From: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Date: Tue, 14 Jul 2020 11:09:22 +0000 (+0200)
Subject: Merge pull request #9329 from omoerbeek/backport-9297-to-rec-4.3.x
X-Git-Tag: rec-4.3.3~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=23caa68c5d97d12dafd31c4511db7e8f4660ae3b;p=thirdparty%2Fpdns.git

Merge pull request #9329 from omoerbeek/backport-9297-to-rec-4.3.x

rec: Backport 9297 to rec 4.3.x: Ignore cache-only for DNSKEYs and DS retrieval
---

23caa68c5d97d12dafd31c4511db7e8f4660ae3b
diff --cc pdns/syncres.cc
index c41161660e,34e8f68cbe..6deca297ed
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@@ -2052,13 -2052,11 +2052,15 @@@ vState SyncRes::getDSRecords(const DNSN
    std::vector<DNSRecord> dsrecords;
  
    vState state = Indeterminate;
+   const bool oldCacheOnly = setCacheOnly(false);
    int rcode = doResolve(zone, QType(QType::DS), dsrecords, depth + 1, beenthere, state);
    d_skipCNAMECheck = oldSkipCNAME;
+   setCacheOnly(oldCacheOnly);
  
 +  if (rcode == RCode::ServFail) {
 +    throw ImmediateServFailException("Server Failure while retrieving DS records for " + zone.toLogString());
 +  }
 +
    if (rcode == RCode::NoError || (rcode == RCode::NXDomain && !bogusOnNXD)) {
      uint8_t bestDigestType = 0;
  
@@@ -2333,13 -2332,11 +2336,15 @@@ vState SyncRes::getDNSKeys(const DNSNam
    /* following CNAME might lead to us to the wrong DNSKEY */
    bool oldSkipCNAME = d_skipCNAMECheck;
    d_skipCNAMECheck = true;
+   const bool oldCacheOnly = setCacheOnly(false);
    int rcode = doResolve(signer, QType(QType::DNSKEY), records, depth + 1, beenthere, state);
    d_skipCNAMECheck = oldSkipCNAME;
+   setCacheOnly(oldCacheOnly);
  
 +  if (rcode == RCode::ServFail) {
 +    throw ImmediateServFailException("Server Failure while retrieving DNSKEY records for " + signer.toLogString());
 +  }
 +
    if (rcode == RCode::NoError) {
      if (state == Secure) {
        for (const auto& key : records) {