1 /* 2 * services/cache/infra.c - infrastructure cache, server rtt and capabilities 3 * 4 * Copyright (c) 2007, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /** 37 * \file 38 * 39 * This file contains the infrastructure cache. 40 */ 41 #include "config.h" 42 #include "sldns/rrdef.h" 43 #include "sldns/str2wire.h" 44 #include "sldns/sbuffer.h" 45 #include "sldns/wire2str.h" 46 #include "services/cache/infra.h" 47 #include "util/storage/slabhash.h" 48 #include "util/storage/lookup3.h" 49 #include "util/data/dname.h" 50 #include "util/log.h" 51 #include "util/net_help.h" 52 #include "util/config_file.h" 53 #include "iterator/iterator.h" 54 55 /** Timeout when only a single probe query per IP is allowed. */ 56 #define PROBE_MAXRTO 12000 /* in msec */ 57 58 /** number of timeouts for a type when the domain can be blocked ; 59 * even if another type has completely rtt maxed it, the different type 60 * can do this number of packets (until those all timeout too) */ 61 #define TIMEOUT_COUNT_MAX 3 62 63 /** ratelimit value for delegation point */ 64 int infra_dp_ratelimit = 0; 65 66 /** ratelimit value for client ip addresses, 67 * in queries per second. */ 68 int infra_ip_ratelimit = 0; 69 70 /** ratelimit value for client ip addresses, 71 * in queries per second. 72 * For clients with a valid DNS Cookie. */ 73 int infra_ip_ratelimit_cookie = 0; 74 75 size_t 76 infra_sizefunc(void* k, void* ATTR_UNUSED(d)) 77 { 78 struct infra_key* key = (struct infra_key*)k; 79 return sizeof(*key) + sizeof(struct infra_data) + key->namelen 80 + lock_get_mem(&key->entry.lock); 81 } 82 83 int 84 infra_compfunc(void* key1, void* key2) 85 { 86 struct infra_key* k1 = (struct infra_key*)key1; 87 struct infra_key* k2 = (struct infra_key*)key2; 88 int r = sockaddr_cmp(&k1->addr, k1->addrlen, &k2->addr, k2->addrlen); 89 if(r != 0) 90 return r; 91 if(k1->namelen != k2->namelen) { 92 if(k1->namelen < k2->namelen) 93 return -1; 94 return 1; 95 } 96 return query_dname_compare(k1->zonename, k2->zonename); 97 } 98 99 void 100 infra_delkeyfunc(void* k, void* ATTR_UNUSED(arg)) 101 { 102 struct infra_key* key = (struct infra_key*)k; 103 if(!key) 104 return; 105 lock_rw_destroy(&key->entry.lock); 106 free(key->zonename); 107 free(key); 108 } 109 110 void 111 infra_deldatafunc(void* d, void* ATTR_UNUSED(arg)) 112 { 113 struct infra_data* data = (struct infra_data*)d; 114 free(data); 115 } 116 117 size_t 118 rate_sizefunc(void* k, void* ATTR_UNUSED(d)) 119 { 120 struct rate_key* key = (struct rate_key*)k; 121 return sizeof(*key) + sizeof(struct rate_data) + key->namelen 122 + lock_get_mem(&key->entry.lock); 123 } 124 125 int 126 rate_compfunc(void* key1, void* key2) 127 { 128 struct rate_key* k1 = (struct rate_key*)key1; 129 struct rate_key* k2 = (struct rate_key*)key2; 130 if(k1->namelen != k2->namelen) { 131 if(k1->namelen < k2->namelen) 132 return -1; 133 return 1; 134 } 135 return query_dname_compare(k1->name, k2->name); 136 } 137 138 void 139 rate_delkeyfunc(void* k, void* ATTR_UNUSED(arg)) 140 { 141 struct rate_key* key = (struct rate_key*)k; 142 if(!key) 143 return; 144 lock_rw_destroy(&key->entry.lock); 145 free(key->name); 146 free(key); 147 } 148 149 void 150 rate_deldatafunc(void* d, void* ATTR_UNUSED(arg)) 151 { 152 struct rate_data* data = (struct rate_data*)d; 153 free(data); 154 } 155 156 /** find or create element in domainlimit tree */ 157 static struct domain_limit_data* domain_limit_findcreate( 158 struct infra_cache* infra, char* name) 159 { 160 uint8_t* nm; 161 int labs; 162 size_t nmlen; 163 struct domain_limit_data* d; 164 165 /* parse name */ 166 nm = sldns_str2wire_dname(name, &nmlen); 167 if(!nm) { 168 log_err("could not parse %s", name); 169 return NULL; 170 } 171 labs = dname_count_labels(nm); 172 173 /* can we find it? */ 174 d = (struct domain_limit_data*)name_tree_find(&infra->domain_limits, 175 nm, nmlen, labs, LDNS_RR_CLASS_IN); 176 if(d) { 177 free(nm); 178 return d; 179 } 180 181 /* create it */ 182 d = (struct domain_limit_data*)calloc(1, sizeof(*d)); 183 if(!d) { 184 free(nm); 185 return NULL; 186 } 187 d->node.node.key = &d->node; 188 d->node.name = nm; 189 d->node.len = nmlen; 190 d->node.labs = labs; 191 d->node.dclass = LDNS_RR_CLASS_IN; 192 d->lim = -1; 193 d->below = -1; 194 