]> git.ipfire.org Git - thirdparty/pdns.git/commitdiff
projects / thirdparty / pdns.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a7f305b)
rec: only store IP (and no port) as local address in cookie store 16131/head
authorOtto Moerbeek <otto.moerbeek@open-xchange.com>
Wed, 17 Sep 2025 11:00:02 +0000 (13:00 +0200)
committerOtto Moerbeek <otto.moerbeek@open-xchange.com>
Wed, 17 Sep 2025 11:05:08 +0000 (13:05 +0200)
Otherwise binding a local TCP port will fail, as the stored port
is likely still in use do to connections lingering.

Observed when forcing DoT to specific nameservers that support
cookies.  In many cases the effect was: see the bind call failing and
go to the next nameserver, that's likely why it was noticed before.

Signed-off-by: Otto Moerbeek <otto.moerbeek@open-xchange.com>
pdns/recursordist/lwres.cc patch | blob | blame | history

diff --git a/pdns/recursordist/lwres.cc b/pdns/recursordist/lwres.cc
index 2147f17ced9e3501d350abcd6fbe9fa5bd1bb571..39cf345f15239deff6284c01e3bb6f10c4bd65de 100644 (file)
--- a/pdns/recursordist/lwres.cc
+++ b/pdns/recursordist/lwres.cc
@@ -395,10 +395,10 @@ static bool tcpconnect(const OptLog& log, const ComboAddress& remote, const std:
   // Bind to the same address the cookie is associated with (RFC 9018 section 3 last paragraph)
   ComboAddress localip = localBind ? *localBind : pdns::getQueryLocalAddress(remote.sin4.sin_family, 0);
   if (localBind) {
-    VLOG(log, "Connecting TCP to " << remote.toString() << " with specific local address " << localip.toString() << endl);
+    VLOG(log, "Connecting TCP to " << remote.toStringWithPortExcept(53) << " with specific local address " << localip.toString() << endl);
   }
   else {
-    VLOG(log, "Connecting TCP to " << remote.toString() << " with no specific local address" << endl);
+    VLOG(log, "Connecting TCP to " << remote.toStringWithPortExcept(53) << " with no specific local address" << endl);
   }
 
   try {
@@ -545,6 +545,7 @@ static std::pair<bool, LWResult::Result> incomingCookie(const OptLog& log, const
         VLOG(log, "Client cookie from " << address.toString() << " matched! Storing with localAddress " << localip.toString() << endl);
         ++t_Counters.at(rec::Counter::cookieMatched);
         found->d_localaddress = localip;
+        found->d_localaddress.setPort(0);
         found->d_cookie = received;
         if (found->getSupport() == CookieEntry::Support::Probing) {
           ++t_Counters.at(rec::Counter::cookieProbeSupported);
Unnamed repository; edit this file 'description' to name the repository.