Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove code for caching SRV.

Browse Source 
Function replaced by the ability to cache any RR type.

For backwards compatibilty SRV records are always on the
list of cacheable RR-types.
This commit is contained in:
Simon Kelley
2023-03-28 18:24:22 +01:00
parent 638c7c4d20
commit 042c64273d
6 changed files with 42 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
src/cache.c
View File

@@ -136,7 +136,7 @@ static void cache_hash(struct crec *crecp);
unsigned short rrtype(char *in)
{
int i;
unsigned int i;
for (i = 0; i < (sizeof(typestr)/sizeof(typestr[0])); i++)
if (strcasecmp(in, typestr[i].name) == 0)
@@ -275,9 +275,7 @@ static void cache_blockdata_free(struct crec *crecp)
{
if (!(crecp->flags & F_NEG))
{
if (crecp->flags & F_SRV)
blockdata_free(crecp->addr.srv.target);
else if (crecp->flags & F_RR)
if (crecp->flags & F_RR)
blockdata_free(crecp->addr.rr.rrdata);
#ifdef HAVE_DNSSEC
else if (crecp->flags & F_DNSKEY)
@@ -472,7 +470,7 @@ static struct crec *cache_scan_free(char *name, union all_addr *addr, unsigned s
if ((crecp->flags & F_FORWARD) && hostname_isequal(cache_get_name(crecp), name))
{
/* Don't delete DNSSEC in favour of a CNAME, they can co-exist */
if ((flags & crecp->flags & (F_IPV4 | F_IPV6 | F_SRV | F_NXDOMAIN)) ||
if ((flags & crecp->flags & (F_IPV4 | F_IPV6 | F_RR | F_NXDOMAIN)) ||
(((crecp->flags | flags) & F_CNAME) && !(crecp->flags & (F_DNSKEY | F_DS))) ||
((crecp->flags & flags & F_RR) && addr->rr.rrtype == crecp->addr.rr.rrtype))
{
@@ -791,14 +789,9 @@ void cache_end_insert(void)
read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->ttd, sizeof(new_chain->ttd), 0);
read_write(daemon->pipe_to_parent, (unsigned char *)&flags, sizeof(flags), 0);
if (flags & (F_IPV4 | F_IPV6 | F_DNSKEY | F_DS | F_SRV | F_RR))
if (flags & (F_IPV4 | F_IPV6 | F_DNSKEY | F_DS | F_RR))
read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr, sizeof(new_chain->addr), 0);
if (flags & F_SRV)
{
/* A negative SRV entry is possible and has no data, obviously. */
if (!(flags & F_NEG))
blockdata_write(new_chain->addr.srv.target, new_chain->addr.srv.targetlen, daemon->pipe_to_parent);
}
if (flags & F_RR)
{
/* A negative RR entry is possible and has no data, obviously. */
@@ -869,16 +862,13 @@ int cache_recv_insert(time_t now, int fd)
ttl = difftime(ttd, now);
if (flags & (F_IPV4 | F_IPV6 | F_DNSKEY | F_DS | F_SRV | F_RR))
if (flags & (F_IPV4 | F_IPV6 | F_DNSKEY | F_DS | F_RR))
{
