]> git.ipfire.org Git - thirdparty/pdns.git/commit
projects / thirdparty / pdns.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 40133b9) | patch
Failure to retrieve DNSKEYs of an Insecure zone should not be fatal. 11940/head
authorOtto Moerbeek <otto.moerbeek@open-xchange.com>
Wed, 31 Aug 2022 08:34:18 +0000 (10:34 +0200)
committerOtto Moerbeek <otto.moerbeek@open-xchange.com>
Mon, 12 Sep 2022 08:15:44 +0000 (10:15 +0200)
commitee75c75c6194ebe3f8797f54a98dcce5fc65dd85
tree280a67e9910a399203834fdb7455153e54483ef9tree
parent40133b928137b93eced5c3c897d23eb015659511commit | diff
Failure to retrieve DNSKEYs of an Insecure zone should not be fatal.

This issue happens if a record set is signed even though the zone
itself is Insecure. Syncres then tries to retrieve DNSKEYs and a
timeout on that would lead to an ImmediateServFailException.

Only throw exception later in validateRecordsWithSigs, after checking
zone cuts, when we are sure the zone is Secure.

(cherry picked from commit 6dc8b0b2c6fb2e628356f8dc5c5de4dfd919ec5d)
pdns/recursordist/test-syncres_cc5.cc diff | blob | blame | history
pdns/syncres.cc diff | blob | blame | history
pdns/syncres.hh diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.