diff options
author | Ruslan Ermilov <ru@nginx.com> | 2016-01-26 16:47:14 +0300 |
---|---|---|
committer | Ruslan Ermilov <ru@nginx.com> | 2016-01-26 16:47:14 +0300 |
commit | 13b6b5b9fd23f454eebdda215c8184cafc7baf52 (patch) | |
tree | d47af5efce72e7cd262864810b00095387d53d4e | |
parent | 70f485cba630c4f8ed6b9f89370a2bc530e3c4a1 (diff) |
Resolver: limited CNAME recursion.
Previously, the recursion was only limited for cached responses.
-rw-r--r-- | src/core/ngx_resolver.c | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c index fe4a35f01..5cbfd8fc3 100644 --- a/src/core/ngx_resolver.c +++ b/src/core/ngx_resolver.c @@ -1981,11 +1981,33 @@ ngx_resolver_process_a(ngx_resolver_t *r, u_char *buf, size_t last, ngx_queue_insert_head(&r->name_expire_queue, &rn->queue); + ngx_resolver_free(r, rn->query); + rn->query = NULL; +#if (NGX_HAVE_INET6) + rn->query6 = NULL; +#endif + ctx = rn->waiting; rn->waiting = NULL; if (ctx) { + if (ctx->recursion++ >= NGX_RESOLVER_MAX_RECURSION) { + + /* unlock name mutex */ + + do { + ctx->state = NGX_RESOLVE_NXDOMAIN; + next = ctx->next; + + ctx->handler(ctx); + + ctx = next; + } while (ctx); + + return; + } + for (next = ctx; next; next = next->next) { next->node = NULL; } @@ -1993,12 +2015,6 @@ ngx_resolver_process_a(ngx_resolver_t *r, u_char *buf, size_t last, (void) ngx_resolve_name_locked(r, ctx, &name); } - ngx_resolver_free(r, rn->query); - rn->query = NULL; -#if (NGX_HAVE_INET6) - rn->query6 = NULL; -#endif - /* unlock name mutex */ return; |