diff options
| author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2022-02-04 04:05:33 +0100 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2022-02-22 23:53:57 +0100 |
| commit | 30fa3aa1fa56d9a1a4f3a26c0bc02253d44dfa0f (patch) | |
| tree | 0f6171bfc6c8c2c34bd180a82a99e6ba111eb422 /src/resolve/resolved-dns-scope.c | |
| parent | resolve: make dns_scope_good_domain() take DnsQuery* (diff) | |
| download | systemd-30fa3aa1fa56d9a1a4f3a26c0bc02253d44dfa0f.tar.xz systemd-30fa3aa1fa56d9a1a4f3a26c0bc02253d44dfa0f.zip | |
resolve: synthesize empty domain only when A and/or AAAA key is requested
Follow-up for 3b2ac14ac45bef01cf489c3231b868936866444b (#22231).
Before this commit.
---
$ dig -t SRV '.'
; <<>> DiG 9.16.24-RH <<>> -t SRV .
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16836
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;. IN SRV
;; Query time: 1 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Feb 04 12:01:09 JST 2022
;; MSG SIZE rcvd: 28
---
After this commit.
---
$ dig -t SRV '.'
; <<>> DiG 9.16.24-RH <<>> -t SRV .
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19861
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;. IN SRV
;; AUTHORITY SECTION:
. 86394 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020302 1800 900 604800 86400
;; Query time: 20 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Feb 04 12:00:12 JST 2022
;; MSG SIZE rcvd: 103
---
Fixes #22401.
Diffstat (limited to '')
| -rw-r--r-- | src/resolve/resolved-dns-scope.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c index 69101fb5a2..16c5e0094c 100644 --- a/src/resolve/resolved-dns-scope.c +++ b/src/resolve/resolved-dns-scope.c @@ -626,10 +626,6 @@ DnsScopeMatch dns_scope_good_domain( if ((SD_RESOLVED_FLAGS_MAKE(s->protocol, s->family, false, false) & flags) == 0) return DNS_SCOPE_NO; - /* Never resolve empty name. */ - if (dns_name_is_empty(domain)) - return DNS_SCOPE_NO; - /* Never resolve any loopback hostname or IP address via DNS, LLMNR or mDNS. Instead, always rely on * synthesized RRs for these. */ if (is_localhost(domain) || @@ -652,6 +648,22 @@ DnsScopeMatch dns_scope_good_domain( DnsScopeMatch m; int n_best = -1; + if (dns_name_is_empty(domain)) { + DnsResourceKey *t; + bool found = false; + + /* Refuse empty name if only A and/or AAAA records are requested. */ + + DNS_QUESTION_FOREACH(t, question) + if (!IN_SET(t->type, DNS_TYPE_A, DNS_TYPE_AAAA)) { + found = true; + break; + } + + if (!found) + return DNS_SCOPE_NO; + } + /* Never route things to scopes that lack DNS servers */ if (!dns_scope_get_dns_server(s)) return DNS_SCOPE_NO; |