dnsmasq/backport-Fix-DNS-reply-when-asking-for-DNSSEC-and-a-validated.patch

From 1eb6cedb03cb335071fda22ee7c623b2298d3729 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 14 Nov 2020 15:29:34 +0000
Subject: [PATCH] Fix DNS reply when asking for DNSSEC and a validated CNAME is
 already cached.

Conflict:NA
Reference:https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=1eb6cedb03cb335071fda22ee7c623b2298d3729
---
 src/rfc1035.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/rfc1035.c b/src/rfc1035.c
index a8cdc6e..79af53f 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1359,6 +1359,8 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
 		}
 
 	    }
+	  else
+	    return 0; /* give up if any cached CNAME in chain can't be used for DNSSEC reasons. */
 
 	  strcpy(name, cname_target);
 	}
-- 
2.23.0
synchronize some bugfix patches from upstream community 2021-02-25 14:39:33 +08:00			`From 1eb6cedb03cb335071fda22ee7c623b2298d3729 Mon Sep 17 00:00:00 2001`
			`From: Simon Kelley <simon@thekelleys.org.uk>`
			`Date: Sat, 14 Nov 2020 15:29:34 +0000`
			`Subject: [PATCH] Fix DNS reply when asking for DNSSEC and a validated CNAME is`
			`already cached.`

			`Conflict:NA`
			`Reference:https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=1eb6cedb03cb335071fda22ee7c623b2298d3729`
			`---`
			`src/rfc1035.c \| 2 ++`
			`1 file changed, 2 insertions(+)`

			`diff --git a/src/rfc1035.c b/src/rfc1035.c`
			`index a8cdc6e..79af53f 100644`
			`--- a/src/rfc1035.c`
			`+++ b/src/rfc1035.c`
			`@@ -1359,6 +1359,8 @@ size_t answer_request(struct dns_header header, char limit, size_t qlen,`
			`}`

			`}`
			`+ else`
			`+ return 0; /* give up if any cached CNAME in chain can't be used for DNSSEC reasons. */`

			`strcpy(name, cname_target);`
			`}`
			`--`
			`2.23.0`