2 * This file is part of PowerDNS or dnsdist.
3 * Copyright -- PowerDNS.COM B.V. and its contributors
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of version 2 of the GNU General Public License as
7 * published by the Free Software Foundation.
9 * In addition, for the avoidance of any doubt, permission is granted to
10 * link this program with OpenSSL and to (re)distribute the binaries
11 * produced as the result of such linking.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 #ifndef RECURSOR_CACHE_HH
23 #define RECURSOR_CACHE_HH
31 #include "dnsrecords.hh"
32 #include <boost/utility.hpp>
34 #include <boost/multi_index_container.hpp>
35 #include <boost/multi_index/ordered_index.hpp>
36 #include <boost/multi_index/hashed_index.hpp>
37 #include <boost/tuple/tuple_comparison.hpp>
38 #include <boost/multi_index/key_extractors.hpp>
39 #include <boost/multi_index/sequenced_index.hpp>
40 #include <boost/version.hpp>
42 #include "validate.hh"
46 #include "namespaces.hh"
47 using namespace ::boost::multi_index;
49 class MemRecursorCache : public boost::noncopyable // : public RecursorCache
52 MemRecursorCache() : d_cachecachevalid(false)
54 cacheHits = cacheMisses = 0;
56 unsigned int size() const;
57 unsigned int bytes() const;
58 size_t ecsIndexSize() const;
60 int32_t get(time_t, const DNSName &qname, const QType& qt, bool requireAuth, vector<DNSRecord>* res, const ComboAddress& who, vector<std::shared_ptr<RRSIGRecordContent>>* signatures=nullptr, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs=nullptr, bool* variable=nullptr, vState* state=nullptr, bool* wasAuth=nullptr);
62 void replace(time_t, const DNSName &qname, const QType& qt, const vector<DNSRecord>& content, const vector<shared_ptr<RRSIGRecordContent>>& signatures, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs, bool auth, boost::optional<Netmask> ednsmask=boost::none, vState state=Indeterminate);
64 void doPrune(unsigned int keep);
65 uint64_t doDump(int fd);
67 int doWipeCache(const DNSName& name, bool sub, uint16_t qtype=0xffff);
68 bool doAgeCache(time_t now, const DNSName& name, uint16_t qtype, uint32_t newTTL);
69 bool updateValidationStatus(time_t now, const DNSName &qname, const QType& qt, const ComboAddress& who, bool requireAuth, vState newState);
71 uint64_t cacheHits, cacheMisses;
77 CacheEntry(const boost::tuple<DNSName, uint16_t, Netmask>& key, const vector<shared_ptr<DNSRecordContent>>& records, bool auth) :
78 d_records(records), d_qname(key.get<0>()), d_netmask(key.get<2>()), d_state(Indeterminate), d_ttd(0), d_qtype(key.get<1>()), d_auth(auth)
81 typedef vector<std::shared_ptr<DNSRecordContent>> records_t;
88 std::vector<std::shared_ptr<RRSIGRecordContent>> d_signatures;
89 std::vector<std::shared_ptr<DNSRecord>> d_authorityRecs;
92 mutable vState d_state;
98 /* The ECS Index (d_ecsIndex) keeps track of whether there is any ECS-specific
99 entry for a given (qname,qtype) entry in the cache (d_cache), and if so
100 provides a NetmaskTree of those ECS entries.
101 This allows figuring out quickly if we should look for an entry
102 specific to the requestor IP, and if so which entry is the most
104 Keeping the entries in the regular cache is currently necessary
105 because of the way we manage expired entries (moving them to the
106 front of the expunge queue to be deleted at a regular interval).
111 ECSIndexEntry(const DNSName& qname, uint16_t qtype): d_nmt(true), d_qname(qname), d_qtype(qtype)
115 Netmask lookupBestMatch(const ComboAddress& addr) const
117 Netmask result = Netmask();
119 const auto best = d_nmt.lookup(addr);
120 if (best != nullptr) {
121 result = best->first;
127 void addMask(const Netmask& nm) const
129 d_nmt.insert(nm).second = true;
132 void removeNetmask(const Netmask& nm) const
139 return d_nmt.empty();
142 mutable NetmaskTree<bool> d_nmt;
147 typedef multi_index_container<
153 member<CacheEntry,DNSName,&CacheEntry::d_qname>,
154 member<CacheEntry,uint16_t,&CacheEntry::d_qtype>,
155 member<CacheEntry,Netmask,&CacheEntry::d_netmask>
157 composite_key_compare<CanonDNSNameCompare, std::less<uint16_t>, std::less<Netmask> >
162 typedef multi_index_container<
168 member<ECSIndexEntry,DNSName,&ECSIndexEntry::d_qname>,
169 member<ECSIndexEntry,uint16_t,&ECSIndexEntry::d_qtype>
171 composite_key_compare<CanonDNSNameCompare, std::less<uint16_t> >
177 ecsIndex_t d_ecsIndex;
178 pair<cache_t::iterator, cache_t::iterator> d_cachecache;
179 DNSName d_cachedqname;
180 bool d_cachecachevalid;
182 bool attemptToRefreshNSTTL(const QType& qt, const vector<DNSRecord>& content, const CacheEntry& stored);
183 bool entryMatches(cache_t::const_iterator& entry, uint16_t qt, bool requireAuth, const ComboAddress& who);
184 std::pair<cache_t::const_iterator, cache_t::const_iterator> getEntries(const DNSName &qname, const QType& qt);
185 cache_t::const_iterator getEntryUsingECSIndex(time_t now, const DNSName &qname, uint16_t qtype, bool requireAuth, const ComboAddress& who);
186 int32_t handleHit(cache_t::iterator entry, const DNSName& qname, const ComboAddress& who, vector<DNSRecord>* res, vector<std::shared_ptr<RRSIGRecordContent>>* signatures, std::vector<std::shared_ptr<DNSRecord>>* authorityRecs, bool* variable, vState* state, bool* wasAuth);
189 void preRemoval(const CacheEntry& entry)
191 if (entry.d_netmask.empty()) {
195 auto key = tie(entry.d_qname, entry.d_qtype);
196 auto ecsIndexEntry = d_ecsIndex.find(key);
197 if (ecsIndexEntry != d_ecsIndex.end()) {
198 ecsIndexEntry->removeNetmask(entry.d_netmask);
199 if (ecsIndexEntry->isEmpty()) {
200 d_ecsIndex.erase(ecsIndexEntry);