[Dnsmasq-discuss] Wildcard Domain resolving does not work with DNSSEC

[Simon Kelley]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256



On 04/01/16 17:29, Uwe Schindler wrote:
> Hi,
> 
> That is fixed already (used 2.75 from debian, no bleeding edge)! I
> tried test3 (now test4 because of spinning bug) and this one worked
> correctly. The test page also passed: http://0skar.cz/dns/en/
Good, good.

> 
> Do you have an idea, which commit may have fixed it? I found one
> (see other mail), but it talked about CNAME's which were not used
> here.

The code in that commit is now gone, the post-2.75 re-write
drastically simplifies this code, and avoids all the special-case code
that was there before.

I'm slightly puzzled that http://0skar.cz/dns/en/ failed, since there
was a campaign to fix all the bugs that showed up before, and at one
time, last year, it would pass everything. Maybe the problem this time
was the very-long expiration times on some of the signatures. That bug
has been there forever, so the records must have changed since I last
tried it.

Cheers,

Simon.




> 
> Uwe
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBCAAGBQJWiq6gAAoJEBXN2mrhkTWiRbYP/iDq6p+DSiT3yckBtG1BKcq+
iTVuBE7yD50kptiEi2pQ88MJYaLWyUcSfCkdCOwn+jv0DiZxICl8zPyCyBasgEIg
vs3JeNP+ymUixSEQ2l6poq86cFEKqSZhHT1vIwJtqMR0Ds0gaROJaC5dDOxmvR+K
FPseHNy944ljmioyMEHxKERxF3ikOaFLIGvauLbf2JYXZGKmN97nngp5WFVtv3Zg
MMsDqjoM497gpoDNiPBXfUykgj3kCRtfin8/HWXC+XzRAG9lo+C5ePgFBdV056ZO
Sebv2WhzEaAOb+aRYFazNh+Sf43da6SWSBLmkyovUqC79ahzSkS5q0H1NCv9TWek
8f16fRKw75eZheCA82VvHe+kSaGmNsCle/T/lWH7ahK3Lz8oI8u1sRFar2UBxsmW
aZPBZbol4AeMfATXjyvudZnQPe7bH7p3EZZktYp0n4/NjtB78vad9PZqHk3QoW4b
vI/dpBIbnAevlVbzbAbyS9JkUVoh1kh/bTPUwrVhdIqoy0Yl8hIGVvBpHcs0Tahj
piqQqtUQj05Y/GLMOLfViZbYhy+fCOVrzfR43kwEGpAorVjDvBqeVf8ix4JrJ9rz
ZBkUMN3NH5ghl3Qm4lTQZ4PywzM5A/DPhr7t9FIotAw1KH09BePREfm1DQyeNYkC
k7CoGW6PAFLtx/AjbRp5
=5aga
-----END PGP SIGNATURE-----