resolve: reallocate DNS scope when DNSSEC and/or DNS-over-TLS settings are changed

Fixes #23227.
2025-01-11 05:17:44 +03:00 · 2022-05-08 14:50:39 +09:00 · 2022-05-08 14:50:39 +09:00 · 16f74783d8
commit 16f74783d8
parent 81391854ec
2 changed files with 4 additions and 10 deletions
--- a/src/resolve/resolved-link-bus.c
+++ b/src/resolve/resolved-link-bus.c
@ -640,6 +640,7 @@ int bus_link_method_set_dns_over_tls(sd_bus_message *message, void *userdata, sd

        if (l->dns_over_tls_mode != mode) {
                link_set_dns_over_tls_mode(l, mode);
+                link_allocate_scopes(l);

                (void) link_save_user(l);

@ -688,6 +689,7 @@ int bus_link_method_set_dnssec(sd_bus_message *message, void *userdata, sd_bus_e

        if (l->dnssec_mode != mode) {
                link_set_dnssec_mode(l, mode);
+                link_allocate_scopes(l);

                (void) link_save_user(l);

--- a/src/resolve/resolved-link.c
+++ b/src/resolve/resolved-link.c
@ -390,6 +390,7 @@ void link_set_dns_over_tls_mode(Link *l, DnsOverTlsMode mode) {
 #endif

        l->dns_over_tls_mode = mode;
+        l->unicast_scope = dns_scope_free(l->unicast_scope);
 }

 static int link_update_dns_over_tls_mode(Link *l) {
@ -430,17 +431,8 @@ void link_set_dnssec_mode(Link *l, DnssecMode mode) {
        if (l->dnssec_mode == mode)
                return;

-        if ((l->dnssec_mode == _DNSSEC_MODE_INVALID) ||
-            (l->dnssec_mode == DNSSEC_NO && mode != DNSSEC_NO) ||
-            (l->dnssec_mode == DNSSEC_ALLOW_DOWNGRADE && mode == DNSSEC_YES)) {
-
-                /* When switching from non-DNSSEC mode to DNSSEC mode, flush the cache. Also when switching from the
-                 * allow-downgrade mode to full DNSSEC mode, flush it too. */
-                if (l->unicast_scope)
-                        dns_cache_flush(&l->unicast_scope->cache);
-        }
-
        l->dnssec_mode = mode;
+        l->unicast_scope = dns_scope_free(l->unicast_scope);
 }

 static int link_update_dnssec_mode(Link *l) {