if(!name_tree_insert(&infra->domain_limits, &d->node, nm, nmlen, 195 labs, LDNS_RR_CLASS_IN)) { 196 log_err("duplicate element in domainlimit tree"); 197 free(nm); 198 free(d); 199 return NULL; 200 } 201 return d; 202 } 203 204 /** insert rate limit configuration into lookup tree */ 205 static int infra_ratelimit_cfg_insert(struct infra_cache* infra, 206 struct config_file* cfg) 207 { 208 struct config_str2list* p; 209 struct domain_limit_data* d; 210 for(p = cfg->ratelimit_for_domain; p; p = p->next) { 211 d = domain_limit_findcreate(infra, p->str); 212 if(!d) 213 return 0; 214 d->lim = atoi(p->str2); 215 } 216 for(p = cfg->ratelimit_below_domain; p; p = p->next) { 217 d = domain_limit_findcreate(infra, p->str); 218 if(!d) 219 return 0; 220 d->below = atoi(p->str2); 221 } 222 return 1; 223 } 224 225 /** setup domain limits tree (0 on failure) */ 226 static int 227 setup_domain_limits(struct infra_cache* infra, struct config_file* cfg) 228 { 229 name_tree_init(&infra->domain_limits); 230 if(!infra_ratelimit_cfg_insert(infra, cfg)) { 231 return 0; 232 } 233 name_tree_init_parents(&infra->domain_limits); 234 return 1; 235 } 236 237 struct infra_cache* 238 infra_create(struct config_file* cfg) 239 { 240 struct infra_cache* infra = (struct infra_cache*)calloc(1, 241 sizeof(struct infra_cache)); 242 size_t maxmem = cfg->infra_cache_numhosts * (sizeof(struct infra_key)+ 243 sizeof(struct infra_data)+INFRA_BYTES_NAME); 244 if(!infra) { 245 return NULL; 246 } 247 infra->hosts = slabhash_create(cfg->infra_cache_slabs, 248 INFRA_HOST_STARTSIZE, maxmem, &infra_sizefunc, &infra_compfunc, 249 &infra_delkeyfunc, &infra_deldatafunc, NULL); 250 if(!infra->hosts) { 251 free(infra); 252 return NULL; 253 } 254 infra->host_ttl = cfg->host_ttl; 255 infra->infra_keep_probing = cfg->infra_keep_probing; 256 infra_dp_ratelimit = cfg->ratelimit; 257 infra->domain_rates = slabhash_create(cfg->ratelimit_slabs, 258 INFRA_HOST_STARTSIZE, cfg->ratelimit_size, 259 &rate_sizefunc, &rate_compfunc, &rate_delkeyfunc, 260 &rate_deldatafunc, NULL); 261 if(!infra->domain_rates) { 262 infra_delete(infra); 263 return NULL; 264 } 265 /* insert config data into ratelimits */ 266 if(!setup_domain_limits(infra, cfg)) { 267 infra_delete(infra); 268 return NULL; 269 } 270 infra_ip_ratelimit = cfg->ip_ratelimit; 271 infra->client_ip_rates = slabhash_create(cfg->ip_ratelimit_slabs, 272 INFRA_HOST_STARTSIZE, cfg->ip_ratelimit_size, &ip_rate_sizefunc, 273 &ip_rate_compfunc, &ip_rate_delkeyfunc, &ip_rate_deldatafunc, NULL); 274 if(!infra->client_ip_rates) { 275 infra_delete(infra); 276 return NULL; 277 } 278 return infra; 279 } 280 281 /** delete domain_limit entries */ 282 static void domain_limit_free(rbnode_type* n, void* ATTR_UNUSED(arg)) 283 { 284 if(n) { 285 free(((struct domain_limit_data*)n)->node.name); 286 free(n); 287 } 288 } 289 290 void 291 infra_delete(struct infra_cache* infra) 292 { 293 if(!infra) 294 return; 295 slabhash_delete(infra->hosts); 296 slabhash_delete(infra->domain_rates); 297 traverse_postorder(&infra->domain_limits, domain_limit_free, NULL); 298 slabhash_delete(infra->client_ip_rates); 299 free(infra); 300 } 301 302 struct infra_cache* 303 infra_adjust(struct infra_cache* infra, struct config_file* cfg) 304 { 305 size_t maxmem; 306 if(!infra) 307 return infra_create(cfg); 308 infra->host_ttl = cfg->host_ttl; 309 infra->infra_keep_probing = cfg->infra_keep_probing; 310 infra_dp_ratelimit = cfg->ratelimit; 311 infra_ip_ratelimit = cfg->ip_ratelimit; 312 maxmem = cfg->infra_cache_numhosts * (sizeof(struct infra_key)+ 313 sizeof(struct infra_data)+INFRA_BYTES_NAME); 314 /* divide cachesize by slabs and multiply by slabs, because if the 315 * cachesize is not an even multiple of slabs, that is the resulting 316 * size of the slabhash */ 317 if(!slabhash_is_size(infra->hosts, maxmem, cfg->infra_cache_slabs) || 318 !slabhash_is_size(infra->domain_rates, cfg->ratelimit_size, 319 cfg->ratelimit_slabs) || 320 !slabhash_is_size(infra->client_ip_rates, cfg->ip_ratelimit_size, 321 cfg->ip_ratelimit_slabs)) { 322 infra_delete(infra); 323 infra = infra_create(cfg); 324 } else { 325 /* reapply domain limits */ 326 traverse_postorder(&infra->domain_limits, domain_limit_free, 327 NULL); 328 if(!setup_domain_limits(infra, cfg)) { 329 infra_delete(infra); 330 return NULL; 331 } 332 } 333 return infra; 334 } 335 336 /** calculate the hash value for a host key 337 * set use_port to a non-0 number to use the port in 338 * the hash calculation; 0 to ignore the port.