svn commit: r319177 - in stable: 10/usr.sbin/nscd 11/usr.sbin/nscd

Mon, 29 May 2017 20:28:49 -0700 

Author: cy
Date: Tue May 30 03:27:59 2017
New Revision: 319177
URL: https://svnweb.freebsd.org/changeset/base/319177

Log:
  MFC r318578:
  
  Fix non-recoverable name resolution failures due to negative cache
  entries never expiring. This patch honours the negative cache timeout.
  
  To test/experience the failure do the following:
  
  1. Edit /etc/ncd.conf to adjust the cache timeouts as follows:
  
        positive-time-to-live hosts 30
        negative-time-to-live hosts 1
  
  2. Ensure that nsswitch.conf hosts line contains something like:
  
        hosts: files cache dns
  
        Note that cache must be specified before dns.
  
  3. Start nscd.
  
  4. Run the following command:
  
        while true; do nc -z -w 3 www.google.com 80; sleep 5; done
  
  5. While running the command, remove or comment out all nameserver
     statements in /etc/resolv.conf. After a short while you will notice
     non-recoverable name rsolution failures.
  
  6. Uncomment or replace all nameserver statements back into
     /etc/resolv.conf. Take note that name resolution never recovers.
     To recover nscd must be restarted. This patch fixes this.
  
  PR:           207804
  Submitted by: Jov <[email protected]>

Modified:
  stable/10/usr.sbin/nscd/query.c
Directory Properties:
  stable/10/   (props changed)

Changes in other areas also in this revision:
Modified:
  stable/11/usr.sbin/nscd/query.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/10/usr.sbin/nscd/query.c
==============================================================================
--- stable/10/usr.sbin/nscd/query.c     Tue May 30 03:25:05 2017        
(r319176)
+++ stable/10/usr.sbin/nscd/query.c     Tue May 30 03:27:59 2017        
(r319177)
@@ -743,9 +743,14 @@ on_read_request_process(struct query_state *qstate)
                                &read_response->data_size);
 
                        if (read_response->error_code == -2) {
-                               read_response->error_code = 0;
-                               read_response->data = NULL;
-                               read_response->data_size = 0;
+                               read_response->data = malloc(
+                                       read_response->data_size);
+                               assert(read_response != NULL);
+                               read_response->error_code = 
cache_read(neg_c_entry,
+                                       read_request->cache_key,
+                                       read_request->cache_key_size,
+                                       read_response->data,
+                                       &read_response->data_size);
                        }
                }
                configuration_unlock_entry(qstate->config_entry, CELT_NEGATIVE);
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10
To unsubscribe, send any mail to "[email protected]"

Reply via email to