]>
Commit | Line | Data |
---|---|---|
322345fd LP |
1 | /*** |
2 | This file is part of systemd. | |
3 | ||
4 | Copyright 2014 Lennart Poettering | |
5 | ||
6 | systemd is free software; you can redistribute it and/or modify it | |
7 | under the terms of the GNU Lesser General Public License as published by | |
8 | the Free Software Foundation; either version 2.1 of the License, or | |
9 | (at your option) any later version. | |
10 | ||
11 | systemd is distributed in the hope that it will be useful, but | |
12 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | Lesser General Public License for more details. | |
15 | ||
16 | You should have received a copy of the GNU Lesser General Public License | |
17 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
18 | ***/ | |
19 | ||
202b76ae ZJS |
20 | #include <net/if.h> |
21 | ||
22 | #include "af-list.h" | |
b5efdb8a | 23 | #include "alloc-util.h" |
58db254a | 24 | #include "dns-domain.h" |
02c2857b | 25 | #include "resolved-dns-answer.h" |
322345fd | 26 | #include "resolved-dns-cache.h" |
7e8e0422 | 27 | #include "resolved-dns-packet.h" |
58db254a | 28 | #include "string-util.h" |
322345fd | 29 | |
6af47493 LP |
30 | /* Never cache more than 4K entries. RFC 1536, Section 5 suggests to |
31 | * leave DNS caches unbounded, but that's crazy. */ | |
d98e5504 | 32 | #define CACHE_MAX 4096 |
cbd4560e | 33 | |
d98e5504 LP |
34 | /* We never keep any item longer than 2h in our cache */ |
35 | #define CACHE_TTL_MAX_USEC (2 * USEC_PER_HOUR) | |
322345fd | 36 | |
623a4c97 LP |
37 | typedef enum DnsCacheItemType DnsCacheItemType; |
38 | typedef struct DnsCacheItem DnsCacheItem; | |
39 | ||
40 | enum DnsCacheItemType { | |
41 | DNS_CACHE_POSITIVE, | |
42 | DNS_CACHE_NODATA, | |
43 | DNS_CACHE_NXDOMAIN, | |
44 | }; | |
45 | ||
46 | struct DnsCacheItem { | |
d2579eec | 47 | DnsCacheItemType type; |
623a4c97 LP |
48 | DnsResourceKey *key; |
49 | DnsResourceRecord *rr; | |
d2579eec | 50 | |
623a4c97 | 51 | usec_t until; |
d2579eec LP |
52 | bool authenticated:1; |
53 | bool shared_owner:1; | |
54 | ||
06d12754 | 55 | int ifindex; |
a4076574 LP |
56 | int owner_family; |
57 | union in_addr_union owner_address; | |
d2579eec LP |
58 | |
59 | unsigned prioq_idx; | |
623a4c97 LP |
60 | LIST_FIELDS(DnsCacheItem, by_key); |
61 | }; | |
62 | ||
322345fd LP |
63 | static void dns_cache_item_free(DnsCacheItem *i) { |
64 | if (!i) | |
65 | return; | |
66 | ||
67 | dns_resource_record_unref(i->rr); | |
7e8e0422 | 68 | dns_resource_key_unref(i->key); |
322345fd LP |
69 | free(i); |
70 | } | |
71 | ||
72 | DEFINE_TRIVIAL_CLEANUP_FUNC(DnsCacheItem*, dns_cache_item_free); | |
73 | ||
39963f11 | 74 | static void dns_cache_item_unlink_and_free(DnsCache *c, DnsCacheItem *i) { |
322345fd LP |
75 | DnsCacheItem *first; |
76 | ||
77 | assert(c); | |
78 | ||
79 | if (!i) | |
80 | return; | |
81 | ||
7e8e0422 LP |
82 | first = hashmap_get(c->by_key, i->key); |
83 | LIST_REMOVE(by_key, first, i); | |
322345fd LP |
84 | |
85 | if (first) | |
7e8e0422 | 86 | assert_se(hashmap_replace(c->by_key, first->key, first) >= 0); |
322345fd | 87 | else |
7e8e0422 | 88 | hashmap_remove(c->by_key, i->key); |
322345fd | 89 | |
7e8e0422 | 90 | prioq_remove(c->by_expiry, i, &i->prioq_idx); |
322345fd LP |
91 | |
92 | dns_cache_item_free(i); | |
93 | } | |
94 | ||
f5bdeb01 LP |
95 | static bool dns_cache_remove_by_rr(DnsCache *c, DnsResourceRecord *rr) { |
96 | DnsCacheItem *first, *i; | |
97 | int r; | |
98 | ||
99 | first = hashmap_get(c->by_key, rr->key); | |
100 | LIST_FOREACH(by_key, i, first) { | |
101 | r = dns_resource_record_equal(i->rr, rr); | |
102 | if (r < 0) | |
103 | return r; | |
104 | if (r > 0) { | |
39963f11 | 105 | dns_cache_item_unlink_and_free(c, i); |
f5bdeb01 LP |
106 | return true; |
107 | } | |
108 | } | |
109 | ||
110 | return false; | |
111 | } | |
112 | ||
2dda578f | 113 | static bool dns_cache_remove_by_key(DnsCache *c, DnsResourceKey *key) { |
1f97052f | 114 | DnsCacheItem *first, *i, *n; |
322345fd LP |
115 | |
116 | assert(c); | |
117 | assert(key); | |
118 | ||
1f97052f LP |
119 | first = hashmap_remove(c->by_key, key); |
120 | if (!first) | |
121 | return false; | |
122 | ||
123 | LIST_FOREACH_SAFE(by_key, i, n, first) { | |
124 | prioq_remove(c->by_expiry, i, &i->prioq_idx); | |
125 | dns_cache_item_free(i); | |
6b34a6c9 TG |
126 | } |
127 | ||
1f97052f | 128 | return true; |
322345fd LP |
129 | } |
130 | ||
ef9a3e3c LP |
131 | void dns_cache_flush(DnsCache *c) { |
132 | DnsResourceKey *key; | |
133 | ||
134 | assert(c); | |
135 | ||
136 | while ((key = hashmap_first_key(c->by_key))) | |
2dda578f | 137 | dns_cache_remove_by_key(c, key); |
ef9a3e3c LP |
138 | |
