| line |
true |
false |
branch |
|
140
|
3 |
9 |
if ('Zonemaster::Engine'->config->should_run('dnssec07'))
|
|
144
|
0 |
12 |
if ('Zonemaster::Engine'->config->should_run('dnssec07') and grep {$_->tag eq 'NEITHER_DNSKEY_NOR_DS';} @results) { }
|
|
154
|
3 |
9 |
if ('Zonemaster::Engine'->config->should_run('dnssec01'))
|
|
158
|
11 |
1 |
if (&none(sub {
$_->tag eq 'NO_DS';
}
, @results))
|
|
159
|
2 |
9 |
if ('Zonemaster::Engine'->config->should_run('dnssec02'))
|
|
164
|
3 |
9 |
if ('Zonemaster::Engine'->config->should_run('dnssec03'))
|
|
168
|
3 |
9 |
if ('Zonemaster::Engine'->config->should_run('dnssec04'))
|
|
172
|
3 |
9 |
if ('Zonemaster::Engine'->config->should_run('dnssec05'))
|
|
176
|
50 |
1 |
unless $_->tag eq 'DNSKEY_BUT_NOT_DS'
|
|
|
3 |
9 |
if (grep {$_->tag eq 'DNSKEY_AND_DS' unless $_->tag eq 'DNSKEY_BUT_NOT_DS';} @results) { }
|
|
177
|
2 |
1 |
if ('Zonemaster::Engine'->config->should_run('dnssec06'))
|
|
186
|
3 |
9 |
if ('Zonemaster::Engine'->config->should_run('dnssec08'))
|
|
190
|
3 |
9 |
if ('Zonemaster::Engine'->config->should_run('dnssec09'))
|
|
194
|
3 |
9 |
if ('Zonemaster::Engine'->config->should_run('dnssec10'))
|
|
198
|
3 |
9 |
if ('Zonemaster::Engine'->config->should_run('dnssec11'))
|
|
487
|
0 |
7 |
unless $zone->parent
|
|
489
|
0 |
7 |
unless $ds_p
|
|
492
|
2 |
5 |
if (@ds == 0) { }
|
|
503
|
6 |
2 |
if ($type{$ds->digtype}) { }
|
|
531
|
0 |
9 |
unless $zone->parent
|
|
535
|
0 |
9 |
unless $ds_p
|
|
538
|
2 |
7 |
if (scalar keys %ds == 0) { }
|
|
559
|
7 |
0 |
if $dnskey_p
|
|
560
|
1 |
6 |
if (scalar keys %dnskey == 0)
|
|
568
|
5 |
1 |
if (@common) { }
|
|
581
|
5 |
0 |
if (scalar keys %ds_digtype2 >= 1)
|
|
585
|
3 |
2 |
if ($ds_digtype2{$key->keytag}->verify($key)) { }
|
|
606
|
2 |
3 |
unless (grep {$_->tag eq 'DS_MATCHES_DNSKEY';} @results)
|
|
619
|
3 |
2 |
if ($ds_digtype1{$key->keytag}->verify($key)) { }
|
|
640
|
3 |
2 |
if ($found) { }
|
|
671
|
9 |
0 |
if $param_p
|
|
673
|
3 |
6 |
if (@nsec3params == 0) { }
|
|
674
|
3 |
0 |
$param_p ? :
|
|
685
|
6 |
0 |
if $dk_p
|
|
688
|
6 |
0 |
if (@dnskey) { }
|
|
691
|
1 |
5 |
if ($min_len > 2048) { }
|
|
|
1 |
4 |
elsif ($min_len > 1024) { }
|
|
708
|
4 |
2 |
if ($iter > 100) { }
|
|
|
2 |
0 |
elsif ($min_len > 0) { }
|
|
715
|
1 |
1 |
if ($min_len >= 4096 and $iter > 2500 or $min_len < 4096 and $min_len >= 2048 and $iter > 500 or $min_len < 2048 and $min_len >= 1024 and $iter > 150)
|
|
748
|
0 |
6 |
unless ($key_p)
|
|
755
|
0 |
6 |
unless ($soa_p)
|
|
772
|
0 |
17 |
if ($remaining < 0) { }
|
|
|
0 |
17 |
elsif ($remaining < $Zonemaster::Engine::Test::DNSSEC::DURATION_12_HOURS_IN_SECONDS) { }
|
|
|
3 |
14 |
elsif ($remaining > $Zonemaster::Engine::Test::DNSSEC::DURATION_180_DAYS_IN_SECONDS) { }
|
|
|
3 |
11 |
elsif ($duration > $Zonemaster::Engine::Test::DNSSEC::DURATION_180_DAYS_IN_SECONDS) { }
|
|
832
|
0 |
12 |
unless ($key_p)
|
|
839
|
4 |
21 |
if ($algo_properties{$algo}{'status'} == $Zonemaster::Engine::Test::DNSSEC::ALGO_STATUS_DEPRECATED) { }
|
|
|
4 |
17 |
