Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Handle signed dangling CNAME replies to DS queries.

Browse Source
This commit is contained in:
Simon Kelley
2015-09-09 22:51:13 +01:00
parent 20fd11e11a
commit 6de81f1250
1 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/dnssec.c
View File

@@ -1232,10 +1232,7 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
/* If we return STAT_NO_SIG, name contains the name of the DS query */
if (val == STAT_NO_SIG)
{
*keyname = 0;
return val;
}
/* If the key needed to validate the DS is on the same domain as the DS, we'll
loop getting nowhere. Stop that now. This can happen of the DS answer comes