Don't servfail on staleonly lookups

When a staleonly lookup doesn't find a satisfying answer, it should not try to respond to the client. This is not true when the initial lookup is staleonly (that is when 'stale-answer-client-timeout' is set to 0), because no resolver fetch has been created at this point. In this case continue with the lookup normally.
2021-02-22 12:08:49 +01:00
parent 9e061faaae
commit f8b7b597e9
2 changed files with 19 additions and 0 deletions
--- a/bin/tests/system/serve-stale/tests.sh
+++ b/bin/tests/system/serve-stale/tests.sh
@@ -1068,6 +1068,16 @@ status=$((status+ret))

 sleep 2

+# Check that if we don't have stale data for a domain name, we will
+# not answer anything until the resolver query timeout.
+n=$((n+1))
+echo_i "check notincache.example times out (max-stale-ttl default) ($n)"
+ret=0
+$DIG -p ${PORT} +tries=1 +timeout=3  @10.53.0.3 notfound.example TXT > dig.out.test$n 2>&1
+grep "connection timed out" dig.out.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status+ret))
+
 echo_i "sending queries for tests $((n+1))-$((n+4))..."
 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$((n+1)) &
 $DIG -p ${PORT} @10.53.0.3 othertype.example CAA > dig.out.test$((n+2)) &
--- a/lib/ns/query.c
+++ b/lib/ns/query.c
@@ -5972,6 +5972,15 @@ query_lookup(query_ctx_t *qctx) {
 				}
 			}
 		}
+	} else if (stale_only && result != ISC_R_SUCCESS) {
+		/*
+		 * This is a staleonly lookup and no stale answer was found
+		 * in cache. Treat as we don't have an answer and wait for
+		 * the resolver fetch to finish.
+		 */
+		if ((qctx->options & DNS_GETDB_STALEFIRST) == 0) {
+			return (result);
+		}
 	} else {
 		stale_only = false;
 	}