From e6dd9db0e4f0e853a8dc2c8738230447f81cd15f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Thu, 31 Oct 2019 08:48:35 +0100 Subject: [PATCH] Prevent TCP failures from affecting EDNS stats EDNS mechanisms only apply to DNS over UDP. Thus, errors encountered while sending DNS queries over TCP must not influence EDNS timeout statistics. (cherry picked from commit fce3c93ea2ac63cd06faf817abf3c775fe11a33d) --- bin/tests/system/legacy/tests.sh | 12 ++++++++++++ lib/dns/resolver.c | 25 ++++++++++++++++++++----- 2 files changed, 32 insertions(+), 5 deletions(-) diff --git a/bin/tests/system/legacy/tests.sh b/bin/tests/system/legacy/tests.sh index abc1ca7682..79254e0db2 100755 --- a/bin/tests/system/legacy/tests.sh +++ b/bin/tests/system/legacy/tests.sh @@ -241,6 +241,18 @@ fi if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "checking that TCP failures do not influence EDNS statistics in the ADB ($n)" +ret=0 +rndc_dumpdb ns1 -adb || ret=1 +timeouts512=`sed -n "s|.*10\.53\.0\.7.*\[edns \([0-9/][0-9/]*\).*|\1|p" ns1/named_dump.db.test$n | awk -F/ '{print $NF}'` +if [ $timeouts512 -ne 0 ]; then + echo_i "512-byte EDNS timeouts according to ADB: $timeouts512, expected: 0" + ret=1 +fi +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + if $SHELL ../testcrypto.sh > /dev/null 2>&1 then $PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} legacy ns1 diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 7c65fd9956..4cd51d78ac 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -890,6 +890,25 @@ resquery_destroy(resquery_t **queryp) { empty_bucket(res); } +/*% + * Update EDNS statistics for a server after not getting a response to a UDP + * query sent to it. + */ +static void +update_edns_stats(resquery_t *query) { + fetchctx_t *fctx = query->fctx; + + if ((query->options & DNS_FETCHOPT_TCP) != 0) { + return; + } + + if ((query->options & DNS_FETCHOPT_NOEDNS0) == 0) { + dns_adb_ednsto(fctx->adb, query->addrinfo, query->udpsize); + } else { + dns_adb_timeout(fctx->adb, query->addrinfo); + } +} + static void fctx_cancelquery(resquery_t **queryp, dns_dispatchevent_t **deventp, isc_time_t *finish, bool no_response, @@ -950,11 +969,7 @@ fctx_cancelquery(resquery_t **queryp, dns_dispatchevent_t **deventp, uint32_t value; uint32_t mask; - if ((query->options & DNS_FETCHOPT_NOEDNS0) == 0) - dns_adb_ednsto(fctx->adb, query->addrinfo, - query->udpsize); - else - dns_adb_timeout(fctx->adb, query->addrinfo); + update_edns_stats(query); /* * If "forward first;" is used and a forwarder timed