From: Otto Moerbeek Date: Fri, 14 Jul 2023 10:52:08 +0000 (+0200) Subject: Do not store tags set by gettag(_ffi) into the PC by keeping them separate. X-Git-Tag: rec-5.0.0-alpha1~99^2~1 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a4d0f523387959023ac4514fe5c07223e184ff14;p=thirdparty%2Fpdns.git Do not store tags set by gettag(_ffi) into the PC by keeping them separate. We do pass them to the other Lua functions, but take care to erase them aagin before creating the partial PB message stored into the cache. --- diff --git a/pdns/recursordist/pdns_recursor.cc b/pdns/recursordist/pdns_recursor.cc index 1b982ab1f1..ba9771580d 100644 --- a/pdns/recursordist/pdns_recursor.cc +++ b/pdns/recursordist/pdns_recursor.cc @@ -906,6 +906,18 @@ static uint32_t capPacketCacheTTL(const struct dnsheader& hdr, uint32_t ttl, boo return ttl; } +static void addPolicyTagsToPBMessageIfNeeded(DNSComboWriter& comboWriter, pdns::ProtoZero::RecMessage& pbMessage) +{ + if (!comboWriter.d_gettagPolicyTags.empty()) { + for (const auto& tag : comboWriter.d_gettagPolicyTags) { + comboWriter.d_policyTags.erase(tag); + } + } + if (!comboWriter.d_policyTags.empty()) { + pbMessage.addPolicyTags(comboWriter.d_policyTags); + } +} + void startDoResolve(void* arg) // NOLINT(readability-function-cognitive-complexity): https://github.com/PowerDNS/pdns/issues/12791 { auto comboWriter = std::unique_ptr(static_cast(arg)); @@ -1681,6 +1693,8 @@ void startDoResolve(void* arg) // NOLINT(readability-function-cognitive-complexi } pbMessage.setInBytes(packet.size()); pbMessage.setValidationState(resolver.getValidationState()); + // See if we want to store the policyTags into th PC + addPolicyTagsToPBMessageIfNeeded(*comboWriter, pbMessage); // Take s snap of the current protobuf buffer state to store in the PC pbDataForCache = boost::make_optional(RecursorPacketCache::PBData{ @@ -1774,7 +1788,7 @@ void startDoResolve(void* arg) // NOLINT(readability-function-cognitive-complexi pbMessage.setDeviceId(dnsQuestion.deviceId); pbMessage.setDeviceName(dnsQuestion.deviceName); pbMessage.setToPort(comboWriter->d_destination.getPort()); - pbMessage.addPolicyTags(comboWriter->d_policyTags); + pbMessage.addPolicyTags(comboWriter->d_gettagPolicyTags); for (const auto& metaValue : dnsQuestion.meta) { pbMessage.setMeta(metaValue.first, metaValue.second.stringVal, metaValue.second.intVal); diff --git a/pdns/recursordist/rec-main.hh b/pdns/recursordist/rec-main.hh index 6d7dbc78fa..da2cd43cfa 100644 --- a/pdns/recursordist/rec-main.hh +++ b/pdns/recursordist/rec-main.hh @@ -59,7 +59,7 @@ struct DNSComboWriter } DNSComboWriter(const std::string& query, const struct timeval& now, std::unordered_set&& policyTags, shared_ptr luaContext, LuaContext::LuaObject&& data, std::vector&& records) : - d_mdp(true, query), d_now(now), d_query(query), d_policyTags(std::move(policyTags)), d_records(std::move(records)), d_luaContext(std::move(luaContext)), d_data(std::move(data)) + d_mdp(true, query), d_now(now), d_query(query), d_policyTags(std::move(policyTags)), d_gettagPolicyTags(d_policyTags), d_records(std::move(records)), d_luaContext(std::move(luaContext)), d_data(std::move(data)) { } @@ -125,6 +125,7 @@ struct DNSComboWriter }; std::string d_query; std::unordered_set d_policyTags; + const std::unordered_set d_gettagPolicyTags; std::string d_routingTag; std::vector d_records; diff --git a/regression-tests.recursor-dnssec/test_Protobuf.py b/regression-tests.recursor-dnssec/test_Protobuf.py index f2789e2efe..79d57e4561 100644 --- a/regression-tests.recursor-dnssec/test_Protobuf.py +++ b/regression-tests.recursor-dnssec/test_Protobuf.py @@ -96,7 +96,7 @@ class TestRecursorProtobuf(RecursorTest): #print("in getFirstProtobufMessage") for param in protobufServersParameters: - print(param.port) + #print(param.port) failed = 0 while param.queue.empty: @@ -944,6 +944,27 @@ auth-zones=example=configs/%s/example.zone""" % _confdir res = self.sendUDPQuery(query) self.assertRRsetInAnswer(res, expected) + # check the protobuf messages corresponding to the UDP query and answer + msg = self.getFirstProtobufMessage() + self.checkProtobufQuery(msg, dnsmessage_pb2.PBDNSMessage.UDP, query, dns.rdataclass.IN, dns.rdatatype.A, name) + self.checkProtobufTags(msg, [ self._tag_from_gettag ]) + # then the response + msg = self.getFirstProtobufMessage() + self.checkProtobufResponse(msg, dnsmessage_pb2.PBDNSMessage.UDP, res) + self.assertEqual(len(msg.response.rrs), 1) + rr = msg.response.rrs[0] + # we have max-cache-ttl set to 15 + self.checkProtobufResponseRecord(rr, dns.rdataclass.IN, dns.rdatatype.A, name, 15) + self.assertEqual(socket.inet_ntop(socket.AF_INET, rr.rdata), '192.0.2.84') + tags = [ self._tag_from_gettag ] + self._tags + #print(msg) + self.checkProtobufTags(msg, tags) + self.checkNoRemainingMessage() + + # Again to check PC case + res = self.sendUDPQuery(query) + self.assertRRsetInAnswer(res, expected) + # check the protobuf messages corresponding to the UDP query and answer msg = self.getFirstProtobufMessage() self.checkProtobufQuery(msg, dnsmessage_pb2.PBDNSMessage.UDP, query, dns.rdataclass.IN, dns.rdatatype.A, name) @@ -998,8 +1019,8 @@ auth-zones=example=configs/%s/example.zone""" % _confdir self.checkNoRemainingMessage() self.assertEqual(len(msg.response.tags), 1) ts1 = msg.response.tags[0] - #print(ts1) - # Again + + # Again to check PC case res = self.sendUDPQuery(query) self.assertRRsetInAnswer(res, expected) @@ -1013,7 +1034,6 @@ auth-zones=example=configs/%s/example.zone""" % _confdir self.checkNoRemainingMessage() self.assertEqual(len(msg.response.tags), 1) ts2 = msg.response.tags[0] - #print(ts2) self.assertNotEqual(ts1, ts2) class ProtobufSelectedFromLuaTest(TestRecursorProtobuf):