From: Otto Date: Mon, 13 Sep 2021 08:51:29 +0000 (+0200) Subject: Refactor out the tcp connect code X-Git-Tag: rec-4.6.0-alpha1~2^2~5 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=caaea00777f7ae7e93a5175606cb288bc5947616;p=thirdparty%2Fpdns.git Refactor out the tcp connect code --- diff --git a/pdns/lwres.cc b/pdns/lwres.cc index f0cee4fe21..1dc85fbbd3 100644 --- a/pdns/lwres.cc +++ b/pdns/lwres.cc @@ -232,6 +232,46 @@ static void logIncomingResponse(const std::shared_ptr(g_networkTimeoutMsec) % 1000 * 1000}; + Socket s(ip.sin4.sin_family, SOCK_STREAM); + s.setNonBlocking(); + ComboAddress localip = pdns::getQueryLocalAddress(ip.sin4.sin_family, 0); + s.bind(localip); + + std::shared_ptr tlsCtx{nullptr}; + if (dnsOverTLS) { + TLSContextParameters tlsParams; + tlsParams.d_provider = "openssl"; + tlsParams.d_validateCertificates = false; + //tlsParams.d_caStore = caaStore; + tlsCtx = getTLSContext(tlsParams); + if (tlsCtx == nullptr) { + g_log << Logger::Error << "DoT to " << ip << " requested but not available" << endl; + dnsOverTLS = false; + } + } + connection.d_handler = std::make_shared("", s.releaseHandle(), timeout, tlsCtx, now.tv_sec); + // Returned state ignored + try { + connection.d_handler->tryConnect(SyncRes::s_tcp_fast_open_connect, ip); + } + catch (const std::runtime_error&) { + continue; + } + return true; + } +} + /** lwr is only filled out in case 1 was returned, and even when returning 1 for 'success', lwr might contain DNS errors Never throws! */ @@ -351,34 +391,7 @@ static LWResult::Result asyncresolve(const ComboAddress& ip, const DNSName& doma // work, we give up. For reused connections, we assume the // peer has closed it on error, so we retry. At some point we // *will* get a new connection, so this loop is not endless. - bool isNew = false; - connection = t_tcp_manager.get(ip); - if (!connection.d_handler) { - isNew = true; - const struct timeval timeout{ g_networkTimeoutMsec / 1000, static_cast(g_networkTimeoutMsec) % 1000 * 1000}; - Socket s(ip.sin4.sin_family, SOCK_STREAM); - s.setNonBlocking(); - localip = pdns::getQueryLocalAddress(ip.sin4.sin_family, 0); - s.bind(localip); - - std::shared_ptr tlsCtx{nullptr}; - if (SyncRes::s_dot_to_port_853 && ip.getPort() == 853) { - TLSContextParameters tlsParams; - tlsParams.d_provider = "openssl"; - tlsParams.d_validateCertificates = false; - //tlsParams.d_caStore = caaStore; - tlsCtx = getTLSContext(tlsParams); - if (tlsCtx == nullptr) { - g_log << Logger::Error << "DoT to " << ip << " requested but not available" << endl; - } - else { - dnsOverTLS = true; - } - } - connection.d_handler = std::make_shared("", s.releaseHandle(), timeout, tlsCtx, now->tv_sec); - // Returned state ignored - connection.d_handler->tryConnect(SyncRes::s_tcp_fast_open_connect, ip); - } + bool isNew = tcpconnect(*now, ip, connection, dnsOverTLS); localip.sin4.sin_family = ip.sin4.sin_family; socklen_t slen = ip.getSocklen(); getsockname(connection.d_handler->getDescriptor(), reinterpret_cast(&localip), &slen); diff --git a/pdns/recursordist/rec-tcpout.hh b/pdns/recursordist/rec-tcpout.hh index 4caa42713d..2c07655ac3 100644 --- a/pdns/recursordist/rec-tcpout.hh +++ b/pdns/recursordist/rec-tcpout.hh @@ -52,7 +52,7 @@ public: size_t d_numqueries{0}; }; - void store(const struct timeval &now, const ComboAddress& ip, Connection&& connection); + void store(const struct timeval& now, const ComboAddress& ip, Connection&& connection); Connection get(const ComboAddress& ip); void cleanup(const struct timeval& now);