Handle CNAME and DNAME in resume_min in a special way

When authoritative zone is loaded when query minimization query for the
same zone is already pending, it might receive unexpected result codes.

Normally DNS_R_CNAME would follow to query_cname after processing sent
events, but dns_view_findzonecut does not fill CNAME target into
event->foundevent. Usual lookup via query_lookup would always have that
filled.

Ideally we would restart the query with unmodified search name, if
unexpected change from recursing to local zone cut were detected. Until
dns_view_findzonecut is modified to export zone/cache source of the cut,
at least fail queries which went into unexpected state.

(cherry picked from commit 2fd3da54f92526e9e38a32591a493d4c26d16be1)

diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index 487afafe4b70af90354bcc4228f61c4f4da5807f..d0f419bf51442f4ad39642e658e45a5ea0df954d 100644 (file)
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -4493,8 +4493,14 @@ resume_qmin(isc_task_t *task, isc_event_t *event) {
         * DNS_R_NXDOMAIN here means we have not loaded the root zone
         * mirror yet - but DNS_R_NXDOMAIN is not a valid return value
         * when doing recursion, we need to patch it.
+        *
+        * CNAME or DNAME means zone were added with that record
+        * after the start of a recursion. It means we do not have
+        * initialized correct hevent->foundname and have to fail.
         */
-       if (result == DNS_R_NXDOMAIN) {
+       if (result == DNS_R_NXDOMAIN || result == DNS_R_CNAME ||
+           result == DNS_R_DNAME)
+       {
                result = DNS_R_SERVFAIL;
        }