cfg->val_permissive_mode; if(!env->anchors) env->anchors = anchors_create(); if(!env->anchors) { @@ -171,7 +169,6 @@ val_init(struct module_env* env, int id) } env->modinfo[id] = (void*)val_env; env->need_to_validate = 1; - val_env->permissive_mode = 0; lock_basic_init(&val_env->bogus_lock); lock_protect(&val_env->bogus_lock, &val_env->num_rrset_bogus, sizeof(val_env->num_rrset_bogus)); @@ -619,9 +616,11 @@ validate_msg_signatures(struct module_qstate* qstate, struct module_env* env, } } - /* attempt to validate the ADDITIONAL section rrsets */ - if(!ve->clean_additional) + /* If set, the validator should clean the additional section of + * secure messages. */ + if(!env->cfg->val_clean_additional) return 1; + /* attempt to validate the ADDITIONAL section rrsets */ for(i=chase_reply->an_numrrsets+chase_reply->ns_numrrsets; irrset_count; i++) { s = chase_reply->rrsets[i]; @@ -2129,7 +2128,7 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq, * a different signer name). And drop additional rrsets * that are not secure (if clean-additional option is set) */ /* this may cause the msg to be marked bogus */ - val_check_nonsecure(ve, vq->orig_msg->rep); + val_check_nonsecure(qstate->env, vq->orig_msg->rep); if(vq->orig_msg->rep->security == sec_status_secure) { log_query_info(VERB_DETAIL, "validation success", &qstate->qinfo); @@ -2170,8 +2169,14 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq, free(err); } } + /* + * If set, the validator will not make messages bogus, instead + * indeterminate is issued, so that no clients receive SERVFAIL. + * This allows an operator to run validation 'shadow' without + * hurting responses to clients. + */ /* If we are in permissive mode, bogus gets indeterminate */ - if(ve->permissive_mode) + if(qstate->env->cfg->val_permissive_mode) vq->orig_msg->rep->security = sec_status_indeterminate; } diff --git a/validator/validator.h b/validator/validator.h index 23d3072..9a59107 100644 --- a/validator/validator.h +++ b/validator/validator.h @@ -93,19 +93,6 @@ struct val_env { * seconds. */ uint32_t bogus_ttl; - /** If set, the validator should clean the additional section of - * secure messages. - */ - int clean_additional; - - /** - * If set, the validator will not make messages bogus, instead - * indeterminate is issued, so that no clients receive SERVFAIL. - * This allows an operator to run validation 'shadow' without - * hurting responses to clients. - */ - int permissive_mode; - /** * Number of entries in the NSEC3 maximum iteration count table. * Keep this table short, and sorted by size