unsigned short class = C_IN;
if (!read_write(fd, (unsigned char *)&addr, sizeof(addr), 1))
return 0;
if ((flags & F_SRV) && !(flags & F_NEG) && !(addr.srv.target = blockdata_read(fd, addr.srv.targetlen)))
return 0;
if ((flags & F_RR) && !(flags & F_NEG) && !(addr.rr.rrdata = blockdata_read(fd, addr.rr.datalen)))
return 0;
#ifdef HAVE_DNSSEC
@@ -1610,7 +1600,7 @@ static void make_non_terminals(struct crec *source)
if (!is_outdated_cname_pointer(crecp) &&
(crecp->flags & F_FORWARD) &&
(crecp->flags & type) &&
!(crecp->flags & (F_IPV4 | F_IPV6 | F_CNAME | F_SRV | F_DNSKEY | F_DS | F_RR)) &&
!(crecp->flags & (F_IPV4 | F_IPV6 | F_CNAME | F_DNSKEY | F_DS | F_RR)) &&
hostname_isequal(name, cache_get_name(crecp)))
{
*up = crecp->hash_next;
@@ -1667,7 +1657,7 @@ static void make_non_terminals(struct crec *source)
if (crecp)
{
crecp->flags = (source->flags | F_NAMEP) & ~(F_IPV4 | F_IPV6 | F_CNAME | F_SRV | F_RR | F_DNSKEY | F_DS | F_REVERSE);
crecp->flags = (source->flags | F_NAMEP) & ~(F_IPV4 | F_IPV6 | F_CNAME | F_RR | F_DNSKEY | F_DS | F_REVERSE);
if (!(crecp->flags & F_IMMORTAL))
crecp->ttd = source->ttd;
crecp->name.namep = name;
@@ -1804,17 +1794,6 @@ static void dump_cache_entry(struct crec *cache, time_t now)
p += sprintf(p, "%-30.30s ", sanitise(n));
if ((cache->flags & F_CNAME) && !is_outdated_cname_pointer(cache))
a = sanitise(cache_get_cname_target(cache));
else if ((cache->flags & F_SRV) && !(cache->flags & F_NEG))
{
int targetlen = cache->addr.srv.targetlen;
ssize_t len = sprintf(a, "%u %u %u ", cache->addr.srv.priority,
cache->addr.srv.weight, cache->addr.srv.srvport);
if (targetlen > (40 - len))
targetlen = 40 - len;
blockdata_retrieve(cache->addr.srv.target, targetlen, a + len);
a[len + targetlen] = 0;
}
else if (cache->flags & F_RR)
sprintf(a, "%s", querystr(NULL, cache->addr.rr.rrtype));
#ifdef HAVE_DNSSEC
@@ -1843,8 +1822,6 @@ static void dump_cache_entry(struct crec *cache, time_t now)
t = "6";
else if (cache->flags & F_CNAME)
t = "C";
else if (cache->flags & F_SRV)
t = "V";
else if (cache->flags & F_RR)
t = "T";
#ifdef HAVE_DNSSEC
@@ -2133,8 +2110,6 @@ void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg,
}
else if (flags & F_CNAME)
dest = "<CNAME>";
else if (flags & F_SRV)
dest = "<SRV>";
else if (flags & F_RRNAME)
dest = arg;
@@ -2158,7 +2133,7 @@ void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg,
}
else if (flags & F_AUTH)
source = "auth";
else if (flags & F_NOERR)
else if (flags & F_DNSSEC)
{
source = arg;
verb = "to";

