summaryrefslogtreecommitdiffstats
path: root/src/resolve/resolved-dns-transaction.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-12-09 19:08:45 +0100
committerLennart Poettering <lennart@poettering.net>2015-12-10 11:35:52 +0100
commit9eae2bf3189c07e30a752e38b2ad3856450f1d06 (patch)
tree2a11db410d01095204b3d1f21512928c9f0779e1 /src/resolve/resolved-dns-transaction.c
parentresolved: chase DNSKEY/DS RRs when doing look-ups with DNSSEC enabled (diff)
downloadsystemd-9eae2bf3189c07e30a752e38b2ad3856450f1d06.tar.xz
systemd-9eae2bf3189c07e30a752e38b2ad3856450f1d06.zip
resolved: don't accept doing queries for invalid RR types
Diffstat (limited to '')
-rw-r--r--src/resolve/resolved-dns-transaction.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c
index 00ecd3d11e..1dcd2c78c0 100644
--- a/src/resolve/resolved-dns-transaction.c
+++ b/src/resolve/resolved-dns-transaction.c
@@ -106,6 +106,14 @@ int dns_transaction_new(DnsTransaction **ret, DnsScope *s, DnsResourceKey *key)
assert(s);
assert(key);
+ /* Don't allow looking up invalid or pseudo RRs */
+ if (IN_SET(key->type, DNS_TYPE_OPT, 0, DNS_TYPE_TSIG, DNS_TYPE_TKEY))
+ return -EINVAL;
+
+ /* We only support the IN class */
+ if (key->class != DNS_CLASS_IN)
+ return -EOPNOTSUPP;
+
r = hashmap_ensure_allocated(&s->manager->dns_transactions, NULL);
if (r < 0)
return r;