return count;
}
+void NegCache::purge(const DNSName& qname, QType qtype)
+{
+ auto& mc = getMap(qname);
+ auto content = mc.lock();
+ auto& idx = content->d_map.get<NegCacheEntry>();
+
+ auto range = idx.equal_range(qname);
+ auto ni = range.first;
+
+ while (ni != range.second) {
+ // We have an entry
+ if ((ni->d_qtype == QType::ENT) || ni->d_qtype == qtype) {
+ ni = idx.erase(ni);
+ }
+ else
+ ++ni;
+ }
+}
+
/*!
* Set ne to the NegCacheEntry for the last label in qname and return true if there
* was one.
size_t doDump(int fd, size_t maxCacheEntries);
size_t wipe(const DNSName& name, bool subtree = false);
size_t size() const;
+ void purge(const DNSName& qname, QType qtype);
+
private:
struct CompositeKey
return match;
}
+void MemRecursorCache::purge(const DNSName& qname, QType qt)
+{
+ if(qt == QType::CNAME)
+ {
+ auto& mc = getMap(qname);
+ auto map = mc.lock();
+ auto key = std::make_tuple(qname, qt, boost::none, Netmask());
+ auto entry = map->d_map.find(key);
+ if (entry != map->d_map.end()) {
+ map->d_map.erase(entry);
+ }
+ }
+}
+
// Fake a cache miss if more than refreshTTLPerc of the original TTL has passed
time_t MemRecursorCache::fakeTTD(MemRecursorCache::OrderedTagIterator_t& entry, const DNSName& qname, QType qtype, time_t ret, time_t now, uint32_t origTTL, bool refresh)
{
void replace(time_t, const DNSName& qname, const QType qt, const vector<DNSRecord>& content, const vector<shared_ptr<RRSIGRecordContent>>& signatures, const std::vector<std::shared_ptr<DNSRecord>>& authorityRecs, bool auth, const DNSName& authZone, boost::optional<Netmask> ednsmask = boost::none, const OptTag& routingTag = boost::none, vState state = vState::Indeterminate, boost::optional<ComboAddress> from = boost::none, bool refresh = false);
void doPrune(size_t keep);
+ void purge(const DNSName& qname, QType qt);
uint64_t doDump(int fd, size_t maxCacheEntries);
size_t doWipeCache(const DNSName& name, bool sub, QType qtype = 0xffff);
rememberParentSetIfNeeded(i->first.name, i->second.records, depth);
}
g_recCache->replace(d_now.tv_sec, i->first.name, i->first.type, i->second.records, i->second.signatures, authorityRecs, i->first.type == QType::DS ? true : isAA, auth, i->first.place == DNSResourceRecord::ANSWER ? ednsmask : boost::none, d_routingTag, recordState, remoteIP, d_refresh);
-
+ // delete negcache
+ g_negCache->purge(i->first.name, i->first.type);
+
if (g_aggressiveNSECCache && needWildcardProof && recordState == vState::Secure && i->first.place == DNSResourceRecord::ANSWER && i->first.name == qname && !i->second.signatures.empty() && !d_routingTag && !ednsmask) {
/* we have an answer synthesized from a wildcard and aggressive NSEC is enabled, we need to store the
wildcard in its non-expanded form in the cache to be able to synthesize wildcard answers later */
*/
if (newtarget.empty() && putInNegCache) {
g_negCache->add(ne);
+ if(qtype == QType::CNAME){
+ g_recCache->purge(qname, qtype);
+ }
if (s_rootNXTrust && ne.d_auth.isRoot() && auth.isRoot() && lwr.d_aabit) {
ne.d_name = ne.d_name.getLastLabel();
g_negCache->add(ne);
projects / thirdparty / pdns.git / commitdiff
