From d8cd33f81f2ab960143eebc2f472de01ad177420 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Mon, 22 May 2017 15:13:19 +0200 Subject: [PATCH] validate: avoid keeping KR_RANK_MISSING If a sub-query transitions the state to QUERY_DNSSEC_INSECURE, we didn't set correct rank. This lead to caching with _MISSING rank which is too low to be utilized on re-queries. Example: nix.mx query. --- NEWS | 3 +++ lib/layer/validate.c | 6 ++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index faa9a05ac..75c0ca512 100644 --- a/NEWS +++ b/NEWS @@ -14,6 +14,9 @@ Improvements - command line: specify ports via @ but still support # for compatibility - policy: recognize 100.64.0.0/10 as local addresses +Bugfixes +-------- +- validate: fix insufficient caching for some cases (relatively rare) Knot Resolver 1.2.6 (2017-04-24) ================================ diff --git a/lib/layer/validate.c b/lib/layer/validate.c index 9b9b43d24..040e91b7a 100644 --- a/lib/layer/validate.c +++ b/lib/layer/validate.c @@ -585,7 +585,8 @@ static int check_signer(kr_layer_t *ctx, knot_pkt_t *pkt) return KR_STATE_DONE; } -static void rank_records(kr_layer_t *ctx, uint8_t rank_to_set) +/** Change ranks of RRs from this single iteration: _INITIAL or _MISSING -> rank_to_set. */ +static void rank_records(kr_layer_t *ctx, enum kr_rank rank_to_set) { struct kr_request *req = ctx->req; struct kr_query *qry = req->current_query; @@ -597,7 +598,8 @@ static void rank_records(kr_layer_t *ctx, uint8_t rank_to_set) if (entry->qry_uid != qry->uid) { continue; } - if (kr_rank_test(entry->rank, KR_RANK_INITIAL)) { + if (kr_rank_test(entry->rank, KR_RANK_INITIAL) + || kr_rank_test(entry->rank, KR_RANK_MISSING)) { kr_rank_set(&entry->rank, rank_to_set); } } -- 2.47.3