From: Chris Hofstaedtler <chris.hofstaedtler@deduktiva.com>
Date: Tue, 27 Aug 2024 17:49:33 +0000 (+0200)
Subject: auth: encapsulate lookup()-cleanup
X-Git-Tag: rec-5.2.0-alpha1~112^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ed23f80ff65fcaf36aecb56383ba1deddd59dc67;p=thirdparty%2Fpdns.git

auth: encapsulate lookup()-cleanup
---

diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index 797922b387..3d385ed7b5 100644
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -439,7 +439,7 @@ bool PacketHandler::getBestWildcard(DNSPacket& p, const DNSName &target, DNSName
             }
           }
           catch (std::exception &e) {
-            while (B.get(rr)) ;                 // don't leave DB handle in bad state
+            B.lookupEnd();                 // don't leave DB handle in bad state
 
             throw;
           }
@@ -465,7 +465,7 @@ bool PacketHandler::getBestWildcard(DNSPacket& p, const DNSName &target, DNSName
     B.lookup(QType(QType::ANY), subdomain, d_sd.domain_id, &p);
     if (B.get(rr)) {
       DLOG(g_log<<"No wildcard match, ancestor exists"<<endl);
-      while (B.get(rr)) ;
+      B.lookupEnd();
       break;
     }
     wildcard=subdomain;
@@ -501,7 +501,7 @@ DNSName PacketHandler::doAdditionalServiceProcessing(const DNSName &firstTarget,
           break;
         }
         default:
-          while (B.get(rr)) ;              // don't leave DB handle in bad state
+          B.lookupEnd();              // don't leave DB handle in bad state
 
           throw PDNSException("Unknown type (" + QType(qtype).toString() + ") for additional service processing");
       }
@@ -1623,7 +1623,7 @@ std::unique_ptr<DNSPacket> PacketHandler::doQuestion(DNSPacket& p)
             }
           }
           catch(std::exception &e) {
-            while (B.get(rr)) ;              // don't leave DB handle in bad state
+            B.lookupEnd();              // don't leave DB handle in bad state
 
             r=p.replyPacket();
             r->setRcode(RCode::ServFail);
diff --git a/pdns/ueberbackend.cc b/pdns/ueberbackend.cc
index 79f2b7e47e..a0e986115a 100644
--- a/pdns/ueberbackend.cc
+++ b/pdns/ueberbackend.cc
@@ -801,6 +801,20 @@ bool UeberBackend::get(DNSZoneRecord& resourceRecord)
   return false;
 }
 
+void UeberBackend::lookupEnd()
+{
+  if (!d_negcached && !d_cached) {
+    DNSZoneRecord zoneRecord;
+    while (d_handle.get(zoneRecord)) {
+      // Read all answers so the backends will close any database handles they might have allocated.
+      // One day this could be optimized.
+    }
+  }
+
+  d_answers.clear();
+  d_cached = d_negcached = false;
+}
+
 // TSIG
 //
 bool UeberBackend::setTSIGKey(const DNSName& name, const DNSName& algorithm, const string& content)
diff --git a/pdns/ueberbackend.hh b/pdns/ueberbackend.hh
index be5859c9d4..0565abfaea 100644
--- a/pdns/ueberbackend.hh
+++ b/pdns/ueberbackend.hh
@@ -94,12 +94,15 @@ public:
   };
 
   void lookup(const QType& qtype, const DNSName& qname, int zoneId, DNSPacket* pkt_p = nullptr);
+  /** Read a single record from a lookup(...) result. */
+  bool get(DNSZoneRecord& resourceRecord);
+  /** Close state created by lookup(...). */
+  void lookupEnd();
 
   /** Determines if we are authoritative for a zone, and at what level */
   bool getAuth(const DNSName& target, const QType& qtype, SOAData* soaData, bool cachedOk = true);
   /** Load SOA info from backends, ignoring the cache.*/
   bool getSOAUncached(const DNSName& domain, SOAData& soaData);
-  bool get(DNSZoneRecord& resourceRecord);
   void getAllDomains(vector<DomainInfo>* domains, bool getSerial, bool include_disabled);
 
   void getUnfreshSecondaryInfos(vector<DomainInfo>* domains);