If a.b.c CNAME x.a.b.c is encoutered, switch off

QM, it will lead to great recursion depth without result.

diff --git a/pdns/syncres.cc b/pdns/syncres.cc
index e9f1a2ab82a31706d54618923bc478e0ff094b50..91eefeb21776e50bdf471e46bd0df53be8ff63d4 100644 (file)
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@ -1498,6 +1498,13 @@ bool SyncRes::doCNAMECacheCheck(const DNSName &qname, const QType &qtype, vector
         throw ImmediateServFailException(msg);
       }
 
+      if (newTarget.isPartOf(qname)) {
+        // a.b.c. CNAME x.a.b.c will go to great depths with QM on
+        string msg = "got a CNAME referral (from cache) to child, switching off QM";
+        LOG(prefix<<qname<<": "<<msg<<endl);
+        setQNameMinimization(false);
+      }
+
       // Check to see if we already have seen the new target as a previous target
       if (scanForCNAMELoop(newTarget, ret)) {
         string msg = "got a CNAME referral (from cache) that causes a loop";
@@ -3700,6 +3707,11 @@ void SyncRes::handleNewTarget(const std::string& prefix, const DNSName& qname, c
     rcode = RCode::ServFail;
     return;
   }
+  if (newtarget.isPartOf(qname)) {
+    // a.b.c. CNAME x.a.b.c will go to great depths with QM on
+    LOG(prefix<<qname<<": status=got a CNAME referral to child, disabling QM"<<endl);
+    setQNameMinimization(false);
+  }
 
   if (depth > 10) {
     LOG(prefix<<qname<<": status=got a CNAME referral, but recursing too deep, returning SERVFAIL"<<endl);