From 29ec25aa434db2d57480ac553c2dae7a09dae37d Mon Sep 17 00:00:00 2001
From: Pieter Lexis <pieter.lexis@powerdns.com>
Date: Wed, 13 Mar 2019 10:59:54 +0100
Subject: [PATCH] DNAME: properly remove CNAME from auth answers

---
 pdns/syncres.cc | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/pdns/syncres.cc b/pdns/syncres.cc
index fc8dc8d9fe..dbb2fd91e9 100644
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@ -2620,6 +2620,15 @@ bool SyncRes::processRecords(const std::string& prefix, const DNSName& qname, co
           dnameOwner = rec.d_name;
           dnameTarget = content->getTarget();
           dnameTTL = rec.d_ttl;
+          if (!newtarget.empty()) { // We had a CNAME before, remove it from ret so we don't cache it
+            ret.erase(std::remove_if(
+                  ret.begin(),
+                  ret.end(),
+                  [&qname](DNSRecord& rr) {
+                    return (rr.d_place == DNSResourceRecord::ANSWER && rr.d_type == QType::CNAME && rr.d_name == qname);
+                  }),
+                  ret.end());
+          }
           try {
             newtarget = qname.makeRelative(dnameOwner) + dnameTarget;
           } catch (const std::exception &e) {
-- 
2.47.2