[thirdparty/pdns.git] / pdns / recursor_cache.hh

/*
 * This file is part of PowerDNS or dnsdist.
 * Copyright -- PowerDNS.COM B.V. and its contributors
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2 of the GNU General Public License as
 * published by the Free Software Foundation.
 *
 * In addition, for the avoidance of any doubt, permission is granted to
 * link this program with OpenSSL and to (re)distribute the binaries
 * produced as the result of such linking.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#ifndef RECURSOR_CACHE_HH
#define RECURSOR_CACHE_HH
#include <string>
#include <set>
#include "dns.hh"
#include "qtype.hh"
#include "misc.hh"
#include "dnsname.hh"
#include <iostream>
#include "dnsrecords.hh"
#include <boost/utility.hpp>
#include <boost/multi_index_container.hpp>
#include <boost/multi_index/ordered_index.hpp>
#include <boost/multi_index/hashed_index.hpp>
#include <boost/tuple/tuple_comparison.hpp>
#include <boost/multi_index/key_extractors.hpp>
#include <boost/multi_index/sequenced_index.hpp>
#include <boost/version.hpp>
#include "iputils.hh"
#include "validate.hh"
#undef max

#include "namespaces.hh"
using namespace ::boost::multi_index;

class MemRecursorCache : public boost::noncopyable //  : public RecursorCache
{
public:
  MemRecursorCache() : d_cachecachevalid(false)
  {
    cacheHits = cacheMisses = 0;
  }
  unsigned int size() const;
  unsigned int bytes() const;
  size_t ecsIndexSize() const;

  int32_t get(time_t, const DNSName &qname, const QType& qt, bool requireAuth, vector<DNSRecord>* res, const ComboAddress& who, vector<std::shared_ptr<RRSIGRecordContent>>* signatures=nullptr, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs=nullptr, bool* variable=nullptr, vState* state=nullptr, bool* wasAuth=nullptr);

  void replace(time_t, const DNSName &qname, const QType& qt,  const vector<DNSRecord>& content, const vector<shared_ptr<RRSIGRecordContent>>& signatures, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs, bool auth, boost::optional<Netmask> ednsmask=boost::none, vState state=Indeterminate);

  void doPrune(unsigned int keep);
  uint64_t doDump(int fd);

  int doWipeCache(const DNSName& name, bool sub, uint16_t qtype=0xffff);
  bool doAgeCache(time_t now, const DNSName& name, uint16_t qtype, uint32_t newTTL);
  bool updateValidationStatus(time_t now, const DNSName &qname, const QType& qt, const ComboAddress& who, bool requireAuth, vState newState, boost::optional<time_t> capTTD);

  uint64_t cacheHits, cacheMisses;

private:

  struct CacheEntry
  {
    CacheEntry(const boost::tuple<DNSName, uint16_t, Netmask>& key, bool auth):
      d_qname(key.get<0>()), d_netmask(key.get<2>()), d_state(Indeterminate), d_ttd(0), d_qtype(key.get<1>()), d_auth(auth)
    {
    }

    typedef vector<std::shared_ptr<DNSRecordContent>> records_t;
    time_t getTTD() const
    {
      return d_ttd;
    }

    records_t d_records;
    std::vector<std::shared_ptr<RRSIGRecordContent>> d_signatures;
    std::vector<std::shared_ptr<DNSRecord>> d_authorityRecs;
    DNSName d_qname;
    Netmask d_netmask;
    mutable vState d_state;
    mutable time_t d_ttd;
    uint16_t d_qtype;
    bool d_auth;
  };

  /* The ECS Index (d_ecsIndex) keeps track of whether there is any ECS-specific
     entry for a given (qname,qtype) entry in the cache (d_cache), and if so
     provides a NetmaskTree of those ECS entries.
     This allows figuring out quickly if we should look for an entry
     specific to the requestor IP, and if so which entry is the most
     specific one.
     Keeping the entries in the regular cache is currently necessary
     because of the way we manage expired entries (moving them to the
     front of the expunge queue to be deleted at a regular interval).
  */
  class ECSIndexEntry
  {
  public:
    ECSIndexEntry(const DNSName& qname, uint16_t qtype): d_nmt(true), d_qname(qname), d_qtype(qtype)
    {
    }

