upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-25 10:59:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Set the extended DNS error code for RPZ-modified queries

Browse source 
When enabled through a configuration option, set the configured EDE code
for the modified queries.
This commit is contained in:
Aram Sargsyan 2022-08-26 14:15:16 +00:00
parent 77f12ecba7
commit 83395f4cfb
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
lib/ns/query.c
View file

@ -16,6 +16,7 @@
#include <ctype.h>
#include <inttypes.h>
#include <stdbool.h>
#include <stdint.h>
#include <string.h>
#include <isc/hex.h>
@ -7267,6 +7268,12 @@ query_checkrpz(query_ctx_t *qctx, isc_result_t result) {
UNREACHABLE();
}
if (qctx->rpz_st->m.rpz->ede != 0 &&
qctx->rpz_st->m.rpz->ede != UINT16_MAX) {
ns_client_extendederror(qctx->client,
qctx->rpz_st->m.rpz->ede, NULL);
}
/*
* Turn off DNSSEC because the results of a
* response policy zone cannot verify.