Merge branch '2490-dig-tcp-does-not-honor-tries-1-nor-retry-0' into 'main'

Resolve "dig +tcp does not honor +tries=1 nor +retry=0" Closes #2490 See merge request isc-projects/bind9!4682
2026-05-28 04:34:54 -04:00 · 2021-03-25 17:30:24 +00:00 · 2021-03-25 17:30:24 +00:00 · f38069cdf8
commit f38069cdf8
parent 8bb1547208 04537633a7
5 changed files with 37 additions and 13 deletions
--- a/4
+++ b/4
@ -1,3 +1,7 @@
+5608.	[bug]		Dig now honors +retry=0 and +tries=1 when queries
+			are sent over TCP (+tcp) and the remote server closes
+			the connection prematurely. [GL #2490]
+
 5607.	[bug]		Rekey after 'rndc dnssec -checkds' or 'rndc dnssec
 			-rollover' command is received, because such a command
 			may influence the next key event. [GL #2488]
--- a/bin/dig/dig.rst
+++ b/bin/dig/dig.rst
@ -480,8 +480,8 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
   ``+nssearch`` or ``+trace`` query option is used.

 ``+retry=T``
-   This option sets the number of times to retry UDP queries to server to ``T``
-   instead of the default, 2. Unlike ``+tries``, this does not include
+   This option sets the number of times to retry UDP and TCP queries to server to ``T``
+   instead of the default, 2.  Unlike ``+tries``, this does not include
   the initial query.

 ``+[no]rrcomments``
@ -569,7 +569,7 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
   default queries from a name server.

 ``+tries=T``
-   This option sets the number of times to try UDP queries to server to ``T``
+   This option sets the number of times to try UDP and TCP queries to server to ``T``
   instead of the default, 3. If ``T`` is less than or equal to zero,
   the number of tries is silently rounded up to 1.

--- a/bin/dig/dighost.c
+++ b/bin/dig/dighost.c
@ -3117,7 +3117,8 @@ force_next(dig_query_t *query) {
 */
 static void
 requeue_or_update_exitcode(dig_lookup_t *lookup) {
-	if (lookup->eoferr == 0U) {
+	if (lookup->eoferr == 0U && lookup->retries > 1) {
+		--lookup->retries;
 		/*
 		 * Peer closed the connection prematurely for the first time
 		 * for this lookup.  Try again, keeping track of this failure.
--- a/bin/tests/system/digdelv/tests.sh
+++ b/bin/tests/system/digdelv/tests.sh
@ -801,7 +801,7 @@ if [ -x "$DIG" ] ; then
  echo_i "checking exit code for a retry upon TCP EOF (immediate -> immediate) ($n)"
  ret=0
  echo "no_response no_response" | sendcmd 10.53.0.5
-  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1
+  dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 && ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
@ -811,7 +811,7 @@ if [ -x "$DIG" ] ; then
  echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> partial AXFR) ($n)"
  ret=0
  echo "partial_axfr partial_axfr" | sendcmd 10.53.0.5
-  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1
+  dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 && ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
@ -821,7 +821,7 @@ if [ -x "$DIG" ] ; then
  echo_i "checking exit code for a retry upon TCP EOF (immediate -> partial AXFR) ($n)"
  ret=0
  echo "no_response partial_axfr" | sendcmd 10.53.0.5
-  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1
+  dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 && ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
@ -831,7 +831,7 @@ if [ -x "$DIG" ] ; then
  echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> immediate) ($n)"
  ret=0
  echo "partial_axfr no_response" | sendcmd 10.53.0.5
-  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1
+  dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 && ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
@ -841,7 +841,7 @@ if [ -x "$DIG" ] ; then
  echo_i "checking exit code for a retry upon TCP EOF (immediate -> complete AXFR) ($n)"
  ret=0
  echo "no_response complete_axfr" | sendcmd 10.53.0.5
-  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 || ret=1
+  dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 || ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
@ -851,7 +851,26 @@ if [ -x "$DIG" ] ; then
  echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> complete AXFR) ($n)"
  ret=0
  echo "partial_axfr complete_axfr" | sendcmd 10.53.0.5
-  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 || ret=1
+  dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 || ret=1
+  # Sanity check: ensure ans5 behaves as expected.
+  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1
+  if [ $ret -ne 0 ]; then echo_i "failed"; fi
+  status=$((status+ret))
+
+  n=$((n+1))
+  echo_i "checking +tries=1 won't retry twice upon TCP EOF ($n)"
+  ret=0
+  echo "no_response no_response" | sendcmd 10.53.0.5
+  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1
+  # Sanity check: ensure ans5 behaves as expected.
+  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1
+  if [ $ret -ne 0 ]; then echo_i "failed"; fi
+  status=$((status+ret))
+
+  n=$((n+1))
+  echo_i "checking +retry=0 won't retry twice upon TCP EOF ($n)"
+  ret=0
+  dig_with_opts @10.53.0.5 example AXFR +retry=0 > dig.out.test$n 2>&1 && ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
--- a/doc/man/dig.1in
+++ b/doc/man/dig.1in
@ -492,8 +492,8 @@ recursive queries. Recursion is automatically disabled when the
 \fB+nssearch\fP or \fB+trace\fP query option is used.
 .TP
 .B \fB+retry=T\fP
-This option sets the number of times to retry UDP queries to server to \fBT\fP
-instead of the default, 2. Unlike \fB+tries\fP, this does not include
+This option sets the number of times to retry UDP and TCP queries to server to \fBT\fP
+instead of the default, 2.  Unlike \fB+tries\fP, this does not include
 the initial query.
 .TP
 .B \fB+[no]rrcomments\fP
@ -581,7 +581,7 @@ the root zone name servers.
 default queries from a name server.
 .TP
 .B \fB+tries=T\fP
-This option sets the number of times to try UDP queries to server to \fBT\fP
+This option sets the number of times to try UDP and TCP queries to server to \fBT\fP
 instead of the default, 3. If \fBT\fP is less than or equal to zero,
 the number of tries is silently rounded up to 1.
 .TP