*/ 339 static hashvalue_type 340 hash_addr(struct sockaddr_storage* addr, socklen_t addrlen, 341 int use_port) 342 { 343 hashvalue_type h = 0xab; 344 /* select the pieces to hash, some OS have changing data inside */ 345 if(addr_is_ip6(addr, addrlen)) { 346 struct sockaddr_in6* in6 = (struct sockaddr_in6*)addr; 347 h = hashlittle(&in6->sin6_family, sizeof(in6->sin6_family), h); 348 if(use_port){ 349 h = hashlittle(&in6->sin6_port, sizeof(in6->sin6_port), h); 350 } 351 h = hashlittle(&in6->sin6_addr, INET6_SIZE, h); 352 } else { 353 struct sockaddr_in* in = (struct sockaddr_in*)addr; 354 h = hashlittle(&in->sin_family, sizeof(in->sin_family), h); 355 if(use_port){ 356 h = hashlittle(&in->sin_port, sizeof(in->sin_port), h); 357 } 358 h = hashlittle(&in->sin_addr, INET_SIZE, h); 359 } 360 return h; 361 } 362 363 /** calculate infra hash for a key */ 364 static hashvalue_type 365 hash_infra(struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* name) 366 { 367 return dname_query_hash(name, hash_addr(addr, addrlen, 1)); 368 } 369 370 /** lookup version that does not check host ttl (you check it) */ 371 struct lruhash_entry* 372 infra_lookup_nottl(struct infra_cache* infra, struct sockaddr_storage* addr, 373 socklen_t addrlen, uint8_t* name, size_t namelen, int wr) 374 { 375 struct infra_key k; 376 k.addrlen = addrlen; 377 memcpy(&k.addr, addr, addrlen); 378 k.namelen = namelen; 379 k.zonename = name; 380 k.entry.hash = hash_infra(addr, addrlen, name); 381 k.entry.key = (void*)&k; 382 k.entry.data = NULL; 383 return slabhash_lookup(infra->hosts, k.entry.hash, &k, wr); 384 } 385 386 /** init the data elements */ 387 static void 388 data_entry_init(struct infra_cache* infra, struct lruhash_entry* e, 389 time_t timenow) 390 { 391 struct infra_data* data = (struct infra_data*)e->data; 392 data->ttl = timenow + infra->host_ttl; 393 rtt_init(&data->rtt); 394 data->edns_version = 0; 395 data->edns_lame_known = 0; 396 data->probedelay = 0; 397 data->isdnsseclame = 0; 398 data->rec_lame = 0; 399 data->lame_type_A = 0; 400 data->lame_other = 0; 401 data->timeout_A = 0; 402 data->timeout_AAAA = 0; 403 data->timeout_other = 0; 404 } 405 406 /** 407 * Create and init a new entry for a host 408 * @param infra: infra structure with config parameters. 409 * @param addr: host address. 410 * @param addrlen: length of addr. 411 * @param name: name of zone 412 * @param namelen: length of name. 413 * @param tm: time now. 414 * @return: the new entry or NULL on malloc failure. 415 */ 416 static struct lruhash_entry* 417 new_entry(struct infra_cache* infra, struct sockaddr_storage* addr, 418 socklen_t addrlen, uint8_t* name, size_t namelen, time_t tm) 419 { 420 struct infra_data* data; 421 struct infra_key* key = (struct infra_key*)malloc(sizeof(*key)); 422 if(!key) 423 return NULL; 424 data = (struct infra_data*)malloc(sizeof(struct infra_data)); 425 if(!data) { 426 free(key); 427 return NULL; 428 } 429 key->zonename = memdup(name, namelen); 430 if(!key->zonename) { 431 free(key); 432 free(data); 433 return NULL; 434 } 435 key->namelen = namelen; 436 lock_rw_init(&key->entry.lock); 437 key->entry.hash = hash_infra(addr, addrlen, name); 438 key->entry.key = (void*)key; 439 key->entry.data = (void*)data; 440 key->addrlen = addrlen; 441 memcpy(&key->addr, addr, addrlen); 442 data_entry_init(infra, &key->entry, tm); 443 return &key->entry; 444 } 445 446 int 447 infra_host(struct infra_cache* infra, struct sockaddr_storage* addr, 448 socklen_t addrlen, uint8_t* nm, size_t nmlen, time_t timenow, 449 int* edns_vs, uint8_t* edns_lame_known, int* to) 450 { 451 struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, 452 nm, nmlen, 0); 453 struct infra_data* data; 454 int wr = 0; 455 if(e && ((struct infra_data*)e->data)->ttl < timenow) { 456 /* it expired, try to reuse existing entry */ 457 int old = ((struct infra_data*)e->data)->rtt.rto; 458 time_t tprobe = ((struct infra_data*)e->data)->probedelay; 459 uint8_t tA = ((struct infra_data*)e->data)->timeout_A; 460 uint8_t tAAAA = ((struct infra_data*)e->data)->timeout_AAAA; 