]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2d89dae)
Don't disable RPZ and CATZ for zones with an $INCLUDE statement
authorAram Sargsyan <aram@isc.org>
Wed, 25 Dec 2024 14:30:53 +0000 (14:30 +0000)
committerArаm Sаrgsyаn <aram@isc.org>
Wed, 8 Jan 2025 15:21:28 +0000 (15:21 +0000)
The code in zone_startload() disables RPZ and CATZ for a zone if
dns_master_loadfile() returns anything other than ISC_R_SUCCESS,
which makes sense, but it's an error because zone_startload() can
also return DNS_R_SEENINCLUDE upon success when the zone had an
$INCLUDE statement.

(cherry picked from commit 3d7a9fba3b41c97b9e536e17c0f711388f1c898a)

lib/dns/zone.c patch | blob | blame | history

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 3888f71252c758be9a8200d716e426f9b4b45a18..e8f824359d1eb2bc77e2863cc07eda9538af720e 100644 (file)
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -2653,13 +2653,13 @@ zone_startload(dns_db_t *db, dns_zone_t *zone, isc_time_t loadtime) {
        }
 
 cleanup:
-       if (result != ISC_R_SUCCESS) {
+       if (result != ISC_R_SUCCESS && result != DNS_R_SEENINCLUDE) {
                dns_zone_rpz_disable_db(zone, load->db);
                dns_zone_catz_disable_db(zone, load->db);
        }
 
        tresult = dns_db_endload(db, &load->callbacks);
-       if (result == ISC_R_SUCCESS) {
+       if (result == ISC_R_SUCCESS || result == DNS_R_SEENINCLUDE) {
                result = tresult;
        }
 
Mirror of https://gitlab.isc.org/isc-projects/bind9.git