]> git.ipfire.org Git - thirdparty/pdns.git/commit
projects / thirdparty / pdns.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f9845d2) | patch
Failure to retrieve DNSKEYs of an Insecure zone should not be fatal. 11890/head
authorOtto Moerbeek <otto.moerbeek@open-xchange.com>
Wed, 31 Aug 2022 08:34:18 +0000 (10:34 +0200)
committerOtto Moerbeek <otto.moerbeek@open-xchange.com>
Fri, 9 Sep 2022 14:30:31 +0000 (16:30 +0200)
commit6dc8b0b2c6fb2e628356f8dc5c5de4dfd919ec5d
tree3a98c81783b4607b3707e4efc06f64b5aecde5e2tree | snapshot
parentf9845d2dc82bb932de0647e50be7475f44f4e2fdcommit | diff
Failure to retrieve DNSKEYs of an Insecure zone should not be fatal.

This issue happens if a record set is signed even though the zone
itself is Insecure. Syncres then tries to retrieve DNSKEYs and a
timeout on that would lead to an ImmediateServFailException.

Only throw exception later in validateRecordsWithSigs, after checking
zone cuts, when we are sure the zone is Secure.
pdns/recursordist/test-syncres_cc5.cc diff | blob | blame | history
pdns/syncres.cc diff | blob | blame | history
pdns/syncres.hh diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.