Vladimír Čunát [Fri, 8 Jan 2021 13:47:18 +0000 (14:47 +0100)]
cache: don't change kr_layer_t::state to _DONE
I suspect this might've caused real-life issues in some edge case,
making a cached CNAME not being followed. But in any case,
cache is not a good place to set KR_STATE_DONE, as it only creates
a (pseudo-)packed for immediate CONSUME phase; it should be
iterator who sets it in that later phase when picking those records.
I added unnecessary simplifications to code, too (all those returns).
Tomas Krizek [Tue, 5 Jan 2021 12:08:35 +0000 (13:08 +0100)]
daemon/http: fix memleak
The http_data structure is allocated in http_write_pkt() and the last
callback that uses it is on_pkt_write(), so it should be responsible for
freeing the memory.
This used to leak a small amount of memory on every DoH response.
Štěpán Balážik [Wed, 6 Jan 2021 12:06:25 +0000 (13:06 +0100)]
daemon/worker.c: fix warning from compilation without asserts
I kept the changes (especially the one in qr_task_on_send) as local as
possible while hopefully preserving the invariants other functions in
worker rely upon.
Vladimír Čunát [Tue, 22 Dec 2020 10:29:39 +0000 (11:29 +0100)]
lib/selection: minor refactorings and comments
Small things I've noticed while reading it all.
- line breaks: I believe <90 is OK, as usually the attempts to reduce
lengths impair readability
- avoid unnecessary casts; usually the type was visible
on the same line anyway
- avoid `|` on booleans
- one block gets de-indented (often badly shown in diffs)
- no need for UNRECOVERABLE_ERRORS in a header (and a weird one, too)
- recoverability from failed assertions (in case they're turned off)
Vladimír Čunát [Tue, 29 Dec 2020 14:51:50 +0000 (15:51 +0100)]
lib/selection: tweak computation of RTT estimates
- fix switched \alpha and \beta from the RFC (no big deal, I think)
- use the same order as in the RFC (perhaps that caused the switch?)
- avoid floating-point arithmetics (it's simple with these formulas)
- simplify the the backoff formula (MINs instead of branches)
Vladimír Čunát [Tue, 29 Dec 2020 08:28:16 +0000 (09:28 +0100)]
lib/selection: be more careful around rtt_state.dead_since
It's all because the timestamp that we're using isn't (guaranteed to be)
meaningful across reboots or different machines, whereas our cache even
persists by default.
Vladimír Čunát [Mon, 28 Dec 2020 09:09:18 +0000 (10:09 +0100)]
lib/selection: tweak how cache is used
- standardize cache key choice and ensure impossibility of collisions
- comment on interaction with GC; it would be better to give RTT
priority over most of other records
- be more robust wrt. value in cache
Vladimír Čunát [Mon, 16 Nov 2020 13:28:49 +0000 (14:28 +0100)]
iterate: accept parent-side records for nameservers
When resolving just NS names and addresses which won't go to answers,
our cache can satisfy them with just parent-side records.
Now we also make iterator consistent with that, and it will cut short
if a delegation satisfies what the kr_query wants.
There's a general risk that we will never get the child-side records,
and in practice the parent-side ones are sometimes "less accurate".
This change may increase this risk (to NS addresses in particular),
but we'd better consider addressing the risk later and systematically.
A suggestion is to refresh the records asynchronously:
https://tools.ietf.org/html/draft-ietf-dnsop-ns-revalidation
---
State before this commit lead to a weird behaviour where some IPv4-only
tests in Deckard (namely `iter_pcdiff.rpl`) were failing with IPv6
turned off.
This was due to the resolvers' internal preference towards AAAA records
for NS names. With IPv6 networking on, NS name resolution was first
done for AAAA record and the glue (containing A record for the NS name
in question) from parent zone was put into cache. As the AAAA
resolution failed (there is no AAAA for this NS name), A was queried
next and was satisfied from cache.
With IPv6 off, there is no query for the AAAA record, so no A record
from glue gets put in to the cache. A record is resolved first, and
resolution ignores the glue in parent zone and continue to the child
zone which might be broken (intentionally in the case of that
`iter_pcdiff.rpl` test).
Vladimír Čunát [Mon, 14 Dec 2020 10:54:55 +0000 (11:54 +0100)]
view.addr(): throw error on bad subnet
It's more consistent with what we do. Now it will look like:
[system] error while loading config: .../lib/knot-resolver/kres_modules/view.lua:28: failed to parse subnet [::1]/128 (workdir '/foo/bar')
Tomas Krizek [Fri, 11 Dec 2020 14:42:22 +0000 (15:42 +0100)]
doc: use :any: to refer to non-function policies
:func: directive automatically always adds brackets. This results in
links such as "policy.PASS()", which can be confusing, since the actual
policy is supposed to be "policy.PASS".
Using :any: results in links without the added brackets, which makes
non-function policies less confusing.
Vladimír Čunát [Mon, 30 Nov 2020 06:39:24 +0000 (07:39 +0100)]
contrib/cleanup: loosen type-checking in auto_free
- advantage: `auto_free anyType *foo;` works (for anyType != char)
- disadvantage: `auto_free anyType bar;` is also accepted,
though I expect such problems will be relatively easy to debug.
Vladimír Čunát [Thu, 12 Nov 2020 13:13:49 +0000 (14:13 +0100)]
xdp: warn when using XDP emulation
For simplicity we bump Knot version that's required for using XDP.
Syntax: I found no better way to split the line;
alternative: backslash in meson >= 0.50.
Vladimír Čunát [Fri, 13 Nov 2020 13:16:32 +0000 (14:16 +0100)]
fix map() command on 32-bit platforms; regressed in 5.2.0
LuaJIT FFI was using opendir() (etc.) variants with 32-bit inodes
but the C parts was using them as 64-bit inode variants.
Consequently the `struct dirent` layout didn't match and we were getting
filenames shifted by eight bytes.
Now the whole dir-listing lua function is written in C.
Vladimír Čunát [Wed, 4 Nov 2020 09:07:40 +0000 (10:07 +0100)]
modules: fix issues with dropped answers - resolve()
Well... practically it still can't happen that an internal request
gets its answer dropped, but ATM my understanding of the API is that
it is allowed to happen already, and the crashes during tests were
bothering me (simulating drops).
This may become more relevant in future, e.g. if we allow dropping
as a policy action; policy authors may not care about the request being
internal.
Vladimír Čunát [Tue, 3 Nov 2020 11:34:04 +0000 (12:34 +0100)]
daemon/worker: allow dropping even on non-XDP
During testing it was sending me SERVFAIL, which was weird.
There's no use case so far, but if it was decided to drop the answer,
it should really happen regardless of the transport.
Vladimír Čunát [Wed, 21 Oct 2020 15:25:18 +0000 (17:25 +0200)]
XDP: add backend parts
Logging strings: I originally wanted to have four chars inside [],
but it doesn't really matter in these cases where logs don't happen
within a request, so "[xdp]" won due to uniformity and simplicity.
projects / thirdparty / knot-resolver.git / log
