upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- Fix #596: only unset RA when NXDOMAIN is signalled.

Browse source
This commit is contained in:
W.C.A. Wijngaards 2022-01-04 13:48:29 +01:00
parent cbdc138df7
commit 95644c9309
2 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
doc/Changelog
View file

@ -4,6 +4,7 @@
signal that a domain is externally blocked to clients when it signal that a domain is externally blocked to clients when it
is blocked with NXDOMAIN by unsetting RA. is blocked with NXDOMAIN by unsetting RA.
- Fix to add test for rpz-signal-nxdomain-ra. - Fix to add test for rpz-signal-nxdomain-ra.
- Fix #596: only unset RA when NXDOMAIN is signalled.
22 December 2021: George 22 December 2021: George
- contrib/aaaa-filter-iterator.patch file renewed diff content to - contrib/aaaa-filter-iterator.patch file renewed diff content to

3
services/rpz.c
View file

@ -1927,7 +1927,8 @@ rpz_synthesize_qname_localdata(struct module_env* env, struct rpz* r,
ret = local_zones_zone_answer(z, env, qinfo, edns, repinfo, buf, temp, ret = local_zones_zone_answer(z, env, qinfo, edns, repinfo, buf, temp,
0 /* no local data used */, lzt); 0 /* no local data used */, lzt);
if(r->signal_nxdomain_ra) if(r->signal_nxdomain_ra && LDNS_RCODE_WIRE(sldns_buffer_begin(buf))
== LDNS_RCODE_NXDOMAIN)
LDNS_RA_CLR(sldns_buffer_begin(buf)); LDNS_RA_CLR(sldns_buffer_begin(buf));
if(r->log) { if(r->log) {
log_rpz_apply("qname", z->name, NULL, localzone_type_to_rpz_action(lzt), log_rpz_apply("qname", z->name, NULL, localzone_type_to_rpz_action(lzt),