3202. [bug] NOEDNS caching on timeout was too agressive.

                        [RT #26416]

diff --git a/CHANGES b/CHANGES
index 0808b39d81e2a6fb0c7a03f4cec0f0e1cb50c47d..f9b9a91f7c31acfcd5389cda4e901674bb7bc07c 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+3202.  [bug]           NOEDNS caching on timeout was too agressive.
+                       [RT #26416]
+
 3201.  [func]          'rndc querylog' can now be given an on/off parameter
                        instead of only being used as a toggle. [RT #18351]
 

diff --git a/lib/dns/include/dns/resolver.h b/lib/dns/include/dns/resolver.h
index cbf63dff5ed715431e31b50f48e9121f7fa60eb3..ec676ee88806ef3d808b8a8bc1480606122bfd4e 100644 (file)
--- a/lib/dns/include/dns/resolver.h
+++ b/lib/dns/include/dns/resolver.h
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: resolver.h,v 1.69 2011/02/03 12:18:11 tbox Exp $ */
+/* $Id: resolver.h,v 1.70 2011/11/04 03:38:44 marka Exp $ */
 
 #ifndef DNS_RESOLVER_H
 #define DNS_RESOLVER_H 1
@@ -96,6 +96,9 @@ typedef struct dns_fetchevent {
 #define DNS_FETCHOPT_EDNS512           0x40         /*%< Advertise a 512 byte
                                                          UDP buffer. */
 #define DNS_FETCHOPT_WANTNSID           0x80         /*%< Request NSID */
+#define DNS_FETCHOPT_CACHENOEDNS        0x100A      /*%< This is a candidate
+                                                         for setting NOEDNS
+                                                         in adb. */
 
 #define        DNS_FETCHOPT_EDNSVERSIONSET     0x00800000
 #define        DNS_FETCHOPT_EDNSVERSIONMASK    0xff000000

diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index d0269535ec95e719bf8325c27cedc8e2942048df..99bd7bd01145ed2edbfeee87416ea3797ca3549b 100644 (file)
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: resolver.c,v 1.438 2011/11/02 23:42:33 marka Exp $ */
+/* $Id: resolver.c,v 1.439 2011/11/04 03:38:44 marka Exp $ */
 
 /*! \file */
 
@@ -1846,6 +1846,7 @@ resquery_send(resquery_t *query) {
                     fctx->timeouts > MAX_EDNS0_TIMEOUTS) &&
                    (query->options & DNS_FETCHOPT_NOEDNS0) == 0) {
                        query->options |= DNS_FETCHOPT_NOEDNS0;
+                       query->options |= DNS_FETCHOPT_CACHENOEDNS;
                        fctx->reason = "disabling EDNS";
                } else if ((triededns(fctx, &query->addrinfo->sockaddr) ||
                            fctx->timeouts >= 1) &&
@@ -1917,21 +1918,18 @@ resquery_send(resquery_t *query) {
                goto cleanup_message;
        }
 
-       if ((query->options & DNS_FETCHOPT_NOEDNS0) == 0)
+       if ((query->options & DNS_FETCHOPT_NOEDNS0) == 0) {
                add_triededns(fctx, &query->addrinfo->sockaddr);
 
-       if ((query->options & DNS_FETCHOPT_EDNS512) != 0)
-               add_triededns512(fctx, &query->addrinfo->sockaddr);
+               if ((query->options & DNS_FETCHOPT_EDNS512) != 0)
+                       add_triededns512(fctx, &query->addrinfo->sockaddr);
+       }
 
        /*
-        * Clear CD if EDNS is not in use and set NOEDNS0 in adb.
+        * Clear CD if EDNS is not in use.
         */
-       if ((query->options & DNS_FETCHOPT_NOEDNS0) != 0) {
+       if ((query->options & DNS_FETCHOPT_NOEDNS0) != 0) 
                fctx->qmessage->flags &= ~DNS_MESSAGEFLAG_CD;
-               dns_adb_changeflags(fctx->adb, query->addrinfo,
-                                   DNS_FETCHOPT_NOEDNS0,
-                                   DNS_FETCHOPT_NOEDNS0);
-       }
 
        /*
         * Add TSIG record tailored to the current recipient.
@@ -6580,6 +6578,23 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
                        }
                }
                goto done;
+       } else if ((query->options & DNS_FETCHOPT_NOEDNS0) != 0 &&
+                  (query->options & DNS_FETCHOPT_CACHENOEDNS) != 0 &&
+                  triededns512(fctx, &query->addrinfo->sockaddr)) {
+               char addrbuf[ISC_SOCKADDR_FORMATSIZE];
+               isc_sockaddr_format(&query->addrinfo->sockaddr, addrbuf,
+               sizeof(addrbuf));
+               /*
+                * We had a successful response to a DNS_FETCHOPT_NOEDNS0
+                * query.
+                */
+                isc_log_write(dns_lctx, DNS_LOGCATEGORY_EDNS_DISABLED,
+                              DNS_LOGMODULE_RESOLVER, ISC_LOG_INFO,
+                              "%s: setting NOEDNS flag in adb cache for '%s'",
+                              fctx->info, addrbuf);
+               dns_adb_changeflags(fctx->adb, query->addrinfo,
+                                   DNS_FETCHOPT_NOEDNS0,
+                                   DNS_FETCHOPT_NOEDNS0);
        }
 
        message = fctx->rmessage;
@@ -6723,6 +6738,10 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
                char addrbuf[ISC_SOCKADDR_FORMATSIZE];
                isc_sockaddr_format(&query->addrinfo->sockaddr, addrbuf,
                                    sizeof(addrbuf));
+               isc_log_write(dns_lctx, DNS_LOGCATEGORY_EDNS_DISABLED,
+                             DNS_LOGMODULE_RESOLVER, ISC_LOG_INFO,
+                             "%s: changed rcode: setting NOEDNS flag in "
+                             "adb cache for '%s'", fctx->info, addrbuf);
                dns_adb_changeflags(fctx->adb, query->addrinfo,
                                    DNS_FETCHOPT_NOEDNS0,
                                    DNS_FETCHOPT_NOEDNS0);