From: Otto Moerbeek Date: Fri, 11 Sep 2020 08:06:24 +0000 (+0200) Subject: If we're looking in the cache for NS for a forwarded name, we X-Git-Tag: rec-4.5.0-alpha0~11^2~2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=007fb8008a7da4698dde9f65a8d7ace72d47970c;p=thirdparty%2Fpdns.git If we're looking in the cache for NS for a forwarded name, we can cut off the search at the forwarding domain. I'm not sure if I like the added complexity... --- diff --git a/pdns/syncres.cc b/pdns/syncres.cc index ce6a5fe419..2b06197fec 100644 --- a/pdns/syncres.cc +++ b/pdns/syncres.cc @@ -725,17 +725,23 @@ int SyncRes::doResolve(const DNSName &qname, const QType &qtype, vector beenthereIgnored; - getBestNSFromCache(nsdomain, qtype, bestns, &flawedNSSet, depth, beenthereIgnored); + getBestNSFromCache(nsdomain, qtype, bestns, &flawedNSSet, depth, beenthereIgnored, forwarded ? fwdomain : g_rootdnsname); + if (forwarded) { + break; + } } if (bestns.size() == 0) { - // Something terrible is wrong - QLOG("Step1 No ancestor found return ServFail"); - return RCode::ServFail; + if (!forwarded) { + // Something terrible is wrong + QLOG("Step1 No ancestor found return ServFail"); + return RCode::ServFail; + } + } else { + QLOG("Step1 Ancestor from cache is " << bestns[0].d_name); } - QLOG("Step1 Ancestor from cache is " << bestns[0].d_name); - - const DNSName& ancestor(!forwarded || bestns[0].d_name.isPartOf(fwdomain) ? bestns[0].d_name : fwdomain); + const DNSName& ancestor(!forwarded || (bestns.size() > 0 && bestns[0].d_name.isPartOf(fwdomain)) ? + bestns[0].d_name : fwdomain); if (forwarded) { QLOG("Step1 Final Ancestor (using forwarding info) is " << ancestor); } @@ -1110,7 +1116,7 @@ vector SyncRes::getAddrs(const DNSName &qname, unsigned int depth, return ret; } -void SyncRes::getBestNSFromCache(const DNSName &qname, const QType& qtype, vector& bestns, bool* flawedNSSet, unsigned int depth, set& beenthere) +void SyncRes::getBestNSFromCache(const DNSName &qname, const QType& qtype, vector& bestns, bool* flawedNSSet, unsigned int depth, set& beenthere, const DNSName& cutOffDomain) { string prefix; DNSName subdomain(qname); @@ -1121,6 +1127,9 @@ void SyncRes::getBestNSFromCache(const DNSName &qname, const QType& qtype, vecto bestns.clear(); bool brokeloop; do { + if (!subdomain.isPartOf(cutOffDomain)) { + break; + } brokeloop=false; LOG(prefix< ns; diff --git a/pdns/syncres.hh b/pdns/syncres.hh index a1dbd8ca55..ca7154229b 100644 --- a/pdns/syncres.hh +++ b/pdns/syncres.hh @@ -836,7 +836,7 @@ private: domainmap_t::const_iterator getBestAuthZone(DNSName* qname) const; bool doCNAMECacheCheck(const DNSName &qname, const QType &qtype, vector&ret, unsigned int depth, int &res, vState& state, bool wasAuthZone, bool wasForwardRecurse); bool doCacheCheck(const DNSName &qname, const DNSName& authname, bool wasForwardedOrAuthZone, bool wasAuthZone, bool wasForwardRecurse, const QType &qtype, vector&ret, unsigned int depth, int &res, vState& state); - void getBestNSFromCache(const DNSName &qname, const QType &qtype, vector&bestns, bool* flawedNSSet, unsigned int depth, set& beenthere); + void getBestNSFromCache(const DNSName &qname, const QType &qtype, vector&bestns, bool* flawedNSSet, unsigned int depth, set& beenthere, const DNSName& cutOffDomain = g_rootdnsname); DNSName getBestNSNamesFromCache(const DNSName &qname, const QType &qtype, NsSet& nsset, bool* flawedNSSet, unsigned int depth, set&beenthere); inline vector> shuffleInSpeedOrder(NsSet &nameservers, const string &prefix);