Merge branch '2758-nsupdate-refused-v9_16' into 'v9_16'

nsupdate: try next server on REFUSED See merge request isc-projects/bind9!5227
2021-06-23 19:50:18 +00:00
parent a3983a796e e26db7cb9d
commit a55bdea67a
2 changed files with 14 additions and 0 deletions
--- a/3
+++ b/3
@@ -3,6 +3,9 @@
 			``named`` now sets the DON'T FRAGMENT flag on outgoing
 			UDP packets. [GL #2183]

+5665.	[bug]		'nsupdate' did not retry with another server if
+			it received a REFUSED response. [GL #2758]
+
 5664.	[func]		Handle a UDP sending error on UDP messages larger
 			than the path MTU; in such a case an empty response is
 			sent back with the TC (TrunCated) bit set. Re-enable
--- a/bin/nsupdate/nsupdate.c
+++ b/bin/nsupdate/nsupdate.c
@@ -2661,6 +2661,17 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
 		return;
 	}
 	check_result(result, "dns_request_getresponse");
+
+	if (rcvmsg->rcode == dns_rcode_refused) {
+		next_server("recvsoa", addr, DNS_R_REFUSED);
+		dns_message_detach(&rcvmsg);
+		dns_request_destroy(&request);
+		dns_message_renderreset(soaquery);
+		dns_message_settsigkey(soaquery, NULL);
+		sendrequest(&servers[ns_inuse], soaquery, &request);
+		return;
+	}
+
 	section = DNS_SECTION_ANSWER;
 	POST(section);
 	if (debugging) {