Changeset 117

Timestamp:

01/05/03 23:09:24 (10 years ago)

Author:

ahu

Message:

recursorrr

Location:

trunk/pdns/pdns

Files:

• communicator.cc (modified) (1 diff)
• docs/pdns.sgml (modified) (3 diffs)
• dynhandler.cc (modified) (1 diff)
• recns.cc (modified) (2 diffs)
• syncres.cc (modified) (4 diffs)

trunk/pdns/pdns/communicator.cc

@@ -259 +259 @@
     }
     catch(ResolverException &re) {
-      L<<Logger::Error<<"Trying to retrieve/refresh '"+i->zone+"': "+re.reason<<endl;
+      L<<Logger::Error<<"Error trying to retrieve/refresh '"+i->zone+"': "+re.reason<<endl;
     }
   }

trunk/pdns/pdns/docs/pdns.sgml

@@ -1 +1 @@
 <!DOCTYPE Book PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
-
 <Book>
-  
   <BookInfo>
-    
     <Title>PowerDNS manual</Title>
     <AUTHOR>
@@ -12 +9 @@
           <email>pdns@powerdns.com</email>
         </address>
-        
       </affiliation>
     </author>
     
-    <PubDate>v2.1 $Date: 2003/01/03 18:00:12 $</PubDate>
+    <PubDate>v2.1 $Date: 2003/01/05 22:09:24 $</PubDate>
     
     <Abstract>
@@ -3794 +3790 @@
             </para></listitem>
           <listitem><para>
-              Has a broken algorithm.
+              Does not expire entries from its cache
             </para></listitem>
           <listitem><para>
-              Can get into a loop when resolving.
-            </para></listitem>
-          <listitem><para>
-              Does not cache enough due to blatantly paranoid 'trust-rules', or more exactly 'no-trust' rules.
+              Fakes the TTL of NS records in the additional section
             </para></listitem>
           <listitem><para>

trunk/pdns/pdns/dynhandler.cc

@@ -174 +174 @@
 }
 
-
 string DLVersionHandler(const vector<string>&parts, Utility::pid_t ppid)
 {
-
   return VERSION;
 }

trunk/pdns/pdns/recns.cc

@@ -100 +100 @@
 
 extern void init(void);
-string doResolve(const string &qname, int depth=0);
-string doResolve(vector<string> nameservers, const string &qname, int depth=0);
-
+
+bool beginResolve(const string &qname, const QType &qtype, vector<DNSResourceRecord>&ret);
 
 void startDoResolve(void *p)
 {
   try {
-    cout<<"Passed: "<<p<<endl;
     DNSPacket P=*(DNSPacket *)p;
     delete (DNSPacket *)p;
     
-    string ip=doResolve(P.qdomain);
-    cout<<"done: "<<ip<<endl;
+    vector<DNSResourceRecord>ret;
     DNSPacket *R=P.replyPacket();
-    DNSResourceRecord rr;
-    rr.qname=P.qdomain;
-    rr.qtype=QType::A;
-    rr.content=ip;
-    rr.ttl=3600;
-    R->addRecord(rr);
+    if(!beginResolve(P.qdomain, P.qtype, ret))
+      R->setRcode(RCode::ServFail);
+    else
+      for(vector<DNSResourceRecord>::const_iterator i=ret.begin();i!=ret.end();++i)
+        R->addRecord(*i);
+
     const char *buffer=R->getData();
     sendto(d_sock,buffer,R->len,0,(struct sockaddr *)(R->remote),R->d_socklen);
+    delete R;
   }
   catch(AhuException &ae) {
@@ -202 +200 @@
       }
       else {
-        cout<<"new question for '"<<P.qdomain<<"'"<<endl;
+        cout<<"new question arrived for '"<<P.qdomain<<"|"<<P.qtype.getName()<<"'"<<endl;
         MT.makeThread(startDoResolve,(void*)new DNSPacket(P));
       }

trunk/pdns/pdns/syncres.cc

@@ -20 +20 @@
 #include <map>
 #include <algorithm>
+#include <set>
 
 #include <cerrno>
@@ -30 +31 @@
 #include "lwres.hh"
 
