Bearzi, Jodok Vieli, and Cagin Tanir from NetSec group, ETH Zurich.
+8 August 2024: Wouter
+ - Fix CAMP issues with global quota. Thanks to Huayi Duan, Marco
+ Bearzi, Jodok Vieli, and Cagin Tanir from NetSec group, ETH Zurich.
+
2 August 2024: Wouter
- Fix that alloc stats has strdup checks, it stops debuggers from
complaining about mismatch at free time.
iq->target_count[TARGET_COUNT_NX] += num;
}
+static void
+target_count_increase_global_quota(struct iter_qstate* iq, int num)
+{
+ target_count_create(iq);
+ if(iq->target_count)
+ iq->target_count[TARGET_COUNT_GLOBAL_QUOTA] += num;
+}
+
/**
* Generate a subrequest.
* Generate a local request event. Local events are tied to this module, and
}
}
+ target_count_increase_global_quota(iq, 1);
+ if(iq->target_count && iq->target_count[TARGET_COUNT_GLOBAL_QUOTA]
+ > MAX_GLOBAL_QUOTA) {
+ char s[LDNS_MAX_DOMAINLEN+1];
+ dname_str(qstate->qinfo.qname, s);
+ verbose(VERB_QUERY, "request %s has exceeded the maximum "
+ "global quota on number of upstream queries %d", s,
+ iq->target_count[TARGET_COUNT_GLOBAL_QUOTA]);
+ return error_response_cache(qstate, id, LDNS_RCODE_SERVFAIL);
+ }
+
/* Do not check ratelimit for forwarding queries or if we already got a
* pass. */
sq_check_ratelimit = (!(iq->chase_flags & BIT_RD) && !iq->ratelimit_ok);
/** max number of targets spawned for a query and its subqueries */
#define MAX_TARGET_COUNT 64
+/** max number of upstream queries for a query and its subqueries, it is
+ * never reset. */
+#define MAX_GLOBAL_QUOTA 128
/** max number of target lookups per qstate, per delegation point */
#define MAX_DP_TARGET_COUNT 16
/** max number of nxdomains allowed for target lookups for a query and
TARGET_COUNT_QUERIES,
/** Number of nxdomain responses encountered. */
TARGET_COUNT_NX,
+ /** Global quota on number of queries to upstream servers per
+ * client request, that is never reset. */
+ TARGET_COUNT_GLOBAL_QUOTA,
/** This should stay last here, it is used for the allocation */
TARGET_COUNT_MAX,
projects / thirdparty / unbound.git / commitdiff
