Fix and extend the checks in dns_is_secure()

author Heiko Schlittermann (HS12) <hs@schlittermann.de>

Sun, 21 Jun 2015 15:03:50 +0000 (17:03 +0200)

committer Heiko Schlittermann (HS12) <hs@schlittermann.de>

Sun, 21 Jun 2015 19:35:24 +0000 (21:35 +0200)
author Heiko Schlittermann (HS12) <hs@schlittermann.de>
Sun, 21 Jun 2015 15:03:50 +0000 (17:03 +0200)
committer Heiko Schlittermann (HS12) <hs@schlittermann.de>
Sun, 21 Jun 2015 19:35:24 +0000 (21:35 +0200)
diff --git a/src/src/dns.c b/src/src/dns.c

index 4f84bfc4566ebae7053445d9888317c6b83328e9..2efcbaaffa24ea275b3467535e312f09c170d574 100644 (file)
--- a/src/src/dns.c
+++ b/src/src/dns.c
@@ -460,7 +460,8 @@ if (h->ad) return TRUE;
  
  if (  !h->aa
     || !dns_trust_aa
-   || !*(trusted = expand_string(dns_trust_aa))
+   || !(trusted = expand_string(dns_trust_aa))
+   || !*trusted
     || !(auth_name = dns_extract_auth_name(dnsa))
     || OK != match_isinlist(auth_name, &trusted, 0, NULL, NULL,
                             MCL_DOMAIN, TRUE, NULL)
author	Heiko Schlittermann (HS12) <hs@schlittermann.de>
	Sun, 21 Jun 2015 15:03:50 +0000 (17:03 +0200)
committer	Heiko Schlittermann (HS12) <hs@schlittermann.de>
	Sun, 21 Jun 2015 19:35:24 +0000 (21:35 +0200)