summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/resolve/dns-type.c19
-rw-r--r--src/resolve/dns-type.h1
-rw-r--r--src/resolve/resolved-dns-cache.c6
3 files changed, 21 insertions, 5 deletions
diff --git a/src/resolve/dns-type.c b/src/resolve/dns-type.c
index cc52ef9abe..0571d65f0b 100644
--- a/src/resolve/dns-type.c
+++ b/src/resolve/dns-type.c
@@ -95,6 +95,25 @@ bool dns_class_is_valid_rr(uint16_t class) {
return class != DNS_CLASS_ANY;
}
+bool dns_type_may_redirect(uint16_t type) {
+ /* The following record types should never be redirected using
+ * CNAME/DNAME RRs. See
+ * <https://tools.ietf.org/html/rfc4035#section-2.5>. */
+
+ if (dns_type_is_pseudo(type))
+ return false;
+
+ return !IN_SET(type,
+ DNS_TYPE_CNAME,
+ DNS_TYPE_DNAME,
+ DNS_TYPE_NSEC3,
+ DNS_TYPE_NSEC,
+ DNS_TYPE_RRSIG,
+ DNS_TYPE_NXT,
+ DNS_TYPE_SIG,
+ DNS_TYPE_KEY);
+}
+
const char *dns_class_to_string(uint16_t class) {
switch (class) {
diff --git a/src/resolve/dns-type.h b/src/resolve/dns-type.h
index bea0adaa16..c3bb26a5ee 100644
--- a/src/resolve/dns-type.h
+++ b/src/resolve/dns-type.h
@@ -128,6 +128,7 @@ enum {
bool dns_type_is_pseudo(uint16_t type);
bool dns_type_is_valid_query(uint16_t type);
bool dns_type_is_valid_rr(uint16_t type);
+bool dns_type_may_redirect(uint16_t type);
bool dns_class_is_pseudo(uint16_t class);
bool dns_class_is_valid_rr(uint16_t class);
diff --git a/src/resolve/resolved-dns-cache.c b/src/resolve/resolved-dns-cache.c
index f50d780ebb..31154fbc77 100644
--- a/src/resolve/resolved-dns-cache.c
+++ b/src/resolve/resolved-dns-cache.c
@@ -672,11 +672,7 @@ static DnsCacheItem *dns_cache_get_by_key_follow_cname_dname_nsec(DnsCache *c, D
if (i && i->type == DNS_CACHE_NXDOMAIN)
return i;
- /* The following record types should never be redirected. See
- * <https://tools.ietf.org/html/rfc4035#section-2.5>. */
- if (!IN_SET(k->type, DNS_TYPE_CNAME, DNS_TYPE_DNAME,
- DNS_TYPE_NSEC3, DNS_TYPE_NSEC, DNS_TYPE_RRSIG,
- DNS_TYPE_NXT, DNS_TYPE_SIG, DNS_TYPE_KEY)) {
+ if (dns_type_may_redirect(k->type)) {
/* Check if we have a CNAME record instead */
i = hashmap_get(c->by_key, &DNS_RESOURCE_KEY_CONST(k->class, DNS_TYPE_CNAME, n));
if (i)