Don't ignore auth zones when in serve-stale mode

When serve-stale is enabled and recursive resolution fails, the fallback
to lookup stale data always happens in the cache database. Any
authoritative data is ignored, and only information learned through
recursive resolution is examined.

If there is data in the cache that could lead to an answer, and this can
be just the root delegation, the resolver will iterate further, getting
closer to the answer that can be found by recursing down the root, and
eventually puts the final response in the cache.

Change the fallback to serve-stale to use 'query_getdb()', that finds
out the best matching database for the given query.

diff --git a/lib/ns/query.c b/lib/ns/query.c
index 712bee0871efdcc2613e99250d995daf3d583f31..ff8856127f9a12cee68c20a91dc53be9bc2995b7 100644 (file)
--- a/lib/ns/query.c
+++ b/lib/ns/query.c
@@ -7653,8 +7653,19 @@ query_usestale(query_ctx_t *qctx, isc_result_t result) {
        qctx_freedata(qctx);
 
        if (dns_view_staleanswerenabled(qctx->client->view)) {
-               dns_db_attach(qctx->client->view->cachedb, &qctx->db);
-               qctx->version = NULL;
+               isc_result_t ret;
+               ret = query_getdb(qctx->client, qctx->client->query.qname,
+                                 qctx->client->query.qtype, qctx->options,
+                                 &qctx->zone, &qctx->db, &qctx->version,
+                                 &qctx->is_zone);
+               if (ret != ISC_R_SUCCESS) {
+                       /*
+                        * Failed to get the database, unexpected, but let us
+                        * at least abandon serve-stale.
+                        */
+                       return (false);
+               }
+
                qctx->client->query.dboptions |= DNS_DBFIND_STALEOK;
                if (FETCH_RECTYPE_NORMAL(qctx->client) != NULL) {
                        dns_resolver_destroyfetch(