Merge pull request #12698 from omoerbeek/rec-synthesized

rec: Start using newly assigned "Synthesized" EDE

diff --combined pdns/recursordist/syncres.cc
index 6c22c9ddbede1368bb4b8486cee7c7b43ae32d6e,039b8ecfd3c454ce58fbdfaa9ca935cfb6f68f52..f26c6fc5937b0beb0e99a4ec4eafcbdd9be0b40c
--- 1/pdns/recursordist/syncres.cc
--- 2/pdns/recursordist/syncres.cc
+++ b/pdns/recursordist/syncres.cc
@@@ -2757,7 -2757,7 +2757,7 @@@ bool SyncRes::doCacheCheck(const DNSNam
      giveNegative = true;
      cachedState = ne.d_validationState;
      if (s_addExtendedResolutionDNSErrors) {
-       context.extendedError = EDNSExtendedError{0, "Result synthesized by root-nx-trust"};
+       context.extendedError = EDNSExtendedError{static_cast<uint16_t>(EDNSExtendedError::code::Synthesized), "Result synthesized by root-nx-trust"};
      }
    }
    else if (g_negCache->get(qname, qtype, d_now, ne, false, d_serveStale, d_refresh)) {
@@@ -2779,13 -2779,13 +2779,13 @@@
            LOG(prefix << qname << "|" << qtype << ": Is negatively cached via '" << ne.d_auth << "' for another " << sttl << " seconds" << endl);
            res = RCode::NoError;
            if (s_addExtendedResolutionDNSErrors) {
-             context.extendedError = EDNSExtendedError{0, "Result from negative cache"};
+             context.extendedError = EDNSExtendedError{static_cast<uint16_t>(EDNSExtendedError::code::Synthesized), "Result from negative cache"};
            }
          }
          else {
            LOG(prefix << qname << ": Entire name '" << qname << "' is negatively cached via '" << ne.d_auth << "' for another " << sttl << " seconds" << endl);
            if (s_addExtendedResolutionDNSErrors) {
-             context.extendedError = EDNSExtendedError{0, "Result from negative cache for entire name"};
+             context.extendedError = EDNSExtendedError{static_cast<uint16_t>(EDNSExtendedError::code::Synthesized), "Result from negative cache for entire name"};
            }
          }
        }
@@@ -2811,7 -2811,7 +2811,7 @@@
            cachedState = ne.d_validationState;
            LOG(prefix << qname << ": Name '" << negCacheName << "' and below, is negatively cached via '" << ne.d_auth << "' for another " << sttl << " seconds" << endl);
            if (s_addExtendedResolutionDNSErrors) {
-             context.extendedError = EDNSExtendedError{0, "Result synthesized by nothing-below-nxdomain (RFC8020)"};
+             context.extendedError = EDNSExtendedError{static_cast<uint16_t>(EDNSExtendedError::code::Synthesized), "Result synthesized by nothing-below-nxdomain (RFC8020)"};
            }
            break;
          }
@@@ -2973,7 -2973,7 +2973,7 @@@
      if (g_aggressiveNSECCache->getDenial(d_now.tv_sec, qname, qtype, ret, res, d_cacheRemote, d_routingTag, d_doDNSSEC, LogObject(prefix))) {
        context.state = vState::Secure;
        if (s_addExtendedResolutionDNSErrors) {
-         context.extendedError = EDNSExtendedError{0, "Result synthesized from aggressive NSEC cache (RFC8198)"};
+         context.extendedError = EDNSExtendedError{static_cast<uint16_t>(EDNSExtendedError::code::Synthesized), "Result synthesized from aggressive NSEC cache (RFC8198)"};
        }
        return true;
      }
@@@ -5135,7 -5135,7 +5135,7 @@@ bool SyncRes::doResolveAtThisIP(const s
      if (s_addExtendedResolutionDNSErrors) {
        extendedError = EDNSExtendedError{static_cast<uint16_t>(EDNSExtendedError::code::NoReachableAuthority), "Timeout waiting for answer(s)"};
      }
 -    throw ImmediateServFailException("Too much time waiting for " + qname.toLogString() + "|" + qtype.toString() + ", timeouts: " + std::to_string(d_timeouts) + ", throttles: " + std::to_string(d_throttledqueries) + ", queries: " + std::to_string(d_outqueries) + ", " + std::to_string(d_totUsec / 1000) + "msec");
 +    throw ImmediateServFailException("Too much time waiting for " + qname.toLogString() + "|" + qtype.toString() + ", timeouts: " + std::to_string(d_timeouts) + ", throttles: " + std::to_string(d_throttledqueries) + ", queries: " + std::to_string(d_outqueries) + ", " + std::to_string(d_totUsec / 1000) + " ms");
    }
  
    if (doTCP) {
@@@ -5183,12 -5183,6 +5183,12 @@@
    }
  
    d_totUsec += lwr.d_usec;
 +
 +  if (resolveret == LWResult::Result::Spoofed) {
 +    spoofed = true;
 +    return false;
 +  }
 +
    accountAuthLatency(lwr.d_usec, remoteIP.sin4.sin_family);
    ++t_Counters.at(rec::RCode::auth).rcodeCounters.at(static_cast<uint8_t>(lwr.d_rcode));
  
@@@ -5203,7 -5197,7 +5203,7 @@@
      if (resolveret == LWResult::Result::Timeout) {
        /* Time out */
  
 -      LOG(prefix << qname << ": Timeout resolving after " << lwr.d_usec / 1000.0 << "msec " << (doTCP ? "over TCP" : "") << endl);
 +      LOG(prefix << qname << ": Timeout resolving after " << lwr.d_usec / 1000.0 << " ms " << (doTCP ? "over TCP" : "") << endl);
        d_timeouts++;
        t_Counters.at(rec::Counter::outgoingtimeouts)++;
  
@@@ -5220,6 -5214,9 +5220,6 @@@
        LOG(prefix << qname << ": Hit a local resource limit resolving" << (doTCP ? " over TCP" : "") << ", probable error: " << stringerror() << endl);
        t_Counters.at(rec::Counter::resourceLimits)++;
      }
 -    else if (resolveret == LWResult::Result::Spoofed) {
 -      spoofed = true;
 -    }
      else {
        /* LWResult::Result::PermanentError */
        t_Counters.at(rec::Counter::unreachables)++;
@@@ -5691,7 -5688,7 +5691,7 @@@ int SyncRes::doResolveAt(NsSet& nameser
                if(remoteIP->sin4.sin_family==AF_INET6)
                lwr.d_usec/=3;
            */
 -          //        cout<<"msec: "<<lwr.d_usec/1000.0<<", "<<g_avgLatency/1000.0<<'\n';
 +          //        cout<<"ms: "<<lwr.d_usec/1000.0<<", "<<g_avgLatency/1000.0<<'\n';
  
            s_nsSpeeds.lock()->find_or_enter(tns->first.empty() ? DNSName(remoteIP->toStringWithPort()) : tns->first, d_now).submit(*remoteIP, lwr.d_usec, d_now);