From: Pieter Lexis <pieter.lexis@powerdns.com>
Date: Wed, 13 Mar 2019 09:59:54 +0000 (+0100)
Subject: DNAME: properly remove CNAME from auth answers
X-Git-Tag: rec-4.2.0-beta1~6^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=29ec25aa434db2d57480ac553c2dae7a09dae37d;p=thirdparty%2Fpdns.git

DNAME: properly remove CNAME from auth answers
---

diff --git a/pdns/syncres.cc b/pdns/syncres.cc
index fc8dc8d9fe..dbb2fd91e9 100644
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@ -2620,6 +2620,15 @@ bool SyncRes::processRecords(const std::string& prefix, const DNSName& qname, co
           dnameOwner = rec.d_name;
           dnameTarget = content->getTarget();
           dnameTTL = rec.d_ttl;
+          if (!newtarget.empty()) { // We had a CNAME before, remove it from ret so we don't cache it
+            ret.erase(std::remove_if(
+                  ret.begin(),
+                  ret.end(),
+                  [&qname](DNSRecord& rr) {
+                    return (rr.d_place == DNSResourceRecord::ANSWER && rr.d_type == QType::CNAME && rr.d_name == qname);
+                  }),
+                  ret.end());
+          }
           try {
             newtarget = qname.makeRelative(dnameOwner) + dnameTarget;
           } catch (const std::exception &e) {