8
src/dnsmasq.h
View File

@@ -326,10 +326,6 @@ union all_addr {
unsigned char algo;
unsigned char digest;
} ds;
struct {
struct blockdata *target;
unsigned short targetlen, srvport, priority, weight;
} srv;
/* for log_query */
struct {
unsigned short keytag, algo, digest, rcode;
@@ -510,7 +506,7 @@ struct crec {
#define F_QUERY (1u<<19)
#define F_NOERR (1u<<20)
#define F_AUTH (1u<<21)
#define F_RR (1u<<22)
#define F_DNSSEC (1u<<22)
#define F_KEYTAG (1u<<23)
#define F_SECSTAT (1u<<24)
#define F_NO_RR (1u<<25)
@@ -518,7 +514,7 @@ struct crec {
#define F_NOEXTRA (1u<<27)
#define F_DOMAINSRV (1u<<28)
#define F_RCODE (1u<<29)
#define F_SRV (1u<<30)
#define F_RR (1u<<30)
#define F_STALE (1u<<31)
#define UID_NONE 0

6
src/forward.c
View File

@@ -545,7 +545,7 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
}
#ifdef HAVE_DNSSEC
else
log_query_mysockaddr(F_NOEXTRA | F_NOERR | F_SERVER, daemon->namebuff, &srv->addr,
log_query_mysockaddr(F_NOEXTRA | F_DNSSEC | F_SERVER, daemon->namebuff, &srv->addr,
(forward->flags & FREC_DNSKEY_QUERY) ? "dnssec-retry[DNSKEY]" : "dnssec-retry[DS]", 0);
#endif
@@ -1050,7 +1050,7 @@ static void dnssec_validate(struct frec *forward, struct dns_header *header,
#ifdef HAVE_DUMPFILE
dump_packet_udp(DUMP_SEC_QUERY, (void *)header, (size_t)nn, NULL, &server->addr, fd);
#endif
log_query_mysockaddr(F_NOEXTRA | F_NOERR | F_SERVER, daemon->keyname, &server->addr,
log_query_mysockaddr(F_NOEXTRA | F_DNSSEC | F_SERVER, daemon->keyname, &server->addr,
STAT_ISEQUAL(status, STAT_NEED_KEY) ? "dnssec-query[DNSKEY]" : "dnssec-query[DS]", 0);
return;
}
@@ -2059,7 +2059,7 @@ static int tcp_key_recurse(time_t now, int status, struct dns_header *header, si
log_save = daemon->log_display_id;
daemon->log_display_id = ++daemon->log_id;
log_query_mysockaddr(F_NOEXTRA | F_NOERR | F_SERVER, keyname, &server->addr,
log_query_mysockaddr(F_NOEXTRA | F_DNSSEC | F_SERVER, keyname, &server->addr,
STAT_ISEQUAL(status, STAT_NEED_KEY) ? "dnssec-query[DNSKEY]" : "dnssec-query[DS]", 0);
new_status = tcp_key_recurse(now, new_status, new_header, m, class, name, keyname, server, have_mark, mark, keycount);

6
src/option.c
View File

@@ -3446,7 +3446,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
break;
}
case LOPT_FAST_RETRY:
case LOPT_FAST_RETRY: /* --fast-dns-retry */
daemon->fast_retry_timeout = TIMEOUT;
if (!arg)
@@ -3469,7 +3469,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
}
break;
case LOPT_CACHE_RR:
case LOPT_CACHE_RR: /* --cache-rr */
while (1) {
int type;
struct rrlist *new;
@@ -5184,7 +5184,7 @@ err:
break;
}
case LOPT_STALE_CACHE:
case LOPT_STALE_CACHE: /* --use-stale-cache */
{
int max_expiry = STALE_CACHE_EXPIRY;
if (arg)

