SQUID_DEFINE_BOOL(HAVE_STATVFS,$ac_cv_func_statvfs,[set to 1 if our system has statvfs(), and if it actually works])
])
-
-dnl check that we can use the libresolv _dns_ttl_ hack
-dnl sets the ac_cv_libresolv_dns_ttl_hack shell variable and defines LIBRESOLV_DNS_TTL_HACK
-
-AC_DEFUN([SQUID_CHECK_LIBRESOLV_DNS_TTL_HACK],[
- AC_CACHE_CHECK(for libresolv _dns_ttl_ hack, ac_cv_libresolv_dns_ttl_hack, [
- AC_LINK_IFELSE([AC_LANG_PROGRAM([[extern int _dns_ttl_;]], [[return _dns_ttl_;]])],
- [ac_cv_libresolv_dns_ttl_hack=yes],[ac_cv_libresolv_dns_ttl_hack=no]) ])
- SQUID_DEFINE_BOOL(LIBRESOLV_DNS_TTL_HACK,$ac_cv_libresolv_dns_ttl_hack,
- [libresolv.a has been hacked to export _dns_ttl_])
-])
-
-
-dnl checks for availability of some resolver fields
-dnl sets ac_cv_have_res_ext_nsaddr_list shell variable
-dnl defines _SQUID_RES_NSADDR6_COUNT _SQUID_RES_NSADDR6_LARRAY
-dnl defines _SQUID_RES_NSADDR6_LPTR _SQUID_RES_NSADDR6_COUNT
-dnl defines _SQUID_RES_NSADDR_LIST _SQUID_RES_NSADDR_COUNT
-
-AC_DEFUN([SQUID_CHECK_RESOLVER_FIELDS],[
- AC_CACHE_CHECK(for _res_ext.nsaddr_list, ac_cv_have_res_ext_nsaddr_list,
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#if HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#if HAVE_ARPA_NAMESER_H
-#include <arpa/nameser.h>
-#endif
-#if HAVE_RESOLV_H
-#include <resolv.h>
-#endif
- ]],
- [[_res_ext.nsaddr_list[[0]].s_addr;]])],[
- ac_cv_have_res_ext_nsaddr_list="yes" ],[
- ac_cv_have_res_ext_nsaddr_list="no"]))
- if test "$ac_cv_have_res_ext_nsaddr_list" = "yes" ; then
- AC_DEFINE(_SQUID_RES_NSADDR6_LARRAY,_res_ext.nsaddr_list,[If _res_ext structure has nsaddr_list member])
- AC_DEFINE(_SQUID_RES_NSADDR6_COUNT,ns6count,[Nameserver Counter for IPv6 _res_ext])
- fi
-
-if test "$_SQUID_RES_NSADDR6_LIST" = ""; then
- AC_CACHE_CHECK(for _res._u._ext.nsaddrs, ac_cv_have_res_ext_nsaddrs,
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#if HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#if HAVE_ARPA_NAMESER_H
-#include <arpa/nameser.h>
-#endif
-#if HAVE_RESOLV_H
-#include <resolv.h>
-#endif
- ]], i
- [[_res._u._ext.nsaddrs[[0]]->sin6_addr;]])],
- [ac_cv_have_res_ext_nsaddrs="yes"],[ac_cv_have_res_ext_nsaddrs="no"]))
- if test "$ac_cv_have_res_ext_nsaddrs" = "yes" ; then
- AC_DEFINE(_SQUID_RES_NSADDR6_LPTR,_res._u._ext.nsaddrs,[If _res structure has _ext.nsaddrs member])
- AC_DEFINE(_SQUID_RES_NSADDR6_COUNT,_res._u._ext.nscount6,[Nameserver Counter for IPv6 _res])
- fi
-fi
-
-AC_CACHE_CHECK(for _res.nsaddr_list, ac_cv_have_res_nsaddr_list,
- AC_COMPILE_IFELSE([
- AC_LANG_PROGRAM([[
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#if HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#if HAVE_ARPA_NAMESER_H
-#include <arpa/nameser.h>
-#endif
-#if HAVE_RESOLV_H
-#include <resolv.h>
-#endif
- ]], [[_res.nsaddr_list[[0]];]])],
- [ac_cv_have_res_nsaddr_list="yes"],[ac_cv_have_res_nsaddr_list="no"]))
- if test $ac_cv_have_res_nsaddr_list = "yes" ; then
- AC_DEFINE(_SQUID_RES_NSADDR_LIST,_res.nsaddr_list,[If _res structure has nsaddr_list member])
- AC_DEFINE(_SQUID_RES_NSADDR_COUNT,_res.nscount,[Nameserver counter for IPv4 _res])
- fi
-
- if test "$_SQUID_RES_NSADDR_LIST" = ""; then
- AC_CACHE_CHECK(for _res.ns_list, ac_cv_have_res_ns_list,
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#if HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#if HAVE_ARPA_NAMESER_H
-#include <arpa/nameser.h>
-#endif
-#if HAVE_RESOLV_H
-#include <resolv.h>
-#endif
- ]],
- [[_res.ns_list[[0]].addr;]])],
- [ac_cv_have_res_ns_list="yes"],[ac_cv_have_res_ns_list="no"]))
- if test $ac_cv_have_res_ns_list = "yes" ; then
- AC_DEFINE(_SQUID_RES_NSADDR_LIST,_res.ns_list,[If _res structure has ns_list member])
- AC_DEFINE(_SQUID_RES_NSADDR_COUNT,_res.nscount,[Nameserver counter for IPv4 _res])
- fi
-fi
-])
-
-
dnl checks the winsock library to use (ws2_32 or wsock32)
dnl may set ac_cv_func_select as a side effect
AC_DEFUN([SQUID_CHECK_WINSOCK_LIB],[
#define _SQUID_LINUX_THREADS_
#endif
-/*
- * res_init() is just a macro re-definition of __res_init on Linux (Debian/Ubuntu)
- */
-#if !defined(HAVE_RES_INIT) && defined(HAVE___RES_INIT) && !defined(res_init)
-#define res_init __res_init
-#define HAVE_RES_INIT HAVE___RES_INIT
-#endif
-
/*
* sys/capability.h is only needed in Linux apparently.
