diff options
author | Jan Včelák <jvcelak@ns1.com> | 2021-07-08 17:55:39 +0300 |
---|---|---|
committer | Jan Včelák <jvcelak@ns1.com> | 2021-07-08 17:55:39 +0300 |
commit | 8bb6d2f067a5a1aa63a62ae0ffd4b9cbb7f9d3af (patch) | |
tree | 4e303b5b39f63d11484e91701393f1d1968e773d | |
parent | f80d13ea4da0ee34626588002139ee69f913cba3 (diff) |
fix comparing record TTL and RRSIG expiration time
-rw-r--r-- | dnsviz/analysis/status.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/dnsviz/analysis/status.py b/dnsviz/analysis/status.py index 2fd5f09..f63c5fa 100644 --- a/dnsviz/analysis/status.py +++ b/dnsviz/analysis/status.py @@ -279,7 +279,7 @@ class RRSIGStatus(object): if self.validation_status == RRSIG_STATUS_VALID: self.validation_status = RRSIG_STATUS_EXPIRED self.errors.append(Errors.ExpirationInPast(expiration=fmt.timestamp_to_datetime(self.rrsig.expiration), reference_time=fmt.timestamp_to_datetime(self.reference_ts))) - elif self.reference_ts + min_ttl >= self.rrsig.expiration: + elif self.reference_ts + min_ttl > self.rrsig.expiration: self.errors.append(Errors.TTLBeyondExpiration(expiration=fmt.timestamp_to_datetime(self.rrsig.expiration), rrsig_ttl=min_ttl, reference_time=fmt.timestamp_to_datetime(self.reference_ts))) elif self.reference_ts + CLOCK_SKEW_WARNING >= self.rrsig.expiration: self.warnings.append(Errors.ExpirationWithinClockSkew(expiration=fmt.timestamp_to_datetime(self.rrsig.expiration), reference_time=fmt.timestamp_to_datetime(self.reference_ts))) |