From d357d16d83d95291738b3d7912ee65335a03123d Mon Sep 17 00:00:00 2001 From: Eduardo Date: Mon, 7 Dec 2020 21:11:18 -0300 Subject: [PATCH] fixing #6 --- tools/rr_set.go | 6 +++++- tools/sign_session.go | 6 +++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/tools/rr_set.go b/tools/rr_set.go index a7f963e..8b185cd 100644 --- a/tools/rr_set.go +++ b/tools/rr_set.go @@ -272,7 +272,11 @@ func (ctx *Context) addNSEC3Records(optOut bool) error { // Link the first one nsec3List[len(nsec3List)-1].NextDomain = nsec3List[0].Hdr.Name for i := 0; i < len(nsec3List); i++ { - nsec3List[i].Header().Name += "." + ctx.Config.Zone + if ctx.Config.Zone != "." { + nsec3List[i].Header().Name += "." + ctx.Config.Zone + } else { + nsec3List[i].Header().Name += ctx.Config.Zone + } ctx.rrs = append(ctx.rrs, nsec3List[i]) } } diff --git a/tools/sign_session.go b/tools/sign_session.go index cc2f6b5..838b311 100644 --- a/tools/sign_session.go +++ b/tools/sign_session.go @@ -86,7 +86,7 @@ func Sign(session SignSession) (ds *dns.DS, err error) { ctx.Log.Printf("[Signature %d/%d] Creating RRSig for RRSet %s", i+1, len(rrSet)+1, v.String()) err = rrSig.Sign(keys.zskSigner, v) if err != nil { - err = fmt.Errorf("cannot sign RRSig: %s", err) + err = fmt.Errorf("cannot create RRSig: %s", err) if try == numTries { return } @@ -96,7 +96,7 @@ func Sign(session SignSession) (ds *dns.DS, err error) { ctx.Log.Printf("[Signature %d/%d] Verifying RRSig for RRSet %s\n", i+1, len(rrSet)+1, v.String()) err = rrSig.Verify(zsk, v) if err != nil { - err = fmt.Errorf("cannot check RRSig: %s", err) + err = fmt.Errorf("RRSig does not validate: %s", err) if try == numTries { return } @@ -146,7 +146,7 @@ func Sign(session SignSession) (ds *dns.DS, err error) { ctx.Log.Printf("Signing new zone digest...") err = rrSig.Sign(keys.zskSigner, []dns.RR{ctx.zonemd}) if err != nil { - err = fmt.Errorf("cannot sign RRSig: %s", err) + err = fmt.Errorf("cannot create RRSig: %s", err) return nil, err } ctx.Log.Printf("Verifying new zone digest...")