102
src/rfc1035.c
View File

@@ -705,9 +705,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
addrlen = IN6ADDRSZ;
flags |= F_IPV6;
}
else if (qtype == T_SRV)
flags |= F_SRV;
else if (qtype != T_CNAME && rr_on_list(daemon->cache_rr, qtype))
else if (qtype != T_CNAME && (qtype == T_SRV || rr_on_list(daemon->cache_rr, qtype)))
flags |= F_RR;
else
insert = 0; /* NOTE: do not cache data from CNAME queries. */
@@ -800,26 +798,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
{
found = 1;
if (flags & F_SRV)
{
unsigned char *tmp = namep;
if (!CHECK_LEN(header, p1, qlen, 6))
return 2; /* bad packet */
GETSHORT(addr.srv.priority, p1);
GETSHORT(addr.srv.weight, p1);
GETSHORT(addr.srv.srvport, p1);
if (!extract_name(header, qlen, &p1, name, 1, 0))
return 2;
addr.srv.targetlen = strlen(name) + 1; /* include terminating zero */
if (!(addr.srv.target = blockdata_alloc(name, addr.srv.targetlen)))
return 0;
/* we overwrote the original name, so get it back here. */
if (!extract_name(header, qlen, &tmp, name, 1, 0))
return 2;
}
else if (flags & F_RR)
if (flags & F_RR)
{
short desc, *rrdesc = rrfilter_desc(aqtype);
unsigned char *tmp = namep;
@@ -953,7 +932,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
{
if (flags & F_NXDOMAIN)
{
flags &= ~(F_IPV4 | F_IPV6 | F_SRV | F_RR);
flags &= ~(F_IPV4 | F_IPV6 | F_RR);
/* Can store NXDOMAIN reply for any qtype. */
insert = 1;
@@ -1998,7 +1977,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
since its existence allows us to return a NODATA answer. Note that we never set the AD flag,
since we didn't authentucate the record. */
if (cache_find_by_name(NULL, name, now, F_IPV4 | F_IPV6 | F_SRV))
if (cache_find_by_name(NULL, name, now, F_IPV4 | F_IPV6 | F_RR))
{
ans = 1;
sec_data = auth = 0;
@@ -2053,13 +2032,12 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (qtype == T_SRV || qtype == T_ANY)
{
int found = 0;
struct mx_srv_record *move = NULL, **up = &daemon->mxnames;
for (rec = daemon->mxnames; rec; rec = rec->next)
if (rec->issrv && hostname_isequal(name, rec->name))
{
found = ans = 1;
ans = 1;
sec_data = 0;
if (!dryrun)
{
@@ -2093,60 +2071,6 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
*up = move;
move->next = NULL;
}
if (!found)
{
if ((crecp = cache_find_by_name(NULL, name, now, F_SRV | F_NXDOMAIN | (dryrun ? F_NO_RR : 0))) &&
rd_bit && (!do_bit || cache_validated(crecp)))
do
{
int stale_flag = 0;
if (crec_isstale(crecp, now))
{
if (stale)
*stale = 1;
stale_flag = F_STALE;
}
/* don't answer wildcard queries with data not from /etc/hosts or dhcp leases, except for NXDOMAIN */
if (qtype == T_ANY && !(crecp->flags & (F_NXDOMAIN)))
break;
if (!(crecp->flags & F_DNSSECOK))
sec_data = 0;
auth = 0;
found = ans = 1;
if (crecp->flags & F_NEG)
{
if (crecp->flags & F_NXDOMAIN)
nxdomain = 1;
if (!dryrun)
log_query(stale_flag | crecp->flags, name, NULL, NULL, 0);
}
else if (!dryrun)
{
char *target = blockdata_retrieve(crecp->addr.srv.target, crecp->addr.srv.targetlen, NULL);
log_query(stale_flag | crecp->flags, name, NULL, NULL, 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
crec_ttl(crecp, now), NULL, T_SRV, C_IN, "sssd",
crecp->addr.srv.priority, crecp->addr.srv.weight, crecp->addr.srv.srvport,
target))
anscount++;
}
} while ((crecp = cache_find_by_name(crecp, name, now, F_SRV)));
}
if (!found && option_bool(OPT_FILTER) && (qtype == T_SRV || (qtype == T_ANY && strchr(name, '_'))))
{
ans = 1;
sec_data = 0;
if (!dryrun)
log_query(F_CONFIG | F_NEG, name, NULL, NULL, 0);
}
}
if (qtype == T_NAPTR || qtype == T_ANY)
@@ -2199,7 +2123,10 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!(crecp->flags & F_DNSSECOK))
sec_data = 0;
if (crecp->flags & F_NXDOMAIN)
nxdomain = 1;
auth = 0;
ans = 1;
@@ -2231,9 +2158,16 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!ans)
{
/* We may know that the domain doesn't exist for any RRtype. */
if ((crecp = cache_find_by_name(NULL, name, now, F_NXDOMAIN)))
if (option_bool(OPT_FILTER) && (qtype == T_SRV || (qtype == T_ANY && strchr(name, '_'))))
{
ans = 1;
sec_data = 0;
if (!dryrun)
log_query(F_CONFIG | F_NEG, name, NULL, NULL, 0);
}
else if ((crecp = cache_find_by_name(NULL, name, now, F_NXDOMAIN)))
{
/* We may know that the domain doesn't exist for any RRtype. */
ans = nxdomain = 1;
auth = 0;