Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
OpenWrt
/
openwrt
peilaus alkaen https://github.com/openwrt/openwrt.git
2
0
Haarauta 0
Tiedostot Esitykset 0 Wiki
Puu: fbf475403b
Haarat Tunnisteet
openwrt
/
package
/
network
/
services
/
dnsmasq
/
patches
/
0007-Retry-SERVFAIL-DNSSEC-queries-to-a-different-server-.patch

0007-Retry-SERVFAIL-DNSSEC-queries-to-a-different-server-.patch 3.0 KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100 
  1. From 1f60a18ea1c64beb8b6cffa0650a2bfad95ac352 Mon Sep 17 00:00:00 2001
    2. 

  2. From: Simon Kelley <[email protected]>
    3. 

  3. Date: Fri, 11 May 2018 16:44:16 +0100
    4. 

  4. Subject: [PATCH 07/17] Retry SERVFAIL DNSSEC queries to a different server, if
    5. 

  5.  possible.
    6. 

  6. 

  7. Signed-off-by: Kevin Darbyshire-Bryant <[email protected]>
    8. 

  8. ---
    9. 

  9.  src/forward.c | 53 ++++++++++++++++++++++++++++++++++++++++++-----------
    10. 

  10.  1 file changed, 42 insertions(+), 11 deletions(-)
    11. 

  11. 

  12. --- a/src/forward.c
    13. 

  13. +++ b/src/forward.c
    14. 

  14. @@ -825,9 +825,12 @@ void reply_query(int fd, int family, tim
    15. 

  15.        size_t plen;
    16. 

  16.        int is_sign;
    17. 

  17.  
    18. 

  18. +#ifdef HAVE_DNSSEC
    19. 

  19.        /* For DNSSEC originated queries, just retry the query to the same server. */
    20. 

  20.        if (forward->flags & (FREC_DNSKEY_QUERY | FREC_DS_QUERY))
    21. 

  21.  	{
    22. 

  22. +	  struct server *start;
    23. 

  23. +	  
    24. 

  24.  	  blockdata_retrieve(forward->stash, forward->stash_len, (void *)header);
    25. 

  25.  	  plen = forward->stash_len;
    26. 

  26.  
    27. 

  27. @@ -839,26 +842,54 @@ void reply_query(int fd, int family, tim
    28. 

  28.  	  else
    29. 

  29.  	    log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, "retry", (struct all_addr *)&forward->sentto->addr.in6.sin6_addr, "dnssec");
    30. 

  30.  #endif
    31. 

  31. -  
    32. 

  32. -	  if (forward->sentto->sfd)
    33. 

  33. -	    fd = forward->sentto->sfd->fd;
    34. 

  34. +
    35. 

  35. +	  start = forward->sentto;
    36. 

  36. +
    37. 

  37. +	  /* for non-domain specific servers, see if we can find another to try. */
    38. 

  38. +	  if ((forward->sentto->flags & SERV_TYPE) == 0)
    39. 

  39. +	    while (1)
    40. 

  40. +	      {
    41. 

  41. +		if (!(start = start->next))
    42. 

  42. +		  start = daemon->servers;
    43. 

  43. +		if (start == forward->sentto)
    44. 

  44. +		  break;
    45. 

  45. +		
    46. 

  46. +		if ((start->flags & SERV_TYPE) == 0 &&
    47. 

  47. +		    (start->flags & SERV_DO_DNSSEC))
    48. 

  48. +		  break;
    49. 

  49. +	      }
    50. 

  50. +	    
    51. 

  51. +	  
    52. 

  52. +	  if (start->sfd)
    53. 

  53. +	    fd = start->sfd->fd;
    54. 

  54.  	  else
    55. 

  55.  	    {
    56. 

  56.  #ifdef HAVE_IPV6
    57. 

  57. -	      if (forward->sentto->addr.sa.sa_family == AF_INET6)
    58. 

  58. -		fd = forward->rfd6->fd;
    59. 

  59. +	      if (start->addr.sa.sa_family == AF_INET6)
    60. 

  60. +		{
    61. 

  61. +		  /* may have changed family */
    62. 

  62. +		  if (!forward->rfd6)
    63. 

  63. +		    forward->rfd6 = allocate_rfd(AF_INET6);
    64. 

  64. +		  fd = forward->rfd6->fd;
    65. 

  65. +		}
    66. 

  66.  	      else
    67. 

  67.  #endif
    68. 

  68. -		fd = forward->rfd4->fd;
    69. 

  69. +		{
    70. 

  70. +		  /* may have changed family */
    71. 

  71. +		  if (!forward->rfd4)
    72. 

  72. +		    forward->rfd4 = allocate_rfd(AF_INET);
    73. 

  73. +		  fd = forward->rfd4->fd;
    74. 

  74. +		}
    75. 

  75.  	    }
    76. 

  76. -	  
    77. 

  77. +	
    78. 

  78.  	  while (retry_send(sendto(fd, (char *)header, plen, 0,
    79. 

  79. -				   &forward->sentto->addr.sa,
    80. 

  80. -				   sa_len(&forward->sentto->addr))));
    81. 

  81. +				   &start->addr.sa,
    82. 

  82. +				   sa_len(&start->addr))));
    83. 

  83.  	  
    84. 

  84.  	  return;
    85. 

  85.  	}
    86. 

  86. -	  
    87. 

  87. +#endif
    88. 

  88. +      
    89. 

  89.        /* In strict order mode, there must be a server later in the chain
    90. 

  90.  	 left to send to, otherwise without the forwardall mechanism,
    91. 

  91.  	 code further on will cycle around the list forwever if they
    92. 

  92. @@ -1024,7 +1055,7 @@ void reply_query(int fd, int family, tim
    93. 

  93.  			  while (1)
    94. 

  94.  			    {
    95. 

  95.  			      if (type == (start->flags & (SERV_TYPE | SERV_DO_DNSSEC)) &&
    96. 

  96. -				  (type != SERV_HAS_DOMAIN || hostname_isequal(domain, start->domain)) &&
    97. 

  97. +				  ((type & SERV_TYPE) != SERV_HAS_DOMAIN || hostname_isequal(domain, start->domain)) &&
    98. 

  98.  				  !(start->flags & (SERV_LITERAL_ADDRESS | SERV_LOOP)))
    99. 

  99.  				{
    100. 

  100.  				  new_server = start;
    101.