From 90fbe91997ac5ffe9f61979339d0669bd7320aa0 Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Fri, 6 Dec 2024 09:45:46 +0100 Subject: [PATCH] Fix nsupdate hang when processing a large update The root cause is the fix for CVE-2024-0760 (part 3), which resets the TCP connection on a failed send. Specifically commit 4b7c6138 stops reading on the socket because the TCP connection is throttling. When the tcpdns_send_cb callback thinks about restarting reading on the socket, this fails because the socket is a client socket. And nsupdate is a client and is using the same netmgr code. This commit removes the requirement that the socket must be a server socket, allowing reading on the socket again after being throttled. (manually picked from commit aa24b77d8ba9ba2c55b71f18f54e19f71a200491) --- lib/isc/netmgr/tcpdns.c | 14 ++++++++++---- lib/isc/netmgr/tlsdns.c | 19 ++++++++++++------- 2 files changed, 22 insertions(+), 11 deletions(-) diff --git a/lib/isc/netmgr/tcpdns.c b/lib/isc/netmgr/tcpdns.c index de45754443..67e5a95cb4 100644 --- a/lib/isc/netmgr/tcpdns.c +++ b/lib/isc/netmgr/tcpdns.c @@ -1269,12 +1269,18 @@ isc__nm_async_tcpdnssend(isc__networker_t *worker, isc__netievent_t *ev0) { goto fail; } + if (!sock->client && sock->reading) { + sock->reading_throttled = true; + isc__nm_stop_reading(sock); + } + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, ISC_LOGMODULE_NETMGR, ISC_LOG_DEBUG(3), - "throttling TCP connection, the other side is not " - "reading the data, switching to uv_write()"); - sock->reading_throttled = true; - isc__nm_stop_reading(sock); + "%sthe other side is not " + "reading the data, switching to uv_write()", + !sock->client && sock->reading + ? "throttling TCP connection, " + : ""); r = uv_write(&uvreq->uv_req.write, &sock->uv_handle.stream, bufs, nbufs, tcpdns_send_cb); diff --git a/lib/isc/netmgr/tlsdns.c b/lib/isc/netmgr/tlsdns.c index e0517da008..127e09a8a7 100644 --- a/lib/isc/netmgr/tlsdns.c +++ b/lib/isc/netmgr/tlsdns.c @@ -1377,13 +1377,18 @@ tls_cycle_output(isc_nmsocket_t *sock) { break; } - isc_log_write( - isc_lctx, ISC_LOGCATEGORY_GENERAL, ISC_LOGMODULE_NETMGR, - ISC_LOG_DEBUG(3), - "throttling TCP connection, the other side is not " - "reading the data, switching to uv_write()"); - sock->reading_throttled = true; - isc__nm_stop_reading(sock); + if (!sock->client && sock->reading) { + sock->reading_throttled = true; + isc__nm_stop_reading(sock); + } + + isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, + ISC_LOGMODULE_NETMGR, ISC_LOG_DEBUG(3), + "%sthe other side is not " + "reading the data, switching to uv_write()", + !sock->client && sock->reading + ? "throttling TCP connection, " + : ""); r = uv_write(&req->uv_req.write, &sock->uv_handle.stream, &req->uvbuf, 1, tls_write_cb);