summaryrefslogtreecommitdiff
path: root/src/analyze
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2016-01-04 22:25:38 +0100
committerLennart Poettering <lennart@poettering.net>2016-01-04 22:42:10 +0100
commitf2992dc184398c6361273a39d3fde5c605e045e0 (patch)
treea3cfc3913fcdfc944e04c16ca7353a6520d80535 /src/analyze
parent51e399bcebefb27d6b147d90de84d07f010fa170 (diff)
resolved: explicitly avoid cyclic transaction dependencies
We already try hard not to create cyclic transaction dependencies, where a transaction requires another one for DNSSEC validation purposes, which in turn (possibly indirectly) pulls in the original transaction again, thus resulting in a cyclic dependency and ultimately a deadlock since each transaction waits for another one forever. So far we wanted to avoid such cyclic dependencies by only going "up the tree" when requesting auxiliary RRs and only going from one RR type to another, but never back. However this turned out to be insufficient. Consider a domain that publishes one or more DNSKEY but which has no DS for it. A request for the domain's DNSKEY triggers a request for the domain's DS, which will then fail, but return an NSEC, signed by the DNSKEY. To validate that we'd request the DNSKEY again. Thus a DNSKEY request results in a DS request which results in the original DNSKEY request again. If the original lookup had been a DS lookup we'd end up in the same cyclic dependency, hence we cannot statically break one of them, since both requests are of course fully valid. Hence, do full cyclic dependency checking: each time we are about to add a dependency to a transaction, check if the transaction is already a dependency of the dependency (recursively down the tree).
Diffstat (limited to 'src/analyze')
0 files changed, 0 insertions, 0 deletions