bool SyncRes::tryDoT(const DNSName& qname, const QType qtype, const DNSName& nsName, ComboAddress address, time_t now)
{
+ auto logHelper = [](const string& msg) {
+ g_log<<Logger::Debug<<"Failed to probe DoT records, got an exception: "<<msg<<endl;
+ };
LWResult lwr;
bool truncated;
bool spoofed;
boost::optional<Netmask> nm;
address.setPort(853);
// We use the fact that qname equals auth
- bool ok = doResolveAtThisIP("", qname, qtype, lwr, nm, qname, false, false, nsName, address, true, true, truncated, spoofed);
- ok = ok && lwr.d_rcode == RCode::NoError && lwr.d_records.size() > 0;
-
+ bool ok = false;
+ try {
+ ok = doResolveAtThisIP("", qname, qtype, lwr, nm, qname, false, false, nsName, address, true, true, truncated, spoofed, true);
+ ok = ok && lwr.d_rcode == RCode::NoError && lwr.d_records.size() > 0;
+ }
+ catch(const PDNSException& e) {
+ logHelper(e.reason);
+ }
+ catch(const ImmediateServFailException& e) {
+ logHelper(e.reason);
+ }
+ catch(const PolicyHitException& e) {
+ logHelper("PolicyHitException");
+ }
+ catch(const std::exception& e) {
+ logHelper(e.what());
+ }
+ catch(...) {
+ logHelper("other");
+ }
updateDoTStatus(address, ok ? DoTStatus::Good : DoTStatus::Bad, now + (ok ? dotSuccessWait : dotFailWait), true);
return ok;
}
-bool SyncRes::doResolveAtThisIP(const std::string& prefix, const DNSName& qname, const QType qtype, LWResult& lwr, boost::optional<Netmask>& ednsmask, const DNSName& auth, bool const sendRDQuery, const bool wasForwarded, const DNSName& nsName, const ComboAddress& remoteIP, bool doTCP, bool doDoT, bool& truncated, bool& spoofed)
+bool SyncRes::doResolveAtThisIP(const std::string& prefix, const DNSName& qname, const QType qtype, LWResult& lwr, boost::optional<Netmask>& ednsmask, const DNSName& auth, bool const sendRDQuery, const bool wasForwarded, const DNSName& nsName, const ComboAddress& remoteIP, bool doTCP, bool doDoT, bool& truncated, bool& spoofed, bool dontThrottle)
{
bool chained = false;
LWResult::Result resolveret = LWResult::Result::Success;
d_totUsec += lwr.d_usec;
accountAuthLatency(lwr.d_usec, remoteIP.sin4.sin_family);
- bool dontThrottle = false;
- {
+ if (!dontThrottle) {
auto dontThrottleNames = g_dontThrottleNames.getLocal();
auto dontThrottleNetmasks = g_dontThrottleNetmasks.getLocal();
dontThrottle = dontThrottleNames->check(nsName) || dontThrottleNetmasks->match(remoteIP);
int doResolveAt(NsSet &nameservers, DNSName auth, bool flawedNSSet, const DNSName &qname, QType qtype, vector<DNSRecord>&ret,
unsigned int depth, set<GetBestNSAnswer>&beenthere, vState& state, StopAtDelegation* stopAtDelegation,
std::map<DNSName, std::vector<ComboAddress>>* fallback);
- bool doResolveAtThisIP(const std::string& prefix, const DNSName& qname, const QType qtype, LWResult& lwr, boost::optional<Netmask>& ednsmask, const DNSName& auth, bool const sendRDQuery, const bool wasForwarded, const DNSName& nsName, const ComboAddress& remoteIP, bool doTCP, bool doDoT, bool& truncated, bool& spoofed);
+ bool doResolveAtThisIP(const std::string& prefix, const DNSName& qname, const QType qtype, LWResult& lwr, boost::optional<Netmask>& ednsmask, const DNSName& auth, bool const sendRDQuery, const bool wasForwarded, const DNSName& nsName, const ComboAddress& remoteIP, bool doTCP, bool doDoT, bool& truncated, bool& spoofed, bool dontThrottle = false);
bool processAnswer(unsigned int depth, LWResult& lwr, const DNSName& qname, const QType qtype, DNSName& auth, bool wasForwarded, const boost::optional<Netmask> ednsmask, bool sendRDQuery, NsSet &nameservers, std::vector<DNSRecord>& ret, const DNSFilterEngine& dfe, bool* gotNewServers, int* rcode, vState& state, const ComboAddress& remoteIP);
int doResolve(const DNSName &qname, QType qtype, vector<DNSRecord>&ret, unsigned int depth, set<GetBestNSAnswer>& beenthere, vState& state);
projects / thirdparty / pdns.git / commitdiff
