From: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Date: Wed, 23 Oct 2019 12:18:47 +0000 (+0200)
Subject: prime tld of root name server names
X-Git-Tag: rec-4.3.0-alpha2^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1b4e0ae09d2d81b70524746293f3e4f16d722ad4;p=thirdparty%2Fpdns.git

prime tld of root name server names
---

diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc
index 3666525f9b..d7c3716d2a 100644
--- a/pdns/pdns_recursor.cc
+++ b/pdns/pdns_recursor.cc
@@ -2914,8 +2914,10 @@ static void houseKeeping(void *)
 
     if(now.tv_sec - last_rootupdate > 7200) {
       int res = SyncRes::getRootNS(g_now, nullptr);
-      if (!res)
+      if (!res) {
         last_rootupdate=now.tv_sec;
+        primeRootNSZones(g_dnssecmode != DNSSECMode::Off);
+      }
     }
 
     if(isHandlerThread()) {
diff --git a/pdns/reczones.cc b/pdns/reczones.cc
index 45bcb814a2..d5294a44c3 100644
--- a/pdns/reczones.cc
+++ b/pdns/reczones.cc
@@ -32,11 +32,14 @@
 extern int g_argc;
 extern char** g_argv;
 
+static thread_local set<DNSName> t_rootNSZones;
+
 void primeHints(void)
 {
   // prime root cache
   const vState validationState = Insecure;
   vector<DNSRecord> nsset;
+  t_rootNSZones.clear();
   if(!t_RC)
     t_RC = std::unique_ptr<MemRecursorCache>(new MemRecursorCache());
 
@@ -54,6 +57,7 @@ void primeHints(void)
       templ[sizeof(templ)-1] = '\0';
       *templ=c;
       aaaarr.d_name=arr.d_name=DNSName(templ);
+      t_rootNSZones.insert(arr.d_name.getLastLabel());
       nsrr.d_content=std::make_shared<NSRecordContent>(DNSName(templ));
       arr.d_content=std::make_shared<ARecordContent>(ComboAddress(rootIps4[c-'a']));
       vector<DNSRecord> aset;
@@ -88,10 +92,30 @@ void primeHints(void)
         rr.content=toLower(rr.content);
         nsset.push_back(DNSRecord(rr));
       }
+      t_rootNSZones.insert(rr.qname.getLastLabel());
     }
   }
   t_RC->doWipeCache(g_rootdnsname, false, QType::NS);
   t_RC->replace(time(0), g_rootdnsname, QType(QType::NS), nsset, vector<std::shared_ptr<RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), false, boost::none, validationState); // and stuff in the cache
+
+  
+
+}
+
+void primeRootNSZones(bool dnssecmode)
+{
+  struct timeval now;
+  gettimeofday(&now, 0);
+  SyncRes sr(now);
+
+  if (dnssecmode) {
+    sr.setDoDNSSEC(true);
+    sr.setDNSSECValidationRequested(true);
+  }
+  for (const auto & qname: t_rootNSZones) {
+    vector<DNSRecord> ret;
+    sr.beginResolve(qname, QType(QType::NS), QClass::IN, ret);
+  }
 }
 
 static void makeNameToIPZone(std::shared_ptr<SyncRes::domainmap_t> newMap, const DNSName& hostname, const string& ip)
@@ -479,4 +503,3 @@ std::shared_ptr<SyncRes::domainmap_t> parseAuthAndForwards()
   }
   return newMap;
 }
-
diff --git a/pdns/syncres.hh b/pdns/syncres.hh
index d1e87f6a25..f72a2cdb50 100644
--- a/pdns/syncres.hh
+++ b/pdns/syncres.hh
@@ -1073,6 +1073,7 @@ uint64_t* pleaseWipePacketCache(const DNSName& canon, bool subtree);
 uint64_t* pleaseWipeAndCountNegCache(const DNSName& canon, bool subtree=false);
 void doCarbonDump(void*);
 void primeHints(void);
+void primeRootNSZones(bool);
 
 extern __thread struct timeval g_now;