[exim-cvs] Fix dnssec dnsdb lookup in defer_never mode

Top Page
Delete this message
Reply to this message
Author: Exim Git Commits Mailing List
Date:  
To: exim-cvs
Subject: [exim-cvs] Fix dnssec dnsdb lookup in defer_never mode
Gitweb: http://git.exim.org/exim.git/commitdiff/91f40ccd9734db907dd7de25147995c50e564c77
Commit:     91f40ccd9734db907dd7de25147995c50e564c77
Parent:     6eb02f881ddd9af83d697244ec35704c8dfbe9a8
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Thu May 29 21:00:04 2014 +0100
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Thu May 29 21:00:04 2014 +0100


    Fix dnssec dnsdb lookup in defer_never mode
---
 src/src/lookups/dnsdb.c |    9 +++------
 1 files changed, 3 insertions(+), 6 deletions(-)


diff --git a/src/src/lookups/dnsdb.c b/src/src/lookups/dnsdb.c
index 5c077fb..02c597b 100644
--- a/src/src/lookups/dnsdb.c
+++ b/src/src/lookups/dnsdb.c
@@ -358,7 +358,9 @@ while ((domain = string_nextinlist(&keystring, &sep, buffer, sizeof(buffer)))
       : dns_is_secure(&dnsa) ? US"yes" : US"no";


     if (rc == DNS_NOMATCH || rc == DNS_NODATA) continue;
-    if (rc != DNS_SUCCEED)
+    if (  rc != DNS_SUCCEED
+       || dnssec_mode == DEFER && !dns_is_secure(&dnsa)
+       )
       {
       if (defer_mode == DEFER)
     {
@@ -368,11 +370,6 @@ while ((domain = string_nextinlist(&keystring, &sep, buffer, sizeof(buffer)))
       if (defer_mode == PASS) failrc = DEFER;         /* defer only if all do */
       continue;                                       /* treat defer as fail */
       }
-    if (dnssec_mode == DEFER && !dns_is_secure(&dnsa))
-      {
-      failrc = DEFER;
-      continue;
-      }



     /* Search the returned records */