diff options
author | Rich Felker <dalias@aerifal.cx> | 2022-09-22 14:17:05 -0400 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2022-09-22 14:17:05 -0400 |
commit | 51d4669fb97782f6a66606da852b5afd49a08001 (patch) | |
tree | 49f717682f57a80ee337ce72c8f3b364f2c56515 /src/stdio/setbuf.c | |
parent | e2e9517607f67c1e23c059769b19bf4270d22123 (diff) | |
download | musl-51d4669fb97782f6a66606da852b5afd49a08001.tar.gz musl-51d4669fb97782f6a66606da852b5afd49a08001.tar.bz2 musl-51d4669fb97782f6a66606da852b5afd49a08001.tar.xz musl-51d4669fb97782f6a66606da852b5afd49a08001.zip |
dns: implement tcp fallback in __res_msend query core
tcp fallback was originally deemed unwanted and unnecessary, since we
aim to return a bounded-size result from getaddrinfo anyway and
normally plenty of address records fit in the 512-byte udp dns limit.
however, this turned out to have several problems:
- some recursive nameservers truncate by omitting all the answers,
rather than sending as many as can fit.
- a pathological worst-case CNAME for a worst-case name can fill the
entire 512-byte space with just the two names, leaving no room for
any addresses.
- the res_* family of interfaces allow querying of non-address records
such as TLSA (DANE), TXT, etc. which can be very large. for many of
these, it's critical that the caller see the whole RRset. also,
res_send/res_query are specified to return the complete, untruncated
length so that the caller can retry with an appropriately-sized
buffer. determining this is not possible without tcp.
so, it's time to add tcp fallback.
the fallback strategy implemented here uses one tcp socket per
question (1 or 2 questions), initiated via tcp fastopen when possible.
the connection is made to the nameserver that issued the truncated
answer. right now, fallback happens unconditionally when truncation is
seen. this can, and may later be, relaxed for queries made by the
getaddrinfo system, since it will only use a bounded number of results
anyway.
retry is not attempted again after failure over tcp. the logic could
easily be adapted to do that, but it's of questionable value, since
the tcp stack automatically handles retransmission and the successs
answer with TC=1 over udp strongly suggests that the nameserver has
the full answer ready to give. further retry is likely just "take
longer to fail".
Diffstat (limited to 'src/stdio/setbuf.c')
0 files changed, 0 insertions, 0 deletions