Merge branch '3752-resolver-adb-quota-bug' into 'main'

Fix an ADB quota management bug in the resolver

Closes #3752

See merge request isc-projects/bind9!7266

CHANGES

@@ -1,3 +1,5 @@
+6053.	[bug]		Fix an ADB quota management bug in resolver. [GL #3752]
+
 6052.	[func]		Replace DNS over TCP and DNS over TLS transports
 			code with a new, unified transport implementation.
 			[GL #3374]

doc/notes/notes-current.rst

@@ -55,6 +55,11 @@ Bug Fixes
 - Fix a rare assertion failure in the outgoing TCP DNS connection handling.
   :gl:`#3178` :gl:`#3636`
 
+- In addition to a previously fixed bug, another similar issue was discovered
+  where quotas could be erroneously reached for servers, including any
+  configured forwarders, resulting in SERVFAIL answers being sent to clients.
+  This has been fixed. :gl:`#3752`
+
 Known Issues
 ~~~~~~~~~~~~
 

lib/dns/adb.c

@@ -1173,11 +1173,15 @@ destroy_adbentry(dns_adbentry_t *entry) {
 
 	dns_adblameinfo_t *li = NULL;
 	dns_adb_t *adb = entry->adb;
+	uint_fast32_t active;
 
 	entry->magic = 0;
 
 	INSIST(ISC_LIST_EMPTY(entry->nhs));
 
+	active = atomic_load_acquire(&entry->active);
+	INSIST(active == 0);
+
 	if (entry->cookie != NULL) {
 		isc_mem_put(adb->mctx, entry->cookie, entry->cookielen);
 	}

lib/dns/resolver.c

@@ -2660,7 +2660,16 @@ resquery_send(resquery_t *query) {
 				hint = dns_adb_getudpsize(fctx->adb,
 							  query->addrinfo);
 			} else if (tried->count >= 2U) {
-				query->options |= DNS_FETCHOPT_TCP;
+				if ((query->options & DNS_FETCHOPT_TCP) == 0) {
+					/*
+					 * Inform the ADB that we're ending a
+					 * UDP fetch, and turn the query into
+					 * a TCP query.
+					 */
+					dns_adb_endudpfetch(fctx->adb,
+							    query->addrinfo);
+					query->options |= DNS_FETCHOPT_TCP;
+				}
 			}
 		}
 	}