Lines Matching +full:num +full:- +full:transfer +full:- +full:bits
2 * daemon/worker.c - worker that handles a pending list of requests.
132 front = listen_get_mem(worker->front); in worker_mem_report()
133 back = outnet_get_mem(worker->back); in worker_mem_report()
134 msg = slabhash_get_mem(worker->env.msg_cache); in worker_mem_report()
135 rrset = slabhash_get_mem(&worker->env.rrset_cache->table); in worker_mem_report()
136 infra = infra_get_mem(worker->env.infra_cache); in worker_mem_report()
137 mesh = mesh_get_mem(worker->env.mesh); in worker_mem_report()
138 ac = alloc_get_mem(worker->alloc); in worker_mem_report()
139 superac = alloc_get_mem(&worker->daemon->superalloc); in worker_mem_report()
140 anch = anchors_get_mem(worker->env.anchors); in worker_mem_report()
143 for(i=0; i<worker->env.mesh->mods.num; i++) { in worker_mem_report()
144 fptr_ok(fptr_whitelist_mod_get_mem(worker->env.mesh-> in worker_mem_report()
145 mods.mod[i]->get_mem)); in worker_mem_report()
146 if(strcmp(worker->env.mesh->mods.mod[i]->name, "validator")==0) in worker_mem_report()
147 val += (*worker->env.mesh->mods.mod[i]->get_mem) in worker_mem_report()
148 (&worker->env, i); in worker_mem_report()
150 else if(strcmp(worker->env.mesh->mods.mod[i]->name, in worker_mem_report()
152 subnet += (*worker->env.mesh->mods.mod[i]->get_mem) in worker_mem_report()
153 (&worker->env, i); in worker_mem_report()
155 else iter += (*worker->env.mesh->mods.mod[i]->get_mem) in worker_mem_report()
156 (&worker->env, i); in worker_mem_report()
158 me = sizeof(*worker) + sizeof(*worker->base) + sizeof(*worker->comsig) in worker_mem_report()
159 + comm_point_get_mem(worker->cmd_com) in worker_mem_report()
160 + sizeof(worker->rndstate) in worker_mem_report()
161 + regional_get_mem(worker->scratchpad) in worker_mem_report()
162 + sizeof(*worker->env.scratch_buffer) in worker_mem_report()
163 + sldns_buffer_capacity(worker->env.scratch_buffer); in worker_mem_report()
164 if(worker->daemon->env->fwds) in worker_mem_report()
165 log_info("forwards=%u", (unsigned)forwards_get_mem(worker->env.fwds)); in worker_mem_report()
166 if(worker->daemon->env->hints) in worker_mem_report()
167 log_info("hints=%u", (unsigned)hints_get_mem(worker->env.hints)); in worker_mem_report()
168 if(worker->thread_num == 0) in worker_mem_report()
169 me += acl_list_get_mem(worker->daemon->acl); in worker_mem_report()
193 log_info("Total heap memory estimate: %u total-alloc: %u " in worker_mem_report()
194 "total-free: %u", (unsigned)total, in worker_mem_report()
204 for(i=0; i<worker->env.mesh->mods.num; i++) { in worker_mem_report()
205 fptr_ok(fptr_whitelist_mod_get_mem(worker->env.mesh-> in worker_mem_report()
206 mods.mod[i]->get_mem)); in worker_mem_report()
207 if(strcmp(worker->env.mesh->mods.mod[i]->name, "validator")==0) in worker_mem_report()
208 val += (*worker->env.mesh->mods.mod[i]->get_mem) in worker_mem_report()
209 (&worker->env, i); in worker_mem_report()
211 else if(strcmp(worker->env.mesh->mods.mod[i]->name, in worker_mem_report()
213 subnet += (*worker->env.mesh->mods.mod[i]->get_mem) in worker_mem_report()
214 (&worker->env, i); in worker_mem_report()
220 (unsigned)slabhash_get_mem(worker->env.msg_cache), in worker_mem_report()
221 (unsigned)slabhash_get_mem(&worker->env.rrset_cache->table), in worker_mem_report()
222 (unsigned)infra_get_mem(worker->env.infra_cache), in worker_mem_report()
226 (unsigned)slabhash_get_mem(worker->env.msg_cache), in worker_mem_report()
227 (unsigned)slabhash_get_mem(&worker->env.rrset_cache->table), in worker_mem_report()
228 (unsigned)infra_get_mem(worker->env.infra_cache), in worker_mem_report()
238 if(!tube_write_msg(worker->cmd, (uint8_t*)&c, sizeof(c), 0)) { in worker_send_cmd()
248 struct worker* worker = e->qstate->env->worker; in worker_handle_service_reply()
249 struct serviced_query *sq = e->qsent; in worker_handle_service_reply()
251 verbose(VERB_ALGO, "worker svcd callback for qstate %p", e->qstate); in worker_handle_service_reply()
253 mesh_report_reply(worker->env.mesh, e, reply_info, error); in worker_handle_service_reply()
258 if(!LDNS_QR_WIRE(sldns_buffer_begin(c->buffer)) in worker_handle_service_reply()
259 || LDNS_OPCODE_WIRE(sldns_buffer_begin(c->buffer)) != in worker_handle_service_reply()
261 || LDNS_QDCOUNT(sldns_buffer_begin(c->buffer)) > 1) { in worker_handle_service_reply()
265 mesh_report_reply(worker->env.mesh, e, reply_info, in worker_handle_service_reply()
270 mesh_report_reply(worker->env.mesh, e, reply_info, NETEVENT_NOERROR); in worker_handle_service_reply()
278 * @return value of err if okay, or -1 if it should be discarded instead.
283 if(worker->err_limit_time == *worker->env.now) { in worker_err_ratelimit()
285 if(worker->err_limit_count++ > ERROR_RATELIMIT) in worker_err_ratelimit()
286 return -1; in worker_err_ratelimit()
289 worker->err_limit_time = *worker->env.now; in worker_err_ratelimit()
290 worker->err_limit_count = 1; in worker_err_ratelimit()
313 if(out->checked) return; in worker_check_request()
314 out->checked = 1; in worker_check_request()
317 out->value = -1; in worker_check_request()
321 worker->daemon->cfg->harden_large_queries) { in worker_check_request()
323 out->value = -1; in worker_check_request()
328 out->value = -1; in worker_check_request()
334 out->value = worker_err_ratelimit(worker, LDNS_RCODE_FORMERR); in worker_check_request()
341 out->value = worker_err_ratelimit(worker, LDNS_RCODE_NOTIMPL); in worker_check_request()
347 out->value = worker_err_ratelimit(worker, LDNS_RCODE_FORMERR); in worker_check_request()
355 out->value = worker_err_ratelimit(worker, LDNS_RCODE_FORMERR); in worker_check_request()
361 out->value = worker_err_ratelimit(worker, LDNS_RCODE_FORMERR); in worker_check_request()
367 out->value = worker_err_ratelimit(worker, LDNS_RCODE_FORMERR); in worker_check_request()
370 out->value = 0; in worker_check_request()
383 comm_base_exit(worker->base); in worker_handle_control_cmd()
395 comm_base_exit(worker->base); in worker_handle_control_cmd()
423 size_t num = rep->an_numrrsets + rep->ns_numrrsets; in check_delegation_secure() local
425 for(i=0; i<num; i++) { in check_delegation_secure()
426 s = ((struct packed_rrset_data*)rep->rrsets[i]->entry.data) in check_delegation_secure()
427 ->security; in check_delegation_secure()
432 for(i=num; i<rep->rrset_count; i++) { in check_delegation_secure()
433 s = ((struct packed_rrset_data*)rep->rrsets[i]->entry.data) in check_delegation_secure()
434 ->security; in check_delegation_secure()
449 for(i = rep->an_numrrsets+rep->ns_numrrsets; i<rep->rrset_count; i++) { in deleg_remove_nonsecure_additional()
450 s = ((struct packed_rrset_data*)rep->rrsets[i]->entry.data) in deleg_remove_nonsecure_additional()
451 ->security; in deleg_remove_nonsecure_additional()
453 memmove(rep->rrsets+i, rep->rrsets+i+1, in deleg_remove_nonsecure_additional()
455 (rep->rrset_count - i - 1)); in deleg_remove_nonsecure_additional()
456 rep->ar_numrrsets--; in deleg_remove_nonsecure_additional()
457 rep->rrset_count--; in deleg_remove_nonsecure_additional()
458 i--; in deleg_remove_nonsecure_additional()
478 uint16_t udpsize = edns->udp_size; in answer_norec_from_cache()
480 time_t timenow = *worker->env.now; in answer_norec_from_cache()
482 int must_validate = (!has_cd_bit || worker->env.cfg->ignore_cd) in answer_norec_from_cache()
