From 40886dc78a86171815c70c0a0d6564d8597be421 Mon Sep 17 00:00:00 2001 From: Simon Kelley Date: Mon, 19 Feb 2024 12:22:43 +0000 Subject: [PATCH] Fix spurious "resource limit exceeded" messages. Replies from upstream with a REFUSED rcode can result in log messages stating that a resource limit has been exceeded, which is not the case. Thanks to Dominik Derigs and the Pi-hole project for spotting this. Signed-off-by: DL6ER --- src/dnsmasq/forward.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/dnsmasq/forward.c b/src/dnsmasq/forward.c index 2de082a2..2176c231 100644 --- a/src/dnsmasq/forward.c +++ b/src/dnsmasq/forward.c @@ -981,10 +981,10 @@ static void dnssec_validate(struct frec *forward, struct dns_header *header, status = dnssec_validate_reply(now, header, plen, daemon->namebuff, daemon->keyname, &forward->class, !option_bool(OPT_DNSSEC_IGN_NS) && (forward->sentto->flags & SERV_DO_DNSSEC), NULL, NULL, NULL, &orig->validate_counter); - } - if (STAT_ISEQUAL(status, STAT_ABANDONED)) - log_resource = 1; + if (STAT_ISEQUAL(status, STAT_ABANDONED)) + log_resource = 1; + } /* Can't validate, as we're missing key data. Put this answer aside, whilst we get that. */