Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 10:18:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Tweaks to EDNS0 handling in DNS replies.

Browse Source
This commit is contained in:
Simon Kelley
2015-12-17 10:44:58 +00:00
parent 2dbba34b2c
commit dd4ad9ac7e
2 changed files with 43 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/dnssec.c
View File

@@ -2129,18 +2129,16 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
/* Empty DS without NSECS */
if (qtype == T_DS)
return STAT_BOGUS;
else
rc = zone_status(name, qclass, keyname, now);
if (rc != STAT_SECURE)
{
rc = zone_status(name, qclass, keyname, now);
if (rc != STAT_SECURE)
{
if (class)
*class = qclass; /* Class for NEED_DS or NEED_DNSKEY */
return rc;
}
return STAT_BOGUS; /* signed zone, no NSECs */
}
if (class)
*class = qclass; /* Class for NEED_DS or NEED_DNSKEY */
return rc;
}
return STAT_BOGUS; /* signed zone, no NSECs */
}
if (nsec_type == T_NSEC)