483 && worker->env.need_to_validate; in answer_norec_from_cache()
487 dp = dns_cache_find_delegation(&worker->env, qinfo->qname, in answer_norec_from_cache()
488 qinfo->qname_len, qinfo->qtype, qinfo->qclass, in answer_norec_from_cache()
489 worker->scratchpad, &msg, timenow, 0, NULL, 0); in answer_norec_from_cache()
496 msg->qinfo.local_alias = qinfo->local_alias; in answer_norec_from_cache()
498 switch(check_delegation_secure(msg->rep)) { in answer_norec_from_cache()
506 edns->edns_version = EDNS_ADVERTISED_VERSION; in answer_norec_from_cache()
507 edns->udp_size = EDNS_ADVERTISED_SIZE; in answer_norec_from_cache()
508 edns->ext_rcode = 0; in answer_norec_from_cache()
509 edns->bits &= EDNS_DO; in answer_norec_from_cache()
510 if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, NULL, in answer_norec_from_cache()
511 msg->rep, LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad, in answer_norec_from_cache()
512 worker->env.now_tv)) in answer_norec_from_cache()
515 if(worker->env.cfg->ede && in answer_norec_from_cache()
516 msg->rep->reason_bogus != LDNS_EDE_NONE) { in answer_norec_from_cache()
517 edns_opt_list_append_ede(&edns->opt_list_out, in answer_norec_from_cache()
518 worker->scratchpad, msg->rep->reason_bogus, in answer_norec_from_cache()
519 msg->rep->reason_bogus_str); in answer_norec_from_cache()
521 error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL, in answer_norec_from_cache()
522 &msg->qinfo, id, flags, edns); in answer_norec_from_cache()
523 if(worker->stats.extended) { in answer_norec_from_cache()
524 worker->stats.ans_bogus++; in answer_norec_from_cache()
525 worker->stats.ans_rcode[LDNS_RCODE_SERVFAIL]++; in answer_norec_from_cache()
530 /* remove non-secure rrsets from the add. section*/ in answer_norec_from_cache()
531 if(worker->env.cfg->val_clean_additional) in answer_norec_from_cache()
532 deleg_remove_nonsecure_additional(msg->rep); in answer_norec_from_cache()
544 edns->edns_version = EDNS_ADVERTISED_VERSION; in answer_norec_from_cache()
545 edns->udp_size = EDNS_ADVERTISED_SIZE; in answer_norec_from_cache()
546 edns->ext_rcode = 0; in answer_norec_from_cache()
547 edns->bits &= EDNS_DO; in answer_norec_from_cache()
548 if(worker->env.cfg->disable_edns_do && (edns->bits & EDNS_DO)) in answer_norec_from_cache()
549 edns->edns_present = 0; in answer_norec_from_cache()
550 if(!inplace_cb_reply_cache_call(&worker->env, qinfo, NULL, msg->rep, in answer_norec_from_cache()
551 (int)(flags&LDNS_RCODE_MASK), edns, repinfo, worker->scratchpad, in answer_norec_from_cache()
552 worker->env.now_tv)) in answer_norec_from_cache()
554 msg->rep->flags |= BIT_QR|BIT_RA; in answer_norec_from_cache()
557 if(worker->env.cfg->ede && has_cd_bit && in answer_norec_from_cache()
558 (check_delegation_secure(msg->rep) == sec_status_bogus || in answer_norec_from_cache()
559 check_delegation_secure(msg->rep) == sec_status_secure_sentinel_fail) && in answer_norec_from_cache()
560 msg->rep->reason_bogus != LDNS_EDE_NONE) { in answer_norec_from_cache()
561 edns_opt_list_append_ede(&edns->opt_list_out, in answer_norec_from_cache()
562 worker->scratchpad, msg->rep->reason_bogus, in answer_norec_from_cache()
563 msg->rep->reason_bogus_str); in answer_norec_from_cache()
565 if(!reply_info_answer_encode(&msg->qinfo, msg->rep, id, flags, in answer_norec_from_cache()
566 repinfo->c->buffer, 0, 1, worker->scratchpad, in answer_norec_from_cache()
567 udpsize, edns, (int)(edns->bits & EDNS_DO), secure)) { in answer_norec_from_cache()
568 if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, NULL, NULL, in answer_norec_from_cache()
569 LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad, in answer_norec_from_cache()
570 worker->env.now_tv)) in answer_norec_from_cache()
571 edns->opt_list_inplace_cb_out = NULL; in answer_norec_from_cache()
572 error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL, in answer_norec_from_cache()
573 &msg->qinfo, id, flags, edns); in answer_norec_from_cache()
575 if(worker->stats.extended) { in answer_norec_from_cache()
576 if(secure) worker->stats.ans_secure++; in answer_norec_from_cache()
577 server_stats_insrcode(&worker->stats, repinfo->c->buffer); in answer_norec_from_cache()
597 if(qinfo->qtype != LDNS_RR_TYPE_A && in apply_respip_action()
598 qinfo->qtype != LDNS_RR_TYPE_AAAA && in apply_respip_action()
599 qinfo->qtype != LDNS_RR_TYPE_ANY) in apply_respip_action()
603 alias_rrset, 0, worker->scratchpad, az, NULL)) in apply_respip_action()
607 * was redirected to response-ip data. */ in apply_respip_action()
617 respip_inform_print(&actinfo, qinfo->qname, in apply_respip_action()
618 qinfo->qtype, qinfo->qclass, qinfo->local_alias, in apply_respip_action()
621 if(worker->stats.extended && actinfo.rpz_used) { in apply_respip_action()
623 worker->stats.rpz_action[RPZ_DISABLED_ACTION]++; in apply_respip_action()
625 worker->stats.rpz_action[RPZ_CNAME_OVERRIDE_ACTION]++; in apply_respip_action()
627 worker->stats.rpz_action[ in apply_respip_action()
636 * Normally, the answer message will be built in repinfo->c->buffer; if the
651 time_t timenow = *worker->env.now; in answer_from_cache()
652 uint16_t udpsize = edns->udp_size; in answer_from_cache()
656 int must_validate = (!has_cd_bit || worker->env.cfg->ignore_cd) in answer_from_cache()
657 && worker->env.need_to_validate; in answer_from_cache()
661 if(rep->ttl < timenow) { in answer_from_cache()
663 if(worker->env.cfg->serve_expired && in answer_from_cache()
664 /* if serve-expired-client-timeout is set, serve in answer_from_cache()
668 (!worker->env.cfg->serve_expired_client_timeout || in answer_from_cache()
669 timenow < rep->serve_expired_norec_ttl) in answer_from_cache()
671 && !(worker->env.cachedb_enabled && in answer_from_cache()
672 worker->env.cfg->cachedb_check_when_serve_expired) in answer_from_cache()
677 if(!rrset_array_lock(rep->ref, rep->rrset_count, 0)) in answer_from_cache()
688 if(!rrset_array_lock(rep->ref, rep->rrset_count, timenow)) in answer_from_cache()
694 if(rep->an_numrrsets > 0 && (rep->rrsets[0]->rk.type == in answer_from_cache()
695 htons(LDNS_RR_TYPE_CNAME) || rep->rrsets[0]->rk.type == in answer_from_cache()
704 if(must_validate && (rep->security == sec_status_bogus || in answer_from_cache()
705 rep->security == sec_status_secure_sentinel_fail)) { in answer_from_cache()
707 edns->edns_version = EDNS_ADVERTISED_VERSION; in answer_from_cache()
708 edns->udp_size = EDNS_ADVERTISED_SIZE; in answer_from_cache()
709 edns->ext_rcode = 0; in answer_from_cache()
710 edns->bits &= EDNS_DO; in answer_from_cache()
711 if(worker->env.cfg->disable_edns_do && (edns->bits & EDNS_DO)) in answer_from_cache()
712 edns->edns_present = 0; in answer_from_cache()
713 if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, NULL, rep, in answer_from_cache()
714 LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad, in answer_from_cache()
715 worker->env.now_tv)) in answer_from_cache()
718 if(worker->env.cfg->ede && rep->reason_bogus != LDNS_EDE_NONE) { in answer_from_cache()
719 edns_opt_list_append_ede(&edns->opt_list_out, in answer_from_cache()
720 worker->scratchpad, rep->reason_bogus, in answer_from_cache()
721 rep->reason_bogus_str); in answer_from_cache()
723 error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL, in answer_from_cache()
