diff options
Diffstat (limited to 'sys-apps/systemd/files/255-dnssec.patch')
-rw-r--r-- | sys-apps/systemd/files/255-dnssec.patch | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/sys-apps/systemd/files/255-dnssec.patch b/sys-apps/systemd/files/255-dnssec.patch deleted file mode 100644 index 978c26ff15f4..000000000000 --- a/sys-apps/systemd/files/255-dnssec.patch +++ /dev/null @@ -1,29 +0,0 @@ -https://github.com/systemd/systemd/issues/32531 -https://github.com/systemd/systemd/commit/d840783db5208219c78d73b9b46ef5daae9fea0a -https://github.com/systemd/systemd-stable/commit/52c17febf14c866d9808d1804f13ac98d76e665b - -From 52c17febf14c866d9808d1804f13ac98d76e665b Mon Sep 17 00:00:00 2001 -From: Ronan Pigott <ronan@rjp.ie> -Date: Mon, 29 Apr 2024 02:17:23 -0700 -Subject: [PATCH] resolved: always progress DS queries - -If we request a DS and the resolver offers an unsigned SOA, a new -auxiliary transaction for the DS will be rejected as a loop, and we -might not make any progress toward finding the DS we need. Let's ensure -that we at least always check the parent in this case. - -Fixes: 47690634f157 ("resolved: don't request the SOA for every dns label") -(cherry picked from commit d840783db5208219c78d73b9b46ef5daae9fea0a) ---- a/src/resolve/resolved-dns-transaction.c -+++ b/src/resolve/resolved-dns-transaction.c -@@ -2545,6 +2545,10 @@ int dns_transaction_request_dnssec_keys(DnsTransaction *t) { - return r; - if (r == 0) - continue; -+ -+ /* If we were looking for the DS RR, don't request it again. */ -+ if (dns_transaction_key(t)->type == DNS_TYPE_DS) -+ continue; - } - - r = dnssec_has_rrsig(t->answer, rr->key); |