Date: Wed, 24 Jun 2009 21:25:49 +0200 (CEST) From: Libor Forst <forst@mff.cuni.cz> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/136013: Resolver wrong diagnostics Message-ID: <200906241925.n5OJPnJF043189@betynka.ms.mff.cuni.cz> Resent-Message-ID: <200906241930.n5OJU5Wh012351@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 136013
>Category: kern
>Synopsis: Resolver wrong diagnostics
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Jun 24 19:30:04 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Libor Forst
>Release: FreeBSD 7.1-RELEASE-p5 i386
>Organization:
Charles University, Prague
>Environment:
System: FreeBSD betynka.ms.mff.cuni.cz 7.1-RELEASE-p5 FreeBSD 7.1-RELEASE-p5 #0: Fri May 29 11:44:20 CEST 2009 root@kernun-e.ms.mff.cuni.cz:/usr/obj/usr/src/sys/YQ-MINIMAL i386
>Description:
The res_searchN() function makes a decision about loop continuation
after returning from the res_querydomainN() call based on two pieces
of information: res->res_h_errno and hp->rcode. However, if the query
was made for both A and AAAA RRs, the hp address points just to the
first res_target structure, but the res->res_h_errno will be set by
the result of the second query. Thus, res->res_h_errno and hp->rcode
can be inconsistent.
>How-To-Repeat:
At least two-domains search-list, query for a name without dots,
the first (A) response should be NXDomain, the second (AAAA) should
be ServFail. In this situation, the first res_querydomainN() call
(for the NAME.DOMAIN1) returns with res->res_h_errno == TRY_AGAIN
(according to the second query) but hp->rcode == NXDomain (because
hp reflects the first res_target). As such, the second domain will
not be tried (in spite of that in all three other combinations of
results, the domain is tried).
>Fix:
1. Both pieces of information (h_errno and rcode) must be consistent.
I.e. the rcode should be saved e.g. into res_state structure (as
a new res_rcode member?).
2. The question is, whether the result (h_errno+rcode) should really
be defined as "last query result". Why the responses NXDomain (A)
and ServFail (AAAA) bring a different behavior than the case of
ServFail (A) and NXDomain (AAAA)? Maybe the final result selection
should not follow "the last" response but "the most relevant" one.
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906241925.n5OJPnJF043189>