diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-12-21 19:56:05 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-12-26 19:09:10 +0100 |
commit | d38d5ca65b3f8fd19348a7919cf1f1f07c955393 (patch) | |
tree | 1960fcaa9e4461f76f8c15cf2bea7adde3221783 | |
parent | 10b45040024da140fc2ea5761f905e745c11c982 (diff) |
resolved: never use data from failed transactions
Otherwise if we have an A lookup that failed DNSSEC validation, but an
AAAA lookup that succeeded, we might end up using the A data, but we
really should not.
-rw-r--r-- | src/resolve/resolved-dns-query.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/src/resolve/resolved-dns-query.c b/src/resolve/resolved-dns-query.c index 18d2d01bf2..610b914e74 100644 --- a/src/resolve/resolved-dns-query.c +++ b/src/resolve/resolved-dns-query.c @@ -1039,8 +1039,7 @@ static void dns_query_accept(DnsQuery *q, DnsQueryCandidate *c) { if (state == DNS_TRANSACTION_SUCCESS) continue; - dns_answer_unref(q->answer); - q->answer = dns_answer_ref(t->answer); + q->answer = dns_answer_unref(q->answer); q->answer_rcode = t->answer_rcode; q->answer_dnssec_result = t->answer_dnssec_result; |