    Netmask lookupBestMatch(const ComboAddress& addr) const
    {
      Netmask result = Netmask();

      const auto best = d_nmt.lookup(addr);
      if (best != nullptr) {
        result = best->first;
      }

      return result;
    }

    void addMask(const Netmask& nm) const
    {
      d_nmt.insert(nm).second = true;
    }

    void removeNetmask(const Netmask& nm) const
    {
      d_nmt.erase(nm);
    }

    bool isEmpty() const
    {
      return d_nmt.empty();
    }

    mutable NetmaskTree<bool> d_nmt;
    DNSName d_qname;
    uint16_t d_qtype;
  };

  struct HashedTag {};
  struct SequencedTag {};
  struct NameOnlyHashedTag {};
  struct OrderedTag {};

  typedef multi_index_container<
    CacheEntry,
    indexed_by <
                ordered_unique<tag<OrderedTag>,
                        composite_key<
                                CacheEntry,
                                member<CacheEntry,DNSName,&CacheEntry::d_qname>,
                                member<CacheEntry,uint16_t,&CacheEntry::d_qtype>,
                                member<CacheEntry,Netmask,&CacheEntry::d_netmask>
                          >,
                          composite_key_compare<CanonDNSNameCompare, std::less<uint16_t>, std::less<Netmask> >
                >,
                sequenced<tag<SequencedTag> >,
                hashed_non_unique<tag<NameOnlyHashedTag>,
                        member<CacheEntry,DNSName,&CacheEntry::d_qname>
                >
               >
  > cache_t;

  typedef MemRecursorCache::cache_t::index<MemRecursorCache::OrderedTag>::type::iterator OrderedTagIterator_t;
  typedef MemRecursorCache::cache_t::index<MemRecursorCache::NameOnlyHashedTag>::type::iterator NameOnlyHashedTagIterator_t;

  typedef multi_index_container<
    ECSIndexEntry,
    indexed_by <
      hashed_unique <tag<HashedTag>,
        composite_key<
          ECSIndexEntry,
          member<ECSIndexEntry,DNSName,&ECSIndexEntry::d_qname>,
          member<ECSIndexEntry,uint16_t,&ECSIndexEntry::d_qtype>
        >
      >,
      ordered_unique<tag<OrderedTag>,
        composite_key<
          ECSIndexEntry,
          member<ECSIndexEntry,DNSName,&ECSIndexEntry::d_qname>,
          member<ECSIndexEntry,uint16_t,&ECSIndexEntry::d_qtype>
        >,
        composite_key_compare<CanonDNSNameCompare, std::less<uint16_t> >
      >
    >
  > ecsIndex_t;

  cache_t d_cache;
  ecsIndex_t d_ecsIndex;
  std::pair<MemRecursorCache::NameOnlyHashedTagIterator_t, MemRecursorCache::NameOnlyHashedTagIterator_t> d_cachecache;
  DNSName d_cachedqname;
  bool d_cachecachevalid;

  bool entryMatches(OrderedTagIterator_t& entry, uint16_t qt, bool requireAuth, const ComboAddress& who);
  std::pair<NameOnlyHashedTagIterator_t, NameOnlyHashedTagIterator_t> getEntries(const DNSName &qname, const QType& qt);
  cache_t::const_iterator getEntryUsingECSIndex(time_t now, const DNSName &qname, uint16_t qtype, bool requireAuth, const ComboAddress& who);
  int32_t handleHit(OrderedTagIterator_t& entry, const DNSName& qname, const ComboAddress& who, vector<DNSRecord>* res, vector<std::shared_ptr<RRSIGRecordContent>>* signatures, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs, bool* variable, vState* state, bool* wasAuth);

public:
  void preRemoval(const CacheEntry& entry)
  {
    if (entry.d_netmask.empty()) {
      return;
    }

