auth: optimize !d_doResolveAcrossZones case

author Chris Hofstaedtler <chris.hofstaedtler@deduktiva.com>

Fri, 27 Sep 2024 06:21:32 +0000 (08:21 +0200)

committer Chris Hofstaedtler <chris.hofstaedtler@deduktiva.com>

Tue, 19 Nov 2024 12:20:01 +0000 (13:20 +0100)
author Chris Hofstaedtler <chris.hofstaedtler@deduktiva.com>
Fri, 27 Sep 2024 06:21:32 +0000 (08:21 +0200)
committer Chris Hofstaedtler <chris.hofstaedtler@deduktiva.com>
Tue, 19 Nov 2024 12:20:01 +0000 (13:20 +0100)
diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc

index f2a570a274ba8f13848a705c9ac2001c9ddf1b28..32f176c84dba786f666720a08ef64c857f7263fc 100644 (file)
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -1517,6 +1517,12 @@ std::unique_ptr<DNSPacket> PacketHandler::doQuestion(DNSPacket& p)
        return r;
      }
  
+    if (retargetcount > 0 && !d_doResolveAcrossZones && !target.isPartOf(r->qdomainzone)) {
+      // We are following a retarget outside the initial zone (and do not need to check getAuth to know this). Config asked us not to do that.
+      // This is a performance optimization, the generic case is checked after getAuth below.
+      goto sendit;  // NOLINT(cppcoreguidelines-avoid-goto)
+    }
+
      if(!B.getAuth(target, p.qtype, &d_sd)) {
        DLOG(g_log<<Logger::Error<<"We have no authority over zone '"<<target<<"'"<<endl);
        if(!retargetcount) {
author	Chris Hofstaedtler <chris.hofstaedtler@deduktiva.com>
	Fri, 27 Sep 2024 06:21:32 +0000 (08:21 +0200)
committer	Chris Hofstaedtler <chris.hofstaedtler@deduktiva.com>
	Tue, 19 Nov 2024 12:20:01 +0000 (13:20 +0100)