139 | assert(hashmap_size(c->by_key) == 0); | |
140 | assert(prioq_size(c->by_expiry) == 0); | |
141 | ||
142 | c->by_key = hashmap_free(c->by_key); | |
143 | c->by_expiry = prioq_free(c->by_expiry); | |
144 | } | |
145 | ||
322345fd LP |
146 | static void dns_cache_make_space(DnsCache *c, unsigned add) { |
147 | assert(c); | |
148 | ||
149 | if (add <= 0) | |
150 | return; | |
151 | ||
152 | /* Makes space for n new entries. Note that we actually allow | |
153 | * the cache to grow beyond CACHE_MAX, but only when we shall | |
154 | * add more RRs to the cache than CACHE_MAX at once. In that | |
155 | * case the cache will be emptied completely otherwise. */ | |
156 | ||
157 | for (;;) { | |
faa133f3 | 158 | _cleanup_(dns_resource_key_unrefp) DnsResourceKey *key = NULL; |
322345fd LP |
159 | DnsCacheItem *i; |
160 | ||
7e8e0422 | 161 | if (prioq_size(c->by_expiry) <= 0) |
322345fd LP |
162 | break; |
163 | ||
7e8e0422 | 164 | if (prioq_size(c->by_expiry) + add < CACHE_MAX) |
322345fd LP |
165 | break; |
166 | ||
7e8e0422 | 167 | i = prioq_peek(c->by_expiry); |
cbd4560e LP |
168 | assert(i); |
169 | ||
faa133f3 | 170 | /* Take an extra reference to the key so that it |
cbd4560e | 171 | * doesn't go away in the middle of the remove call */ |
7e8e0422 | 172 | key = dns_resource_key_ref(i->key); |
2dda578f | 173 | dns_cache_remove_by_key(c, key); |
322345fd LP |
174 | } |
175 | } | |
176 | ||
177 | void dns_cache_prune(DnsCache *c) { | |
178 | usec_t t = 0; | |
179 | ||
180 | assert(c); | |
181 | ||
182 | /* Remove all entries that are past their TTL */ | |
183 | ||
184 | for (;;) { | |
185 | DnsCacheItem *i; | |
202b76ae | 186 | char key_str[DNS_RESOURCE_KEY_STRING_MAX]; |
322345fd | 187 | |
7e8e0422 | 188 | i = prioq_peek(c->by_expiry); |
322345fd LP |
189 | if (!i) |
190 | break; | |
191 | ||
322345fd | 192 | if (t <= 0) |
240b589b | 193 | t = now(clock_boottime_or_monotonic()); |
322345fd | 194 | |
7e8e0422 | 195 | if (i->until > t) |
322345fd LP |
196 | break; |
197 | ||
d2579eec | 198 | /* Depending whether this is an mDNS shared entry |
202b76ae ZJS |
199 | * either remove only this one RR or the whole RRset */ |
200 | log_debug("Removing %scache entry for %s (expired "USEC_FMT"s ago)", | |
201 | i->shared_owner ? "shared " : "", | |
202 | dns_resource_key_to_string(i->key, key_str, sizeof key_str), | |
203 | (t - i->until) / USEC_PER_SEC); | |
204 | ||
d2579eec | 205 | if (i->shared_owner) |
39963f11 | 206 | dns_cache_item_unlink_and_free(c, i); |
d2579eec LP |
207 | else { |
208 | _cleanup_(dns_resource_key_unrefp) DnsResourceKey *key = NULL; | |
209 | ||
210 | /* Take an extra reference to the key so that it | |
211 | * doesn't go away in the middle of the remove call */ | |
212 | key = dns_resource_key_ref(i->key); | |
2dda578f | 213 | dns_cache_remove_by_key(c, key); |
d2579eec | 214 | } |
322345fd LP |
215 | } |
216 | } | |
217 | ||
218 | static int dns_cache_item_prioq_compare_func(const void *a, const void *b) { | |
322345fd LP |
219 | const DnsCacheItem *x = a, *y = b; |
220 | ||
7e8e0422 | 221 | if (x->until < y->until) |
322345fd | 222 | return -1; |
7e8e0422 | 223 | if (x->until > y->until) |
322345fd LP |
224 | return 1; |
225 | return 0; | |
226 | } | |
227 | ||
623a4c97 | 228 | static int dns_cache_init(DnsCache *c) { |
7e8e0422 LP |
229 | int r; |
230 | ||
623a4c97 LP |
231 | assert(c); |
232 | ||
7e8e0422 LP |
233 | r = prioq_ensure_allocated(&c->by_expiry, dns_cache_item_prioq_compare_func); |
234 | if (r < 0) | |
235 | return r; | |
236 | ||
d5099efc | 237 | r = hashmap_ensure_allocated(&c->by_key, &dns_resource_key_hash_ops); |
7e8e0422 LP |
238 | if (r < 0) |
239 | return r; | |
240 | ||
241 | return r; | |
242 | } | |
243 | ||
244 | static int dns_cache_link_item(DnsCache *c, DnsCacheItem *i) { | |
245 | DnsCacheItem *first; | |
246 | int r; | |
247 | ||
322345fd LP |
248 | assert(c); |
249 | assert(i); | |
322345fd | 250 | |
7e8e0422 LP |
251 | r = prioq_put(c->by_expiry, i, &i->prioq_idx); |
252 | if (r < 0) | |
253 | return r; | |
322345fd | 254 | |
7e8e0422 LP |
255 | first = hashmap_get(c->by_key, i->key); |
256 | if (first) { | |
f57e3cd5 LP |
257 | _cleanup_(dns_resource_key_unrefp) DnsResourceKey *k = NULL; |
258 | ||
259 | /* Keep a reference to the original key, while we manipulate the list. */ | |
260 | k = dns_resource_key_ref(first->key); | |
261 | ||
262 | /* Now, try to reduce the number of keys we keep */ | |
263 | dns_resource_key_reduce(&first->key, &i->key); | |
264 | ||
265 | if (first->rr) | |
266 | dns_resource_key_reduce(&first->rr->key, &i->key); | |
267 | if (i->rr) | |
268 | dns_resource_key_reduce(&i->rr->key, &i->key); | |
269 | ||
7e8e0422 LP |
