986. [bug] 'additional-from-auth no;' did not work reliably
in the case of queries answered from the cache.
[RT #1436]
This commit is contained in:
Andreas Gustafsson
@@ -15,7 +15,7 @@
|
||||
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* $Id: query.h,v 1.28 2001/03/14 19:33:00 halley Exp $ */
|
||||
/* $Id: query.h,v 1.29 2001/09/11 01:21:39 gson Exp $ */
|
||||
|
||||
#ifndef NAMED_QUERY_H
|
||||
#define NAMED_QUERY_H 1
|
||||
@@ -46,6 +46,7 @@ struct ns_query {
|
||||
unsigned int fetchoptions;
|
||||
dns_db_t * gluedb;
|
||||
dns_db_t * authdb;
|
||||
isc_boolean_t authdbvalid;
|
||||
dns_fetch_t * fetch;
|
||||
dns_a6context_t a6ctx;
|
||||
isc_bufferlist_t namebufs;
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* $Id: query.c,v 1.199 2001/08/30 05:52:10 marka Exp $ */
|
||||
/* $Id: query.c,v 1.200 2001/09/11 01:21:38 gson Exp $ */
|
||||
|
||||
#include <config.h>
|
||||
|
||||
@@ -249,7 +249,7 @@ query_reset(ns_client_t *client, isc_boolean_t everything) {
|
||||
client->query.dboptions = 0;
|
||||
client->query.fetchoptions = 0;
|
||||
client->query.gluedb = NULL;
|
||||
client->query.authdb = NULL;
|
||||
client->query.authdbvalid = ISC_FALSE;
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -476,6 +476,7 @@ ns_query_init(ns_client_t *client) {
|
||||
client->query.qname = NULL;
|
||||
client->query.fetch = NULL;
|
||||
client->query.authdb = NULL;
|
||||
client->query.authdbvalid = ISC_FALSE;
|
||||
query_reset(client, ISC_FALSE);
|
||||
result = query_newdbversion(client, 3);
|
||||
if (result != ISC_R_SUCCESS)
|
||||
@@ -553,25 +554,15 @@ query_getzonedb(ns_client_t *client, dns_name_t *name, unsigned int options,
|
||||
goto fail;
|
||||
|
||||
/*
|
||||
* If this is the first time we are called (that is, looking up
|
||||
* the actual name in the query section) remember this database.
|
||||
*
|
||||
* If authdb is non-NULL, we have been here before, and the
|
||||
* found database is always returned.
|
||||
*
|
||||
* This limits our searching to the zone where the first name
|
||||
* (the query target) is found. This prevents following CNAMES
|
||||
* or DNAMES into other zones and prevents returning additional
|
||||
* data from other zones.
|
||||
* (the query target) was looked for. This prevents following
|
||||
* CNAMES or DNAMES into other zones and prevents returning
|
||||
* additional data from other zones.
|
||||
*/
|
||||
if (!client->view->additionalfromauth) {
|
||||
if (client->query.authdb != NULL) {
|
||||
if (db != client->query.authdb)
|
||||
goto refuse;
|
||||
} else {
|
||||
dns_db_attach(db, &client->query.authdb);
|
||||
}
|
||||
}
|
||||
if (!client->view->additionalfromauth &&
|
||||
client->query.authdbvalid &&
|
||||
db != client->query.authdb)
|
||||
goto refuse;
|
||||
|
||||
/*
|
||||
* If the zone has an ACL, we'll check it, otherwise
|
||||
@@ -2469,6 +2460,12 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
|
||||
|
||||
if (is_zone)
|
||||
authoritative = ISC_TRUE;
|
||||
|
||||
if (event == NULL && client->query.restarts == 0) {
|
||||
if (is_zone)
|
||||
dns_db_attach(db, &client->query.authdb);
|
||||
client->query.authdbvalid = ISC_TRUE;
|
||||
}
|
||||
|
||||
db_find:
|
||||
CTRACE("query_find: db_find");
|
||||
|
||||
Reference in New Issue
Block a user