*
AC_MSG_NOTICE([Support for Ident lookups enabled: ${enable_ident_lookups:=yes}])
SQUID_DEFINE_BOOL(USE_IDENT,$enable_ident_lookups,[Support for Ident (RFC 931) lookups])
-squid_opt_use_dnshelper="no"
-AC_ARG_ENABLE(internal-dns,
- AS_HELP_STRING([--disable-internal-dns],
- [Prevents Squid from directly sending and receiving DNS messages,
- and instead enables the old external 'dnsserver' processes.]), [
- if test "x$enableval" = "xno" ; then
- AC_MSG_WARN([Disabling Internal DNS queries])
- squid_opt_use_dnshelper="yes"
- fi
-])
-SQUID_DEFINE_BOOL(USE_DNSHELPER,$squid_opt_use_dnshelper,
- [Use dnsserver processes instead of the internal DNS protocol support])
-AM_CONDITIONAL([ENABLE_DNSHELPER],[test "x$squid_opt_use_dnshelper" = "xyes" ])
-
-
AM_CONDITIONAL(USE_SSL_CRTD, false)
AC_ARG_ENABLE(ssl-crtd,
AC_HELP_STRING([--enable-ssl-crtd],
dnl Check for needed libraries
AC_SEARCH_LIBS([gethostbyname],[nsl resolv bind])
-AC_SEARCH_LIBS([res_init],[resolv])
-AC_SEARCH_LIBS([__res_search],[resolv])
AC_SEARCH_LIBS([bind],[socket])
AC_SEARCH_LIBS([opcom_stack_trace],[opcom_stack])
AC_SEARCH_LIBS([strlcpy], [bsd])
regcomp \
regexec \
regfree \
- res_init \
- __res_init \
rint \
sbrk \
sched_getaffinity \
SQUID_CHECK_NEED_SYS_ERRLIST
SQUID_CHECK_MAXPATHLEN
-if test "x$squid_opt_use_dnshelper" = "xyes"; then
- SQUID_CHECK_LIBRESOLV_DNS_TTL_HACK
- SQUID_CHECK_RESOLVER_FIELDS
-fi
-
if test "x$ac_cv_header_sys_statvfs_h" = "xyes" ; then
SQUID_CHECK_WORKING_STATVFS
fi
USE_CLASSFUL \
USE_DELAY_POOLS \
USE_DLMALLOC \
- USE_DNSHELPER \
USE_EPOLL \
USE_GNUREGEX \
USE_HEXDUMP \
AUTOMAKE_OPTIONS = subdir-objects
-if ENABLE_DNSHELPER
-DNSSOURCE = dns.cc
-DNSHELPER = dnsserver
-else
-DNSSOURCE = dns_internal.cc
-DNSHELPER =
-endif
-
-DNSSOURCE += \
+DNSSOURCE = \
+ dns_internal.cc \
SquidDns.h \
DnsLookupDetails.h \
DnsLookupDetails.cc
EXTRA_PROGRAMS = \
DiskIO/DiskDaemon/diskd \
unlinkd \
- dnsserver \
recv-announce \
tests/testUfs \
tests/testRock \
libexec_PROGRAMS = \
- $(DNSHELPER) \
$(DISK_PROGRAMS) \
$(UNLINKD)
$(all_AUTHMODULES) \
ConfigOption.h \
$(DELAY_POOL_ALL_SOURCE) \
- dns.cc \
- dnsserver.cc \
- dns_internal.cc \
- DnsLookupDetails.cc \
- DnsLookupDetails.h \
htcp.cc \
htcp.h \
ipc.cc \
$(COMPAT_LIB) \
$(XTRA_LIBS)
-## dnsserver is a standalone helper. Do not link to any internal libraries
-dnsserver_SOURCES = dnsserver.cc
-dnsserver_LDADD = \
- $(COMPAT_LIB) \
- $(XTRA_LIBS)
-
recv_announce_SOURCES = recv-announce.cc
## What requires what..
DEFAULT_CONFIG_DIR = $(sysconfdir)
DEFAULT_CONFIG_FILE = $(DEFAULT_CONFIG_DIR)/squid.conf
DEFAULT_MIME_TABLE = $(DEFAULT_CONFIG_DIR)/mime.conf
-DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'`
DEFAULT_SSL_CRTD = $(libexecdir)/`echo ssl_crtd | sed '$(transform);s/$$/$(EXEEXT)/'`
DEFAULT_LOG_PREFIX = $(DEFAULT_LOG_DIR)
DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log
-e "s%[@]DEFAULT_ICP_PORT[@]%$(DEFAULT_ICP_PORT)%g" \
-e "s%[@]DEFAULT_CACHE_EFFECTIVE_USER[@]%$(CACHE_EFFECTIVE_USER)%g" \
-e "s%[@]DEFAULT_MIME_TABLE[@]%$(DEFAULT_MIME_TABLE)%g" \
- -e "s%[@]DEFAULT_DNSSERVER[@]%$(DEFAULT_DNSSERVER)%g" \
-e "s%[@]DEFAULT_SSL_CRTD[@]%$(DEFAULT_SSL_CRTD)%g" \
-e "s%[@]DEFAULT_UNLINKD[@]%$(DEFAULT_UNLINKD)%g" \
-e "s%[@]DEFAULT_PINGER[@]%$(DEFAULT_PINGER)%g" \
int icp_query_max; /* msec */
int icp_query_min; /* msec */
int mcast_icp_query; /* msec */
-
-#if !USE_DNSHELPER
time_msec_t idns_retransmit;
time_msec_t idns_query;
-#endif
-
} Timeout;
size_t maxRequestHeaderSize;
int64_t maxRequestBodySize;
char *effectiveGroup;
struct {
-#if USE_DNSHELPER
- char *dnsserver;
-#endif
-
wordlist *redirect;
wordlist *store_id;
#if USE_UNLINKD
#endif
} Program;
-#if USE_DNSHELPER
- HelperChildConfig dnsChildren;
-#endif
HelperChildConfig redirectChildren;
HelperChildConfig storeIdChildren;
#ifndef SQUID_DNS_H
#define SQUID_DNS_H
-#if USE_DNSHELPER
-#include "helper.h"
-#endif
-
namespace Ip
{
class Address;
void dnsInit(void);
void dnsShutdown(void);
-#if USE_DNSHELPER
-// external DNS helper API
-void dnsSubmit(const char *lookup, HLPCB * callback, void *data);
-#else
// internal DNS client API
void idnsALookup(const char *, IDNSCB *, void *);
void idnsPTRLookup(const Ip::Address &, IDNSCB *, void *);
-#endif
#endif /* SQUID_DNS_H */
#if USE_SSL
static void parseBytesOptionValue(size_t * bptr, const char *units, char const * value);
#endif
-#if !USE_DNSHELPER
static void parseBytesLineSigned(ssize_t * bptr, const char *units);
-#endif
static size_t parseBytesUnits(const char *unit);
static void free_all(void);
void requirePathnameExists(const char *name, const char *path);
else
visible_appname_string = (char const *)APP_FULLNAME;
-#if USE_DNSHELPER
- if (Config.dnsChildren.n_max < 1)
- fatal("No DNS helpers allocated");
-#endif
-
if (Config.Program.redirect) {
if (Config.redirectChildren.n_max < 1) {
Config.redirectChildren.n_max = 0;
}
requirePathnameExists("MIME Config Table", Config.mimeTablePathname);
-#if USE_DNSHELPER
- requirePathnameExists("cache_dns_program", Config.Program.dnsserver);
-#endif
#if USE_UNLINKD
requirePathnameExists("unlinkd_program", Config.Program.unlinkd);
}
}
-#if !USE_DNSHELPER
static void
parseBytesLineSigned(ssize_t * bptr, const char *units)
{
self_destruct();
}
}
-#endif
/**
* Parse bytes from a string.
