From: Wouter Wijngaards Date: Wed, 22 Aug 2007 12:13:52 +0000 (+0000) Subject: bogus ttl fixed value, config item. X-Git-Tag: release-0.5~101 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a084af819c8a4eabac735e21a9388f221a669822;p=thirdparty%2Funbound.git bogus ttl fixed value, config item. git-svn-id: file:///svn/unbound/trunk@540 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index 0fd73a6f7..af092a88e 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,6 @@ +22 August 2007: Wouter + - bogus TTL. + 21 August 2007: Wouter - ANY response validation. - store security status in cache. diff --git a/doc/example.conf b/doc/example.conf index caabbf9de..0bd39984d 100644 --- a/doc/example.conf +++ b/doc/example.conf @@ -167,6 +167,10 @@ server: # Do not set this unless you are debugging signature inception # and expiration. "" or "0" turns the feature off. # val-override-date: "" + + # The time to live for bogus data, rrsets and messages. This avoids + # some of the revalidation, until the time interval expires. in secs. + # val-bogus-ttl: 900 # Stub zones. # Create entries like below, to make all queries for 'example.com' and diff --git a/doc/unbound.conf.5 b/doc/unbound.conf.5 index f3bd64f82..ee17006d2 100644 --- a/doc/unbound.conf.5 +++ b/doc/unbound.conf.5 @@ -204,6 +204,11 @@ Default is "" or "0", which disables this debugging feature. If enabled by giving a RRSIG style date, that date is used for verifying RRSIG inception and expiration dates, instead of the current date. Do not set this unless you are debugging signature inception and expiration. +.It \fBval-bogus-ttl:\fR +The time to live for bogus data. This is data that has failed validation; +due to invalid signatures or other checks. The TTL from that data cannot be +trusted, and this value is used instead. The value is in seconds, default 900. +The time interval prevents repeated revalidation of bogus data. .El .Ss Stub Zone Options diff --git a/services/cache/rrset.c b/services/cache/rrset.c index 1451227f2..4a9789b1a 100644 --- a/services/cache/rrset.c +++ b/services/cache/rrset.c @@ -116,8 +116,14 @@ need_to_update_rrset(void* nd, void* cd, uint32_t timenow, int equal) struct packed_rrset_data* newd = (struct packed_rrset_data*)nd; struct packed_rrset_data* cached = (struct packed_rrset_data*)cd; /* o if current RRset is more trustworthy - insert it */ - if( newd->trust > cached->trust ) + if( newd->trust > cached->trust ) { + /* if the cached rrset is bogus, and this one equal, + * do not update the TTL - let it expire. */ + if(equal && cached->ttl >= timenow && + cached->security == sec_status_bogus) + return 0; return 1; + } /* o item in cache has expired */ if( cached->ttl < timenow ) return 1; @@ -128,6 +134,10 @@ need_to_update_rrset(void* nd, void* cd, uint32_t timenow, int equal) /* if so, see if rrset+rdata is the same */ /* if so, update TTL in cache, even if trust is worse. */ if( newd->ttl > cached->ttl && equal ) { + /* if the cached rrset is bogus, and this one equal, + * do not update the TTL - let it expire. */ + if(cached->security == sec_status_bogus) + return 0; /* since all else is the same, use the best trust value */ if(newd->trust < cached->trust) { newd->trust = cached->trust; diff --git a/util/config_file.c b/util/config_file.c index ac1ed9e5f..1311d0b5c 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -85,6 +85,7 @@ config_create() cfg->rrset_cache_slabs = 4; cfg->host_ttl = 900; cfg->lame_ttl = 900; + cfg->bogus_ttl = 900; cfg->infra_cache_slabs = 4; cfg->infra_cache_numhosts = 1000; cfg->infra_cache_numlame = 1000; diff --git a/util/config_file.h b/util/config_file.h index 42f383ad3..b6dd58b74 100644 --- a/util/config_file.h +++ b/util/config_file.h @@ -146,6 +146,8 @@ struct config_file { /** if not 0, this value is the validation date for RRSIGs */ int32_t val_date_override; + /** this value sets the number of seconds before revalidating bogus */ + int bogus_ttl; /** daemonize, i.e. fork into the background. */ int do_daemonize; diff --git a/util/configlexer.lex b/util/configlexer.lex index 775797412..c8e547c2c 100644 --- a/util/configlexer.lex +++ b/util/configlexer.lex @@ -145,6 +145,7 @@ module-conf{COLON} { YDOUT; return VAR_MODULE_CONF;} trust-anchor-file{COLON} { YDOUT; return VAR_TRUST_ANCHOR_FILE;} trust-anchor{COLON} { YDOUT; return VAR_TRUST_ANCHOR;} val-override-date{COLON} { YDOUT; return