|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/build-scripts/auto-build
|
| @@ -23,7 +23,7 @@
LATEST=$(svn info . | awk '/^Revision/ { print $2 }' )
DATE=$(date +%Y%m%d).$LATEST
-build-scripts/set-version "$DATE"
+build-scripts/set-version-auth "$DATE"
./bootstrap
fakeroot debian-pdns/rules binary-static
|
|
[-]
[+]
|
Deleted |
pdns-3.2.tar.gz/build-scripts/set-version
^
|
| @@ -1,8 +0,0 @@
-#!/bin/bash
-VERSION=$1
-[ -z "$VERSION" ] && exit
-
-ssed -r "s/Version: (.*)/Version: \\1.$VERSION/" -i *.spec
-ssed -r "s/AM_INIT_AUTOMAKE\\(pdns, (.*)\\)/AM_INIT_AUTOMAKE\(pdns, \\1.$VERSION\)/" -i configure.ac
-ssed -r "1 s/^pdns \\(([^)]*)-([0-9.])\\)/pdns \\(\\1.$VERSION-\\2\\)/" -i debian-pdns/changelog
-ssed -r "s/^VERSION=(.*)/VERSION=\\1.$VERSION/" -i pdns/dist-recursor
|
|
[-]
[+]
|
Added |
pdns-3.2.tar.gz/build-scripts/set-version-auth
^
|
| @@ -0,0 +1,7 @@
+#!/bin/bash
+VERSION=$1
+[ -z "$VERSION" ] && exit
+
+ssed -r "s/Version: (.*)/Version: \\1.$VERSION/" -i *.spec
+ssed -r "s/AM_INIT_AUTOMAKE\\(pdns, (.*)\\)/AM_INIT_AUTOMAKE\(pdns, \\1.$VERSION\)/" -i configure.ac
+ssed -r "1 s/^pdns \\(([^)]*)-([0-9.])\\)/pdns \\(\\1.$VERSION-\\2\\)/" -i debian-pdns/changelog
|
|
[-]
[+]
|
Added |
pdns-3.2.tar.gz/build-scripts/set-version-recursor
^
|
| @@ -0,0 +1,5 @@
+#!/bin/bash
+VERSION=$1
+[ -z "$VERSION" ] && exit
+
+ssed -r "s/^VERSION=(.*)/VERSION=\\1.$VERSION/" -i pdns/dist-recursor
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/contrib/systemd-pdns.service
^
|
| @@ -4,9 +4,10 @@
[Service]
Type=forking
-ExecStart=/usr/sbin/pdns_server --daemon --guardian=yes
-ExecReload=/usr/bin/pdns_control cycle
+ExecStart=/usr/sbin/pdns_server --daemon
ExecStop=/usr/bin/pdns_control quit
+Restart=on-failure
+RestartSec=2
[Install]
WantedBy=multi-user.target
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/modules/pipebackend/pipebackend.hh
^
|
| @@ -1,6 +1,6 @@
//
// File : pdnsbackend.hh
-// Version : $Id: pipebackend.hh 1976 2011-02-06 11:11:34Z ahu $
+// Version : $Id: pipebackend.hh 3040 2013-01-11 09:23:54Z ahu $
//
#ifndef PIPEBACKEND_HH
@@ -9,34 +9,10 @@
#include <string>
#include <map>
#include <sys/types.h>
-#include <regex.h>
#include <boost/shared_ptr.hpp>
#include "pdns/namespaces.hh"
-
-/** very small regex wrapper */
-class Regex
-{
-public:
- /** constructor that accepts the expression to regex */
- Regex(const string &expr)
- {
- if(regcomp(&d_preg, expr.c_str(), REG_ICASE|REG_NOSUB|REG_EXTENDED))
- throw AhuException("Regular expression did not compile");
- }
- ~Regex()
- {
- regfree(&d_preg);
- }
- /** call this to find out if 'line' matches your expression */
- bool match(const string &line)
- {
- return regexec(&d_preg,line.c_str(),0,0,0)==0;
- }
-
-private:
- regex_t d_preg;
-};
+#include "pdns/misc.hh"
/** The CoWrapper class wraps around a coprocess and restarts it if needed.
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/modules/remotebackend/httpconnector.cc
^
|
| @@ -96,15 +96,17 @@
curl_easy_setopt(d_c, CURLOPT_POSTFIELDSIZE, 0);
} else if (method == "addDomainKey") {
// create post with keydata
- std::stringstream ss2;
- const rapidjson::Value& param = parameters["key"];
- ss2 << "flags=" << param["flags"].GetUint() << "&active=" << (param["active"].GetBool() ? 1 : 0) << "&content=";
+ char *postfields;
+ int nsize;
+ const rapidjson::Value& param = parameters["key"];
tmpstr = curl_easy_escape(d_c, param["content"].GetString(), 0);
- ss2 << tmpstr;
- sparam = ss2.str();
- curl_easy_setopt(d_c, CURLOPT_POSTFIELDSIZE, sparam.size());
- curl_easy_setopt(d_c, CURLOPT_COPYPOSTFIELDS, sparam.c_str());
+ nsize = 35 + strlen(tmpstr);
+ postfields = new char[nsize];
+ nsize = snprintf(postfields, nsize, "flags=%u&active=%d&content=%s", param["flags"].GetUint(), (param["active"].GetBool() ? 1 : 0), tmpstr);
+ curl_easy_setopt(d_c, CURLOPT_POSTFIELDSIZE, nsize);
+ curl_easy_setopt(d_c, CURLOPT_COPYPOSTFIELDS, postfields);
curl_free(tmpstr);
+ delete postfields;
} else if (method == "setDomainMetadata") {
int n=0;
// copy all metadata values into post
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/modules/remotebackend/regression-tests/dnsbackend.rb
^
|
| @@ -48,6 +48,8 @@
end
def do_GET(req,res)
+ req.continue
+
tmp = req.path[/dns\/(.*)/,1]
return 400, "Bad request" if (tmp.nil?)