461 uint8_t tother = ((struct infra_data*)e->data)->timeout_other; 462 lock_rw_unlock(&e->lock); 463 e = infra_lookup_nottl(infra, addr, addrlen, nm, nmlen, 1); 464 if(e) { 465 /* if its still there we have a writelock, init */ 466 /* re-initialise */ 467 /* do not touch lameness, it may be valid still */ 468 data_entry_init(infra, e, timenow); 469 wr = 1; 470 /* TOP_TIMEOUT remains on reuse */ 471 if(old >= USEFUL_SERVER_TOP_TIMEOUT) { 472 ((struct infra_data*)e->data)->rtt.rto 473 = USEFUL_SERVER_TOP_TIMEOUT; 474 ((struct infra_data*)e->data)->probedelay = tprobe; 475 ((struct infra_data*)e->data)->timeout_A = tA; 476 ((struct infra_data*)e->data)->timeout_AAAA = tAAAA; 477 ((struct infra_data*)e->data)->timeout_other = tother; 478 } 479 } 480 } 481 if(!e) { 482 /* insert new entry */ 483 if(!(e = new_entry(infra, addr, addrlen, nm, nmlen, timenow))) 484 return 0; 485 data = (struct infra_data*)e->data; 486 *edns_vs = data->edns_version; 487 *edns_lame_known = data->edns_lame_known; 488 *to = rtt_timeout(&data->rtt); 489 slabhash_insert(infra->hosts, e->hash, e, data, NULL); 490 return 1; 491 } 492 /* use existing entry */ 493 data = (struct infra_data*)e->data; 494 *edns_vs = data->edns_version; 495 *edns_lame_known = data->edns_lame_known; 496 *to = rtt_timeout(&data->rtt); 497 if(*to >= PROBE_MAXRTO && (infra->infra_keep_probing || 498 rtt_notimeout(&data->rtt)*4 <= *to)) { 499 /* delay other queries, this is the probe query */ 500 if(!wr) { 501 lock_rw_unlock(&e->lock); 502 e = infra_lookup_nottl(infra, addr,addrlen,nm,nmlen, 1); 503 if(!e) { /* flushed from cache real fast, no use to 504 allocate just for the probedelay */ 505 return 1; 506 } 507 data = (struct infra_data*)e->data; 508 } 509 /* add 999 to round up the timeout value from msec to sec, 510 * then add a whole second so it is certain that this probe 511 * has timed out before the next is allowed */ 512 data->probedelay = timenow + ((*to)+1999)/1000; 513 } 514 lock_rw_unlock(&e->lock); 515 return 1; 516 } 517 518 int 519 infra_set_lame(struct infra_cache* infra, struct sockaddr_storage* addr, 520 socklen_t addrlen, uint8_t* nm, size_t nmlen, time_t timenow, 521 int dnsseclame, int reclame, uint16_t qtype) 522 { 523 struct infra_data* data; 524 struct lruhash_entry* e; 525 int needtoinsert = 0; 526 e = infra_lookup_nottl(infra, addr, addrlen, nm, nmlen, 1); 527 if(!e) { 528 /* insert it */ 529 if(!(e = new_entry(infra, addr, addrlen, nm, nmlen, timenow))) { 530 log_err("set_lame: malloc failure"); 531 return 0; 532 } 533 needtoinsert = 1; 534 } else if( ((struct infra_data*)e->data)->ttl < timenow) { 535 /* expired, reuse existing entry */ 536 data_entry_init(infra, e, timenow); 537 } 538 /* got an entry, now set the zone lame */ 539 data = (struct infra_data*)e->data; 540 /* merge data (if any) */ 541 if(dnsseclame) 542 data->isdnsseclame = 1; 543 if(reclame) 544 data->rec_lame = 1; 545 if(!dnsseclame && !reclame && qtype == LDNS_RR_TYPE_A) 546 data->lame_type_A = 1; 547 if(!dnsseclame && !reclame && qtype != LDNS_RR_TYPE_A) 548 data->lame_other = 1; 549 /* done */ 550 if(needtoinsert) 551 slabhash_insert(infra->hosts, e->hash, e, e->data, NULL); 552 else { lock_rw_unlock(&e->lock); } 553 return 1; 554 } 555 556 void 557 infra_update_tcp_works(struct infra_cache* infra, 558 struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* nm, 559 size_t nmlen) 560 { 561 struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, 562 nm, nmlen, 1); 563 struct infra_data* data; 564 if(!e) 565 return; /* doesn't exist */ 566 data = (struct infra_data*)e->data; 567 if(data->rtt.rto >= RTT_MAX_TIMEOUT) 568 /* do not disqualify this server altogether, it is better 569 * than nothing */ 570 data->rtt.rto = RTT_MAX_TIMEOUT-1000; 571 lock_rw_unlock(&e->lock); 572 } 573 574 int 575 infra_rtt_update(struct infra_cache* infra, struct sockaddr_storage* addr, 576 socklen_t addrlen, uint8_t* nm, size_t nmlen, int qtype, 577 int roundtrip, int orig_rtt, time_t timenow) 578 { 579 struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, 580 nm, nmlen, 1); 581 struct infra_data* data; 582 int needtoinsert = 0, expired = 0; 583 int rto = 1; 584 time_t oldprobedelay = 0; 585 if(!e) { 586 if(!