725 rrset_array_unlock_touch(worker->env.rrset_cache, in answer_from_cache()
726 worker->scratchpad, rep->ref, rep->rrset_count); in answer_from_cache()
727 if(worker->stats.extended) { in answer_from_cache()
728 worker->stats.ans_bogus ++; in answer_from_cache()
729 worker->stats.ans_rcode[LDNS_RCODE_SERVFAIL] ++; in answer_from_cache()
732 } else if(rep->security == sec_status_unchecked && must_validate) { in answer_from_cache()
736 } else if(rep->security == sec_status_secure) { in answer_from_cache()
743 goto bail_out; /* rrset changed, re-verify */ in answer_from_cache()
749 edns->edns_version = EDNS_ADVERTISED_VERSION; in answer_from_cache()
750 edns->udp_size = EDNS_ADVERTISED_SIZE; in answer_from_cache()
751 edns->ext_rcode = 0; in answer_from_cache()
752 edns->bits &= EDNS_DO; in answer_from_cache()
753 if(worker->env.cfg->disable_edns_do && (edns->bits & EDNS_DO)) in answer_from_cache()
754 edns->edns_present = 0; in answer_from_cache()
755 *alias_rrset = NULL; /* avoid confusion if caller set it to non-NULL */ in answer_from_cache()
756 if((worker->daemon->use_response_ip || worker->daemon->use_rpz) && in answer_from_cache()
758 &repinfo->client_addr, repinfo->client_addrlen, alias_rrset, in answer_from_cache()
759 &encode_rep, worker->env.auth_zones)) { in answer_from_cache()
763 must_validate, &encode_rep, worker->scratchpad, in answer_from_cache()
764 worker->env.auth_zones)) { in answer_from_cache()
779 worker->scratchpad); in answer_from_cache()
785 worker->env.cfg->ede_serve_expired && worker->env.cfg->ede) { in answer_from_cache()
786 EDNS_OPT_LIST_APPEND_EDE(&edns->opt_list_out, in answer_from_cache()
787 worker->scratchpad, LDNS_EDE_STALE_ANSWER, ""); in answer_from_cache()
792 worker->env.cfg->ede && has_cd_bit && in answer_from_cache()
793 encode_rep->reason_bogus != LDNS_EDE_NONE) { in answer_from_cache()
794 edns_opt_list_append_ede(&edns->opt_list_out, in answer_from_cache()
795 worker->scratchpad, encode_rep->reason_bogus, in answer_from_cache()
796 encode_rep->reason_bogus_str); in answer_from_cache()
798 if(!inplace_cb_reply_cache_call(&worker->env, qinfo, NULL, encode_rep, in answer_from_cache()
799 (int)(flags&LDNS_RCODE_MASK), edns, repinfo, worker->scratchpad, in answer_from_cache()
800 worker->env.now_tv)) in answer_from_cache()
803 repinfo->c->buffer, timenow, 1, worker->scratchpad, in answer_from_cache()
804 udpsize, edns, (int)(edns->bits & EDNS_DO), in answer_from_cache()
806 if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, in answer_from_cache()
808 worker->scratchpad, worker->env.now_tv)) in answer_from_cache()
809 edns->opt_list_inplace_cb_out = NULL; in answer_from_cache()
810 error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL, in answer_from_cache()
816 rrset_array_unlock_touch(worker->env.rrset_cache, worker->scratchpad, in answer_from_cache()
817 rep->ref, rep->rrset_count); in answer_from_cache()
822 rrset_array_unlock_touch(worker->env.rrset_cache, in answer_from_cache()
823 worker->scratchpad, rep->ref, rep->rrset_count); in answer_from_cache()
837 if(repinfo->c->tcp_req_info) { in reply_and_prefetch()
839 repinfo->c->tcp_req_info->spool_buffer, in reply_and_prefetch()
840 repinfo->c->buffer); in reply_and_prefetch()
844 server_stats_prefetch(&worker->stats, worker); in reply_and_prefetch()
849 if(modstack_find(&worker->env.mesh->mods, "subnetcache") != -1 in reply_and_prefetch()
850 && worker->env.unique_mesh) { in reply_and_prefetch()
851 mesh_new_prefetch(worker->env.mesh, qinfo, flags, leeway + in reply_and_prefetch()
853 &repinfo->client_addr, opt_list); in reply_and_prefetch()
861 mesh_new_prefetch(worker->env.mesh, qinfo, flags, leeway + in reply_and_prefetch()
870 * @param num: number of strings in array.
876 chaos_replystr(sldns_buffer* pkt, char** str, int num, struct edns_data* edns, in chaos_replystr() argument
882 size_t udpsize = edns->udp_size; in chaos_replystr()
883 edns->edns_version = EDNS_ADVERTISED_VERSION; in chaos_replystr()
884 edns->udp_size = EDNS_ADVERTISED_SIZE; in chaos_replystr()
885 edns->bits &= EDNS_DO; in chaos_replystr()
886 if(!inplace_cb_reply_local_call(&worker->env, NULL, NULL, NULL, in chaos_replystr()
887 LDNS_RCODE_NOERROR, edns, repinfo, worker->scratchpad, in chaos_replystr()
888 worker->env.now_tv)) in chaos_replystr()
889 edns->opt_list_inplace_cb_out = NULL; in chaos_replystr()
896 sldns_buffer_write_u16(pkt, (uint16_t)num); /* ancount */ in chaos_replystr()
902 for(i=0; i<num; i++) { in chaos_replystr()
948 int num = 0; in chaos_trustanchor() local
951 if(!w->env.need_to_validate) { in chaos_trustanchor()
958 lock_basic_lock(&w->env.anchors->lock); in chaos_trustanchor()
959 RBTREE_FOR(ta, struct trust_anchor*, w->env.anchors->tree) { in chaos_trustanchor()
962 if(num == TA_RESPONSE_MAX_TXT) continue; in chaos_trustanchor()
963 str = (char*)regional_alloc(w->scratchpad, str_len); in chaos_trustanchor()
965 lock_basic_lock(&ta->lock); in chaos_trustanchor()
969 lock_basic_unlock(&ta->lock); in chaos_trustanchor()
972 str_array[num] = str; in chaos_trustanchor()
973 num++; in chaos_trustanchor()
976 (void)sldns_wire2str_dname_buf(ta->name, ta->namelen, str, str_len); in chaos_trustanchor()
977 str_len -= strlen(str); str += strlen(str); in chaos_trustanchor()
981 str_len -= strlen(str); str += strlen(str); in chaos_trustanchor()
983 lock_basic_unlock(&ta->lock); in chaos_trustanchor()
985 lock_basic_unlock(&w->env.anchors->lock); in chaos_trustanchor()
987 chaos_replystr(pkt, str_array, num, edns, w, repinfo); in chaos_trustanchor()
988 regional_free_all(w->scratchpad); in chaos_trustanchor()
1004 struct config_file* cfg = w->env.cfg; in answer_chaos()
1005 if(qinfo->qtype != LDNS_RR_TYPE_ANY && qinfo->qtype != LDNS_RR_TYPE_TXT) in answer_chaos()
1007 if(query_dname_compare(qinfo->qname, in answer_chaos()
1009 query_dname_compare(qinfo->qname, in answer_chaos()
1012 if(cfg->hide_identity) in answer_chaos()
1014 if(cfg->identity==NULL || cfg->identity[0]==0) { in answer_chaos()
1024 else chaos_replyonestr(pkt, cfg->identity, edns, w, repinfo); in answer_chaos()
1027 if(query_dname_compare(qinfo->qname, in answer_chaos()
1029 query_dname_compare(qinfo->qname, in answer_chaos()
1032 if(cfg->hide_version) in answer_chaos()
1034 if(cfg->version==NULL || cfg->version[0]==0) in answer_chaos()
1036 else chaos_replyonestr(pkt, cfg->version, edns, w, repinfo); in answer_chaos()
1039 if(query_dname_compare(qinfo->qname, in answer_chaos()
1042 if(cfg->hide_trustanchor) in answer_chaos()
1071 if(!w->env.auth_zones) return; in answer_notify()
1073 if(auth_zones_notify(w->env.auth_zones, &w->env, qinfo->qname, in answer_notify()
1074 qinfo->qname_len, qinfo->qclass, addr, in answer_notify()
1087 dname_str(qinfo->qname, zname); in answer_notify()
1102 edns->edns_version = EDNS_ADVERTISED_VERSION; in answer_notify()
1103 edns->udp_size = EDNS_ADVERTISED_SIZE; in answer_notify()
1104 edns->ext_rcode = 0; in answer_notify()
1105 edns->bits &= EDNS_DO; in answer_notify()
1121 log_acl_action("dropped", &repinfo->client_addr, in deny_refuse()
1122 repinfo->client_addrlen, acl, acladdr); in deny_refuse()
1123 log_buf(VERB_ALGO, "dropped", c->buffer); in deny_refuse()
1126 if(worker->stats.extended) in deny_refuse()
1127 worker->stats.unwanted_queries++; in deny_refuse()
1133 log_acl_action("refused", &repinfo->client_addr, in deny_refuse()