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/bind-dnssec.schema.sqlite3.sql
^
|
| @@ -1,27 +1,27 @@
create table domainmetadata (
- id INTEGER PRIMARY KEY,
- domain VARCHAR(255) COLLATE NOCASE,
- kind VARCHAR(16) COLLATE NOCASE,
- content TEXT
+ id INTEGER PRIMARY KEY,
+ domain VARCHAR(255) COLLATE NOCASE,
+ kind VARCHAR(16) COLLATE NOCASE,
+ content TEXT
);
create index domainmetanameindex on domainmetadata(domain);
create table cryptokeys (
- id INTEGER PRIMARY KEY,
- domain VARCHAR(255) COLLATE NOCASE,
- flags INT NOT NULL,
- active BOOL,
- content TEXT
-);
+ id INTEGER PRIMARY KEY,
+ domain VARCHAR(255) COLLATE NOCASE,
+ flags INT NOT NULL,
+ active BOOL,
+ content TEXT
+);
create index domainnameindex on cryptokeys(domain);
create table tsigkeys (
- id INTEGER PRIMARY KEY,
- name VARCHAR(255) COLLATE NOCASE,
- algorithm VARCHAR(50) COLLATE NOCASE,
- secret VARCHAR(255)
+ id INTEGER PRIMARY KEY,
+ name VARCHAR(255) COLLATE NOCASE,
+ algorithm VARCHAR(50) COLLATE NOCASE,
+ secret VARCHAR(255)
);
create unique index namealgoindex on tsigkeys(name, algorithm);
|
|
[-]
[+]
|
Deleted |
pdns-3.2.tar.gz/pdns/build-semi-static-pdns_server
^
|
| @@ -1,33 +0,0 @@
-g++ -DSYSCONFDIR=\"/etc/powerdns\" -DLIBDIR=\"/usr/lib/powerdns\" \
--DLOCALSTATEDIR=\"/var/run\" -Ibackends/bind -pthread -I/usr/include/lua5.1 \
--Iext/polarssl-1.1.2/include -DPDNS_ENABLE_LUA -D_GNU_SOURCE -Wall -O2 \
-../modules/gmysqlbackend/gmysqlbackend.o ../modules/gmysqlbackend/smysql.o \
-../modules/gpgsqlbackend/gpgsqlbackend.o ../modules/gpgsqlbackend/spgsql.o \
-../modules/pipebackend/coprocess.o ../modules/pipebackend/pipebackend.o \
-../modules/gsqlitebackend/gsqlitebackend.o \
-../modules/gsqlitebackend/ssqlite.o \
-../modules/gsqlite3backend/gsqlite3backend.o \
-../modules/luabackend/luabackend.o ../modules/luabackend/minimal.o \
-../modules/luabackend/reload.o ../modules/luabackend/lua_functions.o \
-../modules/luabackend/master.o ../modules/luabackend/private.o \
-../modules/luabackend/slave.o ../modules/luabackend/supermaster.o \
-../modules/luabackend/dnssec.o ../modules/geobackend/geobackend.o \
-../modules/geobackend/ippreftree.o -rdynamic -pthread -rdynamic -Wl,-rpath \
--Wl,/opt/postgresql/lib -o pdns_server dnspacket.o nameserver.o \
-qtype.o logger.o arguments.o packethandler.o tcpreceiver.o packetcache.o \
-statbag.o dnsbackend.o ws.o webserver.o session.o misc.o receiver.o \
-ueberbackend.o dynlistener.o dynhandler.o resolver.o slavecommunicator.o \
-mastercommunicator.o communicator.o dnsproxy.o randombackend.o \
-unix_utility.o common_startup.o unix_semaphore.o bindbackend2.o binddnssec.o \
-bindparser.o bindlexer.o gsqlbackend.o base64.o sillyrecords.o \
-zoneparser-tng.o dnsrecords.o dnswriter.o rcpgenerator.o dnsparser.o \
-aescrypt.o aeskey.o aes_modes.o aestab.o dns_random.o randomhelper.o \
-nsecrecords.o base32.o dbdnsseckeeper.o dnssecinfra.o dns.o dnssecsigner.o \
-polarrsakeyinfra.o md5.o signingpipe.o dnslabeltext.o lua-pdns-recursor.o \
-serialtweaker.o ednssubnet.o dnslabel.o botan110signers.o botansigners.o \
-cryptoppsigners.o ssqlite3.o -Wl,-Bstatic -lmysqlclient -lpq -lssl -lcrypto -lresolv \
--lnsl /usr/lib/libsqlite.a -L/usr/local/lib -L/opt/postgresql/lib \
--L/usr/lib/x86_64-linux-gnu/ ext/polarssl-1.1.2/library/libpolarssl.a \
--lboost_serialization-mt -llua5.1 /usr/lib/x86_64-linux-gnu/libsqlite3.a \
--lbotan-1.10 -lgmp -lcryptopp -lz -lcrypt -pthread -Wl,-rpath \
--Wl,/usr/local/lib -Wl,-Bdynamic -ldl -static-libgcc -static-libstdc++