elsif ($algo_properties{$algo}{'status'} == $Zonemaster::Engine::Test::DNSSEC::ALGO_STATUS_RESERVED) { }
|
|
|
4 |
13 |
elsif ($algo_properties{$algo}{'status'} == $Zonemaster::Engine::Test::DNSSEC::ALGO_STATUS_UNASSIGNED) { }
|
|
|
4 |
9 |
elsif ($algo_properties{$algo}{'status'} == $Zonemaster::Engine::Test::DNSSEC::ALGO_STATUS_PRIVATE) { }
|
|
|
9 |
0 |
elsif ($algo_properties{$algo}{'status'} == $Zonemaster::Engine::Test::DNSSEC::ALGO_STATUS_VALID) { }
|
|
888
|
9 |
0 |
if ($key->flags & 256)
|
|
889
|
4 |
5 |
$key->flags & 1 ? :
|
|
|
0 |
9 |
$key->flags & 128 ? :
|
|
920
|
1 |
21 |
unless $key_p
|
|
924
|
13 |
8 |
if (@sigs > 0 and @keys > 0) { }
|
|
|
8 |
0 |
elsif ($key_p->rcode eq 'NOERROR' and @sigs == 0 || @keys == 0) { }
|
|
953
|
0 |
11 |
unless $zone->parent
|
|
955
|
0 |
11 |
unless ($key_p)
|
|
961
|
0 |
11 |
unless ($ds_p)
|
|
966
|
3 |
8 |
if ($dnskey and not $ds) { }
|
|
|
4 |
4 |
elsif ($dnskey and $ds) { }
|
|
|
2 |
2 |
elsif (not $dnskey and $ds) { }
|
|
1011
|
0 |
8 |
unless ($key_p)
|
|
1017
|
2 |
6 |
if (@dnskeys == 0 or @sigs == 0)
|
|
1032
|
8 |
3 |
if ($sig->verify_time(\@dnskeys, \@dnskeys, $time, $msg)) { }
|
|
1042
|
0 |
3 |
if ($sig->algorithm == 12 and $msg =~ /Unknown cryptographic algorithm/u)
|
|
1056
|
5 |
1 |
if ($ok) { }
|
|
1077
|
0 |
6 |
unless ($key_p)
|
|
1083
|
0 |
6 |
unless ($soa_p)
|
|
1089
|
0 |
5 |
if (@dnskeys == 0 or @sigs == 0 or @soa == 0)
|
|
1105
|
4 |
1 |
if ($sig->verify_time(\@soa, \@dnskeys, $time, $msg)) { }
|
|
1115
|
0 |
1 |
if ($sig->algorithm == 12 and $msg =~ /Unknown cryptographic algorithm/u)
|
|
1128
|
4 |
1 |
if ($ok) { }
|
|
1149
|
0 |
9 |
unless ($key_p)
|
|
1156
|
0 |
9 |
unless ($test_p)
|
|
1160
|
0 |
9 |
if ($test_p->rcode ne 'NXDOMAIN' and $test_p->rcode ne 'NOERROR')
|
|
1172
|
3 |
6 |
if (@nsec)
|
|
1177
|
3 |
3 |
if ($nsec->covers($name))
|
|
1184
|
0 |
3 |
if (@dnskeys == 0) { }
|
|
|
3 |
0 |
elsif ($sig->verify_time([grep({name($_->name) eq name($sig->name);} @nsec)], \@dnskeys, $test_p->timestamp, $msg)) { }
|
|
1197
|
0 |
0 |
if ($sig->algorithm == 12 and $msg =~ /Unknown cryptographic algorithm/u)
|
|
1209
|
3 |
0 |
if ($ok) { }
|
|
1220
|
3 |
0 |
if ($covered) { }
|
|
1239
|
6 |
3 |
if (@nsec3)
|
|
1244
|
14 |
3 |
if ($nsec3->optout)
|
|
1247
|
6 |
11 |
if ($nsec3->covers($name))
|
|
1254
|
5 |
1 |
if ($sig->verify_time([grep({name($_->name) eq name($sig->name);} @nsec3)], \@dnskeys, $test_p->timestamp, $msg)) { }
|
|
1264
|
0 |
1 |
if ($sig->algorithm == 12 and $msg =~ /Unknown cryptographic algorithm/u)
|
|
1275
|
5 |
1 |
if ($ok) { }
|
|
1286
|
6 |
0 |
if ($covered) { }
|
|
1302
|
5 |
1 |
if ($opt_out)
|
|
1318
|
0 |
9 |
unless ($ds_p)
|
|
1323
|
0 |
9 |
unless ($dnskey_p)
|
|
1333
|
7 |
2 |
if (scalar keys %ds > 0) { }
|
|
1339
|
5 |
2 |
if ($key) { }
|
|
1340
|
5 |
0 |
if ($ds->verify($key)) { }
|
|
1341
|
5 |
0 |
if ($sig) { }
|
|
1345
|
5 |
0 |
if ($ok) { }
|
|
1349
|
0 |
0 |
if ($sig->algorithm == 12 and $msg =~ /Unknown cryptographic algorithm/u)
|
|
1372
|
5 |
4 |
if ($pass) { }
|