From: Ronan Pigott <ronan@rjp.ie>
Date: Thu, 25 Jul 2024 19:48:03 +0000 (-0700)
Subject: resolved: Don't retry queries that indicate net error
X-Git-Tag: v257-rc1~815
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cd2ce31adbfa5fb4f08267a13ace3a72e7597a2f;p=thirdparty%2Fsystemd.git

resolved: Don't retry queries that indicate net error

This probably rarely helped anyway, but it also in some cases interferes
with auxiliary dnssec queries where the authoritative nameserver does
not support EDNS0/DNSSEC.

Fixes: ac6844460ca1 ("resolved: support RFC 8914 EDE error codes")
---

diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c
index 92ac0752fec..20189f1cc7e 100644
--- a/src/resolve/resolved-dns-transaction.c
+++ b/src/resolve/resolved-dns-transaction.c
@@ -1264,7 +1264,7 @@ void dns_transaction_process_reply(DnsTransaction *t, DnsPacket *p, bool encrypt
                                 }
 
                                 /* These codes probably indicate a transient error. Let's try again. */
-                                if (IN_SET(t->answer_ede_rcode, DNS_EDE_RCODE_NOT_READY, DNS_EDE_RCODE_NET_ERROR)) {
+                                if (t->answer_ede_rcode == DNS_EDE_RCODE_NOT_READY) {
                                         log_debug("Server returned error: %s (%s%s%s), retrying transaction.",
                                                   FORMAT_DNS_RCODE(DNS_PACKET_RCODE(p)),
                                                   FORMAT_DNS_EDE_RCODE(t->answer_ede_rcode),