From e1f16346db02486f751c6db683fffe53c866c186 Mon Sep 17 00:00:00 2001
From: Andreas Gustafsson <source@isc.org>
Date: Fri, 12 May 2000 21:25:17 +0000
Subject: [PATCH] validator must not indicate a validation failure by returning
 ISC_R_NOTFOUND as that seriously confuses query_find().  Introduced new
 result codes DNS_R_NOVALIDSIG and DNS_R_NOVALIDNXT to use instead.

---
 lib/dns/include/dns/result.h |  4 +++-
 lib/dns/result.c             |  2 ++
 lib/dns/validator.c          | 14 ++++++++------
 3 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/lib/dns/include/dns/result.h b/lib/dns/include/dns/result.h
index 37f0f91990..9f872da784 100644
--- a/lib/dns/include/dns/result.h
+++ b/lib/dns/include/dns/result.h
@@ -93,8 +93,10 @@
 #define DNS_R_NOJOURNAL			(ISC_RESULTCLASS_DNS + 56)
 #define DNS_R_ALIAS			(ISC_RESULTCLASS_DNS + 57)
 #define DNS_R_USETCP			(ISC_RESULTCLASS_DNS + 58)
+#define DNS_R_NOVALIDSIG		(ISC_RESULTCLASS_DNS + 59)
+#define DNS_R_NOVALIDNXT		(ISC_RESULTCLASS_DNS + 60)
 
-#define DNS_R_NRESULTS			59	/* Number of results */
+#define DNS_R_NRESULTS			61	/* Number of results */
 
 /*
  * DNS wire format rcodes
diff --git a/lib/dns/result.c b/lib/dns/result.c
index b9fed54671..7cf560d075 100644
--- a/lib/dns/result.c
+++ b/lib/dns/result.c
@@ -83,6 +83,8 @@ static char *text[DNS_R_NRESULTS] = {
 	"no journal",				/* 56 */
 	"alias",				/* 57 */
 	"use TCP",				/* 58 */
+	"no valid SIG",				/* 59 */
+	"no valid NXT"				/* 60 */
 };
 
 static char *rcode_text[DNS_R_NRCODERESULTS] = {
diff --git a/lib/dns/validator.c b/lib/dns/validator.c
index 2b9701d494..b1defd1062 100644
--- a/lib/dns/validator.c
+++ b/lib/dns/validator.c
@@ -724,9 +724,10 @@ validate(dns_validator_t *val, isc_boolean_t resume) {
 				      "verify failure: %s",
 				      dns_result_totext(result));
 	}
-	if (result == ISC_R_NOMORE)
-		result = ISC_R_NOTFOUND;
-	return (result);
+	INSIST(result == ISC_R_NOMORE);
+
+	validator_log(val, ISC_LOG_INFO, "no valid signature found");
+	return (DNS_R_NOVALIDSIG);
 }
 
 
@@ -865,9 +866,10 @@ nxtvalidate(dns_validator_t *val, isc_boolean_t resume) {
 
 		return (ISC_R_SUCCESS);
 	}
-	validator_log(val, ISC_LOG_DEBUG(3),
-		      "no relevant NXT found");
-	return (result);
+	INSIST(result == ISC_R_NOMORE);
+	
+	validator_log(val, ISC_LOG_DEBUG(3), "no relevant NXT found");
+	return (DNS_R_NOVALIDNXT);
 }
 
 static inline isc_result_t