Resolver: limited CNAME recursion.
Previously, the recursion was only limited for cached responses.
diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c
index d1beb58..7b60abd 100644
--- a/src/core/ngx_resolver.c
+++ b/src/core/ngx_resolver.c
@@ -2001,11 +2001,33 @@
ngx_queue_insert_head(&r->name_expire_queue, &rn->queue);
+ ngx_resolver_free(r, rn->query);
+ rn->query = NULL;
+#if (NGX_HAVE_INET6)
+ rn->query6 = NULL;
+#endif
+
ctx = rn->waiting;
rn->waiting = NULL;
if (ctx) {
+ if (ctx->recursion++ >= NGX_RESOLVER_MAX_RECURSION) {
+
+ /* unlock name mutex */
+
+ do {
+ ctx->state = NGX_RESOLVE_NXDOMAIN;
+ next = ctx->next;
+
+ ctx->handler(ctx);
+
+ ctx = next;
+ } while (ctx);
+
+ return;
+ }
+
for (next = ctx; next; next = next->next) {
next->node = NULL;
}
@@ -2013,12 +2035,6 @@
(void) ngx_resolve_name_locked(r, ctx, &name);
}
- ngx_resolver_free(r, rn->query);
- rn->query = NULL;
-#if (NGX_HAVE_INET6)
- rn->query6 = NULL;
-#endif
-
/* unlock name mutex */
return;