270 | LIST_PREPEND(by_key, first, i); |
271 | assert_se(hashmap_replace(c->by_key, first->key, first) >= 0); | |
272 | } else { | |
273 | r = hashmap_put(c->by_key, i->key, i); | |
274 | if (r < 0) { | |
275 | prioq_remove(c->by_expiry, i, &i->prioq_idx); | |
276 | return r; | |
277 | } | |
322345fd LP |
278 | } |
279 | ||
7e8e0422 | 280 | return 0; |
322345fd LP |
281 | } |
282 | ||
faa133f3 LP |
283 | static DnsCacheItem* dns_cache_get(DnsCache *c, DnsResourceRecord *rr) { |
284 | DnsCacheItem *i; | |
285 | ||
286 | assert(c); | |
287 | assert(rr); | |
288 | ||
7e8e0422 | 289 | LIST_FOREACH(by_key, i, hashmap_get(c->by_key, rr->key)) |
3ef77d04 | 290 | if (i->rr && dns_resource_record_equal(i->rr, rr) > 0) |
faa133f3 LP |
291 | return i; |
292 | ||
293 | return NULL; | |
294 | } | |
295 | ||
d3760be0 | 296 | static usec_t calculate_until(DnsResourceRecord *rr, uint32_t nsec_ttl, usec_t timestamp, bool use_soa_minimum) { |
b211dc7e LP |
297 | uint32_t ttl; |
298 | usec_t u; | |
ee3d6aff LP |
299 | |
300 | assert(rr); | |
301 | ||
d3760be0 | 302 | ttl = MIN(rr->ttl, nsec_ttl); |
b211dc7e LP |
303 | if (rr->key->type == DNS_TYPE_SOA && use_soa_minimum) { |
304 | /* If this is a SOA RR, and it is requested, clamp to | |
305 | * the SOA's minimum field. This is used when we do | |
306 | * negative caching, to determine the TTL for the | |
307 | * negative caching entry. See RFC 2308, Section | |
308 | * 5. */ | |
ee3d6aff | 309 | |
b211dc7e LP |
310 | if (ttl > rr->soa.minimum) |
311 | ttl = rr->soa.minimum; | |
312 | } | |
313 | ||
314 | u = ttl * USEC_PER_SEC; | |
315 | if (u > CACHE_TTL_MAX_USEC) | |
316 | u = CACHE_TTL_MAX_USEC; | |
ee3d6aff LP |
317 | |
318 | if (rr->expiry != USEC_INFINITY) { | |
319 | usec_t left; | |
320 | ||
b211dc7e LP |
321 | /* Make use of the DNSSEC RRSIG expiry info, if we |
322 | * have it */ | |
ee3d6aff LP |
323 | |
324 | left = LESS_BY(rr->expiry, now(CLOCK_REALTIME)); | |
b211dc7e LP |
325 | if (u > left) |
326 | u = left; | |
ee3d6aff LP |
327 | } |
328 | ||
b211dc7e | 329 | return timestamp + u; |
ee3d6aff LP |
330 | } |
331 | ||
d2579eec LP |
332 | static void dns_cache_item_update_positive( |
333 | DnsCache *c, | |
334 | DnsCacheItem *i, | |
335 | DnsResourceRecord *rr, | |
336 | bool authenticated, | |
337 | bool shared_owner, | |
338 | usec_t timestamp, | |
06d12754 | 339 | int ifindex, |
d2579eec LP |
340 | int owner_family, |
341 | const union in_addr_union *owner_address) { | |
342 | ||
7e8e0422 LP |
343 | assert(c); |
344 | assert(i); | |
345 | assert(rr); | |
d2579eec | 346 | assert(owner_address); |
7e8e0422 LP |
347 | |
348 | i->type = DNS_CACHE_POSITIVE; | |
349 | ||
ece174c5 | 350 | if (!i->by_key_prev) |
7e8e0422 LP |
351 | /* We are the first item in the list, we need to |
352 | * update the key used in the hashmap */ | |
353 | ||
354 | assert_se(hashmap_replace(c->by_key, rr->key, i) >= 0); | |
7e8e0422 LP |
355 | |
356 | dns_resource_record_ref(rr); | |
357 | dns_resource_record_unref(i->rr); | |
358 | i->rr = rr; | |
359 | ||
360 | dns_resource_key_unref(i->key); | |
361 | i->key = dns_resource_key_ref(rr->key); | |
362 | ||
d3760be0 | 363 | i->until = calculate_until(rr, (uint32_t) -1, timestamp, false); |
d2579eec LP |
364 | i->authenticated = authenticated; |
365 | i->shared_owner = shared_owner; | |
366 | ||
06d12754 LP |
367 | i->ifindex = ifindex; |
368 | ||
d2579eec LP |
369 | i->owner_family = owner_family; |
370 | i->owner_address = *owner_address; | |
7e8e0422 LP |
371 | |
372 | prioq_reshuffle(c->by_expiry, i, &i->prioq_idx); | |
373 | } | |
374 | ||
a4076574 LP |
375 | static int dns_cache_put_positive( |
376 | DnsCache *c, | |
377 | DnsResourceRecord *rr, | |
931851e8 | 378 | bool authenticated, |
d2579eec | 379 | bool shared_owner, |
a4076574 | 380 | usec_t timestamp, |
06d12754 | 381 | int ifindex, |
a4076574 LP |
382 | int owner_family, |
383 | const union in_addr_union *owner_address) { | |
384 | ||
322345fd | 385 | _cleanup_(dns_cache_item_freep) DnsCacheItem *i = NULL; |
7e8e0422 | 386 | DnsCacheItem *existing; |
202b76ae | 387 | char key_str[DNS_RESOURCE_KEY_STRING_MAX], ifname[IF_NAMESIZE]; |
a257f9d4 | 388 | int r, k; |
322345fd LP |
389 | |
390 | assert(c); | |
391 | assert(rr); | |
a4076574 | 392 | assert(owner_address); |
322345fd | 393 | |
222148b6 LP |
394 | /* Never cache pseudo RRs */ |
395 | if (dns_class_is_pseudo(rr->key->class)) | |
396 | return 0; | |
397 | if (dns_type_is_pseudo(rr->key->type)) | |
398 | return 0; | |
399 | ||
f5bdeb01 | 400 | /* New TTL is 0? Delete this specific entry... */ |
322345fd | 401 | if (rr->ttl <= 0) { |
f5bdeb01 | 402 | k = dns_cache_remove_by_rr(c, rr); |
202b76ae ZJS |
403 | log_debug("%s: %s", |
404 | k > 0 ? "Removed zero TTL entry from cache" : "Not caching zero TTL cache entry", | |
18665d1f | 405 | dns_resource_key_to_string(rr->key, key_str, sizeof key_str)); |
322345fd LP |
406 | return 0; |
407 | } | |
408 | ||
d2579eec | 409 | /* Entry exists already? Update TTL, timestamp and owner*/ |
322345fd LP |
410 | existing = dns_cache_get(c, rr); |
411 | if (existing) { | |
d2579eec LP |
412 | dns_cache_item_update_positive( |
413 | c, | |
414 | existing, | |
415 | rr, | |
416 | authenticated, | |
417 | shared_owner, | |
418 | timestamp, | |
06d12754 | 419 | ifindex, |
d2579eec LP |
420 | owner_family, |
421 | owner_address); | |
322345fd LP |
422 | return 0; |
423 | } | |
424 | ||
425 | /* Otherwise, add the new RR */ | |
623a4c97 | 426 | r = dns_cache_init(c); |
322345fd LP |
427 | if (r < 0) |
428 | return r; | |
429 | ||
7e8e0422 LP |
430 | dns_cache_make_space(c, 1); |
431 | ||
432 | i = new0(DnsCacheItem, 1); | |
433 | if (!i) | |
434 | return -ENOMEM; | |
435 | ||
436 | i->type = DNS_CACHE_POSITIVE; | |
437 | i->key = dns_resource_key_ref(rr->key); | |
438 | i->rr = dns_resource_record_ref(rr); | |
d3760be0 | 439 | i->until = calculate_until(rr, (uint32_t) -1, timestamp, false); |
d2579eec LP |
440 | i->authenticated = authenticated; |
441 | i->shared_owner = shared_owner; | |
06d12754 | 442 | i->ifindex = ifindex; |
a4076574 LP |
443 | i->owner_family = owner_family; |
444 | i->owner_address = *owner_address; | |
d2579eec | 445 | i->prioq_idx = PRIOQ_IDX_NULL; |
7e8e0422 LP |
446 | |
447 | r = dns_cache_link_item(c, i); | |
448 | if (r < 0) | |
449 | return r; | |
450 | ||
a257f9d4 | 451 | if (log_get_max_level() >= LOG_DEBUG) { |
202b76ae ZJS |
452 | _cleanup_free_ char *t = NULL; |
453 | ||
454 | (void) in_addr_to_string(i->owner_family, &i->owner_address, &t); | |
455 | ||
456 | log_debug("Added positive %s%s cache entry for %s "USEC_FMT"s on %s/%s/%s", | |
457 | i->authenticated ? "authenticated" : "unauthenticated", | |
458 | i->shared_owner ? " shared" : "", | |
459 | dns_resource_key_to_string(i->key, key_str, sizeof key_str), | |
460 | (i->until - timestamp) / USEC_PER_SEC, | |
461 | i->ifindex == 0 ? "*" : strna(if_indextoname(i->ifindex, ifname)), | |
462 | af_to_name_short(i->owner_family), | |
463 | strna(t)); | |
a257f9d4 | 464 | } |
6b34a6c9 | 465 | |
7e8e0422 LP |
466 | i = NULL; |
467 | return 0; | |
468 | } | |
469 | ||
a4076574 LP |
470 | static int dns_cache_put_negative( |
471 | DnsCache *c, | |
472 | DnsResourceKey *key, | |
473 | int rcode, | |
931851e8 | 474 | bool authenticated, |
d3760be0 | 475 | uint32_t nsec_ttl, |
a4076574 | 476 | usec_t timestamp, |
b211dc7e | 477 | DnsResourceRecord *soa, |
a4076574 LP |
478 | int owner_family, |
479 | const union in_addr_union *owner_address) { | |
480 | ||
7e8e0422 | 481 | _cleanup_(dns_cache_item_freep) DnsCacheItem *i = NULL; |
202b76ae | 482 | char key_str[DNS_RESOURCE_KEY_STRING_MAX]; |
7e8e0422 LP |
483 | int r; |
484 | ||
485 | assert(c); | |
486 | assert(key); | |
b211dc7e | 487 | assert(soa); |
a4076574 | 488 | assert(owner_address); |
7e8e0422 | 489 | |
98b6be77 LP |
490 | /* Never cache pseudo RR keys. DNS_TYPE_ANY is particularly |
491 | * important to filter out as we use this as a pseudo-type for | |
492 | * NXDOMAIN entries */ | |
222148b6 | 493 | if (dns_class_is_pseudo(key->class)) |
ddf16339 | 494 | return 0; |
c33be4a6 | 495 | if (dns_type_is_pseudo(key->type)) |
ddf16339 | 496 | return 0; |
222148b6 | 497 | |
d3760be0 | 498 | if (nsec_ttl <= 0 || soa->soa.minimum <= 0 || soa->ttl <= 0) { |
202b76ae | 499 | log_debug("Not caching negative entry with zero SOA/NSEC/NSEC3 TTL: %s", |
18665d1f | 500 | dns_resource_key_to_string(key, key_str, sizeof key_str)); |
95dd6257 | 501 | return 0; |
6b34a6c9 | 502 | } |
ddf16339 | 503 | |
7e8e0422 LP |
504 | if (!IN_SET(rcode, DNS_RCODE_SUCCESS, DNS_RCODE_NXDOMAIN)) |
505 | return 0; | |
506 | ||
623a4c97 | 507 | r = dns_cache_init(c); |
322345fd LP |
508 | if (r < 0) |
509 | return r; | |
510 | ||
511 | dns_cache_make_space(c, 1); | |
512 | ||
513 | i = new0(DnsCacheItem, 1); | |
514 | if (!i) | |
515 | return -ENOMEM; | |
516 | ||
7e8e0422 | 517 | i->type = rcode == DNS_RCODE_SUCCESS ? DNS_CACHE_NODATA : DNS_CACHE_NXDOMAIN; |
d3760be0 | 518 | i->until = calculate_until(soa, nsec_ttl, timestamp, true); |
d2579eec | 519 | i->authenticated = authenticated; |
a4076574 LP |
520 | i->owner_family = owner_family; |
521 | i->owner_address = *owner_address; | |
d2579eec | 522 | i->prioq_idx = PRIOQ_IDX_NULL; |
322345fd | 523 | |
71e13669 TG |
524 | if (i->type == DNS_CACHE_NXDOMAIN) { |
525 | /* NXDOMAIN entries should apply equally to all types, so we use ANY as | |
