diff options
| author |  Chris O'Haver <cohaver@infoblox.com>
| 2023-04-29 05:52:00 -0400 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2023-04-29 11:52:00 +0200 |
| commit | 604a902e2c7e0317aecaa3666124079c75a31573 (patch) | |
| tree | aa32794675cacbc93b8ab0681603394d1499b344 /plugin | |
| parent | 1b95a6042da112c52b859f9b0d18b41772d0143f (diff) | |
| download | coredns-604a902e2c7e0317aecaa3666124079c75a31573.tar.gz coredns-604a902e2c7e0317aecaa3666124079c75a31573.tar.zst coredns-604a902e2c7e0317aecaa3666124079c75a31573.zip | |
plugin/forward: Continue waiting after receiving malformed responses (#6014)
* forward: continue waiting after malformed responses
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* clean up
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* clean up
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* move test to /test/. Add build tag.
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* install libpcap-dev for e2e tests
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* sudo the test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove stray err check
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* disable the test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* use -exec flag to run test binary as root
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* run new test by itself in a new workflow
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix test name
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* only for udp
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove libpcap test workflow action
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove test, since it cant run in ci
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* and remove gopacket package
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
---------
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
Diffstat (limited to 'plugin')
| -rw-r--r-- | plugin/pkg/proxy/connect.go | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/plugin/pkg/proxy/connect.go b/plugin/pkg/proxy/connect.go index 29274d92d..b60a1a237 100644 --- a/plugin/pkg/proxy/connect.go +++ b/plugin/pkg/proxy/connect.go @@ -7,6 +7,7 @@ package proxy import ( "context" "io" + "net" "strconv" "sync/atomic" "time" @@ -117,11 +118,20 @@ func (p *Proxy) Connect(ctx context.Context, state request.Request, opts Options for { ret, err = pc.c.ReadMsg() if err != nil { - pc.c.Close() // not giving it back + // For UDP, if the error is not a network error keep waiting for a valid response to prevent malformed + // spoofs from blocking the upstream response. + // In the case this is a legitimate malformed response from the upstream, this will result in a timeout. + if proto == "udp" { + if _, ok := err.(net.Error); !ok { + continue + } + } + pc.c.Close() // connection closed by peer, close the persistent connection if err == io.EOF && cached { return nil, ErrCachedClosed } - // recovery the origin Id after upstream. + + // recover the origin Id after upstream. if ret != nil { ret.Id = originId } |