mirror of
https://github.com/systemd/systemd.git
synced 2024-12-25 01:34:28 +03:00
resolved: refuse to cache ANY kind of pseudo-RR-type
This commit is contained in:
parent
6728a58d10
commit
c33be4a6f2
@ -51,7 +51,7 @@ bool dns_type_is_pseudo(uint16_t type) {
|
||||
* but apparently entails all RR types that are not actually
|
||||
* stored as RRs on the server and should hence also not be
|
||||
* cached. We use this list primarily to validate NSEC type
|
||||
* bitfields. */
|
||||
* bitfields, and to verify what to cache. */
|
||||
|
||||
return IN_SET(type,
|
||||
0, /* A Pseudo RR type, according to RFC 2931 */
|
||||
|
@ -302,7 +302,7 @@ static int dns_cache_put_positive(
|
||||
|
||||
if (rr->key->class == DNS_CLASS_ANY)
|
||||
return 0;
|
||||
if (rr->key->type == DNS_TYPE_ANY)
|
||||
if (dns_type_is_pseudo(rr->key->type))
|
||||
return 0;
|
||||
|
||||
/* Entry exists already? Update TTL and timestamp */
|
||||
@ -370,9 +370,9 @@ static int dns_cache_put_negative(
|
||||
|
||||
if (key->class == DNS_CLASS_ANY)
|
||||
return 0;
|
||||
if (key->type == DNS_TYPE_ANY)
|
||||
/* This is particularly important to filter out as we use this as a
|
||||
* pseudo-type for NXDOMAIN entries */
|
||||
if (dns_type_is_pseudo(key->type))
|
||||
/* ANY is particularly important to filter out as we
|
||||
* use this as a pseudo-type for NXDOMAIN entries */
|
||||
return 0;
|
||||
if (soa_ttl <= 0) {
|
||||
if (log_get_max_level() >= LOG_DEBUG) {
|
||||
|
Loading…
Reference in New Issue
Block a user