    auto key = tie(entry.d_qname, entry.d_qtype);
    auto ecsIndexEntry = d_ecsIndex.find(key);
    if (ecsIndexEntry != d_ecsIndex.end()) {
      ecsIndexEntry->removeNetmask(entry.d_netmask);
      if (ecsIndexEntry->isEmpty()) {
        d_ecsIndex.erase(ecsIndexEntry);
      }
    }
  }
};
#endif
Commit	Line	Data
12471842 PL	1	/*
	2	* This file is part of PowerDNS or dnsdist.
	3	* Copyright -- PowerDNS.COM B.V. and its contributors
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of version 2 of the GNU General Public License as
	7	* published by the Free Software Foundation.
	8	*
	9	* In addition, for the avoidance of any doubt, permission is granted to
	10	* link this program with OpenSSL and to (re)distribute the binaries
	11	* produced as the result of such linking.
	12	*
	13	* This program is distributed in the hope that it will be useful,
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	* GNU General Public License for more details.
	17	*
	18	* You should have received a copy of the GNU General Public License
	19	* along with this program; if not, write to the Free Software
	20	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	21	*/
6320ad3a BH	22	#ifndef RECURSOR_CACHE_HH
6320ad3a BH	23	#define RECURSOR_CACHE_HH
6320ad3a BH	24	#include <string>
	25	#include <set>
	26	#include "dns.hh"
	27	#include "qtype.hh"
7738a23f	28	#include "misc.hh"
c5c066bf	29	#include "dnsname.hh"
c154c8a4	30	#include <iostream>
57769f13	31	#include "dnsrecords.hh"
8e843282	32	#include <boost/utility.hpp>
ca0b5def BH	33	#include <boost/multi_index_container.hpp>
ca0b5def BH	34	#include <boost/multi_index/ordered_index.hpp>
e74f866a	35	#include <boost/multi_index/hashed_index.hpp>
748eff9f	36	#include <boost/tuple/tuple_comparison.hpp>
ca0b5def	37	#include <boost/multi_index/key_extractors.hpp>
bec87d21	38	#include <boost/multi_index/sequenced_index.hpp>
1676d61a	39	#include <boost/version.hpp>
c4443ccb	40	#include "iputils.hh"
4d2be65d	41	#include "validate.hh"
705f31ae BH	42	#undef max
705f31ae BH	43
61b26744	44	#include "namespaces.hh"
ca0b5def	45	using namespace ::boost::multi_index;
6320ad3a	46
8e843282	47	class MemRecursorCache : public boost::noncopyable // : public RecursorCache
6320ad3a BH	48	{
6320ad3a BH	49	public:
9348824d	50	MemRecursorCache() : d_cachecachevalid(false)
34264879	51	{
b0c3b7d8	52	cacheHits = cacheMisses = 0;
34264879	53	}
1ffea92c RG	54	unsigned int size() const;
	55	unsigned int bytes() const;
	56	size_t ecsIndexSize() const;
	57
428f41b7	58	int32_t get(time_t, const DNSName &qname, const QType& qt, bool requireAuth, vector<DNSRecord>* res, const ComboAddress& who, vector<std::shared_ptr<RRSIGRecordContent>>* signatures=nullptr, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs=nullptr, bool* variable=nullptr, vState* state=nullptr, bool* wasAuth=nullptr);
2b984251 RG	59
2b984251 RG	60	void replace(time_t, const DNSName &qname, const QType& qt, const vector<DNSRecord>& content, const vector<shared_ptr<RRSIGRecordContent>>& signatures, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs, bool auth, boost::optional<Netmask> ednsmask=boost::none, vState state=Indeterminate);
