Don't ignore auth zones when in serve-stale mode
When serve-stale is enabled and recursive resolution fails, the fallback to lookup stale data always happens in the cache database. Any authoritative data is ignored, and only information learned through recursive resolution is examined. If there is data in the cache that could lead to an answer, and this can be just the root delegation, the resolver will iterate further, getting closer to the answer that can be found by recursing down the root, and eventually puts the final response in the cache. Change the fallback to serve-stale to use 'query_getdb()', that finds out the best matching database for the given query.
This commit is contained in:
Matthijs Mekking
@@ -7653,8 +7653,19 @@ query_usestale(query_ctx_t *qctx, isc_result_t result) {
|
||||
qctx_freedata(qctx);
|
||||
|
||||
if (dns_view_staleanswerenabled(qctx->client->view)) {
|
||||
dns_db_attach(qctx->client->view->cachedb, &qctx->db);
|
||||
qctx->version = NULL;
|
||||
isc_result_t ret;
|
||||
ret = query_getdb(qctx->client, qctx->client->query.qname,
|
||||
qctx->client->query.qtype, qctx->options,
|
||||
&qctx->zone, &qctx->db, &qctx->version,
|
||||
&qctx->is_zone);
|
||||
if (ret != ISC_R_SUCCESS) {
|
||||
/*
|
||||
* Failed to get the database, unexpected, but let us
|
||||
* at least abandon serve-stale.
|
||||
*/
|
||||
return (false);
|
||||
}
|
||||
|
||||
qctx->client->query.dboptions |= DNS_DBFIND_STALEOK;
|
||||
if (FETCH_RECTYPE_NORMAL(qctx->client) != NULL) {
|
||||
dns_resolver_destroyfetch(
|
||||
|
||||
Reference in New Issue
Block a user