Fix and extend the checks in dns_is_secure()
authorHeiko Schlittermann (HS12) <hs@schlittermann.de>
Sun, 21 Jun 2015 15:03:50 +0000 (17:03 +0200)
committerHeiko Schlittermann (HS12) <hs@schlittermann.de>
Sun, 21 Jun 2015 19:35:24 +0000 (21:35 +0200)
src/src/dns.c

index 4f84bfc..2efcbaa 100644 (file)
@@ -460,7 +460,8 @@ if (h->ad) return TRUE;
 
 if (  !h->aa
    || !dns_trust_aa
-   || !*(trusted = expand_string(dns_trust_aa))
+   || !(trusted = expand_string(dns_trust_aa))
+   || !*trusted
    || !(auth_name = dns_extract_auth_name(dnsa))
    || OK != match_isinlist(auth_name, &trusted, 0, NULL, NULL,
                            MCL_DOMAIN, TRUE, NULL)