dns-stream: only read DNS packet data if we identified the peer properly

If we use TCP fastopen to connect to a DNS server via TCP, and it responds really quickly between our connection attempt and our immediate check back, then we have not identified the peer yet, and will not be able to use the peer metadata to fill in our packet info. Let's fix that, and simply not read from the socket until identification is complete. Fixes: #34956 (cherry picked from commit facc9439a76b4c3a5c273c71bd7a676e4c74778c) (cherry picked from commit 11da52785c978369e4cd92e67e5017a436404340)
2025-03-11 20:58:27 +03:00 · 2025-03-04 00:17:21 +01:00 · 2025-03-04 00:17:21 +01:00 · 9bf15a285e
commit 9bf15a285e
parent 6cb60bbe83
1 changed files with 2 additions and 1 deletions
--- a/src/resolve/resolved-dns-stream.c
+++ b/src/resolve/resolved-dns-stream.c
@ -359,7 +359,8 @@ static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *use
                }
        }

-        while ((revents & (EPOLLIN|EPOLLHUP|EPOLLRDHUP)) &&
+        while (s->identified && /* Only read data once we identified the peer, because we cannot fill in the DNS packet meta info otherwise */
+               (revents & (EPOLLIN|EPOLLHUP|EPOLLRDHUP)) &&
               (!s->read_packet ||
                s->n_read < sizeof(s->read_size) + s->read_packet->size)) {