- QNAME minimisation uses QTYPE=A, therefore always check cache for

  this type in harden-below-nxdomain functionality.

git-svn-id: file:///svn/unbound/trunk@3932 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/doc/Changelog b/doc/Changelog
index 9c730c3305e8da41ad94a835dd7dac780dea4664..c729e97ec850a0f95a38efd143a40d67b30f063d 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -3,6 +3,8 @@
          origin consistent between local-data and access-control-tag-data.
        - Fix NSEC ENT wildcard check. Matching wildcard does not have to be a
          subdomain of the NSEC owner.
+       - QNAME minimisation uses QTYPE=A, therefore always check cache for
+         this type in harden-below-nxdomain functionality.
 
 22 November 2016: Wouter
        - iana portlist update.

diff --git a/services/cache/dns.c b/services/cache/dns.c
index bec688d014354a9efbb35f582c8d6411cd33c305..148b5cb875ab6aaa37c6b413bdaa637affb03c9a 100644 (file)
--- a/services/cache/dns.c
+++ b/services/cache/dns.c
@@ -798,9 +798,9 @@ dns_cache_lookup(struct module_env* env,
                dname_remove_label(&k.qname, &k.qname_len);
                h = query_info_hash(&k, flags);
                e = slabhash_lookup(env->msg_cache, h, &k, 0);
-               if(!e && k.qtype != LDNS_RR_TYPE_NS &&
+               if(!e && k.qtype != LDNS_RR_TYPE_A &&
                        env->cfg->qname_minimisation) {
-                       k.qtype = LDNS_RR_TYPE_NS;
+                       k.qtype = LDNS_RR_TYPE_A;
                        h = query_info_hash(&k, flags);
                        e = slabhash_lookup(env->msg_cache, h, &k, 0);
                }
@@ -820,7 +820,7 @@ dns_cache_lookup(struct module_env* env,
                        lock_rw_unlock(&e->lock);
                }
                k.qtype = qtype;
-       }
+           }
 
        /* fill common RR types for ANY response to avoid requery */
        if(qtype == LDNS_RR_TYPE_ANY) {