- Fix #1193: log-servfail fails to log host SERVFAIL responses in

Unbound 1.19.2 on Ubuntu 24.04.1 LTS, by not considering cached failures when trying to reply with expired data.
NLnetLabs · Dec 2, 2024 · c55490c · c55490c
1 parent 9e3c50e
commit c55490c
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/services/mesh.c b/services/mesh.c
@@ -2203,8 +2203,13 @@ mesh_serve_expired_callback(void* arg)
 			qstate->serve_expired_data->get_cached_answer));
 		msg = (*qstate->serve_expired_data->get_cached_answer)(qstate,
 			lookup_qinfo, &is_expired);
-		if(!msg)
+		if(!msg || (FLAGS_GET_RCODE(msg->rep->flags) != LDNS_RCODE_NOERROR
+			&& FLAGS_GET_RCODE(msg->rep->flags) != LDNS_RCODE_NXDOMAIN
+			&& FLAGS_GET_RCODE(msg->rep->flags) != LDNS_RCODE_YXDOMAIN)) {
+			/* We don't care for cached failure answers at this
+			 * stage. */
 			return;
+		}
 		/* Reset these in case we pass a second time from here. */
 		encode_rep = msg->rep;
 		memset(&actinfo, 0, sizeof(actinfo));