1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00

resolve: drop DNS_TRANSACTION_UPSTREAM_DNSSEC_FAILURE

This partially reverts commit 9ca133e97a.

Not only there is no reason to introduce a new transaction failure state,
but also the commit introduces several severe issues.

Fixes #30776, #30779.
This commit is contained in:
Yu Watanabe 2024-01-10 10:10:06 +09:00
parent c08fd7beca
commit 9ae51762d7
3 changed files with 1 additions and 22 deletions

View File

@ -189,11 +189,6 @@ static int reply_query_state(DnsQuery *q) {
return sd_bus_reply_method_error(req, &error); return sd_bus_reply_method_error(req, &error);
} }
case DNS_TRANSACTION_UPSTREAM_DNSSEC_FAILURE:
return reply_method_errorf(q, BUS_ERROR_DNSSEC_FAILED, "DNSSEC validation failed upstream: %s%s%s",
dns_ede_rcode_to_string(q->answer_ede_rcode),
isempty(q->answer_ede_msg) ? "" : ": ", q->answer_ede_msg);
case DNS_TRANSACTION_NULL: case DNS_TRANSACTION_NULL:
case DNS_TRANSACTION_PENDING: case DNS_TRANSACTION_PENDING:
case DNS_TRANSACTION_VALIDATING: case DNS_TRANSACTION_VALIDATING:

View File

@ -411,21 +411,6 @@ void dns_transaction_complete(DnsTransaction *t, DnsTransactionState state) {
"DNS_SERVER_FEATURE_LEVEL=%s", dns_server_feature_level_to_string(t->server->possible_feature_level)); "DNS_SERVER_FEATURE_LEVEL=%s", dns_server_feature_level_to_string(t->server->possible_feature_level));
} }
if (state == DNS_TRANSACTION_UPSTREAM_DNSSEC_FAILURE) {
dns_resource_key_to_string(dns_transaction_key(t), key_str, sizeof key_str);
log_struct(LOG_NOTICE,
"MESSAGE_ID=" SD_MESSAGE_DNSSEC_FAILURE_STR,
LOG_MESSAGE("Upstream resolver reported failure for question %s: %s%s%s",
key_str, dns_ede_rcode_to_string(t->answer_ede_rcode),
isempty(t->answer_ede_msg) ? "" : ": ", t->answer_ede_msg),
"DNS_TRANSACTION=%" PRIu16, t->id,
"DNS_QUESTION=%s", key_str,
"DNS_EDE_RCODE=%s", dns_ede_rcode_to_string(t->answer_ede_rcode),
"DNS_SERVER=%s", strna(dns_server_string_full(t->server)),
"DNS_SERVER_FEATURE_LEVEL=%s", dns_server_feature_level_to_string(t->server->possible_feature_level));
}
/* Note that this call might invalidate the query. Callers /* Note that this call might invalidate the query. Callers
* should hence not attempt to access the query or transaction * should hence not attempt to access the query or transaction
* after calling this function. */ * after calling this function. */
@ -1241,7 +1226,7 @@ void dns_transaction_process_reply(DnsTransaction *t, DnsPacket *p, bool encrypt
FORMAT_DNS_EDE_RCODE(t->answer_ede_rcode), FORMAT_DNS_EDE_RCODE(t->answer_ede_rcode),
isempty(t->answer_ede_msg) ? "" : ": ", isempty(t->answer_ede_msg) ? "" : ": ",
strempty(t->answer_ede_msg)); strempty(t->answer_ede_msg));
dns_transaction_complete(t, DNS_TRANSACTION_UPSTREAM_DNSSEC_FAILURE); dns_transaction_complete(t, DNS_TRANSACTION_DNSSEC_FAILED);
return; return;
} }

View File

@ -20,7 +20,6 @@ enum DnsTransactionState {
DNS_TRANSACTION_PENDING, DNS_TRANSACTION_PENDING,
DNS_TRANSACTION_VALIDATING, DNS_TRANSACTION_VALIDATING,
DNS_TRANSACTION_RCODE_FAILURE, DNS_TRANSACTION_RCODE_FAILURE,
DNS_TRANSACTION_UPSTREAM_DNSSEC_FAILURE,
DNS_TRANSACTION_SUCCESS, DNS_TRANSACTION_SUCCESS,
DNS_TRANSACTION_NO_SERVERS, DNS_TRANSACTION_NO_SERVERS,
DNS_TRANSACTION_TIMEOUT, DNS_TRANSACTION_TIMEOUT,