|
|
[-]
[+]
|
Deleted |
pdns-3.2.tar.gz/pdns/build-semi-static-pdnssec
^
|
| @@ -1,29 +0,0 @@
-g++ -DSYSCONFDIR=\"/etc/powerdns\" -DLIBDIR=\"/usr/lib/powerdns\" \
--DLOCALSTATEDIR=\"/var/run\" -Ibackends/bind -pthread -I/usr/include/lua5.1 \
--Iext/polarssl-1.1.2/include -DPDNS_ENABLE_LUA -D_GNU_SOURCE -Wall -O2 \
-../modules/gmysqlbackend/gmysqlbackend.o ../modules/gmysqlbackend/smysql.o \
-../modules/gpgsqlbackend/gpgsqlbackend.o ../modules/gpgsqlbackend/spgsql.o \
-../modules/pipebackend/coprocess.o ../modules/pipebackend/pipebackend.o \
-../modules/gsqlitebackend/gsqlitebackend.o \
-../modules/gsqlitebackend/ssqlite.o \
-../modules/gsqlite3backend/gsqlite3backend.o \
-../modules/luabackend/luabackend.o ../modules/luabackend/minimal.o \
-../modules/luabackend/reload.o ../modules/luabackend/lua_functions.o \
-../modules/luabackend/master.o ../modules/luabackend/private.o \
-../modules/luabackend/slave.o ../modules/luabackend/supermaster.o \
-../modules/luabackend/dnssec.o ../modules/geobackend/geobackend.o \
-../modules/geobackend/ippreftree.o -rdynamic -pthread -Wl,-rpath \
--Wl,/opt/postgresql/lib -o pdnssec pdnssec.o dbdnsseckeeper.o \
-dnsparser.o dnsrecords.o dnswriter.o misc.o rcpgenerator.o base64.o \
-unix_utility.o logger.o statbag.o qtype.o sillyrecords.o nsecrecords.o \
-dnssecinfra.o base32.o ueberbackend.o dnsbackend.o arguments.o packetcache.o \
-dnspacket.o bindbackend2.o binddnssec.o bindparser.o bindlexer.o \
-gsqlbackend.o zoneparser-tng.o dynlistener.o dns.o randombackend.o \
-dnssecsigner.o polarrsakeyinfra.o md5.o signingpipe.o dnslabeltext.o \
-ednssubnet.o dnslabel.o botan110signers.o botansigners.o cryptoppsigners.o \
-ssqlite3.o -ldl -Wl,-Bstatic -lmysqlclient -lpq -lssl -lcrypto -lresolv -lnsl \
-/usr/lib/libsqlite.a -llua5.1 -L/usr/local/lib -L/opt/postgresql/lib \
--L/usr/lib/x86_64-linux-gnu/ ext/polarssl-1.1.2/library/libpolarssl.a \
--lboost_program_options-mt -lboost_serialization-mt \
-/usr/lib/x86_64-linux-gnu/libsqlite3.a -lbotan-1.10 -lgmp -lcryptopp -lz \
--lcrypt -pthread -Wl,-rpath -Wl,/usr/local/lib -static-libgcc -static-libstdc++
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/cryptoppsigners.cc
^
|
| @@ -82,18 +82,26 @@
storvect.push_back(make_pair("PrivateKey", string((char*)buffer, sizeof(buffer))));
return storvect;
}
+
template<class HASHER, class CURVE, int BITS>
void CryptoPPECDSADNSCryptoKeyEngine<HASHER,CURVE,BITS>::fromISCMap(DNSKEYRecordContent& drc, std::map<std::string, std::string>& stormap )
{
+ AutoSeededRandomPool prng;
privatekey_t* privateKey = new privatekey_t;
- const CryptoPP::Integer x;
+ const CryptoPP::Integer x(reinterpret_cast<const unsigned char*>(stormap["privatekey"].c_str()), BITS/8); // well it should be this long
CryptoPP::OID oid=CURVE();
- privateKey->Initialize(oid, x );
+ privateKey->Initialize(oid, x);
+ bool result = privateKey->Validate(prng, 3);
+ if (!result) {
+ throw "Cannot load private key - validation failed!";
+ }
d_key = shared_ptr<privatekey_t>(privateKey);
publickey_t* publicKey = new publickey_t();
d_key->MakePublicKey(*publicKey);
d_pubkey = shared_ptr<publickey_t>(publicKey);
+ drc.d_algorithm = atoi(stormap["algorithm"].c_str());
}
+
template<class HASHER, class CURVE, int BITS>
std::string CryptoPPECDSADNSCryptoKeyEngine<HASHER,CURVE,BITS>::getPubKeyHash() const
{
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/dnssec.schema.mysql.sql
^
|
| @@ -1,8 +1,8 @@
create table domainmetadata (
- id INT auto_increment,
- domain_id INT NOT NULL,
