From 4a62d2bfe4ea39bbc5601d303bc7c3e1a7196126 Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Wed, 17 Nov 2021 15:53:27 +0100
Subject: [PATCH] dnsdist: Add a function to know how many TLS sessions are
 currently cached

Also dump the number of cached (active and idle) outgoing connections
when requested.
---
 pdns/dnsdist-console.cc                    |  1 +
 pdns/dnsdist-lua.cc                        |  5 +++++
 pdns/dnsdist-tcp.cc                        |  1 +
 pdns/dnsdistdist/dnsdist-nghttp2.cc        |  1 +
 pdns/dnsdistdist/dnsdist-session-cache.cc  | 10 ++++++++++
 pdns/dnsdistdist/dnsdist-session-cache.hh  |  2 ++
 pdns/dnsdistdist/docs/reference/config.rst |  6 ++++++
 7 files changed, 26 insertions(+)

diff --git a/pdns/dnsdist-console.cc b/pdns/dnsdist-console.cc
index 44e33cc027..f9e47106d0 100644
--- a/pdns/dnsdist-console.cc
+++ b/pdns/dnsdist-console.cc
@@ -457,6 +457,7 @@ const std::vector<ConsoleKeyword> g_consoleKeywords{
   { "getDNSCryptBindCount", true, "", "returns the number of DNSCrypt listeners" },
   { "getDOHFrontend", true, "n", "returns the DOH frontend with index n" },
   { "getDOHFrontendCount", true, "", "returns the number of DoH listeners" },
+  { "getOutgoingTLSSessionCacheSize", true, "", "returns the number of TLS sessions (for outgoing connections) currently cached" },
   { "getPool", true, "name", "return the pool named `name`, or \"\" for the default pool" },
   { "getPoolServers", true, "pool", "return servers part of this pool" },
   { "getQueryCounters", true, "[max=10]", "show current buffer of query counters, limited by 'max' if provided" },
diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc
index fde21a9fcc..76746b3f3f 100644
--- a/pdns/dnsdist-lua.cc
+++ b/pdns/dnsdist-lua.cc
@@ -1346,6 +1346,11 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck)
     TLSSessionCache::setSessionValidity(validity);
   });
 
+  luaCtx.writeFunction("getOutgoingTLSSessionCacheSize", []() {
+    setLuaNoSideEffect();
+    return g_sessionCache.getSize();
+  });
+
   luaCtx.writeFunction("setCacheCleaningDelay", [](uint64_t delay) {
     checkParameterBound("setCacheCleaningDelay", delay, std::numeric_limits<uint32_t>::max());
     g_cacheCleaningDelay = delay;
diff --git a/pdns/dnsdist-tcp.cc b/pdns/dnsdist-tcp.cc
index 5d3a422a8e..f181d751a6 100644
--- a/pdns/dnsdist-tcp.cc
+++ b/pdns/dnsdist-tcp.cc
@@ -1277,6 +1277,7 @@ static void tcpClientThread(int pipefd, int crossProtocolQueriesPipeFD, int cros
                   errlog(" - Worker thread pipe");
                 }
               });
+              errlog("The TCP/DoT client cache has %d active and %d idle outgoing connections cached", t_downstreamTCPConnectionsManager.getActiveCount(), t_downstreamTCPConnectionsManager.getIdleCount());
             }
           }
         }
diff --git a/pdns/dnsdistdist/dnsdist-nghttp2.cc b/pdns/dnsdistdist/dnsdist-nghttp2.cc
index 5df7f337c8..9d5781e332 100644
--- a/pdns/dnsdistdist/dnsdist-nghttp2.cc
+++ b/pdns/dnsdistdist/dnsdist-nghttp2.cc
@@ -924,6 +924,7 @@ static void dohClientThread(int crossProtocolPipeFD)
                   errlog(" - Worker thread pipe");
                 }
               });
+              errlog("The DoH client cache has %d active and %d idle outgoing connections cached", t_downstreamDoHConnectionsManager.getActiveCount(), t_downstreamDoHConnectionsManager.getIdleCount());
             }
           }
         }
diff --git a/pdns/dnsdistdist/dnsdist-session-cache.cc b/pdns/dnsdistdist/dnsdist-session-cache.cc
index b227efd2c6..42ba272ed4 100644
--- a/pdns/dnsdistdist/dnsdist-session-cache.cc
+++ b/pdns/dnsdistdist/dnsdist-session-cache.cc
@@ -78,3 +78,13 @@ std::unique_ptr<TLSSession> TLSSessionCache::getSession(const boost::uuids::uuid
 
   return value;
 }
+
+size_t TLSSessionCache::getSize()
+{
+  size_t count = 0;
+  auto data = d_data.lock();
+  for (const auto& backend : data->d_sessions) {
+    count += backend.second.d_sessions.size();
+  }
+  return count;
+}
diff --git a/pdns/dnsdistdist/dnsdist-session-cache.hh b/pdns/dnsdistdist/dnsdist-session-cache.hh
index 47d76bc478..1881fb1af5 100644
--- a/pdns/dnsdistdist/dnsdist-session-cache.hh
+++ b/pdns/dnsdistdist/dnsdist-session-cache.hh
@@ -53,6 +53,8 @@ public:
     s_maxSessionsPerBackend = max;
   }
 
+  size_t getSize();
+
 private:
   static time_t s_cleanupDelay;
   static time_t s_sessionValidity;
diff --git a/pdns/dnsdistdist/docs/reference/config.rst b/pdns/dnsdistdist/docs/reference/config.rst
index b2386707f0..7d93539b06 100644
--- a/pdns/dnsdistdist/docs/reference/config.rst
+++ b/pdns/dnsdistdist/docs/reference/config.rst
@@ -943,6 +943,12 @@ Status, Statistics and More
 
   Return the number of DOHFrontend binds.
 
+.. function:: getOutgoingTLSSessionCacheSize()
+
+  .. versionadded:: 1.7.0
+
+  Return the number of TLS sessions (for outgoing connections) currently cached.
+
 .. function:: getTLSContext(idx)
 
   Return the TLSContext object for the context of index ``idx``.
-- 
2.47.2