Honour enabled resolvers to keep unused forwarders actually disabled
An unwind.conf like the following would still query forwarders,
both "." periodically and any explicit "example.com." queries:
preference { recursor autoconf stub }
forwarder { 2001:db8::1 }
force accept bogus forwarder { example.com. }
That's because the forwarder and resolver children processes start with
the default configuration and main later sends them the effective user
configuration; merging them, however, would ignore the list of enabled
resolvers, i.e. those listed in the `preference {}' block and thusly
cause children to always have all forwarders enabled (as is by default).
Copy the resolvers list during merge to fix this and restore expected
behaviour.
(Noticed during tests with "forwarder" temporarily removed from
`preference {}' while leaving the rest as is: my VPN interface serving
that forwarder showed DNS traffic while it was supposed to be silent.)
OK florian
projects / openbsd / commit