From: Marek Vavruša Date: Tue, 29 Sep 2015 21:07:23 +0000 (+0200) Subject: lib/validate: fixed cases when the cut wasn’t updated X-Git-Tag: v1.0.0-beta1~46 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ccac4151a34cf512b0e330c3c6b4f63b9845d8d0;p=thirdparty%2Fknot-resolver.git lib/validate: fixed cases when the cut wasn’t updated this could happen if the query contained a CNAME with AA=0, or missing mandatory DS in previous NS query --- diff --git a/lib/layer/validate.c b/lib/layer/validate.c index 9fb3f3c38..d544d79d1 100644 --- a/lib/layer/validate.c +++ b/lib/layer/validate.c @@ -349,6 +349,9 @@ static int validate(knot_layer_t *ctx, knot_pkt_t *pkt) const knot_dname_t *sig_name = first_rrsig_signer_name(pkt); if (use_signatures && key_own && sig_name && !knot_dname_is_equal(key_own, sig_name)) { DEBUG_MSG(qry, ">< cut changed, needs revalidation\n"); + if (knot_dname_is_sub(sig_name, qry->zone_cut.name)) { + qry->zone_cut.name = knot_dname_copy(sig_name, &req->pool); + } knot_wire_set_rcode(pkt->wire, KNOT_RCODE_SERVFAIL); /* Prevent caching */ qry->flags &= ~QUERY_RESOLVED; return KNOT_STATE_CONSUME;