Skip to content

D
Dnsmasq
Commit 795501bc authored by Simon Kelley's avatar Simon Kelley
Browse files
Options

AD bit handling when doing validation.

parent c2207688
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 7 deletions
src/forward.c
View file @ 795501bc
...@@ -461,7 +461,6 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server ...@@ -461,7 +461,6 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
char **sets = 0; char **sets = 0;
int munged = 0, is_sign; int munged = 0, is_sign;
size_t plen; size_t plen;
int squash_ad = 0;
#ifdef HAVE_IPSET #ifdef HAVE_IPSET
/* Similar algorithm to search_servers. */ /* Similar algorithm to search_servers. */
...@@ -506,19 +505,16 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server ...@@ -506,19 +505,16 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
/* RFC 4035 sect 4.6 para 3 */ /* RFC 4035 sect 4.6 para 3 */
if (!is_sign && !option_bool(OPT_DNSSEC_PROXY)) if (!is_sign && !option_bool(OPT_DNSSEC_PROXY))
squash_ad = 1; header->hb4 &= ~HB4_AD;
#ifdef HAVE_DNSSEC #ifdef HAVE_DNSSEC
if (option_bool(OPT_DNSSEC_VALID)) if (option_bool(OPT_DNSSEC_VALID))
squash_ad = no_cache; header->hb4 &= ~HB4_AD;
if (cache_secure) if (cache_secure)
header->hb4 |= HB4_AD; header->hb4 |= HB4_AD;
#endif #endif
if (squash_ad)
header->hb4 &= ~HB4_AD;
if (OPCODE(header) != QUERY || (RCODE(header) != NOERROR && RCODE(header) != NXDOMAIN)) if (OPCODE(header) != QUERY || (RCODE(header) != NOERROR && RCODE(header) != NXDOMAIN))
return n; return n;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment