diff options
author | Simon Kelley <simon@thekelleys.org.uk> | 2021-09-08 21:19:15 +0100 |
---|---|---|
committer | Simon Kelley <simon@thekelleys.org.uk> | 2021-09-08 21:21:22 +0100 |
commit | cac9ca38f62437c65464f58fc54342c7f294c40b (patch) | |
tree | ac7fdaf52f22d23eb5c886d6888db1b5d7dd7ff6 | |
parent | 51d56df7a3a125e117b3278cab16281c85500287 (diff) | |
download | dnsmasq-cac9ca38f62437c65464f58fc54342c7f294c40b.tar.gz |
Treat ANY queries the same as CNAME queries WRT to DNSSEC on CNAME targets.v2.86
-rw-r--r-- | src/dnssec.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/dnssec.c b/src/dnssec.c index 94ebb6f..153cac4 100644 --- a/src/dnssec.c +++ b/src/dnssec.c @@ -1893,7 +1893,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch /* Find all the targets we're looking for answers to. The zeroth array element is for the query, subsequent ones - for CNAME targets, unless the query is for a CNAME. */ + for CNAME targets, unless the query is for a CNAME or ANY. */ if (!expand_workspace(&targets, &target_sz, 0)) return STAT_BOGUS; @@ -1912,7 +1912,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch if (qtype == T_RRSIG) return STAT_INSECURE; - if (qtype != T_CNAME) + if (qtype != T_CNAME && qtype != T_ANY) for (j = ntohs(header->ancount); j != 0; j--) { if (!(p1 = skip_name(p1, header, plen, 10))) |