- kind VARCHAR(16),
- content TEXT,
+ id INT auto_increment,
+ domain_id INT NOT NULL,
+ kind VARCHAR(16),
+ content TEXT,
primary key(id)
);
@@ -10,13 +10,13 @@
create table cryptokeys (
- id INT auto_increment,
- domain_id INT NOT NULL,
- flags INT NOT NULL,
- active BOOL,
- content TEXT,
+ id INT auto_increment,
+ domain_id INT NOT NULL,
+ flags INT NOT NULL,
+ active BOOL,
+ content TEXT,
primary key(id)
-);
+);
create index domainidindex on cryptokeys(domain_id);
@@ -25,10 +25,10 @@
create index recordorder on records (domain_id, ordername);
create table tsigkeys (
- id INT auto_increment,
- name VARCHAR(255),
- algorithm VARCHAR(50),
- secret VARCHAR(255),
+ id INT auto_increment,
+ name VARCHAR(255),
+ algorithm VARCHAR(50),
+ secret VARCHAR(255),
primary key(id)
);
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/dnssec.schema.pgsql.sql
^
|
| @@ -1,24 +1,24 @@
-alter table records add ordername VARCHAR(255);
+alter table records add ordername VARCHAR(255);
alter table records add auth bool;
create index recordorder on records (domain_id, ordername text_pattern_ops);
create table domainmetadata (
- id SERIAL PRIMARY KEY,
- domain_id INT REFERENCES domains(id) ON DELETE CASCADE,
- kind VARCHAR(16),
- content TEXT
+ id SERIAL PRIMARY KEY,
+ domain_id INT REFERENCES domains(id) ON DELETE CASCADE,
+ kind VARCHAR(16),
+ content TEXT
);
create index domainidmetaindex on domainmetadata(domain_id);
create table cryptokeys (
- id SERIAL PRIMARY KEY,
- domain_id INT REFERENCES domains(id) ON DELETE CASCADE,
- flags INT NOT NULL,
- active BOOL,
- content TEXT
-);
+ id SERIAL PRIMARY KEY,
+ domain_id INT REFERENCES domains(id) ON DELETE CASCADE,
+ flags INT NOT NULL,
+ active BOOL,
+ content TEXT
+);
create index domainidindex on cryptokeys(domain_id);
@@ -28,10 +28,10 @@
-- GRANT ALL ON cryptokeys_id_seq TO pdns;
create table tsigkeys (
- id SERIAL PRIMARY KEY,
- name VARCHAR(255),
- algorithm VARCHAR(50),
- secret VARCHAR(255)
+ id SERIAL PRIMARY KEY,
+ name VARCHAR(255),
+ algorithm VARCHAR(50),
+ secret VARCHAR(255)
);
create unique index namealgoindex on tsigkeys(name, algorithm);
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/dnssec.schema.sqlite3.sql
^
|
| @@ -3,29 +3,29 @@
create index orderindex on records(ordername);
create table domainmetadata (
- id INTEGER PRIMARY KEY,
- domain_id INT NOT NULL,
- kind VARCHAR(16) COLLATE NOCASE,
- content TEXT
+ id INTEGER PRIMARY KEY,
+ domain_id INT NOT NULL,
+ kind VARCHAR(16) COLLATE NOCASE,
+ content TEXT
);
create index domainmetaidindex on domainmetadata(domain_id);
create table cryptokeys (
- id INTEGER PRIMARY KEY,
- domain_id INT NOT NULL,
- flags INT NOT NULL,
- active BOOL,
- content TEXT
-);
+ id INTEGER PRIMARY KEY,
+ domain_id INT NOT NULL,
+ flags INT NOT NULL,
+ active BOOL,
+ content TEXT
+);
create index domainidindex on cryptokeys(domain_id);
create table tsigkeys (
- id INTEGER PRIMARY KEY,
- name VARCHAR(255) COLLATE NOCASE,
- algorithm VARCHAR(50) COLLATE NOCASE,
- secret VARCHAR(255)
+ id INTEGER PRIMARY KEY,
+ name VARCHAR(255) COLLATE NOCASE,
+ algorithm VARCHAR(50) COLLATE NOCASE,
+ secret VARCHAR(255)
);
create unique index namealgoindex on tsigkeys(name, algorithm);
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/docs/pdns.xml
^
|
| @@ -11266,6 +11266,14 @@
</para>
</note>
<para>
+ Previously, on Linux, if the PowerDNS Authoritative Server was configured to bind to the IPv6 address ::, the server would answer
+ questions that came in via IPv6 *and* IPv4.
