From: Bert Hubert Date: Thu, 1 Nov 2012 13:29:58 +0000 (+0000) Subject: add little bit of jitter to signature cache cleaning so all slaves are not simultaneo... X-Git-Tag: auth-3.2-rc1~39 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ff1040bff32921d59ebb5c850ca0f97ee2159c13;p=pdns add little bit of jitter to signature cache cleaning so all slaves are not simultaneously busy purging their caches git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2843 d19b8d6e-7fed-0310-83ef-9ca221ded41b --- diff --git a/pdns/Makefile.am b/pdns/Makefile.am index 38a32c8a1..7e8b2b2a8 100644 --- a/pdns/Makefile.am +++ b/pdns/Makefile.am @@ -94,7 +94,10 @@ pdnssec_SOURCES=pdnssec.cc dbdnsseckeeper.cc sstuff.hh dnsparser.cc dnsparser.hh backends/gsql/gsqlbackend.cc \ backends/gsql/gsqlbackend.hh backends/gsql/ssql.hh zoneparser-tng.cc \ dynlistener.cc dns.cc randombackend.cc dnssecsigner.cc polarrsakeyinfra.cc md5.cc \ - signingpipe.cc dnslabeltext.cc ednssubnet.cc cachecleaner.hh + signingpipe.cc dnslabeltext.cc ednssubnet.cc cachecleaner.hh \ + aes/aescpp.h \ + aes/aescrypt.c aes/aes.h aes/aeskey.c aes/aes_modes.c aes/aesopt.h \ + aes/aestab.c aes/aestab.h aes/brg_endian.h aes/brg_types.h aes/dns_random.cc pdnssec_LDFLAGS=@moduleobjects@ @modulelibs@ @DYNLINKFLAGS@ @LIBDL@ @THREADFLAGS@ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) $(BOOST_SERIALIZATION_LDFLAGS) diff --git a/pdns/backends/bind/Makefile.am b/pdns/backends/bind/Makefile.am index 7c1eb8299..0c4db5c43 100644 --- a/pdns/backends/bind/Makefile.am +++ b/pdns/backends/bind/Makefile.am @@ -25,13 +25,17 @@ zone2sql_SOURCES=bindparser.yy bindlexer.l bind-dnssec.schema.sqlite3.sql.h \ ../../unix_utility.cc ../../qtype.cc ../../dns.cc \ ../../zoneparser-tng.cc ../../dnsrecords.cc ../../sillyrecords.cc \ ../../dnswriter.cc dnslabeltext.cc ../../rcpgenerator.cc ../../dnsparser.cc ../../base64.cc \ -../../nsecrecords.cc ../../dnssecinfra.cc ../../base32.cc ../../md5.cc # ../../dbdnsseckeeper.cc +../../nsecrecords.cc ../../dnssecinfra.cc ../../base32.cc ../../md5.cc ../../aes/dns_random.cc \ +../../aes/aescpp.h ../../aes/aescrypt.c ../../aes/aes.h ../../aes/aeskey.c ../../aes/aes_modes.c ../../aes/aesopt.h \ +../../aes/aestab.c ../../aes/aestab.h ../../aes/brg_endian.h ../../aes/brg_types.h # ../../dbdnsseckeeper.cc zone2ldap_SOURCES=bindparser.yy bindlexer.l bind-dnssec.schema.sqlite3.sql.h \ ../../arguments.cc ../../logger.cc zone2ldap.cc ../../statbag.cc ../../misc.cc \ ../../unix_utility.cc ../../qtype.cc ../../zoneparser-tng.cc ../../dnsrecords.cc \ ../../dnswriter.cc dnslabeltext.cc ../../rcpgenerator.cc ../../dnsparser.cc ../../base64.cc ../../sillyrecords.cc \ -../../nsecrecords.cc ../../dnssecinfra.cc ../../base32.cc ../../md5.cc # ../../dbdnsseckeeper.cc +../../nsecrecords.cc ../../dnssecinfra.cc ../../base32.cc ../../md5.cc ../../aes/dns_random.cc \ +../../aes/aescpp.h ../../aes/aescrypt.c ../../aes/aes.h ../../aes/aeskey.c ../../aes/aes_modes.c ../../aes/aesopt.h \ +../../aes/aestab.c ../../aes/aestab.h ../../aes/brg_endian.h ../../aes/brg_types.h # ../../dbdnsseckeeper.cc zone2ldap_LDFLAGS=@THREADFLAGS@ if HAVE_LIBPOLARSSL diff --git a/pdns/dnssecsigner.cc b/pdns/dnssecsigner.cc index df3cf3521..846020504 100644 --- a/pdns/dnssecsigner.cc +++ b/pdns/dnssecsigner.cc @@ -20,6 +20,7 @@ #include #include "md5.hh" #include "dnsseckeeper.hh" +#include "dns_random.hh" #include "lock.hh" /* this is where the RRSIGs begin, keys are retrieved, @@ -141,9 +142,10 @@ void fillOutRRSIG(DNSSECPrivateKey& dpk, const std::string& signQName, RRSIGReco if(doCache) { WriteLock l(&g_signatures_lock); - unsigned int weekno = time(0) / (86400*7); // we just spent milliseconds doing a signature, microsecond more won't kill us + /* we add some jitter here so not all your slaves start pruning their caches at the very same millisecond */ + unsigned int weekno = (time(0) - dns_random(3600)) / (86400*7); // we just spent milliseconds doing a signature, microsecond more won't kill us - if(g_cacheweekno != weekno) { // blunt but effective (C) Habbie + if(g_cacheweekno < weekno) { // blunt but effective (C) Habbie g_signatures.clear(); g_cacheweekno = weekno; }