diff --git a/bin/named/main.c b/bin/named/main.c index 5b456b2290..db6e1e9a68 100644 --- a/bin/named/main.c +++ b/bin/named/main.c @@ -142,6 +142,7 @@ static bool noedns = false; static bool nonearest = false; static bool nosoa = false; static bool notcp = false; +static bool rpzslow = false; static bool sigvalinsecs = false; static bool transferinsecs = false; static bool transferslowly = false; @@ -789,6 +790,8 @@ parse_T_opt(char *option) { if (dns_zone_mkey_month < dns_zone_mkey_day) { named_main_earlyfatal("bad mkeytimer"); } + } else if (!strcmp(option, "rpzslow")) { + rpzslow = true; } else if (!strcmp(option, "sigvalinsecs")) { sigvalinsecs = true; } else if (!strcmp(option, "transferinsecs")) { @@ -1368,6 +1371,9 @@ setup(void) { if (notcp) { ns_server_setoption(sctx, NS_SERVER_NOTCP, true); } + if (rpzslow) { + ns_server_setoption(sctx, NS_SERVER_RPZSLOW, true); + } if (sigvalinsecs) { ns_server_setoption(sctx, NS_SERVER_SIGVALINSECS, true); } diff --git a/bin/named/server.c b/bin/named/server.c index 9628883a90..e9e9ed77f3 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -2554,6 +2554,8 @@ configure_rpz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t **maps, zones->p.nsip_on = nsip_on; zones->p.nsdname_on = nsdname_on; + zones->p.slow_mode = ns_server_getoption(named_g_server->sctx, + NS_SERVER_RPZSLOW); sub_obj = cfg_tuple_get(rpz_obj, "recursive-only"); if (!cfg_obj_isvoid(sub_obj) && !cfg_obj_asboolean(sub_obj)) { diff --git a/lib/dns/include/dns/rpz.h b/lib/dns/include/dns/rpz.h index e5c25cec50..1e93131d28 100644 --- a/lib/dns/include/dns/rpz.h +++ b/lib/dns/include/dns/rpz.h @@ -209,6 +209,7 @@ struct dns_rpz_popt { bool nsip_wait_recurse; bool nsdname_wait_recurse; bool servfail_until_ready; + bool slow_mode; /* Used for system tests with '-T rpzslow' */ unsigned int min_ns_labels; dns_rpz_num_t num_zones; }; diff --git a/lib/dns/rpz.c b/lib/dns/rpz.c index aa7b857bcc..15e93534ee 100644 --- a/lib/dns/rpz.c +++ b/lib/dns/rpz.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #include @@ -1784,6 +1785,7 @@ update_nodes(dns_rpz_zone_t *rpz, isc_ht_t *newnodes) { dns_name_t *name = NULL; dns_fixedname_t fixname; char domain[DNS_NAME_FORMATSIZE]; + bool slow_mode; dns_name_format(&rpz->origin, domain, DNS_NAME_FORMATSIZE); @@ -1807,6 +1809,10 @@ update_nodes(dns_rpz_zone_t *rpz, isc_ht_t *newnodes) { goto cleanup; } + LOCK(&rpz->rpzs->maint_lock); + slow_mode = rpz->rpzs->p.slow_mode; + UNLOCK(&rpz->rpzs->maint_lock); + while (result == ISC_R_SUCCESS) { char namebuf[DNS_NAME_FORMATSIZE]; dns_rdatasetiter_t *rdsiter = NULL; @@ -1907,6 +1913,10 @@ update_nodes(dns_rpz_zone_t *rpz, isc_ht_t *newnodes) { next: result = dns_dbiterator_next(updbit); + + if (slow_mode) { + uv_sleep(100); + } } INSIST(result != ISC_R_SUCCESS); if (result == ISC_R_NOMORE) { diff --git a/lib/ns/include/ns/server.h b/lib/ns/include/ns/server.h index 822ec81399..32f4e1d66b 100644 --- a/lib/ns/include/ns/server.h +++ b/lib/ns/include/ns/server.h @@ -51,6 +51,7 @@ #define NS_SERVER_TRANSFERSTUCK 0x00020000U /*%< -T transferstuck */ #define NS_SERVER_LOGRESPONSES 0x00040000U /*%< log responses */ #define NS_SERVER_COOKIEALWAYSVALID 0x00080000U /*%< -T cookiealwaysvalid */ +#define NS_SERVER_RPZSLOW 0x00100000U /*%< -T rpzslow */ /*% * Type for callback function to get hostname.