-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Patch 00001: Fix timeouts for DNS resolver
options.tries specifies the number of retries. Setting this to zero means to try exactly once. Previously we were always trying twice (internally). We want to simply honor the SSSD configuration and fail over to the next server (or go offline) after one try. Patch 0002: Reschedule the fd timeout for secondary lookups We were unscheduling the timeout handler after the first lookup (A or AAAA) returned, but not rescheduling it if we went on to check the secondary record type. This resulted in the resolver never returning a result for the secondary lookup, which can mean that logins/screen unlocks after VPN drop or suspend/resume might never complete. Fixes https://fedorahosted.org/sssd/ticket/729 - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0HlwYACgkQeiVVYja6o6NChgCfaAh7e2tZLqfojBQXpXhxrTl6 F9cAn1JMPyyKv6TTzoej6BoiNsQ3n4F2 =UPAJ -----END PGP SIGNATURE-----
From 9b9270417b1270e873141e34c683058a997c18ba Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Tue, 14 Dec 2010 11:05:41 -0500 Subject: [PATCH 1/2] Fix timeouts for DNS resolver options.tries specifies the number of retries. Setting this to zero means to try exactly once. Previously we were always trying twice (internally). We want to simply honor the SSSD configuration and fail over to the next server (or go offline) after one try. --- src/resolv/async_resolv.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/resolv/async_resolv.c b/src/resolv/async_resolv.c index cc57d8e3eb213f1b6ad49fabc9a3a3060d3f4edb..8aa0e0d195a2cca378bc96a27f12115cf7f472f4 100644 --- a/src/resolv/async_resolv.c +++ b/src/resolv/async_resolv.c @@ -331,7 +331,7 @@ recreate_ares_channel(struct resolv_ctx *ctx) options.sock_state_cb_data = ctx; options.timeout = ctx->timeout * 1000; options.lookups = discard_const("fb"); - options.tries = 1; + options.tries = 0; ret = ares_init_options(&new_channel, &options, ARES_OPT_SOCK_STATE_CB | ARES_OPT_TIMEOUTMS | -- 1.7.3.3
From f7dac4b05afb753151f168ea68d02c79fb6390a1 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <[email protected]> Date: Tue, 14 Dec 2010 11:07:24 -0500 Subject: [PATCH 2/2] Reschedule the fd timeout for secondary lookups We were unscheduling the timeout handler after the first lookup (A or AAAA) returned, but not rescheduling it if we went on to check the secondary record type. This resulted in the resolver never returning a result for the secondary lookup, which can mean that logins/screen unlocks after VPN drop or suspend/resume might never complete. Fixes https://fedorahosted.org/sssd/ticket/729 --- src/resolv/async_resolv.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/src/resolv/async_resolv.c b/src/resolv/async_resolv.c index 8aa0e0d195a2cca378bc96a27f12115cf7f472f4..b7e03ded37d8047899eccea32072e612a7b13db2 100644 --- a/src/resolv/async_resolv.c +++ b/src/resolv/async_resolv.c @@ -571,6 +571,8 @@ resolv_gethostbyname_done(void *arg, int status, int timeouts, struct hostent *h DEBUG(4, ("Trying to resolve %s record of '%s'\n", state->family == AF_INET ? "A" : "AAAA", state->name)); + schedule_timeout_watcher(state->resolv_ctx->ev_ctx, + state->resolv_ctx); ares_gethostbyname(state->resolv_ctx->channel, state->name, state->family, resolv_gethostbyname_next_done, req); @@ -600,6 +602,8 @@ resolv_gethostbyname_next_done(void *arg, int status, int timeouts, struct hoste return; } + unschedule_timeout_watcher(state->resolv_ctx); + if (hostent != NULL) { state->hostent = resolv_copy_hostent(req, hostent); if (state->hostent == NULL) { -- 1.7.3.3
0001-Fix-timeouts-for-DNS-resolver.patch.sig
Description: PGP signature
0002-Reschedule-the-fd-timeout-for-secondary-lookups.patch.sig
Description: PGP signature
_______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
