[Pdns-dev] Suggested fix for a problem with CNAME records when recursion is not available.
Vytautas Krakauskas
pdns at sdf.lt
Wed Jan 4 13:37:26 CET 2012
If a zone has CNAME RR and query is ANY, "resolver simply restarts the
query at the new name" (RFC 1034, 5.2.2, page 31).
Problem is that pdns recursively answers the question without checking
if recursion available and desired.
e.g. if an authoritative zone has several RRs with CNAME RR amongst
them, but the pdns server has no recursor defined, none of the RR will
be returned since recursion failed and processing stopped.
The attached patch against packethandler.cc adds a small check for that.
The same condition (d_ra == ture) is already used previously in the code
(line 1225) before using recursion. Since the d_ra is set with respect
to RD bit, this also honors guideline from RFC1034, 4.3.1, page 23:
"Note that the name server should never perform recursive service unless
asked via RD, since this interferes with trouble shooting of name
servers and their databases."
--
Vytautas Krakauskas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: packethandler.cc.patch
Type: text/x-diff
Size: 753 bytes
Desc: not available
URL: <http://mailman.powerdns.com/pipermail/pdns-dev/attachments/20120104/3d11c1ac/attachment.patch>
More information about the Pdns-dev
mailing list