]>
Commit | Line | Data |
---|---|---|
bf269e28 RG |
1 | /* |
2 | * This file is part of PowerDNS or dnsdist. | |
3 | * Copyright -- PowerDNS.COM B.V. and its contributors | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of version 2 of the GNU General Public License as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * In addition, for the avoidance of any doubt, permission is granted to | |
10 | * link this program with OpenSSL and to (re)distribute the binaries | |
11 | * produced as the result of such linking. | |
12 | * | |
13 | * This program is distributed in the hope that it will be useful, | |
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
16 | * GNU General Public License for more details. | |
17 | * | |
18 | * You should have received a copy of the GNU General Public License | |
19 | * along with this program; if not, write to the Free Software | |
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
21 | */ | |
22 | #ifndef AUTH_PACKETCACHE_HH | |
23 | #define AUTH_PACKETCACHE_HH | |
24 | ||
25 | #include <string> | |
26 | #include <map> | |
27 | #include "dns.hh" | |
28 | #include <boost/version.hpp> | |
29 | #include "namespaces.hh" | |
30 | using namespace ::boost::multi_index; | |
31 | ||
32 | #include <boost/multi_index/hashed_index.hpp> | |
33 | ||
34 | #include "dnspacket.hh" | |
35 | #include "lock.hh" | |
36 | #include "packetcache.hh" | |
37 | ||
38 | /** This class performs 'whole packet caching'. Feed it a question packet and it will | |
39 | try to find an answer. If you have an answer, insert it to have it cached for later use. | |
40 | Take care not to replace existing cache entries. While this works, it is wasteful. Only | |
41 | insert packets that where not found by get() | |
42 | ||
43 | Locking! | |
44 | ||
45 | The cache itself is protected by a read/write lock. Because deleting is a two step process, which | |
46 | first marks and then sweeps, a second lock is present to prevent simultaneous inserts and deletes. | |
47 | */ | |
48 | ||
49 | class AuthPacketCache : public PacketCache | |
50 | { | |
51 | public: | |
52 | AuthPacketCache(size_t mapsCount=1024); | |
53 | ~AuthPacketCache(); | |
54 | ||
c2826d2e | 55 | void insert(DNSPacket& q, DNSPacket& r, uint32_t maxTTL); //!< We copy the contents of *p into our cache. Do not needlessly call this to insert questions already in the cache as it wastes resources |
bf269e28 | 56 | |
c2826d2e | 57 | bool get(DNSPacket& p, DNSPacket& q); //!< You need to spoof in the right ID with the DNSPacket.spoofID() method. |
bf269e28 RG |
58 | |
59 | void cleanup(); //!< force the cache to preen itself from expired packets | |
60 | uint64_t purge(); | |
61 | uint64_t purge(const std::string& match); // could be $ terminated. Is not a dnsname! | |
62 | uint64_t purgeExact(const DNSName& qname); // no wildcard matching here | |
63 | ||
64 | uint64_t size() const { return *d_statnumentries; }; | |
65 | ||
66 | void setMaxEntries(uint64_t maxEntries) | |
67 | { | |
68 | d_maxEntries = maxEntries; | |
69 | } | |
70 | void setTTL(uint32_t ttl) | |
71 | { | |
72 | d_ttl = ttl; | |
9a037bfa KM |
73 | } |
74 | bool enabled() | |
75 | { | |
76 | return (d_ttl > 0); | |
77 | } | |
bf269e28 RG |
78 | private: |
79 | ||
80 | struct CacheEntry | |
81 | { | |
08b02366 | 82 | mutable string query; |
bf269e28 RG |
83 | mutable string value; |
84 | DNSName qname; | |
85 | ||
86 | mutable time_t created{0}; | |
87 | mutable time_t ttd{0}; | |
88 | uint32_t hash{0}; | |
89 | uint16_t qtype{0}; | |
90 | bool tcp{false}; | |
91 | }; | |
92 | ||
93 | struct HashTag{}; | |
94 | struct NameTag{}; | |
94306029 | 95 | struct SequencedTag{}; |
bf269e28 RG |
96 | typedef multi_index_container< |
97 | CacheEntry, | |
98 | indexed_by < | |
99 | hashed_non_unique<tag<HashTag>, member<CacheEntry,uint32_t,&CacheEntry::hash> >, | |
100 | ordered_non_unique<tag<NameTag>, member<CacheEntry,DNSName,&CacheEntry::qname>, CanonDNSNameCompare >, | |
94306029 | 101 | sequenced<tag<SequencedTag>> |
bf269e28 RG |
102 | > |
103 | > cmap_t; | |
104 | ||
105 | struct MapCombo | |
106 | { | |
040793d4 OM |
107 | MapCombo() { |
108 | pthread_rwlock_init(&d_mut, nullptr); | |
109 | } | |
110 | ~MapCombo() { | |
111 | pthread_rwlock_destroy(&d_mut); | |
112 | } | |
9c0ad051 OM |
113 | MapCombo(const MapCombo&) = delete; |
114 | MapCombo& operator=(const MapCombo&) = delete; | |
115 | ||
040793d4 | 116 | pthread_rwlock_t d_mut; |
bf269e28 RG |
117 | cmap_t d_map; |
118 | }; | |
119 | ||
120 | vector<MapCombo> d_maps; | |
121 | MapCombo& getMap(const DNSName& name) | |
122 | { | |
123 | return d_maps[name.hash() % d_maps.size()]; | |
124 | } | |
125 | ||
08b02366 RG |
126 | static bool entryMatches(cmap_t::index<HashTag>::type::iterator& iter, const std::string& query, const DNSName& qname, uint16_t qtype, bool tcp); |
127 | bool getEntryLocked(cmap_t& map, const std::string& query, uint32_t hash, const DNSName &qname, uint16_t qtype, bool tcp, time_t now, string& entry); | |
bf269e28 RG |
128 | void cleanupIfNeeded(); |
129 | ||
130 | AtomicCounter d_ops{0}; | |
131 | AtomicCounter *d_statnumhit; | |
132 | AtomicCounter *d_statnummiss; | |
133 | AtomicCounter *d_statnumentries; | |
134 | ||
135 | uint64_t d_maxEntries{0}; | |
136 | time_t d_lastclean; // doesn't need to be atomic | |
137 | unsigned long d_nextclean{4096}; | |
138 | unsigned int d_cleaninterval{4096}; | |
139 | uint32_t d_ttl{0}; | |
140 | bool d_cleanskipped{false}; | |
141 | ||
142 | static const unsigned int s_mincleaninterval=1000, s_maxcleaninterval=300000; | |
143 | }; | |
144 | ||
145 | #endif /* AUTH_PACKETCACHE_HH */ |