*var = 0;
}
-#if !USE_DNSHELPER
static void
dump_time_msec(StoreEntry * entry, const char *name, time_msec_t var)
{
{
*var = 0;
}
-#endif
#if UNUSED_CODE
static void
storeAppendPrintf(entry, "%s %d %s\n", name, (int) var, B_BYTES_STR);
}
-#if !USE_DNSHELPER
static void
dump_b_ssize_t(StoreEntry * entry, const char *name, ssize_t var)
{
storeAppendPrintf(entry, "%s %d %s\n", name, (int) var, B_BYTES_STR);
}
-#endif
#if UNUSED_CODE
static void
parseBytesLine(var, B_BYTES_STR);
}
-#if !USE_DNSHELPER
static void
parse_b_ssize_t(ssize_t * var)
{
parseBytesLineSigned(var, B_BYTES_STR);
}
-#endif
#if UNUSED_CODE
static void
*var = 0;
}
-#if !USE_DNSHELPER
static void
free_ssize_t(ssize_t * var)
{
*var = 0;
}
-#endif
static void
free_b_int64_t(int64_t * var)
This check is performed only when check_hostnames is set to on.
DOC_END
-NAME: cache_dns_program
-TYPE: string
-IFDEF: USE_DNSHELPER
-DEFAULT: @DEFAULT_DNSSERVER@
-LOC: Config.Program.dnsserver
-DOC_START
- Specify the location of the executable for dnslookup process.
-DOC_END
-
-NAME: dns_children
-TYPE: HelperChildConfig
-IFDEF: USE_DNSHELPER
-DEFAULT: 32 startup=1 idle=1
-LOC: Config.dnsChildren
-DOC_START
- The maximum number of processes spawn to service DNS name lookups.
- If you limit it too few Squid will have to wait for them to process
- a backlog of requests, slowing it down. If you allow too many they
- will use RAM and other system resources noticably.
- The maximum this may be safely set to is 32.
-
- The startup= and idle= options allow some measure of skew in your
- tuning.
-
- startup=
-
- Sets a minimum of how many processes are to be spawned when Squid
- starts or reconfigures. When set to zero the first request will
- cause spawning of the first child process to handle it.
-
- Starting too few will cause an initial slowdown in traffic as Squid
- attempts to simultaneously spawn enough processes to cope.
-
- idle=
-
- Sets a minimum of how many processes Squid is to try and keep available
- at all times. When traffic begins to rise above what the existing
- processes can handle this many more will be spawned up to the maximum
- configured. A minimum setting of 1 is required.
-DOC_END
-
NAME: dns_retransmit_interval
TYPE: time_msec
DEFAULT: 5 seconds
LOC: Config.Timeout.idns_retransmit
-IFDEF: !USE_DNSHELPER
DOC_START
Initial retransmit interval for DNS queries. The interval is
doubled each time all configured DNS servers have been tried.
TYPE: time_msec
DEFAULT: 30 seconds
LOC: Config.Timeout.idns_query
-IFDEF: !USE_DNSHELPER
DOC_START
DNS Query timeout. If no response is received to a DNS query
within this time all DNS servers for the queried domain
DEFAULT_DOC: EDNS disabled
DEFAULT: none
LOC: Config.dns.packet_max
-IFDEF: !USE_DNSHELPER
DOC_START
Maximum number of bytes packet size to advertise via EDNS.
Set to "none" to disable EDNS large packet support.
TYPE: onoff
LOC: Config.onoff.ignore_unknown_nameservers
DEFAULT: on
-IFDEF: !USE_DNSHELPER
DOC_START
By default Squid checks that DNS responses are received
from the same IP addresses they are sent to. If they
TYPE: onoff
DEFAULT: off
LOC: Config.dns.v4_first
-IFDEF: !USE_DNSHELPER
DOC_START
With the IPv6 Internet being as fast or faster than IPv4 Internet
for most networks Squid prefers to contact websites over IPv6.
define["USE_ADAPTATION"]="--enable-ecap or --enable-icap-client"
define["USE_AUTH"]="--enable-auth"
define["USE_CACHE_DIGESTS"]="--enable-cache-digests"
- define["USE_DNSHELPER"]="--disable-internal-dns"
- define["!USE_DNSHELPER"]="--enable-internal-dns"
define["USE_ECAP"]="--enable-ecap"
define["USE_ERR_LOCALES"]="--enable-auto-locale"
define["USE_HTCP"]="--enable-htcp"
/** \li If the request has no-cache flag set or some no_cache HACK in operation we
* 'invalidate' the cached IP entries for this request ???
*/
- if (r->flags.noCache) {
-
-#if USE_DNSHELPER
- ipcacheInvalidate(r->GetHost());
-#else
+ if (r->flags.noCache || r->flags.noCacheHack())
ipcacheInvalidateNegative(r->GetHost());
-#endif /* USE_DNSHELPER */
-
- } else if (r->flags.noCacheHack()) {
-
-#if USE_DNSHELPER
- ipcacheInvalidate(r->GetHost());
-#else
- ipcacheInvalidateNegative(r->GetHost());
-#endif /* USE_DNSHELPER */
-
- }
#if USE_CACHE_DIGESTS
lookup_type = http->storeEntry() ? "HIT" : "MISS";
+++ /dev/null
-
-/*
- * DEBUG: section 34 Dnsserver interface
- * AUTHOR: Harvest Derived
- *
- * SQUID Web Proxy Cache http://www.squid-cache.org/
- * ----------------------------------------------------------
- *
- * Squid is the result of efforts by numerous individuals from
- * the Internet community; see the CONTRIBUTORS file for full
- * details. Many organizations have provided support for Squid's
- * development; see the SPONSORS file for full details. Squid is
- * Copyrighted (C) 2001 by the Regents of the University of
- * California; see the COPYRIGHT file for full details. Squid
- * incorporates software developed and/or copyrighted by other
- * sources; see the CREDITS file for full details.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- *
- */
-
-#include "squid.h"
-#include "helper.h"
-#include "HelperReply.h"
-#include "mgr/Registration.h"
-#include "SquidConfig.h"
-#include "SquidTime.h"
-#include "Store.h"
-#include "wordlist.h"
-
-#if SQUID_SNMP
-#include "snmp_core.h"
-#endif
-
-/* MS VisualStudio Projects are monolitich, so we need the following
- #if to include the external DNS code in compile process when
- using external DNS.
