}
if(*decryptedQueryLen < static_cast<uint16_t>(sizeof(struct dnsheader))) {
- g_stats.nonCompliantQueries++;
+ ++g_stats.nonCompliantQueries;
return false;
}
queriesCount++;
if (qlen < sizeof(dnsheader)) {
- g_stats.nonCompliantQueries++;
+ ++g_stats.nonCompliantQueries;
break;
}
ci.cs->queries++;
- g_stats.queries++;
+ ++g_stats.queries;
if (g_maxTCPQueriesPerConn && queriesCount > g_maxTCPQueriesPerConn) {
vinfolog("Terminating TCP connection from %s because it reached the maximum number of queries per conn (%d / %d)", ci.remote.toStringWithPort(), queriesCount, g_maxTCPQueriesPerConn);
}
#endif
handler.writeSizeAndMsg(query, dq.len, g_tcpSendTimeout);
- g_stats.selfAnswered++;
+ ++g_stats.selfAnswered;
continue;
}
}
#endif
handler.writeSizeAndMsg(cachedResponse, cachedResponseSize, g_tcpSendTimeout);
- g_stats.cacheHits++;
+ ++g_stats.cacheHits;
continue;
}
- g_stats.cacheMisses++;
+ ++g_stats.cacheMisses;
}
if(!ds) {
- g_stats.noPolicy++;
+ ++g_stats.noPolicy;
if (g_servFailOnNoPolicy) {
restoreFlags(dh, origFlags);
sockets.erase(ds->remote);
}
- g_stats.responses++;
+ ++g_stats.responses;
struct timespec answertime;
gettime(&answertime);
unsigned int udiff = 1000000.0*DiffTime(now,answertime);
}
if(!acl->match(remote)) {
- g_stats.aclDrops++;
+ ++g_stats.aclDrops;
vinfolog("Dropped TCP connection from %s because of ACL", remote.toStringWithPort());
continue;
}
void doLatencyStats(double udiff)
{
- if(udiff < 1000) g_stats.latency0_1++;
- else if(udiff < 10000) g_stats.latency1_10++;
- else if(udiff < 50000) g_stats.latency10_50++;
- else if(udiff < 100000) g_stats.latency50_100++;
- else if(udiff < 1000000) g_stats.latency100_1000++;
- else g_stats.latencySlow++;
+ if(udiff < 1000) ++g_stats.latency0_1;
+ else if(udiff < 10000) ++g_stats.latency1_10;
+ else if(udiff < 50000) ++g_stats.latency10_50;
+ else if(udiff < 100000) ++g_stats.latency50_100;
+ else if(udiff < 1000000) ++g_stats.latency100_1000;
+ else ++g_stats.latencySlow;
auto doAvg = [](double& var, double n, double weight) {
var = (weight -1) * var/weight + n/weight;
return true;
}
else {
- g_stats.nonCompliantResponses++;
+ ++g_stats.nonCompliantResponses;
return false;
}
}
catch(std::exception& e) {
if(responseLen > (ssize_t)sizeof(dnsheader))
infolog("Backend %s sent us a response with id %d that did not parse: %s", remote.toStringWithPort(), ntohs(dh->id), e.what());
- g_stats.nonCompliantResponses++;
+ ++g_stats.nonCompliantResponses;
return false;
}
sendUDPResponse(origFD, response, responseLen, ids->delayMsec, ids->destHarvested ? ids->origDest : empty, ids->origRemote);
}
- g_stats.responses++;
+ ++g_stats.responses;
double udiff = ids->sentTime.udiff();
vinfolog("Got answer from %s, relayed to %s, took %f usec", dss->remote.toStringWithPort(), ids->origRemote.toStringWithPort(), udiff);
gettime(&ts);
g_rings.insertResponse(ts, ids->origRemote, ids->qname, ids->qtype, (unsigned int)udiff, (unsigned int)got, *dh, dss->remote);
- if(dh->rcode == RCode::ServFail)
- g_stats.servfailResponses++;
+ if(dh->rcode == RCode::ServFail) {
+ ++g_stats.servfailResponses;
+ }
dss->latencyUsec = (127.0 * dss->latencyUsec / 128.0) + udiff/128.0;
doLatencyStats(udiff);
if(auto got = holders.dynNMGBlock->lookup(*dq.remote)) {
auto updateBlockStats = [&got]() {
- g_stats.dynBlocked++;
+ ++g_stats.dynBlocked;
got->second.blocks++;
};
if(auto got = holders.dynSMTBlock->lookup(*dq.qname)) {
auto updateBlockStats = [&got]() {
- g_stats.dynBlocked++;
+ ++g_stats.dynBlocked;
got->blocks++;
};
return true;
break;
case DNSAction::Action::Drop:
- g_stats.ruleDrop++;
+ ++g_stats.ruleDrop;
return false;
break;
