From: Pieter Lexis <pieter.lexis@powerdns.com>
Date: Wed, 14 Feb 2018 12:58:15 +0000 (+0100)
Subject: ixfrdist: Allow setting the inbound AXFR timeout
X-Git-Tag: dnsdist-1.3.0~97^2~3
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=99bea744a47e6de2ec399e78c0e43cd1b54537b3;p=pdns

ixfrdist: Allow setting the inbound AXFR timeout
---

diff --git a/pdns/ixfrdist.cc b/pdns/ixfrdist.cc
index a0465633e..98b84f5f7 100644
--- a/pdns/ixfrdist.cc
+++ b/pdns/ixfrdist.cc
@@ -74,6 +74,9 @@ bool g_exiting = false;
 #define KEEP_DEFAULT 20
 uint16_t g_keep = KEEP_DEFAULT;
 
+#define AXFRTIMEOUT_DEFAULT 20
+uint16_t g_axfrTimeout = AXFRTIMEOUT_DEFAULT;
+
 NetmaskGroup g_acl;
 
 void handleSignal(int signum) {
@@ -237,7 +240,7 @@ void updateThread() {
         Resolver::res_t nop;
         vector<DNSRecord> chunk;
         records_t records;
-        while(axfr.getChunk(nop, &chunk)) {
+        while(axfr.getChunk(nop, &chunk, g_axfrTimeout)) {
           for(auto& dr : chunk) {
             if(dr.d_type == QType::TSIG)
               continue;
@@ -707,6 +710,7 @@ int main(int argc, char** argv) {
       ("server-address", po::value<string>()->default_value("127.0.0.1:5300"), "server address")
       ("work-dir", po::value<string>()->default_value("."), "Directory for storing AXFR and IXFR data")
       ("keep", po::value<uint16_t>()->default_value(KEEP_DEFAULT), "Number of old zone versions to retain")
+      ("axfr-timeout", po::value<uint16_t>()->default_value(AXFRTIMEOUT_DEFAULT), "Timeout in seconds for an AXFR to complete")
       ;
     po::options_description alloptions;
     po::options_description hidden("hidden options");
@@ -748,6 +752,10 @@ int main(int argc, char** argv) {
     g_keep = g_vm["keep"].as<uint16_t>();
   }
 
+  if (g_vm.count("axfr-timeout") > 0) {
+    g_axfrTimeout = g_vm["axfr-timeout"].as<uint16_t>();
+  }
+
   vector<ComboAddress> listen_addresses = {ComboAddress("127.0.0.1:53")};
 
   if (g_vm.count("listen-address") > 0) {
diff --git a/pdns/resolver.cc b/pdns/resolver.cc
index 81eabdfea..d2ecd76f8 100644
--- a/pdns/resolver.cc
+++ b/pdns/resolver.cc
@@ -429,7 +429,7 @@ AXFRRetriever::~AXFRRetriever()
 
 
 
-int AXFRRetriever::getChunk(Resolver::res_t &res, vector<DNSRecord>* records) // Implementation is making sure RFC2845 4.4 is followed.
+int AXFRRetriever::getChunk(Resolver::res_t &res, vector<DNSRecord>* records, uint16_t timeout) // Implementation is making sure RFC2845 4.4 is followed.
 {
   if(d_soacount > 1)
     return false;
@@ -442,7 +442,7 @@ int AXFRRetriever::getChunk(Resolver::res_t &res, vector<DNSRecord>* records) //
   if (d_maxReceivedBytes > 0 && (d_maxReceivedBytes - d_receivedBytes) < (size_t) len)
     throw ResolverException("Reached the maximum number of received bytes during AXFR");
 
-  timeoutReadn(len);
+  timeoutReadn(len, timeout);
 
   d_receivedBytes += (uint16_t) len;
 
@@ -475,13 +475,13 @@ int AXFRRetriever::getChunk(Resolver::res_t &res, vector<DNSRecord>* records) //
   return true;
 }
 
-void AXFRRetriever::timeoutReadn(uint16_t bytes)
+void AXFRRetriever::timeoutReadn(uint16_t bytes, uint16_t timeoutsec)
 {
-  time_t start=time(0);
+  time_t start=time(nullptr);
   int n=0;
   int numread;
   while(n<bytes) {
-    int res=waitForData(d_sock, 10-(time(0)-start));
+    int res=waitForData(d_sock, timeoutsec-(time(nullptr)-start));
     if(res<0)
       throw ResolverException("Reading data from remote nameserver over TCP: "+stringerror());
     if(!res)
diff --git a/pdns/resolver.hh b/pdns/resolver.hh
index c9946ccf8..9246994cb 100644
--- a/pdns/resolver.hh
+++ b/pdns/resolver.hh
@@ -87,12 +87,12 @@ class AXFRRetriever : public boost::noncopyable
                   const ComboAddress* laddr = NULL,
                   size_t maxReceivedBytes=0);
     ~AXFRRetriever();
-    int getChunk(Resolver::res_t &res, vector<DNSRecord>* records=0);  
+    int getChunk(Resolver::res_t &res, vector<DNSRecord>* records=0, uint16_t timeout=10);
   
   private:
     void connect();
     int getLength();
-    void timeoutReadn(uint16_t bytes);  
+    void timeoutReadn(uint16_t bytes, uint16_t timeoutsec=10);
 
     shared_array<char> d_buf;
     string d_domain;