This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 835639 - Bug in DNS cache causes connections until restart of libcurl-using processes
Bug in DNS cache causes connections until restart of libcurl-using processes
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: curl (Show other bugs)
5.10
All Linux
unspecified Severity medium
: rc
: ---
Assigned To: Kamil Dudka
BaseOS QE Security Team
:
Depends On: 835898
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-26 13:00 EDT by Scott Cantor
Modified: 2013-03-05 08:21 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 835898 (view as bug list)
Environment:
Last Closed: 2013-03-05 08:21:56 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Scott Cantor 2012-06-26 13:00:23 EDT
Description of problem:

A bug fixed in version 7.20 of libcurl is affecting a lot of my customers using software that depends on libcurl and maintains long-lived HTTP connection pools. Older versions had race conditions that "locked" stale DNS lookups in memory and prevented fresh DNS lookups. When IP addresses change, the library fails to detect the change and keeps accessing the stale address.

The bug fix is here:
http://sourceforge.net/tracker/index.php?func=detail&aid=2891595&group_id=976&atid=100976

I don't really guess you'll backport this, but I need to file this and get confirmation for my customers so that a decision on whether to junk use of RH-supplied libcurl will be the only recourse.

Version-Release number of selected component (if applicable):

All versions < 7.20.0 of libcurl, including the one in RH5.

How reproducible:

It requires software that relies on connection pooling of libcurl handles and uses multiple threads with some load.

Steps to Reproduce:
1.Load test software using a particular destination name/address.
2.Change the DNS entry.
3.Observe new connections inheriting use of the old address.
  
Actual results:

The DNS change is not picked up.

Expected results:

New connections should see the change without restarting the process.

Additional info:
Comment 1 Kamil Dudka 2012-06-27 09:30:23 EDT
upstream commit:

https://github.com/bagder/curl/commit/fb5f332
Comment 2 Kamil Dudka 2013-03-05 08:21:56 EST
I am sorry, but it is too late in the RHEL-5 release cycle.  At the moment we are addressing only critical and security related issues in RHEL-5.  I am closing the bug as WONTFIX.  We will keep tracking this bug for RHEL-6.  If the issue is critical for your business, please contact Red Hat Product Support and inform them about this bug.

Note You need to log in before you can comment on or make changes to this bug.