From: Otto Moerbeek Date: Mon, 28 Oct 2019 15:57:46 +0000 (+0100) Subject: It is better to make sure . entries are not added to the set. X-Git-Tag: rec-4.3.0-alpha3^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F8480%2Fhead;p=thirdparty%2Fpdns.git It is better to make sure . entries are not added to the set. --- diff --git a/pdns/reczones.cc b/pdns/reczones.cc index 4fd2c32f44..505a18402e 100644 --- a/pdns/reczones.cc +++ b/pdns/reczones.cc @@ -34,6 +34,14 @@ extern char** g_argv; static thread_local set t_rootNSZones; +static void insertIntoRootNSZones(const DNSName &name) { + // do not insert dot, wiping dot's NS records from the cache in primeRootNSZones() + // will cause infinite recursion + if (!name.isRoot()) { + t_rootNSZones.insert(name); + } +} + void primeHints(void) { // prime root cache @@ -57,7 +65,7 @@ void primeHints(void) templ[sizeof(templ)-1] = '\0'; *templ=c; aaaarr.d_name=arr.d_name=DNSName(templ); - t_rootNSZones.insert(arr.d_name.getLastLabel()); + insertIntoRootNSZones(arr.d_name.getLastLabel()); nsrr.d_content=std::make_shared(DNSName(templ)); arr.d_content=std::make_shared(ComboAddress(rootIps4[c-'a'])); vector aset; @@ -92,7 +100,7 @@ void primeHints(void) rr.content=toLower(rr.content); nsset.push_back(DNSRecord(rr)); } - t_rootNSZones.insert(rr.qname.getLastLabel()); + insertIntoRootNSZones(rr.qname.getLastLabel()); } } t_RC->doWipeCache(g_rootdnsname, false, QType::NS); @@ -119,9 +127,7 @@ void primeRootNSZones(bool dnssecmode) sr.setDNSSECValidationRequested(true); } for (const auto & qname: t_rootNSZones) { - if (!qname.isRoot()) { - t_RC->doWipeCache(qname, false, QType::NS); - } + t_RC->doWipeCache(qname, false, QType::NS); vector ret; sr.beginResolve(qname, QType(QType::NS), QClass::IN, ret); }