+ </para>
+ <para>
+ As of 3.2, binding to :: on Linux now does the same thing as binding to :: on other operating systems: perform IPv6 service. To continue
+ the old behaviour, use 'local-address=0.0.0.0' and 'local-ipv6=::'.
+ </para>
+ <para>
3.2 again involves some SQL schema changes, to make sure 'ordername' is ordered correctly for NSEC generation. For MySQL:
<screen>
alter table records modify ordername VARCHAR(255) BINARY;
@@ -12932,6 +12940,15 @@
</para>
</listitem>
</varlistentry>
+
+ <varlistentry>
+ <term>reload-acls</term>
+ <listitem>
+ <para>
+ Reload access control lists.
+ </para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term>reload-zones</term>
<listitem>
@@ -12951,6 +12968,34 @@
</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>trace-regex regex</term>
+ <listitem>
+ <para>
+ Queries matching this regular expression will generate
+ voluminous tracing output. Be aware that matches from the
+ packet cache will still not generate tracing. To unset the
+ regex, pass 'trace-regex' without a new regex.
+ </para>
+ <para>
+ The regular expression is matched against domain queries
+ terminated with a '.'. So, for example the regex
+ 'powerdns.com$' will not match a query for
+ 'www.powerdns.com', since the attempted match will be with
+ 'www.powerdns.com.'.
+ </para>
+ <para>
+ In addition, since this is a regular expression, to
+ exclusively match queries for 'www.powerdns.com', one
+ should escape the dots: '^www\.powerdns\.com\.$'.
+ </para>
+ <para>
+ Multiple matches can be chained with the | operator. For
+ example, to match all queries for Dutch (.nl) and German
+ (.de) domain names, use: '\.nl\.$|\.de\.$'.
+ </para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term>wipe-cache domain0. [domain1. domain2.]</term>
<listitem>
@@ -13209,6 +13254,7 @@
packetcache-misses Packet cache misses (since 3.2)
qa-latency shows the current latency average, in microseconds
questions counts all End-user initiated queries with the RD bit set
+ipv6-questions counts all End-user initiated queries with the RD bit set, received over IPv6 UDP
resource-limits counts number of queries that could not be performed because of resource limits
server-parse-errors counts number of server replied packets that could not be parsed
servfail-answers counts the number of times it answered SERVFAIL since starting
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/misc.cc
^
|
| @@ -778,3 +778,8 @@
return true;
}
+Regex::Regex(const string &expr)
+{
+ if(regcomp(&d_preg, expr.c_str(), REG_ICASE|REG_NOSUB|REG_EXTENDED))
+ throw AhuException("Regular expression did not compile");
+}
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/misc.hh
^
|
| @@ -20,6 +20,7 @@
#include <inttypes.h>
#include <cstring>
#include <cstdio>
+#include <regex.h>
#include <boost/algorithm/string.hpp>
#include <boost/multi_index_container.hpp>
#include <boost/multi_index/ordered_index.hpp>
@@ -449,4 +450,25 @@
return res;
}
+/** very small regex wrapper */
+class Regex
+{
+public:
+ /** constructor that accepts the expression to regex */
+ Regex(const string &expr);
+
+ ~Regex()
+ {
+ regfree(&d_preg);
+ }
+ /** call this to find out if 'line' matches your expression */
+ bool match(const string &line)
+ {
+ return regexec(&d_preg,line.c_str(),0,0,0)==0;
+ }
+
+private:
+ regex_t d_preg;
+};
+
#endif
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/no-dnssec.schema.mysql.sql
^
|
| @@ -1,9 +1,9 @@
create table domains (
- id INT auto_increment,
- name VARCHAR(255) NOT NULL,
- master VARCHAR(128) DEFAULT NULL,
- last_check INT DEFAULT NULL,
- type VARCHAR(6) NOT NULL,
+ id INT auto_increment,
+ name VARCHAR(255) NOT NULL,
+ master VARCHAR(128) DEFAULT NULL,
+ last_check INT DEFAULT NULL,
+ type VARCHAR(6) NOT NULL,
notified_serial INT DEFAULT NULL,
account VARCHAR(40) DEFAULT NULL,
primary key (id)
@@ -28,7 +28,7 @@
CREATE INDEX domain_id ON records(domain_id);
create table supermasters (
- ip VARCHAR(25) NOT NULL,
+ ip VARCHAR(25) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