- */
-#if USE_DNSHELPER
-
-static helper *dnsservers = NULL;
-
-static void
-dnsStats(StoreEntry * sentry)
-{
- storeAppendPrintf(sentry, "Dnsserver Statistics:\n");
- helperStats(sentry, dnsservers);
-}
-
-static void
-dnsRegisterWithCacheManager(void)
-{
- Mgr::RegisterAction("dns", "Dnsserver Statistics", dnsStats, 0, 1);
-}
-
-void
-dnsInit(void)
-{
- wordlist *w;
-
- dnsRegisterWithCacheManager();
-
- if (!Config.Program.dnsserver)
- return;
-
- if (dnsservers == NULL)
- dnsservers = new helper("dnsserver");
-
- dnsservers->childs.updateLimits(Config.dnsChildren);
-
- dnsservers->ipc_type = IPC_STREAM;
-
- assert(dnsservers->cmdline == NULL);
-
- wordlistAdd(&dnsservers->cmdline, Config.Program.dnsserver);
-
- if (Config.onoff.res_defnames)
- wordlistAdd(&dnsservers->cmdline, "-D");
-
- for (w = Config.dns_nameservers; w != NULL; w = w->next) {
- wordlistAdd(&dnsservers->cmdline, "-s");
- wordlistAdd(&dnsservers->cmdline, w->key);
- }
-
- helperOpenServers(dnsservers);
-}
-
-void
-dnsShutdown(void)
-{
- if (!dnsservers)
- return;
-
- helperShutdown(dnsservers);
-
- wordlistDestroy(&dnsservers->cmdline);
-
- if (!shutting_down)
- return;
-
- delete dnsservers;
- dnsservers = NULL;
-}
-
-void
-dnsSubmit(const char *lookup, HLPCB * callback, void *data)
-{
- char buf[256];
- static time_t first_warn = 0;
- snprintf(buf, 256, "%s\n", lookup);
-
- if (dnsservers->stats.queue_size >= (int)dnsservers->childs.n_active && dnsservers->childs.needNew() > 0) {
- helperOpenServers(dnsservers);
- }
-
- if (dnsservers->stats.queue_size >= (int)(dnsservers->childs.n_running * 2)) {
- if (first_warn == 0)
- first_warn = squid_curtime;
-
- if (squid_curtime - first_warn > 3 * 60)
- fatal("DNS servers not responding for 3 minutes");
-
- debugs(34, DBG_IMPORTANT, "dnsSubmit: queue overload, rejecting " << lookup);
-
- const char *t = "$fail Temporary network problem, please retry later";
- HelperReply failReply;
- /* XXX: upgrade the ipcache and fqdn cache handlers to new syntax
- failReply.result= HelperReply::BrokenHelper;
- failReply.notes.add("message","Temporary network problem, please retry later");
- failReply.notes.add("message","DNS lookup queue overloaded");
- */
- failReply.modifiableOther().append(t, strlen(t));
- callback(data, failReply);
- return;
- }
-
- first_warn = 0;
- helperSubmit(dnsservers, buf, callback, data);
-}
-
-#if SQUID_SNMP
-/*
- * The function to return the DNS via SNMP
- */
-variable_list *
-snmp_netDnsFn(variable_list * Var, snint * ErrP)
-{
- variable_list *Answer = NULL;
- MemBuf tmp;
- debugs(49, 5, "snmp_netDnsFn: Processing request: " << Var->name[LEN_SQ_NET + 1] << " " << snmpDebugOid(Var->name, Var->name_length, tmp));
- *ErrP = SNMP_ERR_NOERROR;
-
- switch (Var->name[LEN_SQ_NET + 1]) {
-
- case DNS_REQ:
- Answer = snmp_var_new_integer(Var->name, Var->name_length,
- dnsservers->stats.requests,
- SMI_COUNTER32);
- break;
-
- case DNS_REP:
- Answer = snmp_var_new_integer(Var->name, Var->name_length,
- dnsservers->stats.replies,
- SMI_COUNTER32);
- break;
-
- case DNS_SERVERS:
- Answer = snmp_var_new_integer(Var->name, Var->name_length,
- dnsservers->childs.n_running,
- SMI_COUNTER32);
- break;
-
- default:
- *ErrP = SNMP_ERR_NOSUCHNAME;
- break;
- }
-
- return Answer;
-}
-
-#endif /* SQUID_SNMP */
-#endif /* USE_DNSHELPER */
#include "comm.h"
#include "comm/Loops.h"
#include "comm/Write.h"
+#include "dlink.h"
#include "event.h"
#include "fd.h"
#include "fde.h"
#include <errno.h>
#endif
-/* MS Visual Studio Projects are monolithic, so we need the following
- #ifndef to exclude the internal DNS code from compile process when
- using external DNS process.
- */
-#if !USE_DNSHELPER
#if _SQUID_WINDOWS_
#define REG_TCPIP_PARA_INTERFACES "SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters\\Interfaces"
#define REG_TCPIP_PARA "SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters"
}
#endif /*SQUID_SNMP */
-#endif /* USE_DNSHELPER */
+++ /dev/null
-/*
- * DEBUG: section 00 DNS Resolver Daemon
- * AUTHOR: Harvest Derived
- *
- * SQUID Web Proxy Cache http://www.squid-cache.org/
- * ----------------------------------------------------------
- *
- * Squid is the result of efforts by numerous individuals from
- * the Internet community; see the CONTRIBUTORS file for full
- * details. Many organizations have provided support for Squid's
- * development; see the SPONSORS file for full details. Squid is
- * Copyrighted (C) 2001 by the Regents of the University of
- * California; see the COPYRIGHT file for full details. Squid
- * incorporates software developed and/or copyrighted by other
- * sources; see the CREDITS file for full details.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- *
- */
-
-#include "squid.h"
-
-#if HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#if HAVE_STDIO_H
-#include <stdio.h>
-#endif
-#if HAVE_CTYPE_H
-#include <ctype.h>
-#endif
-#if HAVE_ERRNO_H
-#include <errno.h>
-#endif
-#if HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#if HAVE_GRP_H
-#include <grp.h>
-#endif
-#if HAVE_GNUMALLOC_H
-#include <gnumalloc.h>
-#elif HAVE_MALLOC_H
-#include <malloc.h>
-#endif
-#if HAVE_MEMORY_H
-#include <memory.h>
-#endif
-#if HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#if HAVE_PWD_H
-#include <pwd.h>
-#endif
-#if HAVE_SIGNAL_H
-#include <signal.h>
-#endif
-#if HAVE_TIME_H
-#include <time.h>
-#endif
-#if HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-#if HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#if HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#if HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#if HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#if HAVE_SYS_UN_H
-#include <sys/un.h>
-#endif
-#if HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-#if HAVE_LIBC_H
-#include <libc.h>
-#endif
-#if HAVE_SYS_SYSCALL_H
-#include <sys/syscall.h>
-#endif
-#if HAVE_STRING_H
-#include <string.h>
-#endif
-#if HAVE_STRINGS_H
-#include <strings.h>
-#endif
-#if HAVE_BSTRING_H
-#include <bstring.h>
-#endif
-#if HAVE_CRYPT_H
-#include <crypt.h>
-#endif
-#if HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-
-#if HAVE_ARPA_NAMESER_H
-#include <arpa/nameser.h>
-#endif
-#if HAVE_RESOLV_H
-#include <resolv.h>
-#endif
-
-/**
- \defgroup dnsserver dnsserver
- \ingroup ExternalPrograms
- \par
- Because the standard gethostbyname() library call
- blocks, Squid must use external processes to actually make
- these calls. Typically there will be ten dnsserver
- processes spawned from Squid. Communication occurs via
- TCP sockets bound to the loopback interface. The functions
- in dns.cc are primarily concerned with starting and
- stopping the dnsservers. Reading and writing to and from
- the dnsservers occurs in the \link IPCacheAPI IP\endlink and
- \link FQDNCacheAPI FQDN\endlink cache modules.
