if no NSEC3 present, skip validation.

git-svn-id: file:///svn/unbound/trunk@611 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/validator/val_nsec3.c b/validator/val_nsec3.c
index 2ecfff67263174a8cda9177726288a0d5cf740c1..a6e444b9f3a59c7b02022840ce0df812697f0aa8 100644 (file)
--- a/validator/val_nsec3.c
+++ b/validator/val_nsec3.c
@@ -980,6 +980,8 @@ nsec3_prove_nameerror(struct module_env* env, struct val_env* ve,
                return sec_status_bogus; /* no valid NSEC3s, bogus */
        rbtree_init(&ct, &nsec3_hash_cmp); /* init names-to-hash cache */
        filter_init(&flt, list, num, qinfo); /* init RR iterator */
+       if(!flt.zone)
+               return sec_status_bogus; /* no RRs */
        if(nsec3_iteration_count_high(ve, &flt, kkey))
                return sec_status_insecure; /* iteration count too high */