selection: turn on SAFEMODE on FORMERROR

diff --git a/lib/resolve.c b/lib/resolve.c
index 463d80fe028d3044e778ba5556d3f4f0d2e43a7f..f458486a98429ce2c4d28686cda59d8828f84c14 100644 (file)
--- a/lib/resolve.c
+++ b/lib/resolve.c
@@ -1362,6 +1362,8 @@ int kr_resolve_produce(struct kr_request *request, struct kr_transport **transpo
                return KR_STATE_PRODUCE;
        }
 
+       qry->flags.SAFEMODE = (*transport)->safe_mode;
+
        /* Randomize query case (if not in safe mode or turned off) */
        qry->secret = (qry->flags.SAFEMODE || qry->flags.NO_0X20)
                        ? 0 : kr_rand_bytes(sizeof(qry->secret));

diff --git a/lib/selection.c b/lib/selection.c
index c891d4a9674172af5ccb846af3fbd264deff98a7..29b58a5e3c4df22e27666f883a06e2090fde6979 100644 (file)
--- a/lib/selection.c
+++ b/lib/selection.c
@@ -256,6 +256,7 @@ struct kr_transport *choose_transport(struct choice choices[],
                .name = choices[choice].address_state->name,
                .protocol = protocol,
                .timeout = timeout,
+               .safe_mode = choices[choice].address_state->errors[KR_SELECTION_FORMERROR],
        };
 
 
@@ -366,6 +367,10 @@ void error(struct kr_query *qry, struct address_state *addr_state, const struct
                addr_state->unrecoverable_errors++;
        }
 
+       if (sel_error == KR_SELECTION_FORMERROR && transport->safe_mode) {
+               addr_state->unrecoverable_errors++;
+       }
+
        addr_state->errors[sel_error]++;
        addr_state->error_count++;
 

diff --git a/lib/selection.h b/lib/selection.h
index ef9436a6de4aaf5cfdc6665af0b39b3fbb5fcac4..69ac7220eced78dd0f0c3679bf89436c2f3b7c2c 100644 (file)
--- a/lib/selection.h
+++ b/lib/selection.h
@@ -47,7 +47,7 @@ static const bool UNRECOVERABLE_ERRORS[] = {
        [KR_SELECTION_TCP_CONNECT_TIMEOUT] = false,
        [KR_SELECTION_REFUSED] = true,
        [KR_SELECTION_SERVFAIL] = true,
-       [KR_SELECTION_FORMERROR] = true,
+       [KR_SELECTION_FORMERROR] = false,
        [KR_SELECTION_NOTIMPL] = true,
        [KR_SELECTION_OTHER_RCODE] = true,
        [KR_SELECTION_TRUNCATED] = false,
@@ -76,6 +76,7 @@ struct kr_transport {
        unsigned timeout; /**< Timeout in ms to be set for UDP transmission. */
        bool deduplicated; /**< True iff transport was set in worker.c:subreq_finalize,
                                 that means it may be different from the one originally chosen one.*/
+       bool safe_mode; /**< Turn on SAFEMODE for this transport */
 };
 
 /**

diff --git a/lib/selection_iter.c b/lib/selection_iter.c
index 3f13269cc7967c7cb6269049da3dcd5df59a9358..76ef959ac485b07687ef80f70ca8e8ea05247147 100644 (file)
--- a/lib/selection_iter.c
+++ b/lib/selection_iter.c
@@ -265,8 +265,8 @@ void iter_choose_transport(struct kr_query *qry, struct kr_transport **transport
                        enum kr_transport_protocol proto = (*transport)->protocol;
                        if (proto != KR_TRANSPORT_RESOLVE_A && proto != KR_TRANSPORT_RESOLVE_AAAA) {
                                VERBOSE_MSG(qry,
-                               "=> id: '%05u' choosing: '%s'@'%s' with timeout %u ms zone cut: '%s'\n",
-                               qry->id, ns_name, ns_str ? ns_str : "", (*transport)->timeout, zonecut_str);
+                               "=> id: '%05u' choosing: '%s'@'%s' with timeout %u ms zone cut: '%s'%s\n",
+                               qry->id, ns_name, ns_str ? ns_str : "", (*transport)->timeout, zonecut_str, (*transport)->safe_mode ? " SAFEMODE" : "");
                        } else {
                                const char *ip_version = (proto == KR_TRANSPORT_RESOLVE_A) ? "A" : "AAAA";
                                VERBOSE_MSG(qry,