diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2014-05-29 21:00:04 +0100 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2014-05-29 21:00:04 +0100 |
commit | 91f40ccd9734db907dd7de25147995c50e564c77 (patch) | |
tree | 87bb1664a8cb6be149c237bf20dce0b6ff81eb59 | |
parent | 6eb02f881ddd9af83d697244ec35704c8dfbe9a8 (diff) |
Fix dnssec dnsdb lookup in defer_never mode
-rw-r--r-- | src/src/lookups/dnsdb.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/src/src/lookups/dnsdb.c b/src/src/lookups/dnsdb.c index 5c077fb31..02c597b16 100644 --- a/src/src/lookups/dnsdb.c +++ b/src/src/lookups/dnsdb.c @@ -358,7 +358,9 @@ while ((domain = string_nextinlist(&keystring, &sep, buffer, sizeof(buffer))) : dns_is_secure(&dnsa) ? US"yes" : US"no"; if (rc == DNS_NOMATCH || rc == DNS_NODATA) continue; - if (rc != DNS_SUCCEED) + if ( rc != DNS_SUCCEED + || dnssec_mode == DEFER && !dns_is_secure(&dnsa) + ) { if (defer_mode == DEFER) { @@ -368,11 +370,6 @@ while ((domain = string_nextinlist(&keystring, &sep, buffer, sizeof(buffer))) if (defer_mode == PASS) failrc = DEFER; /* defer only if all do */ continue; /* treat defer as fail */ } - if (dnssec_mode == DEFER && !dns_is_secure(&dnsa)) - { - failrc = DEFER; - continue; - } /* Search the returned records */ |