Decide to use Dot earlier.

To keep the nsspeed table good, we need to decide to use DoT earlier.
Now the lookup and updats of the speed table occur in a proper way
(using the port that is actually used for the connetion) and when
we switch from/to DoT, the old nsspeeds are cleared by the already
existing code.

diff --git a/pdns/syncres.cc b/pdns/syncres.cc
index 60f94119b3dbaa95d474da45715a9bd785835806..deb87f6c22c75056fbe916d8b3f9859148e15465 100644 (file)
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@ -326,6 +326,7 @@ static LockGuarded<DoTMap> s_dotMap;
 
 static const time_t dotFailWait = 24 * 3600;
 static const time_t dotSuccessWait = 3 * 24 * 3600;
+static bool shouldDoDoT(ComboAddress address, time_t now);
 
 unsigned int SyncRes::s_maxnegttl;
 unsigned int SyncRes::s_maxbogusttl;
@@ -1028,7 +1029,7 @@ uint64_t SyncRes::doDumpNSSpeeds(int fd)
     fprintf(fp.get(), "%s\t%s\t", i.d_name.toLogString().c_str(), timestamp(i.d_lastget, tmp, sizeof(tmp)));
     for (const auto& j : i.d_collection) {
       // typedef vector<pair<ComboAddress, DecayingEwma> > collection_t;
-      fprintf(fp.get(), "%s/%f\t", j.first.toString().c_str(), j.second.peek());
+      fprintf(fp.get(), "%s/%f\t", j.first.toStringWithPortExcept(53).c_str(), j.second.peek());
     }
     fprintf(fp.get(), "\n");
   }
@@ -1915,6 +1916,13 @@ vector<ComboAddress> SyncRes::getAddrs(const DNSName &qname, unsigned int depth,
   setCacheOnly(oldCacheOnly);
   d_followCNAME = oldFollowCNAME;
 
+  if (s_max_busy_dot_probes > 0 && s_dot_to_port_853) {
+    for (auto& add : ret) {
+      if (shouldDoDoT(add, d_now.tv_sec)) {
+        add.setPort(853);
+      }
+    }
+  }
   /* we need to remove from the nsSpeeds collection the existing IPs
      for this nameserver that are no longer in the set, even if there
      is only one or none at all in the current set.
@@ -5368,10 +5376,6 @@ int SyncRes::doResolveAt(NsSet &nameservers, DNSName auth, bool flawedNSSet, con
           if (SyncRes::s_dot_to_port_853 && remoteIP->getPort() == 853) {
             doDoT = true;
           }
-          if (!doDoT && s_max_busy_dot_probes > 0 && shouldDoDoT(*remoteIP, d_now.tv_sec)) {
-            remoteIP->setPort(853);
-            doDoT = true;
-          }
           bool forceTCP = doDoT;
 
           if (!doDoT && s_max_busy_dot_probes > 0) {