| From 3b4cc1437b51fcc0b08da8cc3f5d1175eed25eb1 Mon Sep 17 00:00:00 2001 |
| From: Michal Sekletar <msekleta@redhat.com> |
| Date: Wed, 20 Dec 2023 16:44:14 +0100 |
| Subject: [PATCH] resolved: actually check authenticated flag of SOA |
| transaction |
| |
| Fixes #25676 |
| --- |
| src/resolve/resolved-dns-transaction.c | 4 ++-- |
| 1 file changed, 2 insertions(+), 2 deletions(-) |
| |
| diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c |
| index 696fce532a41f..fe88e502e7c11 100644 |
| --- a/src/resolve/resolved-dns-transaction.c |
| +++ b/src/resolve/resolved-dns-transaction.c |
| @@ -2808,7 +2808,7 @@ static int dns_transaction_requires_rrsig(DnsTransaction *t, DnsResourceRecord * |
| if (r == 0) |
| continue; |
| |
| - return FLAGS_SET(t->answer_query_flags, SD_RESOLVED_AUTHENTICATED); |
| + return FLAGS_SET(dt->answer_query_flags, SD_RESOLVED_AUTHENTICATED); |
| } |
| |
| return true; |
| @@ -2835,7 +2835,7 @@ static int dns_transaction_requires_rrsig(DnsTransaction *t, DnsResourceRecord * |
| /* We found the transaction that was supposed to find the SOA RR for us. It was |
| * successful, but found no RR for us. This means we are not at a zone cut. In this |
| * case, we require authentication if the SOA lookup was authenticated too. */ |
| - return FLAGS_SET(t->answer_query_flags, SD_RESOLVED_AUTHENTICATED); |
| + return FLAGS_SET(dt->answer_query_flags, SD_RESOLVED_AUTHENTICATED); |
| } |
| |
| return true; |
