Fail promptly on an RRSIG answer with no usable record

A query for an RRSIG is handled as a subset of ANY, so rctx_answer_any()
filters out records that do not match the queried type. When every
record was filtered out (an answer carrying only unrelated types), the
function still returned success with nothing cached, and the fetch then
waited for a validator that was never started until the backstop fetch
timer fired ~12s later. Treat an all-filtered answer as a broken
response, matching how non-meta types already reject a reply with no
usable record.

diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index 6eba231ca65cad743275549d9c5501be848a23c7..b41a9726ca31f68cae334b4f3e0c7445bfd5dcc8 100644 (file)
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -8781,6 +8781,19 @@ rctx_answer_any(respctx_t *rctx) {
                rdataset->trust = rctx->trust;
        }
 
+       /*
+        * An RRSIG query is handled as a subset of ANY; if every record in
+        * the answer was filtered out above, nothing was marked cacheable,
+        * so there is nothing to cache, validate, or chase.  Treat that as a
+        * broken answer instead of returning success with no answer, which
+        * would leave the fetch waiting for a validator that is never
+        * started.
+        */
+       if (!rctx->aname->attributes.cache) {
+               rctx->result = DNS_R_FORMERR;
+               return ISC_R_COMPLETE;
+       }
+
        return ISC_R_SUCCESS;
 }