Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 10:18:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

AD bit handling when doing validation.

Browse Source
This commit is contained in:
Simon Kelley
2014-01-08 18:11:55 +00:00
parent c2207688c0
commit 795501bc86
1 changed files with 3 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/forward.c
View File

@@ -461,7 +461,6 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
char **sets = 0;
int munged = 0, is_sign;
size_t plen;
int squash_ad = 0;
#ifdef HAVE_IPSET
/* Similar algorithm to search_servers. */
@@ -506,19 +505,16 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
/* RFC 4035 sect 4.6 para 3 */
if (!is_sign && !option_bool(OPT_DNSSEC_PROXY))
squash_ad = 1;
header->hb4 &= ~HB4_AD;
#ifdef HAVE_DNSSEC
if (option_bool(OPT_DNSSEC_VALID))
squash_ad = no_cache;
header->hb4 &= ~HB4_AD;
if (cache_secure)
header->hb4 |= HB4_AD;
#endif
if (squash_ad)
header->hb4 &= ~HB4_AD;
if (OPCODE(header) != QUERY || (RCODE(header) != NOERROR && RCODE(header) != NXDOMAIN))
return n;