diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-01-15 20:34:09 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-01-17 20:47:46 +0100 |
commit | c5b4f86178f2ea72d16a26452440e84e37778f8d (patch) | |
tree | 1451a295a3713bb67c11cfe531d00e292b512d87 | |
parent | b64513580ce627578351b76a502455e7bc62cae4 (diff) |
resolved: when restarting a DNS transaction, remove all auxiliary DNSSEC transactions
When we restart a DNS transaction, remove all connections to any auxiliary DNSSEC transactions, after all we might
acquire completely different data this time, requiring different auxiliary DNSSEC transactions.
-rw-r--r-- | src/resolve/resolved-dns-transaction.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c index 968bb1467b..ab619e1d3b 100644 --- a/src/resolve/resolved-dns-transaction.c +++ b/src/resolve/resolved-dns-transaction.c @@ -43,6 +43,17 @@ static void dns_transaction_reset_answer(DnsTransaction *t) { t->answer_nsec_ttl = (uint32_t) -1; } +static void dns_transaction_flush_dnssec_transactions(DnsTransaction *t) { + DnsTransaction *z; + + assert(t); + + while ((z = set_steal_first(t->dnssec_transactions))) { + set_remove(z->notify_transactions, t); + dns_transaction_gc(z); + } +} + static void dns_transaction_close_connection(DnsTransaction *t) { assert(t); @@ -95,10 +106,7 @@ DnsTransaction* dns_transaction_free(DnsTransaction *t) { set_remove(z->dnssec_transactions, t); set_free(t->notify_transactions); - while ((z = set_steal_first(t->dnssec_transactions))) { - set_remove(z->notify_transactions, t); - dns_transaction_gc(z); - } + dns_transaction_flush_dnssec_transactions(t); set_free(t->dnssec_transactions); dns_answer_unref(t->validated_keys); @@ -965,6 +973,7 @@ static int dns_transaction_prepare(DnsTransaction *t, usec_t ts) { t->start_usec = ts; dns_transaction_reset_answer(t); + dns_transaction_flush_dnssec_transactions(t); /* Check the trust anchor. Do so only on classic DNS, since DNSSEC does not apply otherwise. */ if (t->scope->protocol == DNS_PROTOCOL_DNS) { |