From: Remi Gacogne Date: Mon, 3 Apr 2017 15:10:08 +0000 (+0200) Subject: rec: Cleanup global variables usage in `SyncRes` X-Git-Tag: rec-4.1.0-alpha1~107^2~6 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9065eb05f41b5799bbb9e4ddf32834607635687b;p=thirdparty%2Fpdns.git rec: Cleanup global variables usage in `SyncRes` --- diff --git a/pdns/ednssubnet.hh b/pdns/ednssubnet.hh index 0220bd0f52..eb87b488e6 100644 --- a/pdns/ednssubnet.hh +++ b/pdns/ednssubnet.hh @@ -26,10 +26,6 @@ #include "iputils.hh" #include "dnsname.hh" -extern NetmaskGroup g_ednssubnets; -extern SuffixMatchNode g_ednsdomains; -extern bool g_useIncomingECS; - struct EDNSSubnetOpts { Netmask source; diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc index 868a229813..07faff5d57 100644 --- a/pdns/pdns_recursor.cc +++ b/pdns/pdns_recursor.cc @@ -99,7 +99,7 @@ typedef map tcpClient static __thread shared_ptr* t_pdl; static __thread unsigned int t_id; -static __thread shared_ptr* t_traceRegex; +static __thread std::shared_ptr* t_traceRegex; static __thread tcpClientCounts_t* t_tcpClientCounts; __thread MT_t* MT; // the big MTasker @@ -135,7 +135,7 @@ static std::unordered_map deferredAdds; static set g_fromtosockets; // listen sockets that use 'sendfromto()' mechanism static vector g_localQueryAddresses4, g_localQueryAddresses6; static AtomicCounter counter; -static SyncRes::domainmap_t* g_initialDomainMap; // new threads needs this to be setup +static std::shared_ptr g_initialDomainMap; // new threads needs this to be setup static NetmaskGroup* g_initialAllowFrom; // new thread needs to be setup with this static size_t g_tcpMaxQueriesPerConn; static uint64_t g_latencyStatSize; @@ -156,11 +156,10 @@ static bool g_reusePort{false}; static bool g_useOneSocketPerThread; static bool g_gettagNeedsEDNSOptions{false}; static time_t g_statisticsInterval; +static bool g_useIncomingECS; -std::unordered_set g_delegationOnly; RecursorControlChannel s_rcc; // only active in thread 0 RecursorStats g_stats; -NetmaskGroup* g_dontQuery; string s_programname="pdns_recursor"; string s_pidfname; unsigned int g_numThreads; @@ -2067,7 +2066,7 @@ static void houseKeeping(void *) time_t limit=now.tv_sec-300; for(SyncRes::nsspeeds_t::iterator i = t_sstorage->nsSpeeds.begin() ; i!= t_sstorage->nsSpeeds.end(); ) if(i->second.stale(limit)) - t_sstorage->nsSpeeds.erase(i++); + i = t_sstorage->nsSpeeds.erase(i); else ++i; } @@ -2527,7 +2526,7 @@ try return new string("unset\n"); } else { - (*t_traceRegex) = shared_ptr(new Regex(newRegex)); + (*t_traceRegex) = std::make_shared(newRegex); return new string("ok\n"); } } @@ -2669,7 +2668,7 @@ static void setupDelegationOnly() vector parts; stringtok(parts, ::arg()["delegation-only"], ", \t"); for(const auto& p : parts) { - g_delegationOnly.insert(DNSName(p)); + SyncRes::addDelegationOnly(DNSName(p)); } } @@ -2748,7 +2747,6 @@ static int serviceMain(int argc, char*argv[]) sortPublicSuffixList(); if(!::arg()["dont-query"].empty()) { - g_dontQuery=new NetmaskGroup; vector ips; stringtok(ips, ::arg()["dont-query"], ", "); ips.push_back("0.0.0.0"); @@ -2756,7 +2754,7 @@ static int serviceMain(int argc, char*argv[]) L<::const_iterator i = ips.begin(); i!= ips.end(); ++i) { - g_dontQuery->addMask(*i); + SyncRes::addDontQuery(*i); if(i!