resolved: honour SD_RESOLVED_NO_CNAME flag when processing cache

Fixes: #33300
Replaces: #35102
(cherry picked from commit 959d7f1759d67994e3bed7b9d2f23e063475a872)
(cherry picked from commit 8f1b7ec9edd4ce7d5ced86d29e659fda95dd95f3)

diff --git a/src/resolve/resolved-dns-cache.c b/src/resolve/resolved-dns-cache.c
index 90619085c46bc30c4f10010783ed38e8a6698157..b1ab1fd2a491967b0a66d0bc7ff5083e7b49d8ce 100644 (file)
--- a/src/resolve/resolved-dns-cache.c
+++ b/src/resolve/resolved-dns-cache.c
@@ -910,7 +910,11 @@ fail:
         return r;
 }
 
-static DnsCacheItem *dns_cache_get_by_key_follow_cname_dname_nsec(DnsCache *c, DnsResourceKey *k) {
+static DnsCacheItem *dns_cache_get_by_key_follow_cname_dname_nsec(
+                DnsCache *c,
+                DnsResourceKey *k,
+                uint64_t query_flags) {
+
         DnsCacheItem *i;
         const char *n;
         int r;
@@ -933,7 +937,7 @@ static DnsCacheItem *dns_cache_get_by_key_follow_cname_dname_nsec(DnsCache *c, D
         if (i && i->type == DNS_CACHE_NXDOMAIN)
                 return i;
 
-        if (dns_type_may_redirect(k->type)) {
+        if (dns_type_may_redirect(k->type) && !FLAGS_SET(query_flags, SD_RESOLVED_NO_CNAME)) {
                 /* Check if we have a CNAME record instead */
                 i = hashmap_get(c->by_key, &DNS_RESOURCE_KEY_CONST(k->class, DNS_TYPE_CNAME, n));
                 if (i && i->type != DNS_CACHE_NODATA)
@@ -1053,7 +1057,7 @@ int dns_cache_lookup(
                 goto miss;
         }
 
-        first = dns_cache_get_by_key_follow_cname_dname_nsec(c, key);
+        first = dns_cache_get_by_key_follow_cname_dname_nsec(c, key, query_flags);
         if (!first) {
                 /* If one question cannot be answered we need to refresh */