BUG/MEDIUM: DNS resolution response parsing broken

In some cases, parsing of the DNS response is broken and the response is
considered as invalid, despite being valid.

The current patch fixes this issue. It's a temporary solution until I
rework the response parsing to store the response buffer into a real DNS
packet structure.

src/dns.c

@@ -462,6 +462,7 @@ int dns_validate_dns_response(unsigned char *resp, unsigned char *bufend, char *
 		}
 
 		/* ptr now points to the name */
+		if ((*reader & 0xc0) != 0xc0) {
 			/* if cname is set, it means a CNAME recursion is in progress */
 			if (cname) {
 				/* check if the name can stand in response */
@@ -470,6 +471,12 @@ int dns_validate_dns_response(unsigned char *resp, unsigned char *bufend, char *
 				/* compare cname and current name */
 				if (memcmp(ptr, cname, cnamelen) != 0)
 					return DNS_RESP_CNAME_ERROR;
+
+				cname = reader;
+				cnamelen = dns_str_to_dn_label_len((const char *)cname);
+
+				/* move forward cnamelen bytes + NULL byte */
+				reader += (cnamelen + 1);
 			}
 			/* compare server hostname to current name */
 			else if (dn_name) {
@@ -479,23 +486,16 @@ int dns_validate_dns_response(unsigned char *resp, unsigned char *bufend, char *
 				if (memcmp(ptr, dn_name, dn_name_len) != 0)
 					return DNS_RESP_WRONG_NAME;
 			}
-
-		if ((*reader & 0xc0) == 0xc0) {
-			/* move forward 2 bytes for information pointer and address pointer */
-			reader += 2;
-		}
-		else {
-			if (cname) {
-				cname = reader;
-				cnamelen = dns_str_to_dn_label_len((const char *)cname);
-
-				/* move forward cnamelen bytes + NULL byte */
-				reader += (cnamelen + 1);
-			}
 			else {
 				reader += (len + 1);
 			}
 		}
+		else {
+			/* shortname in progress */
+			/* move forward 2 bytes for information pointer and address pointer */
+			reader += 2;
+		}
+
 		if (reader >= bufend)
 			return DNS_RESP_INVALID;