4193. [bug] Handle broken servers that return BADVERS incorrectly.

author Mark Andrews <marka@isc.org>

Tue, 25 Aug 2015 06:54:04 +0000 (16:54 +1000)

committer Mark Andrews <marka@isc.org>

Tue, 25 Aug 2015 06:54:04 +0000 (16:54 +1000)
author Mark Andrews <marka@isc.org>
Tue, 25 Aug 2015 06:54:04 +0000 (16:54 +1000)
committer Mark Andrews <marka@isc.org>
Tue, 25 Aug 2015 06:54:04 +0000 (16:54 +1000)
diff --git a/CHANGES b/CHANGES

index daaf115deaab7a86051c601515fd2d07f08ea095..36a7d98c14c44810436f6f33170c5ff81ba3164e 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4193.  [bug]           Handle broken servers that return BADVERS incorrectly.
+                       [RT #40427]
+
  4192.  [bug]           The default rrset-order of random was not always being
                         applied. [RT #40456]
  
diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c

index 8f3d067c9c9cf6be62bb7ab43e9608bf89b4f764..b8fa6b391d66410f6d09c89b4c4db4644d682bd5 100644 (file)
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -8012,6 +8012,8 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
                         unsigned int flags, mask;
                         unsigned int version;
  #ifdef ISC_PLATFORM_USESIT
+                       isc_boolean_t nosit = ISC_FALSE;
+
                         /*
                          * Some servers return BADVERS to unknown
                          * EDNS options.  This cannot be long term
@@ -8021,19 +8023,21 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
                          */
                         if (dns_adb_getsit(fctx->adb, query->addrinfo,
                                            sit, sizeof(sit)) == 0U) {
+                               if (!NOSIT(query->addrinfo))
+                                       nosit = ISC_TRUE;
                                 dns_adb_changeflags(fctx->adb, query->addrinfo,
                                                     FCTX_ADDRINFO_NOSIT,
                                                     FCTX_ADDRINFO_NOSIT);
                         }
  #endif
  
-                       resend = ISC_TRUE;
                         INSIST(opt != NULL);
                         version = (opt->ttl >> 16) & 0xff;
                         flags = (version << DNS_FETCHOPT_EDNSVERSIONSHIFT) |
                                 DNS_FETCHOPT_EDNSVERSIONSET;
                         mask = DNS_FETCHOPT_EDNSVERSIONMASK |
                                DNS_FETCHOPT_EDNSVERSIONSET;
+
                         /*
                          * Record that we got a good EDNS response.
                          */
@@ -8043,6 +8047,7 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
                                                     FCTX_ADDRINFO_EDNSOK,
                                                     FCTX_ADDRINFO_EDNSOK);
                         }
+
                         /*
                          * Record the supported EDNS version.
                          */
@@ -8050,7 +8055,13 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
                         case 0:
                                 dns_adb_changeflags(fctx->adb, query->addrinfo,
                                                     flags, mask);
-                               break;
+#ifdef ISC_PLATFORM_USESIT
+                               if (nosit) {
+                                       resend = ISC_TRUE;
+                                       break;
+                               }
+#endif
+                               /* FALLTHROUGH */
                         default:
                                 broken_server = DNS_R_BADVERS;
                                 keep_trying = ISC_TRUE;
author	Mark Andrews <marka@isc.org>
	Tue, 25 Aug 2015 06:54:04 +0000 (16:54 +1000)
committer	Mark Andrews <marka@isc.org>
	Tue, 25 Aug 2015 06:54:04 +0000 (16:54 +1000)
CHANGES		patch \| blob \| blame \| history
lib/dns/resolver.c		patch \| blob \| blame \| history