From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Tue, 3 May 2016 15:39:42 +0000 (+0200)
Subject: Better description for DNSSECKeeper's cache, 0 disables caching
X-Git-Tag: rec-4.0.0-alpha3~13^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=030850a9960332022b006281d08d29a353f84572;p=thirdparty%2Fpdns.git

Better description for DNSSECKeeper's cache, 0 disables caching

* Fix the description of the new settings
* Setting a 0-TTL disables caching
* Only get the value once, as it's done for `max-nsec3-iterations`
---

diff --git a/docs/markdown/authoritative/settings.md b/docs/markdown/authoritative/settings.md
index 7c6955ae04..99eead07d6 100644
--- a/docs/markdown/authoritative/settings.md
+++ b/docs/markdown/authoritative/settings.md
@@ -287,11 +287,11 @@ Number of Distributor (backend) threads to start per receiver thread. See
 Synthesise CNAME records from DNAME records as required. This approximately
 doubles query load. **Do not combine with DNSSEC!**
 
-## `dns-key-cache-ttl`
+## `dnssec-key-cache-ttl`
 * Integer
 * Default: 30
 
-Seconds to store domain DNS keys in cache.
+Seconds to cache DNSSEC keys from the database. A value of 0 disables caching.
 
 ## `dnsupdate`
 * Boolean
@@ -310,7 +310,7 @@ section when sending a referral.
 * Integer
 * Default: 60
 
-Seconds to store domain metadata in cache.
+Seconds to cache domain metadata from the database. A value of 0 disables caching.
 
 ## `edns-subnet-option-number`
 * Integer
diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc
index 6a76cd671f..ca9f6a95a4 100644
--- a/pdns/common_startup.cc
+++ b/pdns/common_startup.cc
@@ -149,8 +149,8 @@ void declareArguments()
   ::arg().set("soa-expire-default","Default SOA expire")="604800";
   ::arg().set("default-soa-edit","Default SOA-EDIT value")="";
   ::arg().set("default-soa-edit-signed","Default SOA-EDIT value for signed zones")="";
-  ::arg().set("dns-key-cache-ttl","Seconds to store domain DNS keys in cache")="30";
-  ::arg().set("domain-metadata-cache-ttl","Seconds to store domain metadata in cache")="60";
+  ::arg().set("dnssec-key-cache-ttl","Seconds to cache DNSSEC keys from the database")="30";
+  ::arg().set("domain-metadata-cache-ttl","Seconds to cache domain metadata from the database")="60";
 
   ::arg().set("trusted-notification-proxy", "IP address of incoming notification proxy")="";
   ::arg().set("slave-renotify", "If we should send out notifications for slaved updates")="no";
diff --git a/pdns/dbdnsseckeeper.cc b/pdns/dbdnsseckeeper.cc
index c583367dec..a23cbd5049 100644
--- a/pdns/dbdnsseckeeper.cc
+++ b/pdns/dbdnsseckeeper.cc
@@ -183,6 +183,7 @@ bool DNSSECKeeper::activateKey(const DNSName& zname, unsigned int id)
 
 void DNSSECKeeper::getFromMeta(const DNSName& zname, const std::string& key, std::string& value)
 {
+  static int ttl = ::arg().asNum("domain-metadata-cache-ttl");
   value.clear();
   unsigned int now = time(0);
 
@@ -190,7 +191,7 @@ void DNSSECKeeper::getFromMeta(const DNSName& zname, const std::string& key, std
     cleanup();
   }
 
-  {
+  if (ttl > 0) {
     ReadLock l(&s_metacachelock); 
     
     metacache_t::const_iterator iter = s_metacache.find(tie(zname, key));
@@ -203,15 +204,17 @@ void DNSSECKeeper::getFromMeta(const DNSName& zname, const std::string& key, std
   d_keymetadb->getDomainMetadata(zname, key, meta);
   if(!meta.empty())
     value=*meta.begin();
-    
-  METACacheEntry nce;
-  nce.d_domain=zname;
-  nce.d_ttd = now + ::arg().asNum("domain-metadata-cache-ttl");
-  nce.d_key= key;
-  nce.d_value = value;
-  { 
-    WriteLock l(&s_metacachelock);
-    replacing_insert(s_metacache, nce);
+
+  if (ttl > 0) {
+    METACacheEntry nce;
+    nce.d_domain=zname;
+    nce.d_ttd = now + ttl;
+    nce.d_key= key;
+    nce.d_value = value;
+    {
+      WriteLock l(&s_metacachelock);
+      replacing_insert(s_metacache, nce);
+    }
   }
 }
 
@@ -387,13 +390,14 @@ DNSSECKeeper::keyset_t DNSSECKeeper::getEntryPoints(const DNSName& zname)
 
 DNSSECKeeper::keyset_t DNSSECKeeper::getKeys(const DNSName& zone, bool useCache)
 {
+  static int ttl = ::arg().asNum("dnssec-key-cache-ttl");
   unsigned int now = time(0);
 
   if(!((++s_ops) % 100000)) {
     cleanup();
   }
 
-  if (useCache) {
+  if (useCache && ttl > 0) {
     ReadLock l(&s_keycachelock);
     keycache_t::const_iterator iter = s_keycache.find(zone);
 
@@ -457,14 +461,17 @@ DNSSECKeeper::keyset_t DNSSECKeeper::getKeys(const DNSName& zone, bool useCache)
   }
   sort(retkeyset.begin(), retkeyset.end(), keyCompareByKindAndID);
 
-  KeyCacheEntry kce;
-  kce.d_domain=zone;
-  kce.d_keys = retkeyset;
-  kce.d_ttd = now + ::arg().asNum("dns-key-cache-ttl");
-  {
-    WriteLock l(&s_keycachelock);
-    replacing_insert(s_keycache, kce);
+  if (ttl > 0) {
+    KeyCacheEntry kce;
+    kce.d_domain=zone;
+    kce.d_keys = retkeyset;
+    kce.d_ttd = now + ttl;
+    {
+      WriteLock l(&s_keycachelock);
+      replacing_insert(s_keycache, kce);
+    }
   }
+
   return retkeyset;
 }
 
diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc
index 4fce2a46aa..6b1b541ad0 100644
--- a/pdns/pdnsutil.cc
+++ b/pdns/pdnsutil.cc
@@ -120,8 +120,8 @@ void loadMainConfig(const std::string& configdir)
   ::arg().set("soa-expire-default","Default SOA expire")="604800";
   ::arg().set("soa-minimum-ttl","Default SOA minimum ttl")="3600";    
   ::arg().set("chroot","Switch to this chroot jail")="";
-  ::arg().set("dns-key-cache-ttl","Seconds to store domain DNS keys in cache")="30";
-  ::arg().set("domain-metadata-cache-ttl","Seconds to store domain metadata in cache")="60";
+  ::arg().set("dnssec-key-cache-ttl","Seconds to cache DNSSEC keys from the database")="30";
+  ::arg().set("domain-metadata-cache-ttl","Seconds to cache domain metadata from the database")="60";
 
   // Keep this line below all ::arg().set() statements
   if (! ::arg().laxFile(configname.c_str()))