dnsmasq: backport patch fixing DNS failover (FS#841)

Backport upstream dnsmasq patch fixing DNS failover when first servers
returns REFUSED in strict mode; fixes issue FS#841.

Signed-off-by: Hans Dedecker <[email protected]>

package/network/services/dnsmasq/patches/020-Try-other-servers-if-first-returns-REFUSED-when-stri.patch

@@ -0,0 +1,31 @@
+From 9396752c115b3ab733fa476b30da73237e12e7ba Mon Sep 17 00:00:00 2001
+From: Hans Dedecker <[email protected]>
+Date: Tue, 27 Jun 2017 22:08:47 +0100
+Subject: [PATCH] Try other servers if first returns REFUSED when
+ --strict-order active.
+
+If a DNS server replies REFUSED for a given DNS query in strict order mode
+no failover to the next DNS server is triggered as the failover logic only
+covers non strict mode.
+As a result the client will be returned the REFUSED reply without first
+falling back to the secondary DNS server(s).
+
+Make failover support work as well for strict mode config in case REFUSED is
+replied by deleting the strict order check and rely only on forwardall being
+equal to 0 which is the case in non strict mode when a single server has been
+contacted or when strict order mode has been configured.
+---
+ CHANGELOG     | 4 ++++
+ src/forward.c | 1 -
+ 2 files changed, 4 insertions(+), 1 deletion(-)
+
+--- a/src/forward.c
++++ b/src/forward.c
+@@ -790,7 +790,6 @@ void reply_query(int fd, int family, tim
+   /* Note: if we send extra options in the EDNS0 header, we can't recreate
+      the query from the reply. */
+   if (RCODE(header) == REFUSED &&
+-      !option_bool(OPT_ORDER) &&
+       forward->forwardall == 0 &&
+       !(forward->flags & FREC_HAS_EXTRADATA))
+     /* for broken servers, attempt to send to another one. */