rec: Avoid a CNAME loop detection issue with DNS64

When the requested qname is a CNAME to a second CNAME, the CNAME
loop detection might get incorrectly triggered because the CNAMEs
were already present in the vector of result records.

diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc
index f552d569ad938cdea441aa1c096527502870c722..d21620ae3ab8d0e4c4f4a4ee8c679b6395b02ae4 100644 (file)
--- a/pdns/pdns_recursor.cc
+++ b/pdns/pdns_recursor.cc
@@ -1272,7 +1272,16 @@ int followCNAMERecords(vector<DNSRecord>& ret, const QType& qtype)
 
 int getFakeAAAARecords(const DNSName& qname, ComboAddress prefix, vector<DNSRecord>& ret)
 {
-  int rcode = directResolve(qname, QType(QType::A), QClass::IN, ret);
+  /* we pass a separate vector of records because we will be resolving the initial qname
+     again, possibly encountering the same CNAME(s), and we don't want to trigger the CNAME
+     loop detection. */
+  vector<DNSRecord> newRecords;
+  int rcode = directResolve(qname, QType(QType::A), QClass::IN, newRecords);
+
+  ret.reserve(ret.size() + newRecords.size());
+  for (auto& record : newRecords) {
+    ret.push_back(std::move(record));
+  }
 
   // Remove double CNAME records
   std::set<DNSName> seenCNAMEs;