From b1eea703e01da1e280e179fb119449436a0c9b8e Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Mon, 15 Mar 2021 23:26:46 +0100 Subject: [PATCH] resolved: don't flush answer RRs on CNAME redirect too early MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit When doing a CNAME/DNAME redirect let's first check if the answer we already have fully answers the redirected question already. If so, let's use that. If not, let's properly restart things. This simply removes one call to dns_answer_reset() that was placed too early: instead of resetting when we detect a CNAME/DNAME redirect, do so only after checking if the answer we already have doesn't match the reply, and then decide to *actually* follow it. Or in other words: rely on the dns_answer_reset() call in dns_query_go() which we'll call to actually begin with the redirected question. This fixes an optimization path which was broken back in 7820b320eaa608748f66f8105621640cf80e483a. (This doesn't really matter as much as one might think, since our cache stepped in anyway and answered the questions before going back to the network. However, this adds noise if RRs with very short TTLs are cached – which some CDNs do – and is of course relavant when people turn off the local cache.) --- src/resolve/resolved-dns-query.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/resolve/resolved-dns-query.c b/src/resolve/resolved-dns-query.c index aa9d65d4a82..e4386c402ac 100644 --- a/src/resolve/resolved-dns-query.c +++ b/src/resolve/resolved-dns-query.c @@ -1019,7 +1019,9 @@ static int dns_query_cname_redirect(DnsQuery *q, const DnsResourceRecord *cname) q->question_utf8 = TAKE_PTR(nq_utf8); dns_query_unref_candidates(q); - dns_query_reset_answer(q); + + /* Note that we do *not* reset the answer here, because the answer we previously got might already + * include everything we need, let's check that first */ q->state = DNS_TRANSACTION_NULL; @@ -1069,8 +1071,7 @@ int dns_query_process_cname(DnsQuery *q) { if (r < 0) return r; - /* Let's see if the answer can already answer the new - * redirected question */ + /* Let's see if the answer can already answer the new redirected question */ r = dns_query_process_cname(q); if (r != DNS_QUERY_NOMATCH) return r; -- 2.47.3