]> git.ipfire.org Git - thirdparty/pdns.git/commit
projects / thirdparty / pdns.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 524ce4f) | patch
rec: Fix gathering of denial of existence proof for wildcard-expanded names
authorRemi Gacogne <remi.gacogne@powerdns.com>
Fri, 1 Mar 2024 13:07:35 +0000 (14:07 +0100)
committerRemi Gacogne <remi.gacogne@powerdns.com>
Fri, 1 Mar 2024 14:37:05 +0000 (15:37 +0100)
commit2eb9f095fe06f77cd816135c03c7ac558e0f324d
tree68f8774a453eb645d5ab9416e5097e9a30416113tree | snapshot
parent524ce4f93e96c3f9e41f00a68ba99a71118447f6commit | diff
rec: Fix gathering of denial of existence proof for wildcard-expanded names

When the recursor is forwarding to a resolver, we accept the names composing
the CNAME chain starting at the queried name. This means we also need to gather
the denial of existence proof for CNAMEs that were expanded from a wildcard,
otherwise the response sent to the client cannot be DNSSEC-validated.
pdns/recursordist/syncres.cc diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.