resolved: only cache answer RRs, never additional or authoritative RRs of responses

[elogind.git] / src / resolve / resolved-dns-query.c

diff --git a/src/resolve/resolved-dns-query.c b/src/resolve/resolved-dns-query.c
index 271b8fd9c901ead0538d2bd0ea385e4c0bbc9468..85702515285f1325b86b2acf1b804f10eb81ef0b 100644 (file)
--- a/src/resolve/resolved-dns-query.c
+++ b/src/resolve/resolved-dns-query.c
@@ -344,7 +344,8 @@ void dns_query_transaction_process_reply(DnsQueryTransaction *t, DnsPacket *p) {
                 return;
         }
 
-        dns_cache_put(&t->scope->cache, p->question, DNS_PACKET_RCODE(p), p->answer, 0);
+        /* According to RFC 4795, section 2.9. only the RRs from the answer section shall be cached */
+        dns_cache_put(&t->scope->cache, p->question, DNS_PACKET_RCODE(p), p->answer, DNS_PACKET_ANCOUNT(p), 0);
 
         if (DNS_PACKET_RCODE(p) == DNS_RCODE_SUCCESS)
                 dns_query_transaction_complete(t, DNS_QUERY_SUCCESS);