resolved: don't follow CNAMEs in the stub anymore

CNAME following was broken by 775ae35403f8f3c01b7ac13387fe8aac1759993f where we'd not properly collect RRs along the CNAME path. Good thing though is that we don't have to anymore: since we nowadays propagate all sections of the upstream replies into the cache and back to stub clients all the information should already be available anyway, and there's no need for us to collect it. Fixes: #18690
2025-03-19 22:50:17 +03:00 · 2021-02-22 21:32:13 +01:00 · 2021-02-22 21:32:13 +01:00 · 2f4d8e577c
commit 2f4d8e577c
parent dda7d0a4d6
1 changed files with 6 additions and 19 deletions
--- a/src/resolve/resolved-dns-stub.c
+++ b/src/resolve/resolved-dns-stub.c
@ -684,27 +684,13 @@ static void dns_stub_query_complete(DnsQuery *q) {
                }
        }

+        /* Note that we don't bother with following CNAMEs here. We propagate the authoritative/additional
+         * sections from the upstream answer however, hence if the upstream server collected that information
+         * already we don't have to collect it ourselves anymore. */
+
        switch (q->state) {

        case DNS_TRANSACTION_SUCCESS:
-                /* Follow CNAMEs, and accumulate answers. Except if DNSSEC is requested, then let the client do that. */
-                if (!DNS_PACKET_DO(q->request_packet)) {
-                        r = dns_query_process_cname(q);
-                        if (r == -ELOOP) { /* CNAME loop */
-                                (void) dns_stub_send_reply(q, DNS_RCODE_SERVFAIL);
-                                break;
-                        }
-                        if (r < 0) {
-                                log_debug_errno(r, "Failed to process CNAME: %m");
-                                break;
-                        }
-                        if (r == DNS_QUERY_RESTARTED)
-                                return;
-                }
-
-                (void) dns_stub_send_reply(q, q->answer_rcode);
-                break;
-
        case DNS_TRANSACTION_RCODE_FAILURE:
                (void) dns_stub_send_reply(q, q->answer_rcode);
                break;
@ -843,7 +829,8 @@ static void dns_stub_process_query(Manager *m, DnsStubListenerExtra *l, DnsStrea
                r = dns_query_new(m, &q, p->question, p->question, NULL, 0,
                                  SD_RESOLVED_PROTOCOLS_ALL|
                                  SD_RESOLVED_NO_SEARCH|
-                                  (DNS_PACKET_DO(p) ? SD_RESOLVED_NO_CNAME|SD_RESOLVED_REQUIRE_PRIMARY : 0)|
+                                  SD_RESOLVED_NO_CNAME|
+                                  (DNS_PACKET_DO(p) ? SD_RESOLVED_REQUIRE_PRIMARY : 0)|
                                  SD_RESOLVED_CLAMP_TTL);
        if (r < 0) {
                log_error_errno(r, "Failed to generate query object: %m");