=ips.begin()) L<(); + t_traceRegex = new std::shared_ptr(); unsigned int ringsize=::arg().asNum("stats-ringbuffer-entries") / g_numWorkerThreads; if(ringsize) { t_remotes = new addrringbuf_t(); diff --git a/pdns/rec_channel_rec.cc b/pdns/rec_channel_rec.cc index e7d1731ce0..c9f37df019 100644 --- a/pdns/rec_channel_rec.cc +++ b/pdns/rec_channel_rec.cc @@ -196,7 +196,7 @@ static uint64_t* pleaseDump(int fd) static uint64_t* pleaseDumpNSSpeeds(int fd) { - return new uint64_t(t_RC->doDumpNSSpeeds(fd)); + return new uint64_t(SyncRes::doDumpNSSpeeds(fd)); } template diff --git a/pdns/recursor_cache.cc b/pdns/recursor_cache.cc index 9dcfe0c68f..80aca7a774 100644 --- a/pdns/recursor_cache.cc +++ b/pdns/recursor_cache.cc @@ -249,29 +249,6 @@ bool MemRecursorCache::doAgeCache(time_t now, const DNSName& name, uint16_t qtyp return false; } -uint64_t MemRecursorCache::doDumpNSSpeeds(int fd) -{ - FILE* fp=fdopen(dup(fd), "w"); - if(!fp) - return 0; - fprintf(fp, "; nsspeed dump from thread follows\n;\n"); - uint64_t count=0; - - for(SyncRes::nsspeeds_t::iterator i = t_sstorage->nsSpeeds.begin() ; i!= t_sstorage->nsSpeeds.end(); ++i) - { - count++; - fprintf(fp, "%s -> ", i->first.toString().c_str()); - for(SyncRes::DecayingEwmaCollection::collection_t::iterator j = i->second.d_collection.begin(); j!= i->second.d_collection.end(); ++j) - { - // typedef vector > collection_t; - fprintf(fp, "%s/%f ", j->first.toString().c_str(), j->second.peek()); - } - fprintf(fp, "\n"); - } - fclose(fp); - return count; -} - uint64_t MemRecursorCache::doDump(int fd) { FILE* fp=fdopen(dup(fd), "w"); diff --git a/pdns/recursor_cache.hh b/pdns/recursor_cache.hh index 48c1803f29..6bfe31636f 100644 --- a/pdns/recursor_cache.hh +++ b/pdns/recursor_cache.hh @@ -59,7 +59,6 @@ public: void doPrune(void); void doSlash(int perc); uint64_t doDump(int fd); - uint64_t doDumpNSSpeeds(int fd); int doWipeCache(const DNSName& name, bool sub, uint16_t qtype=0xffff); bool doAgeCache(time_t now, const DNSName& name, uint16_t qtype, uint32_t newTTL); diff --git a/pdns/recursordist/Makefile.am b/pdns/recursordist/Makefile.am index 03694b1cb5..b8e0a42605 100644 --- a/pdns/recursordist/Makefile.am +++ b/pdns/recursordist/Makefile.am @@ -92,7 +92,6 @@ pdns_recursor_SOURCES = \ dnssecinfra.hh dnssecinfra.cc \ dnsseckeeper.hh \ dnswriter.cc dnswriter.hh \ - ecs.cc \ ednsoptions.cc ednsoptions.hh \ ednssubnet.cc ednssubnet.hh \ filterpo.cc filterpo.hh \ @@ -189,7 +188,6 @@ testrunner_SOURCES = \ dnssecinfra.cc \ dnswriter.cc dnswriter.hh \ ednscookies.cc ednscookies.hh \ - ecs.cc \ ednsoptions.cc ednsoptions.hh \ ednssubnet.cc ednssubnet.hh \ filterpo.cc filterpo.hh \ diff --git a/pdns/recursordist/ecs.cc b/pdns/recursordist/ecs.cc deleted file mode 100644 index 7e9b7178bf..0000000000 --- a/pdns/recursordist/ecs.cc +++ /dev/null @@ -1,21 +0,0 @@ -#include "syncres.hh" -#include "arguments.hh" - -NetmaskGroup g_ednssubnets; -SuffixMatchNode g_ednsdomains; -bool g_useIncomingECS; - -void parseEDNSSubnetWhitelist(const std::string& wlist) -{ - vector parts; - stringtok(parts, wlist, ",; "); - for(const auto& a : parts) { - try { - Netmask nm(a); - g_ednssubnets.addMask(nm); - } - catch(...) { - g_ednsdomains.add(DNSName(a)); - } - } -} diff --git a/pdns/recursordist/test-syncres_cc.cc b/pdns/recursordist/test-syncres_cc.cc index 7761a47ad6..28e187e6ac 100644 --- a/pdns/recursordist/test-syncres_cc.cc +++ b/pdns/recursordist/test-syncres_cc.cc @@ -10,12 +10,9 @@ #include "syncres.hh" #include "validate-recursor.hh" -std::unordered_set g_delegationOnly; RecursorStats g_stats; GlobalStateHolder g_luaconfs; -NetmaskGroup* g_dontQuery{nullptr}; __thread MemRecursorCache* t_RC{nullptr}; -SyncRes::domainmap_t* g_initialDomainMap{nullptr}; unsigned int g_numThreads = 1; /* Fake some required functions we didn't want the trouble to @@ -108,18 +105,10 @@ static void init(bool debug=false) seedRandom("/dev/urandom"); reportAllTypes(); - if (g_dontQuery) - delete g_dontQuery; - g_dontQuery = new NetmaskGroup(); - if (t_RC) delete t_RC; t_RC = new MemRecursorCache(); - if (g_initialDomainMap) - delete g_initialDomainMap; - g_initialDomainMap = new SyncRes::domainmap_t(); // new threads needs this to be setup - SyncRes::s_maxqperq = 50; SyncRes::s_maxtotusec = 1000*7000; SyncRes::s_maxdepth = 40; @@ -135,11 +124,10 @@ static void init(bool debug=false) SyncRes::s_rootNXTrust = true; SyncRes::s_minimumTTL = 0; SyncRes::s_serverID = "PowerDNS Unit Tests Server ID"; - - g_ednssubnets = NetmaskGroup(); - g_ednsdomains = SuffixMatchNode(); - g_useIncomingECS = false; - g_delegationOnly.clear(); + SyncRes::clearEDNSSubnets(); + SyncRes::clearEDNSDomains(); + SyncRes::clearDelegationOnly(); + SyncRes::clearDontQuery(); auto luaconfsCopy = g_luaconfs.getCopy(); luaconfsCopy.dfe.clear(); @@ -163,7 +151,7 @@ static void initSR(std::unique_ptr& sr, bool edns0, bool dnssec, SyncRe sr->setDoEDNS0(edns0); sr->setDoDNSSEC(dnssec); sr->setLogMode(lm); - t_sstorage->domainmap = g_initialDomainMap; + t_sstorage->domainmap = std::make_shared(); t_sstorage->negcache.clear(); t_sstorage->nsSpeeds.clear(); t_sstorage->ednsstatus.clear(); @@ -701,8 +689,7 @@ BOOST_AUTO_TEST_CASE(test_edns_submask_by_domain) { primeHints(); const DNSName target("powerdns.com."); - g_useIncomingECS = true; - g_ednsdomains.add(target); + SyncRes::addEDNSDomain(target); EDNSSubnetOpts incomingECS; incomingECS.source = Netmask("192.0.2.128/32"); @@ -729,8 +716,7 @@ BOOST_AUTO_TEST_CASE(test_edns_submask_by_addr) { primeHints(); const DNSName target("powerdns.com."); - g_useIncomingECS = true; - g_ednssubnets.addMask("192.0.2.1/32"); + SyncRes::addEDNSSubnet(Netmask("192.0.2.1/32")); EDNSSubnetOpts incomingECS; incomingECS.source = Netmask("2001:DB8::FF/128"); @@ -1209,7 +1195,7 @@ BOOST_AUTO_TEST_CASE(test_dont_query_server) { }); /* prevent querying this NS */ - g_dontQuery->addMask(Netmask(ns)); + SyncRes::addDontQuery(Netmask(ns)); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1412,8 +1398,7 @@ BOOST_AUTO_TEST_CASE(test_skip_negcache_for_variable_response) { const DNSName target("www.powerdns.com."); const DNSName cnameTarget("cname.powerdns.com."); - g_useIncomingECS = true; - g_ednsdomains.add(DNSName("powerdns.com.")); + SyncRes::addEDNSDomain(DNSName("powerdns.com.")); EDNSSubnetOpts incomingECS; incomingECS.source = Netmask("192.0.2.128/32"); @@ -1729,8 +1714,8 @@ BOOST_AUTO_TEST_CASE(test_delegation_only) { primeHints(); /* Thanks, Verisign */ - g_delegationOnly.insert(DNSName("com.")); - g_delegationOnly.insert(DNSName("net.")); + SyncRes::addDelegationOnly(DNSName("com.")); + SyncRes::addDelegationOnly(DNSName("net.")); const DNSName target("nx-powerdns.com."); diff --git