From: Christian Allred Date: Mon, 5 Apr 2021 23:25:43 +0000 (-0700) Subject: Use max-query-restarts in iterative resolver X-Git-Tag: release-1.17.1rc1~6^2~1^2~2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=07c0d04a148a3da8a3d6fcd78ef3a2128ab5df95;p=thirdparty%2Funbound.git Use max-query-restarts in iterative resolver --- diff --git a/iterator/iter_utils.c b/iterator/iter_utils.c index 94fa18f63..637acf736 100644 --- a/iterator/iter_utils.c +++ b/iterator/iter_utils.c @@ -176,6 +176,9 @@ iter_apply_cfg(struct iter_env* iter_env, struct config_file* cfg) } iter_env->supports_ipv6 = cfg->do_ip6; iter_env->supports_ipv4 = cfg->do_ip4; + + iter_env->max_query_restarts = cfg->max_query_restarts; + return 1; } diff --git a/iterator/iterator.c b/iterator/iterator.c index 99d020117..5163857fa 100644 --- a/iterator/iterator.c +++ b/iterator/iterator.c @@ -1237,7 +1237,7 @@ processInitRequest(struct module_qstate* qstate, struct iter_qstate* iq, /* We enforce a maximum number of query restarts. This is primarily a * cheap way to prevent CNAME loops. */ - if(iq->query_restart_count > MAX_RESTART_COUNT) { + if(iq->query_restart_count > ie->max_query_restarts) { verbose(VERB_QUERY, "request has exceeded the maximum number" " of query restarts with %d", iq->query_restart_count); errinf(qstate, "request has exceeded the maximum number " diff --git a/iterator/iterator.h b/iterator/iterator.h index 342ac207e..d3ca716fc 100644 --- a/iterator/iterator.h +++ b/iterator/iterator.h @@ -139,6 +139,9 @@ struct iter_env { lock_basic_type queries_ratelimit_lock; /** number of queries that have been ratelimited */ size_t num_queries_ratelimited; + + /** max number of query restarts to limit length of CNAME chain */ + size_t max_query_restarts; }; /**