]> git.ipfire.org Git - thirdparty/pdns.git/commitdiff
projects / thirdparty / pdns.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 916d19c)
rec: Handle direct NSEC queries 5715/head
authorRemi Gacogne <remi.gacogne@powerdns.com>
Mon, 18 Sep 2017 13:01:39 +0000 (15:01 +0200)
committerRemi Gacogne <remi.gacogne@powerdns.com>
Wed, 20 Sep 2017 15:14:12 +0000 (17:14 +0200)
pdns/syncres.cc patch | blob | blame | history

diff --git a/pdns/syncres.cc b/pdns/syncres.cc
index f6a959e93986a70cdeedcbbff51b6a74c78b197b..665c150ecab49463dd3dc016b59180a9172dfee8 100644 (file)
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@ -1935,10 +1935,6 @@ bool SyncRes::processRecords(const std::string& prefix, const DNSName& qname, co
         newtarget=content->getTarget();
       }
     }
-    else if((rec.d_type==QType::RRSIG || rec.d_type==QType::NSEC || rec.d_type==QType::NSEC3) && rec.d_place==DNSResourceRecord::ANSWER) {
-      if(rec.d_type != QType::RRSIG || rec.d_name == qname)
-        ret.push_back(rec); // enjoy your DNSSEC
-    }
     else if(needWildcardProof && (rec.d_type==QType::RRSIG || rec.d_type==QType::NSEC || rec.d_type==QType::NSEC3) && rec.d_place==DNSResourceRecord::AUTHORITY) {
       ret.push_back(rec); // enjoy your DNSSEC
     }
@@ -1954,6 +1950,10 @@ bool SyncRes::processRecords(const std::string& prefix, const DNSName& qname, co
       done=true;
       ret.push_back(rec);
     }
+    else if((rec.d_type==QType::RRSIG || rec.d_type==QType::NSEC || rec.d_type==QType::NSEC3) && rec.d_place==DNSResourceRecord::ANSWER) {
+      if(rec.d_type != QType::RRSIG || rec.d_name == qname)
+        ret.push_back(rec); // enjoy your DNSSEC
+    }
     else if(rec.d_place==DNSResourceRecord::AUTHORITY && rec.d_type==QType::NS && qname.isPartOf(rec.d_name)) {
       if(moreSpecificThan(rec.d_name,auth)) {
         newauth=rec.d_name;
Unnamed repository; edit this file 'description' to name the repository.