]> git.ipfire.org Git - thirdparty/pdns.git/commit
projects / thirdparty / pdns.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2717eea) | patch
rec: Fix the gathering of denial proof for wildcard-expanded answers 9793/head
authorRemi Gacogne <remi.gacogne@powerdns.com>
Tue, 1 Dec 2020 16:20:22 +0000 (17:20 +0100)
committerRemi Gacogne <remi.gacogne@powerdns.com>
Tue, 1 Dec 2020 16:20:22 +0000 (17:20 +0100)
commit0626e855ad5f944f8b357d729dc42e001f57820a
treecd6af36aa884d8beee5f1a504d39870cb0855072tree
parent2717eea26228e7bee2737bb33aff13bead260341commit | diff
rec: Fix the gathering of denial proof for wildcard-expanded answers

If somehow the RRSIG indicating that the answer is expanded from a
wildcard (label count smaller than the number of labels in the name)
went _after_ the NSEC we need, we forgot to gather that NSEC.
It might have been an issue for downstream validation (we do gather
them a second time later for our own validation) since the client
would not have received them.
pdns/recursordist/test-syncres_cc5.cc diff | blob | blame | history
pdns/syncres.cc diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.