-typedef pair<vector<string>,vector<DNSResourceRecord> > CacheVal;
-typedef multimap<string,CacheVal> cache_t;
+typedef map<string, set<string> > nscache_t;
+nscache_t nscache;
+
+typedef map<string,vector<DNSResourceRecord> > cache_t;
 cache_t cache;
 
 vector<string>rootservers;
-map<string,string> hints;
-
-string doResolve(vector<string> nameservers, const string &qname, int depth=0);
-
-string doResolve(const string &qname, int depth=0)
-{
-  if(hints.find(toLower(qname))!=hints.end()) {
-    string prefix;
-    prefix.assign(3*depth, ' ');
-
-    cerr<<prefix<<qname<<": resolved via hint cache to "<<hints[toLower(qname)]<<endl;
-    return hints[toLower(qname)];
-  }
-  
-  return doResolve(rootservers, qname,depth);
-}
-
-string doResolve(vector<string> nameservers, const string &qname, int depth)
+
+
+bool doResolve(set<string> nameservers, string auth, const string &qname, const QType &qtype, vector<DNSResourceRecord>&ret,int depth=0);
+bool doResolve(const string &qname, const QType &qtype, vector<DNSResourceRecord>&ret, int depth=0);
+
+string getA(const string &qname, int depth=0)
+{
+  vector<DNSResourceRecord> res;
+  string ret;
+
+  if(doResolve(qname,QType(QType::A), res,depth+1)) 
+    ret=res[0].content;
+
+  return ret;
+}
+
+void getBestNSFromCache(const string &qname, vector<DNSResourceRecord>&ret, int depth=0)
+{
+  string prefix;
+  prefix.assign(3*depth, ' ');
+
+  vector<string>parts;
+  stringtok(parts,qname,".");  // www.us.powerdns.com -> 'www' 'us' 'powerdns' 'com'
+  
+  unsigned int spos=0;
+  string subdomain;
+
+  while(spos<=parts.size()) {
+    if(spos<parts.size()) { // www.us.powerdns.com -> us.powerdns.com -> powerdns.com -> com ->
+      subdomain=parts[spos++];
+      for(unsigned int i=spos;i<parts.size();++i) {
+        subdomain+=".";
+        subdomain+=parts[i];
+      }
+    }
+    else {
+      subdomain=""; // ROOT!
+      spos++;
+    }
+    cout<<prefix<<qname<<": Checking if we have NS for '"<<subdomain<<"'"<<endl;
+    nscache_t::const_iterator j=nscache.find(toLower(subdomain));
+    if(j!=nscache.end() && j->first==toLower(subdomain)) {
+      cout<<prefix<<qname<<": Adding authority records for '"<<subdomain<<"'"<<endl;
+      for(set<string>::const_iterator k=j->second.begin();k!=j->second.end();++k) {
+        DNSResourceRecord rr;
+        rr.qname=subdomain;
+        rr.content=*k;
+        rr.ttl=1234;
+        rr.qtype=QType(QType::NS);
+        rr.d_place=DNSResourceRecord::AUTHORITY;
+        ret.push_back(rr);
+      }
+      return;
+    }
+  }
+}
+
+
+
+void addCruft(const string &qname, vector<DNSResourceRecord>& ret)
+{
+  getBestNSFromCache(qname,ret);
+  
+  cout<<qname<<": Additional processing"<<endl;
+  vector<DNSResourceRecord> addit;
+  for(vector<DNSResourceRecord>::const_iterator k=ret.begin();k!=ret.end();++k) 
+    if((k->d_place==DNSResourceRecord::ANSWER && k->qtype==QType(QType::MX)) || 
+       (k->d_place==DNSResourceRecord::AUTHORITY && k->qtype==QType(QType::NS))) {
+      cout<<qname<<": record '"<<k->content<<"|"<<k->qtype.getCode()<<"' needs an IP address"<<endl;
+      doResolve(k->content,QType(QType::A),addit,1);
+    }
+
+  
+  for(vector<DNSResourceRecord>::iterator k=addit.begin();k!=addit.end();++k) {
+    k->d_place=DNSResourceRecord::ADDITIONAL;
+    ret.push_back(*k);
