as noted by winfried, we could end up using same hash on packets in multiple places...

diff --git a/pdns/dnsdist.cc b/pdns/dnsdist.cc
index d745343c4f276966fac9af34dcbeda81bf02ad61..ec201a35f3388b4cfd6347bb63915e88a7fe7a25 100644 (file)
--- a/pdns/dnsdist.cc
+++ b/pdns/dnsdist.cc
@@ -297,9 +297,10 @@ shared_ptr<DownstreamState> wrandom(const NumberedServerVector& servers, const C
   return valrandom(random(), servers, remote, qname, qtype, dh);
 }
 
+static uint32_t g_hashperturb;
 shared_ptr<DownstreamState> whashed(const NumberedServerVector& servers, const ComboAddress& remote, const DNSName& qname, uint16_t qtype, dnsheader* dh)
 {
-  return valrandom(qname.hash(), servers, remote, qname, qtype, dh);
+  return valrandom(qname.hash(g_hashperturb), servers, remote, qname, qtype, dh);
 }
 
 
@@ -1076,11 +1077,22 @@ try
   openlog("dnsdist", LOG_PID, LOG_DAEMON);
   g_console=true;
 
+
 #ifdef HAVE_LIBSODIUM
   if (sodium_init() == -1) {
     cerr<<"Unable to initialize crypto library"<<endl;
     exit(EXIT_FAILURE);
   }
+  g_hashperturb=randombytes_uniform(0xffffffff);
+  srandom(randombytes_uniform(0xffffffff));
+#else
+  {
+    struct timeval tv;
+    gettimeofday(&tv, 0);
+    srandom(tv.tv_sec ^ tv.tv_usec ^ getpid());
+    g_hashperturb=random();
+  }
+  
 #endif
   g_cmdLine.config=SYSCONFDIR "/dnsdist.conf";
   struct option longopts[]={ 

diff --git a/pdns/dnsname.hh b/pdns/dnsname.hh
index c3016c6270c1cd5617cd7757d23023b712abf2e6..e77c108189d91ca9cbff8bcc49364594b247d675 100644 (file)
--- a/pdns/dnsname.hh
+++ b/pdns/dnsname.hh
@@ -55,9 +55,9 @@ public:
   bool isRoot() const { return d_storage.size()==1 && d_storage[0]==0; }
   void clear() { d_storage.clear(); }
   void trimToLabels(unsigned int);
-  size_t hash() const
+  size_t hash(size_t init=0) const
   {
-    return burtleCI((const unsigned char*)d_storage.c_str(), d_storage.size(), 0);
+    return burtleCI((const unsigned char*)d_storage.c_str(), d_storage.size(), init);
   }
   DNSName& operator+=(const DNSName& rhs)
   {