- account VARCHAR(40) DEFAULT NULL
+ account VARCHAR(40) DEFAULT NULL
) Engine=InnoDB;
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/no-dnssec.schema.pgsql.sql
^
|
| @@ -1,9 +1,9 @@
create table domains (
- id SERIAL PRIMARY KEY,
- name VARCHAR(255) NOT NULL,
- master VARCHAR(128) DEFAULT NULL,
- last_check INT DEFAULT NULL,
- type VARCHAR(6) NOT NULL,
+ id SERIAL PRIMARY KEY,
+ name VARCHAR(255) NOT NULL,
+ master VARCHAR(128) DEFAULT NULL,
+ last_check INT DEFAULT NULL,
+ type VARCHAR(6) NOT NULL,
notified_serial INT DEFAULT NULL,
account VARCHAR(40) DEFAULT NULL
);
@@ -29,9 +29,9 @@
CREATE INDEX domain_id ON records(domain_id);
create table supermasters (
- ip VARCHAR(25) NOT NULL,
- nameserver VARCHAR(255) NOT NULL,
- account VARCHAR(40) DEFAULT NULL
+ ip VARCHAR(25) NOT NULL,
+ nameserver VARCHAR(255) NOT NULL,
+ account VARCHAR(40) DEFAULT NULL
);
-- GRANT SELECT ON supermasters TO pdns;
@@ -40,4 +40,4 @@
-- GRANT ALL ON records TO pdns;
-- GRANT ALL ON records_id_seq TO pdns;
-
+
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/no-dnssec.schema.sqlite3.sql
^
|
| @@ -30,5 +30,3 @@
nameserver VARCHAR(255) NOT NULL COLLATE NOCASE,
account VARCHAR(40) DEFAULT NULL
);
-
-
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/pdns_recursor.cc
^
|
| @@ -1,6 +1,6 @@
/*
PowerDNS Versatile Database Driven Nameserver
- Copyright (C) 2003 - 2012 PowerDNS.COM BV
+ Copyright (C) 2003 - 2013 PowerDNS.COM BV
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2
@@ -78,6 +78,7 @@
bool g_logCommonErrors;
__thread shared_ptr<RecursorLua>* t_pdl;
__thread RemoteKeeper* t_remotes;
+__thread shared_ptr<Regex>* t_traceRegex;
RecursorControlChannel s_rcc; // only active in thread 0
@@ -510,8 +511,14 @@
pw.getHeader()->rd=dc->d_mdp.d_header.rd;
SyncRes sr(dc->d_now);
- if(!g_quiet)
- L<<Logger::Error<<t_id<<" ["<<MT->getTid()<<"] " << (dc->d_tcp ? "TCP " : "") << "question for '"<<dc->d_mdp.d_qname<<"|"
+ bool tracedQuery=false; // we could consider letting Lua know about this too
+ if(t_traceRegex->get() && (*t_traceRegex)->match(dc->d_mdp.d_qname)) {
+ sr.setLogMode(SyncRes::Store);
+ tracedQuery=true;
+ }
+
+ if(!g_quiet || tracedQuery)
+ L<<Logger::Warning<<t_id<<" ["<<MT->getTid()<<"] " << (dc->d_tcp ? "TCP " : "") << "question for '"<<dc->d_mdp.d_qname<<"|"
<<DNSRecordContent::NumberToType(dc->d_mdp.d_qtype)<<"' from "<<dc->getRemote()<<endl;
sr.setId(MT->getTid());
@@ -540,10 +547,18 @@
(*t_pdl)->postresolve(dc->d_remote, g_listenSocketsAddresses[dc->d_socket], dc->d_mdp.d_qname, QType(dc->d_mdp.d_qtype), ret, res, &variableAnswer);
}
}
-
-
uint32_t minTTL=std::numeric_limits<uint32_t>::max();
+
+ string trace(sr.getTrace());
+ if(!trace.empty()) {
+ vector<string> lines;
+ boost::split(lines, trace, boost::is_any_of("\n"));
+ BOOST_FOREACH(const string& line, lines) {
+ if(!line.empty())
+ L<<Logger::Warning<< line << endl;
+ }
+ }
if(res < 0) {
pw.getHeader()->rcode=RCode::ServFail;
// no commit here, because no record
@@ -552,7 +567,7 @@
else {
pw.getHeader()->rcode=res;
updateRcodeStats(res);
-
+
if(ret.size()) {
orderAndShuffle(ret);
@@ -816,6 +831,8 @@
string* doProcessUDPQuestion(const std::string& question, const ComboAddress& fromaddr, int fd)
{
++g_stats.qcounter;
+ if(fromaddr.sin4.sin_family==AF_INET6)
+ g_stats.ipv6qcounter++;
string response;
try {
@@ -1052,7 +1069,7 @@
void usr2Handler(int)
{
- SyncRes::setLog(true);
+ SyncRes::setDefaultLogMode(SyncRes::Log);
g_quiet=false;
::arg().set("quiet")="no";
@@ -1307,6 +1324,7 @@
string msg=s_rcc.recv(&remote);
RecursorControlParser rcp;
RecursorControlParser::func_t* command;
+
string answer=rcp.getAnswer(msg, &command);
try {
s_rcc.send(answer, &remote);
@@ -1531,6 +1549,29 @@
return broadcastAccFunction<string>(doReloadLuaScript);
}
+string* pleaseUseNewTraceRegex(const std::string& newRegex)
+try
+{
+ if(newRegex.empty()) {
+ t_traceRegex->reset();
+ return new string("unset\n");
+ }
+ else {
+ (*t_traceRegex) = shared_ptr<Regex>(new Regex(newRegex));
+ return new string("ok\n");