+  }
+}
+
+bool beginResolve(const string &qname, const QType &qtype, vector<DNSResourceRecord>&ret)
+{
+  bool res=doResolve(qname, qtype, ret,0);
+  if(res)
+    addCruft(qname, ret);
+  return res;
+}
+
+
+bool doResolve(const string &qname, const QType &qtype, vector<DNSResourceRecord>&ret, int depth)
+{
+  string prefix;
+  prefix.assign(3*depth, ' ');
+  
+  // see if we have a CNAME hit
+  string tuple=toLower(qname)+"|CNAME";
+  cout<<prefix<<"Looking for CNAME cache hit of '"<<tuple<<"'"<<endl;
+
+  cache_t::const_iterator i=cache.find(tuple);
+  if(i!=cache.end() && i->first==tuple) { // found it
+    cout<<prefix<<"Found cache CNAME hit for '"<<tuple<<"' to '"<<i->second.begin()->content<<"'"<<endl;    
+    for(vector<DNSResourceRecord>::const_iterator j=i->second.begin();j!=i->second.end();++j)
+      ret.push_back(*j);
+    return doResolve(i->second.begin()->content, qtype, ret, depth);
+  }
+
+  tuple=toLower(qname)+"|"+qtype.getName();
+  cout<<prefix<<"Looking for direct cache hit of '"<<tuple<<"'"<<endl;
+
+  i=cache.find(tuple);
+  if(i!=cache.end() && i->first==tuple) { // found it
+    cout<<prefix<<"Found cache hit for '"<<tuple<<"': ";
+    for(vector<DNSResourceRecord>::const_iterator j=i->second.begin();j!=i->second.end();++j) {
+      cout<<j->content<<" ";
+      ret.push_back(*j);
+    }
+    cout<<endl;
+    return true;
+  }
+
+  
+  cout<<prefix<<"No cache hit for '"<<tuple<<"', trying to find an appropriate NS record"<<endl;
+  // bummer, get the best NS record then
+
+  vector<string>parts;
+  stringtok(parts,qname,".");  // www.us.powerdns.com -> 'www' 'us' 'powerdns' 'com'
+  
+  unsigned int spos=0;
+  string subdomain;
+
+  while(spos<=parts.size()) {
+    if(spos<parts.size()) { // www.us.powerdns.com -> us.powerdns.com -> powerdns.com -> com ->
+      subdomain=parts[spos++];
+      for(unsigned int i=spos;i<parts.size();++i) {
+        subdomain+=".";
+        subdomain+=parts[i];
+      }
+    }
+    else {
+      subdomain=""; // ROOT!
+      spos++;
+    }
+    cout<<prefix<<qname<<": Checking if we have NS for '"<<subdomain<<"'"<<endl;
+    nscache_t::const_iterator j=nscache.find(toLower(subdomain));
+    if(j!=nscache.end() && j->first==toLower(subdomain)) {
+      cout<<prefix<<"Found NS for '"<<subdomain<<"', heading there for further questions"<<endl;
+      bool hasResults=doResolve(j->second,subdomain,qname,qtype,ret,depth);
+      if(!hasResults)
+        continue; // perhaps less specific nameservers can help us
+
+      return true;
+    }
+  }
+  return false;
+}
+
+bool endsOn(const string &domain, const string &suffix) 
+{
+  if(domain==suffix || suffix.empty())
+    return true;
+  if(domain.size()<suffix.size())
+    return false;
+  return (domain.substr(domain.size()-suffix.size()-1,suffix.size()+1)=="."+suffix);
+}
+
+bool doResolve(set<string> nameservers, string auth, const string &qname, const QType &qtype, vector<DNSResourceRecord>&ret, int depth)
 {
   string prefix;
@@ -60 +210 @@
   LWRes::res_t result;
   vector<DNSResourceRecord>usefulrrs;
-  vector<string> nsset;  
-  cerr<<prefix<<qname<<": start of recursion!"<<endl;
-
-  for(;;) {
+  set<string> nsset;  
+  cout<<prefix<<qname<<": start of recursion!"<<endl;
+
+
+  for(;;) { // we may get more specific nameservers
     result.clear();
 
