# HG changeset patch # User Igor Sysoev # Date 1207985360 0 # Node ID 41fd9a2e07553f64add6dc528a91493142d143e5 # Parent 3c540ad3021fc83c0982ef2d77f592a4b08b5e58 limit CNAME recursion diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c --- a/src/core/ngx_resolver.c +++ b/src/core/ngx_resolver.c @@ -435,10 +435,29 @@ ngx_resolve_name_locked(ngx_resolver_t * /* NGX_RESOLVE_CNAME */ - ctx->name.len = rn->cnlen; - ctx->name.data = rn->u.cname; - - return ngx_resolve_name_locked(r, ctx); + if (ctx->recursion++ < NGX_RESOLVER_MAX_RECURSION) { + + ctx->name.len = rn->cnlen; + ctx->name.data = rn->u.cname; + + return ngx_resolve_name_locked(r, ctx); + } + + ctx->next = rn->waiting; + rn->waiting = NULL; + + /* unlock name mutex */ + + do { + ctx->state = NGX_RESOLVE_NXDOMAIN; + next = ctx->next; + + ctx->handler(ctx); + + ctx = next; + } while (ctx); + + return NGX_OK; } if (rn->waiting) { diff --git a/src/core/ngx_resolver.h b/src/core/ngx_resolver.h --- a/src/core/ngx_resolver.h +++ b/src/core/ngx_resolver.h @@ -29,6 +29,8 @@ #define NGX_NO_RESOLVER (void *) -1 +#define NGX_RESOLVER_MAX_RECURSION 50 + typedef struct { ngx_connection_t *connection; @@ -128,6 +130,7 @@ struct ngx_resolver_ctx_s { ngx_msec_t timeout; ngx_uint_t quick; /* unsigned quick:1; */ + ngx_uint_t recursion; ngx_event_t *event; };