Merge branch 'notsystemd/postmove' into notsystemd/master

# Conflicts: # src/grp-journal/systemd-journald/Makefile # src/grp-login/systemd-logind/Makefile # src/grp-machine/grp-import/systemd-export/Makefile # src/grp-machine/grp-import/systemd-import/Makefile # src/grp-machine/grp-import/systemd-pull/Makefile # src/grp-machine/systemd-machined/Makefile # src/grp-network/libnetworkd-core/Makefile # src/grp-resolve/libbasic-dns/Makefile # src/grp-resolve/systemd-resolved/Makefile # src/grp-utils/systemd-path/Makefile # src/libshared/src/Makefile # src/libsystemd-network/include/systemd-network/sd-ndisc.h # src/libsystemd/Makefile # src/libsystemd/src/test.mk # src/libudev/Makefile # src/systemd-dbus1-generator/Makefile # src/systemd-nspawn/nspawn.c Signed-off-by: Luke Shumaker <lukeshu@sbcglobal.net>
author: Luke Shumaker <lukeshu@sbcglobal.net> 2016-09-14 18:33:57 -0400
committer: Luke Shumaker <lukeshu@sbcglobal.net> 2016-09-14 18:33:57 -0400
commit: 3c72c8d3ee67388336aca58c5afa3fb93a9c24c0 (patch)
tree: d072df7fee0f5906fad88c08398b2fe887cbc064 /src/grp-resolve/systemd-resolved/resolved-dns-cache.c
parent: e51613a3291342c6006edda8783755fb8994fd75 (diff)
parent: 6ba6ca19507add38549e07058c57489a8cd98cd1 (diff)
1 files changed, 23 insertions, 9 deletions
diff --git a/src/grp-resolve/systemd-resolved/resolved-dns-cache.c b/src/grp-resolve/systemd-resolved/resolved-dns-cache.c
index 33e0582d98..690ed6f0c1 100644
--- a/src/grp-resolve/systemd-resolved/resolved-dns-cache.c
+++ b/src/grp-resolve/systemd-resolved/resolved-dns-cache.c
@@ -625,6 +625,12 @@ int dns_cache_put(
 
         dns_cache_remove_previous(c, key, answer);
 
+        /* We only care for positive replies and NXDOMAINs, on all
+         * other replies we will simply flush the respective entries,
+         * and that's it */
+        if (!IN_SET(rcode, DNS_RCODE_SUCCESS, DNS_RCODE_NXDOMAIN))
+                return 0;
+
         if (dns_answer_size(answer) <= 0) {
                 char key_str[DNS_RESOURCE_KEY_STRING_MAX];
 
@@ -633,12 +639,6 @@ int dns_cache_put(
                 return 0;
         }
 
-        /* We only care for positive replies and NXDOMAINs, on all
-         * other replies we will simply flush the respective entries,
-         * and that's it */
-        if (!IN_SET(rcode, DNS_RCODE_SUCCESS, DNS_RCODE_NXDOMAIN))
-                return 0;
-
         cache_keys = dns_answer_size(answer);
         if (key)
                 cache_keys++;
@@ -692,7 +692,7 @@ int dns_cache_put(
                 return 0;
 
         /* See https://tools.ietf.org/html/rfc2308, which say that a
-         * matching SOA record in the packet is used to to enable
+         * matching SOA record in the packet is used to enable
          * negative caching. */
         r = dns_answer_find_soa(answer, key, &soa, &flags);
         if (r < 0)
@@ -791,7 +791,7 @@ static DnsCacheItem *dns_cache_get_by_key_follow_cname_dname_nsec(DnsCache *c, D
         return NULL;
 }
 
-int dns_cache_lookup(DnsCache *c, DnsResourceKey *key, int *rcode, DnsAnswer **ret, bool *authenticated) {
+int dns_cache_lookup(DnsCache *c, DnsResourceKey *key, bool clamp_ttl, int *rcode, DnsAnswer **ret, bool *authenticated) {
         _cleanup_(dns_answer_unrefp) DnsAnswer *answer = NULL;
         char key_str[DNS_RESOURCE_KEY_STRING_MAX];
         unsigned n = 0;
@@ -799,6 +799,7 @@ int dns_cache_lookup(DnsCache *c, DnsResourceKey *key, int *rcode, DnsAnswer **r
         bool nxdomain = false;
         DnsCacheItem *j, *first, *nsec = NULL;
         bool have_authenticated = false, have_non_authenticated = false;
+        usec_t current;
 
         assert(c);
         assert(key);
@@ -893,11 +894,24 @@ int dns_cache_lookup(DnsCache *c, DnsResourceKey *key, int *rcode, DnsAnswer **r
         if (!answer)
                 return -ENOMEM;
 
+        if (clamp_ttl)
+                current = now(clock_boottime_or_monotonic());
+
         LIST_FOREACH(by_key, j, first) {
+                _cleanup_(dns_resource_record_unrefp) DnsResourceRecord *rr = NULL;
+
                 if (!j->rr)
                         continue;
 
-                r = dns_answer_add(answer, j->rr, j->ifindex, j->authenticated ? DNS_ANSWER_AUTHENTICATED : 0);
+                if (clamp_ttl) {
+                        rr = dns_resource_record_ref(j->rr);
+
+                        r = dns_resource_record_clamp_ttl(&rr, LESS_BY(j->until, current) / USEC_PER_SEC);
+                        if (r < 0)
+                                return r;
+                }
+
+                r = dns_answer_add(answer, rr ?: j->rr, j->ifindex, j->authenticated ? DNS_ANSWER_AUTHENTICATED : 0);
                 if (r < 0)
                         return r;
         }
author	Luke Shumaker <lukeshu@sbcglobal.net>	2016-09-14 18:33:57 -0400
committer	Luke Shumaker <lukeshu@sbcglobal.net>	2016-09-14 18:33:57 -0400
commit	3c72c8d3ee67388336aca58c5afa3fb93a9c24c0 (patch)
tree	d072df7fee0f5906fad88c08398b2fe887cbc064 /src/grp-resolve/systemd-resolved/resolved-dns-cache.c
parent	e51613a3291342c6006edda8783755fb8994fd75 (diff)
parent	6ba6ca19507add38549e07058c57489a8cd98cd1 (diff)