summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFlorian Obser <florian@cvs.openbsd.org>2019-11-02 07:47:02 +0000
committerFlorian Obser <florian@cvs.openbsd.org>2019-11-02 07:47:02 +0000
commit248c0031f4cec1fec97cdcf27ee7bfb33ce98670 (patch)
tree949164bf3794a20fe414c3c3724759d49511640d
parent80422eddff8b985a84712af8752c17a7e2ccfac5 (diff)
When we are behind a captive portal we very likely need to use the asr
strategy to get past it. This is also true when we don't know yet if we are behind a captive portal. However, when the nameserver dhcp hands us are unreachable (e.g. because they are down) asr is dead, we are still using it and we are now stuck. Only force to asr if we know that it is working. If we are behind a captive portal and the dhcp nameserver are dead we probably won't get past it. But if we are in a network with unreachable dhcp nameservers we will make progress. Stumbled upon by remi while blocking port 53 in pf. OK remi
-rw-r--r--sbin/unwind/resolver.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/sbin/unwind/resolver.c b/sbin/unwind/resolver.c
index f59860a5e98..78a172f8f26 100644
--- a/sbin/unwind/resolver.c
+++ b/sbin/unwind/resolver.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: resolver.c,v 1.48 2019/10/31 12:54:40 florian Exp $ */
+/* $OpenBSD: resolver.c,v 1.49 2019/11/02 07:47:01 florian Exp $ */
/*
* Copyright (c) 2018 Florian Obser <florian@openbsd.org>
@@ -1282,7 +1282,8 @@ best_resolver(void)
if (captive_portal_state == PORTAL_UNKNOWN || captive_portal_state ==
BEHIND) {
- if (resolvers[UW_RES_ASR] != NULL) {
+ if (resolvers[UW_RES_ASR] != NULL && resolvers[UW_RES_ASR]->
+ state != DEAD) {
res = resolvers[UW_RES_ASR];
goto out;
}