Skip to content
Snippets Groups Projects
Select Git revision
0 results

resolved-dns-transaction.c

Blame
    • Ronan Pigott's avatar
      afdb38a3
      resolved: validate noerror response for CNAMEs · afdb38a3
      Ronan Pigott authored
      CNAME doesn't exist at the zone apex. When we get an unsigned noerror
      response to a direct query for a CNAME record, we don't yet know if this
      name is zone apex. We already request the correct DS record in this
      case, but previously skipped it at validation time, causing the answer
      to appear bogus. Make sure to also consider the DS record for the query
      name for negative replies.
      afdb38a3
      History
      resolved: validate noerror response for CNAMEs
      Ronan Pigott authored
      CNAME doesn't exist at the zone apex. When we get an unsigned noerror
      response to a direct query for a CNAME record, we don't yet know if this
      name is zone apex. We already request the correct DS record in this
      case, but previously skipped it at validation time, causing the answer
      to appear bogus. Make sure to also consider the DS record for the query
      name for negative replies.