Ubuntu Pastebin

Paste from paelzer at Tue, 7 Nov 2017 10:03:33 +0000

Download as text 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
commit abed1d9117d1c9944a1df03f9308c59b2dc64fc3
Author: Chris Novakovic <chris@chrisn.me.uk>
Date:   Mon Jan 25 21:54:35 2016 +0000

    Treat REFUSED (not SERVFAIL) as an unsuccessful upstream response
    
    Commit 51967f9807665dae403f1497b827165c5fa1084b began treating SERVFAIL
    as a successful response from an upstream server (thus ignoring future
    responses to the query from other upstream servers), but a typo in that
    commit means that REFUSED responses are accidentally being treated as
    successful instead of SERVFAIL responses.
    
    This commit corrects this typo and provides the behaviour intended by
    commit 51967f9: SERVFAIL responses are considered successful (and will
    be sent back to the requester), while REFUSED responses are considered
    unsuccessful (and dnsmasq will wait for responses from other upstream
    servers that haven't responded yet).

diff --git a/src/forward.c b/src/forward.c
index 2731b90..7ea7f61 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -810,7 +810,7 @@ void reply_query(int fd, int family, time_t now)
      we get a good reply from another server. Kill it when we've
      had replies from all to avoid filling the forwarding table when
      everything is broken */
-  if (forward->forwardall == 0 || --forward->forwardall == 1 || RCODE(header) != SERVFAIL)
+  if (forward->forwardall == 0 || --forward->forwardall == 1 || RCODE(header) != REFUSED)
     {
       int check_rebind = 0, no_cache_dnssec = 0, cache_secure = 0, bogusanswer = 0;
Download as text