526 | * a pseudo type for this purpose here. */ | |
1c02e7ba | 527 | i->key = dns_resource_key_new(key->class, DNS_TYPE_ANY, dns_resource_key_name(key)); |
71e13669 TG |
528 | if (!i->key) |
529 | return -ENOMEM; | |
a5444ca9 LP |
530 | |
531 | /* Make sure to remove any previous entry for this | |
532 | * specific ANY key. (For non-ANY keys the cache data | |
533 | * is already cleared by the caller.) Note that we | |
534 | * don't bother removing positive or NODATA cache | |
535 | * items in this case, because it would either be slow | |
536 | * or require explicit indexing by name */ | |
537 | dns_cache_remove_by_key(c, key); | |
71e13669 TG |
538 | } else |
539 | i->key = dns_resource_key_ref(key); | |
540 | ||
7e8e0422 | 541 | r = dns_cache_link_item(c, i); |
322345fd LP |
542 | if (r < 0) |
543 | return r; | |
544 | ||
202b76ae ZJS |
545 | log_debug("Added %s cache entry for %s "USEC_FMT"s", |
546 | i->type == DNS_CACHE_NODATA ? "NODATA" : "NXDOMAIN", | |
547 | dns_resource_key_to_string(i->key, key_str, sizeof key_str), | |
548 | (i->until - timestamp) / USEC_PER_SEC); | |
6b34a6c9 | 549 | |
322345fd | 550 | i = NULL; |
322345fd LP |
551 | return 0; |
552 | } | |
553 | ||
d2579eec LP |
554 | static void dns_cache_remove_previous( |
555 | DnsCache *c, | |
556 | DnsResourceKey *key, | |
557 | DnsAnswer *answer) { | |
558 | ||
559 | DnsResourceRecord *rr; | |
560 | DnsAnswerFlags flags; | |
561 | ||
562 | assert(c); | |
563 | ||
564 | /* First, if we were passed a key (i.e. on LLMNR/DNS, but | |
565 | * not on mDNS), delete all matching old RRs, so that we only | |
566 | * keep complete by_key in place. */ | |
567 | if (key) | |
2dda578f | 568 | dns_cache_remove_by_key(c, key); |
d2579eec LP |
569 | |
570 | /* Second, flush all entries matching the answer, unless this | |
571 | * is an RR that is explicitly marked to be "shared" between | |
572 | * peers (i.e. mDNS RRs without the flush-cache bit set). */ | |
573 | DNS_ANSWER_FOREACH_FLAGS(rr, flags, answer) { | |
574 | if ((flags & DNS_ANSWER_CACHEABLE) == 0) | |
575 | continue; | |
576 | ||
577 | if (flags & DNS_ANSWER_SHARED_OWNER) | |
578 | continue; | |
579 | ||
2dda578f | 580 | dns_cache_remove_by_key(c, rr->key); |
d2579eec LP |
581 | } |
582 | } | |
583 | ||
f6618dcd LP |
584 | static bool rr_eligible(DnsResourceRecord *rr) { |
585 | assert(rr); | |
586 | ||
587 | /* When we see an NSEC/NSEC3 RR, we'll only cache it if it is from the lower zone, not the upper zone, since | |
588 | * that's where the interesting bits are (with exception of DS RRs). Of course, this way we cannot derive DS | |
589 | * existence from any cached NSEC/NSEC3, but that should be fine. */ | |
590 | ||
591 | switch (rr->key->type) { | |
592 | ||
593 | case DNS_TYPE_NSEC: | |
594 | return !bitmap_isset(rr->nsec.types, DNS_TYPE_NS) || | |
595 | bitmap_isset(rr->nsec.types, DNS_TYPE_SOA); | |
596 | ||
597 | case DNS_TYPE_NSEC3: | |
598 | return !bitmap_isset(rr->nsec3.types, DNS_TYPE_NS) || | |
599 | bitmap_isset(rr->nsec3.types, DNS_TYPE_SOA); | |
600 | ||
601 | default: | |
602 | return true; | |
603 | } | |
604 | } | |
605 | ||
a4076574 LP |
606 | int dns_cache_put( |
607 | DnsCache *c, | |
8e427d9b | 608 | DnsResourceKey *key, |
a4076574 LP |
609 | int rcode, |
610 | DnsAnswer *answer, | |
931851e8 | 611 | bool authenticated, |
d3760be0 | 612 | uint32_t nsec_ttl, |
a4076574 LP |
613 | usec_t timestamp, |
614 | int owner_family, | |
615 | const union in_addr_union *owner_address) { | |
616 | ||
02c2857b | 617 | DnsResourceRecord *soa = NULL, *rr; |
105e1512 LP |
618 | DnsAnswerFlags flags; |
619 | unsigned cache_keys; | |
06d12754 | 620 | int r, ifindex; |
322345fd LP |
621 | |
622 | assert(c); | |
d2579eec | 623 | assert(owner_address); |
322345fd | 624 | |
d2579eec | 625 | dns_cache_remove_previous(c, key, answer); |
0ec7c46e | 626 | |
ea207b63 | 627 | if (dns_answer_size(answer) <= 0) { |
202b76ae | 628 | char key_str[DNS_RESOURCE_KEY_STRING_MAX]; |
c3cb6dc2 | 629 | |
202b76ae ZJS |
630 | log_debug("Not caching negative entry without a SOA record: %s", |
631 | dns_resource_key_to_string(key, key_str, sizeof key_str)); | |
0ec7c46e | 632 | return 0; |
c3cb6dc2 | 633 | } |
0ec7c46e | 634 | |
7e8e0422 LP |
635 | /* We only care for positive replies and NXDOMAINs, on all |
636 | * other replies we will simply flush the respective entries, | |
637 | * and that's it */ | |
7e8e0422 LP |
638 | if (!IN_SET(rcode, DNS_RCODE_SUCCESS, DNS_RCODE_NXDOMAIN)) |
639 | return 0; | |
640 | ||
ea207b63 | 641 | cache_keys = dns_answer_size(answer); |
8e427d9b | 642 | if (key) |
313cefa1 | 643 | cache_keys++; |
eff91ee0 | 644 | |
