From: Alessio Podda Date: Tue, 23 Dec 2025 15:38:53 +0000 (+0100) Subject: Remove rrset-order cyclic from the default config, with shim X-Git-Tag: v9.21.18~35^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=78588981df29309e4d7682d3355fefbbfba9f0c1;p=thirdparty%2Fbind9.git Remove rrset-order cyclic from the default config, with shim Currently we add an rrset-order cyclic statement to the default config. Since the rrset-order allows matching a subset of all names, it must be implemented with a string comparison against a wildcard, and since the statement applies per rrset, this can result in millions of comparisons per second on a busy authoritative server. This commit removes rrset-order from the default config, but adds back a code shim in query_setorder to preserve the previous behaviour. --- diff --git a/bin/include/defaultconfig.h b/bin/include/defaultconfig.h index 8e247572607..fb1ede220cc 100644 --- a/bin/include/defaultconfig.h +++ b/bin/include/defaultconfig.h @@ -79,7 +79,7 @@ options {\n\ request-zoneversion false;\n\ resolver-query-timeout 10;\n\ # responselog ;\n\ - rrset-order { order cyclic; };\n\ +# rrset-order { order cyclic; };\n\ secroots-file \"named.secroots\";\n\ send-cookie true;\n\ serial-query-rate 20;\n\ diff --git a/bin/named/server.c b/bin/named/server.c index 6e1757cce08..09caf23d554 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -4620,20 +4620,27 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, * Configure the views rrset-order. */ { - const cfg_obj_t *rrsetorder = NULL; - - (void)named_config_get(maps, "rrset-order", &rrsetorder); - dns_order_create(mctx, &order); - CFG_LIST_FOREACH(rrsetorder, element) { - const cfg_obj_t *ent = cfg_listelt_value(element); - - CHECK(configure_order(order, ent)); - } + /* + * Detach the old order + */ if (view->order != NULL) { dns_order_detach(&view->order); } - dns_order_attach(order, &view->order); - dns_order_detach(&order); + + const cfg_obj_t *rrsetorder = NULL; + if (ISC_R_SUCCESS == + named_config_get(maps, "rrset-order", &rrsetorder)) + { + dns_order_create(mctx, &order); + CFG_LIST_FOREACH(rrsetorder, element) { + const cfg_obj_t *ent = + cfg_listelt_value(element); + + CHECK(configure_order(order, ent)); + } + dns_order_attach(order, &view->order); + dns_order_detach(&order); + } } /* * Copy the aclenv object. diff --git a/lib/ns/query.c b/lib/ns/query.c index e704db3f30e..b23db80903b 100644 --- a/lib/ns/query.c +++ b/lib/ns/query.c @@ -2212,6 +2212,15 @@ query_setorder(query_ctx_t *qctx, dns_name_t *name, dns_rdataset_t *rdataset) { if (order != NULL) { rdataset->attributes.order = dns_order_find( order, name, rdataset->type, rdataset->rdclass); + } else { + /* + * For backward compatibility reasons, we need to behave as if + * rrset-order: cyclic was set when no order is configured. + * + * This was done through the default config, but it came at a + * speed penalty. + */ + rdataset->attributes.order = dns_order_cyclic; } }