Fix nsupdate hang when processing a large update

The root cause is the fix for CVE-2024-0760 (part 3), which resets
the TCP connection on a failed send. Specifically commit
4b7c61381f186e20a476c35032a871295ebbd385 stops reading on the socket
because the TCP connection is throttling.

When the tcpdns_send_cb callback thinks about restarting reading
on the socket, this fails because the socket is a client socket.
And nsupdate is a client and is using the same netmgr code.

This commit removes the requirement that the socket must be a server
socket, allowing reading on the socket again after being throttled.

diff --git a/lib/isc/netmgr/tcp.c b/lib/isc/netmgr/tcp.c
index 1e21c6fe7357b908be9a16d7f04292eb816ca3c1..ca3ed8b7f4f279066143173661110ad31de0ca09 100644 (file)
--- a/lib/isc/netmgr/tcp.c
+++ b/lib/isc/netmgr/tcp.c
@@ -1208,12 +1208,17 @@ tcp_send_direct(isc_nmsocket_t *sock, isc__nm_uvreq_t *req) {
                }
        }
 
-       isc_log_write(ISC_LOGCATEGORY_GENERAL, ISC_LOGMODULE_NETMGR,
-                     ISC_LOG_DEBUG(3),
-                     "throttling TCP connection, the other side is not "
-                     "reading the data, switching to uv_write()");
-       sock->reading_throttled = true;
-       isc__nm_stop_reading(sock);
+       if (!sock->client && sock->reading) {
+               sock->reading_throttled = true;
+               isc__nm_stop_reading(sock);
+       }
+
+       isc__nmsocket_log(sock, ISC_LOG_DEBUG(3),
+                         "%sthe other side is not "
+                         "reading the data, switching to uv_write()",
+                         !sock->client && sock->reading
+                                 ? "throttling TCP connection, "
+                                 : "");
 
        r = uv_write(&req->uv_req.write, &sock->uv_handle.stream, bufs, nbufs,
                     tcp_send_cb);