7e8e0422 | 645 | /* Make some space for our new entries */ |
eff91ee0 | 646 | dns_cache_make_space(c, cache_keys); |
322345fd | 647 | |
7e8e0422 | 648 | if (timestamp <= 0) |
240b589b | 649 | timestamp = now(clock_boottime_or_monotonic()); |
322345fd | 650 | |
7e8e0422 | 651 | /* Second, add in positive entries for all contained RRs */ |
06d12754 | 652 | DNS_ANSWER_FOREACH_FULL(rr, ifindex, flags, answer) { |
105e1512 LP |
653 | if ((flags & DNS_ANSWER_CACHEABLE) == 0) |
654 | continue; | |
655 | ||
f6618dcd LP |
656 | r = rr_eligible(rr); |
657 | if (r < 0) | |
658 | return r; | |
659 | if (r == 0) | |
660 | continue; | |
661 | ||
d2579eec LP |
662 | r = dns_cache_put_positive( |
663 | c, | |
664 | rr, | |
665 | flags & DNS_ANSWER_AUTHENTICATED, | |
666 | flags & DNS_ANSWER_SHARED_OWNER, | |
667 | timestamp, | |
06d12754 | 668 | ifindex, |
d2579eec | 669 | owner_family, owner_address); |
7e8e0422 LP |
670 | if (r < 0) |
671 | goto fail; | |
672 | } | |
673 | ||
d2579eec | 674 | if (!key) /* mDNS doesn't know negative caching, really */ |
eff91ee0 DM |
675 | return 0; |
676 | ||
8e427d9b | 677 | /* Third, add in negative entries if the key has no RR */ |
105e1512 | 678 | r = dns_answer_match_key(answer, key, NULL); |
8e427d9b TG |
679 | if (r < 0) |
680 | goto fail; | |
681 | if (r > 0) | |
682 | return 0; | |
7e8e0422 | 683 | |
5d27351f TG |
684 | /* But not if it has a matching CNAME/DNAME (the negative |
685 | * caching will be done on the canonical name, not on the | |
686 | * alias) */ | |
105e1512 | 687 | r = dns_answer_find_cname_or_dname(answer, key, NULL, NULL); |
5d27351f TG |
688 | if (r < 0) |
689 | goto fail; | |
690 | if (r > 0) | |
691 | return 0; | |
692 | ||
547973de LP |
693 | /* See https://tools.ietf.org/html/rfc2308, which say that a |
694 | * matching SOA record in the packet is used to to enable | |
695 | * negative caching. */ | |
fd009cd8 | 696 | r = dns_answer_find_soa(answer, key, &soa, &flags); |
8e427d9b TG |
697 | if (r < 0) |
698 | goto fail; | |
699 | if (r == 0) | |
700 | return 0; | |
7e8e0422 | 701 | |
fd009cd8 LP |
702 | /* Refuse using the SOA data if it is unsigned, but the key is |
703 | * signed */ | |
704 | if (authenticated && (flags & DNS_ANSWER_AUTHENTICATED) == 0) | |
705 | return 0; | |
706 | ||
d2579eec LP |
707 | r = dns_cache_put_negative( |
708 | c, | |
709 | key, | |
710 | rcode, | |
711 | authenticated, | |
d3760be0 | 712 | nsec_ttl, |
d2579eec | 713 | timestamp, |
b211dc7e | 714 | soa, |
d2579eec | 715 | owner_family, owner_address); |
8e427d9b TG |
716 | if (r < 0) |
717 | goto fail; | |
322345fd LP |
718 | |
719 | return 0; | |
720 | ||
721 | fail: | |
722 | /* Adding all RRs failed. Let's clean up what we already | |
723 | * added, just in case */ | |
724 | ||
8e427d9b | 725 | if (key) |
2dda578f | 726 | dns_cache_remove_by_key(c, key); |
eff91ee0 | 727 | |
105e1512 LP |
728 | DNS_ANSWER_FOREACH_FLAGS(rr, flags, answer) { |
729 | if ((flags & DNS_ANSWER_CACHEABLE) == 0) | |
730 | continue; | |
731 | ||
2dda578f | 732 | dns_cache_remove_by_key(c, rr->key); |
105e1512 | 733 | } |
322345fd LP |
734 | |
735 | return r; | |
736 | } | |
737 | ||
37da8931 | 738 | static DnsCacheItem *dns_cache_get_by_key_follow_cname_dname_nsec(DnsCache *c, DnsResourceKey *k) { |
58db254a LP |
739 | DnsCacheItem *i; |
740 | const char *n; | |
741 | int r; | |
5643c00a TG |
742 | |
743 | assert(c); | |
744 | assert(k); | |
745 | ||
58db254a LP |
746 | /* If we hit some OOM error, or suchlike, we don't care too |
747 | * much, after all this is just a cache */ | |
748 | ||
5643c00a | 749 | i = hashmap_get(c->by_key, k); |
d7ce6c94 | 750 | if (i) |
37da8931 LP |
751 | return i; |
752 | ||
1c02e7ba | 753 | n = dns_resource_key_name(k); |
37da8931 | 754 | |
71e13669 TG |
755 | /* Check if we have an NXDOMAIN cache item for the name, notice that we use |
756 | * the pseudo-type ANY for NXDOMAIN cache items. */ | |
757 | i = hashmap_get(c->by_key, &DNS_RESOURCE_KEY_CONST(k->class, DNS_TYPE_ANY, n)); | |
758 | if (i && i->type == DNS_CACHE_NXDOMAIN) | |
759 | return i; | |
760 | ||
d3c7e913 | 761 | if (dns_type_may_redirect(k->type)) { |
d7ce6c94 TG |
762 | /* Check if we have a CNAME record instead */ |
763 | i = hashmap_get(c->by_key, &DNS_RESOURCE_KEY_CONST(k->class, DNS_TYPE_CNAME, n)); | |
764 | if (i) | |
765 | return i; | |
5643c00a | 766 | |
d7ce6c94 TG |
767 | /* OK, let's look for cached DNAME records. */ |
768 | for (;;) { | |
d7ce6c94 TG |
769 | if (isempty(n)) |
770 | return NULL; | |
771 | ||
772 | i = hashmap_get(c->by_key, &DNS_RESOURCE_KEY_CONST(k->class, DNS_TYPE_DNAME, n)); | |
773 | if (i) | |
774 | return i; | |
58db254a | 775 | |
d7ce6c94 | 776 | /* Jump one label ahead */ |
