resolved fallback to TCP fails for truncated UDP replies
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
systemd (Ubuntu) |
Fix Released
|
Medium
|
Dan Streetman | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
Disco |
Fix Released
|
Medium
|
Dan Streetman | ||
Eoan |
Fix Released
|
Medium
|
Dan Streetman | ||
Focal |
Fix Released
|
Medium
|
Dan Streetman |
Bug Description
[impact]
for DNS UDP replies larger than 512 bytes, fallback to TCP is used. For example 'host toomany.
Due to a bug in resolved in refcounting DNS stream types, the refcount underflows for type 0 streams (which resolved uses to talk to upstream nameservers), resulting in resolved being unable to fallback to TCP to handle truncated UDP replies.
[test case]
ubuntu@
;; Truncated, retrying in TCP mode.
; <<>> DiG 9.11.3-
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2683
;; flags: qr rd ra; QUERY: 1, ANSWER: 40, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;toomany.
;; Query time: 0 msec
;; SERVER: 127.0.0.
;; WHEN: Thu Oct 24 11:40:29 UTC 2019
;; MSG SIZE rcvd: 678
ubuntu@
ubuntu@
; <<>> DiG 9.11.3-
;; global options: +cmd
;; connection timed out; no servers could be reached
[regression potential]
very low, as this only properly sets the stream type in the DnsStream object; any regression would be a failure to be able to use TCP for DNS requests or replies.
[other info]
https:/
The commit adding stream types is not present in x/b, so this is needed only for disco and later.
description: | updated |
Changed in systemd (Ubuntu Disco): | |
importance: | Undecided → Medium |
Changed in systemd (Ubuntu Eoan): | |
importance: | Undecided → Medium |
Changed in systemd (Ubuntu Focal): | |
importance: | Undecided → Medium |
Changed in systemd (Ubuntu Disco): | |
assignee: | nobody → Dan Streetman (ddstreet) |
Changed in systemd (Ubuntu Eoan): | |
assignee: | nobody → Dan Streetman (ddstreet) |
status: | New → In Progress |
Changed in systemd (Ubuntu Disco): | |
status: | New → In Progress |
Changed in systemd (Ubuntu Focal): | |
assignee: | nobody → Dan Streetman (ddstreet) |
status: | New → In Progress |
tags: | added: ddstreet disco eoan focal sts systemd |
Changed in systemd (Ubuntu Focal): | |
status: | In Progress → Fix Committed |
This bug was fixed in the package systemd - 243-3ubuntu1
---------------
systemd (243-3ubuntu1) focal; urgency=medium
[ Dan Streetman ] patches/ resolved- set-stream- type-during- DnsStream- creation. patch /git.launchpad. net/~ubuntu- core-dev/ ubuntu/ +source/ systemd/ commit/ ?id=f1ee30b13c9 d2d34968b09ce62 0f3bc24a1a78c7 dhclient- enter-hooks. d/resolved extra/dhclient- enter-resolved- hook /git.launchpad. net/~ubuntu- core-dev/ ubuntu/ +source/ systemd/ commit/ ?id=fec4d6d0264 88a1d32ad9dceef 18d9ea9c8acbda
* Fix resolved fallback to TCP (LP: #1849658)
Author: Dan Streetman
File: debian/
https:/
* Separate stderr and stdout of /etc/dhcp/
(LP: #1849608)
Author: Dan Streetman
File: debian/
https:/
[ Balint Reczey ] patches/ udevadm- trigger- do-not- propagate- EACCES- and-ENODEV. patch /git.launchpad. net/~ubuntu- core-dev/ ubuntu/ +source/ systemd/ commit/ ?id=334e3fdc904 de05105c78763c8 8220c1976d1946 patches/ debian/ UBUNTU- test-Pass- personality- test-even- when-i386- userland- runs-o. patch /git.launchpad. net/~ubuntu- core-dev/ ubuntu/ +source/ systemd/ commit/ ?id=42e0bfc426f 19430f6768ef492 2a9531a345765f
* Merge to Ubuntu from Debian experimental
* Refresh patches:
- Dropped changes:
* udevadm trigger: do not propagate EACCES and ENODEV.
File: debian/
https:/
* Pass personality test even when i386 userland runs on amd64 kernel
File: debian/
https:/
systemd (243-3) experimental; urgency=medium
* Import patches from v243-stable branch (up to ef677436aa)
-- Balint Reczey <email address hidden> Wed, 30 Oct 2019 15:19:33 +0100