diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-12-02 22:47:28 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-12-03 00:26:58 +0100 |
commit | 2a326321594f752b73a5aec0eb73e5bf59f76b3c (patch) | |
tree | d9d81d7067b8478539a203d976aaa9992a7e2bd4 /src/resolve/test-dnssec.c | |
parent | 2b442ac87838be7c326c984d8751c96dee7258ab (diff) |
resolved: don't accept expired RRSIGs
Diffstat (limited to 'src/resolve/test-dnssec.c')
-rw-r--r-- | src/resolve/test-dnssec.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/resolve/test-dnssec.c b/src/resolve/test-dnssec.c index 8cab025426..be9a3c7332 100644 --- a/src/resolve/test-dnssec.c +++ b/src/resolve/test-dnssec.c @@ -106,7 +106,8 @@ static void test_dnssec_verify_rrset(void) { assert_se(answer); assert_se(dns_answer_add(answer, a, 0) >= 0); - assert_se(dnssec_verify_rrset(answer, a->key, rrsig, dnskey) == DNSSEC_VERIFIED); + /* Validate the RR as it if was 2015-12-2 today */ + assert_se(dnssec_verify_rrset(answer, a->key, rrsig, dnskey, 1449092754*USEC_PER_SEC) == DNSSEC_VERIFIED); } static void test_dnssec_verify_dns_key(void) { |