-
- \section dnsserverInterface Command Line Interface
- \verbatim
-usage: dnsserver -Dhv -s nameserver
- -D Enable resolver RES_DEFNAMES and RES_DNSRCH options
- -h Help
- -v Version
- -s nameserver Specify alternate name server(s). 'nameserver'
- must be an IP address, -s option may be repeated
- \endverbatim
- */
-
-#if LIBRESOLV_DNS_TTL_HACK
-/// \ingroup dnsserver
-extern int _dns_ttl_; /* this is a really *dirty* hack - bne */
-#endif
-
-/*
- * res_init() is a macro re-definition of __res_init on: Debian
- */
-#if !defined(HAVE_RES_INIT) && defined(HAVE___RES_INIT)
-#ifndef res_init
-#define res_init __res_init
-#endif
-#define HAVE_RES_INIT HAVE___RES_INIT
-#endif
-
-/// \ingroup dnsserver
-#define REQ_SZ 512
-
-/**
- \ingroup dnsserver
- */
-static void
-lookup(const char *buf)
-{
- int ttl = 0;
- int retry = 0;
- unsigned int i = 0;
- char ntoabuf[256];
- struct addrinfo hints;
- struct addrinfo *AI = NULL;
- struct addrinfo *aiptr = NULL;
- struct addrinfo *prev_addr = NULL;
- int res = 0;
-
- if (0 == strcmp(buf, "$shutdown"))
- exit(0);
-
- if (0 == strcmp(buf, "$hello")) {
- printf("$alive\n");
- return;
- }
-
- /* check if it's already an IP address in text form. */
- memset(&hints, '\0', sizeof(struct addrinfo));
- hints.ai_family = AF_UNSPEC;
- hints.ai_flags = AI_NUMERICHOST; // only succeed if its numeric.
- const bool isDomain = (getaddrinfo(buf,NULL,&hints,&AI) != 0);
-
- // reset for real lookup
- if (AI != NULL) {
- freeaddrinfo(AI);
- AI = NULL;
- }
-
- // resolve the address/name
- memset(&hints, '\0', sizeof(struct addrinfo));
- hints.ai_family = AF_UNSPEC;
- hints.ai_flags = AI_CANONNAME;
- for (;;) {
- if (AI != NULL) {
- freeaddrinfo(AI);
- AI = NULL;
- }
-
- if ( 0 == (res = getaddrinfo(buf,NULL,&hints,&AI)) )
- break;
-
- if (res != EAI_AGAIN)
- break;
-
- if (++retry == 3)
- break;
-
- sleep(1);
- }
-
- if (isDomain) {
- /* its a domain name. Use the forward-DNS lookup already done */
-
- if (res == 0) {
-#if LIBRESOLV_DNS_TTL_HACK
- /* DNS TTL handling - bne@CareNet.hu
- * for first try it's a dirty hack, by hacking getanswer
- * to place the ttl in a global variable */
- if (_dns_ttl_ > -1)
- ttl = _dns_ttl_;
-#endif
- printf("$addr %d", ttl);
-
- i = 0;
- aiptr = AI;
- while (NULL != aiptr && 32 >= i) {
- memset(ntoabuf, 0, sizeof(ntoabuf));
-
- /* getaddrinfo given a host has a nasty tendency to return duplicate addr's */
- /* BUT sorted fortunately, so we can drop most of them easily */
- if ( prev_addr &&
- prev_addr->ai_family==aiptr->ai_family &&
- memcmp(aiptr->ai_addr, prev_addr->ai_addr, aiptr->ai_addrlen)==0
- ) {
- prev_addr = aiptr;
- aiptr = aiptr->ai_next;
- continue;
- } else {
- prev_addr = aiptr;
- }
-
- /* annoying inet_ntop breaks the nice code by requiring the in*_addr */
- switch (aiptr->ai_family) {
- case AF_INET:
- inet_ntop(aiptr->ai_family, &((struct sockaddr_in*)aiptr->ai_addr)->sin_addr, ntoabuf, sizeof(ntoabuf));
- break;
- case AF_INET6:
- inet_ntop(aiptr->ai_family, &((struct sockaddr_in6*)aiptr->ai_addr)->sin6_addr, ntoabuf, sizeof(ntoabuf));
- break;
- default:
- aiptr = aiptr->ai_next;
- continue;
- }
- printf(" %s", ntoabuf);
- ++i;
- aiptr = aiptr->ai_next;
- }
-
- prev_addr=NULL;
- printf("\n");
- }
- } else { /* its an IPA in text form. perform rDNS */
- /* You'd expect getaddrinfo given AI_CANONNAME would do a lookup on
- * missing FQDN. But no, it only copies the input string to that
- * position regardless of its content.
