mirror of
https://github.com/pi-hole/dnsmasq.git
synced 2025-12-19 10:18:25 +00:00
768b45a023
answer_request() builds answers in the same packet buffer as the request. This means that any EDNS0 header from the original request is overwritten. If the answer is in cache, that's fine: dnsmasq adds its own EDNS0 header, but if the cache lookup fails partially and the request needs to be sent upstream, it's a problem. This was fixed a long, long time ago by running the cache lookup twice if the request included an EDNS0 header. The first time, nothing would be written to the answer packet, nad if the cache lookup failed, the untouched question packet was still available to forward upstream. If cache lookup succeeded, the whole thing was done again, this time writing the data into the reply packet. In a world where EDNS0 was rare and so was memory, this was a reasonable solution. Today EDNS0 is ubiquitous so basically every query is being looked up twice in the cache. There's also the problem that any code change which makes successive cache lookups for a query possibly return different answers adds a subtle hidden bug, because this hack depends on absence of that behaviour. This commit removes the lookup-twice hack entirely. answer_request() can now return zero and overwrite the question packet. The code which was previously added to support stale caching by saving a copy of the query in the block-storage system is extended to always be active. This handles the case where answer_request() returns no answer OR a stale answer and a copy of the original query is needed to forward upstream.