]> git.ipfire.org Git - thirdparty/knot-resolver.git/commitdiff
projects / thirdparty / knot-resolver.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: de5bca6)
layer/validate: disable explicit RRSIG query if RRSIG for DS is missed
authorGrigorii Demidov <grigorii.demidov@nic.cz>
Mon, 18 Jun 2018 09:17:01 +0000 (11:17 +0200)
committerPetr Špaček <petr.spacek@nic.cz>
Mon, 25 Jun 2018 14:33:09 +0000 (16:33 +0200)
lib/layer/validate.c patch | blob | blame | history

diff --git a/lib/layer/validate.c b/lib/layer/validate.c
index c6ecf44089705da541253526c1b108ae044dd825..99d28c8dfb13bcce146ebb501e1610b579ebfaa3 100644 (file)
--- a/lib/layer/validate.c
+++ b/lib/layer/validate.c
@@ -482,6 +482,12 @@ static int rrsig_not_found(kr_layer_t *ctx, const knot_rrset_t *rr)
        struct kr_request *req = ctx->req;
        struct kr_query *qry = req->current_query;
 
+       /* Parent-side record, so don't ask for RRSIG.
+        * We won't receive it anyway. */
+       if (qry->stype == KNOT_RRTYPE_DS) {
+               return KR_STATE_FAIL;
+       }
+
        struct kr_zonecut *cut = &qry->zone_cut;
        const knot_dname_t *cut_name_start = qry->zone_cut.name;
        bool use_cut = true;
Mirror of https://gitlab.nic.cz/knot/knot-resolver.git