layer/iterate: do not change delegation on qname minimization failure

Before a server could change delegation when there was an NS record
for different name in the answer section. e.g.:

```
QNAME: test.example.com
ANSWER: else.example.com NS somewhere
```

The zone cut would change to else.example.com.

diff --git a/daemon/network.h b/daemon/network.h
index a47564fbce1cec1cc83b21492f0ec70555b0e6a0..548d61a23ea13e24c157615036366c1f9571e75e 100644 (file)
--- a/daemon/network.h
+++ b/daemon/network.h
@@ -55,7 +55,6 @@ struct network {
        struct tls_session_ticket_ctx *tls_session_ticket_ctx;
        struct net_tcp_param tcp;
     int tcp_backlog;
-       struct net_tcp_param tcp;
 };
 
 void network_init(struct network *net, uv_loop_t *loop, int tcp_backlog);

diff --git a/lib/layer/iterate.c b/lib/layer/iterate.c
index 0f032957f5e07ca83f98e1a3f97b720e6e5425ee..02b17855aef9ef933cc916ddf4c1ca3de8d179a7 100644 (file)
--- a/lib/layer/iterate.c
+++ b/lib/layer/iterate.c
@@ -453,7 +453,8 @@ static int process_authority(knot_pkt_t *pkt, struct kr_request *req)
                for (unsigned i = 0; i < an->count; ++i) {
                        const knot_rrset_t *rr = knot_pkt_rr(an, i);
                        if (rr->type == KNOT_RRTYPE_NS
-                           && knot_dname_in_bailiwick(rr->owner, qry->zone_cut.name) > 0) {
+                           && knot_dname_in_bailiwick(rr->owner, qry->zone_cut.name) > 0
+                           && knot_dname_in_bailiwick(rr->owner, qry->sname) >= 0) {
                                /* NS below cut in authority indicates different authority,
                                 * but same NS set. */
                                qry->zone_cut.name = knot_dname_copy(rr->owner, &req->pool);