resolved: shortcut lookups names in the local zone

Previously, we'd always generate a packet on the wire, even for names that are within our local zone. Shortcut this, and always check the local zone first. This should minimize generated traffic and improve security.
author: Lennart Poettering <lennart@poettering.net> 2015-11-18 15:33:37 +0100
committer: Lennart Poettering <lennart@poettering.net> 2015-11-18 17:07:11 +0100
commit: d746bb3eb25b73b5e8eef2295610284b3051d7b5 (patch)
tree: 13863c726961ec2f8611daa92b1b88a1b1036a86
parent: 5032b16dfe395112d72798581664992429f90d17 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c
index 6545f6cd8a..37f47c47c0 100644
--- a/src/resolve/resolved-dns-transaction.c
+++ b/src/resolve/resolved-dns-transaction.c
@@ -626,6 +626,20 @@ int dns_transaction_go(DnsTransaction *t) {
         t->cached = dns_answer_unref(t->cached);
         t->cached_rcode = 0;
 
+        /* Check the zone, but obly if this transaction is not used
+         * for probing or verifying a zone item. */
+        if (set_isempty(t->zone_items)) {
+
+                r = dns_zone_lookup(&t->scope->zone, t->key, &t->cached, NULL, NULL);
+                if (r < 0)
+                        return r;
+                if (r > 0) {
+                        t->cached_rcode = DNS_RCODE_SUCCESS;
+                        dns_transaction_complete(t, DNS_TRANSACTION_SUCCESS);
+                        return 0;
+                }
+        }
+
         /* Check the cache, but only if this transaction is not used
          * for probing or verifying a zone item. */
         if (set_isempty(t->zone_items)) {
author	Lennart Poettering <lennart@poettering.net>	2015-11-18 15:33:37 +0100
committer	Lennart Poettering <lennart@poettering.net>	2015-11-18 17:07:11 +0100
commit	d746bb3eb25b73b5e8eef2295610284b3051d7b5 (patch)
tree	13863c726961ec2f8611daa92b1b88a1b1036a86
parent	5032b16dfe395112d72798581664992429f90d17 (diff)