diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-12-09 19:08:45 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-12-10 11:35:52 +0100 |
commit | 9eae2bf3189c07e30a752e38b2ad3856450f1d06 (patch) | |
tree | 2a11db410d01095204b3d1f21512928c9f0779e1 /src/resolve/resolved-dns-transaction.c | |
parent | resolved: chase DNSKEY/DS RRs when doing look-ups with DNSSEC enabled (diff) | |
download | systemd-9eae2bf3189c07e30a752e38b2ad3856450f1d06.tar.xz systemd-9eae2bf3189c07e30a752e38b2ad3856450f1d06.zip |
resolved: don't accept doing queries for invalid RR types
Diffstat (limited to '')
-rw-r--r-- | src/resolve/resolved-dns-transaction.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c index 00ecd3d11e..1dcd2c78c0 100644 --- a/src/resolve/resolved-dns-transaction.c +++ b/src/resolve/resolved-dns-transaction.c @@ -106,6 +106,14 @@ int dns_transaction_new(DnsTransaction **ret, DnsScope *s, DnsResourceKey *key) assert(s); assert(key); + /* Don't allow looking up invalid or pseudo RRs */ + if (IN_SET(key->type, DNS_TYPE_OPT, 0, DNS_TYPE_TSIG, DNS_TYPE_TKEY)) + return -EINVAL; + + /* We only support the IN class */ + if (key->class != DNS_CLASS_IN) + return -EOPNOTSUPP; + r = hashmap_ensure_allocated(&s->manager->dns_transactions, NULL); if (r < 0) return r; |