diff options
| author | Lennart Poettering <lennart@poettering.net> | 2016-01-14 20:12:29 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2016-01-17 20:47:46 +0100 |
| commit | b9282bc12840aff500a334836226f6b8df24926d (patch) | |
| tree | c39fcee6f4a68f984107df899639e88a718776bb /src/shared/dns-domain.h | |
| parent | 96bb76734d8e1c8520a2456901079610813eac6d (diff) | |
resolved: on negative NODATA replies, properly deal with empty non-terminals
empty non-terminals generally lack NSEC RRs, which means we can deduce their existance only from the fact that there
are other RRs that contain them in their suffix. Specifically, the NSEC proof for NODATA on ENTs works by sending the
NSEC whose next name is a suffix of the queried name to the client. Use this information properly.
Diffstat (limited to 'src/shared/dns-domain.h')
| -rw-r--r-- | src/shared/dns-domain.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/shared/dns-domain.h b/src/shared/dns-domain.h index a679d40958..5f9542ef98 100644 --- a/src/shared/dns-domain.h +++ b/src/shared/dns-domain.h @@ -106,3 +106,5 @@ int dns_name_count_labels(const char *name); int dns_name_skip(const char *a, unsigned n_labels, const char **ret); int dns_name_equal_skip(const char *a, unsigned n_labels, const char *b); + +int dns_name_common_suffix(const char *a, const char *b, const char **ret); |