a/pdns/reczones.cc b/pdns/reczones.cc index 845155b775..8bfedcedf5 100644 --- a/pdns/reczones.cc +++ b/pdns/reczones.cc @@ -97,7 +97,7 @@ void primeHints(void) t_RC->replace(time(0), g_rootdnsname, QType(QType::NS), nsset, vector>(), false); // and stuff in the cache } -static void makeNameToIPZone(SyncRes::domainmap_t* newMap, const DNSName& hostname, const string& ip) +static void makeNameToIPZone(std::shared_ptr newMap, const DNSName& hostname, const string& ip) { SyncRes::AuthDomain ad; ad.d_rdForward=false; @@ -131,7 +131,7 @@ static void makeNameToIPZone(SyncRes::domainmap_t* newMap, const DNSName& hostna } //! parts[0] must be an IP address, the rest must be host names -static void makeIPToNamesZone(SyncRes::domainmap_t* newMap, const vector& parts) +static void makeIPToNamesZone(std::shared_ptr newMap, const vector& parts) { string address=parts[0]; vector ipparts; @@ -233,7 +233,7 @@ void* pleaseWipeNegCache() return 0; } -void* pleaseUseNewSDomainsMap(SyncRes::domainmap_t* newmap) +void* pleaseUseNewSDomainsMap(std::shared_ptr newmap) { t_sstorage->domainmap = newmap; return 0; @@ -241,14 +241,14 @@ void* pleaseUseNewSDomainsMap(SyncRes::domainmap_t* newmap) string reloadAuthAndForwards() { - SyncRes::domainmap_t* original=t_sstorage->domainmap; + std::shared_ptr original=t_sstorage->domainmap; try { L<domainmap->begin(); i != t_sstorage->domainmap->end(); ++i) { - for(SyncRes::AuthDomain::records_t::const_iterator j = i->second.d_records.begin(); j != i->second.d_records.end(); ++j) - broadcastAccFunction(boost::bind(pleaseWipeCache, j->d_name, false)); + for(const auto& i : *t_sstorage->domainmap) { + for(const auto& j : i.second.d_records) + broadcastAccFunction(boost::bind(pleaseWipeCache, j.d_name, false)); } string configname=::arg()["config-dir"]+"/recursor.conf"; @@ -285,17 +285,16 @@ string reloadAuthAndForwards() ::arg().preParse(g_argc, g_argv, "export-etc-hosts"); ::arg().preParse(g_argc, g_argv, "serve-rfc1918"); - SyncRes::domainmap_t* newDomainMap = parseAuthAndForwards(); + std::shared_ptr newDomainMap = parseAuthAndForwards(); // purge again - new zones need to blank out the cache - for(SyncRes::domainmap_t::const_iterator i = newDomainMap->begin(); i != newDomainMap->end(); ++i) { - broadcastAccFunction(boost::bind(pleaseWipeCache, i->first, true)); - broadcastAccFunction(boost::bind(pleaseWipePacketCache, i->first, true)); - broadcastAccFunction(boost::bind(pleaseWipeAndCountNegCache, i->first, true)); + for(const auto& i : *newDomainMap) { + broadcastAccFunction(boost::bind(pleaseWipeCache, i.first, true)); + broadcastAccFunction(boost::bind(pleaseWipePacketCache, i.first, true)); + broadcastAccFunction(boost::bind(pleaseWipeAndCountNegCache, i.first, true)); } - broadcastFunction(boost::bind(pleaseUseNewSDomainsMap, newDomainMap)); - delete original; + broadcastFunction(boost::bind(pleaseUseNewSDomainsMap, newDomainMap)); return "ok\n"; } catch(std::exception& e) { @@ -397,12 +396,12 @@ void RPZIXFRTracker(const ComboAddress& master, const DNSName& zoneName, boost:: } } -SyncRes::domainmap_t* parseAuthAndForwards() +std::shared_ptr parseAuthAndForwards() { TXTRecordContent::report(); OPTRecordContent::report(); - SyncRes::domainmap_t* newMap = new SyncRes::domainmap_t(); + auto newMap = std::make_shared(); typedef vector parts_t; parts_t