1134 repinfo->client_addrlen, acl, acladdr); in deny_refuse()
1135 log_buf(VERB_ALGO, "refuse", c->buffer); in deny_refuse()
1138 if(worker->stats.extended) in deny_refuse()
1139 worker->stats.unwanted_queries++; in deny_refuse()
1140 worker_check_request(c->buffer, worker, check_result); in deny_refuse()
1141 if(check_result->value != 0) { in deny_refuse()
1142 if(check_result->value != -1) { in deny_refuse()
1143 LDNS_QR_SET(sldns_buffer_begin(c->buffer)); in deny_refuse()
1144 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), in deny_refuse()
1145 check_result->value); in deny_refuse()
1154 log_assert(sldns_buffer_limit(c->buffer) >= LDNS_HEADER_SIZE in deny_refuse()
1155 && LDNS_QDCOUNT(sldns_buffer_begin(c->buffer)) == 1); in deny_refuse()
1157 sldns_buffer_set_position(c->buffer, LDNS_HEADER_SIZE); /* skip header */ in deny_refuse()
1160 if(LDNS_ARCOUNT(sldns_buffer_begin(c->buffer)) != 1 in deny_refuse()
1162 LDNS_QDCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1163 LDNS_ANCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1164 LDNS_NSCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1165 LDNS_ARCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1166 LDNS_QR_SET(sldns_buffer_begin(c->buffer)); in deny_refuse()
1167 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), in deny_refuse()
1169 sldns_buffer_set_position(c->buffer, LDNS_HEADER_SIZE); in deny_refuse()
1170 sldns_buffer_flip(c->buffer); in deny_refuse()
1174 if (!query_dname_len(c->buffer)) { in deny_refuse()
1175 LDNS_QDCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1176 LDNS_ANCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1177 LDNS_NSCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1178 LDNS_ARCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1179 LDNS_QR_SET(sldns_buffer_begin(c->buffer)); in deny_refuse()
1180 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), in deny_refuse()
1182 sldns_buffer_set_position(c->buffer, LDNS_HEADER_SIZE); in deny_refuse()
1183 sldns_buffer_flip(c->buffer); in deny_refuse()
1187 if (sldns_buffer_remaining(c->buffer) < 2 * sizeof(uint16_t)) { in deny_refuse()
1188 LDNS_QR_SET(sldns_buffer_begin(c->buffer)); in deny_refuse()
1189 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), in deny_refuse()
1191 LDNS_QDCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1192 LDNS_ANCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1193 LDNS_NSCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1194 LDNS_ARCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1195 sldns_buffer_set_position(c->buffer, LDNS_HEADER_SIZE); in deny_refuse()
1196 sldns_buffer_flip(c->buffer); in deny_refuse()
1199 LDNS_QR_SET(sldns_buffer_begin(c->buffer)); in deny_refuse()
1200 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), in deny_refuse()
1203 sldns_buffer_skip(c->buffer, (ssize_t)sizeof(uint16_t)); /* skip qtype */ in deny_refuse()
1205 sldns_buffer_skip(c->buffer, (ssize_t)sizeof(uint16_t)); /* skip qclass */ in deny_refuse()
1210 opt_rr_mark = sldns_buffer_position(c->buffer); in deny_refuse()
1213 if(LDNS_ANCOUNT(sldns_buffer_begin(c->buffer)) != 0 || in deny_refuse()
1214 LDNS_NSCOUNT(sldns_buffer_begin(c->buffer)) != 0) { in deny_refuse()
1215 if(!skip_pkt_rrs(c->buffer, in deny_refuse()
1216 ((int)LDNS_ANCOUNT(sldns_buffer_begin(c->buffer)))+ in deny_refuse()
1217 ((int)LDNS_NSCOUNT(sldns_buffer_begin(c->buffer))))) { in deny_refuse()
1218 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), in deny_refuse()
1220 LDNS_ANCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1221 LDNS_NSCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1222 LDNS_ARCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1223 sldns_buffer_set_position(c->buffer, opt_rr_mark); in deny_refuse()
1224 sldns_buffer_flip(c->buffer); in deny_refuse()
1230 if(sldns_buffer_remaining(c->buffer) < 1 || *sldns_buffer_current(c->buffer) != 0) { in deny_refuse()
1231 LDNS_ANCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1232 LDNS_NSCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1233 LDNS_ARCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1234 sldns_buffer_set_position(c->buffer, opt_rr_mark); in deny_refuse()
1235 sldns_buffer_flip(c->buffer); in deny_refuse()
1238 sldns_buffer_skip(c->buffer, 1); /* skip root label */ in deny_refuse()
1240 if(sldns_buffer_remaining(c->buffer) < 2 || in deny_refuse()
1241 sldns_buffer_read_u16(c->buffer) != LDNS_RR_TYPE_OPT) { in deny_refuse()
1242 LDNS_ANCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1243 LDNS_NSCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1244 LDNS_ARCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1245 sldns_buffer_set_position(c->buffer, opt_rr_mark); in deny_refuse()
1246 sldns_buffer_flip(c->buffer); in deny_refuse()
1252 LDNS_ANCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1253 LDNS_NSCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1254 sldns_buffer_clear(c->buffer); /* reset write limit */ in deny_refuse()
1255 sldns_buffer_set_position(c->buffer, opt_rr_mark); in deny_refuse()
1260 * + EDE Option length (2) + EDE info-code (2) in deny_refuse()
1262 if (sldns_buffer_available(c->buffer, 17) == 0) { in deny_refuse()
1263 LDNS_ARCOUNT_SET(sldns_buffer_begin(c->buffer), 0); in deny_refuse()
1264 sldns_buffer_flip(c->buffer); in deny_refuse()
1268 LDNS_ARCOUNT_SET(sldns_buffer_begin(c->buffer), 1); in deny_refuse()
1271 sldns_buffer_write_u8(c->buffer, 0); in deny_refuse()
1272 sldns_buffer_write_u16(c->buffer, LDNS_RR_TYPE_OPT); in deny_refuse()
1273 sldns_buffer_write_u16(c->buffer, EDNS_ADVERTISED_SIZE); in deny_refuse()
1276 sldns_buffer_write_u32(c->buffer, 0); in deny_refuse()
1278 /* write rdata len: EDE option + length + info-code */ in deny_refuse()
1279 sldns_buffer_write_u16(c->buffer, 6); in deny_refuse()
1282 sldns_buffer_write_u16(c->buffer, LDNS_EDNS_EDE); in deny_refuse()
1284 /* write single EDE option length (for just 1 info-code) */ in deny_refuse()
1285 sldns_buffer_write_u16(c->buffer, 2); in deny_refuse()
1287 /* write single EDE info-code */ in deny_refuse()
1288 sldns_buffer_write_u16(c->buffer, LDNS_EDE_PROHIBITED); in deny_refuse()
1290 sldns_buffer_flip(c->buffer); in deny_refuse()
1298 return -1; in deny_refuse()
1308 *acladdr = acl_addr_lookup(worker->daemon->acl, in deny_refuse_all()
1309 &repinfo->remote_addr, repinfo->remote_addrlen); in deny_refuse_all()
1311 *acladdr = acl_addr_lookup(worker->daemon->acl, in deny_refuse_all()
1312 &repinfo->client_addr, repinfo->client_addrlen); in deny_refuse_all()
1315 if(!(*acladdr) && c->socket) { in deny_refuse_all()
1316 *acladdr = c->socket->acl; in deny_refuse_all()
1339 if(!infra_ip_ratelimit_inc(worker->env.infra_cache, addr, addrlen, in check_ip_ratelimit()
1340 *worker->env.now, has_cookie, in check_ip_ratelimit()
1341 worker->env.cfg->ip_ratelimit_backoff, pkt)) { in check_ip_ratelimit()
1343 if(!has_cookie && worker->env.cfg->ip_ratelimit_factor != 0 && in check_ip_ratelimit()
1344 ub_random_max(worker->env.rnd, in check_ip_ratelimit()
1345 worker->env.cfg->ip_ratelimit_factor) == 0) { in check_ip_ratelimit()
1396 if (worker->env.cfg->sock_queue_timeout && timeval_isset(&c->recv_tv)) { in worker_handle_request()
