From cd2ce31adbfa5fb4f08267a13ace3a72e7597a2f Mon Sep 17 00:00:00 2001
From: Ronan Pigott <ronan@rjp.ie>
Date: Thu, 25 Jul 2024 12:48:03 -0700
Subject: [PATCH] resolved: Don't retry queries that indicate net error

This probably rarely helped anyway, but it also in some cases interferes
with auxiliary dnssec queries where the authoritative nameserver does
not support EDNS0/DNSSEC.

Fixes: ac6844460ca1 ("resolved: support RFC 8914 EDE error codes")
---
 src/resolve/resolved-dns-transaction.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c
index 92ac0752fec..20189f1cc7e 100644
--- a/src/resolve/resolved-dns-transaction.c
+++ b/src/resolve/resolved-dns-transaction.c
@@ -1264,7 +1264,7 @@ void dns_transaction_process_reply(DnsTransaction *t, DnsPacket *p, bool encrypt
                                 }
 
                                 /* These codes probably indicate a transient error. Let's try again. */
-                                if (IN_SET(t->answer_ede_rcode, DNS_EDE_RCODE_NOT_READY, DNS_EDE_RCODE_NET_ERROR)) {
+                                if (t->answer_ede_rcode == DNS_EDE_RCODE_NOT_READY) {
                                         log_debug("Server returned error: %s (%s%s%s), retrying transaction.",
                                                   FORMAT_DNS_RCODE(DNS_PACKET_RCODE(p)),
                                                   FORMAT_DNS_EDE_RCODE(t->answer_ede_rcode),
-- 
2.47.3