Remove dnsmasq patches

[ipfire-2.x.git] / src / patches / dnsmasq / 0061-Don-t-fail-DNSSEC-when-a-signed-CNAME-dangles-into-a.patch

diff --git a/src/patches/dnsmasq/0061-Don-t-fail-DNSSEC-when-a-signed-CNAME-dangles-into-a.patch b/src/patches/dnsmasq/0061-Don-t-fail-DNSSEC-when-a-signed-CNAME-dangles-into-a.patch
deleted file mode 100644 (file)
index 67bf508..0000000
--- a/src/patches/dnsmasq/0061-Don-t-fail-DNSSEC-when-a-signed-CNAME-dangles-into-a.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 8805283088d670baecb92569252c01cf754cda51 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Thu, 26 Mar 2015 21:15:43 +0000
-Subject: [PATCH 061/113] Don't fail DNSSEC when a signed CNAME dangles into an
- unsigned zone.
-
----
- src/dnssec.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/dnssec.c b/src/dnssec.c
-index ad0d6f072ba2..db5c768bd751 100644
---- a/src/dnssec.c
-+++ b/src/dnssec.c
-@@ -2032,7 +2032,8 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
-   /* NXDOMAIN or NODATA reply, prove that (name, class1, type1) can't exist */
-   /* First marshall the NSEC records, if we've not done it previously */
-   if (!nsec_type && !(nsec_type = find_nsec_records(header, plen, &nsecs, &nsec_count, qclass)))
--    return STAT_BOGUS; /* No NSECs */
-+    return STAT_NO_SIG; /* No NSECs, this is probably a dangling CNAME pointing into
-+                         an unsigned zone. Return STAT_NO_SIG to cause this to be proved. */
-    
-   /* Get name of missing answer */
-   if (!extract_name(header, plen, &qname, name, 1, 0))
--- 
-2.1.0
-