1397 timeval_subtract(&wait_time, worker->env.now_tv, &c->recv_tv); in worker_handle_request()
1399 if (worker->stats.max_query_time_us < wait_queue_time) in worker_handle_request()
1400 worker->stats.max_query_time_us = wait_queue_time; in worker_handle_request()
1402 (long long)(worker->env.cfg->sock_queue_timeout * 1000000)) { in worker_handle_request()
1404 worker->stats.num_queries_timed_out++; in worker_handle_request()
1410 repinfo->max_udp_size = worker->daemon->cfg->max_udp_size; in worker_handle_request()
1411 if(!dnsc_handle_curved_request(worker->daemon->dnscenv, repinfo)) { in worker_handle_request()
1412 worker->stats.num_query_dnscrypt_crypted_malformed++; in worker_handle_request()
1415 if(c->dnscrypt && !repinfo->is_dnscrypted) { in worker_handle_request()
1418 worker_check_request(c->buffer, worker, &check_result); in worker_handle_request()
1422 log_addr(VERB_CLIENT,"from",&repinfo->client_addr, in worker_handle_request()
1423 repinfo->client_addrlen); in worker_handle_request()
1427 if(!query_info_parse(&qinfo, c->buffer)) { in worker_handle_request()
1430 log_addr(VERB_CLIENT, "from", &repinfo->client_addr, in worker_handle_request()
1431 repinfo->client_addrlen); in worker_handle_request()
1438 worker->daemon->dnscenv->provider_name) == 0)) { in worker_handle_request()
1441 worker->daemon->dnscenv->provider_name, in worker_handle_request()
1442 sldns_rr_descript(qinfo.qtype)->_name, in worker_handle_request()
1445 worker->stats.num_query_dnscrypt_cleartext++; in worker_handle_request()
1448 worker->stats.num_query_dnscrypt_cert++; in worker_handle_request()
1449 sldns_buffer_rewind(c->buffer); in worker_handle_request()
1450 } else if(c->dnscrypt && repinfo->is_dnscrypted) { in worker_handle_request()
1451 worker->stats.num_query_dnscrypt_crypted++; in worker_handle_request()
1458 if(worker->dtenv.log_client_query_messages) { in worker_handle_request()
1459 log_addr(VERB_ALGO, "request from client", &repinfo->client_addr, repinfo->client_addrlen); in worker_handle_request()
1460 …log_addr(VERB_ALGO, "to local addr", (void*)repinfo->c->socket->addr, repinfo->c->socket->addrlen); in worker_handle_request()
1461 …dt_msg_send_client_query(&worker->dtenv, &repinfo->client_addr, (void*)repinfo->c->socket->addr, c… in worker_handle_request()
1462 ((worker->env.cfg->sock_queue_timeout && timeval_isset(&c->recv_tv))?&c->recv_tv:NULL)); in worker_handle_request()
1466 if(repinfo->is_proxied) { in worker_handle_request()
1468 worker->env.cfg->ede, 1, &check_result)) != -1) { in worker_handle_request()
1475 worker->env.cfg->ede, 0, &check_result)) != -1) { in worker_handle_request()
1481 worker_check_request(c->buffer, worker, &check_result); in worker_handle_request()
1484 log_addr(VERB_CLIENT,"from",&repinfo->client_addr, repinfo->client_addrlen); in worker_handle_request()
1485 if(check_result.value != -1) { in worker_handle_request()
1486 LDNS_QR_SET(sldns_buffer_begin(c->buffer)); in worker_handle_request()
1487 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), in worker_handle_request()
1495 worker->stats.num_queries++; in worker_handle_request()
1496 pre_edns_ip_ratelimit = !worker->env.cfg->do_answer_cookie in worker_handle_request()
1497 || sldns_buffer_limit(c->buffer) < LDNS_HEADER_SIZE in worker_handle_request()
1498 || LDNS_ARCOUNT(sldns_buffer_begin(c->buffer)) == 0; in worker_handle_request()
1503 /* NOTE: we always check the repinfo->client_address. in worker_handle_request()
1505 if(!check_ip_ratelimit(worker, &repinfo->client_addr, in worker_handle_request()
1506 repinfo->client_addrlen, 0, c->buffer)) { in worker_handle_request()
1507 worker->stats.num_queries_ip_ratelimited++; in worker_handle_request()
1513 if(!query_info_parse(&qinfo, c->buffer)) { in worker_handle_request()
1515 log_addr(VERB_CLIENT, "from", &repinfo->client_addr, in worker_handle_request()
1516 repinfo->client_addrlen); in worker_handle_request()
1518 if(worker_err_ratelimit(worker, LDNS_RCODE_FORMERR) == -1) { in worker_handle_request()
1522 sldns_buffer_rewind(c->buffer); in worker_handle_request()
1523 LDNS_QR_SET(sldns_buffer_begin(c->buffer)); in worker_handle_request()
1524 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), in worker_handle_request()
1528 if(worker->env.cfg->log_queries) { in worker_handle_request()
1530 addr_to_str(&repinfo->client_addr, repinfo->client_addrlen, ip, sizeof(ip)); in worker_handle_request()
1535 verbose(VERB_ALGO, "worker request: refused zone transfer."); in worker_handle_request()
1536 log_addr(VERB_CLIENT, "from", &repinfo->client_addr, in worker_handle_request()
1537 repinfo->client_addrlen); in worker_handle_request()
1538 sldns_buffer_rewind(c->buffer); in worker_handle_request()
1539 LDNS_QR_SET(sldns_buffer_begin(c->buffer)); in worker_handle_request()
1540 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), in worker_handle_request()
1542 if(worker->stats.extended) { in worker_handle_request()
1543 worker->stats.qtype[qinfo.qtype]++; in worker_handle_request()
1553 verbose(VERB_ALGO, "worker request: formerror for meta-type."); in worker_handle_request()
1554 log_addr(VERB_CLIENT, "from", &repinfo->client_addr, in worker_handle_request()
1555 repinfo->client_addrlen); in worker_handle_request()
1556 if(worker_err_ratelimit(worker, LDNS_RCODE_FORMERR) == -1) { in worker_handle_request()
1560 sldns_buffer_rewind(c->buffer); in worker_handle_request()
1561 LDNS_QR_SET(sldns_buffer_begin(c->buffer)); in worker_handle_request()
1562 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), in worker_handle_request()
1564 if(worker->stats.extended) { in worker_handle_request()
1565 worker->stats.qtype[qinfo.qtype]++; in worker_handle_request()
1570 c->buffer, &edns, worker->env.cfg, c, repinfo, in worker_handle_request()
1571 (worker->env.now ? *worker->env.now : time(NULL)), in worker_handle_request()
1572 worker->scratchpad, in worker_handle_request()
1573 worker->daemon->cookie_secrets)) != 0) { in worker_handle_request()
1576 log_addr(VERB_CLIENT, "from", &repinfo->client_addr, in worker_handle_request()
1577 repinfo->client_addrlen); in worker_handle_request()
1580 error_encode(c->buffer, ret, &qinfo, in worker_handle_request()
1581 *(uint16_t*)(void *)sldns_buffer_begin(c->buffer), in worker_handle_request()
1582 sldns_buffer_read_u16_at(c->buffer, 2), &reply_edns); in worker_handle_request()
1583 regional_free_all(worker->scratchpad); in worker_handle_request()
1592 log_addr(VERB_CLIENT, "from", &repinfo->client_addr, in worker_handle_request()
1593 repinfo->client_addrlen); in worker_handle_request()
1594 extended_error_encode(c->buffer, EDNS_RCODE_BADVERS, &qinfo, in worker_handle_request()
1595 *(uint16_t*)(void *)sldns_buffer_begin(c->buffer), in worker_handle_request()
1596 sldns_buffer_read_u16_at(c->buffer, 2), 0, &edns); in worker_handle_request()
1597 regional_free_all(worker->scratchpad); in worker_handle_request()
1601 worker->daemon->cfg->harden_short_bufsize) { in worker_handle_request()
1604 log_addr(VERB_CLIENT, "from", &repinfo->client_addr, in worker_handle_request()
1605 repinfo->client_addrlen); in worker_handle_request()
1611 server_stats_downstream_cookie(&worker->stats, &edns); in worker_handle_request()
1615 /* NOTE: we always check the repinfo->client_address. in worker_handle_request()
1617 if(!check_ip_ratelimit(worker, &repinfo->client_addr, in worker_handle_request()
