From: Bert Hubert Date: Tue, 11 Jan 2011 19:56:07 +0000 (+0000) Subject: make packetcache dnssec aware (different answers based on do) X-Git-Tag: auth-3.0~378 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a637d0a533cf9441ca4bf96dbefa8ebbd568fd88;p=pdns make packetcache dnssec aware (different answers based on do) git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1869 d19b8d6e-7fed-0310-83ef-9ca221ded41b --- diff --git a/pdns/packetcache.cc b/pdns/packetcache.cc index 0140d135c..250932d6a 100644 --- a/pdns/packetcache.cc +++ b/pdns/packetcache.cc @@ -1,6 +1,6 @@ /* PowerDNS Versatile Database Driven Nameserver - Copyright (C) 2002 - 2008 PowerDNS.COM BV + Copyright (C) 2002 - 2011 PowerDNS.COM BV This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as @@ -58,7 +58,6 @@ int PacketCache::get(DNSPacket *p, DNSPacket *cached) cleanup(); } - if(d_doRecursion && p->d.rd) { // wants recursion if(!d_recursivettl) { (*d_statnummiss)++; @@ -85,7 +84,7 @@ int PacketCache::get(DNSPacket *p, DNSPacket *cached) return 0; } - haveSomething=getEntryLocked(p->qdomain, p->qtype, PacketCache::PACKETCACHE, value, -1, packetMeritsRecursion, p->getMaxReplyLen()); + haveSomething=getEntryLocked(p->qdomain, p->qtype, PacketCache::PACKETCACHE, value, -1, packetMeritsRecursion, p->getMaxReplyLen(), p->d_dnssecOk); } if(haveSomething) { (*d_statnumhit)++; @@ -125,12 +124,12 @@ void PacketCache::insert(DNSPacket *q, DNSPacket *r) bool packetMeritsRecursion=d_doRecursion && q->d.rd; insert(q->qdomain, q->qtype, PacketCache::PACKETCACHE, r->getString(), packetMeritsRecursion ? d_recursivettl : d_ttl, -1, packetMeritsRecursion, - q->getMaxReplyLen()); + q->getMaxReplyLen(), q->d_dnssecOk); } // universal key appears to be: qname, qtype, kind (packet, query cache), optionally zoneid, meritsRecursion void PacketCache::insert(const string &qname, const QType& qtype, CacheEntryType cet, const string& value, unsigned int ttl, int zoneID, - bool meritsRecursion, unsigned int maxReplyLen) + bool meritsRecursion, unsigned int maxReplyLen, bool dnssecOk) { if(!((d_ops++) % 300000)) { cleanup(); @@ -148,7 +147,8 @@ void PacketCache::insert(const string &qname, const QType& qtype, CacheEntryType val.ctype=cet; val.meritsRecursion=meritsRecursion; val.maxReplyLen = maxReplyLen; - + val.dnssecOk = dnssecOk; + TryWriteLock l(&d_mut); if(l.gotIt()) { bool success; @@ -250,9 +250,9 @@ int PacketCache::purge(const vector &matches) *d_statnumentries=d_map.size(); return delcount; } - +// called from ueberbackend bool PacketCache::getEntry(const string &qname, const QType& qtype, CacheEntryType cet, string& value, int zoneID, bool meritsRecursion, - unsigned int maxReplyLen) + unsigned int maxReplyLen, bool dnssecOk) { if(d_ttl<0) getTTLS(); @@ -266,16 +266,17 @@ bool PacketCache::getEntry(const string &qname, const QType& qtype, CacheEntryTy S.inc( "deferred-cache-lookup"); return false; } - return getEntryLocked(qname, qtype, cet, value, zoneID, meritsRecursion, maxReplyLen); + + return getEntryLocked(qname, qtype, cet, value, zoneID, meritsRecursion, maxReplyLen, dnssecOk); } + bool PacketCache::getEntryLocked(const string &qname, const QType& qtype, CacheEntryType cet, string& value, int zoneID, bool meritsRecursion, - unsigned int maxReplyLen) + unsigned int maxReplyLen, bool dnssecOK) { - uint16_t qt = qtype.getCode(); - cmap_t::const_iterator i=d_map.find(tie(qname, qt, cet, zoneID, meritsRecursion, maxReplyLen)); + cmap_t::const_iterator i=d_map.find(tie(qname, qt, cet, zoneID, meritsRecursion, maxReplyLen, dnssecOK)); time_t now=time(0); bool ret=(i!=d_map.end() && i->ttd > now); if(ret) diff --git a/pdns/packetcache.hh b/pdns/packetcache.hh index 1c44306ef..a15c7a709 100644 --- a/pdns/packetcache.hh +++ b/pdns/packetcache.hh @@ -72,11 +72,11 @@ public: void insert(DNSPacket *q, DNSPacket *r); //!< We copy the contents of *p into our cache. Do not needlessly call this to insert questions already in the cache as it wastes resources void insert(const string &qname, const QType& qtype, CacheEntryType cet, const string& value, unsigned int ttl, int zoneID=-1, bool meritsRecursion=false, - unsigned int maxReplyLen=512); + unsigned int maxReplyLen=512, bool dnssecOk=false); int get(DNSPacket *p, DNSPacket *q); //!< We return a dynamically allocated copy out of our cache. You need to delete it. You also need to spoof in the right ID with the DNSPacket.spoofID() method. bool getEntry(const string &content, const QType& qtype, CacheEntryType cet, string& entry, int zoneID=-1, - bool meritsRecursion=false, unsigned int maxReplyLen=512); + bool meritsRecursion=false, unsigned int maxReplyLen=512, bool dnssecOk=false); int size(); //!< number of entries in the cache void cleanup(); //!< force the cache to preen itself from expired packets @@ -85,10 +85,10 @@ public: map getCounts(); private: bool getEntryLocked(const string &content, const QType& qtype, CacheEntryType cet, string& entry, int zoneID=-1, - bool meritsRecursion=false, unsigned int maxReplyLen=512); + bool meritsRecursion=false, unsigned int maxReplyLen=512, bool dnssecOk=false); struct CacheEntry { - CacheEntry() { qtype = ctype = 0; zoneID = -1; meritsRecursion=false;} + CacheEntry() { qtype = ctype = 0; zoneID = -1; meritsRecursion=false; dnssecOk=false;} string qname; uint16_t qtype; @@ -97,6 +97,7 @@ private: time_t ttd; bool meritsRecursion; unsigned int maxReplyLen; + bool dnssecOk; string value; }; @@ -113,10 +114,11 @@ private: member, member, member, - member + member, + member >, composite_key_compare, std::less, std::less, std::less, - std::less > + std::less, std::less > >, sequenced<> >