daemon: outbound TLS: penalise NS if authentication fails

author grid <grigorii.demidov@nic.cz>

Wed, 6 Dec 2017 10:45:43 +0000 (11:45 +0100)

committer Petr Špaček <petr.spacek@nic.cz>

Mon, 8 Jan 2018 11:01:00 +0000 (12:01 +0100)
author grid <grigorii.demidov@nic.cz>
Wed, 6 Dec 2017 10:45:43 +0000 (11:45 +0100)
committer Petr Špaček <petr.spacek@nic.cz>
Mon, 8 Jan 2018 11:01:00 +0000 (12:01 +0100)
diff --git a/daemon/worker.c b/daemon/worker.c

index 9d7abdda0f91c6b087d087268a7f7c8a3310c9cb..fad3b707eed8212cac6f6044a1573c714f292ec4 100644 (file)
--- a/daemon/worker.c
+++ b/daemon/worker.c
@@ -1004,7 +1004,14 @@ static int session_tls_hs_cb(struct session *session, int status)
         union inaddr *peer = &session->peer;
         int deletion_res = worker_del_tcp_waiting(worker, &peer->ip);
  
-       if (status == 0) {
+       if (status) {
+               for (size_t i = 0; i < session->waiting.len; ++i) {
+                       struct qr_task *task = session->waiting.at[0];
+                       struct kr_query *qry = array_tail(task->ctx->req.rplan.pending);
+                       kr_nsrep_update_rtt(&qry->ns, &peer->ip, KR_NS_TIMEOUT,
+                                           worker->engine->resolver.cache_rtt, KR_NS_UPDATE);
+               }
+       } else {
                 if (deletion_res != 0) {
                         /* session isn't in list of waiting queries, *
                          * something gone wrong */
author	grid <grigorii.demidov@nic.cz>
	Wed, 6 Dec 2017 10:45:43 +0000 (11:45 +0100)
committer	Petr Špaček <petr.spacek@nic.cz>
	Mon, 8 Jan 2018 11:01:00 +0000 (12:01 +0100)