upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-11 09:09:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Clear serve-stale flags when following the CNAME chains

Browse source 
A stale answer or SERVFAIL could have been served in case of multiple
upstream failures when following the CNAME chains. This has been fixed.

(cherry picked from commit d46277b398)
This commit is contained in:
Ondřej Surý 2026-02-18 06:39:33 +01:00 committed by Matthijs Mekking
parent c3b320f12a
commit 6ac20d5099
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
lib/ns/query.c
View file

@ -5780,6 +5780,8 @@ root_key_sentinel_detect(query_ctx_t *qctx) {
isc_result_t
ns__query_start(query_ctx_t *qctx) {
isc_result_t result = ISC_R_UNSET;
ns_client_t *client = qctx->client;
CCTRACE(ISC_LOG_DEBUG(3), "ns__query_start");
qctx->want_restart = false;
qctx->authoritative = false;
@ -5788,6 +5790,13 @@ ns__query_start(query_ctx_t *qctx) {
qctx->need_wildcardproof = false;
qctx->rpz = false;
/*
* Clean existing stale options in case ns__query_start was restarted
* due to the CNAME/DNAME chains.
*/
client->query.dboptions &= ~(DNS_DBFIND_STALETIMEOUT |
DNS_DBFIND_STALEOK);
CALL_HOOK(NS_QUERY_START_BEGIN, qctx);
/*