950b692b | 777 | r = dns_name_parent(&n); |
d7ce6c94 TG |
778 | if (r <= 0) |
779 | return NULL; | |
780 | } | |
781 | } | |
5643c00a | 782 | |
950b692b | 783 | if (k->type != DNS_TYPE_NSEC) { |
d7ce6c94 TG |
784 | /* Check if we have an NSEC record instead for the name. */ |
785 | i = hashmap_get(c->by_key, &DNS_RESOURCE_KEY_CONST(k->class, DNS_TYPE_NSEC, n)); | |
58db254a LP |
786 | if (i) |
787 | return i; | |
58db254a LP |
788 | } |
789 | ||
790 | return NULL; | |
5643c00a TG |
791 | } |
792 | ||
931851e8 | 793 | int dns_cache_lookup(DnsCache *c, DnsResourceKey *key, int *rcode, DnsAnswer **ret, bool *authenticated) { |
faa133f3 | 794 | _cleanup_(dns_answer_unrefp) DnsAnswer *answer = NULL; |
202b76ae | 795 | char key_str[DNS_RESOURCE_KEY_STRING_MAX]; |
f52e61da | 796 | unsigned n = 0; |
322345fd | 797 | int r; |
7e8e0422 | 798 | bool nxdomain = false; |
931851e8 LP |
799 | DnsCacheItem *j, *first, *nsec = NULL; |
800 | bool have_authenticated = false, have_non_authenticated = false; | |
322345fd LP |
801 | |
802 | assert(c); | |
f52e61da | 803 | assert(key); |
623a4c97 | 804 | assert(rcode); |
faa133f3 | 805 | assert(ret); |
931851e8 | 806 | assert(authenticated); |
322345fd | 807 | |
202b76ae | 808 | if (key->type == DNS_TYPE_ANY || key->class == DNS_CLASS_ANY) { |
931851e8 LP |
809 | /* If we have ANY lookups we don't use the cache, so |
810 | * that the caller refreshes via the network. */ | |
322345fd | 811 | |
202b76ae ZJS |
812 | log_debug("Ignoring cache for ANY lookup: %s", |
813 | dns_resource_key_to_string(key, key_str, sizeof key_str)); | |
6b34a6c9 | 814 | |
a150ff5e LP |
815 | c->n_miss++; |
816 | ||
f52e61da LP |
817 | *ret = NULL; |
818 | *rcode = DNS_RCODE_SUCCESS; | |
819 | return 0; | |
820 | } | |
6b34a6c9 | 821 | |
37da8931 | 822 | first = dns_cache_get_by_key_follow_cname_dname_nsec(c, key); |
f52e61da LP |
823 | if (!first) { |
824 | /* If one question cannot be answered we need to refresh */ | |
ddf16339 | 825 | |
202b76ae ZJS |
826 | log_debug("Cache miss for %s", |
827 | dns_resource_key_to_string(key, key_str, sizeof key_str)); | |
6b34a6c9 | 828 | |
a150ff5e LP |
829 | c->n_miss++; |
830 | ||
f52e61da LP |
831 | *ret = NULL; |
832 | *rcode = DNS_RCODE_SUCCESS; | |
833 | return 0; | |
834 | } | |
6b34a6c9 | 835 | |
f52e61da | 836 | LIST_FOREACH(by_key, j, first) { |
37da8931 LP |
837 | if (j->rr) { |
838 | if (j->rr->key->type == DNS_TYPE_NSEC) | |
931851e8 LP |
839 | nsec = j; |
840 | ||
f52e61da | 841 | n++; |
37da8931 | 842 | } else if (j->type == DNS_CACHE_NXDOMAIN) |
f52e61da | 843 | nxdomain = true; |
931851e8 LP |
844 | |
845 | if (j->authenticated) | |
846 | have_authenticated = true; | |
847 | else | |
848 | have_non_authenticated = true; | |
f52e61da | 849 | } |
6b34a6c9 | 850 | |
f6618dcd LP |
851 | if (nsec && !IN_SET(key->type, DNS_TYPE_NSEC, DNS_TYPE_DS)) { |
852 | /* Note that we won't derive information for DS RRs from an NSEC, because we only cache NSEC RRs from | |
853 | * the lower-zone of a zone cut, but the DS RRs are on the upper zone. */ | |
854 | ||
202b76ae ZJS |
855 | log_debug("NSEC NODATA cache hit for %s", |
856 | dns_resource_key_to_string(key, key_str, sizeof key_str)); | |
37da8931 LP |
857 | |
858 | /* We only found an NSEC record that matches our name. | |
a257f9d4 | 859 | * If it says the type doesn't exist report |
37da8931 LP |
860 | * NODATA. Otherwise report a cache miss. */ |
861 | ||
862 | *ret = NULL; | |
863 | *rcode = DNS_RCODE_SUCCESS; | |
931851e8 | 864 | *authenticated = nsec->authenticated; |
37da8931 | 865 | |
a150ff5e LP |
866 | if (!bitmap_isset(nsec->rr->nsec.types, key->type) && |
867 | !bitmap_isset(nsec->rr->nsec.types, DNS_TYPE_CNAME) && | |
868 | !bitmap_isset(nsec->rr->nsec.types, DNS_TYPE_DNAME)) { | |
869 | c->n_hit++; | |
870 | return 1; | |
871 | } | |
872 | ||
873 | c->n_miss++; | |
874 | return 0; | |
37da8931 LP |
875 | } |
876 | ||
202b76ae ZJS |
877 | log_debug("%s cache hit for %s", |
878 | n > 0 ? "Positive" : | |
879 | nxdomain ? "NXDOMAIN" : "NODATA", | |
880 | dns_resource_key_to_string(key, key_str, sizeof key_str)); | |
faa133f3 | 881 | |
7e8e0422 | 882 | if (n <= 0) { |
a150ff5e LP |
883 | c->n_hit++; |
884 | ||
7e8e0422 LP |
885 | *ret = NULL; |
886 | *rcode = nxdomain ? DNS_RCODE_NXDOMAIN : DNS_RCODE_SUCCESS; | |
931851e8 | 887 | *authenticated = have_authenticated && !have_non_authenticated; |
7e8e0422 LP |
888 | return 1; |
889 | } | |
faa133f3 LP |
890 | |
891 | answer = dns_answer_new(n); | |
892 | if (!answer) | |
893 | return -ENOMEM; | |
322345fd | 894 | |
f52e61da LP |
895 | LIST_FOREACH(by_key, j, first) { |
896 | if (!j->rr) | |
897 | continue; | |
898 | ||
