innd doesn't honor DNS TTLs

[eagle]

A long-standing problem with innd is that it stores the DNS lookup results for everything in incoming.conf when it starts up and then never rechecks DNS. Most sites periodically reload incoming.conf to work around this, but it still breaks the DNS requirement to honor TTL.

Unfortunately, there's no way to do asynchronous DNS lookups using the getaddrinfo() interface, which is required to support /etc/hosts and other non-DNS sources of IP information, and we can't do the blocking calls since they can block for a long time.

That leaves, as a solution, doing DNS resolution in a child process and then asynchronously filling in the results. This will require putting incoming connections to sleep until the DNS resolution finishes, and then waking them up to do permission checking.

[Julien ÉLIE]

RFC 3977 says:

If NNTP clients or servers cache the results of host name lookups in order to achieve a performance improvement, they MUST observe the TTL information reported by DNS.

innd caches DNS lookups when reading incoming.conf and doesn't refresh its knowledge of DNS except when incoming.conf is reloaded.

Impact: An explicit reload is required whenever the IP address of any peer changes, and in the presence of network renumbering innd is vulnerable to spoofing if DNS is the only authentication mechanism used.

Suggested fix: This is hard to fix without unacceptable performance impact. The only good fix is to either fork a separate helper process to do DNS lookups (since gethostbyname may block for essentially an arbitrarily long period) or to use the direct resolver library so that one
can get access to a file descriptor and throw it into the select loop. Either way, this requires keeping a DNS file descriptor in the main select loop and updating knowledge of DNS periodically, which is a substantial amount of additional complexity.

[Julien ÉLIE]

Using libevent would allow asynchronous DNS queries.