From bea4c76fa0e1a93c629d6f45e043c233872e3be0 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 10 Dec 2015 13:27:58 +0100
Subject: resolved: extend list of pseudo RR types

Also, explain the situation with a longer comment.
---
 src/resolve/dns-type.c | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/resolve/dns-type.c b/src/resolve/dns-type.c
index a626ecf01a..393fee0356 100644
--- a/src/resolve/dns-type.c
+++ b/src/resolve/dns-type.c
@@ -44,7 +44,22 @@ int dns_type_from_string(const char *s) {
         return sc->id;
 }
 
-/* XXX: find an authoritative list of all pseudo types? */
-bool dns_type_is_pseudo(uint16_t n) {
-        return IN_SET(n, DNS_TYPE_ANY, DNS_TYPE_AXFR, DNS_TYPE_IXFR, DNS_TYPE_OPT);
+bool dns_type_is_pseudo(uint16_t type) {
+
+        /* Checks whether the specified type is a "pseudo-type". What
+         * a "pseudo-type" precisely is, is defined only very weakly,
+         * but apparently entails all RR types that are not actually
+         * stored as RRs on the server and should hence also not be
+         * cached. We use this list primarily to validate NSEC type
+         * bitfields. */
+
+        return IN_SET(type,
+                      0, /* A Pseudo RR type, according to RFC 2931 */
+                      DNS_TYPE_ANY,
+                      DNS_TYPE_AXFR,
+                      DNS_TYPE_IXFR,
+                      DNS_TYPE_OPT,
+                      DNS_TYPE_TSIG,
+                      DNS_TYPE_TKEY
+        );
 }
-- 
cgit v1.2.3-54-g00ecf