06d12754 | 899 | r = dns_answer_add(answer, j->rr, j->ifindex, j->authenticated ? DNS_ANSWER_AUTHENTICATED : 0); |
f52e61da LP |
900 | if (r < 0) |
901 | return r; | |
322345fd LP |
902 | } |
903 | ||
a150ff5e LP |
904 | c->n_hit++; |
905 | ||
faa133f3 | 906 | *ret = answer; |
7e8e0422 | 907 | *rcode = DNS_RCODE_SUCCESS; |
931851e8 | 908 | *authenticated = have_authenticated && !have_non_authenticated; |
faa133f3 LP |
909 | answer = NULL; |
910 | ||
911 | return n; | |
322345fd | 912 | } |
a4076574 LP |
913 | |
914 | int dns_cache_check_conflicts(DnsCache *cache, DnsResourceRecord *rr, int owner_family, const union in_addr_union *owner_address) { | |
915 | DnsCacheItem *i, *first; | |
916 | bool same_owner = true; | |
917 | ||
918 | assert(cache); | |
919 | assert(rr); | |
920 | ||
921 | dns_cache_prune(cache); | |
922 | ||
923 | /* See if there's a cache entry for the same key. If there | |
924 | * isn't there's no conflict */ | |
925 | first = hashmap_get(cache->by_key, rr->key); | |
926 | if (!first) | |
927 | return 0; | |
928 | ||
929 | /* See if the RR key is owned by the same owner, if so, there | |
930 | * isn't a conflict either */ | |
931 | LIST_FOREACH(by_key, i, first) { | |
932 | if (i->owner_family != owner_family || | |
933 | !in_addr_equal(owner_family, &i->owner_address, owner_address)) { | |
934 | same_owner = false; | |
935 | break; | |
936 | } | |
937 | } | |
938 | if (same_owner) | |
939 | return 0; | |
940 | ||
941 | /* See if there's the exact same RR in the cache. If yes, then | |
942 | * there's no conflict. */ | |
943 | if (dns_cache_get(cache, rr)) | |
944 | return 0; | |
945 | ||
946 | /* There's a conflict */ | |
947 | return 1; | |
948 | } | |
4d506d6b | 949 | |
7778dfff DM |
950 | int dns_cache_export_shared_to_packet(DnsCache *cache, DnsPacket *p) { |
951 | unsigned ancount = 0; | |
952 | Iterator iterator; | |
953 | DnsCacheItem *i; | |
954 | int r; | |
955 | ||
956 | assert(cache); | |
261f3673 | 957 | assert(p); |
7778dfff DM |
958 | |
959 | HASHMAP_FOREACH(i, cache->by_key, iterator) { | |
960 | DnsCacheItem *j; | |
961 | ||
962 | LIST_FOREACH(by_key, j, i) { | |
7778dfff DM |
963 | if (!j->rr) |
964 | continue; | |
965 | ||
d2579eec | 966 | if (!j->shared_owner) |
7778dfff DM |
967 | continue; |
968 | ||
969 | r = dns_packet_append_rr(p, j->rr, NULL, NULL); | |
261f3673 DM |
970 | if (r == -EMSGSIZE && p->protocol == DNS_PROTOCOL_MDNS) { |
971 | /* For mDNS, if we're unable to stuff all known answers into the given packet, | |
972 | * allocate a new one, push the RR into that one and link it to the current one. | |
973 | */ | |
974 | ||
975 | DNS_PACKET_HEADER(p)->ancount = htobe16(ancount); | |
976 | ancount = 0; | |
977 | ||
978 | r = dns_packet_new_query(&p->more, p->protocol, 0, true); | |
979 | if (r < 0) | |
980 | return r; | |
981 | ||
982 | /* continue with new packet */ | |
983 | p = p->more; | |
984 | r = dns_packet_append_rr(p, j->rr, NULL, NULL); | |
985 | } | |
986 | ||
7778dfff DM |
987 | if (r < 0) |
988 | return r; | |
989 | ||
313cefa1 | 990 | ancount++; |
7778dfff DM |
991 | } |
992 | } | |
993 | ||
994 | DNS_PACKET_HEADER(p)->ancount = htobe16(ancount); | |
995 | ||
996 | return 0; | |
997 | } | |
998 | ||
4d506d6b LP |
999 | void dns_cache_dump(DnsCache *cache, FILE *f) { |
1000 | Iterator iterator; | |
1001 | DnsCacheItem *i; | |
4d506d6b LP |
1002 | |
1003 | if (!cache) | |
1004 | return; | |
1005 | ||
1006 | if (!f) | |
1007 | f = stdout; | |
1008 | ||
1009 | HASHMAP_FOREACH(i, cache->by_key, iterator) { | |
1010 | DnsCacheItem *j; | |
1011 | ||
1012 | LIST_FOREACH(by_key, j, i) { | |
4d506d6b LP |
1013 | |
1014 | fputc('\t', f); | |
1015 | ||
1016 | if (j->rr) { | |
7b50eb2e LP |
1017 | const char *t; |
1018 | t = dns_resource_record_to_string(j->rr); | |
1019 | if (!t) { | |
4d506d6b LP |
1020 | log_oom(); |
1021 | continue; | |
1022 | } | |
1023 | ||
1024 | fputs(t, f); | |
1025 | fputc('\n', f); | |
1026 | } else { | |
202b76ae | 1027 | char key_str[DNS_RESOURCE_KEY_STRING_MAX]; |
4d506d6b | 1028 | |
202b76ae | 1029 | fputs(dns_resource_key_to_string(j->key, key_str, sizeof key_str), f); |
4d506d6b LP |
1030 | fputs(" -- ", f); |
1031 | fputs(j->type == DNS_CACHE_NODATA ? "NODATA" : "NXDOMAIN", f); | |
1032 | fputc('\n', f); | |
1033 | } | |
1034 | } | |
1035 | } | |
1036 | } | |
1037 | ||
1038 | bool dns_cache_is_empty(DnsCache *cache) { | |
1039 | if (!cache) | |
1040 | return true; | |
1041 | ||
1042 | return hashmap_isempty(cache->by_key); | |
1043 | } | |
a150ff5e LP |
1044 | |
1045 | unsigned dns_cache_size(DnsCache *cache) { | |
1046 | if (!cache) | |
1047 | return 0; | |
1048 | ||
1049 | return hashmap_size(cache->by_key); | |
1050 | } |