+5 January 2022: Wouter
+ - Fix for #596: fix that rpz return message is returned and not just
+ the rcode from the iterator return path. This fixes signal unset RA
+ after a CNAME.
+
4 January 2022: Wouter
- Fix #596: unset the RA bit when a query is blocked by an unbound
RPZ nxdomain reply. The option rpz-signal-nxdomain-ra allows to
struct dns_msg* forged_response = rpz_callback_from_iterator_module(qstate, iq);
if(forged_response != NULL) {
qstate->ext_state[id] = module_finished;
- qstate->return_rcode = FLAGS_GET_RCODE(forged_response->rep->flags);
+ qstate->return_rcode = LDNS_RCODE_NOERROR;
qstate->return_msg = forged_response;
iq->response = forged_response;
next_state(iq, FINISHED_STATE);
}
if(forged_response != NULL) {
qstate->ext_state[id] = module_finished;
- qstate->return_rcode = FLAGS_GET_RCODE(forged_response->rep->flags);
+ qstate->return_rcode = LDNS_RCODE_NOERROR;
qstate->return_msg = forged_response;
iq->response = forged_response;
next_state(iq, FINISHED_STATE);
projects / thirdparty / unbound.git / commitdiff