1618 repinfo->client_addrlen, edns.cookie_valid, in worker_handle_request()
1619 c->buffer)) { in worker_handle_request()
1620 worker->stats.num_queries_ip_ratelimited++; in worker_handle_request()
1633 else if(c->type != comm_udp) in worker_handle_request()
1638 extended_error_encode(c->buffer, in worker_handle_request()
1641 sldns_buffer_begin(c->buffer), in worker_handle_request()
1642 sldns_buffer_read_u16_at(c->buffer, 2), in worker_handle_request()
1644 regional_free_all(worker->scratchpad); in worker_handle_request()
1650 log_addr(VERB_ALGO, "from",&repinfo->remote_addr in worker_handle_request()
1651 , repinfo->remote_addrlen); in worker_handle_request()
1653 worker->scratchpad, LDNS_EDE_OTHER, in worker_handle_request()
1655 error_encode(c->buffer, in worker_handle_request()
1658 sldns_buffer_begin(c->buffer), in worker_handle_request()
1659 sldns_buffer_read_u16_at(c->buffer, 2), in worker_handle_request()
1661 regional_free_all(worker->scratchpad); in worker_handle_request()
1665 if(edns.udp_size > worker->daemon->cfg->max_udp_size && in worker_handle_request()
1666 c->type == comm_udp) { in worker_handle_request()
1669 " (%d to max-udp-size)", (int)edns.udp_size); in worker_handle_request()
1670 log_addr(VERB_CLIENT, "from", &repinfo->client_addr, in worker_handle_request()
1671 repinfo->client_addrlen); in worker_handle_request()
1672 edns.udp_size = worker->daemon->cfg->max_udp_size; in worker_handle_request()
1676 log_addr(VERB_CLIENT, "from", &repinfo->client_addr, in worker_handle_request()
1677 repinfo->client_addrlen); in worker_handle_request()
1678 LDNS_QR_SET(sldns_buffer_begin(c->buffer)); in worker_handle_request()
1679 LDNS_TC_SET(sldns_buffer_begin(c->buffer)); in worker_handle_request()
1680 LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), in worker_handle_request()
1682 sldns_buffer_set_position(c->buffer, LDNS_HEADER_SIZE); in worker_handle_request()
1683 sldns_buffer_write_at(c->buffer, 4, in worker_handle_request()
1685 sldns_buffer_flip(c->buffer); in worker_handle_request()
1686 regional_free_all(worker->scratchpad); in worker_handle_request()
1689 if(worker->stats.extended) in worker_handle_request()
1690 server_stats_insquery(&worker->stats, c, qinfo.qtype, in worker_handle_request()
1692 if(c->type != comm_udp) in worker_handle_request()
1695 &edns, repinfo, c->buffer)) { in worker_handle_request()
1696 regional_free_all(worker->scratchpad); in worker_handle_request()
1699 if(LDNS_OPCODE_WIRE(sldns_buffer_begin(c->buffer)) == in worker_handle_request()
1701 answer_notify(worker, &qinfo, &edns, c->buffer, in worker_handle_request()
1702 &repinfo->client_addr, repinfo->client_addrlen); in worker_handle_request()
1703 regional_free_all(worker->scratchpad); in worker_handle_request()
1706 if(local_zones_answer(worker->daemon->local_zones, &worker->env, &qinfo, in worker_handle_request()
1707 &edns, c->buffer, worker->scratchpad, repinfo, acladdr->taglist, in worker_handle_request()
1708 acladdr->taglen, acladdr->tag_actions, in worker_handle_request()
1709 acladdr->tag_actions_size, acladdr->tag_datas, in worker_handle_request()
1710 acladdr->tag_datas_size, worker->daemon->cfg->tagname, in worker_handle_request()
1711 worker->daemon->cfg->num_tags, acladdr->view)) { in worker_handle_request()
1712 regional_free_all(worker->scratchpad); in worker_handle_request()
1713 if(sldns_buffer_limit(c->buffer) == 0) { in worker_handle_request()
1719 if(worker->env.auth_zones && in worker_handle_request()
1720 rpz_callback_from_worker_request(worker->env.auth_zones, in worker_handle_request()
1721 &worker->env, &qinfo, &edns, c->buffer, worker->scratchpad, in worker_handle_request()
1722 repinfo, acladdr->taglist, acladdr->taglen, &worker->stats, in worker_handle_request()
1724 regional_free_all(worker->scratchpad); in worker_handle_request()
1725 if(sldns_buffer_limit(c->buffer) == 0) { in worker_handle_request()
1731 if(worker->env.auth_zones && in worker_handle_request()
1732 auth_zones_answer(worker->env.auth_zones, &worker->env, in worker_handle_request()
1733 &qinfo, &edns, repinfo, c->buffer, worker->scratchpad)) { in worker_handle_request()
1734 regional_free_all(worker->scratchpad); in worker_handle_request()
1735 if(sldns_buffer_limit(c->buffer) == 0) { in worker_handle_request()
1741 if(LDNS_RD_WIRE(sldns_buffer_begin(c->buffer)) && in worker_handle_request()
1743 LDNS_RA_SET(sldns_buffer_begin(c->buffer)); in worker_handle_request()
1750 worker->env.cfg->ede, &check_result)) != -1) in worker_handle_request()
1752 regional_free_all(worker->scratchpad); in worker_handle_request()
1760 if(!(LDNS_RD_WIRE(sldns_buffer_begin(c->buffer))) && in worker_handle_request()
1762 LDNS_RD_SET(sldns_buffer_begin(c->buffer)); in worker_handle_request()
1767 if(!(LDNS_RD_WIRE(sldns_buffer_begin(c->buffer))) && in worker_handle_request()
1769 if(worker->env.cfg->ede) { in worker_handle_request()
1771 worker->scratchpad, LDNS_EDE_NOT_AUTHORITATIVE, ""); in worker_handle_request()
1773 error_encode(c->buffer, LDNS_RCODE_REFUSED, &qinfo, in worker_handle_request()
1774 *(uint16_t*)(void *)sldns_buffer_begin(c->buffer), in worker_handle_request()
1775 sldns_buffer_read_u16_at(c->buffer, 2), &edns); in worker_handle_request()
1776 regional_free_all(worker->scratchpad); in worker_handle_request()
1778 &repinfo->client_addr, repinfo->client_addrlen); in worker_handle_request()
1786 struct ub_packed_rrset_key* rrset = qinfo.local_alias->rrset; in worker_handle_request()
1787 struct packed_rrset_data* d = rrset->entry.data; in worker_handle_request()
1791 if(qinfo.local_alias->next || in worker_handle_request()
1792 rrset->rk.type != htons(LDNS_RR_TYPE_CNAME) || in worker_handle_request()
1793 d->count != 1) { in worker_handle_request()
1795 regional_free_all(worker->scratchpad); in worker_handle_request()
1798 qinfo.qname = d->rr_data[0] + 2; in worker_handle_request()
1799 qinfo.qname_len = d->rr_len[0] - 2; in worker_handle_request()
1802 /* If we may apply IP-based actions to the answer, build the client in worker_handle_request()
1805 if((worker->daemon->use_response_ip || worker->daemon->use_rpz) && in worker_handle_request()
1809 cinfo_tmp.taglist = acladdr->taglist; in worker_handle_request()
1810 cinfo_tmp.taglen = acladdr->taglen; in worker_handle_request()
1811 cinfo_tmp.tag_actions = acladdr->tag_actions; in worker_handle_request()
1812 cinfo_tmp.tag_actions_size = acladdr->tag_actions_size; in worker_handle_request()
1813 cinfo_tmp.tag_datas = acladdr->tag_datas; in worker_handle_request()
1814 cinfo_tmp.tag_datas_size = acladdr->tag_datas_size; in worker_handle_request()
1815 cinfo_tmp.view = acladdr->view; in worker_handle_request()
1816 cinfo_tmp.respip_set = worker->daemon->respip_set; in worker_handle_request()
1827 * this is a two-pass operation, and lookup_qinfo is different for in worker_handle_request()
1830 if(!edns_bypass_cache_stage(edns.opt_list_in, &worker->env)) { in worker_handle_request()
1833 h = query_info_hash(lookup_qinfo, sldns_buffer_read_u16_at(c->buffer, 2)); in worker_handle_request()
1834 if((e=slabhash_lookup(worker->env.msg_cache, h, lookup_qinfo, 0))) { in worker_handle_request()
1835 struct reply_info* rep = (struct reply_info*)e->data; in worker_handle_request()
