From: Ondřej Surý Date: Tue, 4 Oct 2022 15:07:19 +0000 (+0200) Subject: Record the 'edns-udp-size' in the view, not in the resolver X-Git-Tag: v9.19.6~5^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0dcbc6274be6e6100daf9d754193c0421fc538d2;p=thirdparty%2Fbind9.git Record the 'edns-udp-size' in the view, not in the resolver Getting the recorded value of 'edns-udp-size' from the resolver requires strong attach to the dns_view because we are accessing `view->resolver`. This is not the case in places (f.e. dns_zone unit) where `.udpsize` is accessed. By moving the .udpsize field from `struct dns_resolver` to `struct dns_view`, we can access the value directly even with weakly attached dns_view without the need to lock the view because `.udpsize` can be accessed after the dns_view object has been shut down. --- diff --git a/bin/named/server.c b/bin/named/server.c index 26ad34a1e28..8c948ef6f4d 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -4931,7 +4931,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, if (udpsize > 4096) { udpsize = 4096; } - dns_resolver_setudpsize(view->resolver, (uint16_t)udpsize); + dns_view_setudpsize(view, (uint16_t)udpsize); /* * Set the maximum UDP response size. diff --git a/lib/dns/include/dns/resolver.h b/lib/dns/include/dns/resolver.h index 2046f9421a2..206c3f78ffc 100644 --- a/lib/dns/include/dns/resolver.h +++ b/lib/dns/include/dns/resolver.h @@ -421,18 +421,6 @@ dns_resolver_addalternate(dns_resolver_t *resolver, const isc_sockaddr_t *alt, * \li only one of 'name' or 'alt' to be valid. */ -void -dns_resolver_setudpsize(dns_resolver_t *resolver, uint16_t udpsize); -/*%< - * Set the EDNS UDP buffer size advertised by the server. - */ - -uint16_t -dns_resolver_getudpsize(dns_resolver_t *resolver); -/*%< - * Get the current EDNS UDP buffer size. - */ - void dns_resolver_reset_algorithms(dns_resolver_t *resolver); /*%< diff --git a/lib/dns/include/dns/view.h b/lib/dns/include/dns/view.h index dad397bb98a..e4dd0d178f4 100644 --- a/lib/dns/include/dns/view.h +++ b/lib/dns/include/dns/view.h @@ -185,6 +185,7 @@ struct dns_view { dns_dlzdblist_t dlz_unsearched; uint32_t fail_ttl; dns_badcache_t *failcache; + unsigned int udpsize; /* * Configurable data for server use only, @@ -1301,5 +1302,20 @@ dns_view_sfd_find(dns_view_t *view, const dns_name_t *name, isc_result_t dns_view_getresolver(dns_view_t *view, dns_resolver_t **resolverp); +/*%< + * Return the resolver associated with the view. + */ + +void +dns_view_setudpsize(dns_view_t *view, uint16_t udpsize); +/*%< + * Set the EDNS UDP buffer size advertised by the server. + */ + +uint16_t +dns_view_getudpsize(dns_view_t *view); +/*%< + * Get the current EDNS UDP buffer size. + */ ISC_LANG_ENDDECLS diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 6cb02c410de..f6b3171b79c 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -240,11 +240,6 @@ STATIC_ASSERT(NS_PROCESSING_LIMIT > NS_RR_LIMIT, */ #define RECV_BUFFER_SIZE 4096 /* XXXRTH Constant. */ -/*% - * Default EDNS0 buffer size - */ -#define DEFAULT_EDNS_BUFSIZE 1232 - /*% * This defines the maximum number of timeouts we will permit before we * disable EDNS0 on the query. @@ -561,7 +556,6 @@ struct dns_resolver { isc_task_t **tasks; uint32_t lame_ttl; ISC_LIST(alternate_t) alternates; - uint16_t udpsize; dns_rbt_t *algorithms; dns_rbt_t *digests; dns_rbt_t *mustbesecure; @@ -2661,7 +2655,7 @@ resquery_send(resquery_t *query) { * Set the default UDP size to what was * configured as 'edns-buffer-size' */ - udpsize = res->udpsize; + udpsize = res->view->udpsize; /* * This server timed out for the first time in @@ -10274,7 +10268,6 @@ dns_resolver_create(dns_view_t *view, isc_loopmgr_t *loopmgr, .taskmgr = taskmgr, .dispatchmgr = dispatchmgr, .options = options, - .udpsize = DEFAULT_EDNS_BUFSIZE, .spillatmin = 10, .spillat = 10, .spillatmax = 100, @@ -11040,18 +11033,6 @@ dns_resolver_addalternate(dns_resolver_t *resolver, const isc_sockaddr_t *alt, ISC_LIST_APPEND(resolver->alternates, a, link); } -void -dns_resolver_setudpsize(dns_resolver_t *resolver, uint16_t udpsize) { - REQUIRE(VALID_RESOLVER(resolver)); - resolver->udpsize = udpsize; -} - -uint16_t -dns_resolver_getudpsize(dns_resolver_t *resolver) { - REQUIRE(VALID_RESOLVER(resolver)); - return (resolver->udpsize); -} - void dns_resolver_flushbadcache(dns_resolver_t *resolver, const dns_name_t *name) { if (name != NULL) { diff --git a/lib/dns/view.c b/lib/dns/view.c index 14123866c6f..5a8d1c8072e 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -75,6 +75,11 @@ #define DNS_VIEW_DELONLYHASH 111 #define DNS_VIEW_FAILCACHESIZE 1021 +/*% + * Default EDNS0 buffer size + */ +#define DEFAULT_EDNS_BUFSIZE 1232 + isc_result_t dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, const char *name, dns_view_t **viewp) { @@ -110,6 +115,7 @@ dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, const char *name, .synthfromdnssec = true, .trust_anchor_telemetry = true, .root_key_sentinel = true, + .udpsize = DEFAULT_EDNS_BUFSIZE, }; isc_refcount_init(&view->references, 1); @@ -2435,3 +2441,15 @@ dns_view_getresolver(dns_view_t *view, dns_resolver_t **resolverp) { UNLOCK(&view->lock); return (result); } + +void +dns_view_setudpsize(dns_view_t *view, uint16_t udpsize) { + REQUIRE(DNS_VIEW_VALID(view)); + view->udpsize = udpsize; +} + +uint16_t +dns_view_getudpsize(dns_view_t *view) { + REQUIRE(DNS_VIEW_VALID(view)); + return (view->udpsize); +} diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 037bca8dce3..7e7355598c9 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -14660,7 +14660,6 @@ again: result = dns_peerlist_peerbyaddr(zone->view->peers, &primaryip, &peer); if (result == ISC_R_SUCCESS) { - dns_resolver_t *resolver = NULL; result = dns_peer_getsupportedns(peer, &edns); if (result == ISC_R_SUCCESS && !edns) { DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NOEDNS); @@ -14674,11 +14673,7 @@ again: if (dscp != -1) { have_xfrdscp = true; } - result = dns_view_getresolver(zone->view, &resolver); - if (result == ISC_R_SUCCESS) { - udpsize = dns_resolver_getudpsize(resolver); - dns_resolver_detach(&resolver); - } + udpsize = dns_view_getudpsize(zone->view); (void)dns_peer_getudpsize(peer, &udpsize); (void)dns_peer_getrequestnsid(peer, &reqnsid); (void)dns_peer_getrequestexpire(peer, &reqexpire); @@ -14961,7 +14956,6 @@ ns_query(dns_zone_t *zone, dns_rdataset_t *soardataset, dns_stub_t *stub) { result = dns_peerlist_peerbyaddr(zone->view->peers, &primaryip, &peer); if (result == ISC_R_SUCCESS) { - dns_resolver_t *resolver; result = dns_peer_getsupportedns(peer, &edns); if (result == ISC_R_SUCCESS && !edns) { DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NOEDNS); @@ -14975,11 +14969,7 @@ ns_query(dns_zone_t *zone, dns_rdataset_t *soardataset, dns_stub_t *stub) { if (result == ISC_R_SUCCESS && dscp != -1) { have_xfrdscp = true; } - result = dns_view_getresolver(zone->view, &resolver); - if (result == ISC_R_SUCCESS) { - udpsize = dns_resolver_getudpsize(resolver); - dns_resolver_detach(&resolver); - } + udpsize = dns_view_getudpsize(zone->view); (void)dns_peer_getudpsize(peer, &udpsize); (void)dns_peer_getrequestnsid(peer, &reqnsid); } diff --git a/lib/ns/client.c b/lib/ns/client.c index 8b83c3908c7..60da425efb1 100644 --- a/lib/ns/client.c +++ b/lib/ns/client.c @@ -963,7 +963,6 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, unsigned char cookie[COOKIE_SIZE]; isc_result_t result; dns_view_t *view = NULL; - dns_resolver_t *resolver = NULL; uint16_t udpsize; dns_ednsopt_t ednsopts[DNS_EDNSOPTIONS]; int count = 0; @@ -978,9 +977,8 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, env = client->manager->aclenv; view = client->view; - resolver = (view != NULL) ? view->resolver : NULL; - if (resolver != NULL) { - udpsize = dns_resolver_getudpsize(resolver); + if (view != NULL) { + udpsize = dns_view_getudpsize(view); } else { udpsize = client->manager->sctx->udpsize; }