pdns/auth-packetcache.hh

   1 /*
   2  * This file is part of PowerDNS or dnsdist.
   3  * Copyright -- PowerDNS.COM B.V. and its contributors
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of version 2 of the GNU General Public License as
   7  * published by the Free Software Foundation.
   8  *
   9  * In addition, for the avoidance of any doubt, permission is granted to
  10  * link this program with OpenSSL and to (re)distribute the binaries
  11  * produced as the result of such linking.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program; if not, write to the Free Software
  20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  21  */
  22 #pragma once
  23 #include <string>
  24 #include <map>
  25 #include "dns.hh"
  26 #include <boost/version.hpp>
  27 #include "namespaces.hh"
  28 using namespace ::boost::multi_index;
  29
  30 #include <boost/multi_index/hashed_index.hpp>
  31
  32 #include "dnspacket.hh"
  33 #include "lock.hh"
  34 #include "packetcache.hh"
  35
  36 /** This class performs 'whole packet caching'. Feed it a question packet and it will
  37     try to find an answer. If you have an answer, insert it to have it cached for later use.
  38     Take care not to replace existing cache entries. While this works, it is wasteful. Only
  39     insert packets that where not found by get()
  40
  41     Locking!
  42
  43     The cache itself is protected by a read/write lock. Because deleting is a two step process, which
  44     first marks and then sweeps, a second lock is present to prevent simultaneous inserts and deletes.
  45 */
  46
  47 class AuthPacketCache : public PacketCache
  48 {
  49 public:
  50   AuthPacketCache(size_t mapsCount=1024);
  51   ~AuthPacketCache();
  52
  53   void insert(DNSPacket& q, DNSPacket& r, uint32_t maxTTL);  //!< We copy the contents of *p into our cache. Do not needlessly call this to insert questions already in the cache as it wastes resources
  54
  55   bool get(DNSPacket& p, DNSPacket& q); //!< You need to spoof in the right ID with the DNSPacket.spoofID() method.
  56
  57   void cleanup(); //!< force the cache to preen itself from expired packets
  58   uint64_t purge();
  59   uint64_t purge(const std::string& match); // could be $ terminated. Is not a dnsname!
  60   uint64_t purgeExact(const DNSName& qname); // no wildcard matching here
  61
  62   uint64_t size() const { return *d_statnumentries; };
  63
  64   void setMaxEntries(uint64_t maxEntries)
  65   {
  66     d_maxEntries = maxEntries;
  67     for (auto& shard : d_maps) {
  68       shard.reserve(maxEntries / d_maps.size());
  69     }
  70   }
  71   void setTTL(uint32_t ttl)
  72   {
  73     d_ttl = ttl;
  74   }
  75   bool enabled()
  76   {
  77     return (d_ttl > 0);
  78   }
  79 private:
  80
  81   struct CacheEntry
  82   {
  83     mutable string query;
  84     mutable string value;
  85     DNSName qname;
  86
  87     mutable time_t created{0};
  88     mutable time_t ttd{0};
  89     uint32_t hash{0};
  90     uint16_t qtype{0};
  91     bool tcp{false};
  92   };
  93
  94   struct HashTag{};
  95   struct NameTag{};
  96   struct SequencedTag{};
  97   typedef multi_index_container<
  98     CacheEntry,
  99     indexed_by <
 100       hashed_non_unique<tag<HashTag>, member<CacheEntry,uint32_t,&CacheEntry::hash> >,
 101       ordered_non_unique<tag<NameTag>, member<CacheEntry,DNSName,&CacheEntry::qname>, CanonDNSNameCompare >,
 102       /* Note that this sequence holds 'least recently inserted or replaced', not least recently used.
 103          Making it a LRU would require taking a write-lock when fetching from the cache, making the RW-lock inefficient compared to a mutex */
 104       sequenced<tag<SequencedTag>>
 105       >
 106     > cmap_t;
 107
 108   struct MapCombo
 109   {
 110     MapCombo() {
 111       pthread_rwlock_init(&d_mut, nullptr);
 112     }
 113     ~MapCombo() {
 114       pthread_rwlock_destroy(&d_mut);
 115     }
 116     MapCombo(const MapCombo&) = delete;
 117     MapCombo& operator=(const MapCombo&) = delete;
 118
 119     void reserve(size_t numberOfEntries);
 120
 121     pthread_rwlock_t d_mut;
 122     cmap_t d_map;
 123   };
 124
 125   vector<MapCombo> d_maps;
 126   MapCombo& getMap(const DNSName& name)
 127   {
 128     return d_maps[name.hash() % d_maps.size()];
 129   }
 130
 131   static bool entryMatches(cmap_t::index<HashTag>::type::iterator& iter, const std::string& query, const DNSName& qname, uint16_t qtype, bool tcp);
 132   bool getEntryLocked(cmap_t& map, const std::string& query, uint32_t hash, const DNSName &qname, uint16_t qtype, bool tcp, time_t now, string& entry);
 133   void cleanupIfNeeded();
 134
 135   AtomicCounter d_ops{0};
 136   AtomicCounter *d_statnumhit;
 137   AtomicCounter *d_statnummiss;
 138   AtomicCounter *d_statnumentries;
 139
 140   uint64_t d_maxEntries{0};
 141   time_t d_lastclean; // doesn't need to be atomic
 142   unsigned long d_nextclean{4096};
 143   unsigned int d_cleaninterval{4096};
 144   uint32_t d_ttl{0};
 145   bool d_cleanskipped{false};
 146
 147   static const unsigned int s_mincleaninterval=1000, s_maxcleaninterval=300000;
 148 };