shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-01-06 17:18:12 +03:00
Code

resolved: when accepted a query candidate as final answer, propagate authentication bool even on failure

Browse Source 
Let's make sure that if we accept a query candidate, then let's also
propagate the authenticated flag for it, so that we can properly report
back to the clients whether lookups failed due to non-existance that can
be proven.
This commit is contained in:
Lennart Poettering 2017-02-15 15:29:05 +01:00
parent 2b2d98c175
commit cbb1aabb99
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/resolve/resolved-dns-query.c
View File

@ -811,6 +811,7 @@ static void dns_query_accept(DnsQuery *q, DnsQueryCandidate *c) {
q->answer = dns_answer_unref(q->answer);
q->answer_rcode = 0;
q->answer_dnssec_result = _DNSSEC_RESULT_INVALID;
q->answer_authenticated = false;
q->answer_errno = c->error_code;
}
@ -847,15 +848,18 @@ static void dns_query_accept(DnsQuery *q, DnsQueryCandidate *c) {
continue;
default:
/* Any kind of failure? Store the data away,
* if there's nothing stored yet. */
/* Any kind of failure? Store the data away, if there's nothing stored yet. */
if (state == DNS_TRANSACTION_SUCCESS)
continue;
/* If there's already an authenticated negative reply stored, then prefer that over any unauthenticated one */
if (q->answer_authenticated && !t->answer_authenticated)
continue;
q->answer = dns_answer_unref(q->answer);
q->answer_rcode = t->answer_rcode;
q->answer_dnssec_result = t->answer_dnssec_result;
q->answer_authenticated = t->answer_authenticated;
q->answer_errno = t->answer_errno;
state = t->state;