def check_signature(rrset, delegation)
if (delegation && ([Types::AAAA, Types::A].include?rrset.type))
return
end
rrset_sig_types = []
rrset.sigs.each {|sig| rrset_sig_types.push(sig.algorithm)}
@algs.each {|alg|
if !(rrset_sig_types.include?alg)
if ((rrset.type == Types::NS) && (rrset.name != @soa.name))
else
s = rrset_sig_types.join" "
@parent.log(LOG_ERR, "RRSIGS should include algorithm #{alg} for #{rrset.name}, #{rrset.type}, have :#{s}")
end
end
}
if ((rrset.type == Types::NS) && ((rrset.name != @soa.name)))
else
begin
Dnssec.verify_rrset(rrset, @parent.keys)
rescue VerifyError => e
@parent.log(LOG_ERR, "RRSet (#{rrset.name}, #{rrset.type}) failed verification : #{e}, tag = #{rrset.sigs()[0] ? rrset.sigs()[0].key_tag : 'none'}")
end
end
end