From: Evan Hunt Date: Tue, 25 Jun 2024 21:30:20 +0000 (-0700) Subject: make "max_restarts" a configurable value X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=910f42db8c27c83205541826dd2e2b72e875e51a;p=thirdparty%2Fbind9.git make "max_restarts" a configurable value MAX_RESTARTS is no longer hard-coded; ns_server_setmaxrestarts() and dns_client_setmaxrestarts() can now be used to modify the max-restarts value at runtime. in both cases, the default is 11. (cherry picked from commit c5588babaf89f3e3ad2edccaada716e55c135dd3) (cherry picked from commit bfbc6a6c840461a530077f2d5b02f9a53500f8ce) --- diff --git a/bin/delv/delv.c b/bin/delv/delv.c index ec330cd9ec6..324b60af804 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -85,6 +85,12 @@ #define MAXNAME (DNS_NAME_MAXTEXT+1) +/* + * Default maximum number of chained queries before we give up + * to prevent CNAME loops. + */ +#define MAX_RESTARTS 11 + /* Variables used internally by delv. */ char *progname; static isc_mem_t *mctx = NULL; @@ -1666,6 +1672,8 @@ main(int argc, char *argv[]) { goto cleanup; } + dns_client_setmaxrestarts(client, MAX_RESTARTS); + /* Set the nameserver */ if (server != NULL) addserver(client); diff --git a/bin/named/query.c b/bin/named/query.c index e5def824bf1..897beb7313e 100644 --- a/bin/named/query.c +++ b/bin/named/query.c @@ -5999,8 +5999,6 @@ rpz_add_cname(ns_client_t *client, dns_rpz_st_t *st, return (ISC_R_SUCCESS); } -#define MAX_RESTARTS 11 - #define QUERY_ERROR(r) \ do { \ eresult = r; \ @@ -9280,7 +9278,9 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype) /* * Restart the query? */ - if (want_restart && client->query.restarts < MAX_RESTARTS) { + if (want_restart && client->query.restarts < + client->view->max_restarts) + { client->query.restarts++; goto restart; } diff --git a/lib/dns/client.c b/lib/dns/client.c index 9accdf7dd91..0831044e11f 100644 --- a/lib/dns/client.c +++ b/lib/dns/client.c @@ -63,8 +63,6 @@ #define UCTX_MAGIC ISC_MAGIC('U', 'c', 't', 'x') #define UCTX_VALID(c) ISC_MAGIC_VALID(c, UCTX_MAGIC) -#define MAX_RESTARTS 11 - #ifdef TUNE_LARGE #define RESOLVER_NTASKS 523 #else @@ -94,6 +92,7 @@ struct dns_client { unsigned int update_udpretries; unsigned int find_timeout; unsigned int find_udpretries; + uint8_t max_restarts; isc_refcount_t references; @@ -114,6 +113,7 @@ struct dns_client { #define DEF_FIND_TIMEOUT 5 #define DEF_FIND_UDPRETRIES 3 +#define DEF_MAX_RESTARTS 11 #define DNS_CLIENTATTR_OWNCTX 0x01 @@ -517,6 +517,7 @@ dns_client_createx2(isc_mem_t *mctx, isc_appctx_t *actx, client->taskmgr = taskmgr; client->socketmgr = socketmgr; client->timermgr = timermgr; + client->max_restarts = DEF_MAX_RESTARTS, client->task = NULL; result = isc_task_create(client->taskmgr, 0, &client->task); @@ -772,6 +773,14 @@ dns_client_setdlv(dns_client_t *client, dns_rdataclass_t rdclass, return (result); } +void +dns_client_setmaxrestarts(dns_client_t *client, uint8_t max_restarts) { + REQUIRE(DNS_CLIENT_VALID(client)); + REQUIRE(max_restarts > 0); + + client->max_restarts = max_restarts; +} + static isc_result_t getrdataset(isc_mem_t *mctx, dns_rdataset_t **rdatasetp) { dns_rdataset_t *rdataset; @@ -1176,7 +1185,9 @@ client_resfind(resctx_t *rctx, dns_fetchevent_t *event) { /* * Limit the number of restarts. */ - if (want_restart && rctx->restarts == MAX_RESTARTS) { + if (want_restart && + rctx->restarts == rctx->client->max_restarts) + { want_restart = false; result = ISC_R_QUOTA; send_event = true; diff --git a/lib/dns/include/dns/client.h b/lib/dns/include/dns/client.h index f71d16fab48..a7995e000bf 100644 --- a/lib/dns/include/dns/client.h +++ b/lib/dns/include/dns/client.h @@ -271,6 +271,19 @@ dns_client_clearservers(dns_client_t *client, dns_rdataclass_t rdclass, *\li Anything else Failure. */ +void +dns_client_setmaxrestarts(dns_client_t *client, uint8_t max_restarts); +/*%< + * Set the number of permissible chained queries before we give up, + * to prevent CNAME loops. This defaults to 11. + * + * Requires: + * + *\li 'client' is a valid client. + + *\li 'max_restarts' is greater than 0. + */ + isc_result_t dns_client_setdlv(dns_client_t *client, dns_rdataclass_t rdclass, const char *dlvname); diff --git a/lib/dns/include/dns/view.h b/lib/dns/include/dns/view.h index 53f1db1235c..f7c39ab9c04 100644 --- a/lib/dns/include/dns/view.h +++ b/lib/dns/include/dns/view.h @@ -182,6 +182,7 @@ struct dns_view { dns_dlzdblist_t dlz_unsearched; uint32_t fail_ttl; dns_badcache_t *failcache; + uint8_t max_restarts; /* * Configurable data for server use only, @@ -1345,6 +1346,18 @@ dns_view_setviewrevert(dns_view_t *view); */ +void +dns_view_setmaxrestarts(dns_view_t *view, uint8_t max_restarts); +/*%< + * Set the number of permissible chained queries before we give up, + * to prevent CNAME loops. This defaults to 11. + * + * Requires: + * + *\li 'view' is valid; + *\li 'max_restarts' is greater than 0. + */ + ISC_LANG_ENDDECLS #endif /* DNS_VIEW_H */ diff --git a/lib/dns/view.c b/lib/dns/view.c index f01b4dea0fb..e5c42ef1cb6 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -79,6 +79,12 @@ static void resolver_shutdown(isc_task_t *task, isc_event_t *event); static void adb_shutdown(isc_task_t *task, isc_event_t *event); static void req_shutdown(isc_task_t *task, isc_event_t *event); +/*% + * Default maximum number of chained queries before we give up + * to prevent CNAME loops. + */ +#define DEFAULT_MAX_RESTARTS 11 + isc_result_t dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, const char *name, dns_view_t **viewp) @@ -264,6 +270,8 @@ dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, view->dtenv = NULL; view->dttypes = 0; + view->max_restarts = DEFAULT_MAX_RESTARTS; + result = isc_mutex_init(&view->new_zone_lock); if (result != ISC_R_SUCCESS) { goto cleanup_failcache; @@ -2448,3 +2456,11 @@ dns_view_setviewrevert(dns_view_t *view) { dns_zt_setviewrevert(zonetable); } } + +void +dns_view_setmaxrestarts(dns_view_t *view, uint8_t max_restarts) { + REQUIRE(DNS_VIEW_VALID(view)); + REQUIRE(max_restarts > 0); + + view->max_restarts = max_restarts; +} diff --git a/lib/dns/win32/libdns.def.in b/lib/dns/win32/libdns.def.in index 1cd8ebb4c85..a0a8f625563 100644 --- a/lib/dns/win32/libdns.def.in +++ b/lib/dns/win32/libdns.def.in @@ -168,6 +168,7 @@ dns_client_mctx dns_client_request dns_client_resolve dns_client_setdlv +dns_client_setmaxrestarts dns_client_setservers dns_client_startrequest dns_client_startresolve @@ -1135,6 +1136,7 @@ dns_view_setdynamickeyring dns_view_setfailttl dns_view_sethints dns_view_setkeyring +dns_view_setmaxrestarts dns_view_setnewzones dns_view_setresquerystats dns_view_setresstats