Bug 835639 - Bug in DNS cache causes connections until restart of libcurl-using processes
Summary: Bug in DNS cache causes connections until restart of libcurl-using processes
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: curl
Version: 5.10
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: rc
: ---
Assignee: Kamil Dudka
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On: 835898
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-06-26 17:00 UTC by Scott Cantor
Modified: 2013-03-05 13:21 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 835898 (view as bug list)
Environment:
Last Closed: 2013-03-05 13:21:56 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Scott Cantor 2012-06-26 17:00:23 UTC
Description of problem:

A bug fixed in version 7.20 of libcurl is affecting a lot of my customers using software that depends on libcurl and maintains long-lived HTTP connection pools. Older versions had race conditions that "locked" stale DNS lookups in memory and prevented fresh DNS lookups. When IP addresses change, the library fails to detect the change and keeps accessing the stale address.

The bug fix is here:
http://sourceforge.net/tracker/index.php?func=detail&aid=2891595&group_id=976&atid=100976

I don't really guess you'll backport this, but I need to file this and get confirmation for my customers so that a decision on whether to junk use of RH-supplied libcurl will be the only recourse.

Version-Release number of selected component (if applicable):

All versions < 7.20.0 of libcurl, including the one in RH5.

How reproducible:

It requires software that relies on connection pooling of libcurl handles and uses multiple threads with some load.

Steps to Reproduce:
1.Load test software using a particular destination name/address.
2.Change the DNS entry.
3.Observe new connections inheriting use of the old address.
  
Actual results:

The DNS change is not picked up.

Expected results:

New connections should see the change without restarting the process.

Additional info:

Comment 1 Kamil Dudka 2012-06-27 13:30:23 UTC
upstream commit:

https://github.com/bagder/curl/commit/fb5f332

Comment 2 Kamil Dudka 2013-03-05 13:21:56 UTC
I am sorry, but it is too late in the RHEL-5 release cycle.  At the moment we are addressing only critical and security related issues in RHEL-5.  I am closing the bug as WONTFIX.  We will keep tracking this bug for RHEL-6.  If the issue is critical for your business, please contact Red Hat Product Support and inform them about this bug.


Note You need to log in before you can comment on or make changes to this bug.