lib/validate: fixed cases when the cut wasn’t updated

this could happen if the query contained a CNAME with AA=0, or missing mandatory DS in previous NS query

lib/validate: fixed cases when the cut wasn’t updated
this could happen if the query contained a CNAME with AA=0, or missing mandatory DS in previous NS query
ccac4151 · Marek Vavruša · 88fd256f · ccac4151
Commit ccac4151 authored 9 years ago by Marek Vavruša
--- a/lib/layer/validate.c
+++ b/lib/layer/validate.c
@@ -349,6 +349,9 @@ static int validate(knot_layer_t *ctx, knot_pkt_t *pkt)
 	const knot_dname_t *sig_name = first_rrsig_signer_name(pkt);
 	if (use_signatures && key_own && sig_name && !knot_dname_is_equal(key_own, sig_name)) {
 		DEBUG_MSG(qry, ">< cut changed, needs revalidation\n");
+		if (knot_dname_is_sub(sig_name, qry->zone_cut.name)) {
+			qry->zone_cut.name = knot_dname_copy(sig_name, &req->pool);
+		}
 		knot_wire_set_rcode(pkt->wire, KNOT_RCODE_SERVFAIL); /* Prevent caching */
 		qry->flags &= ~QUERY_RESOLVED;
 		return KNOT_STATE_CONSUME;