lib: requery when nameserver returns (falsely) NXDOMAIN

ec17868a · Marek Vavruša · e461f376 · ec17868a · ec17868a
Commit ec17868a authored 10 years ago by Marek Vavruša
--- a/lib/layer/iterate.c
+++ b/lib/layer/iterate.c
@@ -209,11 +209,13 @@ static int process_answer(knot_pkt_t *pkt, struct kr_layer_param *param)
 	/* Response for minimized QNAME.
 	 * NODATA   => may be empty non-terminal, retry (found zone cut)
 	 * NOERROR  => found zone cut, retry
-	 * NXDOMAIN => parent is zone cut, terminate
+	 * NXDOMAIN => parent is zone cut, retry as a workaround for bad authoritatives
 	 */
+	const knot_pktsection_t *an = knot_pkt_section(pkt, KNOT_ANSWER);
 	bool is_minimized = (!knot_dname_is_equal(knot_pkt_qname(pkt), query->sname));
-	bool is_noerror = (knot_wire_get_rcode(pkt->wire) == KNOT_RCODE_NOERROR);
-	if (is_minimized && is_noerror) {
+	bool is_nodata = (knot_wire_get_rcode(pkt->wire) == KNOT_RCODE_NOERROR) && !an->count;
+	bool is_nxdomain = (knot_wire_get_rcode(pkt->wire) == KNOT_RCODE_NXDOMAIN);
+	if (is_minimized && (is_nodata || is_nxdomain)) {
 		query->flags |= QUERY_NO_MINIMIZE;
 		return KNOT_NS_PROC_DONE;
 	}
@@ -227,7 +229,6 @@ static int process_answer(knot_pkt_t *pkt, struct kr_layer_param *param)

 	/* Process answer section records. */
 	const knot_dname_t *cname = query->sname;
-	const knot_pktsection_t *an = knot_pkt_section(pkt, KNOT_ANSWER);
 	for (unsigned i = 0; i < an->count; ++i) {
 		const knot_rrset_t *rr = knot_pkt_rr(an, i);
 		int state = callback(rr, 0, param);

--- a/tests/testdata/iter_minim_a_nxdomain.rpl
+++ b/tests/testdata/iter_minim_a_nxdomain.rpl
+; config options
+server:
+	target-fetch-policy: "0 0 0 0 0"
+	query-minimization: on
+
+stub-zone:
+	name: "."
+	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
+CONFIG_END
+
+SCENARIO_BEGIN Test basic query minimization sub.www.example.com. when NS doesn't show empty non-terminal.
+
+; K.ROOT-SERVERS.NET.
+RANGE_BEGIN 0 100
+	ADDRESS 193.0.14.129 
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. IN NS	K.ROOT-SERVERS.NET.
+SECTION ADDITIONAL
+K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+com. IN NS
+SECTION AUTHORITY
+com.	IN NS	a.gtld-servers.net.
+SECTION ADDITIONAL
+a.gtld-servers.net.	IN 	A	192.5.6.30
+ENTRY_END
+RANGE_END
+
+; a.gtld-servers.net.
+RANGE_BEGIN 0 100
+	ADDRESS 192.5.6.30
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+example.com. IN NS
+SECTION AUTHORITY
+example.com.	IN NS	ns.example.com.
+SECTION ADDITIONAL
+ns.example.com.		IN 	A	1.2.3.4
+ENTRY_END
+RANGE_END
+
+; ns.example.com.
+RANGE_BEGIN 0 100
+	ADDRESS 1.2.3.4
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NXDOMAIN 
+SECTION QUESTION
+www.example.com. IN NS
+SECTION ANSWER
+SECTION AUTHORITY
+example.com.	IN NS	ns.example.com.
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+sub.www.example.com. IN A
+SECTION ANSWER
+sub.www.example.com. IN A	10.20.30.40
+SECTION AUTHORITY
+example.com.	IN NS	ns.example.com.
+SECTION ADDITIONAL
+ns.example.com.		IN 	A	1.2.3.4
+ENTRY_END
+
+RANGE_END
+
+STEP 1 QUERY
+ENTRY_BEGIN
+REPLY RD
+SECTION QUESTION
+sub.www.example.com. IN A
+ENTRY_END
+
+; recursion happens here.
+STEP 10 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all
+REPLY QR RD RA NOERROR
+SECTION QUESTION
+sub.www.example.com. IN A
+SECTION ANSWER
+sub.www.example.com. IN A	10.20.30.40
+ENTRY_END
+
+SCENARIO_END