]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4c8e1b8)
set eresult based on the type in ncache_adderesult()
authorEvan Hunt <each@isc.org>
Tue, 25 Feb 2025 22:41:41 +0000 (14:41 -0800)
committerOndřej Surý <ondrej@isc.org>
Wed, 26 Mar 2025 11:01:59 +0000 (12:01 +0100)
when the caching of a negative record failed because of the
presence of a positive one, ncache_adderesult() could override
this to ISC_R_SUCCESS. this could cause CNAME and DNAME responses
to be handled incorrectly.  ncache_adderesult() now sets the result
code correctly in such cases.

(cherry picked from commit 1edbbc32b4cca228e05cb9646ad623cf31027a95)

lib/dns/resolver.c patch | blob | blame | history

diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index 3663b5a8469a3281a9ec1b3749cf0d0af04d8abf..d67945e90656aa9a9d412af39debb4fea2dfe1e4 100644 (file)
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -6908,15 +6908,21 @@ ncache_adderesult(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node,
                        }
                } else {
                        /*
-                        * Either we don't care about the nature of the
-                        * cache rdataset (because no fetch is
-                        * interested in the outcome), or the cache
-                        * rdataset is not a negative cache entry.
-                        * Whichever case it is, we can return success.
-                        *
-                        * XXXRTH  There's a CNAME/DNAME problem here.
+                        * The attempt to add a negative cache entry
+                        * was rejected.  Set *eresultp to reflect
+                        * the type of the dataset being returned.
                         */
-                       *eresultp = ISC_R_SUCCESS;
+                       switch (ardataset->type) {
+                       case dns_rdatatype_cname:
+                               *eresultp = DNS_R_CNAME;
+                               break;
+                       case dns_rdatatype_dname:
+                               *eresultp = DNS_R_DNAME;
+                               break;
+                       default:
+                               *eresultp = ISC_R_SUCCESS;
+                               break;
+                       }
                }
                result = ISC_R_SUCCESS;
        }
Mirror of https://gitlab.isc.org/isc-projects/bind9.git