From 0575610fa136d5c6afe951fcbad76841230a808e Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 1 Mar 2014 18:07:57 +0000
Subject: Handle replies with no answers and no NS in validate_reply.

---
 src/dnssec.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/dnssec.c b/src/dnssec.c
index 5672ebe..6639188 100644
--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -1718,6 +1718,10 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
    
   if (neganswer && !have_answer)
     *neganswer = 1;
+
+  /* No data, therefore no sigs */
+  if (ntohs(header->ancount) + ntohs(header->nscount) == 0)
+    return STAT_NO_SIG;
   
   for (p1 = ans_start, i = 0; i < ntohs(header->ancount) + ntohs(header->nscount); i++)
     {
-- 
cgit v1.2.1