fix(dnsdist): use RAII to set InternalQueryState::appliedRulesToQuery

author Pieter Lexis <pieter.lexis@powerdns.com>

Wed, 12 Nov 2025 11:52:12 +0000 (12:52 +0100)

committer Pieter Lexis <pieter.lexis@powerdns.com>

Fri, 14 Nov 2025 15:03:56 +0000 (16:03 +0100)
author Pieter Lexis <pieter.lexis@powerdns.com>
Wed, 12 Nov 2025 11:52:12 +0000 (12:52 +0100)
committer Pieter Lexis <pieter.lexis@powerdns.com>
Fri, 14 Nov 2025 15:03:56 +0000 (16:03 +0100)
diff --git a/pdns/dnsdistdist/dnsdist-idstate.cc b/pdns/dnsdistdist/dnsdist-idstate.cc

index 6f9c11f634b538bd6385e354508cfe8e20606256..b572463689f90fb35aa0e4736ff7271629ed5f62 100644 (file)
--- a/pdns/dnsdistdist/dnsdist-idstate.cc
+++ b/pdns/dnsdistdist/dnsdist-idstate.cc
@@ -88,7 +88,7 @@ std::optional<pdns::trace::dnsdist::Tracer::Closer> InternalQueryState::getClose
    // getTracer returns a Tracer when tracing is globally enabled
    // tracingEnabled tells us whether or not tracing is enabled for this query
    // Should tracing be disabled, *but* we have not processed query rules, we will still return a closer if tracing is globally enabled
-  if (auto tracer = getTracer(); tracer != nullptr && (tracingEnabled || !tracingPastProcessRules)) {
+  if (auto tracer = getTracer(); tracer != nullptr && (tracingEnabled || !rulesAppliedToQuery)) {
      ret = std::optional<pdns::trace::dnsdist::Tracer::Closer>(d_OTTracer->openSpan(name, parentSpanID));
    }
  #endif
diff --git a/pdns/dnsdistdist/dnsdist-idstate.hh b/pdns/dnsdistdist/dnsdist-idstate.hh

index a64597ed8d79b9305f682a744d9c8c74d8d59375..59f2ffe5170ec0486e615f4b7046f929a63b3280 100644 (file)
--- a/pdns/dnsdistdist/dnsdist-idstate.hh
+++ b/pdns/dnsdistdist/dnsdist-idstate.hh
@@ -235,7 +235,22 @@ public:
    bool cacheHit{false};
    bool staleCacheHit{false};
    bool tracingEnabled{false}; // Whether or not Open Telemetry tracing is enabled for this query
-  bool tracingPastProcessRules{false}; // Whether processRules has been called for the query, used to determine if we can trace
+  bool rulesAppliedToQuery{false}; // Whether applyRulesToQuery has been called for the query, used to determine if we need to trace
+  struct rulesAppliedToQuerySetter
+  {
+    rulesAppliedToQuerySetter(bool& pastProcessRules) :
+      d_rulesAppliedToQuery(pastProcessRules)
+    {
+      d_rulesAppliedToQuery = false;
+    }
+    ~rulesAppliedToQuerySetter()
+    {
+      d_rulesAppliedToQuery = true;
+    }
+
+  private:
+    bool& d_rulesAppliedToQuery;
+  };
  };
  
  struct IDState
diff --git a/pdns/dnsdistdist/dnsdist.cc b/pdns/dnsdistdist/dnsdist.cc

index 99d2164fa40242991eb90497050cd60621172403..3e28057ce8816a0803163f7a286b9860474146e5 100644 (file)
--- a/pdns/dnsdistdist/dnsdist.cc
+++ b/pdns/dnsdistdist/dnsdist.cc
@@ -1046,6 +1046,7 @@ static bool applyRulesChainToQuery(const std::vector<dnsdist::rules::RuleAction>
  
  static bool applyRulesToQuery(DNSQuestion& dnsQuestion, const timespec& now)
  {
+  InternalQueryState::rulesAppliedToQuerySetter tpprs(dnsQuestion.ids.rulesAppliedToQuery); // Ensure IDS knows we are past the rules processing when we exit this function
    auto closer = dnsQuestion.ids.getCloser("applyRulesToQuery");
    if (g_rings.shouldRecordQueries()) {
      g_rings.insertQuery(now, dnsQuestion.ids.origRemote, dnsQuestion.ids.qname, dnsQuestion.ids.qtype, dnsQuestion.getData().size(), *dnsQuestion.getHeader(), dnsQuestion.getProtocol());
@@ -1100,7 +1101,6 @@ static bool applyRulesToQuery(DNSQuestion& dnsQuestion, const timespec& now)
          updateBlockStats();
  
