From: Tom Krizek <tkrizek@isc.org>
Date: Wed, 7 Dec 2022 20:29:11 +0000 (+0100)
Subject: Revert "Merge branch '3678-serve-stale-servfailing-unexpectedly' into 'main'"
X-Git-Tag: v9.19.8~5^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ba1607747c907ef23f8978db53d4147765df8c21;p=thirdparty%2Fbind9.git

Revert "Merge branch '3678-serve-stale-servfailing-unexpectedly' into 'main'"

This reverts commit 629f66ea8e7a3455f22f57394eef54cfabcb8860, reversing
changes made to 84a7be327e801cfda207629285bf3302a71e8119.

It also removes release note 6038, since the fix is reverted.
---

diff --git a/CHANGES b/CHANGES
index cd33d76bfd7..224e8f8604b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -17,10 +17,7 @@
 			also removing the referenced zone could leave a
 			dangling pointer. [GL #3683]
 
-6038.	[bug]		In some serve stale scenarios, like when following an
-			expired CNAME record, named could return SERVFAIL if the
-			previous request wasn't successful. Consider non-stale
-			data when in serve-stale mode. [GL #3678]
+6038.	[placeholder]
 
 6037.	[func]		Reject zones which have DS records not at delegation
 			points. [GL #3697]
diff --git a/bin/tests/system/serve-stale/ans2/ans.pl b/bin/tests/system/serve-stale/ans2/ans.pl
index f14ae67fe8f..0af055a4fb1 100644
--- a/bin/tests/system/serve-stale/ans2/ans.pl
+++ b/bin/tests/system/serve-stale/ans2/ans.pl
@@ -58,8 +58,6 @@ my $CAA = "othertype.example 2 IN CAA 0 issue \"ca1.example.net\"";
 my $negSOA = "example 2 IN SOA . . 0 0 0 0 300";
 my $CNAME = "cname.example 7 IN CNAME target.example";
 my $TARGET = "target.example 9 IN A $localaddr";
-my $SHORTCNAME = "shortttl.cname.example 1 IN CNAME longttl.target.example";
-my $LONGTARGET = "longttl.target.example 600 IN A $localaddr";
 
 sub reply_handler {
     my ($qname, $qclass, $qtype) = @_;
@@ -168,28 +166,6 @@ sub reply_handler {
 	    push @auth, $rr;
 	}
 	$rcode = "NOERROR";
-    } elsif ($qname eq "shortttl.cname.example") {
-	if ($qtype eq "A") {
-	    my $rr = new Net::DNS::RR($SHORTCNAME);
-	    push @ans, $rr;
-	} else {
-	    my $rr = new Net::DNS::RR($negSOA);
-	    push @auth, $rr;
-	}
-	$rcode = "NOERROR";
-    } elsif ($qname eq "longttl.target.example") {
-	if ($slow_response) {
-                print "  Sleeping 3 seconds\n";
-		sleep(3);
-	}
-	if ($qtype eq "A") {
-	    my $rr = new Net::DNS::RR($LONGTARGET);
-	    push @ans, $rr;
-	} else {
-	    my $rr = new Net::DNS::RR($negSOA);
-	    push @auth, $rr;
-	}
-	$rcode = "NOERROR";
     } elsif ($qname eq "longttl.example") {
 	if ($qtype eq "TXT") {
 	    my $rr = new Net::DNS::RR($LONGTXT);
diff --git a/bin/tests/system/serve-stale/tests.sh b/bin/tests/system/serve-stale/tests.sh
index 63a87a3d580..b64fc5b48c7 100755
--- a/bin/tests/system/serve-stale/tests.sh
+++ b/bin/tests/system/serve-stale/tests.sh
@@ -1829,80 +1829,6 @@ grep "data\.example\..*[12].*IN.*TXT.*A text record with a 2 second ttl" dig.out
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status+ret))
 