case DNSAction::Action::Nxdomain:
dq.dh->rcode = RCode::NXDomain;
dq.dh->qr=true;
- g_stats.ruleNXDomain++;
+ ++g_stats.ruleNXDomain;
return true;
break;
case DNSAction::Action::Refused:
dq.dh->rcode = RCode::Refused;
dq.dh->qr=true;
- g_stats.ruleRefused++;
+ ++g_stats.ruleRefused;
return true;
break;
case DNSAction::Action::ServFail:
dq.dh->rcode = RCode::ServFail;
dq.dh->qr=true;
- g_stats.ruleServFail++;
+ ++g_stats.ruleServFail;
return true;
break;
case DNSAction::Action::Spoof:
if (msgh->msg_flags & MSG_TRUNC) {
/* message was too large for our buffer */
vinfolog("Dropping message too large for our buffer");
- g_stats.nonCompliantQueries++;
+ ++g_stats.nonCompliantQueries;
return false;
}
if(!holders.acl->match(remote)) {
vinfolog("Query from %s dropped because of ACL", remote.toStringWithPort());
- g_stats.aclDrops++;
+ ++g_stats.aclDrops;
return false;
}
cs.queries++;
- g_stats.queries++;
+ ++g_stats.queries;
if (HarvestDestinationAddress(msgh, &dest)) {
/* we don't get the port, only the address */
bool checkQueryHeaders(const struct dnsheader* dh)
{
if (dh->qr) { // don't respond to responses
- g_stats.nonCompliantQueries++;
+ ++g_stats.nonCompliantQueries;
return false;
}
if (dh->qdcount == 0) {
- g_stats.emptyQueries++;
+ ++g_stats.emptyQueries;
return false;
}
if (dh->rd) {
- g_stats.rdQueries++;
+ ++g_stats.rdQueries;
}
return true;
sendUDPResponse(cs.udpFD, response, responseLen, delayMsec, dest, remote);
}
- g_stats.selfAnswered++;
+ ++g_stats.selfAnswered;
doLatencyStats(0); // we're not going to measure this
}
}
}
- g_stats.cacheHits++;
+ ++g_stats.cacheHits;
doLatencyStats(0); // we're not going to measure this
return;
}
- g_stats.cacheMisses++;
+ ++g_stats.cacheMisses;
}
if(!ss) {
- g_stats.noPolicy++;
+ ++g_stats.noPolicy;
if (g_servFailOnNoPolicy && !cs.muted) {
char* response = query;
}
else {
ss->reuseds++;
- g_stats.downstreamTimeouts++;
+ ++g_stats.downstreamTimeouts;
}
ids->cs = &cs;
if(ret < 0) {
ss->sendErrors++;
- g_stats.downstreamSendErrors++;
+ ++g_stats.downstreamSendErrors;
}
vinfolog("Got query for %s|%s from %s, relayed to %s", ids->qname.toString(), QType(ids->qtype).getName(), remote.toStringWithPort(), ss->getName());
ssize_t got = recvmsg(cs->udpFD, &msgh, 0);
if (got < 0 || static_cast<size_t>(got) < sizeof(struct dnsheader)) {
- g_stats.nonCompliantQueries++;
+ ++g_stats.nonCompliantQueries;
continue;
}
ids.age = 0;
dss->reuseds++;
--dss->outstanding;
- g_stats.downstreamTimeouts++; // this is an 'actively' discovered timeout
+ ++g_stats.downstreamTimeouts; // this is an 'actively' discovered timeout
vinfolog("Had a downstream timeout from %s (%s) for query for %s|%s from %s",
dss->remote.toStringWithPort(), dss->name,
ids.qname.toString(), QType(ids.qtype).getName(), ids.origRemote.toStringWithPort());
int total = 0;
int notified = 0;
- for (vector<DomainInfo>::const_iterator di=domains.begin(); di != domains.end(); di++) {
- if (di->kind == 0) { // MASTER
+ for (const auto& di : domains) {
+ if (di.kind == 0) { // MASTER
total++;
- if(Communicator.notifyDomain(di->zone))
+ if(Communicator.notifyDomain(di.zone))
notified++;
}
}
int count = 0;
- for (vector<DomainInfo>::const_iterator di=domains.begin(); di != domains.end(); di++) {
- if (di->kind == kindFilter || kindFilter == -1) {
- ret<<di->zone.toString()<<endl;
+ for (const auto& di: domains) {
+ if (di.kind == kindFilter || kindFilter == -1) {
+ ret<<di.zone.toString()<<endl;
count++;
}
}
B.getAllDomains(&domains, true);
int count = 0;
- for (vector<DomainInfo>::const_iterator di=domains.begin(); di != domains.end(); di++) {
- if (di->kind == kindFilter || kindFilter == -1) {