parts; @@ -430,11 +429,9 @@ SyncRes::domainmap_t* parseAuthAndForwards() dr.d_place=DNSResourceRecord::ANSWER; } catch(std::exception &e) { - delete newMap; throw PDNSException("Error parsing record '"+rr.qname.toString()+"' of type "+rr.qtype.getName()+" in zone '"+headers.first+"' from file '"+headers.second+"': "+e.what()); } catch(...) { - delete newMap; throw PDNSException("Error parsing record '"+rr.qname.toString()+"' of type "+rr.qtype.getName()+" in zone '"+headers.first+"' from file '"+headers.second+"'"); } @@ -466,7 +463,6 @@ SyncRes::domainmap_t* parseAuthAndForwards() FILE *rfp=fopen(::arg()["forward-zones-file"].c_str(), "r"); if(!rfp) { - delete newMap; throw PDNSException("Error opening forward-zones-file '"+::arg()["forward-zones-file"]+"': "+stringerror()); } @@ -494,7 +490,6 @@ SyncRes::domainmap_t* parseAuthAndForwards() else ad.d_rdForward = false; if(domain.empty()) { - delete newMap; throw PDNSException("Error parsing line "+std::to_string(linenum)+" of " +::arg()["forward-zones-file"]); } @@ -502,7 +497,6 @@ SyncRes::domainmap_t* parseAuthAndForwards() convertServersForAD(instructions, ad, ",; ", false); } catch(...) { - delete newMap; throw PDNSException("Conversion error parsing line "+std::to_string(linenum)+" of " +::arg()["forward-zones-file"]); } diff --git a/pdns/syncres.cc b/pdns/syncres.cc index 1fa95b0bad..3cea08afac 100644 --- a/pdns/syncres.cc +++ b/pdns/syncres.cc @@ -78,6 +78,10 @@ unsigned int SyncRes::s_maxtotusec; unsigned int SyncRes::s_maxdepth; string SyncRes::s_serverID; SyncRes::LogMode SyncRes::s_lm; +std::unordered_set SyncRes::s_delegationOnly; +std::unique_ptr SyncRes::s_dontQuery{nullptr}; +NetmaskGroup SyncRes::s_ednssubnets; +SuffixMatchNode SyncRes::s_ednsdomains; #define LOG(x) if(d_lm == Log) { L <nsSpeeds) + { + count++; + fprintf(fp, "%s -> ", i.first.toString().c_str()); + for(const auto& j : i.second.d_collection) + { + // typedef vector > collection_t; + fprintf(fp, "%s/%f ", j.first.toString().c_str(), j.second.peek()); + } + fprintf(fp, "\n"); + } + fclose(fp); + return count; +} + /* so here is the story. First we complete the full resolution process for a domain name. And only THEN do we decide to also do DNSSEC validation, which leads to new queries. To make this simple, we *always* ask for DNSSEC records so that if there are RRSIGs for a name, we'll have them. @@ -1088,8 +1115,6 @@ vector SyncRes::retrieveAddressesForNS(const std::string& prefix, bool SyncRes::throttledOrBlocked(const std::string& prefix, const ComboAddress& remoteIP, const DNSName& qname, const QType& qtype, bool pierceDontQuery) { - extern NetmaskGroup* g_dontQuery; - if(t_sstorage->throttle.shouldThrottle(d_now.tv_sec, boost::make_tuple(remoteIP, "", 0))) { LOG(prefix<match(&remoteIP)) { + else if(!pierceDontQuery && s_dontQuery && s_dontQuery->match(&remoteIP)) { LOG(prefix< SyncRes::getEDNSSubnetMask(const ComboAddress& local, c return result; } - if(g_ednsdomains.check(dn) || g_ednssubnets.match(rem)) { + if(s_ednsdomains.check(dn) || s_ednssubnets.match(rem)) { bits = std::min(bits, (trunc.isIPv4() ? s_ecsipv4limit : s_ecsipv6limit)); trunc.truncate(bits); return boost::optional(Netmask(trunc, bits)); @@ -1634,6 +1659,20 @@ boost::optional SyncRes::getEDNSSubnetMask(const ComboAddress& local, c return result; } +void