-##############################################################
-# Test for stale-answer-client-timeout off and CNAME record. #
-##############################################################
-echo_i "test stale-answer-client-timeout (0) and CNAME record"
-
-n=$((n+1))
-echo_i "prime cache shortttl.cname.example (stale-answer-client-timeout off) ($n)"
-ret=0
-$DIG -p ${PORT} @10.53.0.3 shortttl.cname.example A > dig.out.test$n
-grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
-grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1
-grep "shortttl\.cname\.example\..*1.*IN.*CNAME.*longttl\.target\.example\." dig.out.test$n > /dev/null || ret=1
-grep "longttl\.target\.example\..*600.*IN.*A.*10\.53\.0\.2" dig.out.test$n > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=$((status+ret))
-
-# Allow RRset to become stale.
-sleep 1
-
-n=$((n+1))
-echo_i "disable responses from authoritative server ($n)"
-ret=0
-$DIG -p ${PORT} @10.53.0.2 txt disable  > dig.out.test$n
-grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1
-grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=$((status+ret))
-
-n=$((n+1))
-ret=0
-echo_i "check stale shortttl.cname.example comes from cache (stale-answer-client-timeout off) ($n)"
-nextpart ns3/named.run > /dev/null
-$DIG -p ${PORT} @10.53.0.3 shortttl.cname.example A > dig.out.test$n
-wait_for_log 5 "shortttl.cname.example A resolver failure, stale answer used" ns3/named.run || ret=1
-grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
-grep "EDE: 3 (Stale Answer): (resolver failure)" dig.out.test$n > /dev/null || ret=1
-grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1
-grep "shortttl\.cname\.example\..*3.*IN.*CNAME.*longttl\.target\.example\." dig.out.test$n > /dev/null || ret=1
-# We can't reliably test the TTL of the longttl.target.example A record.
-grep "longttl\.target\.example\..*IN.*A.*10\.53\.0\.2" dig.out.test$n > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=$((status+ret))
-
-n=$((n+1))
-echo_i "enable responses from authoritative server ($n)"
-ret=0
-$DIG -p ${PORT} @10.53.0.2 txt enable  > dig.out.test$n
-grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1
-grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=$((status+ret))
-
-n=$((n+1))
-echo_i "check server is alive or restart ($n)"
-ret=0
-$RNDCCMD 10.53.0.3 status > rndc.out.test$n 2>&1 || ret=1
-if [ $ret != 0 ]; then
-    echo_i "failed"
-    echo_i "restart ns3"
-    start_server --noclean --restart --port ${PORT} serve-stale ns3
-fi
-status=$((status+ret))
-
-n=$((n+1))
-echo_i "check server is alive or restart ($n)"
-ret=0
-$RNDCCMD 10.53.0.3 status > rndc.out.test$n 2>&1 || ret=1
-if [ $ret != 0 ]; then
-    echo_i "failed"
-    echo_i "restart ns3"
-    start_server --noclean --restart --port ${PORT} serve-stale ns3
-fi
-status=$((status+ret))
-
 #############################################
 # Test for stale-answer-client-timeout 0.   #
 #############################################
diff --git a/lib/ns/query.c b/lib/ns/query.c
index 6580bd8c7ab..71f0db8f9ee 100644
--- a/lib/ns/query.c
+++ b/lib/ns/query.c
@@ -5960,13 +5960,6 @@ query_lookup(query_ctx_t *qctx) {
 		dns_cache_updatestats(qctx->view->cache, result);
 	}
 
-	if (dns_rdataset_isassociated(qctx->rdataset) &&
-	    dns_rdataset_count(qctx->rdataset) > 0 && !STALE(qctx->rdataset))
-	{
-		/* Found non-stale usable rdataset. */
-		goto gotanswer;
-	}
-
 	/*
 	 * If DNS_DBFIND_STALEOK is set this means we are dealing with a
 	 * lookup following a failed lookup and it is okay to serve a stale
@@ -6138,7 +6131,6 @@ query_lookup(query_ctx_t *qctx) {
 		qctx->rdataset->attributes |= DNS_RDATASETATTR_STALE_ADDED;
 	}
 
-gotanswer:
 	result = query_gotanswer(qctx, result);
 
 cleanup: