diff --git a/CHANGES b/CHANGES index a8131cc313..c03bdf9116 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,7 @@ +2221. [bug] Set the event result code to reflect the actual + record content when a cache update is rejected + due to a more credible answer existing. [RT #17017] + 2220. [bug] win32: Address a race condition in final shutdown of the Windows socket code. [RT #17028] diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 330b9f78e6..72b8b08dd9 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: resolver.c,v 1.349 2007/06/18 23:47:41 tbox Exp $ */ +/* $Id: resolver.c,v 1.350 2007/08/28 01:37:18 marka Exp $ */ /*! \file */ @@ -56,6 +56,8 @@ #include #include +#define inline /* XXXMPA remove for 9.4.2 */ + #define DNS_RESOLVER_TRACE #ifdef DNS_RESOLVER_TRACE #define RTRACE(m) isc_log_write(dns_lctx, \ @@ -3595,7 +3597,12 @@ validated(isc_task_t *task, isc_event_t *event) { if (result != ISC_R_SUCCESS && result != DNS_R_UNCHANGED) goto noanswer_response; - if (vevent->sigrdataset != NULL) { + if (ardataset != NULL && ardataset->type == 0) { + if (NXDOMAIN(ardataset)) + eresult = DNS_R_NCACHENXDOMAIN; + else + eresult = DNS_R_NCACHENXRRSET; + } else if (vevent->sigrdataset != NULL) { result = dns_db_addrdataset(fctx->cache, node, NULL, now, vevent->sigrdataset, 0, asigrdataset); @@ -3711,7 +3718,8 @@ validated(isc_task_t *task, isc_event_t *event) { static inline isc_result_t cache_name(fetchctx_t *fctx, dns_name_t *name, dns_adbaddrinfo_t *addrinfo, - isc_stdtime_t now) { + isc_stdtime_t now) +{ dns_rdataset_t *rdataset, *sigrdataset; dns_rdataset_t *addedrdataset, *ardataset, *asigrdataset; dns_rdataset_t *valrdataset = NULL, *valsigrdataset = NULL; @@ -3893,8 +3901,29 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_adbaddrinfo_t *addrinfo, result = dns_db_addrdataset(fctx->cache, node, NULL, now, rdataset, 0, addedrdataset); - if (result == DNS_R_UNCHANGED) + if (result == DNS_R_UNCHANGED) { result = ISC_R_SUCCESS; + if (!need_validation && + ardataset != NULL && + ardataset->type == 0) { + /* + * The answer in the cache is better + * than the answer we found, and is + * a negative cache entry, so we + * must set eresult appropriately. + */ + if (NXDOMAIN(ardataset)) + eresult = DNS_R_NCACHENXDOMAIN; + else + eresult = DNS_R_NCACHENXRRSET; + /* + * We have a negative response from + * the cache so don't attempt to + * add the RRSIG rrset. + */ + continue; + } + } if (result != ISC_R_SUCCESS) break; if (sigrdataset != NULL) { @@ -4011,12 +4040,10 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_adbaddrinfo_t *addrinfo, * a negative cache entry, so we * must set eresult appropriately. */ - if (NXDOMAIN(ardataset)) - eresult = - DNS_R_NCACHENXDOMAIN; - else - eresult = - DNS_R_NCACHENXRRSET; + if (NXDOMAIN(ardataset)) + eresult = DNS_R_NCACHENXDOMAIN; + else + eresult = DNS_R_NCACHENXRRSET; } result = ISC_R_SUCCESS; } else if (result != ISC_R_SUCCESS) @@ -4027,11 +4054,19 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_adbaddrinfo_t *addrinfo, if (valrdataset != NULL) result = valcreate(fctx, addrinfo, name, fctx->type, valrdataset, valsigrdataset, valoptions, - task); + task); if (result == ISC_R_SUCCESS && have_answer) { fctx->attributes |= FCTX_ATTR_HAVEANSWER; if (event != NULL) { + /* + * Negative results must be indicated in event->result. + */ + if (dns_rdataset_isassociated(event->rdataset) && + event->rdataset->type == dns_rdatatype_none) { + INSIST(eresult == DNS_R_NCACHENXDOMAIN || + eresult == DNS_R_NCACHENXRRSET); + } event->result = eresult; dns_db_attach(fctx->cache, adbp); dns_db_transfernode(fctx->cache, &node, anodep); @@ -6283,14 +6318,14 @@ dns_resolver_create(dns_view_t *view, task = NULL; result = isc_task_create(taskmgr, 0, &task); if (result != ISC_R_SUCCESS) - goto cleanup_poollock; + goto cleanup_poollock; result = isc_timer_create(timermgr, isc_timertype_inactive, NULL, NULL, task, spillattimer_countdown, res, &res->spillattimer); isc_task_detach(&task); if (result != ISC_R_SUCCESS) - goto cleanup_poollock; + goto cleanup_poollock; #if USE_ALGLOCK result = isc_rwlock_init(&res->alglock, 0, 0);