38 lines
1.5 KiB
Diff
38 lines
1.5 KiB
Diff
From c3a86a3ab06713e865db694a80c0c5034ab902af Mon Sep 17 00:00:00 2001
|
|
From: Michal Sekletar <msekleta@redhat.com>
|
|
Date: Wed, 20 Dec 2023 16:44:14 +0100
|
|
Subject: [PATCH] resolved: actually check authenticated flag of SOA
|
|
transaction
|
|
|
|
Fixes #25676
|
|
|
|
(cherry picked from commit 3b4cc1437b51fcc0b08da8cc3f5d1175eed25eb1)
|
|
|
|
Resolves: RHEL-6213
|
|
---
|
|
src/resolve/resolved-dns-transaction.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c
|
|
index c975215468..6f614d7493 100644
|
|
--- a/src/resolve/resolved-dns-transaction.c
|
|
+++ b/src/resolve/resolved-dns-transaction.c
|
|
@@ -2520,7 +2520,7 @@ static int dns_transaction_requires_rrsig(DnsTransaction *t, DnsResourceRecord *
|
|
if (r == 0)
|
|
continue;
|
|
|
|
- return t->answer_authenticated;
|
|
+ return dt->answer_authenticated;
|
|
}
|
|
|
|
return true;
|
|
@@ -2550,7 +2550,7 @@ static int dns_transaction_requires_rrsig(DnsTransaction *t, DnsResourceRecord *
|
|
* RR for us. This means we are not at a zone cut. In
|
|
* this case, we require authentication if the SOA
|
|
* lookup was authenticated too. */
|
|
- return t->answer_authenticated;
|
|
+ return dt->answer_authenticated;
|
|
}
|
|
|
|
return true;
|