Maintained by: NLnet Labs

[Unbound-users] small bug ?

Leen Besselink
Thu Feb 4 20:45:28 CET 2010


On 02/04/2010 07:07 PM, Wouter Wijngaards wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> Paul Wouters wrote:
>    
>> however, it will still perform queries with the DO bit, and validation.
>> It will just pass the data along anyway (as if the client send the CD bit)
>>      
> This is because a client of unbound may be validating and thus needs the
> signatures, and it sets the DO bit to fetch the signatures for clients
> that need them for validation.
>
>    

That's exactly what I was thinking after reading the other reactions 
(and being more awake ?).

Well, I did some testing, it seems I pretty much found the cause of the 
problem. The tool uses a simple
timer to wait for the DNS-answer and if it could an answer before that 
time it says: does not validate

But as my unbound is just used by me and a few people in the same 
building, no records for the
NS's of the SE-TLD, etc. were not cached and thus it just took to much 
time to resolve it the first time.

If I reload it works as expected.

I do have a suggestion, maybe it would be wiser for the creator of the 
javascript to use the onerror
and onload events of the images he's trying to load. That is probably 
more reliable then a simple
timer.

Thank you for your answers, it was enlighting.

> Best regards,
>     Wouter
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAktrDNEACgkQkDLqNwOhpPiMfwCfbIi5VInwfS99TRnXzpbkik7l
> 034AoK6IU4WUvzmzD9IFRNUTjKEpURyt
> =h8Pj
> -----END PGP SIGNATURE-----
>
>