- cout<<di->zone<<endl;
+ for (const auto& di: domains) {
+ if (di.kind == kindFilter || kindFilter == -1) {
+ cout<<di.zone<<endl;
count++;
}
}
return 1;
}
std::vector<std::string>::iterator iter = meta.begin();
- for(;iter != meta.end(); iter++) if (*iter == name) break;
+ for(;iter != meta.end(); ++iter) if (*iter == name) break;
if (iter != meta.end()) meta.erase(iter);
if (B.setDomainMetadata(zname, metaKey, meta)) {
cout << "Disabled TSIG key " << name << " for " << zname << endl;
std::map<std::string, std::vector<std::string> > meta;
std::cout << "Metadata for '" << zone << "'" << endl;
B.getAllDomainMetadata(zone, meta);
- for(std::map<std::string, std::vector<std::string> >::const_iterator each_meta = meta.begin(); each_meta != meta.end(); each_meta++) {
- cout << each_meta->first << " = " << boost::join(each_meta->second, ", ") << endl;
+ for(const auto& each_meta: meta) {
+ cout << each_meta.first << " = " << boost::join(each_meta.second, ", ") << endl;
}
}
return 0;
nm=0;
std::map<std::string, std::vector<std::string> > meta;
if (src->getAllDomainMetadata(di.zone, meta)) {
- std::map<std::string, std::vector<std::string> >::iterator i;
- for(i=meta.begin(); i != meta.end(); i++) {
- if (!tgt->setDomainMetadata(di.zone, i->first, i->second)) throw PDNSException("Failed to feed domain metadata");
+ for (const auto& i : meta) {
+ if (!tgt->setDomainMetadata(di.zone, i.first, i.second)) throw PDNSException("Failed to feed domain metadata");
nm++;
}
}
// It's not possible to have multiple CNAME's with the same NAME. So we always update.
} else if (rrType == QType::CNAME) {
int changedCNames = 0;
- for (vector<DNSResourceRecord>::iterator i = rrset.begin(); i != rrset.end(); i++) {
- if (i->ttl != rr->d_ttl || i->content != rr->d_content->getZoneRepresentation()) {
- i->ttl = rr->d_ttl;
- i->setContent(rr->d_content->getZoneRepresentation());
+ for (auto& i : rrset) {
+ if (i.ttl != rr->d_ttl || i.content != rr->d_content->getZoneRepresentation()) {
+ i.ttl = rr->d_ttl;
+ i.setContent(rr->d_content->getZoneRepresentation());
changedCNames++;
}
}
} else {
int updateTTL=0;
foundRecord = false;
- for (vector<DNSResourceRecord>::iterator i = rrset.begin(); i != rrset.end(); i++) {
+ for (auto& i : rrset) {
string content = rr->d_content->getZoneRepresentation();
- if (rrType == i->qtype.getCode() && i->getZoneRepresentation() == content) {
+ if (rrType == i.qtype.getCode() && i.getZoneRepresentation() == content) {
foundRecord=true;
- if (i->ttl != rr->d_ttl) {
- i->ttl = rr->d_ttl;
+ if (i.ttl != rr->d_ttl) {
+ i.ttl = rr->d_ttl;
updateTTL++;
}
}
stringtok(allowedRanges, ::arg()["allow-dnsupdate-from"], ", \t" );
NetmaskGroup ng;
- for(vector<string>::const_iterator i=allowedRanges.begin(); i != allowedRanges.end(); i++)
- ng.addMask(*i);
+ for(const auto& i: allowedRanges) {
+ ng.addMask(i);
+ }
if ( ! ng.match(&p->d_remote)) {
g_log<<Logger::Error<<msgPrefix<<"Remote not listed in allow-dnsupdate-from or domainmetadata. Sending REFUSED"<<endl;
if (p->d_tsig_algo == TSIG_GSS) {
GssName inputname(p->d_peer_principal); // match against principal since GSS
- for(vector<string>::const_iterator key=tsigKeys.begin(); key != tsigKeys.end(); key++) {
- if (inputname.match(*key)) {
+ for(const auto& key: tsigKeys) {
+ if (inputname.match(key)) {
validKey = true;
break;
}
}
} else {
- for(vector<string>::const_iterator key=tsigKeys.begin(); key != tsigKeys.end(); key++) {
- if (inputkey == DNSName(*key)) { // because checkForCorrectTSIG has already been performed earlier on, if the names of the ky match with the domain given. THis is valid.