- */
- if (NULL != AI && NULL != AI->ai_addr) {
- for (;;) {
- if ( 0 == (res = getnameinfo(AI->ai_addr, AI->ai_addrlen, ntoabuf, sizeof(ntoabuf), NULL,0,0)) )
- break;
-
- if (res != EAI_AGAIN)
- break;
-
- if (++retry == 3)
- break;
-
- sleep(1);
- }
- }
-
- if (res == 0) {
-#if LIBRESOLV_DNS_TTL_HACK
- /* DNS TTL handling - bne@CareNet.hu
- * for first try it's a dirty hack, by hacking getanswer
- * to place the ttl in a global variable */
- if (_dns_ttl_ > -1)
- ttl = _dns_ttl_;
-#endif
-
- printf("$name %d %s\n", ttl, ntoabuf);
- }
- }
-
- switch (res) {
- case 0:
- /* no error. */
- break;
-
- case EAI_AGAIN:
- printf("$fail Name Server for domain '%s' is unavailable.\n", buf);
- break;
-
- case EAI_FAIL:
- printf("$fail DNS Domain/IP '%s' does not exist: %s.\n", buf, gai_strerror(res));
- break;
-
-#if defined(EAI_NODATA) || defined(EAI_NONAME)
-#if EAI_NODATA
- /* deprecated. obsolete on some OS */
- case EAI_NODATA:
-#endif
-#if EAI_NONAME
- case EAI_NONAME:
-#endif
- printf("$fail DNS Domain/IP '%s' exists without any FQDN/IPs: %s.\n", buf, gai_strerror(res));
- break;
-#endif
- default:
- printf("$fail A system error occured looking up Domain/IP '%s': %s.\n", buf, gai_strerror(res));
- }
-
- if (AI != NULL)
- freeaddrinfo(AI);
-}
-
-/**
- \ingroup dnsserver
- */
-static void
-usage(void)
-{
- fprintf(stderr, "usage: dnsserver -hv -s nameserver\n"
- "\t-h Help\n"
- "\t-v Version\n"
- "\t-s nameserver Specify alternate name server(s). 'nameserver'\n"
- "\t must be an IPv4 address, -s option may be repeated\n"
- );
-}
-
-#if defined(_SQUID_RES_NSADDR6_LARRAY)
-/// \ingroup dnsserver
-#define _SQUID_RES_NSADDR6_LIST(i) _SQUID_RES_NSADDR6_LARRAY[i].sin6_addr
-#endif
-#if defined(_SQUID_RES_NSADDR6_LPTR)
-/// \ingroup dnsserver
-#define _SQUID_RES_NSADDR6_LIST(i) _SQUID_RES_NSADDR6_LPTR[i]->sin6_addr
-#endif
-
-/**
- * \ingroup dnsserver
- *
- * Override the system DNS nameservers with some local ones.
- * Equivalent to the bind res_setservers() call but for any
- * system where we can find the needed _res fields.
- */
-void
-squid_res_setservers(int reset)
-{
-#if _SQUID_FREEBSD_ && defined(_SQUID_RES_NSADDR6_COUNT)
- /* Only seems to be valid on FreeBSD 5.5 where _res_ext was provided without an ns6addr counter! */
- /* Gone again on FreeBSD 6.2 along with _res_ext itself in any form. */
- int ns6count = 0;
-#endif
-#if HAVE_RES_INIT && defined(_SQUID_RES_NSADDR_LIST)
- extern char *optarg;
-#endif
-
-#if HAVE_RES_INIT && (defined(_SQUID_RES_NSADDR_LIST) || defined(_SQUID_RES_NSADDR6_LIST))
-
- if (reset == 0) {
-#if defined(_SQUID_RES_NSADDR_COUNT)
- _SQUID_RES_NSADDR_COUNT = 0;
- /* because I don't trust the nscount super-count entirely, make sure these are ALL invalid */
- memset(_SQUID_RES_NSADDR_LIST, 0, sizeof(struct sockaddr_in)*MAXNS);
-#endif
-#if defined(_SQUID_RES_NSADDR6_COUNT)
- _SQUID_RES_NSADDR6_COUNT = 0;
-#endif
- }
-
- /* AYJ:
- * I experimented with all the permutations of mixed/unmixed nscount/nscount6 IPv4/IPv6/Both/invalid
- *
- * I'm not sure if splitting them really helps.
- * I've seen no evidence of IPv4 resolver *ever* being used when some IPv6 are set (or not even)
- * BUT, have seen segfault when IPv4 is added to NSADDR6 list (_res._u._ext).
- * It also appears to not do ANY lookup when _res.nscount==0.
- *
- * BUT, even if _res.nsaddrs is memset to NULL, it resolves IFF IPv6 set in _ext.
- *
- * SO, am splitting the IPv4/v6 into the seperate _res fields
- * and making nscount a total of IPv4+IPv6 /w nscount6 the IPv6 sub-counter
- * ie. nscount = count(NSv4)+count(NSv6) & nscount6 = count(NSv6)
- *
- * If ANYONE knows better please let us know.
- */
- struct addrinfo hints;
- memset(&hints, '\0', sizeof(struct addrinfo));
- hints.ai_family = AF_UNSPEC;
- hints.ai_flags = AI_NUMERICHOST; // prevent repeated DNS lookups!
- struct addrinfo *AI = NULL;
- if ( getaddrinfo(optarg, NULL, &hints, &AI) != 0) {
- fprintf(stderr, "%s appears to be a bad nameserver FQDN/IP.\n",optarg);
- } else if ( AI->ai_family == AF_INET ) {
- if (_SQUID_RES_NSADDR_COUNT == MAXNS) {
- fprintf(stderr, "Too many -s options, only %d are allowed\n", MAXNS);
- } else {
- _SQUID_RES_NSADDR_LIST[_SQUID_RES_NSADDR_COUNT] = _SQUID_RES_NSADDR_LIST[0];
- memcpy(&_SQUID_RES_NSADDR_LIST[_SQUID_RES_NSADDR_COUNT++].sin_addr, &((struct sockaddr_in*)AI->ai_addr)->sin_addr, sizeof(struct in_addr));
- }
- } else if ( AI->ai_family == AF_INET6 ) {
-#if USE_IPV6 && defined(_SQUID_RES_NSADDR6_LIST)
- /* because things NEVER seem to resolve in tests without _res.nscount being a total. */
- if (_SQUID_RES_NSADDR_COUNT == MAXNS) {
- fprintf(stderr, "Too many -s options, only %d are allowed\n", MAXNS);
- } else {
- ++ _SQUID_RES_NSADDR_COUNT;
- memcpy(&_SQUID_RES_NSADDR6_LIST(_SQUID_RES_NSADDR6_COUNT++), &((struct sockaddr_in6*)AI->ai_addr)->sin6_addr, sizeof(struct in6_addr));
- }
-#else
- fprintf(stderr, "IPv6 nameservers not supported on this resolver\n");
-#endif
- }
- if (AI != NULL)
- freeaddrinfo(AI);
-
-#else /* !HAVE_RES_INIT || !defined(_SQUID_RES_NSADDR_LIST) */
-
- fprintf(stderr, "-s is not supported on this resolver\n");
-
-#endif /* HAVE_RES_INIT */
-}
-
-/**
- * \ingroup dnsserver
- *
- * This is the external dnsserver process.
