]> git.ipfire.org Git - thirdparty/pdns.git/commit
projects / thirdparty / pdns.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1dc1e32) | patch
Failure to retrieve DNSKEYs of an Insecure zone should not be fatal. 11942/head
authorOtto Moerbeek <otto.moerbeek@open-xchange.com>
Wed, 31 Aug 2022 08:34:18 +0000 (10:34 +0200)
committerOtto Moerbeek <otto.moerbeek@open-xchange.com>
Mon, 12 Sep 2022 08:19:44 +0000 (10:19 +0200)
commit5b21420511a994e256a88cc0670d82eb838ea31e
treed197a1e6cdcfd2c2638b92e1517ac8dc9d3a40c9tree
parent1dc1e324db6af7f5b8902ff52adbc3f06372e737commit | diff
Failure to retrieve DNSKEYs of an Insecure zone should not be fatal.

This issue happens if a record set is signed even though the zone
itself is Insecure. Syncres then tries to retrieve DNSKEYs and a
timeout on that would lead to an ImmediateServFailException.

Only throw exception later in validateRecordsWithSigs, after checking
zone cuts, when we are sure the zone is Secure.

(cherry picked from commit 6dc8b0b2c6fb2e628356f8dc5c5de4dfd919ec5d)
pdns/recursordist/test-syncres_cc5.cc diff | blob | blame | history
pdns/syncres.cc diff | blob | blame | history
pdns/syncres.hh diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.