+ }
+}
+catch(AhuException& ae)
+{
+ return new string(ae.reason+"\n");
+}
+
+string doTraceRegex(vector<string>::const_iterator begin, vector<string>::const_iterator end)
+{
+ return broadcastAccFunction<string>(boost::bind(pleaseUseNewTraceRegex, begin!=end ? *begin : ""));
+}
+
+
void* recursorThread(void*);
void* pleaseSupplantACLs(NetmaskGroup *ng)
@@ -1539,6 +1580,9 @@
return 0;
}
+int g_argc;
+char** g_argv;
+
void parseACLs()
{
static bool l_initialized;
@@ -1549,8 +1593,9 @@
if(!::arg().preParseFile(configname.c_str(), "allow-from-file"))
L<<Logger::Warning<<"Unable to re-parse configuration file '"<<configname<<"'"<<endl;
-
+ ::arg().preParse(g_argc, g_argv, "allow-from-file");
::arg().preParseFile(configname.c_str(), "allow-from", LOCAL_NETS);
+ ::arg().preParse(g_argc, g_argv, "allow-from");
}
NetmaskGroup* oldAllowFrom = t_allowFrom, *allowFrom=new NetmaskGroup;
@@ -1666,12 +1711,16 @@
L<<Logger::Warning<<"PowerDNS Recursor itself will distribute queries over threads"<<endl;
}
- if(::arg().mustDo("trace")) {
- SyncRes::setLog(true);
+ if(::arg()["trace"]=="fail") {
+ SyncRes::setDefaultLogMode(SyncRes::Store);
+ }
+ else if(::arg().mustDo("trace")) {
+ SyncRes::setDefaultLogMode(SyncRes::Log);
::arg().set("quiet")="no";
g_quiet=false;
}
+
try {
vector<string> addrs;
if(!::arg()["query-local-address6"].empty()) {
@@ -1780,7 +1829,7 @@
pthread_t tid;
L<<Logger::Warning<<"Launching "<< g_numThreads <<" threads"<<endl;
for(unsigned int n=0; n < g_numThreads; ++n) {
- pthread_create(&tid, 0, recursorThread, (void*)n);
+ pthread_create(&tid, 0, recursorThread, (void*)(long)n);
}
void* res;
@@ -1820,6 +1869,9 @@
exit(99);
}
+ t_traceRegex = new shared_ptr<Regex>();
+
+
t_remotes = new RemoteKeeper();
t_remotes->remotes.resize(::arg().asNum("remotes-ringbuffer-entries") / g_numThreads);
@@ -1935,6 +1987,8 @@
int main(int argc, char **argv)
{
+ g_argc = argc;
+ g_argv = argv;
g_stats.startupTime=time(0);
reportBasicTypes();
@@ -1957,7 +2011,7 @@
::arg().set("aaaa-additional-processing","turn on to do AAAA additional processing (slow)")="off";
::arg().set("local-port","port to listen on")="53";
::arg().set("local-address","IP addresses to listen on, separated by spaces or commas. Also accepts ports.")="127.0.0.1";
- ::arg().set("trace","if we should output heaps of logging")="off";
+ ::arg().set("trace","if we should output heaps of logging. set to 'fail' to only log failing domains")="off";
::arg().set("daemon","Operate as a daemon")="yes";
::arg().set("log-common-errors","If we should log rather common errors")="yes";
::arg().set("chroot","switch to chroot jail")="";
@@ -2002,7 +2056,7 @@
::arg().set("packetcache-servfail-ttl", "maximum number of seconds to keep a cached servfail entry in packetcache")="60";
::arg().set("server-id", "Returned when queried for 'server.id' TXT or NSID, defaults to hostname")="";
::arg().set("remotes-ringbuffer-entries", "maximum number of packets to store statistics for")="0";
- ::arg().set("version-string", "string reported on version.pdns or version.bind")="PowerDNS Recursor "VERSION" $Id: pdns_recursor.cc 3030 2013-01-09 11:33:45Z peter $";
+ ::arg().set("version-string", "string reported on version.pdns or version.bind")="PowerDNS Recursor "VERSION" $Id: pdns_recursor.cc 3044 2013-01-11 13:07:40Z ahu $";
::arg().set("allow-from", "If set, only allow these comma separated netmasks to recurse")=LOCAL_NETS;
::arg().set("allow-from-file", "If set, load allowed netmasks from this file")="";
::arg().set("entropy-source", "If set, read entropy from this file")="/dev/urandom";
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/pdnssec.cc
^
|
| @@ -769,7 +769,6 @@
cerr<<"unset-nsec3 ZONE Switch back to NSEC\n";
cerr<<"unset-presigned ZONE No longer use presigned RRSIGs\n";
cerr<<"test-schema ZONE Test DB schema - will create ZONE\n\n";
- cerr<<"Options:"<<endl;
cerr<<desc<<endl;
return 0;
}
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/rec_channel_rec.cc
^
|
| @@ -402,6 +402,7 @@
