some iterator states for nonresponsive domains can get into a
state where they waited for an empty list.
- Stop UDP to TCP failover after timeouts that causes the ping count
to be reset by the TCP time measurement (that exists for TLS),
because that causes the UDP part to not be measured as timeout.
git-svn-id: file:///svn/unbound/trunk@4912
be551aaa-1e26-0410-a405-
d3ace91eadb9
does not have it.
- Fix unbound for openssl in FIPS mode, it uses the digests with
the EVP call contexts.
+ - Fix that with harden-below-nxdomain and qname minisation enabled
+ some iterator states for nonresponsive domains can get into a
+ state where they waited for an empty list.
+ - Stop UDP to TCP failover after timeouts that causes the ping count
+ to be reset by the TCP time measurement (that exists for TLS),
+ because that causes the UDP part to not be measured as timeout.
13 September 2018: Wouter
- Fix seed for random backup code to use explicit zero when wiped.
verbose(VERB_ALGO,
"could not validate NXDOMAIN "
"response");
+ outbound_list_clear(&iq->outlist);
+ iq->num_current_queries = 0;
+ fptr_ok(fptr_whitelist_modenv_detach_subs(
+ qstate->env->detach_subs));
+ (*qstate->env->detach_subs)(qstate);
+ iq->num_target_queries = 0;
}
}
return next_state(iq, QUERYTARGETS_STATE);
return 0;
}
if(rto >= RTT_MAX_TIMEOUT) {
- fallback_tcp = 1;
+ /* fallback_tcp = 1; */
/* UDP does not work, fallback to TCP below */
} else {
serviced_callbacks(sq, NETEVENT_TIMEOUT, c, rep);
projects / thirdparty / unbound.git / commitdiff