1836 /* answer from cache - we have acquired a readlock on it */ in worker_handle_request()
1840 *(uint16_t*)(void *)sldns_buffer_begin(c->buffer), in worker_handle_request()
1841 sldns_buffer_read_u16_at(c->buffer, 2), repinfo, in worker_handle_request()
1847 if((worker->env.cfg->prefetch && in worker_handle_request()
1848 *worker->env.now >= rep->prefetch_ttl) || in worker_handle_request()
1849 (worker->env.cfg->serve_expired && in worker_handle_request()
1850 *worker->env.now > rep->ttl)) { in worker_handle_request()
1852 time_t leeway = rep->ttl - *worker->env.now; in worker_handle_request()
1853 if(rep->ttl < *worker->env.now) in worker_handle_request()
1855 lock_rw_unlock(&e->lock); in worker_handle_request()
1858 sldns_buffer_read_u16_at(c->buffer, 2), in worker_handle_request()
1865 regional_free_all(worker->scratchpad); in worker_handle_request()
1869 lock_rw_unlock(&e->lock); in worker_handle_request()
1870 regional_free_all(worker->scratchpad); in worker_handle_request()
1875 lock_rw_unlock(&e->lock); in worker_handle_request()
1888 regional_free_all(worker->scratchpad); in worker_handle_request()
1897 lock_rw_unlock(&e->lock); in worker_handle_request()
1900 if(!LDNS_RD_WIRE(sldns_buffer_begin(c->buffer))) { in worker_handle_request()
1902 *(uint16_t*)(void *)sldns_buffer_begin(c->buffer), in worker_handle_request()
1903 sldns_buffer_read_u16_at(c->buffer, 2), repinfo, in worker_handle_request()
1905 regional_free_all(worker->scratchpad); in worker_handle_request()
1908 verbose(VERB_ALGO, "answer norec from cache -- " in worker_handle_request()
1912 sldns_buffer_rewind(c->buffer); in worker_handle_request()
1913 server_stats_querymiss(&worker->stats, worker); in worker_handle_request()
1916 if(c->type == comm_udp) in worker_handle_request()
1918 &repinfo->client_addr, repinfo->client_addrlen); in worker_handle_request()
1920 &repinfo->client_addr, repinfo->client_addrlen); in worker_handle_request()
1924 mesh_new_client(worker->env.mesh, &qinfo, cinfo, in worker_handle_request()
1925 sldns_buffer_read_u16_at(c->buffer, 2), in worker_handle_request()
1926 &edns, repinfo, *(uint16_t*)(void *)sldns_buffer_begin(c->buffer), in worker_handle_request()
1928 regional_free_all(worker->scratchpad); in worker_handle_request()
1940 worker->stats.ans_expired++; in worker_handle_request()
1942 server_stats_insrcode(&worker->stats, c->buffer); in worker_handle_request()
1943 if(worker->stats.extended) { in worker_handle_request()
1944 if(is_secure_answer) worker->stats.ans_secure++; in worker_handle_request()
1950 if(worker->dtenv.log_client_response_messages && rc !=0) { in worker_handle_request()
1951 …log_addr(VERB_ALGO, "from local addr", (void*)repinfo->c->socket->addr, repinfo->c->socket->addrle… in worker_handle_request()
1952 log_addr(VERB_ALGO, "response to client", &repinfo->client_addr, repinfo->client_addrlen); in worker_handle_request()
1953 …t_msg_send_client_response(&worker->dtenv, &repinfo->client_addr, (void*)repinfo->c->socket->addr,… in worker_handle_request()
1956 if(worker->env.cfg->log_replies) in worker_handle_request()
1960 if(qinfo.local_alias && qinfo.local_alias->rrset && in worker_handle_request()
1961 qinfo.local_alias->rrset->rk.dname) { in worker_handle_request()
1964 qinfo.qname = qinfo.local_alias->rrset->rk.dname; in worker_handle_request()
1966 &repinfo->client_addr, repinfo->client_addrlen, in worker_handle_request()
1967 tv, 1, c->buffer, in worker_handle_request()
1968 (worker->env.cfg->log_destaddr?(void*)repinfo->c->socket->addr:NULL), in worker_handle_request()
1969 c->type); in worker_handle_request()
1972 &repinfo->client_addr, repinfo->client_addrlen, in worker_handle_request()
1973 tv, 1, c->buffer, in worker_handle_request()
1974 (worker->env.cfg->log_destaddr?(void*)repinfo->c->socket->addr:NULL), in worker_handle_request()
1975 c->type); in worker_handle_request()
1990 * And cause hangups if the log-lock is held by the application. */ in worker_sighandler()
1995 comm_base_exit(worker->base); in worker_sighandler()
2002 worker->need_to_exit = 1; in worker_sighandler()
2003 comm_base_exit(worker->base); in worker_sighandler()
2007 worker->need_to_exit = 1; in worker_sighandler()
2008 comm_base_exit(worker->base); in worker_sighandler()
2012 worker->need_to_exit = 1; in worker_sighandler()
2013 comm_base_exit(worker->base); in worker_sighandler()
2025 if(worker->env.cfg->stat_interval > 0) { in worker_restart_timer()
2028 tv.tv_sec = worker->env.cfg->stat_interval; in worker_restart_timer()
2031 comm_timer_set(worker->stat_timer, &tv); in worker_restart_timer()
2038 server_stats_log(&worker->stats, worker, worker->thread_num); in worker_stat_timer_cb()
2039 mesh_stats(worker->env.mesh, "mesh has"); in worker_stat_timer_cb()
2042 if (worker->daemon->cfg->shm_enable) { in worker_stat_timer_cb()
2045 if(!worker->daemon->cfg->stat_cumulative) { in worker_stat_timer_cb()
2057 tv.tv_sec = (time_t)autr_probe_timer(&worker->env); in worker_probe_timer_cb()
2061 comm_timer_set(worker->env.probe_timer, &tv); in worker_probe_timer_cb()
2072 worker->numports = n; in worker_create()
2073 worker->ports = (int*)memdup(ports, sizeof(int)*n); in worker_create()
2074 if(!worker->ports) { in worker_create()
2078 worker->daemon = daemon; in worker_create()
2079 worker->thread_num = id; in worker_create()
2080 if(!(worker->cmd = tube_create())) { in worker_create()
2081 free(worker->ports); in worker_create()
2086 if(!(worker->rndstate = ub_initstate(daemon->rand))) { in worker_create()
2088 tube_delete(worker->cmd); in worker_create()
2089 free(worker->ports); in worker_create()
2102 struct dt_env* dtenv = &worker->dtenv; in worker_init()
2107 worker->thread_tid = gettid(); in worker_init()
2109 worker->need_to_exit = 0; in worker_init()
2110 worker->base = comm_base_create(do_sigs); in worker_init()
2111 if(!worker->base) { in worker_init()
2116 comm_base_set_slow_accept_handlers(worker->base, &worker_stop_accept, in worker_init()
2131 worker->comsig = comm_signal_create(worker->base, in worker_init()
2133 if(!worker->comsig in worker_init()
2135 || !comm_signal_bind(worker->comsig, SIGHUP) in worker_init()
2138 || !comm_signal_bind(worker->comsig, SIGQUIT) in worker_init()
2140 || !comm_signal_bind(worker->comsig, SIGTERM) in worker_init()
2142 || !comm_signal_bind(worker->comsig, SIGBREAK) in worker_init()
2144 || !comm_signal_bind(worker->comsig, SIGINT)) { in worker_init()
2150 if(!daemon_remote_open_accept(worker->daemon->rc, in worker_init()
2151 worker->daemon->rc_ports, worker)) { in worker_init()
2159 worker->comsig = NULL; in worker_init()
2162 if(cfg->dnstap) { in worker_init()
2163 log_assert(worker->daemon->dtenv != NULL); in worker_init()
2164 memcpy(&worker->dtenv, worker->daemon->dtenv, sizeof(struct dt_env)); in worker_init()
2165 if(!dt_init(&worker->dtenv, worker->base)) in worker_init()
2169 worker->front = listen_create(worker->base, ports, in worker_init()
2170 cfg->msg_buffer_size, (int)cfg->incoming_num_tcp, in worker_init()
2171 cfg->do_tcp_keepalive in worker_init()
2172 ? cfg->tcp_keepalive_timeout in worker_init()
2173 : cfg->tcp_idle_timeout, in worker_init()
2174 cfg->harden_large_queries, cfg->http_max_streams, in worker_init()
2175 cfg->http_endpoint, cfg->http_notls_downstream, in worker_init()
2176 worker->daemon->tcl, worker->daemon->listen_sslctx, in worker_init()