- */
-int
-main(int argc, char *argv[])
-{
- char request[512];
- char *t = NULL;
- int c;
- int opt_s = 0;
-
-#if HAVE_RES_INIT
- res_init();
-#endif
-
-#if USE_IPV6
- /* perform AAAA lookups *before* A lookups in IPv6 mode. */
- _res.options |= RES_USE_INET6;
-#endif
-
- while ((c = getopt(argc, argv, "Dhs:v")) != -1) {
- switch (c) {
-
- case 'D':
- fprintf(stderr, "-D is now default behaviour from this tool.\n");
- break;
-
- case 's':
- squid_res_setservers(opt_s);
- opt_s = 1;
- break;
-
- case 'v':
- printf("dnsserver version %s\n", VERSION);
-
- exit(0);
-
- break;
-
- case 'h':
-
- default:
- usage();
-
- exit(1);
-
- break;
- }
- }
-
-#if _SQUID_WINDOWS_
- {
- WSADATA wsaData;
-
- WSAStartup(2, &wsaData);
- }
-
- fflush(stderr);
-#endif
-
- for (;;) {
- memset(request, '\0', REQ_SZ);
-
- if (fgets(request, REQ_SZ, stdin) == NULL) {
-#if _SQUID_WINDOWS_
- WSACleanup();
-#endif
- exit(1);
- }
-
- t = strrchr(request, '\n');
-
- if (t == NULL) /* Ignore if no newline */
- continue;
-
- *t = '\0'; /* strip NL */
-
- if ((t = strrchr(request, '\r')) != NULL)
- *t = '\0'; /* strip CR */
-
- lookup(request);
-
- fflush(stdout);
- }
-
- /* NOTREACHED */
- return 0;
-}
// following pools are initialized late by their component if needed (or never)
MEM_FQDNCACHE_ENTRY,
MEM_FWD_SERVER,
-#if !USE_DNSHELPER
MEM_IDNS_QUERY,
-#endif
MEM_IPCACHE_ENTRY,
MEM_MAX
} mem_type;
/// \ingroup FQDNCacheInternal
static dlink_list lru_list;
-#if USE_DNSHELPER
-static HLPCB fqdncacheHandleReply;
-static int fqdncacheParse(fqdncache_entry *, const char *buf);
-#else
static IDNSCB fqdncacheHandleReply;
static int fqdncacheParse(fqdncache_entry *, const rfc1035_rr *, int, const char *error_message);
-#endif
static void fqdncacheRelease(fqdncache_entry *);
static fqdncache_entry *fqdncacheCreateEntry(const char *name);
static void fqdncacheCallback(fqdncache_entry *, int wait);
}
/// \ingroup FQDNCacheInternal
-#if USE_DNSHELPER
-static int
-fqdncacheParse(fqdncache_entry *f, const char *inbuf)
-{
- LOCAL_ARRAY(char, buf, DNS_INBUF_SZ);
- char *token;
- int ttl;
- const char *name = (const char *)f->hash.key;
- f->expires = squid_curtime + Config.negativeDnsTtl;
- f->flags.negcached = 1;
-
- if (inbuf == NULL) {
- debugs(35, DBG_IMPORTANT, "fqdncacheParse: Got <NULL> reply in response to '" << name << "'");
- f->error_message = xstrdup("Internal Error");
- return -1;
- }
-
- xstrncpy(buf, inbuf, DNS_INBUF_SZ);
- debugs(35, 5, "fqdncacheParse: parsing: {" << buf << "}");
- token = strtok(buf, w_space);
-
- if (NULL == token) {
- debugs(35, DBG_IMPORTANT, "fqdncacheParse: Got <NULL>, expecting '$name' in response to '" << name << "'");
- f->error_message = xstrdup("Internal Error");
- return -1;
- }
-
- if (0 == strcmp(token, "$fail")) {
- token = strtok(NULL, "\n");
- assert(NULL != token);
- f->error_message = xstrdup(token);
- return 0;
- }
-
- if (0 != strcmp(token, "$name")) {
- debugs(35, DBG_IMPORTANT, "fqdncacheParse: Got '" << inbuf << "', expecting '$name' in response to '" << name << "'");
- f->error_message = xstrdup("Internal Error");
- return -1;
- }
-
- token = strtok(NULL, w_space);
-
- if (NULL == token) {
- debugs(35, DBG_IMPORTANT, "fqdncacheParse: Got '" << inbuf << "', expecting TTL in response to '" << name << "'");
- f->error_message = xstrdup("Internal Error");
- return -1;
- }
-
- ttl = atoi(token);
-
- token = strtok(NULL, w_space);
-
- if (NULL == token) {
- debugs(35, DBG_IMPORTANT, "fqdncacheParse: Got '" << inbuf << "', expecting hostname in response to '" << name << "'");
- f->error_message = xstrdup("Internal Error");
- return -1;
- }
-
- f->names[0] = xstrdup(token);
- f->name_count = 1;
-
- if (ttl == 0 || ttl > Config.positiveDnsTtl)
- ttl = Config.positiveDnsTtl;
-
- if (ttl < Config.negativeDnsTtl)
- ttl = Config.negativeDnsTtl;
-
- f->expires = squid_curtime + ttl;
-
- f->flags.negcached = 0;
-
- return f->name_count;
-}
-
-#else
static int
fqdncacheParse(fqdncache_entry *f, const rfc1035_rr * answers, int nr, const char *error_message)
{
return f->name_count;
}
-#endif
-
/**
\ingroup FQDNCacheAPI
*
* Callback for handling DNS results.