-    for(cache_t::const_iterator i=cache.find(qname);i!=cache.end() && i->first==qname;++i) {
-      cerr<<prefix<<qname<<": potential cache hit!"<<endl;
-
-      sort(nameservers.begin(),nameservers.end());
-      if(nameservers==i->second.first) {
-        cerr<<prefix<<qname<<": REAL cache hit, "<<i->second.second.size()<<" records"<<endl;
-        result=i->second.second;
-
+    vector<string>rnameservers;
+    for(set<string>::const_iterator i=nameservers.begin();i!=nameservers.end();++i)
+      rnameservers.push_back(*i);
+
+    random_shuffle(rnameservers.begin(),rnameservers.end());
+    for(vector<string>::const_iterator i=rnameservers.begin();;++i){ 
+      if(i==rnameservers.end()) {
+        cout<<prefix<<qname<<": failed to resolve via any of the "<<rnameservers.size()<<" offered nameservers"<<endl;
+        return false;
+      }
+      cout<<prefix<<qname<<": trying to resolve nameserver "<<*i<<endl;
+      string remoteIP=getA(*i, depth+1);
+      if(remoteIP.empty()) {
+        cout<<prefix<<qname<<": failed to resolve nameserver "<<*i<<", trying next if available"<<endl;
+        continue;
+      }
+      cout<<prefix<<qname<<": resolved nameserver "<<*i<<" to "<<remoteIP<<endl;
+
+      if(r.asyncresolve(remoteIP,qname.c_str(),qtype.getCode())!=1) { // <- shouldn't this be internal?
+        cout<<prefix<<qname<<": error resolving"<<endl;
+      }
+      else {
+        result=r.result();
+        
+        cout<<prefix<<qname<<": got "<<result.size()<<" answers from "<<*i<<" ("<<remoteIP<<")"<<endl;
         break;
       }
     }
-    if(result.empty()) {
-
-      cerr<<prefix<<qname<<": no cache hit"<<endl;
-  
-      random_shuffle(nameservers.begin(),nameservers.end());
-      for(vector<string>::const_iterator i=nameservers.begin();;++i){ 
-        if(i==nameservers.end()) {
-          cerr<<prefix<<qname<<": failed to resolve via any of the "<<nameservers.size()<<" offered nameservers"<<endl;
-          return "";
-        }
-        cerr<<prefix<<qname<<": trying to resolve nameserver "<<*i<<endl;
-        string remoteIP=doResolve(*i,depth+1);
-        if(remoteIP.empty()) {
-          cerr<<prefix<<qname<<": failed to resolve nameserver "<<*i<<", trying next if available"<<endl;
-          continue;
-        }
-        cerr<<prefix<<qname<<": resolved nameserver "<<*i<<" to "<<remoteIP<<endl;
-
-        if(r.asyncresolve(remoteIP,qname.c_str(),QType::A)!=1) {
-          cerr<<prefix<<qname<<": error resolving"<<endl;
-        }
-        else {
-          result=r.result();
-          
-          cerr<<prefix<<qname<<": got "<<result.size()<<" answers from "<<*i<<" ("<<remoteIP<<")"<<endl;
-          break;
-        }
-      }
-      usefulrrs.clear();
-      for(LWRes::res_t::const_iterator i=result.begin();i!=result.end();++i) 
-        if(i->d_place==DNSResourceRecord::ANSWER || (i->d_place==DNSResourceRecord::AUTHORITY && i->qtype.getCode()==QType::NS))
-          usefulrrs.push_back(*i);
+
+
+    cache_t tcache;
+    // reap all answers from this packet that are acceptable
+    for(LWRes::res_t::const_iterator i=result.begin();i!=result.end();++i) {
+      cout<<prefix<<qname<<": accept answer '"<<i->qname<<"|"<<i->qtype.getName()<<"|"<<i->content<<"' from '"<<auth<<"' nameservers? ";
+      if(endsOn(i->qname, auth)) {
+        cout<<"YES!"<<endl;
+
+        if(i->qtype.getCode()==QType::NS)
+          nscache[toLower(i->qname)].insert(toLower(i->content));
+        DNSResourceRecord rr=*i;
+        rr.d_place=DNSResourceRecord::ANSWER;
+        tcache[toLower(i->qname)+"|"+i->qtype.getName()].push_back(rr);
+      }
+      else
+        cout<<"NO!"<<endl;
+
+    }
+  
+    for(cache_t::const_iterator i=tcache.begin();i!=tcache.end();++i)
+      cache[i->first]=i->second;
+    
+    nsset.clear();
+
+    for(LWRes::res_t::const_iterator i=result.begin();i!=result.end();++i) {
       
