From 0df1f84cc80cf9e8c5e7443a98064ce19563a192 Mon Sep 17 00:00:00 2001
From: Jason Volk <jason@zemos.net>
Date: Tue, 26 Mar 2024 12:27:05 -0700
Subject: [PATCH] set trust_negative_responses in nameserver config.

Signed-off-by: Jason Volk <jason@zemos.net>
---
 src/service/globals/resolver.rs | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/service/globals/resolver.rs b/src/service/globals/resolver.rs
index 95cf10b6..97397881 100644
--- a/src/service/globals/resolver.rs
+++ b/src/service/globals/resolver.rs
@@ -32,13 +32,20 @@ pub struct Hooked {
 
 impl Resolver {
 	pub(crate) fn new(config: &Config) -> Self {
-		let (conf, mut opts) = hickory_resolver::system_conf::read_system_conf()
+		let (sys_conf, mut opts) = hickory_resolver::system_conf::read_system_conf()
 			.map_err(|e| {
 				error!("Failed to set up hickory dns resolver with system config: {}", e);
 				Error::bad_config("Failed to set up hickory dns resolver with system config.")
 			})
 			.unwrap();
 
+		let mut conf = hickory_resolver::config::ResolverConfig::new();
+		for sys_conf in sys_conf.name_servers() {
+			let mut ns = sys_conf.clone();
+			ns.trust_negative_responses = true;
+			conf.add_name_server(ns);
+		}
+
 		opts.cache_size = config.dns_cache_entries as usize;
 		opts.negative_min_ttl = Some(Duration::from_secs(config.dns_min_ttl_nxdomain));
 		opts.negative_max_ttl = Some(Duration::from_secs(60 * 60 * 24 * 30));