VAR_VAL_OVERRIDE_DATE;} +val-bogus-ttl{COLON} { YDOUT; return VAR_BOGUS_TTL;} {NEWLINE} { LEXOUT(("NL\n")); cfg_parser->line++;} /* Quoted strings. Strip leading and ending quotes */ diff --git a/util/configparser.y b/util/configparser.y index bc921b930..8a0377782 100644 --- a/util/configparser.y +++ b/util/configparser.y @@ -81,6 +81,7 @@ extern struct config_parser_state* cfg_parser; %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE +%token VAR_BOGUS_TTL %% toplevelvars: /* empty */ | toplevelvars toplevelvar ; @@ -114,7 +115,7 @@ content_server: server_num_threads | server_verbosity | server_port | server_do_not_query_address | server_hide_identity | server_hide_version | server_identity | server_version | server_harden_glue | server_module_conf | server_trust_anchor_file | - server_trust_anchor | server_val_override_date + server_trust_anchor | server_val_override_date | server_bogus_ttl ; stubstart: VAR_STUB_ZONE { @@ -504,6 +505,16 @@ server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING free($2); } ; +server_bogus_ttl: VAR_BOGUS_TTL STRING + { + OUTYY(("P(server_bogus_ttl:%s)\n", $2)); + if(atoi($2) == 0 && strcmp($2, "0") != 0) + yyerror("number expected"); + else cfg_parser->cfg->bogus_ttl = atoi($2); + free($2); + } + ; + stub_name: VAR_NAME STRING { OUTYY(("P(name:%s)\n", $2)); diff --git a/validator/val_utils.c b/validator/val_utils.c index 9a7d6439f..40e025e36 100644 --- a/validator/val_utils.c +++ b/validator/val_utils.c @@ -40,6 +40,7 @@ */ #include "config.h" #include "validator/val_utils.h" +#include "validator/validator.h" #include "validator/val_kentry.h" #include "validator/val_sigcrypt.h" #include "util/data/msgreply.h" @@ -215,11 +216,18 @@ val_verify_rrset(struct module_env* env, struct val_env* ve, verbose(VERB_ALGO, "verify result: %s", sec_status_to_string(sec)); /* update rrset security status - * only improves security status */ + * only improves security status + * and bogus is set only once, even if we rechecked the status */ if(sec > d->security) { d->security = sec; if(sec == sec_status_secure) d->trust = rrset_trust_validated; + else if(sec == sec_status_bogus) { + /* update ttl for rrset to fixed value. */ + d->ttl = time(0) + ve->bogus_ttl; + /* leave RR specific TTL: not used for determine + * if RRset timed out and clients see proper value. */ + } } return sec; diff --git a/validator/validator.c b/validator/validator.c index c662eea46..d16465cb2 100644 --- a/validator/validator.c +++ b/validator/validator.c @@ -58,6 +58,7 @@ static int val_apply_cfg(struct val_env* val_env, struct config_file* cfg) { + val_env->bogus_ttl = (uint32_t)cfg->bogus_ttl; if(!val_env->anchors) val_env->anchors = anchors_create(); if(!val_env->anchors) { @@ -928,15 +929,23 @@ processValidate(struct module_qstate* qstate, struct val_qstate* vq, * * @param qstate: query state. * @param vq: validator query state. + * @param ve: validator shared global environment. * @param id: module id. * @return true if the event should be processed further on return, false if * not. */ static int -processFinished(struct module_qstate* qstate, struct val_qstate* vq, int id) +processFinished(struct module_qstate* qstate, struct val_qstate* vq, + struct val_env* ve, int id) { /* TODO CNAME query restarts */ + /* if the result is bogus - set message ttl to bogus ttl to avoid + * endless bogus revalidation */ + if(vq->chase_reply->security == sec_status_bogus) { + vq->chase_reply->ttl = time(0) + ve->bogus_ttl; + } + /* store results in cache */ if(!dns_cache_store(qstate->env, &vq->qchase, vq->chase_reply, 0)) { log_err("out of memory caching validator results"); @@ -976,7 +985,7 @@ val_handle(struct module_qstate* qstate, struct val_qstate* vq, cont = processValidate(qstate, vq, ve, id); break; case VAL_FINISHED_STATE: - cont = processFinished(qstate, vq, id); + cont = processFinished(qstate, vq, ve, id); break; default: log_warn("validator: invalid state %d", diff --git a/validator/validator.h b/validator/validator.h index d19118884..1d0989bfd 100644 --- a/validator/validator.h +++ b/validator/validator.h @@ -69,6 +69,11 @@ struct val_env { /** for debug testing a fixed validation date can be entered. * if 0, current time is used for rrsig validation */ int32_t date_override; + + /** TTL for bogus data; used instead of untrusted TTL from data. + * Bogus data will not be verified more often than this interval. + * seconds. */ + uint32_t bogus_ttl; }; /**