SyncRes::parseEDNSSubnetWhitelist(const std::string& wlist) +{ + vector parts; + stringtok(parts, wlist, ",; "); + for(const auto& a : parts) { + try { + s_ednssubnets.addMask(Netmask(a)); + } + catch(...) { + s_ednsdomains.add(DNSName(a)); + } + } +} + // used by PowerDNSLua - note that this neglects to add the packet count & statistics back to pdns_ercursor.cc int directResolve(const DNSName& qname, const QType& qtype, int qclass, vector& ret) { diff --git a/pdns/syncres.hh b/pdns/syncres.hh index e0d110178d..1b14687538 100644 --- a/pdns/syncres.hh +++ b/pdns/syncres.hh @@ -59,8 +59,6 @@ #include #endif -void primeHints(void); - class RecursorLua4; typedef map< @@ -279,10 +277,60 @@ class SyncRes : public boost::noncopyable { public: enum LogMode { LogNone, Log, Store}; + typedef std::function& srcmask, boost::optional context, std::shared_ptr outgoingLogger, LWResult *lwr)> asyncresolve_t; - explicit SyncRes(const struct timeval& now); + static void setDefaultLogMode(LogMode lm) + { + s_lm = lm; + } + static void doEDNSDumpAndClose(int fd); + static uint64_t doDumpNSSpeeds(int fd); + static int getRootNS(struct timeval now, asyncresolve_t asyncCallback); + static void clearDelegationOnly() + { + s_delegationOnly.clear(); + } + static void addDelegationOnly(const DNSName& name) + { + s_delegationOnly.insert(name); + } + static void addDontQuery(const std::string& mask) + { + if (!s_dontQuery) + s_dontQuery = std::unique_ptr(new NetmaskGroup()); - typedef std::function& srcmask, boost::optional context, std::shared_ptr outgoingLogger, LWResult *lwr)> asyncresolve_t; + s_dontQuery->addMask(mask); + } + static void addDontQuery(const Netmask& mask) + { + if (!s_dontQuery) + s_dontQuery = std::unique_ptr(new NetmaskGroup()); + + s_dontQuery->addMask(mask); + } + static void clearDontQuery() + { + s_dontQuery = nullptr; + } + static void parseEDNSSubnetWhitelist(const std::string& wlist); + static void addEDNSSubnet(const Netmask& subnet) + { + s_ednssubnets.addMask(subnet); + } + static void addEDNSDomain(const DNSName& domain) + { + s_ednsdomains.add(domain); + } + static void clearEDNSSubnets() + { + s_ednssubnets.clear(); + } + static void clearEDNSDomains() + { + s_ednsdomains = SuffixMatchNode(); + } + + explicit SyncRes(const struct timeval& now); int beginResolve(const DNSName &qname, const QType &qtype, uint16_t qclass, vector&ret); void setId(int id) @@ -290,10 +338,6 @@ public: if(doLog()) d_prefix="["+itoa(id)+"] "; } - static void setDefaultLogMode(LogMode lm) - { - s_lm = lm; - } void setLogMode(LogMode lm) { @@ -386,9 +430,6 @@ public: d_asyncResolve = func; } - static void doEDNSDumpAndClose(int fd); - static int getRootNS(struct timeval now, asyncresolve_t asyncCallback); - static std::atomic s_queries; static std::atomic s_outgoingtimeouts; static std::atomic s_outgoing4timeouts; @@ -399,11 +440,7 @@ public: static std::atomic s_tcpoutqueries; static std::atomic s_nodelegated; static std::atomic s_unreachables; - static unsigned int s_minimumTTL; - static bool s_doIPv6; - static unsigned int s_maxqperq; - static unsigned int s_maxtotusec; - static unsigned int s_maxdepth; + std::unordered_map d_discardedPolicies; DNSFilterEngine::Policy d_appliedPolicy; unsigned int d_outqueries; @@ -475,9 +512,6 @@ public: typedef map ednsstatus_t; - static bool