From: Aram Sargsyan <aram@isc.org>
Date: Wed, 27 Aug 2025 14:35:09 +0000 (+0000)
Subject: Change the "RPZ not ready yet" message and its log level
X-Git-Tag: v9.21.12~3^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=49356ce944971c7316d70d98f6a3a8397729799e;p=thirdparty%2Fbind9.git

Change the "RPZ not ready yet" message and its log level

The "RPZ not ready yet" message is logged at debug 3 level. Use the
info level instead for better visibility.

After raising the log level, the rpz_log_fail_helper() function starts
appending " failed: " the the message. Change the log message so it
makes more sense.
---

diff --git a/lib/ns/query.c b/lib/ns/query.c
index dd110568a5c..11b9ee02145 100644
--- a/lib/ns/query.c
+++ b/lib/ns/query.c
@@ -4007,8 +4007,9 @@ rpz_rewrite(ns_client_t *client, dns_rdatatype_t qtype, isc_result_t qresult,
 		/* Do not pollute SERVFAIL cache  */
 		client->inner.attributes |= NS_CLIENTATTR_NOSETFC;
 
-		rpz_log_fail(client, DNS_RPZ_DEBUG_LEVEL3, NULL,
-			     DNS_RPZ_TYPE_QNAME, "RPZ not ready yet", result);
+		rpz_log_fail(client, DNS_RPZ_INFO_LEVEL, NULL,
+			     DNS_RPZ_TYPE_QNAME, "RPZ servfail-until-ready",
+			     DNS_R_WAIT);
 		st->m.policy = DNS_RPZ_POLICY_ERROR;
 		goto cleanup;
 	}