git.ipfire.org Git - thirdparty/bind9.git/commit

author	Matthijs Mekking <matthijs@isc.org>
	Tue, 3 Mar 2026 07:37:34 +0000 (08:37 +0100)
committer	Matthijs Mekking <matthijs@isc.org>
	Tue, 17 Mar 2026 14:39:48 +0000 (14:39 +0000)
commit	e65298edb26682833472efe1d5079c6e1b59ffb5
tree	91ddf6cc156830add19794d34ad27262c08ae17d	tree \| snapshot
parent	6d9482bd6b8fb30e032ca962bdb11066bbff114d	commit \| diff

Fast fail a validator deadlock

We return DNS_R_NOVALIDSIG if we detected a deadlock. Then in
'validate_async_done()', this result value is used to check if we
need to fall back to insecure. As part of that we create a new fetch
but that fails because of the detected deadlock. This results in a loop
of deadlock detected, fallback to insecure, deadlock detected, ...

Add a new result value, ISC_R_DEADLOCK, and return this instead when
we have detected a deadlock. This will be treated as a generic error,
as there is no special handling for this result value.

(cherry picked from commit bc1d177cc2e82f18a77985c518e169f0e37d88c7)

lib/dns/validator.c		diff \| blob \| blame \| history
lib/isc/include/isc/result.h		diff \| blob \| blame \| history
lib/isc/result.c		diff \| blob \| blame \| history