Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2026-04-05 03:35:33 -04:00
Code Issues Packages Projects Releases Wiki Activity

fix(dnssec): add defensive nil checks (#7997)

Browse Source
This commit is contained in:
Ville Vesilehto
2026-04-02 00:19:54 +03:00
committed by GitHub
parent 503c2d7ea3
commit 6d6c50db3a
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
plugin/dnssec/dnssec.go
View File

@@ -48,6 +48,9 @@ func (d Dnssec) Sign(state request.Request, now time.Time, server string) *dns.M
mt, _ := response.Typify(req, time.Now().UTC()) // TODO(miek): need opt record here?
if mt == response.Delegation {
if len(req.Ns) == 0 {
return req
}
// We either sign DS or NSEC of DS.
ttl := req.Ns[0].Header().Ttl
@@ -68,7 +71,7 @@ func (d Dnssec) Sign(state request.Request, now time.Time, server string) *dns.M
}
if mt == response.NameError || mt == response.NoData {
if req.Ns[0].Header().Rrtype != dns.TypeSOA || len(req.Ns) > 1 {
if len(req.Ns) != 1 || req.Ns[0].Header().Rrtype != dns.TypeSOA {
return req
}