upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Remove a kludge to process non-authoritative CNAME response

Browse source 
A BIND 8 server could return a non-authoritative answer when a CNAME is
followed.  This is no longer handled as a valid answer.
This commit is contained in:
Ondřej Surý 2025-03-17 16:31:14 +01:00 committed by Evan Hunt
parent 05d6542e6d
commit 0d9f58b745
1 changed files with 0 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
lib/dns/resolver.c
View file

@ -7411,15 +7411,6 @@ log_nsid(isc_buffer_t *opt, size_t nsid_len, resquery_t *query, int level,
isc_mem_put(mctx, buf, buflen);
}
static bool
iscname(dns_message_t *message, dns_name_t *name) {
isc_result_t result;
result = dns_message_findname(message, DNS_SECTION_ANSWER, name,
dns_rdatatype_cname, 0, NULL, NULL);
return result == ISC_R_SUCCESS ? true : false;
}
static bool
betterreferral(respctx_t *rctx) {
isc_result_t result;
@ -8341,20 +8332,6 @@ rctx_answer(respctx_t *rctx) {
if (result != ISC_R_SUCCESS) {
FCTXTRACE3("rctx_answer_positive (AA/fwd)", result);
}
} else if (iscname(query->rmessage, fctx->name) &&
fctx->type != dns_rdatatype_any &&
fctx->type != dns_rdatatype_cname)
{
/*
* A BIND8 server could return a non-authoritative
* answer when a CNAME is followed. We should treat
* it as a valid answer.
*/
result = rctx_answer_positive(rctx);
if (result != ISC_R_SUCCESS) {
FCTXTRACE3("rctx_answer_positive (!ANY/!CNAME)",
result);
}
} else if (fctx->type != dns_rdatatype_ns && !betterreferral(rctx)) {
result = rctx_answer_positive(rctx);
if (result != ISC_R_SUCCESS) {