1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-25 06:03:40 +03:00

resolve: reallocate DNS scope when DNSSEC and/or DNS-over-TLS settings are changed

Fixes #23227.
This commit is contained in:
Yu Watanabe 2022-05-08 14:50:39 +09:00 committed by Daan De Meyer
parent 81391854ec
commit 16f74783d8
2 changed files with 4 additions and 10 deletions

View File

@ -640,6 +640,7 @@ int bus_link_method_set_dns_over_tls(sd_bus_message *message, void *userdata, sd
if (l->dns_over_tls_mode != mode) {
link_set_dns_over_tls_mode(l, mode);
link_allocate_scopes(l);
(void) link_save_user(l);
@ -688,6 +689,7 @@ int bus_link_method_set_dnssec(sd_bus_message *message, void *userdata, sd_bus_e
if (l->dnssec_mode != mode) {
link_set_dnssec_mode(l, mode);
link_allocate_scopes(l);
(void) link_save_user(l);

View File

@ -390,6 +390,7 @@ void link_set_dns_over_tls_mode(Link *l, DnsOverTlsMode mode) {
#endif
l->dns_over_tls_mode = mode;
l->unicast_scope = dns_scope_free(l->unicast_scope);
}
static int link_update_dns_over_tls_mode(Link *l) {
@ -430,17 +431,8 @@ void link_set_dnssec_mode(Link *l, DnssecMode mode) {
if (l->dnssec_mode == mode)
return;
if ((l->dnssec_mode == _DNSSEC_MODE_INVALID) ||
(l->dnssec_mode == DNSSEC_NO && mode != DNSSEC_NO) ||
(l->dnssec_mode == DNSSEC_ALLOW_DOWNGRADE && mode == DNSSEC_YES)) {
/* When switching from non-DNSSEC mode to DNSSEC mode, flush the cache. Also when switching from the
* allow-downgrade mode to full DNSSEC mode, flush it too. */
if (l->unicast_scope)
dns_cache_flush(&l->unicast_scope->cache);
}
l->dnssec_mode = mode;
l->unicast_scope = dns_scope_free(l->unicast_scope);
}
static int link_update_dnssec_mode(Link *l) {