*/
static void
-#if USE_DNSHELPER
-fqdncacheHandleReply(void *data, const HelperReply &reply)
-#else
fqdncacheHandleReply(void *data, const rfc1035_rr * answers, int na, const char *error_message)
-#endif
{
fqdncache_entry *f;
static_cast<generic_cbdata *>(data)->unwrap(&f);
++FqdncacheStats.replies;
const int age = f->age();
statCounter.dns.svcTime.count(age);
-#if USE_DNSHELPER
-
- fqdncacheParse(f, reply.other().content());
-#else
-
fqdncacheParse(f, answers, na, error_message);
-#endif
-
fqdncacheAddEntry(f);
-
fqdncacheCallback(f, age);
}
f->handlerData = cbdataReference(handlerData);
f->request_time = current_time;
c = new generic_cbdata(f);
-#if USE_DNSHELPER
- dnsSubmit(hashKeyStr(&f->hash), fqdncacheHandleReply, c);
-#else
idnsPTRLookup(addr, fqdncacheHandleReply, c);
-#endif
}
/**
#include "squid.h"
#include "cbdata.h"
#include "CacheManager.h"
+#include "dlink.h"
#include "DnsLookupDetails.h"
#include "event.h"
#include "ip/Address.h"
static void stat_ipcache_get(StoreEntry *);
static FREE ipcacheFreeEntry;
-#if USE_DNSHELPER
-static HLPCB ipcacheHandleReply;
-#else
static IDNSCB ipcacheHandleReply;
-#endif
static int ipcacheExpiredEntry(ipcache_entry *);
-#if USE_DNSHELPER
-static int ipcacheParse(ipcache_entry *, const char *buf);
-#else
static int ipcacheParse(ipcache_entry *, const rfc1035_rr *, int, const char *error);
-#endif
static ipcache_entry *ipcache_get(const char *);
static void ipcacheLockEntry(ipcache_entry *);
static void ipcacheStatPrint(ipcache_entry *, StoreEntry *);
}
/// \ingroup IPCacheAPI
-#if USE_DNSHELPER
-static int
-ipcacheParse(ipcache_entry *i, const char *inbuf)
-{
- LOCAL_ARRAY(char, buf, DNS_INBUF_SZ);
- char *token;
- int ipcount = 0;
- int ttl;
- char *A[32];
- const char *name = (const char *)i->hash.key;
- i->expires = squid_curtime + Config.negativeDnsTtl;
- i->flags.negcached = 1;
- safe_free(i->addrs.in_addrs);
- safe_free(i->addrs.bad_mask);
- safe_free(i->error_message);
- i->addrs.count = 0;
-
- if (inbuf == NULL) {
- debugs(14, DBG_IMPORTANT, "ipcacheParse: Got <NULL> reply");
- i->error_message = xstrdup("Internal Error");
- return -1;
- }
-
- xstrncpy(buf, inbuf, DNS_INBUF_SZ);
- debugs(14, 5, "ipcacheParse: parsing: {" << buf << "}");
- token = strtok(buf, w_space);
-
- if (NULL == token) {
- debugs(14, DBG_IMPORTANT, "ipcacheParse: expecting result, got '" << inbuf << "'");
-
- i->error_message = xstrdup("Internal Error");
- return -1;
- }
-
- if (0 == strcmp(token, "$fail")) {
- token = strtok(NULL, "\n");
- assert(NULL != token);
- i->error_message = xstrdup(token);
- return 0;
- }
-
- if (0 != strcmp(token, "$addr")) {
- debugs(14, DBG_IMPORTANT, "ipcacheParse: expecting '$addr', got '" << inbuf << "' in response to '" << name << "'");
-
- i->error_message = xstrdup("Internal Error");
- return -1;
- }
-
- token = strtok(NULL, w_space);
-
- if (NULL == token) {
- debugs(14, DBG_IMPORTANT, "ipcacheParse: expecting TTL, got '" << inbuf << "' in response to '" << name << "'");
-
- i->error_message = xstrdup("Internal Error");
- return -1;
- }
-
- ttl = atoi(token);
-
- while (NULL != (token = strtok(NULL, w_space))) {
- A[ipcount] = token;
-
- if (++ipcount == 32)
- break;
- }
-
- if (ipcount > 0) {
- int j, k;
-
- i->addrs.in_addrs = static_cast<Ip::Address *>(xcalloc(ipcount, sizeof(Ip::Address)));
- for (int l = 0; l < ipcount; ++l)
- i->addrs.in_addrs[l].setEmpty(); // perform same init actions as constructor would.
- i->addrs.bad_mask = (unsigned char *)xcalloc(ipcount, sizeof(unsigned char));
- memset(i->addrs.bad_mask, 0, sizeof(unsigned char) * ipcount);
-
- for (j = 0, k = 0; k < ipcount; ++k) {
- if ((i->addrs.in_addrs[j] = A[k]))
- ++j;
- else
- debugs(14, DBG_IMPORTANT, "ipcacheParse: Invalid IP address '" << A[k] << "' in response to '" << name << "'");
- }
-
- i->addrs.count = (unsigned char) j;
- }
-
- if (i->addrs.count <= 0) {
- debugs(14, DBG_IMPORTANT, "ipcacheParse: No addresses in response to '" << name << "'");
- return -1;
- }
-
- if (ttl == 0 || ttl > Config.positiveDnsTtl)
- ttl = Config.positiveDnsTtl;
-
- if (ttl < Config.negativeDnsTtl)
- ttl = Config.negativeDnsTtl;
-
- i->expires = squid_curtime + ttl;
-
- i->flags.negcached = 0;
-
- return i->addrs.count;
-}
-
-#else
static int
ipcacheParse(ipcache_entry *i, const rfc1035_rr * answers, int nr, const char *error_message)
{
return i->addrs.count;
}
-#endif
-
/// \ingroup IPCacheInternal
static void
-#if USE_DNSHELPER
-ipcacheHandleReply(void *data, const HelperReply &reply)
-#else
ipcacheHandleReply(void *data, const rfc1035_rr * answers, int na, const char *error_message)
-#endif
{
ipcache_entry *i;
static_cast<generic_cbdata *>(data)->unwrap(&i);
const int age = i->age();
statCounter.dns.svcTime.count(age);
-#if USE_DNSHELPER
- ipcacheParse(i, reply.other().content());
-#else
-
int done = ipcacheParse(i, answers, na, error_message);
/* If we have not produced either IPs or Error immediately, wait for recursion to finish. */
- if (done != 0 || error_message != NULL)
-#endif
-
- {
+ if (done != 0 || error_message != NULL) {
ipcacheAddEntry(i);
ipcacheCallback(i, age);
}
i->handlerData = cbdataReference(handlerData);
i->request_time = current_time;
c = new generic_cbdata(i);
-#if USE_DNSHELPER
- dnsSubmit(hashKeyStr(&i->hash), ipcacheHandleReply, c);
-#else
idnsALookup(hashKeyStr(&i->hash), ipcacheHandleReply, c);
-#endif
}
/// \ingroup IPCacheInternal
mainRotate(void)
{
icmpEngine.Close();
-#if USE_DNSHELPER
- dnsShutdown();
-#endif
redirectShutdown();
#if USE_AUTH
authenticateRotate();
icapLogRotate(); /*icap.log*/
#endif
icmpEngine.Open();
-#if USE_DNSHELPER
- dnsInit();
-#endif
redirectInit();
#if USE_AUTH
authenticateInit(&Auth::TheConfig);
--disable-leakfinder \
--disable-follow-x-forwarded-for \
--disable-ident-lookups \
- --disable-internal-dns \
--disable-default-hostsfile \
--disable-auth \
--disable-basic-auth-helpers \
--enable-leakfinder \
--enable-follow-x-forwarded-for \
--enable-ident-lookups \
- --enable-internal-dns \
--enable-default-hostsfile \
--enable-auth \
--enable-basic-auth-helpers \
projects / thirdparty / squid.git / commitdiff
