[ipfire-2.x.git] / src / patches / unbound-allow-setting-validator-permissive-mode-at-runtime.patch

diff --git a/validator/validator.c b/validator/validator.c
index 676dcdf..7c19f3d 100644
--- a/validator/validator.c
+++ b/validator/validator.c
@@ -113,7 +113,7 @@ val_apply_cfg(struct module_env* env, struct val_env* val_env,
 	int c;
 	val_env->bogus_ttl = (uint32_t)cfg->bogus_ttl;
 	val_env->clean_additional = cfg->val_clean_additional;
-	val_env->permissive_mode = cfg->val_permissive_mode;
+	val_env->permissive_mode = &cfg->val_permissive_mode;
 	if(!env->anchors)
 		env->anchors = anchors_create();
 	if(!env->anchors) {
@@ -170,7 +170,6 @@ val_init(struct module_env* env, int id)
 	}
 	env->modinfo[id] = (void*)val_env;
 	env->need_to_validate = 1;
-	val_env->permissive_mode = 0;
 	lock_basic_init(&val_env->bogus_lock);
 	lock_protect(&val_env->bogus_lock, &val_env->num_rrset_bogus,
 		sizeof(val_env->num_rrset_bogus));
@@ -2084,7 +2083,7 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq,
 			}
 		}
 		/* If we are in permissive mode, bogus gets indeterminate */
-		if(ve->permissive_mode)
+		if(*ve->permissive_mode)
 			vq->orig_msg->rep->security = sec_status_indeterminate;
 	}
 
diff --git a/validator/validator.h b/validator/validator.h
index 23d3072..f8464b8 100644
--- a/validator/validator.h
+++ b/validator/validator.h
@@ -104,7 +104,7 @@ struct val_env {
 	 * This allows an operator to run validation 'shadow' without
 	 * hurting responses to clients.
 	 */
-	int permissive_mode;
+	int* permissive_mode;
 
 	/**
 	 * Number of entries in the NSEC3 maximum iteration count table.
Commit	Line	Data
e432689a MT	1	diff --git a/validator/validator.c b/validator/validator.c
	2	index 676dcdf..7c19f3d 100644
	3	--- a/validator/validator.c
	4	+++ b/validator/validator.c
	5	@@ -113,7 +113,7 @@ val_apply_cfg(struct module_env* env, struct val_env* val_env,
	6	int c;
	7	val_env->bogus_ttl = (uint32_t)cfg->bogus_ttl;
	8	val_env->clean_additional = cfg->val_clean_additional;
	9	- val_env->permissive_mode = cfg->val_permissive_mode;
	10	+ val_env->permissive_mode = &cfg->val_permissive_mode;
	11	if(!env->anchors)
	12	env->anchors = anchors_create();
	13	if(!env->anchors) {
	14	@@ -170,7 +170,6 @@ val_init(struct module_env* env, int id)
	15	}
	16	env->modinfo[id] = (void*)val_env;
	17	env->need_to_validate = 1;
	18	- val_env->permissive_mode = 0;
	19	lock_basic_init(&val_env->bogus_lock);
	20	lock_protect(&val_env->bogus_lock, &val_env->num_rrset_bogus,
	21	sizeof(val_env->num_rrset_bogus));
	22	@@ -2084,7 +2083,7 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq,
	23	}
	24	}
	25	/* If we are in permissive mode, bogus gets indeterminate */
	26	- if(ve->permissive_mode)
	27	+ if(*ve->permissive_mode)
	28	vq->orig_msg->rep->security = sec_status_indeterminate;
	29	}
	30
	31	diff --git a/validator/validator.h b/validator/validator.h
	32	index 23d3072..f8464b8 100644
	33	--- a/validator/validator.h
	34	+++ b/validator/validator.h
	35	@@ -104,7 +104,7 @@ struct val_env {
	36	* This allows an operator to run validation 'shadow' without
	37	* hurting responses to clients.
	38	*/
	39	- int permissive_mode;
	40	+ int* permissive_mode;
	41
	42	/**
	43	* Number of entries in the NSEC3 maximum iteration count table.