1 From 150162bc37170a6edae9d488435e836b1e4e3a4e Mon Sep 17 00:00:00 2001
2 From: Simon Kelley <simon@thekelleys.org.uk>
3 Date: Fri, 27 Mar 2015 09:58:26 +0000
4 Subject: [PATCH 062/113] Return SERVFAIL when validation abandoned.
7 src/forward.c | 11 +++++++++--
8 1 file changed, 9 insertions(+), 2 deletions(-)
10 diff --git a/src/forward.c b/src/forward.c
11 index 7c0fa8da3fdf..985814c3aec5 100644
14 @@ -663,6 +663,7 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
15 header->ancount = htons(0);
16 header->nscount = htons(0);
17 header->arcount = htons(0);
18 + header->hb3 &= ~HB3_TC;
21 /* the bogus-nxdomain stuff, doctor and NXDOMAIN->NODATA munging can all elide
22 @@ -991,7 +992,10 @@ void reply_query(int fd, int family, time_t now)
25 if (forward->work_counter == 0)
26 - result = "ABANDONED";
28 + result = "ABANDONED";
29 + status = STAT_BOGUS;
32 result = (status == STAT_SECURE ? "SECURE" : (status == STAT_INSECURE ? "INSECURE" : "BOGUS"));
34 @@ -1938,7 +1942,10 @@ unsigned char *tcp_request(int confd, time_t now,
38 - result = "ABANDONED";
40 + result = "ABANDONED";
41 + status = STAT_BOGUS;
44 result = (status == STAT_SECURE ? "SECURE" : (status == STAT_INSECURE ? "INSECURE" : "BOGUS"));