--- /dev/null
+From 78c6184752dce27849e36cce4360abc27b8d76d2 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 16 Apr 2015 15:05:30 +0100
+Subject: [PATCH 75/78] Auth: correct replies to NS and SOA in .arpa zones.
+
+---
+ CHANGELOG | 8 ++++++++
+ src/auth.c | 51 ++++++++++++++++++++++++++++++---------------------
+ 2 files changed, 38 insertions(+), 21 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index f2142c71cbdc..0619788e9cef 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -94,6 +94,14 @@ version 2.73
+ in the auth-zone declaration. Thanks to Johnny S. Lee
+ for the bugreport and initial patch.
+
++ Fix authoritative DNS code to correctly reply to NS
++ and SOA queries for .arpa zones for which we are
++ declared authoritative by means of a subnet in auth-zone.
++ Previously we provided correct answers to PTR queries
++ in such zones (including NS and SOA) but not direct
++ NS and SOA queries. Thanks to Johnny S. Lee for
++ pointing out the problem.
++
+
+ version 2.72
+ Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
+diff --git a/src/auth.c b/src/auth.c
+index 4a5c39fc5c07..2b0b7d6b052d 100644
+--- a/src/auth.c
++++ b/src/auth.c
+@@ -131,24 +131,27 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
+ continue;
+ }
+
+- if (qtype == T_PTR)
++ if ((qtype == T_PTR || qtype == T_SOA || qtype == T_NS) &&
++ (flag = in_arpa_name_2_addr(name, &addr)) &&
++ !local_query)
+ {
+- if (!(flag = in_arpa_name_2_addr(name, &addr)))
+- continue;
+-
+- if (!local_query)
++ for (zone = daemon->auth_zones; zone; zone = zone->next)
++ if ((subnet = find_subnet(zone, flag, &addr)))
++ break;
++
++ if (!zone)
+ {
+- for (zone = daemon->auth_zones; zone; zone = zone->next)
+- if ((subnet = find_subnet(zone, flag, &addr)))
+- break;
+-
+- if (!zone)
+- {
+- auth = 0;
+- continue;
+- }
++ auth = 0;
++ continue;
+ }
++ else if (qtype == T_SOA)
++ soa = 1, found = 1;
++ else if (qtype == T_NS)
++ ns = 1, found = 1;
++ }
+
++ if (qtype == T_PTR && flag)
++ {
+ intr = NULL;
+
+ if (flag == F_IPV4)
+@@ -243,14 +246,20 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
+ }
+
+ cname_restart:
+- for (zone = daemon->auth_zones; zone; zone = zone->next)
+- if (in_zone(zone, name, &cut))
+- break;
+-
+- if (!zone)
++ if (found)
++ /* NS and SOA .arpa requests have set found above. */
++ cut = NULL;
++ else
+ {
+- auth = 0;
+- continue;
++ for (zone = daemon->auth_zones; zone; zone = zone->next)
++ if (in_zone(zone, name, &cut))
++ break;
++
++ if (!zone)
++ {
++ auth = 0;
++ continue;
++ }
+ }
+
+ for (rec = daemon->mxnames; rec; rec = rec->next)
+--
+2.1.0
+