(e = new_entry(infra, addr, addrlen, nm, nmlen, timenow))) 587 return 0; 588 needtoinsert = 1; 589 } else if(((struct infra_data*)e->data)->ttl < timenow) { 590 oldprobedelay = ((struct infra_data*)e->data)->probedelay; 591 data_entry_init(infra, e, timenow); 592 expired = 1; 593 } 594 /* have an entry, update the rtt */ 595 data = (struct infra_data*)e->data; 596 if(roundtrip == -1) { 597 if(needtoinsert || expired) { 598 /* timeout on entry that has expired before the timer 599 * keep old timeout from the function caller */ 600 data->rtt.rto = orig_rtt; 601 data->probedelay = oldprobedelay; 602 } 603 rtt_lost(&data->rtt, orig_rtt); 604 if(qtype == LDNS_RR_TYPE_A) { 605 if(data->timeout_A < TIMEOUT_COUNT_MAX) 606 data->timeout_A++; 607 } else if(qtype == LDNS_RR_TYPE_AAAA) { 608 if(data->timeout_AAAA < TIMEOUT_COUNT_MAX) 609 data->timeout_AAAA++; 610 } else { 611 if(data->timeout_other < TIMEOUT_COUNT_MAX) 612 data->timeout_other++; 613 } 614 } else { 615 /* if we got a reply, but the old timeout was above server 616 * selection height, delete the timeout so the server is 617 * fully available again */ 618 if(rtt_unclamped(&data->rtt) >= USEFUL_SERVER_TOP_TIMEOUT) 619 rtt_init(&data->rtt); 620 rtt_update(&data->rtt, roundtrip); 621 data->probedelay = 0; 622 if(qtype == LDNS_RR_TYPE_A) 623 data->timeout_A = 0; 624 else if(qtype == LDNS_RR_TYPE_AAAA) 625 data->timeout_AAAA = 0; 626 else data->timeout_other = 0; 627 } 628 if(data->rtt.rto > 0) 629 rto = data->rtt.rto; 630 631 if(needtoinsert) 632 slabhash_insert(infra->hosts, e->hash, e, e->data, NULL); 633 else { lock_rw_unlock(&e->lock); } 634 return rto; 635 } 636 637 long long infra_get_host_rto(struct infra_cache* infra, 638 struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* nm, 639 size_t nmlen, struct rtt_info* rtt, int* delay, time_t timenow, 640 int* tA, int* tAAAA, int* tother) 641 { 642 struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, 643 nm, nmlen, 0); 644 struct infra_data* data; 645 long long ttl = -2; 646 if(!e) return -1; 647 data = (struct infra_data*)e->data; 648 if(data->ttl >= timenow) { 649 ttl = (long long)(data->ttl - timenow); 650 memmove(rtt, &data->rtt, sizeof(*rtt)); 651 if(timenow < data->probedelay) 652 *delay = (int)(data->probedelay - timenow); 653 else *delay = 0; 654 } 655 *tA = (int)data->timeout_A; 656 *tAAAA = (int)data->timeout_AAAA; 657 *tother = (int)data->timeout_other; 658 lock_rw_unlock(&e->lock); 659 return ttl; 660 } 661 662 int 663 infra_edns_update(struct infra_cache* infra, struct sockaddr_storage* addr, 664 socklen_t addrlen, uint8_t* nm, size_t nmlen, int edns_version, 665 time_t timenow) 666 { 667 struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, 668 nm, nmlen, 1); 669 struct infra_data* data; 670 int needtoinsert = 0; 671 if(!e) { 672 if(!(e = new_entry(infra, addr, addrlen, nm, nmlen, timenow))) 673 return 0; 674 needtoinsert = 1; 675 } else if(((struct infra_data*)e->data)->ttl < timenow) { 676 data_entry_init(infra, e, timenow); 677 } 678 /* have an entry, update the rtt, and the ttl */ 679 data = (struct infra_data*)e->data; 680 /* do not update if noEDNS and stored is yesEDNS */ 681 if(!(edns_version == -1 && (data->edns_version != -1 && 682 data->edns_lame_known))) { 683 data->edns_version = edns_version; 684 data->edns_lame_known = 1; 685 } 686 687 if(needtoinsert) 688 slabhash_insert(infra->hosts, e->hash, e, e->data, NULL); 689 else { lock_rw_unlock(&e->lock); } 690 return 1; 691 } 692 693 int 694 infra_get_lame_rtt(struct infra_cache* infra, 695 struct sockaddr_storage* addr, socklen_t addrlen, 696 uint8_t* name, size_t namelen, uint16_t qtype, 697 int* lame, int* dnsseclame, int* reclame, int* rtt, time_t timenow) 698 { 699 struct infra_data* host; 700 struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, 701 name, namelen, 0); 702 if(!e) 703 return 0; 704 host = (struct infra_data*)e->data; 705 *rtt = rtt_unclamped(&host->rtt); 706 if(host->rtt.rto >= PROBE_MAXRTO && timenow >= host->probedelay 707 && infra->infra_keep_probing) { 708 /* single probe, keep probing */ 709 if(*rtt >= USEFUL_SERVER_TOP_TIMEOUT) 710 *rtt = USEFUL_SERVER_TOP_TIMEOUT-1000; 711 } else if(host->rtt.rto >= PROBE_MAXRTO && timenow < host->probedelay 712 && rtt_notimeout(&host->rtt)*4 <= host->rtt.rto) { 713 /* single probe