b23b8614	61
c68ae9fa	62	void doPrune(unsigned int keep);
d7948528	63	uint64_t doDump(int fd);
a82ce718	64
86f3ca51	65	int doWipeCache(const DNSName& name, bool sub, uint16_t qtype=0xffff);
6b68a4e3	66	bool doAgeCache(time_t now, const DNSName& name, uint16_t qtype, uint32_t newTTL);
b9473937	67	bool updateValidationStatus(time_t now, const DNSName &qname, const QType& qt, const ComboAddress& who, bool requireAuth, vState newState, boost::optional<time_t> capTTD);
941db220	68
5e4a2466	69	uint64_t cacheHits, cacheMisses;
ea634573	70
6320ad3a	71	private:
43a2b29c	72
ca0b5def BH	73	struct CacheEntry
ca0b5def BH	74	{
48f19abe RG	75	CacheEntry(const boost::tuple<DNSName, uint16_t, Netmask>& key, bool auth):
	76	d_qname(key.get<0>()), d_netmask(key.get<2>()), d_state(Indeterminate), d_ttd(0), d_qtype(key.get<1>()), d_auth(auth)
	77	{
	78	}
748eff9f	79
e325f20c	80	typedef vector<std::shared_ptr<DNSRecordContent>> records_t;
6b68a4e3	81	time_t getTTD() const
ca0b5def	82	{
e325f20c	83	return d_ttd;
ca0b5def	84	}
34264879	85
c4443ccb	86	records_t d_records;
8edd5bb4	87	std::vector<std::shared_ptr<RRSIGRecordContent>> d_signatures;
2b984251	88	std::vector<std::shared_ptr<DNSRecord>> d_authorityRecs;
e74f866a	89	DNSName d_qname;
6c674e9a	90	Netmask d_netmask;
787737ae	91	mutable vState d_state;
b9473937	92	mutable time_t d_ttd;
e74f866a RG	93	uint16_t d_qtype;
	94	bool d_auth;
	95	};
	96
b0274132 RG	97	/* The ECS Index (d_ecsIndex) keeps track of whether there is any ECS-specific
	98	entry for a given (qname,qtype) entry in the cache (d_cache), and if so
	99	provides a NetmaskTree of those ECS entries.
	100	This allows figuring out quickly if we should look for an entry
	101	specific to the requestor IP, and if so which entry is the most
	102	specific one.
	103	Keeping the entries in the regular cache is currently necessary
	104	because of the way we manage expired entries (moving them to the
	105	front of the expunge queue to be deleted at a regular interval).
	106	*/
	107	class ECSIndexEntry
e74f866a RG	108	{
e74f866a RG	109	public:
84a5e382	110	ECSIndexEntry(const DNSName& qname, uint16_t qtype): d_nmt(true), d_qname(qname), d_qtype(qtype)
e74f866a RG	111	{
	112	}
	113
	114	Netmask lookupBestMatch(const ComboAddress& addr) const
	115	{
	116	Netmask result = Netmask();
	117
	118	const auto best = d_nmt.lookup(addr);
	119	if (best != nullptr) {
	120	result = best->first;
	121	}
	122
	123	return result;
	124	}
	125
	126	void addMask(const Netmask& nm) const
	127	{
	128	d_nmt.insert(nm).second = true;
	129	}
	130
	131	void removeNetmask(const Netmask& nm) const
	132	{
	133	d_nmt.erase(nm);
	134	}
	135
	136	bool isEmpty() const
	137	{
	138	return d_nmt.empty();
	139	}
	140
	141	mutable NetmaskTree<bool> d_nmt;
	142	DNSName d_qname;
	143	uint16_t d_qtype;
ca0b5def BH	144	};
ca0b5def BH	145
4c8d2585 RG	146	struct HashedTag {};
	147	struct SequencedTag {};
	148	struct NameOnlyHashedTag {};
	149	struct OrderedTag {};
	150
ca0b5def BH	151	typedef multi_index_container<