          setRCode(RCode::NXDomain);
-        dnsQuestion.ids.tracingPastProcessRules = true;
          return true;
  
        case DNSAction::Action::Refused:
@@ -1108,7 +1108,6 @@ static bool applyRulesToQuery(DNSQuestion& dnsQuestion, const timespec& now)
          updateBlockStats();
  
          setRCode(RCode::Refused);
-        dnsQuestion.ids.tracingPastProcessRules = true;
          return true;
  
        case DNSAction::Action::Truncate:
@@ -1123,7 +1122,6 @@ static bool applyRulesToQuery(DNSQuestion& dnsQuestion, const timespec& now)
              header.ad = false;
              return true;
            });
-          dnsQuestion.ids.tracingPastProcessRules = true;
            return true;
          }
          else {
@@ -1137,7 +1135,6 @@ static bool applyRulesToQuery(DNSQuestion& dnsQuestion, const timespec& now)
            header.rd = false;
            return true;
          });
-        dnsQuestion.ids.tracingPastProcessRules = true;
          return true;
        case DNSAction::Action::SetTag: {
          if (!got->second.tagSettings) {
@@ -1155,7 +1152,6 @@ static bool applyRulesToQuery(DNSQuestion& dnsQuestion, const timespec& now)
        default:
          updateBlockStats();
          vinfolog("Query from %s dropped because of dynamic block", dnsQuestion.ids.origRemote.toStringWithPort());
-        dnsQuestion.ids.tracingPastProcessRules = true;
          return false;
        }
      }
@@ -1181,14 +1177,12 @@ static bool applyRulesToQuery(DNSQuestion& dnsQuestion, const timespec& now)
          updateBlockStats();
  
          setRCode(RCode::NXDomain);
-        dnsQuestion.ids.tracingPastProcessRules = true;
          return true;
        case DNSAction::Action::Refused:
          vinfolog("Query from %s for %s refused because of dynamic block", dnsQuestion.ids.origRemote.toStringWithPort(), dnsQuestion.ids.qname.toLogString());
          updateBlockStats();
  
          setRCode(RCode::Refused);
-        dnsQuestion.ids.tracingPastProcessRules = true;
          return true;
        case DNSAction::Action::Truncate:
          if (!dnsQuestion.overTCP()) {
@@ -1203,7 +1197,6 @@ static bool applyRulesToQuery(DNSQuestion& dnsQuestion, const timespec& now)
              header.ad = false;
              return true;
            });
-          dnsQuestion.ids.tracingPastProcessRules = true;
            return true;
          }
          else {
@@ -1217,7 +1210,6 @@ static bool applyRulesToQuery(DNSQuestion& dnsQuestion, const timespec& now)
            header.rd = false;
            return true;
          });
-        dnsQuestion.ids.tracingPastProcessRules = true;
          return true;
        case DNSAction::Action::SetTag: {
          if (!got->tagSettings) {
@@ -1235,7 +1227,6 @@ static bool applyRulesToQuery(DNSQuestion& dnsQuestion, const timespec& now)
        default:
          updateBlockStats();
          vinfolog("Query from %s for %s dropped because of dynamic block", dnsQuestion.ids.origRemote.toStringWithPort(), dnsQuestion.ids.qname.toLogString());
-        dnsQuestion.ids.tracingPastProcessRules = true;
          return false;
        }
      }
@@ -1244,9 +1235,7 @@ static bool applyRulesToQuery(DNSQuestion& dnsQuestion, const timespec& now)
  
    const auto& chains = dnsdist::configuration::getCurrentRuntimeConfiguration().d_ruleChains;
    const auto& queryRules = dnsdist::rules::getRuleChain(chains, dnsdist::rules::RuleChain::Rules);
-  auto ret = applyRulesChainToQuery(queryRules, dnsQuestion);
-  dnsQuestion.ids.tracingPastProcessRules = true;
-  return ret;
+  return applyRulesChainToQuery(queryRules, dnsQuestion);
  }
  
  ssize_t udpClientSendRequestToBackend(const std::shared_ptr<DownstreamState>& backend, const int socketDesc, const PacketBuffer& request, bool healthCheck)
author	Pieter Lexis <pieter.lexis@powerdns.com>
	Wed, 12 Nov 2025 11:52:12 +0000 (12:52 +0100)
committer	Pieter Lexis <pieter.lexis@powerdns.com>
	Fri, 14 Nov 2025 15:03:56 +0000 (16:03 +0100)
pdns/dnsdistdist/dnsdist-idstate.cc		patch \| blob \| blame \| history
pdns/dnsdistdist/dnsdist-idstate.hh		patch \| blob \| blame \| history
pdns/dnsdistdist/dnsdist.cc		patch \| blob \| blame \| history