From e6dd9db0e4f0e853a8dc2c8738230447f81cd15f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= <michal@isc.org>
Date: Thu, 31 Oct 2019 08:48:35 +0100
Subject: [PATCH 1/2] Prevent TCP failures from affecting EDNS stats

EDNS mechanisms only apply to DNS over UDP.  Thus, errors encountered
while sending DNS queries over TCP must not influence EDNS timeout
statistics.

(cherry picked from commit fce3c93ea2ac63cd06faf817abf3c775fe11a33d)
---
 bin/tests/system/legacy/tests.sh | 12 ++++++++++++
 lib/dns/resolver.c               | 25 ++++++++++++++++++++-----
 2 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/bin/tests/system/legacy/tests.sh b/bin/tests/system/legacy/tests.sh
index abc1ca7682..79254e0db2 100755
--- a/bin/tests/system/legacy/tests.sh
+++ b/bin/tests/system/legacy/tests.sh
@@ -241,6 +241,18 @@ fi
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
+n=`expr $n + 1`
+echo_i "checking that TCP failures do not influence EDNS statistics in the ADB ($n)"
+ret=0
+rndc_dumpdb ns1 -adb || ret=1
+timeouts512=`sed -n "s|.*10\.53\.0\.7.*\[edns \([0-9/][0-9/]*\).*|\1|p" ns1/named_dump.db.test$n | awk -F/ '{print $NF}'`
+if [ $timeouts512 -ne 0 ]; then
+	echo_i "512-byte EDNS timeouts according to ADB: $timeouts512, expected: 0"
+	ret=1
+fi
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
 if $SHELL ../testcrypto.sh > /dev/null 2>&1
 then
     $PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} legacy ns1
diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index 7c65fd9956..4cd51d78ac 100644
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -890,6 +890,25 @@ resquery_destroy(resquery_t **queryp) {
 		empty_bucket(res);
 }
 
+/*%
+ * Update EDNS statistics for a server after not getting a response to a UDP
+ * query sent to it.
+ */
+static void
+update_edns_stats(resquery_t *query) {
+	fetchctx_t *fctx = query->fctx;
+
+	if ((query->options & DNS_FETCHOPT_TCP) != 0) {
+		return;
+	}
+
+	if ((query->options & DNS_FETCHOPT_NOEDNS0) == 0) {
+		dns_adb_ednsto(fctx->adb, query->addrinfo, query->udpsize);
+	} else {
+		dns_adb_timeout(fctx->adb, query->addrinfo);
+	}
+}
+
 static void
 fctx_cancelquery(resquery_t **queryp, dns_dispatchevent_t **deventp,
 		 isc_time_t *finish, bool no_response,
@@ -950,11 +969,7 @@ fctx_cancelquery(resquery_t **queryp, dns_dispatchevent_t **deventp,
 			uint32_t value;
 			uint32_t mask;
 
-			if ((query->options & DNS_FETCHOPT_NOEDNS0) == 0)
-				dns_adb_ednsto(fctx->adb, query->addrinfo,
-					       query->udpsize);
-			else
-				dns_adb_timeout(fctx->adb, query->addrinfo);
+			update_edns_stats(query);
 
 			/*
 			 * If "forward first;" is used and a forwarder timed

From bfe0fc65fd79acaf816d6767a08ed5b146c71716 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= <michal@isc.org>
Date: Thu, 31 Oct 2019 08:48:35 +0100
Subject: [PATCH 2/2] Add CHANGES entry

5310.	[bug]		TCP failures were affecting EDNS statistics. [GL #1059]

(cherry picked from commit 36d3c66e4e139430e176da01f58b927fd572d64b)
---
 CHANGES | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGES b/CHANGES
index db5f4704e9..4bd70c6ecc 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,5 @@
+5310.	[bug]		TCP failures were affecting EDNS statistics. [GL #1059]
+
 5309.	[bug]		"geoip-use-ecs yes;" was not working for GeoIP2.
 			[GL #1275]