Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 10:18:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Log BOGUS validation result when upstream sends SERVFAIL.

Browse Source
This commit is contained in:
Simon Kelley
2014-02-13 16:56:30 +00:00
parent dac74312da
commit e3ec15af10
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/dnssec.c
View File

@@ -1127,6 +1127,9 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
int type1, class1, rdlen1, type2, class2, rdlen2; int type1, class1, rdlen1, type2, class2, rdlen2;
int i, j, rc, have_nsec, have_nsec_equal, cname_count = 5; int i, j, rc, have_nsec, have_nsec_equal, cname_count = 5;
if (RCODE(header) == SERVFAIL)
return STAT_BOGUS;
if ((RCODE(header) != NXDOMAIN && RCODE(header) != NOERROR) || ntohs(header->qdcount) != 1) if ((RCODE(header) != NXDOMAIN && RCODE(header) != NOERROR) || ntohs(header->qdcount) != 1)
return STAT_INSECURE; return STAT_INSECURE;