s_noEDNSPing; - static bool s_noEDNS; - static bool s_rootNXTrust; struct AuthDomain { vector d_servers; @@ -500,11 +534,15 @@ public: typedef map domainmap_t; - typedef Throttle > throttle_t; typedef Counters fails_t; + static string s_serverID; + static unsigned int s_minimumTTL; + static unsigned int s_maxqperq; + static unsigned int s_maxtotusec; + static unsigned int s_maxdepth; static unsigned int s_maxnegttl; static unsigned int s_maxcachettl; static unsigned int s_packetcachettl; @@ -513,21 +551,41 @@ public: static unsigned int s_serverdownthrottletime; static uint8_t s_ecsipv4limit; static uint8_t s_ecsipv6limit; + static bool s_doIPv6; + static bool s_noEDNSPing; + static bool s_noEDNS; + static bool s_rootNXTrust; static bool s_nopacketcache; - static string s_serverID; struct StaticStorage { nsspeeds_t nsSpeeds; ednsstatus_t ednsstatus; throttle_t throttle; fails_t fails; - domainmap_t* domainmap; + std::shared_ptr domainmap; map dnssecmap; NegCache negcache; }; private: - struct GetBestNSAnswer; + static std::unordered_set s_delegationOnly; + static NetmaskGroup s_ednssubnets; + static SuffixMatchNode s_ednsdomains; + static LogMode s_lm; + static std::unique_ptr s_dontQuery; + + struct GetBestNSAnswer + { + DNSName qname; + set > bestns; + uint8_t qtype; // only A and AAAA anyhow + bool operator<(const GetBestNSAnswer &b) const + { + return boost::tie(qname, qtype, bestns) < + boost::tie(b.qname, b.qtype, b.bestns); + } + }; + int doResolveAt(NsSet &nameservers, DNSName auth, bool flawedNSSet, const DNSName &qname, const QType &qtype, vector&ret, unsigned int depth, set&beenthere); int doResolve(const DNSName &qname, const QType &qtype, vector&ret, unsigned int depth, set& beenthere); @@ -582,21 +640,7 @@ private: bool d_wasOutOfBand{false}; bool d_wasVariable{false}; - static LogMode s_lm; LogMode d_lm; - - struct GetBestNSAnswer - { - DNSName qname; - set > bestns; - uint8_t qtype; // only A and AAAA anyhow - bool operator<(const GetBestNSAnswer &b) const - { - return boost::tie(qname, qtype, bestns) < - boost::tie(b.qname, b.qtype, b.bestns); - } - }; - }; extern __thread SyncRes::StaticStorage* t_sstorage; @@ -750,7 +794,6 @@ string doTraceRegex(vector::const_iterator begin, vector::const_ void parseACLs(); extern RecursorStats g_stats; extern unsigned int g_numThreads; -extern std::unordered_set g_delegationOnly; extern uint16_t g_outgoingEDNSBufsize; @@ -765,7 +808,7 @@ int directResolve(const DNSName& qname, const QType& qtype, int qclass, vector T broadcastAccFunction(const boost::function& func, bool skipSelf=false); -SyncRes::domainmap_t* parseAuthAndForwards(); +std::shared_ptr parseAuthAndForwards(); uint64_t* pleaseGetNsSpeedsSize(); uint64_t* pleaseGetCacheSize(); uint64_t* pleaseGetNegCacheSize(); @@ -779,13 +822,10 @@ uint64_t* pleaseWipeCache(const DNSName& canon, bool subtree=false); uint64_t* pleaseWipePacketCache(const DNSName& canon, bool subtree); uint64_t* pleaseWipeAndCountNegCache(const DNSName& canon, bool subtree=false); void doCarbonDump(void*); -void parseEDNSSubnetWhitelist(const std::string& wlist); +void primeHints(void); extern __thread struct timeval g_now; -extern NetmaskGroup g_ednssubnets; -extern SuffixMatchNode g_ednsdomains; - #ifdef HAVE_PROTOBUF extern __thread boost::uuids::random_generator* t_uuidGenerator; #endif