diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-12-14 21:22:40 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-12-14 21:28:39 +0100 |
commit | 24a5b982cf5aac97488eb94dba18d71e8b2b411a (patch) | |
tree | 7d49498ef13b91f3fbb4f8b108c67a9842903f29 | |
parent | 5264131a9ab9cf0b1bd6bc217e0361536338a980 (diff) |
resolved: always consider NSEC/NSEC3 RRs as "primary"
It's not OK to drop these for our proof of non-existance checks.
-rw-r--r-- | src/resolve/resolved-dns-transaction.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c index 82b49c1440..045627340b 100644 --- a/src/resolve/resolved-dns-transaction.c +++ b/src/resolve/resolved-dns-transaction.c @@ -1288,7 +1288,10 @@ static int dns_transaction_is_primary_response(DnsTransaction *t, DnsResourceRec /* Check if the specified RR is the "primary" response, * i.e. either matches the question precisely or is a - * CNAME/DNAME for it */ + * CNAME/DNAME for it, or is any kind of NSEC/NSEC3 RR */ + + if (IN_SET(rr->key->type, DNS_TYPE_NSEC, DNS_TYPE_NSEC3)) + return 1; r = dns_resource_key_match_rr(t->key, rr, NULL); if (r != 0) |