+ for(const auto& key: tsigKeys) {
+ if (inputkey == DNSName(key)) { // because checkForCorrectTSIG has already been performed earlier on, if the names of the ky match with the domain given. THis is valid.
validKey=true;
break;
}
typedef vector<DNSResourceRecord> rrVector_t;
typedef std::map<rrSetKey_t, rrVector_t> RRsetMap_t;
RRsetMap_t preReqRRsets;
- for(const auto& i : mdp.d_answers) {
+ for(const auto& i: mdp.d_answers) {
const DNSRecord* rr = &i.first;
if (rr->d_place == DNSResourceRecord::ANSWER) {
// Last line of 3.2.3
nsRRInZone.push_back(rec);
}
if (nsRRInZone.size() > nsRRtoDelete.size()) { // only delete if the NS's we delete are less then what we have in the zone (3.4.2.4)
- for (vector<DNSResourceRecord>::iterator inZone=nsRRInZone.begin(); inZone != nsRRInZone.end(); inZone++) {
- for (vector<const DNSRecord *>::iterator rr=nsRRtoDelete.begin(); rr != nsRRtoDelete.end(); rr++) {
- if (inZone->getZoneRepresentation() == (*rr)->d_content->getZoneRepresentation())
- changedRecords += performUpdate(msgPrefix, *rr, &di, isPresigned, &narrow, &haveNSEC3, &ns3pr, &updatedSerial);
+ for (auto& inZone: nsRRInZone) {
+ for (auto& rr: nsRRtoDelete) {
+ if (inZone.getZoneRepresentation() == (rr)->d_content->getZoneRepresentation())
+ changedRecords += performUpdate(msgPrefix, rr, &di, isPresigned, &narrow, &haveNSEC3, &ns3pr, &updatedSerial);
}
}
}
string dir;
ostringstream o;
- for(map<string, AtomicCounter *>::const_iterator i=d_stats.begin();
- i!=d_stats.end();
- i++)
- {
- o<<i->first<<"="<<*(i->second)<<",";
- }
+ for(const auto& i: d_stats) {
+ o<<i.first<<"="<<*(i.second)<<",";
+ }
for(const funcstats_t::value_type& val : d_funcstats) {
{
vector<string> ret;
- for(map<string, AtomicCounter *>::const_iterator i=d_stats.begin();
- i!=d_stats.end();
- i++)
- ret.push_back(i->first);
+ for(const auto& i: d_stats) {
+ ret.push_back(i.first);
+ }
for(const funcstats_t::value_type& val : d_funcstats) {
ret.push_back(val.first);
StatBag::~StatBag()
{
- for(map<string, AtomicCounter *>::const_iterator i=d_stats.begin();
- i!=d_stats.end();
- i++)
- {
- delete i->second;
- }
+ for(const auto& i: d_stats) {
+ delete i.second;
+ }
}
n3rc.d_iterations = ns3pr.d_iterations;
n3rc.d_algorithm = 1; // SHA1, fixed in PowerDNS for now
nsecxrepo_t::const_iterator inext = iter;
- inext++;
+ ++inext;
if(inext == nsecxrepo.end())
inext = nsecxrepo.begin();
while(!inext->second.d_auth && inext != iter)
{
- inext++;
+ ++inext;
if(inext == nsecxrepo.end())
inext = nsecxrepo.begin();
}
// ZP.setDirectory( BP.getDirectory() );
const vector<BindDomainInfo> &domains = BP.getDomains();
- for( vector<BindDomainInfo>::const_iterator i = domains.begin(); i != domains.end(); i++ )
+ for(const auto& i: domains)
{
- if(i->type!="master" && i->type!="slave") {
- cerr<<" Warning! Skipping '"<<i->type<<"' zone '"<<i->name<<"'"<<endl;
+ if(i.type!="master" && i.type!="slave") {
+ cerr<<" Warning! Skipping '"<<i.type<<"' zone '"<<i.name<<"'"<<endl;
continue;
}
try
{
- if( i->name != g_rootdnsname && i->name != DNSName("localhost") && i->name != DNSName("0.0.127.in-addr.arpa") )
+ if( i.name != g_rootdnsname && i.name != DNSName("localhost") && i.name != DNSName("0.0.127.in-addr.arpa") )
{
- cerr << "Parsing file: " << i->filename << ", domain: " << i->name << endl;
- g_zonename = i->name;
- ZoneParserTNG zpt(i->filename, i->name, BP.getDirectory());
+ cerr << "Parsing file: " << i.filename << ", domain: " << i.name << endl;
+ g_zonename = i.name;
+ ZoneParserTNG zpt(i.filename, i.name, BP.getDirectory());
DNSResourceRecord rr;
while(zpt.get(rr)) {
callback(g_domainid, rr.qname, rr.qtype.getName(), encode_non_ascii(rr.content), rr.ttl);
projects / thirdparty / pdns.git / commitdiff
