mirror of
https://github.com/NLnetLabs/unbound.git
synced 2024-09-21 14:47:09 +00:00
- auth-zone give SERVFAIL when expired, fallback activates when
expired, and this is documented in the man page. git-svn-id: file:///svn/unbound/trunk@4983 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
parent
d96de4c222
commit
b04e84ab9e
@ -5,6 +5,8 @@
|
||||
- Fix #4208: 'stub-no-cache' and 'forward-no-cache' not work.
|
||||
- New and better fix for Fix #4193: Fix that prefetch failure does
|
||||
not overwrite valid cache entry with SERVFAIL.
|
||||
- auth-zone give SERVFAIL when expired, fallback activates when
|
||||
expired, and this is documented in the man page.
|
||||
|
||||
26 November 2018: Wouter
|
||||
- Fix to not set GLOB_NOSORT so the unbound.conf include: files are
|
||||
|
@ -1614,6 +1614,13 @@ lookups of that data.
|
||||
Authority zones can be read from zonefile. And can be kept updated via
|
||||
AXFR and IXFR. After update the zonefile is rewritten. The update mechanism
|
||||
uses the SOA timer values and performs SOA UDP queries to detect zone changes.
|
||||
.LP
|
||||
If the update fetch fails, the timers in the SOA record are used to time
|
||||
another fetch attempt. Until the SOA expiry timer is reached. Then the
|
||||
zone is expired. When a zone is expired, queries are SERVFAIL, and
|
||||
any new serial number is accepted from the master (even if older), and if
|
||||
fallback is enabled, the fallback activates to fetch from the upstream instead
|
||||
of the SERVFAIL.
|
||||
.TP
|
||||
.B name: \fI<zone name>
|
||||
Name of the authority zone.
|
||||
|
@ -3169,6 +3169,11 @@ int auth_zones_lookup(struct auth_zones* az, struct query_info* qinfo,
|
||||
*fallback = 1;
|
||||
return 0;
|
||||
}
|
||||
if(z->zone_expired) {
|
||||
*fallback = z->fallback_enabled;
|
||||
lock_rw_unlock(&z->lock);
|
||||
return 0;
|
||||
}
|
||||
/* see what answer that zone would generate */
|
||||
r = auth_zone_generate_answer(z, qinfo, region, msg, fallback);
|
||||
lock_rw_unlock(&z->lock);
|
||||
@ -3256,6 +3261,16 @@ int auth_zones_answer(struct auth_zones* az, struct module_env* env,
|
||||
lock_rw_unlock(&z->lock);
|
||||
return 0;
|
||||
}
|
||||
if(z->zone_expired) {
|
||||
if(z->fallback_enabled) {
|
||||
lock_rw_unlock(&z->lock);
|
||||
return 0;
|
||||
}
|
||||
lock_rw_unlock(&z->lock);
|
||||
auth_error_encode(qinfo, env, edns, repinfo, buf, temp,
|
||||
LDNS_RCODE_SERVFAIL);
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* answer it from zone z */
|
||||
r = auth_zone_generate_answer(z, qinfo, temp, &msg, &fallback);
|
||||
|
Loading…
Reference in New Issue
Block a user