From: Yorgos Thessalonikefs Date: Mon, 23 Feb 2026 13:35:50 +0000 (+0100) Subject: - Fix to disallow cache lookup/store in external cachedb when a X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2feee1373508f223317d9f0812c082c0190d27cd;p=thirdparty%2Funbound.git - Fix to disallow cache lookup/store in external cachedb when a forwarder/stub forbids it with the no-cache option. --- diff --git a/cachedb/cachedb.c b/cachedb/cachedb.c index 226669fcd..fd9f04e3d 100644 --- a/cachedb/cachedb.c +++ b/cachedb/cachedb.c @@ -805,8 +805,11 @@ cachedb_handle_query(struct module_qstate* qstate, return; } - if(qstate->blacklist || qstate->no_cache_lookup) { - /* cache is blacklisted or we are instructed from edns to not look */ + if(qstate->blacklist || qstate->no_cache_lookup + || iter_stub_fwd_no_cache(qstate, &qstate->qinfo, NULL, NULL, + NULL, 0)) { + /* cache is blacklisted or we are instructed from edns to not + * look or a forwarder/stub forbids it */ /* pass request to next module */ qstate->ext_state[id] = module_wait_module; return; @@ -894,7 +897,9 @@ cachedb_handle_response(struct module_qstate* qstate, { qstate->is_cachedb_answer = 0; /* check if we are not enabled or instructed to not cache, and skip */ - if(!ie->enabled || qstate->no_cache_store) { + if(!ie->enabled || qstate->no_cache_store + || iter_stub_fwd_no_cache(qstate, &qstate->qinfo, NULL, NULL, + NULL, 0)) { /* we are done with the query */ qstate->ext_state[id] = module_finished; return; diff --git a/doc/Changelog b/doc/Changelog index 351717417..dc7968c06 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -2,6 +2,10 @@ - Fix to have cachedb not return expired bogus data as non-bogus. - Fix to make the cachedb_val_expired.crpl succeed. +23 February 2026: Yorgos + - Fix to disallow cache lookup/store in external cachedb when a + forwarder/stub forbids it with the no-cache option. + 17 February 2026: Wouter - Fix to remove unused conditional from cookie timestamp at worker env. diff --git a/iterator/iter_utils.c b/iterator/iter_utils.c index feb5b702b..cc09fa524 100644 --- a/iterator/iter_utils.c +++ b/iterator/iter_utils.c @@ -1548,6 +1548,11 @@ iter_stub_fwd_no_cache(struct module_qstate *qstate, struct query_info *qinf, struct delegpt *dp; int nolock = 1; + log_assert((retdpname && retdpnamelen + && dpname_storage && dpname_storage_len > 0) || + (retdpname == NULL && retdpnamelen == NULL + && dpname_storage == NULL && dpname_storage_len == 0)); + /* Check for stub. */ /* Lock both forwards and hints for atomic read. */ lock_rw_rdlock(&qstate->env->fwds->lock);