} else {
if (DnsSocketB >= 0 && nameservers[ns].S.IsIPv6())
y = comm_udp_sendto(DnsSocketB, nameservers[ns].S, q->buf, q->sz);
- else
+ else if (DnsSocketA)
x = comm_udp_sendto(DnsSocketA, nameservers[ns].S, q->buf, q->sz);
}
} while ( (x<0 && y<0) && q->nsends % nns != 0);
- if (y >= 0) {
+ if (y > 0) {
fd_bytes(DnsSocketB, y, FD_WRITE);
- commSetSelect(DnsSocketB, COMM_SELECT_READ, idnsRead, NULL, 0);
}
-
- if (x >= 0) {
+ if (x > 0) {
fd_bytes(DnsSocketA, x, FD_WRITE);
- commSetSelect(DnsSocketA, COMM_SELECT_READ, idnsRead, NULL, 0);
}
nameservers[ns].nqueries++;
debugs(78, 3, "idnsRead: starting with FD " << fd);
+ // Always keep reading. This stops (or at least makes harder) several
+ // attacks on the DNS client.
+ commSetSelect(fd, COMM_SELECT_READ, idnsRead, NULL, 0);
+
/* BUG (UNRESOLVED)
* two code lines after returning from comm_udprecvfrom()
* something overwrites the memory behind the from parameter.
if (ns >= 0) {
nameservers[ns].nreplies++;
- } else if (Config.onoff.ignore_unknown_nameservers) {
+ }
+
+ // Before unknown_nameservers check to avoid flooding cache.log on attacks,
+ // but after the ++ above to keep statistics right.
+ if (!lru_list.head)
+ continue; // Don't process replies if there is no pending query.
+
+ if (ns < 0 && Config.onoff.ignore_unknown_nameservers) {
static time_t last_warning = 0;
if (squid_curtime - last_warning > 60) {
idnsGrokReply(rbuf, len);
}
-
- if (lru_list.head) {
- commSetSelect(fd, COMM_SELECT_READ, idnsRead, NULL, 0);
- }
}
static void
return;
}
- vc->msg->size += len; // XXX should not access -> size directly
+ vc->msg->size += len; // XXX should not access -> size directly
if (vc->msg->contentSize() < vc->msglen) {
comm_read(fd, buf + len, vc->msglen - vc->msg->contentSize(), idnsReadVC, vc);
if (DnsSocketB >= 0) {
port = comm_local_port(DnsSocketB);
debugs(78, 1, "DNS Socket created at " << addrB << ", FD " << DnsSocketB);
+ commSetSelect(DnsSocketB, COMM_SELECT_READ, idnsRead, NULL, 0);
}
if (DnsSocketA >= 0) {
port = comm_local_port(DnsSocketA);
debugs(78, 1, "DNS Socket created at " << addrA << ", FD " << DnsSocketA);
+ commSetSelect(DnsSocketA, COMM_SELECT_READ, idnsRead, NULL, 0);
}
}