+2931. [bug] Temporarily and partially disable change 2864
+ because it would cause inifinite attempts of RRSIG
+ queries. This is an urgent care fix; we'll
+ revisit the issue and complete the fix later.
+ [RT #21710]
+
--- 9.7.2b1 released ---
2930. [experimental] New "rndc addzone" and "rndc delzone" commads
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: query.c,v 1.335.8.7 2010/06/26 23:46:27 tbox Exp $ */
+/* $Id: query.c,v 1.335.8.8 2010/07/15 01:26:10 jinmei Exp $ */
/*! \file */
if (fname != NULL)
dns_message_puttempname(client->message, &fname);
- if (n == 0) {
+ if (n == 0 && is_zone) {
/*
* We didn't match any rdatasets.
*/
* glue. Ugh.
*/
if (!is_zone) {
+ /*
+ * Note: this is dead code because
+ * is_zone is always true due to the
+ * condition above. But naive
+ * recursion would cause infinite
+ * attempts of recursion because
+ * the answer to (RR)SIG queries
+ * won't be cached. Until we figure
+ * out what we should do and implement
+ * it we intentionally keep this code
+ * dead.
+ */
authoritative = ISC_FALSE;
dns_rdatasetiter_destroy(&rdsiter);
if (RECURSIONOK(client)) {
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
-; $Id: secure.example.db.in,v 1.13.268.2 2010/06/26 23:46:27 tbox Exp $
+; $Id: secure.example.db.in,v 1.13.268.3 2010/07/15 01:26:10 jinmei Exp $
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
nosoa NS ns.nosoa
ns.nosoa A 10.53.0.7
+
+normalthenrrsig A 10.0.0.28
+rrsigonly A 10.0.0.29
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-# $Id: tests.sh,v 1.55.32.10 2010/06/28 01:37:20 marka Exp $
+# $Id: tests.sh,v 1.55.32.11 2010/07/15 01:26:10 jinmei Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
echo "I:The DNSSEC update test requires the Net::DNS library." >&2
fi
+# Check direct query for RRSIG. If we first ask for normal (non RRSIG)
+# record, the corresponding RRSIG should be cached and subsequent query
+# for RRSIG will be returned with the cached record.
+echo "I:checking RRSIG query from cache ($n)"
+ret=0
+$DIG $DIGOPTS normalthenrrsig.secure.example. @10.53.0.4 a > /dev/null || ret=1
+ans=`$DIG $DIGOPTS +short normalthenrrsig.secure.example. @10.53.0.4 rrsig` || ret=1
+expect=`$DIG $DIGOPTS +short normalthenrrsig.secure.example. @10.53.0.3 rrsig | grep '^A' ` || ret=1
+test "$ans" = "$expect" || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+# Check direct query for RRSIG: If it's not cached with other records,
+# it should result in an empty response.
+echo "I:checking RRSIG query not in cache ($n)"
+ret=0
+ans=`$DIG $DIGOPTS +short rrsigonly.secure.example. @10.53.0.4 rrsig` || ret=1
+test -z "$ans" || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
echo "I:exit status: $status"
exit $status
projects / thirdparty / bind9.git / commitdiff