for this domain, and we are not probing */ 714 /* unless the query type allows a probe to happen */ 715 if(qtype == LDNS_RR_TYPE_A) { 716 if(host->timeout_A >= TIMEOUT_COUNT_MAX) 717 *rtt = USEFUL_SERVER_TOP_TIMEOUT; 718 else *rtt = USEFUL_SERVER_TOP_TIMEOUT-1000; 719 } else if(qtype == LDNS_RR_TYPE_AAAA) { 720 if(host->timeout_AAAA >= TIMEOUT_COUNT_MAX) 721 *rtt = USEFUL_SERVER_TOP_TIMEOUT; 722 else *rtt = USEFUL_SERVER_TOP_TIMEOUT-1000; 723 } else { 724 if(host->timeout_other >= TIMEOUT_COUNT_MAX) 725 *rtt = USEFUL_SERVER_TOP_TIMEOUT; 726 else *rtt = USEFUL_SERVER_TOP_TIMEOUT-1000; 727 } 728 } 729 /* expired entry */ 730 if(timenow > host->ttl) { 731 732 /* see if this can be a re-probe of an unresponsive server */ 733 /* minus 1000 because that is outside of the RTTBAND, so 734 * blacklisted servers stay blacklisted if this is chosen */ 735 if(host->rtt.rto >= USEFUL_SERVER_TOP_TIMEOUT) { 736 lock_rw_unlock(&e->lock); 737 *rtt = USEFUL_SERVER_TOP_TIMEOUT-1000; 738 *lame = 0; 739 *dnsseclame = 0; 740 *reclame = 0; 741 return 1; 742 } 743 lock_rw_unlock(&e->lock); 744 return 0; 745 } 746 /* check lameness first */ 747 if(host->lame_type_A && qtype == LDNS_RR_TYPE_A) { 748 lock_rw_unlock(&e->lock); 749 *lame = 1; 750 *dnsseclame = 0; 751 *reclame = 0; 752 return 1; 753 } else if(host->lame_other && qtype != LDNS_RR_TYPE_A) { 754 lock_rw_unlock(&e->lock); 755 *lame = 1; 756 *dnsseclame = 0; 757 *reclame = 0; 758 return 1; 759 } else if(host->isdnsseclame) { 760 lock_rw_unlock(&e->lock); 761 *lame = 0; 762 *dnsseclame = 1; 763 *reclame = 0; 764 return 1; 765 } else if(host->rec_lame) { 766 lock_rw_unlock(&e->lock); 767 *lame = 0; 768 *dnsseclame = 0; 769 *reclame = 1; 770 return 1; 771 } 772 /* no lameness for this type of query */ 773 lock_rw_unlock(&e->lock); 774 *lame = 0; 775 *dnsseclame = 0; 776 *reclame = 0; 777 return 1; 778 } 779 780 int infra_find_ratelimit(struct infra_cache* infra, uint8_t* name, 781 size_t namelen) 782 { 783 int labs = dname_count_labels(name); 784 struct domain_limit_data* d = (struct domain_limit_data*) 785 name_tree_lookup(&infra->domain_limits, name, namelen, labs, 786 LDNS_RR_CLASS_IN); 787 if(!d) return infra_dp_ratelimit; 788 789 if(d->node.labs == labs && d->lim != -1) 790 return d->lim; /* exact match */ 791 792 /* find 'below match' */ 793 if(d->node.labs == labs) 794 d = (struct domain_limit_data*)d->node.parent; 795 while(d) { 796 if(d->below != -1) 797 return d->below; 798 d = (struct domain_limit_data*)d->node.parent; 799 } 800 return infra_dp_ratelimit; 801 } 802 803 size_t ip_rate_sizefunc(void* k, void* ATTR_UNUSED(d)) 804 { 805 struct ip_rate_key* key = (struct ip_rate_key*)k; 806 return sizeof(*key) + sizeof(struct ip_rate_data) 807 + lock_get_mem(&key->entry.lock); 808 } 809 810 int ip_rate_compfunc(void* key1, void* key2) 811 { 812 struct ip_rate_key* k1 = (struct ip_rate_key*)key1; 813 struct ip_rate_key* k2 = (struct ip_rate_key*)key2; 814 return sockaddr_cmp_addr(&k1->addr, k1->addrlen, 815 &k2->addr, k2->addrlen); 816 } 817 818 void ip_rate_delkeyfunc(void* k, void* ATTR_UNUSED(arg)) 819 { 820 struct ip_rate_key* key = (struct ip_rate_key*)k; 821 if(!key) 822 return; 823 lock_rw_destroy(&key->entry.lock); 824 free(key); 825 } 826 827 /** find data item in array, for write access, caller unlocks */ 828 static struct lruhash_entry* infra_find_ratedata(struct infra_cache* infra, 829 uint8_t* name, size_t namelen, int wr) 830 { 831 struct rate_key key; 832 hashvalue_type h = dname_query_hash(name, 0xab); 833 memset(&key, 0, sizeof(key)); 834 key.name = name; 835 key.namelen = namelen; 836 key.entry.hash = h; 837 return slabhash_lookup(infra->domain_rates, h, &key, wr); 838 } 839 840 /** find data item in array for ip addresses */ 841 static struct lruhash_entry* infra_find_ip_ratedata(struct infra_cache* infra, 842 struct sockaddr_storage* addr, socklen_t addrlen, int wr) 843 { 844 struct ip_rate_key key; 845 hashvalue_type h = hash_addr(addr, addrlen, 0); 846 memset(&key, 0, sizeof(key)); 847 key.addr = *addr; 848 key.addrlen = addrlen; 849 key.entry.hash = h; 850 return slabhash_lookup(infra->client_ip_rates, h, &key, wr); 851 } 852 853 /** create rate data item for name, number 1 in now */ 854 static void infra_create_ratedata(struct