src/patches/dnsmasq/0062-Return-SERVFAIL-when-validation-abandoned.patch

   1 From 150162bc37170a6edae9d488435e836b1e4e3a4e Mon Sep 17 00:00:00 2001
   2 From: Simon Kelley <simon@thekelleys.org.uk>
   3 Date: Fri, 27 Mar 2015 09:58:26 +0000
   4 Subject: [PATCH 62/71] Return SERVFAIL when validation abandoned.
   5
   6 ---
   7  src/forward.c | 11 +++++++++--
   8  1 file changed, 9 insertions(+), 2 deletions(-)
   9
  10 diff --git a/src/forward.c b/src/forward.c
  11 index 7c0fa8da3fdf..985814c3aec5 100644
  12 --- a/src/forward.c
  13 +++ b/src/forward.c
  14 @@ -663,6 +663,7 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
  15        header->ancount = htons(0);
  16        header->nscount = htons(0);
  17        header->arcount = htons(0);
  18 +      header->hb3 &= ~HB3_TC;
  19      }
  20
  21    /* the bogus-nxdomain stuff, doctor and NXDOMAIN->NODATA munging can all elide
  22 @@ -991,7 +992,10 @@ void reply_query(int fd, int family, time_t now)
  23               char *result;
  24
  25               if (forward->work_counter == 0)
  26 -               result = "ABANDONED";
  27 +               {
  28 +                 result = "ABANDONED";
  29 +                 status = STAT_BOGUS;
  30 +               }
  31               else
  32                 result = (status == STAT_SECURE ? "SECURE" : (status == STAT_INSECURE ? "INSECURE" : "BOGUS"));
  33
  34 @@ -1938,7 +1942,10 @@ unsigned char *tcp_request(int confd, time_t now,
  35                           char *result;
  36
  37                           if (keycount == 0)
  38 -                           result = "ABANDONED";
  39 +                           {
  40 +                             result = "ABANDONED";
  41 +                             status = STAT_BOGUS;
  42 +                           }
  43                           else
  44                             result = (status == STAT_SECURE ? "SECURE" : (status == STAT_INSECURE ? "INSECURE" : "BOGUS"));
  45
  46 --
  47 2.1.0
  48