signal that a domain is externally blocked to clients when it
is blocked with NXDOMAIN by unsetting RA.
- Fix to add test for rpz-signal-nxdomain-ra.
+ - Fix #596: only unset RA when NXDOMAIN is signalled.
22 December 2021: George
- contrib/aaaa-filter-iterator.patch file renewed diff content to
ret = local_zones_zone_answer(z, env, qinfo, edns, repinfo, buf, temp,
0 /* no local data used */, lzt);
- if(r->signal_nxdomain_ra)
+ if(r->signal_nxdomain_ra && LDNS_RCODE_WIRE(sldns_buffer_begin(buf))
+ == LDNS_RCODE_NXDOMAIN)
LDNS_RA_CLR(sldns_buffer_begin(buf));
if(r->log) {
log_rpz_apply("qname", z->name, NULL, localzone_type_to_rpz_action(lzt),
projects / thirdparty / unbound.git / commitdiff