2177 dtenv, worker->daemon->doq_table, worker->env.rnd, in worker_init()
2178 cfg->ssl_service_key, cfg->ssl_service_pem, cfg, in worker_init()
2180 if(!worker->front) { in worker_init()
2185 worker->back = outside_network_create(worker->base, in worker_init()
2186 cfg->msg_buffer_size, (size_t)cfg->outgoing_num_ports, in worker_init()
2187 cfg->out_ifs, cfg->num_out_ifs, cfg->do_ip4, cfg->do_ip6, in worker_init()
2188 cfg->do_tcp?cfg->outgoing_num_tcp:0, cfg->ip_dscp, in worker_init()
2189 worker->daemon->env->infra_cache, worker->rndstate, in worker_init()
2190 cfg->use_caps_bits_for_id, worker->ports, worker->numports, in worker_init()
2191 cfg->unwanted_threshold, cfg->outgoing_tcp_mss, in worker_init()
2193 cfg->do_udp || cfg->udp_upstream_without_downstream, in worker_init()
2194 worker->daemon->connect_sslctx, cfg->delay_close, in worker_init()
2195 cfg->tls_use_sni, dtenv, cfg->udp_connect, in worker_init()
2196 cfg->max_reuse_tcp_queries, cfg->tcp_reuse_timeout, in worker_init()
2197 cfg->tcp_auth_query_timeout); in worker_init()
2198 if(!worker->back) { in worker_init()
2203 iterator_set_ip46_support(&worker->daemon->mods, worker->daemon->env, in worker_init()
2204 worker->back); in worker_init()
2206 if(!tube_setup_bg_listen(worker->cmd, worker->base, in worker_init()
2212 worker->stat_timer = comm_timer_create(worker->base, in worker_init()
2214 if(!worker->stat_timer) { in worker_init()
2220 worker->scratchpad = regional_create_custom(cfg->msg_buffer_size); in worker_init()
2221 if(!worker->scratchpad) { in worker_init()
2227 server_stats_init(&worker->stats, cfg); in worker_init()
2228 worker->alloc = worker->daemon->worker_allocs[worker->thread_num]; in worker_init()
2229 alloc_set_id_cleanup(worker->alloc, &worker_alloc_cleanup, worker); in worker_init()
2230 worker->env = *worker->daemon->env; in worker_init()
2231 comm_base_timept(worker->base, &worker->env.now, &worker->env.now_tv); in worker_init()
2232 worker->env.worker = worker; in worker_init()
2233 worker->env.worker_base = worker->base; in worker_init()
2234 worker->env.send_query = &worker_send_query; in worker_init()
2235 worker->env.alloc = worker->alloc; in worker_init()
2236 worker->env.outnet = worker->back; in worker_init()
2237 worker->env.rnd = worker->rndstate; in worker_init()
2240 * It would be prone to a use-after-free kind of bug, so we avoid in worker_init()
2243 worker->env.scratch = regional_create_custom(cfg->msg_buffer_size); in worker_init()
2244 if(!worker->env.scratch) { in worker_init()
2249 worker->env.mesh = mesh_create(&worker->daemon->mods, &worker->env); in worker_init()
2250 if(!worker->env.mesh) { in worker_init()
2256 worker->env.mesh->use_response_ip = worker->daemon->use_response_ip; in worker_init()
2257 worker->env.mesh->use_rpz = worker->daemon->use_rpz; in worker_init()
2259 worker->env.detach_subs = &mesh_detach_subs; in worker_init()
2260 worker->env.attach_sub = &mesh_attach_sub; in worker_init()
2261 worker->env.add_sub = &mesh_add_sub; in worker_init()
2262 worker->env.kill_sub = &mesh_state_delete; in worker_init()
2263 worker->env.detect_cycle = &mesh_detect_cycle; in worker_init()
2264 worker->env.scratch_buffer = sldns_buffer_new(cfg->msg_buffer_size); in worker_init()
2265 if(!worker->env.scratch_buffer) { in worker_init()
2270 /* one probe timer per process -- if we have 5011 anchors */ in worker_init()
2271 if(autr_get_num_anchors(worker->env.anchors) > 0 in worker_init()
2273 && worker->thread_num == 0 in worker_init()
2279 worker->env.probe_timer = comm_timer_create(worker->base, in worker_init()
2281 if(!worker->env.probe_timer) { in worker_init()
2282 log_err("could not create 5011-probe timer"); in worker_init()
2285 comm_timer_set(worker->env.probe_timer, &tv); in worker_init()
2288 /* zone transfer tasks, setup once per process, if any */ in worker_init()
2289 if(worker->env.auth_zones in worker_init()
2291 && worker->thread_num == 0 in worker_init()
2294 auth_xfer_pickup_initial(worker->env.auth_zones, &worker->env); in worker_init()
2295 auth_zones_pickup_zonemd_verify(worker->env.auth_zones, in worker_init()
2296 &worker->env); in worker_init()
2299 if(worker->daemon->cfg->dnstap in worker_init()
2301 && worker->thread_num == 0 in worker_init()
2304 if(!dt_io_thread_start(dtenv->dtio, comm_base_internal( in worker_init()
2305 worker->base), worker->daemon->num)) { in worker_init()
2314 if(worker->env.cfg->stat_interval > 0) { in worker_init()
2316 worker->env.cfg->stat_interval); in worker_init()
2326 comm_base_dispatch(worker->base); in worker_work()
2334 if(worker->env.mesh && verbosity >= VERB_OPS) { in worker_delete()
2335 server_stats_log(&worker->stats, worker, worker->thread_num); in worker_delete()
2336 mesh_stats(worker->env.mesh, "mesh has"); in worker_delete()
2339 outside_network_quit_prepare(worker->back); in worker_delete()
2340 mesh_delete(worker->env.mesh); in worker_delete()
2341 sldns_buffer_free(worker->env.scratch_buffer); in worker_delete()
2342 listen_delete(worker->front); in worker_delete()
2343 outside_network_delete(worker->back); in worker_delete()
2344 comm_signal_delete(worker->comsig); in worker_delete()
2345 tube_delete(worker->cmd); in worker_delete()
2346 comm_timer_delete(worker->stat_timer); in worker_delete()
2347 comm_timer_delete(worker->env.probe_timer); in worker_delete()
2348 free(worker->ports); in worker_delete()
2349 if(worker->thread_num == 0) { in worker_delete()
2355 if(worker->daemon->cfg->dnstap in worker_delete()
2357 && worker->thread_num == 0 in worker_delete()
2360 dt_io_thread_stop(worker->dtenv.dtio); in worker_delete()
2362 dt_deinit(&worker->dtenv); in worker_delete()
2364 comm_base_delete(worker->base); in worker_delete()
2365 ub_randfree(worker->rndstate); in worker_delete()
2366 /* don't touch worker->alloc, as it's maintained in daemon */ in worker_delete()
2367 regional_destroy(worker->env.scratch); in worker_delete()
2368 regional_destroy(worker->scratchpad); in worker_delete()
2379 struct worker* worker = q->env->worker; in worker_send_query()
2381 q->region, sizeof(*e)); in worker_send_query()
2384 e->qstate = q; in worker_send_query()
2385 e->qsent = outnet_serviced_query(worker->back, qinfo, flags, dnssec, in worker_send_query()
2388 worker_handle_service_reply, e, worker->back->udp_buff, q->env, in worker_send_query()
2390 if(!e->qsent) { in worker_send_query()
2400 slabhash_clear(&worker->env.rrset_cache->table); in worker_alloc_cleanup()
2401 slabhash_clear(worker->env.msg_cache); in worker_alloc_cleanup()
2406 server_stats_init(&worker->stats, worker->env.cfg); in worker_stats_clear()
2407 mesh_stats_clear(worker->env.mesh); in worker_stats_clear()
2408 worker->back->unwanted_replies = 0; in worker_stats_clear()
2409 worker->back->num_tcp_outgoing = 0; in worker_stats_clear()
2410 worker->back->num_udp_outgoing = 0; in worker_stats_clear()
2416 listen_start_accept(worker->front); in worker_start_accept()
2417 if(worker->thread_num == 0) in worker_start_accept()
2418 daemon_remote_start_accept(worker->daemon->rc); in worker_start_accept()
2424 listen_stop_accept(worker->front); in worker_stop_accept()
2425 if(worker->thread_num == 0) in worker_stop_accept()
2426 daemon_remote_stop_accept(worker->daemon->rc); in worker_stop_accept()
2429 /* --- fake callbacks for fptr_wlist to work --- */