]> git.ipfire.org Git - thirdparty/pdns.git/commit
projects / thirdparty / pdns.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4d1b3a6) | patch
rec: Fix the gathering of denial proof for wildcard-expanded answers 10194/head
authorRemi Gacogne <remi.gacogne@powerdns.com>
Tue, 1 Dec 2020 16:20:22 +0000 (17:20 +0100)
committerOtto <otto.moerbeek@open-xchange.com>
Fri, 19 Mar 2021 08:58:56 +0000 (09:58 +0100)
commit2b08df8d0cc9e73aae0c3226586aa4d81cd8daef
treed445e65a339d44d94c66cd65f552022f070982aetree
parent4d1b3a61bbfcda6b0cb61dee732dd0920e1f57d0commit | diff
rec: Fix the gathering of denial proof for wildcard-expanded answers

If somehow the RRSIG indicating that the answer is expanded from a
wildcard (label count smaller than the number of labels in the name)
went _after_ the NSEC we need, we forgot to gather that NSEC.
It might have been an issue for downstream validation (we do gather
them a second time later for our own validation) since the client
would not have received them.

(cherry picked from commit 0626e855ad5f944f8b357d729dc42e001f57820a)
pdns/recursordist/test-syncres_cc5.cc diff | blob | blame | history
pdns/syncres.cc diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.