summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-12-03 21:03:00 +0100
committerLennart Poettering <lennart@poettering.net>2015-12-03 21:17:49 +0100
commit3ba27cd339d2de53fa34c1ec7242da50a1c047b7 (patch)
treeb9d720d74653c5fe2b2f284a87c595f2350d70ab
parent2cd8727718632ed80fa3871fddf71506c548d770 (diff)
resolved: when synthesizing NODATA from cached NSEC bitmaps, honour CNAME/DNAME
When an RR type is not set in an NSEC, then the CNAME/DNAME types might still be, hence check them too. Otherwise we might end up refusing resolving of CNAME'd RRs if we cached an NSEC before.
-rw-r--r--src/resolve/resolved-dns-cache.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/src/resolve/resolved-dns-cache.c b/src/resolve/resolved-dns-cache.c
index 3abb0374b6..241187dd51 100644
--- a/src/resolve/resolved-dns-cache.c
+++ b/src/resolve/resolved-dns-cache.c
@@ -636,7 +636,9 @@ int dns_cache_lookup(DnsCache *c, DnsResourceKey *key, int *rcode, DnsAnswer **r
*ret = NULL;
*rcode = DNS_RCODE_SUCCESS;
- return !bitmap_isset(nsec->nsec.types, key->type);
+ return !bitmap_isset(nsec->nsec.types, key->type) &&
+ !bitmap_isset(nsec->nsec.types, DNS_TYPE_CNAME) &&
+ !bitmap_isset(nsec->nsec.types, DNS_TYPE_DNAME);
}
log_debug("%s cache hit for %s",