From: Ondřej Surý Date: Wed, 17 Feb 2016 18:34:33 +0000 (+0100) Subject: Fix 'bogus proof of DS non-existence' for non-existant DS records in the cache X-Git-Tag: v1.0.0~62 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2e812c1dad147d90ebc60604c76d323e0301a15b;p=thirdparty%2Fknot-resolver.git Fix 'bogus proof of DS non-existence' for non-existant DS records in the cache --- diff --git a/lib/layer/rrcache.c b/lib/layer/rrcache.c index d254d9afc..8c33b4f84 100644 --- a/lib/layer/rrcache.c +++ b/lib/layer/rrcache.c @@ -183,8 +183,9 @@ static int commit_rr(const char *key, void *val, void *data) if (rr->type != KNOT_RRTYPE_NS || (rank & KR_RANK_AUTH)) { if (baton->qry->flags & QUERY_DNSSEC_WANT) rank |= KR_RANK_SECURE; - if (baton->qry->flags & QUERY_DNSSEC_INSECURE) - rank |= KR_RANK_INSECURE; + } + if (baton->qry->flags & QUERY_DNSSEC_INSECURE) { + rank |= KR_RANK_INSECURE; } if (KEY_COVERING_RRSIG(key)) { return commit_rrsig(baton, rank, rr);