From: Otto Moerbeek Date: Mon, 1 Apr 2019 12:27:27 +0000 (+0200) Subject: Reformulate condition and comment to make it more clear. X-Git-Tag: dnsdist-1.4.0-alpha1~37^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F7631%2Fhead;p=thirdparty%2Fpdns.git Reformulate condition and comment to make it more clear. --- diff --git a/pdns/recursordist/docs/settings.rst b/pdns/recursordist/docs/settings.rst index ceb92bcf05..10613c0e1f 100644 --- a/pdns/recursordist/docs/settings.rst +++ b/pdns/recursordist/docs/settings.rst @@ -432,7 +432,7 @@ Can be set at runtime using ``rec_control set-ecs-minimum-ttl 3600``. - Integer - Default: 0 (disabled) -The minumum TTL for an ECS-specific answer to be inserted into the query cache. This condition applies in conjunction with ``ecs-ipv4-cache-bits`` or ``ecs-ipv6-cache-bits``. +The minimum TTL for an ECS-specific answer to be inserted into the query cache. This condition applies in conjunction with ``ecs-ipv4-cache-bits`` or ``ecs-ipv6-cache-bits``. That is, only if both the limits apply, the record will not be cached. .. _setting-ecs-scope-zero-address: diff --git a/pdns/recursordist/test-syncres_cc.cc b/pdns/recursordist/test-syncres_cc.cc index 52ca667af6..4b5e629722 100644 --- a/pdns/recursordist/test-syncres_cc.cc +++ b/pdns/recursordist/test-syncres_cc.cc @@ -2175,7 +2175,7 @@ BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_no_ttl_limit_allowed) { BOOST_CHECK_EQUAL(res, RCode::NoError); BOOST_CHECK_EQUAL(ret.size(), 1); - /* should have been cached because /24 is more specific than /16 but TTL limit is nof efective */ + /* should have been cached because /24 is more specific than /16 but TTL limit is nof effective */ const ComboAddress who("192.0.2.128"); vector cached; BOOST_REQUIRE_GT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0); diff --git a/pdns/syncres.cc b/pdns/syncres.cc index 3af79100d4..1b71d3c190 100644 --- a/pdns/syncres.cc +++ b/pdns/syncres.cc @@ -2421,14 +2421,13 @@ RCode::rcodes_ SyncRes::updateCacheFromRecords(unsigned int depth, LWResult& lwr */ if (i->first.type != QType::NSEC3 && (i->first.type == QType::DS || i->first.type == QType::NS || i->first.type == QType::A || i->first.type == QType::AAAA || isAA || wasForwardRecurse)) { - bool doCache = i->first.place != DNSResourceRecord::ANSWER || !ednsmask; - // if ednsmask is relevant, we do not want to cache if the scope > ecslimit and TTL < limitttl - if (!doCache && ednsmask) { - bool manyMaskBits = (ednsmask->isIpv4() && ednsmask->getBits() > SyncRes::s_ecsipv4cachelimit) || + bool doCache = true; + if (i->first.place == DNSResourceRecord::ANSWER && ednsmask) { + // If ednsmask is relevant, we do not want to cache if the scope prefix length is large and TTL is small + if (SyncRes::s_ecscachelimitttl > 0) { + bool manyMaskBits = (ednsmask->isIpv4() && ednsmask->getBits() > SyncRes::s_ecsipv4cachelimit) || (ednsmask->isIpv6() && ednsmask->getBits() > SyncRes::s_ecsipv6cachelimit); - doCache = true; - if (SyncRes::s_ecscachelimitttl > 0) { if (manyMaskBits) { uint32_t minttl = UINT32_MAX; for (const auto &it : i->second.records) {