devuan
/
pdns-recursor
10
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 20 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
499 Commits
1 Branch
7.9 MiB
 
 
 
 
 
 
Branch: suites/unstable
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'suites/unstable'
${ noResults }
pdns-recursor/negcache.cc

221 lines
7.4 KiB
Raw Permalink Blame History 

  1. /*

  2.  * This file is part of PowerDNS or dnsdist.

  3.  * Copyright -- PowerDNS.COM B.V. and its contributors

  4.  *

  5.  * This program is free software; you can redistribute it and/or modify

  6.  * it under the terms of version 2 of the GNU General Public License as

  7.  * published by the Free Software Foundation.

  8.  *

  9.  * In addition, for the avoidance of any doubt, permission is granted to

  10.  * link this program with OpenSSL and to (re)distribute the binaries

  11.  * produced as the result of such linking.

  12.  *

  13.  * This program is distributed in the hope that it will be useful,

  14.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  15.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  16.  * GNU General Public License for more details.

  17.  *

  18.  * You should have received a copy of the GNU General Public License

  19.  * along with this program; if not, write to the Free Software

  20.  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

  21.  */

  22. #include <cinttypes>

  23. 

  24. #include "negcache.hh"

  25. #include "misc.hh"

  26. #include "cachecleaner.hh"

  27. #include "utility.hh"

  28. 

  29. /*!

  30.  * Set ne to the NegCacheEntry for the last label in qname and return true if there

  31.  * was one.

  32.  *

  33.  * \param qname    The name to look up (only the last label is used)

  34.  * \param now      A timeval with the current time, to check if an entry is expired

  35.  * \param ne       A NegCacheEntry that is filled when there is a cache entry

  36.  * \return         true if ne was filled out, false otherwise

  37.  */

  38. bool NegCache::getRootNXTrust(const DNSName& qname, const struct timeval& now, NegCacheEntry& ne)

  39. {

  40.   // Never deny the root.

  41.   if (qname.isRoot())

  42.     return false;

  43. 

  44.   // An 'ENT' QType entry, used as "whole name" in the neg-cache context.

  45.   static const QType qtnull(0);

  46.   DNSName lastLabel = qname.getLastLabel();

  47.   negcache_t::const_iterator ni = d_negcache.find(tie(lastLabel, qtnull));

  48. 

  49.   while (ni != d_negcache.end() && ni->d_name == lastLabel && ni->d_auth.isRoot() && ni->d_qtype == qtnull) {

  50.     // We have something

  51.     if ((uint32_t)now.tv_sec < ni->d_ttd) {

  52.       ne = *ni;

  53.       moveCacheItemToBack<SequenceTag>(d_negcache, ni);

  54.       return true;

  55.     }

  56.     moveCacheItemToFront<SequenceTag>(d_negcache, ni);

  57.     ++ni;

  58.   }

  59.   return false;

  60. }

  61. 

  62. /*!

  63.  * Set ne to the NegCacheEntry for the qname|qtype tuple and return true

  64.  *

  65.  * \param qname    The name to look up

  66.  * \param qtype    The qtype to look up

  67.  * \param now      A timeval with the current time, to check if an entry is expired

  68.  * \param ne       A NegCacheEntry that is filled when there is a cache entry

  69.  * \return         true if ne was filled out, false otherwise

  70.  */

  71. bool NegCache::get(const DNSName& qname, const QType& qtype, const struct timeval& now, NegCacheEntry& ne, bool typeMustMatch)

  72. {

  73.   const auto& idx = d_negcache.get<2>();

  74.   auto range = idx.equal_range(qname);

  75.   auto ni = range.first;

  76. 

  77.   while (ni != range.second) {

  78.     // We have an entry

  79.     if ((!typeMustMatch && ni->d_qtype.getCode() == 0) || ni->d_qtype == qtype) {

  80.       // We match the QType or the whole name is denied

  81.       auto firstIndexIterator = d_negcache.project<0>(ni);

  82. 

  83.       if ((uint32_t)now.tv_sec < ni->d_ttd) {

  84.         // Not expired

  85.         ne = *ni;

  86.         moveCacheItemToBack<SequenceTag>(d_negcache, firstIndexIterator);

  87.         return true;

  88.       }

  89.       // expired

  90.       moveCacheItemToFront<SequenceTag>(d_negcache, firstIndexIterator);

  91.     }

  92.     ++ni;

  93.   }

  94.   return false;

  95. }

  96. 

  97. /*!

  98.  * Places ne into the negative cache, possibly overriding an existing entry.

  99.  *

  100.  * \param ne The NegCacheEntry to add to the cache

  101.  */

  102. void NegCache::add(const NegCacheEntry& ne)

  103. {

  104.   lruReplacingInsert<SequenceTag>(d_negcache, ne);

  105. }

  106. 

  107. /*!

  108.  * Update the validation state of an existing entry with the provided state.

  109.  *

  110.  * \param qname The name of the entry to replace

  111.  * \param qtype The type of the entry to replace

  112.  * \param newState The new validation state

  113.  */

  114. void NegCache::updateValidationStatus(const DNSName& qname, const QType& qtype, const vState newState, boost::optional<uint32_t> capTTD)

  115. {

  116.   auto range = d_negcache.equal_range(tie(qname, qtype));

  117. 

