diff options
| author | Florian Obser <florian@cvs.openbsd.org> | 2020-01-28 21:11:07 +0000 |
|---|---|---|
| committer | Florian Obser <florian@cvs.openbsd.org> | 2020-01-28 21:11:07 +0000 |
| commit | 1f196ba7c224c224228d59dfadba68dff0d4c1e1 (patch) | |
| tree | 7564725d6d50a3163033aeccd121b2b413f91461 /sbin/unwind/resolver.c | |
| parent | 1d4f7f86e8a54d3dbf324a5cfe6065ed6acf4e1f (diff) | |
We are not correctly upgrading from "UNKNOWN" to "VALIDATING"
resulting in a "fatal in resolver: wrong unified cache set on
resolver".
I believe this happens because we are using an UNKNOWN resolving
strategy to resolve queries.
Disable the upgrade logic for now and always construct a fresh
resolver context and set the unified context on it before any cache
gets allocated. This causes a bit of memory churn on startup and when
changing networks, but better than a crashing unwind.
First observed by deraadt
Diffstat (limited to 'sbin/unwind/resolver.c')
| -rw-r--r-- | sbin/unwind/resolver.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/sbin/unwind/resolver.c b/sbin/unwind/resolver.c index 14239ed3a6a..7045439aa02 100644 --- a/sbin/unwind/resolver.c +++ b/sbin/unwind/resolver.c @@ -1,4 +1,4 @@ -/* $OpenBSD: resolver.c,v 1.121 2020/01/28 15:44:13 bket Exp $ */ +/* $OpenBSD: resolver.c,v 1.122 2020/01/28 21:11:06 florian Exp $ */ /* * Copyright (c) 2018 Florian Obser <florian@openbsd.org> @@ -1113,6 +1113,7 @@ set_unified_cache(struct uw_resolver *res) return; if (res->ctx->env->msg_cache != NULL) { + /* XXX we are currently not using this */ if (res->ctx->env->msg_cache != unified_msg_cache || res->ctx->env->rrset_cache != unified_rrset_cache || res->ctx->env->key_cache != unified_key_cache || @@ -1490,10 +1491,7 @@ check_resolver_done(struct uw_resolver *res, void *arg, int rcode, } if (sec == SECURE) { - if (prev_state == UNKNOWN) { - checked_resolver->state = VALIDATING; - set_unified_cache(checked_resolver); - } else if (prev_state != VALIDATING) + if (prev_state != VALIDATING) new_resolver(checked_resolver->type, VALIDATING); if (!(evtimer_pending(&trust_anchor_timer, NULL))) evtimer_add(&trust_anchor_timer, &tv); @@ -1507,9 +1505,7 @@ check_resolver_done(struct uw_resolver *res, void *arg, int rcode, log_warnx("%s: %s", uw_resolver_type_str[ checked_resolver->type], why_bogus); } - if (prev_state == UNKNOWN) - checked_resolver->state = RESOLVING; - else if (prev_state != RESOLVING) + if (prev_state != RESOLVING) new_resolver(checked_resolver->type, RESOLVING); } else checked_resolver->state = DEAD; /* we know the root exists */ |