From: Jeremy Harris Date: Thu, 29 May 2014 20:00:04 +0000 (+0100) Subject: Fix dnssec dnsdb lookup in defer_never mode X-Git-Tag: exim-4_83_RC2~10 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/91f40ccd9734db907dd7de25147995c50e564c77 Fix dnssec dnsdb lookup in defer_never mode --- diff --git a/src/src/lookups/dnsdb.c b/src/src/lookups/dnsdb.c index 5c077fb31..02c597b16 100644 --- a/src/src/lookups/dnsdb.c +++ b/src/src/lookups/dnsdb.c @@ -358,7 +358,9 @@ while ((domain = string_nextinlist(&keystring, &sep, buffer, sizeof(buffer))) : dns_is_secure(&dnsa) ? US"yes" : US"no"; if (rc == DNS_NOMATCH || rc == DNS_NODATA) continue; - if (rc != DNS_SUCCEED) + if ( rc != DNS_SUCCEED + || dnssec_mode == DEFER && !dns_is_secure(&dnsa) + ) { if (defer_mode == DEFER) { @@ -368,11 +370,6 @@ while ((domain = string_nextinlist(&keystring, &sep, buffer, sizeof(buffer))) if (defer_mode == PASS) failrc = DEFER; /* defer only if all do */ continue; /* treat defer as fail */ } - if (dnssec_mode == DEFER && !dns_is_secure(&dnsa)) - { - failrc = DEFER; - continue; - } /* Search the returned records */