  118.   if (range.first != range.second) {

  119.     range.first->d_validationState = newState;

  120.     if (capTTD) {

  121.       range.first->d_ttd = std::min(range.first->d_ttd, *capTTD);

  122.     }

  123.   }

  124. }

  125. 

  126. /*!

  127.  * Returns the amount of entries in the cache

  128.  *

  129.  * \param qname The name of the entries to be counted

  130.  */

  131. uint64_t NegCache::count(const DNSName& qname) const

  132. {

  133.   return d_negcache.count(tie(qname));

  134. }

  135. 

  136. /*!

  137.  * Returns the amount of entries in the cache for qname+qtype

  138.  *

  139.  * \param qname The name of the entries to be counted

  140.  * \param qtype The type of the entries to be counted

  141.  */

  142. uint64_t NegCache::count(const DNSName& qname, const QType qtype) const

  143. {

  144.   return d_negcache.count(tie(qname, qtype));

  145. }

  146. 

  147. /*!

  148.  * Remove all entries for name from the cache. If subtree is true, wipe all names

  149.  * underneath it.

  150.  *

  151.  * \param name    The DNSName of the entries to wipe

  152.  * \param subtree Should all entries under name be removed?

  153.  */

  154. uint64_t NegCache::wipe(const DNSName& name, bool subtree)

  155. {

  156.   uint64_t ret(0);

  157.   if (subtree) {

  158.     for (auto i = d_negcache.lower_bound(tie(name)); i != d_negcache.end();) {

  159.       if (!i->d_name.isPartOf(name))

  160.         break;

  161.       i = d_negcache.erase(i);

  162.       ret++;

  163.     }

  164.     return ret;

  165.   }

  166. 

  167.   ret = count(name);

  168.   auto range = d_negcache.equal_range(tie(name));

  169.   d_negcache.erase(range.first, range.second);

  170.   return ret;

  171. }

  172. 

  173. /*!

  174.  * Clear the negative cache

  175.  */

  176. void NegCache::clear()

  177. {

  178.   d_negcache.clear();

  179. }

  180. 

  181. /*!

  182.  * Perform some cleanup in the cache, removing stale entries

  183.  *

  184.  * \param maxEntries The maximum number of entries that may exist in the cache.

  185.  */

  186. void NegCache::prune(size_t maxEntries)

  187. {

  188.   pruneCollection<SequenceTag>(*this, d_negcache, maxEntries, 200);

  189. }

  190. 

  191. /*!

  192.  * Writes the whole negative cache to fp

  193.  *

  194.  * \param fp A pointer to an open FILE object

  195.  */

  196. uint64_t NegCache::dumpToFile(FILE* fp)

  197. {

  198.   uint64_t ret(0);

  199.   struct timeval now;

  200.   Utility::gettimeofday(&now, nullptr);

  201. 

  202.   negcache_sequence_t& sidx = d_negcache.get<SequenceTag>();

  203.   for (const NegCacheEntry& ne : sidx) {

  204.     ret++;

  205.     fprintf(fp, "%s %" PRId64 " IN %s VIA %s ; (%s)\n", ne.d_name.toString().c_str(), static_cast<int64_t>(ne.d_ttd - now.tv_sec), ne.d_qtype.getName().c_str(), ne.d_auth.toString().c_str(), vStateToString(ne.d_validationState).c_str());

  206.     for (const auto& rec : ne.authoritySOA.records) {

  207.       fprintf(fp, "%s %" PRId64 " IN %s %s ; (%s)\n", rec.d_name.toString().c_str(), static_cast<int64_t>(ne.d_ttd - now.tv_sec), DNSRecordContent::NumberToType(rec.d_type).c_str(), rec.d_content->getZoneRepresentation().c_str(), vStateToString(ne.d_validationState).c_str());

  208.     }

  209.     for (const auto& sig : ne.authoritySOA.signatures) {

  210.       fprintf(fp, "%s %" PRId64 " IN RRSIG %s ;\n", sig.d_name.toString().c_str(), static_cast<int64_t>(ne.d_ttd - now.tv_sec), sig.d_content->getZoneRepresentation().c_str());

  211.     }

  212.     for (const auto& rec : ne.DNSSECRecords.records) {

  213.       fprintf(fp, "%s %" PRId64 " IN %s %s ; (%s)\n", rec.d_name.toString().c_str(), static_cast<int64_t>(ne.d_ttd - now.tv_sec), DNSRecordContent::NumberToType(rec.d_type).c_str(), rec.d_content->getZoneRepresentation().c_str(), vStateToString(ne.d_validationState).c_str());

  214.     }

  215.     for (const auto& sig : ne.DNSSECRecords.signatures) {

  216.       fprintf(fp, "%s %" PRId64 " IN RRSIG %s ;\n", sig.d_name.toString().c_str(), static_cast<int64_t>(ne.d_ttd - now.tv_sec), sig.d_content->getZoneRepresentation().c_str());

  217.     }

  218.   }

  219.   return ret;

  220. }