# HG changeset patch # User Ruslan Ermilov # Date 1453816034 -10800 # Node ID 93d70d87914c350948ab701cc99569680320e198 # Parent dac6eda40475f08b7372159d78dad1e13cd5bc7f Resolver: limited CNAME recursion. Previously, the recursion was only limited for cached responses. diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c --- a/src/core/ngx_resolver.c +++ b/src/core/ngx_resolver.c @@ -1981,11 +1981,33 @@ ngx_resolver_process_a(ngx_resolver_t *r ngx_queue_insert_head(&r->name_expire_queue, &rn->queue); + ngx_resolver_free(r, rn->query); + rn->query = NULL; +#if (NGX_HAVE_INET6) + rn->query6 = NULL; +#endif + ctx = rn->waiting; rn->waiting = NULL; if (ctx) { + if (ctx->recursion++ >= NGX_RESOLVER_MAX_RECURSION) { + + /* unlock name mutex */ + + do { + ctx->state = NGX_RESOLVE_NXDOMAIN; + next = ctx->next; + + ctx->handler(ctx); + + ctx = next; + } while (ctx); + + return; + } + for (next = ctx; next; next = next->next) { next->node = NULL; } @@ -1993,12 +2015,6 @@ ngx_resolver_process_a(ngx_resolver_t *r (void) ngx_resolve_name_locked(r, ctx, &name); } - ngx_resolver_free(r, rn->query); - rn->query = NULL; -#if (NGX_HAVE_INET6) - rn->query6 = NULL; -#endif - /* unlock name mutex */ return;