]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fcfaff1) | patch
resolved: never store NSEC/NSEC3 RRs from the upper zone of a zone cut in cache
authorLennart Poettering <lennart@poettering.net>
Thu, 21 Jan 2016 00:24:30 +0000 (01:24 +0100)
committerLennart Poettering <lennart@poettering.net>
Mon, 25 Jan 2016 16:19:19 +0000 (17:19 +0100)
commitf6618dcd96d437f2b8abeefd32a6a6790c04d026
treeb8253c404641fc21278a69a410a8825f5e8f4274tree | snapshot
parentfcfaff123506b8c2300038934eef46892576d2d2commit | diff
resolved: never store NSEC/NSEC3 RRs from the upper zone of a zone cut in cache

When using NSEC/NSEC3 RRs from the cache to derive existance of arbitrary RRs, we should not get confused by the fact
that NSEC/NSEC3 RRs exist twice at zone cuts: once in the parent zone, and once in the child zone. For most RR types we
should only consult the latter since that's where the beef is. However, for DS lookups we have to check the former.

This change makes sure we never cache NSEC/NSEC3 RRs from any parent zone of a zone-cut. It also makes sure that when
we look for a DS RR in the cache we never consider any cached NSEC RR, as those are now always from the child zone.
src/resolve/resolved-dns-cache.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.