From: Bert Hubert Date: Tue, 15 Feb 2005 20:25:36 +0000 (+0000) Subject: Under some circumstances, PowerDNS would cache an empty response X-Git-Tag: pdns-2.9.18~58 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=8e50cd4c08b28283c4c8124a23894a9d6ebe65b5;p=pdns Under some circumstances, PowerDNS would cache an empty response to a recursive request from an IP address not allowed to benefit from this service. This cached response could then be displayed, for a few seconds, to clients that ARE alowed recursion. Thanks to Wilco Baan Hofman for noticing this problem, which could black out a domain for a short time, but not deny its existence. git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@322 d19b8d6e-7fed-0310-83ef-9ca221ded41b --- diff --git a/pdns/dnsproxy.cc b/pdns/dnsproxy.cc index a18ee1543..2c9a62284 100644 --- a/pdns/dnsproxy.cc +++ b/pdns/dnsproxy.cc @@ -189,11 +189,11 @@ void DNSProxy::mainloop(void) memcpy(buffer,&d,sizeof(d)); // commit spoofed id sendto(i->second.outsock,buffer,len,0,(struct sockaddr*)&i->second.remote,i->second.addrlen); - + DNSPacket p,q; p.parse(buffer,len); q.parse(buffer,len); - + PC.insert(&q, &p); i->second.created=0; } diff --git a/pdns/packetcache.cc b/pdns/packetcache.cc index 22b39a493..e912d89f2 100644 --- a/pdns/packetcache.cc +++ b/pdns/packetcache.cc @@ -1,11 +1,10 @@ /* PowerDNS Versatile Database Driven Nameserver - Copyright (C) 2002 PowerDNS.COM BV + Copyright (C) 2005 PowerDNS.COM BV This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. + it under the terms of the GNU General Public License version 2 as + published by the Free Software Foundation This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of @@ -16,7 +15,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -#include "utility.hh" +#include "utility.hh" #include "packetcache.hh" #include "logger.hh" #include "arguments.hh" diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc index ad9bb2598..c315080ca 100644 --- a/pdns/packethandler.cc +++ b/pdns/packethandler.cc @@ -154,7 +154,7 @@ int PacketHandler::doDNSCheckRequest(DNSPacket *p, DNSPacket *r, string &target) DNSResourceRecord rr; if (p->qclass == 3 && p->qtype.getName() == "HINFO") { - rr.content = "PowerDNS $Id: packethandler.cc,v 1.27 2005/01/11 19:41:11 ahu Exp $"; + rr.content = "PowerDNS $Id$"; rr.ttl = 5; rr.qname=target; rr.qtype=13; // hinfo @@ -174,7 +174,7 @@ int PacketHandler::doVersionRequest(DNSPacket *p, DNSPacket *r, string &target) const string mode=arg()["version-string"]; if(p->qtype.getCode()==QType::TXT && target=="version.bind") {// TXT if(mode.empty() || mode=="full") - rr.content="Served by POWERDNS "VERSION" $Id: packethandler.cc,v 1.27 2005/01/11 19:41:11 ahu Exp $"; + rr.content="Served by POWERDNS "VERSION" $Id$"; else if(mode=="anonymous") { r->setRcode(RCode::ServFail); return 1; @@ -558,7 +558,8 @@ DNSPacket *PacketHandler::question(DNSPacket *p) bool found=false; string target=p->qdomain; - + bool noCache=false; + if (doDNSCheckRequest(p, r, target)) goto sendit; @@ -667,11 +668,15 @@ DNSPacket *PacketHandler::question(DNSPacket *p) else weAuth=false; - if(p->d.rd && d_doRecursion && !weAuth && DP->sendPacket(p)) { - delete r; - return 0; - } + if(p->d.rd && d_doRecursion && !weAuth) { + if(DP->sendPacket(p)) { + delete r; + return 0; + } + else noCache=true; + } + string::size_type pos; DLOG(L<<"Nothing found so far for '"<wrapup(); // needed for inserting in cache - PC.insert(p,r); // in the packet cache + if(!noCache) + PC.insert(p,r); // in the packet cache } catch(DBException &e) { L<