From 8239c9548b95b4b7632f0c8b7b9dfc8a2c95e3a0 Mon Sep 17 00:00:00 2001 From: Otto Moerbeek Date: Tue, 10 Jan 2023 14:48:39 +0100 Subject: [PATCH] rec: Backport 12407 to rec-4.8.x: do not chain ecs enabled queries Backport of #12407 --- pdns/lwres.cc | 2 +- pdns/lwres.hh | 2 +- pdns/pdns_recursor.cc | 32 +++++++++++++++++++------------- 3 files changed, 21 insertions(+), 15 deletions(-) diff --git a/pdns/lwres.cc b/pdns/lwres.cc index 7cc80f4e59..3329c1758f 100644 --- a/pdns/lwres.cc +++ b/pdns/lwres.cc @@ -469,7 +469,7 @@ static LWResult::Result asyncresolve(const ComboAddress& ip, const DNSName& doma g_stats.ipv6queries++; } - ret = asendto((const char*)&*vpacket.begin(), vpacket.size(), 0, ip, qid, domain, type, &queryfd); + ret = asendto((const char*)&*vpacket.begin(), vpacket.size(), 0, ip, qid, domain, type, weWantEDNSSubnet, &queryfd); if (ret != LWResult::Result::Success) { return ret; diff --git a/pdns/lwres.hh b/pdns/lwres.hh index 38a8817a1e..85ea64da0e 100644 --- a/pdns/lwres.hh +++ b/pdns/lwres.hh @@ -75,7 +75,7 @@ public: }; LWResult::Result asendto(const char *data, size_t len, int flags, const ComboAddress& ip, uint16_t id, - const DNSName& domain, uint16_t qtype, int* fd); + const DNSName& domain, uint16_t qtype, bool ecs, int* fd); LWResult::Result arecvfrom(PacketBuffer& packet, int flags, const ComboAddress& ip, size_t *d_len, uint16_t id, const DNSName& domain, uint16_t qtype, int fd, const struct timeval* now); diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc index ee826d784d..6e9a32b4a0 100644 --- a/pdns/pdns_recursor.cc +++ b/pdns/pdns_recursor.cc @@ -261,7 +261,7 @@ thread_local std::unique_ptr t_udpclientsocks; /* these two functions are used by LWRes */ LWResult::Result asendto(const char* data, size_t len, int flags, - const ComboAddress& toaddr, uint16_t id, const DNSName& domain, uint16_t qtype, int* fd) + const ComboAddress& toaddr, uint16_t id, const DNSName& domain, uint16_t qtype, bool ecs, int* fd) { auto pident = std::make_shared(); @@ -269,18 +269,24 @@ LWResult::Result asendto(const char* data, size_t len, int flags, pident->remote = toaddr; pident->type = qtype; - // see if there is an existing outstanding request we can chain on to, using partial equivalence function looking for the same - // query (qname and qtype) to the same host, but with a different message ID - pair chain = MT->d_waiters.equal_range(pident, PacketIDBirthdayCompare()); - - for (; chain.first != chain.second; chain.first++) { - // Line below detected an issue with the two ways of ordering PackeIDs (birtday and non-birthday) - assert(chain.first->key->domain == pident->domain); - if (chain.first->key->fd > -1 && !chain.first->key->closed) { // don't chain onto existing chained waiter or a chain already processed - // cerr << "Insert " << id << ' ' << pident << " into chain for " << chain.first->key << endl; - chain.first->key->chain.insert(id); // we can chain - *fd = -1; // gets used in waitEvent / sendEvent later on - return LWResult::Result::Success; + // We cannot merge ECS-enabled queries based on the ECS source only, as the scope + // of the response might be narrower, so instead we do not chain ECS-enabled queries + // at all. + if (!ecs) { + // See if there is an existing outstanding request we can chain on to, using partial equivalence + // function looking for the same query (qname and qtype) to the same host, but with a different + // message ID. + auto chain = MT->d_waiters.equal_range(pident, PacketIDBirthdayCompare()); + + for (; chain.first != chain.second; chain.first++) { + // Line below detected an issue with the two ways of ordering PacketIDs (birthday and non-birthday) + assert(chain.first->key->domain == pident->domain); + // don't chain onto existing chained waiter or a chain already processed + if (chain.first->key->fd > -1 && !chain.first->key->closed) { + chain.first->key->chain.insert(id); // we can chain + *fd = -1; // gets used in waitEvent / sendEvent later on + return LWResult::Result::Success; + } } } -- 2.47.2