auth: completely disable the packet when cache-ttl=0

This was inspired by #7802 but is more in line with the current query cache behaviour

closes #7802

diff --git a/docs/settings.rst b/docs/settings.rst
index 50fa520f03511a54d9ae1aaa6932dbccea86382f..77338f4731c96d703df38d05690519de1826540d 100644 (file)
--- a/docs/settings.rst
+++ b/docs/settings.rst
@@ -180,7 +180,8 @@ Also AXFR a zone from a master with a lower serial.
 -  Integer
 -  Default: 20
 
-Seconds to store packets in the :ref:`packet-cache`.
+Seconds to store packets in the :ref:`packet-cache`. A value of 0 will disable
+the cache.
 
 .. _setting-carbon-instance:
 

diff --git a/pdns/auth-packetcache.cc b/pdns/auth-packetcache.cc
index 7bb0ff32b57f699aa2fec785627234a96c2bd473..b36325d8b43d637f8218aca724039e5ca4bbb480 100644 (file)
--- a/pdns/auth-packetcache.cc
+++ b/pdns/auth-packetcache.cc
@@ -65,13 +65,12 @@ AuthPacketCache::~AuthPacketCache()
 
 bool AuthPacketCache::get(DNSPacket *p, DNSPacket *cached)
 {
-  cleanupIfNeeded();
-
   if(!d_ttl) {
-    (*d_statnummiss)++;
     return false;
   }
 
+  cleanupIfNeeded();
+
   uint32_t hash = canHashPacket(p->getString());
   p->setHash(hash);
 
@@ -113,6 +112,10 @@ bool AuthPacketCache::entryMatches(cmap_t::index<HashTag>::type::iterator& iter,
 
 void AuthPacketCache::insert(DNSPacket *q, DNSPacket *r, unsigned int maxTTL)
 {
+  if(!d_ttl) {
+    return;
+  }
+
   cleanupIfNeeded();
 
   if (ntohs(q->d.qdcount) != 1) {
@@ -192,6 +195,10 @@ bool AuthPacketCache::getEntryLocked(cmap_t& map, const std::string& query, uint
 /* clears the entire cache. */
 uint64_t AuthPacketCache::purge()
 {
+  if(!d_ttl) {
+    return 0;
+  }
+
   d_statnumentries->store(0);
 
   return purgeLockedCollectionsVector(d_maps);
@@ -210,6 +217,10 @@ uint64_t AuthPacketCache::purgeExact(const DNSName& qname)
 /* purges entries from the packetcache. If match ends on a $, it is treated as a suffix */
 uint64_t AuthPacketCache::purge(const string &match)
 {
+  if(!d_ttl) {
+    return 0;
+  }
+
   uint64_t delcount = 0;
 
   if(ends_with(match, "$")) {

diff --git a/pdns/auth-packetcache.hh b/pdns/auth-packetcache.hh
index 934869d2b194d991397e578576e827dedc2b6f8e..157ad34ad89ce89407372202340130a5d2d4457d 100644 (file)
--- a/pdns/auth-packetcache.hh
+++ b/pdns/auth-packetcache.hh
@@ -70,7 +70,11 @@ public:
   void setTTL(uint32_t ttl)
   {
     d_ttl = ttl;
-  }  
+  }
+  bool enabled()
+  {
+    return (d_ttl > 0);
+  }
 private:
 
   struct CacheEntry

diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc
index 07d78c1cd9f2ccb9eb2a55943891d55dd8de6a63..016a77aa74113870765648a642f67c0dad30b0a7 100644 (file)
--- a/pdns/common_startup.cc
+++ b/pdns/common_startup.cc
@@ -437,7 +437,7 @@ try
       g_log<<": ";
     }
 
-    if((P->d.opcode != Opcode::Notify && P->d.opcode != Opcode::Update) && P->couldBeCached()) {
+    if(PC.enabled() && (P->d.opcode != Opcode::Notify && P->d.opcode != Opcode::Update) && P->couldBeCached()) {
       bool haveSomething=PC.get(P, &cached); // does the PacketCache recognize this question?
       if (haveSomething) {
         if(logDNSQueries)
@@ -463,7 +463,7 @@ try
       continue;
     }
         
-    if(logDNSQueries) 
+    if(PC.enabled() && logDNSQueries)
       g_log<<"packetcache MISS"<<endl;
 
     try {

diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index 9a5ff229715b95aa5eb7ce4c7d00f5c82ba4e203..7b1176d88a6cade1d795b458298d777a75e2dfa8 100644 (file)
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -1546,8 +1546,7 @@ DNSPacket *PacketHandler::doQuestion(DNSPacket *p)
     if(doSigs)
       addRRSigs(d_dk, B, authSet, r->getRRS());
       
-    r->wrapup(); // needed for inserting in cache
-    if(!noCache && p->couldBeCached())
+    if(PC.enabled() && !noCache && p->couldBeCached())
       PC.insert(p, r, r->getMinTTL()); // in the packet cache
   }
   catch(DBException &e) {

diff --git a/pdns/tcpreceiver.cc b/pdns/tcpreceiver.cc
index f78229196519d09cbea18f58d8382bc388283252..acdfbb1b72b2f162bed131817be42b7fd831c71e 100644 (file)
--- a/pdns/tcpreceiver.cc
+++ b/pdns/tcpreceiver.cc
@@ -358,20 +358,21 @@ void *TCPNameserver::doConnection(void *data)
         "', do = " <<packet->d_dnssecOk <<", bufsize = "<< packet->getMaxReplyLen()<<": ";
       }
 
-
-      if(packet->couldBeCached() && PC.get(packet.get(), cached.get())) { // short circuit - does the PacketCache recognize this question?
+      if(PC.enabled()) {
+        if(packet->couldBeCached() && PC.get(packet.get(), cached.get())) { // short circuit - does the PacketCache recognize this question?
+          if(logDNSQueries)
+            g_log<<"packetcache HIT"<<endl;
+          cached->setRemote(&packet->d_remote);
+          cached->d.id=packet->d.id;
+          cached->d.rd=packet->d.rd; // copy in recursion desired bit
+          cached->commitD(); // commit d to the packet                        inlined
+
+          sendPacket(cached, fd); // presigned, don't do it again
+          continue;
+        }
         if(logDNSQueries)
-          g_log<<"packetcache HIT"<<endl;
-        cached->setRemote(&packet->d_remote);
-        cached->d.id=packet->d.id;
-        cached->d.rd=packet->d.rd; // copy in recursion desired bit 
-        cached->commitD(); // commit d to the packet                        inlined
-
-        sendPacket(cached, fd); // presigned, don't do it again
-        continue;
+            g_log<<"packetcache MISS"<<endl;
       }
-      if(logDNSQueries)
-          g_log<<"packetcache MISS"<<endl;  
       {
         Lock l(&s_plock);
         if(!s_P) {