-      if(!usefulrrs.empty()) {
-        CacheVal cv;
-        sort(nameservers.begin(),nameservers.end());
-        cv.first=nameservers;
-        cv.second=usefulrrs;
-        cache.insert(make_pair(qname,cv));
-      }
-    }
-
-    nsset.clear();
-    for(LWRes::res_t::const_iterator i=result.begin();i!=result.end();++i) {
-      //    cerr<<prefix<<(int)i->d_place<<" "<<i->qname<<" "<<i->qtype.getName()<<" "<<i->content<<endl;
       if(i->d_place==DNSResourceRecord::ANSWER && i->qname==qname && i->qtype.getCode()==QType::CNAME) {
-        cerr<<prefix<<qname<<": got a CNAME referral, starting over with "<<i->content<<endl<<endl;
-        return doResolve(i->content, 0);
-      }
-      if(i->d_place==DNSResourceRecord::ANSWER && i->qname==qname && i->qtype.getCode()==QType::A) {
-        cerr<<prefix<<qname<<": resolved to "<<i->content<<endl;
-        return i->content;
-      }
-      if(i->d_place==DNSResourceRecord::AUTHORITY && i->qtype.getCode()==QType::NS) {
-        cerr<<prefix<<qname<<": got NS record "<<i->content<<endl;
-        nsset.push_back(i->content);
-      }
+        cout<<prefix<<qname<<": got a CNAME referral, starting over with "<<i->content<<endl<<endl;
+        ret.push_back(*i);
+        return doResolve(i->content, qtype, ret,0);
+      }
+      if(i->d_place==DNSResourceRecord::ANSWER && i->qname==qname && i->qtype==qtype) {
+        cout<<prefix<<qname<<": resolved to "<<i->content<<endl;
+        ret.push_back(*i);
+      }
+      if(i->d_place==DNSResourceRecord::AUTHORITY && i->qtype.getCode()==QType::NS) { // XXX FIXME check if suffix!
+        auth=i->qname;
+        cout<<prefix<<qname<<": got NS record "<<i->content<<endl;
+        nsset.insert(toLower(i->content));
+      }
+    }
+    if(!ret.empty()){ 
+      cout<<prefix<<qname<<": got results, returning"<<endl;
+      return true;
     }
     if(nsset.empty()) {
-      cerr<<prefix<<qname<<": did not resolve "<<qname<<", did not get referral"<<endl;
-      return "";
-    }
-
-    cerr<<prefix<<qname<<": did not resolve "<<qname<<", did get "<<nsset.size()<<" nameservers, looping to them"<<endl;
+      cout<<prefix<<qname<<": did not resolve "<<qname<<", did not get referral"<<endl;
+      return false;
+    }
+    
+    cout<<prefix<<qname<<": did not resolve "<<qname<<", did get "<<nsset.size()<<" nameservers, looping to them"<<endl;
     nameservers=nsset;
   }
+  return false;
 }
 
@@ -151 +308 @@
                      "192.5.5.241", "192.112.36.4", "128.63.2.53", "192.36.148.17",
                      "198.41.0.10", "193.0.14.129", "198.32.64.12", "202.12.27.33"};
-
+  DNSResourceRecord rr;
+  rr.qtype=QType::A;
+  rr.ttl=86400;
   for(char c='a';c<='m';++c) {
     static char templ[40];
     strncpy(templ,"a.root-servers.net", sizeof(templ) - 1);
     *templ=c;
-    rootservers.push_back(templ);
-    hints[templ]=ips[c-'a'];
-  }
-}
+    nscache[""].insert(string(templ));
+    rr.qname=templ;
+    rr.content=ips[c-'a'];
+    cache[string(templ)+"|A"].push_back(rr);
+  }
+}