From: bert hubert <bert.hubert@netherlabs.nl>
Date: Wed, 29 Nov 2017 19:26:51 +0000 (+0100)
Subject: check if supermaster notifications are unique before queuing
X-Git-Tag: dnsdist-1.3.1~168^2~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=02980dc2b2103006207485f0f6db0457b737f032;p=thirdparty%2Fpdns.git

check if supermaster notifications are unique before queuing
---

diff --git a/pdns/communicator.hh b/pdns/communicator.hh
index 8d842aa6d8..8991d6cc05 100644
--- a/pdns/communicator.hh
+++ b/pdns/communicator.hh
@@ -208,7 +208,14 @@ private:
   Semaphore d_any_sem;
   time_t d_tickinterval;
   set<DomainInfo> d_tocheck;
-  vector<DNSPacket> d_potentialsupermasters;
+  struct cmp {
+    bool operator()(const DNSPacket& a, const DNSPacket& b) {
+      return a.qdomain < b.qdomain;
+    };
+  };
+
+  std::set<DNSPacket, cmp> d_potentialsupermasters;
+
   set<string> d_alsoNotify;
   NotificationQueue d_nq;
   NetmaskGroup d_onlyNotify;
diff --git a/pdns/dnspacket.cc b/pdns/dnspacket.cc
index f81a21b6cb..33aab01b22 100644
--- a/pdns/dnspacket.cc
+++ b/pdns/dnspacket.cc
@@ -611,7 +611,7 @@ void DNSPacket::setRemote(const ComboAddress *s)
   d_remote=*s;
 }
 
-bool DNSPacket::hasEDNSSubnet()
+bool DNSPacket::hasEDNSSubnet() const
 {
   return d_haveednssubnet;
 }
diff --git a/pdns/dnspacket.hh b/pdns/dnspacket.hh
index a1b1ad7852..81c1d6664c 100644
--- a/pdns/dnspacket.hh
+++ b/pdns/dnspacket.hh
@@ -120,7 +120,7 @@ public:
   void setMaxReplyLen(int bytes); //!< set the max reply len (used when retrieving from the packet cache, and this changed)
 
   bool couldBeCached(); //!< returns 0 if this query should bypass the packet cache
-  bool hasEDNSSubnet();
+  bool hasEDNSSubnet() const;
   bool hasEDNS();
   uint8_t getEDNSVersion() const { return d_ednsversion; };
   void setEDNSRcode(uint16_t extRCode)
diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index dba5379e5a..17f3f0965a 100644
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -729,7 +729,7 @@ int PacketHandler::trySuperMaster(DNSPacket *p, const DNSName& tsigkeyname)
   }
 }
 
-int PacketHandler::trySuperMasterSynchronous(DNSPacket *p, const DNSName& tsigkeyname)
+int PacketHandler::trySuperMasterSynchronous(const DNSPacket *p, const DNSName& tsigkeyname)
 {
   string remote = p->getRemote().toString();
   if(p->hasEDNSSubnet() && ::arg().contains("trusted-notification-proxy", remote)) {
diff --git a/pdns/packethandler.hh b/pdns/packethandler.hh
index e9be90e42a..0a38735af6 100644
--- a/pdns/packethandler.hh
+++ b/pdns/packethandler.hh
@@ -63,7 +63,7 @@ public:
  
   UeberBackend *getBackend();
 
-  int trySuperMasterSynchronous(DNSPacket *p, const DNSName& tsigkeyname);
+  int trySuperMasterSynchronous(const DNSPacket *p, const DNSName& tsigkeyname);
   static NetmaskGroup s_allowNotifyFrom;
   static set<string> s_forwardNotify;
 
diff --git a/pdns/slavecommunicator.cc b/pdns/slavecommunicator.cc
index 3a8f0d95d4..5bd485b231 100644
--- a/pdns/slavecommunicator.cc
+++ b/pdns/slavecommunicator.cc
@@ -723,8 +723,8 @@ void CommunicatorClass::addTrySuperMasterRequest(DNSPacket *p)
 {
   Lock l(&d_lock);
   DNSPacket ours = *p;
-  d_potentialsupermasters.push_back(ours);
-  d_any_sem.post(); // kick the loop!
+  if(d_potentialsupermasters.insert(ours).second)
+    d_any_sem.post(); // kick the loop!
 }
 
 void CommunicatorClass::slaveRefresh(PacketHandler *P)
@@ -734,18 +734,18 @@ void CommunicatorClass::slaveRefresh(PacketHandler *P)
 
   UeberBackend *B=P->getBackend();
   vector<DomainInfo> rdomains;
-  vector<DomainNotificationInfo> sdomains; 
-  vector<DNSPacket> trysuperdomains;
-
+  vector<DomainNotificationInfo> sdomains;
+  set<DNSPacket, cmp> trysuperdomains;
   {
     Lock l(&d_lock);
     rdomains.insert(rdomains.end(), d_tocheck.begin(), d_tocheck.end());
     d_tocheck.clear();
-    trysuperdomains.insert(trysuperdomains.end(), d_potentialsupermasters.begin(), d_potentialsupermasters.end());
+
+    trysuperdomains = d_potentialsupermasters;
     d_potentialsupermasters.clear();
   }
 
-  for(DNSPacket& dp :  trysuperdomains) {
+  for(const DNSPacket& dp :  trysuperdomains) {
     // get the TSIG key name
     TSIGRecordContent trc;
     DNSName tsigkeyname;