From 648a28cc2e2052451ceec0bc58290e5a88f8f014 Mon Sep 17 00:00:00 2001
From: Shreyas Zare <shreyas@technitium.com>
Date: Tue, 29 Mar 2022 19:27:58 +0530
Subject: [PATCH] DnsServer: Updated ProcessANAMEAsync() to correctly handle NO
 DATA and error responses.

---
 DnsServerCore/Dns/DnsServer.cs | 32 +++++++++++++++++++++++++++-----
 1 file changed, 27 insertions(+), 5 deletions(-)

diff --git a/DnsServerCore/Dns/DnsServer.cs b/DnsServerCore/Dns/DnsServer.cs
index 0e601d72..fda43e2c 100644
--- a/DnsServerCore/Dns/DnsServer.cs
+++ b/DnsServerCore/Dns/DnsServer.cs
@@ -1702,8 +1702,11 @@ namespace DnsServerCore.Dns
                     }
 
                     //check new response
+                    if (newResponse.RCODE != DnsResponseCode.NoError)
+                        return null; //cannot proceed to resolve further
+
                     if (newResponse.Answer.Count == 0)
-                        return Array.Empty<DnsResourceRecord>(); //cannot proceed to resolve further
+                        return Array.Empty<DnsResourceRecord>(); //NO DATA
 
                     DnsResourceRecordType questionType = request.Question[0].Type;
                     DnsResourceRecord lastRR = newResponse.GetLastAnswerRecord();
@@ -1756,7 +1759,7 @@ namespace DnsServerCore.Dns
                 while (++queryCount < MAX_CNAME_HOPS);
 
                 //max hops limit crossed
-                return Array.Empty<DnsResourceRecord>();
+                return null;
             }
 
             List<DnsResourceRecord> responseAnswer = new List<DnsResourceRecord>();
@@ -1774,10 +1777,29 @@ namespace DnsServerCore.Dns
                 }
             }
 
-            while (resolveQueue.Count > 0)
-                responseAnswer.AddRange(await resolveQueue.Dequeue());
+            bool foundErrors = false;
 
-            return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, isRecursionAllowed, false, false, responseAnswer.Count > 0 ? DnsResponseCode.NoError : DnsResponseCode.ServerFailure, request.Question, responseAnswer, response.Authority, response.Additional) { Tag = response.Tag };
+            while (resolveQueue.Count > 0)
+            {
+                IReadOnlyList<DnsResourceRecord> records = await resolveQueue.Dequeue();
+                if (records is null)
+                    foundErrors = true;
+                else if (records.Count > 0)
+                    responseAnswer.AddRange(records);
+            }
+
+            DnsResponseCode rcode = DnsResponseCode.NoError;
+            IReadOnlyList<DnsResourceRecord> authority = null;
+
+            if (responseAnswer.Count == 0)
+            {
+                if (foundErrors)
+                    rcode = DnsResponseCode.ServerFailure;
+                else
+                    authority = response.Authority;
+            }
+
+            return new DnsDatagram(request.Identifier, true, DnsOpcode.StandardQuery, true, false, request.RecursionDesired, isRecursionAllowed, false, false, rcode, request.Question, responseAnswer, authority, null) { Tag = response.Tag };
         }
 
         private DnsDatagram ProcessBlockedQuery(DnsDatagram request)