From fa59c08f71d4974f3c22e439d83e791c6da40d9f Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Thu, 30 Aug 2001 05:12:39 +0000
Subject: [PATCH] abort transfer if SOA response is not authoritative.

---
 lib/dns/xfrin.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c
index 20039f43850..9cf81a4c1ae 100644
--- a/lib/dns/xfrin.c
+++ b/lib/dns/xfrin.c
@@ -15,7 +15,7 @@
  * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: xfrin.c,v 1.124 2001/08/08 22:54:46 gson Exp $ */
+/* $Id: xfrin.c,v 1.125 2001/08/30 05:12:39 marka Exp $ */
 
 #include <config.h>
 
@@ -1148,6 +1148,11 @@ xfrin_recv_done(isc_task_t *task, isc_event_t *ev) {
 		goto try_axfr;
 	}
 
+	if (xfr->reqtype == dns_rdatatype_soa &&
+	    (msg->flags & DNS_MESSAGEFLAG_AA) == 0) {
+		FAIL(DNS_R_NOTAUTHORITATIVE);
+	}
+
 
 	result = dns_message_checksig(msg, dns_zone_getview(xfr->zone));
 	if (result != ISC_R_SUCCESS) {
-- 
2.47.3