	152	CacheEntry,
	153	indexed_by <
4c8d2585 RG	154	ordered_unique<tag<OrderedTag>,
	155	composite_key<
	156	CacheEntry,
	157	member<CacheEntry,DNSName,&CacheEntry::d_qname>,
	158	member<CacheEntry,uint16_t,&CacheEntry::d_qtype>,
	159	member<CacheEntry,Netmask,&CacheEntry::d_netmask>
	160	>,
	161	composite_key_compare<CanonDNSNameCompare, std::less<uint16_t>, std::less<Netmask> >
748eff9f	162	>,
4c8d2585 RG	163	sequenced<tag<SequencedTag> >,
	164	hashed_non_unique<tag<NameOnlyHashedTag>,
	165	member<CacheEntry,DNSName,&CacheEntry::d_qname>
	166	>
ca0b5def BH	167	>
ca0b5def BH	168	> cache_t;
4c8d2585 RG	169
	170	typedef MemRecursorCache::cache_t::index<MemRecursorCache::OrderedTag>::type::iterator OrderedTagIterator_t;
	171	typedef MemRecursorCache::cache_t::index<MemRecursorCache::NameOnlyHashedTag>::type::iterator NameOnlyHashedTagIterator_t;
	172
e74f866a	173	typedef multi_index_container<
b0274132	174	ECSIndexEntry,
e74f866a	175	indexed_by <
4c8d2585	176	hashed_unique <tag<HashedTag>,
e74f866a	177	composite_key<
b0274132 RG	178	ECSIndexEntry,
	179	member<ECSIndexEntry,DNSName,&ECSIndexEntry::d_qname>,
	180	member<ECSIndexEntry,uint16_t,&ECSIndexEntry::d_qtype>
e74f866a	181	>
4c8d2585 RG	182	>,
	183	ordered_unique<tag<OrderedTag>,
	184	composite_key<
	185	ECSIndexEntry,
	186	member<ECSIndexEntry,DNSName,&ECSIndexEntry::d_qname>,
	187	member<ECSIndexEntry,uint16_t,&ECSIndexEntry::d_qtype>
	188	>,
	189	composite_key_compare<CanonDNSNameCompare, std::less<uint16_t> >
e74f866a RG	190	>
e74f866a RG	191	>
b0274132	192	> ecsIndex_t;
ca0b5def	193
6320ad3a	194	cache_t d_cache;
b0274132	195	ecsIndex_t d_ecsIndex;
4c8d2585	196	std::pair<MemRecursorCache::NameOnlyHashedTagIterator_t, MemRecursorCache::NameOnlyHashedTagIterator_t> d_cachecache;
c5c066bf	197	DNSName d_cachedqname;
cf98aa40	198	bool d_cachecachevalid;
787737ae	199
4c8d2585 RG	200	bool entryMatches(OrderedTagIterator_t& entry, uint16_t qt, bool requireAuth, const ComboAddress& who);
4c8d2585 RG	201	std::pair<NameOnlyHashedTagIterator_t, NameOnlyHashedTagIterator_t> getEntries(const DNSName &qname, const QType& qt);
b0274132	202	cache_t::const_iterator getEntryUsingECSIndex(time_t now, const DNSName &qname, uint16_t qtype, bool requireAuth, const ComboAddress& who);
4c8d2585	203	int32_t handleHit(OrderedTagIterator_t& entry, const DNSName& qname, const ComboAddress& who, vector<DNSRecord>* res, vector<std::shared_ptr<RRSIGRecordContent>>* signatures, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs, bool* variable, vState* state, bool* wasAuth);
787737ae	204
e74f866a RG	205	public:
	206	void preRemoval(const CacheEntry& entry)
	207	{
	208	if (entry.d_netmask.empty()) {
	209	return;
	210	}
	211
	212	auto key = tie(entry.d_qname, entry.d_qtype);
b0274132 RG	213	auto ecsIndexEntry = d_ecsIndex.find(key);
	214	if (ecsIndexEntry != d_ecsIndex.end()) {
	215	ecsIndexEntry->removeNetmask(entry.d_netmask);
	216	if (ecsIndexEntry->isEmpty()) {
	217	d_ecsIndex.erase(ecsIndexEntry);
e74f866a RG	218	}
	219	}
	220	}
6320ad3a	221	};
6320ad3a	222	#endif