infra_cache* infra, 855 uint8_t* name, size_t namelen, time_t timenow) 856 { 857 hashvalue_type h = dname_query_hash(name, 0xab); 858 struct rate_key* k = (struct rate_key*)calloc(1, sizeof(*k)); 859 struct rate_data* d = (struct rate_data*)calloc(1, sizeof(*d)); 860 if(!k || !d) { 861 free(k); 862 free(d); 863 return; /* alloc failure */ 864 } 865 k->namelen = namelen; 866 k->name = memdup(name, namelen); 867 if(!k->name) { 868 free(k); 869 free(d); 870 return; /* alloc failure */ 871 } 872 lock_rw_init(&k->entry.lock); 873 k->entry.hash = h; 874 k->entry.key = k; 875 k->entry.data = d; 876 d->qps[0] = 1; 877 d->timestamp[0] = timenow; 878 slabhash_insert(infra->domain_rates, h, &k->entry, d, NULL); 879 } 880 881 /** create rate data item for ip address */ 882 static void infra_ip_create_ratedata(struct infra_cache* infra, 883 struct sockaddr_storage* addr, socklen_t addrlen, time_t timenow) 884 { 885 hashvalue_type h = hash_addr(addr, addrlen, 0); 886 struct ip_rate_key* k = (struct ip_rate_key*)calloc(1, sizeof(*k)); 887 struct ip_rate_data* d = (struct ip_rate_data*)calloc(1, sizeof(*d)); 888 if(!k || !d) { 889 free(k); 890 free(d); 891 return; /* alloc failure */ 892 } 893 k->addr = *addr; 894 k->addrlen = addrlen; 895 lock_rw_init(&k->entry.lock); 896 k->entry.hash = h; 897 k->entry.key = k; 898 k->entry.data = d; 899 d->qps[0] = 1; 900 d->timestamp[0] = timenow; 901 slabhash_insert(infra->client_ip_rates, h, &k->entry, d, NULL); 902 } 903 904 /** Find the second and return its rate counter. If none and should_add, remove 905 * oldest to accommodate. Else return none. */ 906 static int* infra_rate_find_second_or_none(void* data, time_t t, int should_add) 907 { 908 struct rate_data* d = (struct rate_data*)data; 909 int i, oldest; 910 for(i=0; i<RATE_WINDOW; i++) { 911 if(d->timestamp[i] == t) 912 return &(d->qps[i]); 913 } 914 if(!should_add) return NULL; 915 /* remove oldest timestamp, and insert it at t with 0 qps */ 916 oldest = 0; 917 for(i=0; i<RATE_WINDOW; i++) { 918 if(d->timestamp[i] < d->timestamp[oldest]) 919 oldest = i; 920 } 921 d->timestamp[oldest] = t; 922 d->qps[oldest] = 0; 923 return &(d->qps[oldest]); 924 } 925 926 /** find the second and return its rate counter, if none, remove oldest to 927 * accommodate */ 928 static int* infra_rate_give_second(void* data, time_t t) 929 { 930 return infra_rate_find_second_or_none(data, t, 1); 931 } 932 933 /** find the second and return its rate counter only if it exists. Caller 934 * should check for NULL return value */ 935 static int* infra_rate_get_second(void* data, time_t t) 936 { 937 return infra_rate_find_second_or_none(data, t, 0); 938 } 939 940 int infra_rate_max(void* data, time_t now, int backoff) 941 { 942 struct rate_data* d = (struct rate_data*)data; 943 int i, max = 0; 944 for(i=0; i<RATE_WINDOW; i++) { 945 if(backoff) { 946 if(now-d->timestamp[i] <= RATE_WINDOW && 947 d->qps[i] > max) { 948 max = d->qps[i]; 949 } 950 } else { 951 if(now == d->timestamp[i]) { 952 return d->qps[i]; 953 } 954 } 955 } 956 return max; 957 } 958 959 int infra_ratelimit_inc(struct infra_cache* infra, uint8_t* name, 960 size_t namelen, time_t timenow, int backoff, struct query_info* qinfo, 961 struct comm_reply* replylist) 962 { 963 int lim, max; 964 struct lruhash_entry* entry; 965 966 if(!infra_dp_ratelimit) 967 return 1; /* not enabled */ 968 969 /* find ratelimit */ 970 lim = infra_find_ratelimit(infra, name, namelen); 971 if(!lim) 972 return 1; /* disabled for this domain */ 973 974 /* find or insert ratedata */ 975 entry = infra_find_ratedata(infra, name, namelen, 1); 976 if(entry) { 977 int premax = infra_rate_max(entry->data, timenow, backoff); 978 int* cur = infra_rate_give_second(entry->data, timenow); 979 (*cur)++; 980 max = infra_rate_max(entry->data, timenow, backoff); 981 lock_rw_unlock(&entry->lock); 982 983 if(premax <= lim && max > lim) { 984 char buf[257], qnm[257], ts[12], cs[12], ip[128]; 985 dname_str(name, buf); 986 dname_str(qinfo->qname, qnm); 987 sldns_wire2str_type_buf(qinfo->qtype, ts, sizeof(ts)); 988 sldns_wire2str_class_buf(qinfo->qclass, cs, sizeof(cs)); 989 ip[0]=0; 990 if(replylist) { 991 addr_to_str((struct sockaddr_storage *)&replylist->remote_addr, 992 replylist->remote_addrlen, ip, sizeof(ip)); 993 