From a68d5ad5911e9d8a82cd550249dd51e77aa9430f Mon Sep 17 00:00:00 2001 From: bert hubert Date: Mon, 8 Oct 2018 17:09:12 +0200 Subject: [PATCH] comment zeroScope, plus make sure we don't pass subnet to packetcache for zeroScope --- pdns/dnsdist.cc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pdns/dnsdist.cc b/pdns/dnsdist.cc index ce48a2c58f..1e9cc22cf3 100644 --- a/pdns/dnsdist.cc +++ b/pdns/dnsdist.cc @@ -524,7 +524,8 @@ try { } if (ids->packetCache && !ids->skipCache) { - ids->packetCache->insert(zeroScope ? ids->cacheKeyNoECS : ids->cacheKey, ids->subnet, ids->origFlags, ids->dnssecOK, ids->qname, ids->qtype, ids->qclass, response, responseLen, false, dh->rcode, ids->tempFailureTTL); + // if zeroScope, pass the pre-ECS hash-key and do not pass the subnet to the cache + ids->packetCache->insert(zeroScope ? ids->cacheKeyNoECS : ids->cacheKey, zeroScope ? boost::none : ids->subnet, ids->origFlags, ids->dnssecOK, ids->qname, ids->qtype, ids->qclass, response, responseLen, false, dh->rcode, ids->tempFailureTTL); } if (ids->cs && !ids->cs->muted) { @@ -1419,6 +1420,7 @@ static void processUDPQuery(ClientState& cs, LocalHolders& holders, const struct } if (dq.useECS && ((ss && ss->useECS) || (!ss && serverPool->getECS()))) { + // we special case our cache in case a downstream explicitly gave us a universally valid resposne with a 0 scope if (packetCache && !dq.skipCache && packetCache->get(dq, consumed, dh->id, query, &cachedResponseSize, &cacheKeyNoECS, subnet, dnssecOK, allowExpired)) { goto sendIt; } -- 2.47.2