resolve: if both A and AAAA are refused, do not resolve address when resolving service

Similarly, set NO_TXT flag if TXT is filtered.

Follow-up for 81ae2237c1792943a1ec712ae2e630bcc592175b.
Fixes https://github.com/systemd/systemd/pull/36353#issuecomment-2659558382.

diff --git a/src/resolve/resolved-dns-query.c b/src/resolve/resolved-dns-query.c
index 5698511b805dd29258a86a208dd6d8c2fa7f5f21..45223283196b63fbca94f2868c0752997dc534fa 100644 (file)
--- a/src/resolve/resolved-dns-query.c
+++ b/src/resolve/resolved-dns-query.c
@@ -1484,5 +1484,16 @@ int validate_and_mangle_query_flags(
         if (name && FLAGS_SET(ok, SD_RESOLVED_NO_SEARCH) && dns_name_dot_suffixed(name) > 0)
                 *flags |= SD_RESOLVED_NO_SEARCH;
 
+        /* If both A and AAAA are refused, set SD_RESOLVED_NO_ADDRESS flag if it is allowed. */
+        if (set_contains(manager->refuse_record_types, INT_TO_PTR(DNS_TYPE_A)) &&
+            set_contains(manager->refuse_record_types, INT_TO_PTR(DNS_TYPE_AAAA)) &&
+            FLAGS_SET(ok, SD_RESOLVED_NO_ADDRESS))
+                *flags |= SD_RESOLVED_NO_ADDRESS;
+
+        /* Similarly, if TXT is refused, set SD_RESOLVED_NO_TXT flag if it is allowed. */
+        if (set_contains(manager->refuse_record_types, INT_TO_PTR(DNS_TYPE_TXT)) &&
+            FLAGS_SET(ok, SD_RESOLVED_NO_TXT))
+                *flags |= SD_RESOLVED_NO_TXT;
+
         return 0;
 }