verbose(VERB_OPS, "ratelimit exceeded %s %d query %s %s %s from %s", buf, lim, qnm, cs, ts, ip); 994 } else { 995 verbose(VERB_OPS, "ratelimit exceeded %s %d query %s %s %s", buf, lim, qnm, cs, ts); 996 } 997 } 998 return (max <= lim); 999 } 1000 1001 /* create */ 1002 infra_create_ratedata(infra, name, namelen, timenow); 1003 return (1 <= lim); 1004 } 1005 1006 void infra_ratelimit_dec(struct infra_cache* infra, uint8_t* name, 1007 size_t namelen, time_t timenow) 1008 { 1009 struct lruhash_entry* entry; 1010 int* cur; 1011 if(!infra_dp_ratelimit) 1012 return; /* not enabled */ 1013 entry = infra_find_ratedata(infra, name, namelen, 1); 1014 if(!entry) return; /* not cached */ 1015 cur = infra_rate_get_second(entry->data, timenow); 1016 if(cur == NULL) { 1017 /* our timenow is not available anymore; nothing to decrease */ 1018 lock_rw_unlock(&entry->lock); 1019 return; 1020 } 1021 if((*cur) > 0) 1022 (*cur)--; 1023 lock_rw_unlock(&entry->lock); 1024 } 1025 1026 int infra_ratelimit_exceeded(struct infra_cache* infra, uint8_t* name, 1027 size_t namelen, time_t timenow, int backoff) 1028 { 1029 struct lruhash_entry* entry; 1030 int lim, max; 1031 if(!infra_dp_ratelimit) 1032 return 0; /* not enabled */ 1033 1034 /* find ratelimit */ 1035 lim = infra_find_ratelimit(infra, name, namelen); 1036 if(!lim) 1037 return 0; /* disabled for this domain */ 1038 1039 /* find current rate */ 1040 entry = infra_find_ratedata(infra, name, namelen, 0); 1041 if(!entry) 1042 return 0; /* not cached */ 1043 max = infra_rate_max(entry->data, timenow, backoff); 1044 lock_rw_unlock(&entry->lock); 1045 1046 return (max > lim); 1047 } 1048 1049 size_t 1050 infra_get_mem(struct infra_cache* infra) 1051 { 1052 size_t s = sizeof(*infra) + slabhash_get_mem(infra->hosts); 1053 if(infra->domain_rates) s += slabhash_get_mem(infra->domain_rates); 1054 if(infra->client_ip_rates) s += slabhash_get_mem(infra->client_ip_rates); 1055 /* ignore domain_limits because walk through tree is big */ 1056 return s; 1057 } 1058 1059 /* Returns 1 if the limit has not been exceeded, 0 otherwise. */ 1060 static int 1061 check_ip_ratelimit(struct sockaddr_storage* addr, socklen_t addrlen, 1062 struct sldns_buffer* buffer, int premax, int max, int has_cookie) 1063 { 1064 int limit; 1065 1066 if(has_cookie) limit = infra_ip_ratelimit_cookie; 1067 else limit = infra_ip_ratelimit; 1068 1069 /* Disabled */ 1070 if(limit == 0) return 1; 1071 1072 if(premax <= limit && max > limit) { 1073 char client_ip[128], qnm[LDNS_MAX_DOMAINLEN+1+12+12]; 1074 addr_to_str(addr, addrlen, client_ip, sizeof(client_ip)); 1075 qnm[0]=0; 1076 if(sldns_buffer_limit(buffer)>LDNS_HEADER_SIZE && 1077 LDNS_QDCOUNT(sldns_buffer_begin(buffer))!=0) { 1078 (void)sldns_wire2str_rrquestion_buf( 1079 sldns_buffer_at(buffer, LDNS_HEADER_SIZE), 1080 sldns_buffer_limit(buffer)-LDNS_HEADER_SIZE, 1081 qnm, sizeof(qnm)); 1082 if(strlen(qnm)>0 && qnm[strlen(qnm)-1]=='\n') 1083 qnm[strlen(qnm)-1] = 0; /*remove newline*/ 1084 if(strchr(qnm, '\t')) 1085 *strchr(qnm, '\t') = ' '; 1086 if(strchr(qnm, '\t')) 1087 *strchr(qnm, '\t') = ' '; 1088 verbose(VERB_OPS, "ip_ratelimit exceeded %s %d%s %s", 1089 client_ip, limit, 1090 has_cookie?"(cookie)":"", qnm); 1091 } else { 1092 verbose(VERB_OPS, "ip_ratelimit exceeded %s %d%s (no query name)", 1093 client_ip, limit, 1094 has_cookie?"(cookie)":""); 1095 } 1096 } 1097 return (max <= limit); 1098 } 1099 1100 int infra_ip_ratelimit_inc(struct infra_cache* infra, 1101 struct sockaddr_storage* addr, socklen_t addrlen, time_t timenow, 1102 int has_cookie, int backoff, struct sldns_buffer* buffer) 1103 { 1104 int max; 1105 struct lruhash_entry* entry; 1106 1107 /* not enabled */ 1108 if(!infra_ip_ratelimit) { 1109 return 1; 1110 } 1111 /* find or insert ratedata */ 1112 entry = infra_find_ip_ratedata(infra, addr, addrlen, 1); 1113 if(entry) { 1114 int premax = infra_rate_max(entry->data, timenow, backoff); 1115 int* cur = infra_rate_give_second(entry->data, timenow); 1116 (*cur)++; 1117 max = infra_rate_max(entry->data, timenow, backoff); 1118 lock_rw_unlock(&entry->lock); 1119 return check_ip_ratelimit(addr, addrlen, buffer, premax, max, 1120 has_cookie); 1121 } 1122 1123 /* create */ 1124 infra_ip_create_ratedata(infra, addr, addrlen, timenow); 1125 return 1; 1126 } 1127