From 9581c39dcc721c812750a305ee3a1d6005935dd5 Mon Sep 17 00:00:00 2001 From: Ralph Dolmans Date: Tue, 22 Nov 2016 10:50:53 +0000 Subject: [PATCH] - QNAME minimisation uses QTYPE=A, therefore always check cache for this type in harden-below-nxdomain functionality. git-svn-id: file:///svn/unbound/trunk@3932 be551aaa-1e26-0410-a405-d3ace91eadb9 --- doc/Changelog | 2 ++ services/cache/dns.c | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/doc/Changelog b/doc/Changelog index 9c730c330..c729e97ec 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -3,6 +3,8 @@ origin consistent between local-data and access-control-tag-data. - Fix NSEC ENT wildcard check. Matching wildcard does not have to be a subdomain of the NSEC owner. + - QNAME minimisation uses QTYPE=A, therefore always check cache for + this type in harden-below-nxdomain functionality. 22 November 2016: Wouter - iana portlist update. diff --git a/services/cache/dns.c b/services/cache/dns.c index bec688d01..148b5cb87 100644 --- a/services/cache/dns.c +++ b/services/cache/dns.c @@ -798,9 +798,9 @@ dns_cache_lookup(struct module_env* env, dname_remove_label(&k.qname, &k.qname_len); h = query_info_hash(&k, flags); e = slabhash_lookup(env->msg_cache, h, &k, 0); - if(!e && k.qtype != LDNS_RR_TYPE_NS && + if(!e && k.qtype != LDNS_RR_TYPE_A && env->cfg->qname_minimisation) { - k.qtype = LDNS_RR_TYPE_NS; + k.qtype = LDNS_RR_TYPE_A; h = query_info_hash(&k, flags); e = slabhash_lookup(env->msg_cache, h, &k, 0); } @@ -820,7 +820,7 @@ dns_cache_lookup(struct module_env* env, lock_rw_unlock(&e->lock); } k.qtype = qtype; - } + } /* fill common RR types for ANY response to avoid requery */ if(qtype == LDNS_RR_TYPE_ANY) {