RecursorControlParser::RecursorControlParser()
{
addGetStat("questions", &g_stats.qcounter);
+ addGetStat("ipv6-questions", &g_stats.ipv6qcounter);
addGetStat("tcp-questions", &g_stats.tcpqcounter);
addGetStat("cache-hits", doGetCacheHits);
@@ -574,6 +575,7 @@
"reload-acls reload ACLS\n"
"reload-lua-script [filename] (re)load Lua script\n"
"reload-zones reload all auth and forward zones\n"
+"trace-regex regex emit resolution trace for matching queries\n"
"top-remotes show top remotes\n"
"unload-lua-script unload Lua script\n"
"wipe-cache domain0 [domain1] .. wipe domain data from cache\n";
@@ -610,6 +612,9 @@
if(cmd=="reload-lua-script")
return doQueueReloadLuaScript(begin, end);
+ if(cmd=="trace-regex")
+ return doTraceRegex(begin, end);
+
if(cmd=="unload-lua-script") {
vector<string> empty;
empty.push_back(string());
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/syncres.cc
^
|
| @@ -1,6 +1,6 @@
/*
PowerDNS Versatile Database Driven Nameserver
- Copyright (C) 2003 - 2011 PowerDNS.COM BV
+ Copyright (C) 2003 - 2013 PowerDNS.COM BV
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 2 as published
@@ -56,9 +56,9 @@
bool SyncRes::s_nopacketcache;
string SyncRes::s_serverID;
-bool SyncRes::s_log;
+SyncRes::LogMode SyncRes::s_lm;
-#define LOG if(s_log) L<<Logger::Warning
+#define LOG(x) if(d_lm == Log) { L <<Logger::Warning << x; } else if(d_lm == Store) { d_trace << x; }
bool SyncRes::s_noEDNSPing;
bool SyncRes::s_noEDNS;
@@ -67,7 +67,8 @@
SyncRes::SyncRes(const struct timeval& now) : d_outqueries(0), d_tcpoutqueries(0), d_throttledqueries(0), d_timeouts(0), d_unreachables(0),
d_now(now),
- d_cacheonly(false), d_nocache(false), d_doEDNS0(false)
+ d_cacheonly(false), d_nocache(false), d_doEDNS0(false), d_lm(s_lm)
+
{
if(!t_sstorage) {
t_sstorage = new StaticStorage();
@@ -131,20 +132,20 @@
bool SyncRes::doOOBResolve(const string &qname, const QType &qtype, vector<DNSResourceRecord>&ret, int depth, int& res)
{
string prefix;
- if(s_log) {
+ if(doLog()) {
prefix=d_prefix;
prefix.append(depth, ' ');
}
- LOG<<prefix<<qname<<": checking auth storage for '"<<qname<<"|"<<qtype.getName()<<"'"<<endl;
+ LOG(prefix<<qname<<": checking auth storage for '"<<qname<<"|"<<qtype.getName()<<"'"<<endl);
string authdomain(qname);
domainmap_t::const_iterator iter=getBestAuthZone(&authdomain);
if(iter==t_sstorage->domainmap->end()) {
- LOG<<prefix<<qname<<": auth storage has no zone for this query!"<<endl;
+ LOG(prefix<<qname<<": auth storage has no zone for this query!"<<endl);
return false;
}
- LOG<<prefix<<qname<<": auth storage has data, zone='"<<authdomain<<"'"<<endl;
+ LOG(prefix<<qname<<": auth storage has data, zone='"<<authdomain<<"'"<<endl);
pair<AuthDomain::records_t::const_iterator, AuthDomain::records_t::const_iterator> range;
range=iter->second.d_records.equal_range(tie(qname)); // partial lookup
@@ -158,12 +159,12 @@
ret.push_back(*ziter);
}
if(!ret.empty()) {
- LOG<<prefix<<qname<<": exact match in zone '"<<authdomain<<"'"<<endl;
+ LOG(prefix<<qname<<": exact match in zone '"<<authdomain<<"'"<<endl);
res=0;
return true;
}
if(somedata) {
- LOG<<prefix<<qname<<": found record in '"<<authdomain<<"', but nothing of the right type, sending SOA"<<endl;
+ LOG(prefix<<qname<<": found record in '"<<authdomain<<"', but nothing of the right type, sending SOA"<<endl);
ziter=iter->second.d_records.find(make_tuple(authdomain, QType(QType::SOA)));
if(ziter!=iter->second.d_records.end()) {
DNSResourceRecord rr=*ziter;
@@ -171,15 +172,15 @@
ret.push_back(rr);
}
else
- LOG<<prefix<<qname<<": can't find SOA record '"<<authdomain<<"' in our zone!"<<endl;
+ LOG(prefix<<qname<<": can't find SOA record '"<<authdomain<<"' in our zone!"<<endl);
res=RCode::NoError;
return true;
}
- LOG<<prefix<<qname<<": nothing found so far in '"<<authdomain<<"', trying wildcards"<<endl;
+ LOG(prefix<<qname<<": nothing found so far in '"<<authdomain<<"', trying wildcards"<<endl);
string wcarddomain(qname);
while(!pdns_iequals(wcarddomain, iter->first) && chopOffDotted(wcarddomain)) {
- LOG<<prefix<<qname<<": trying '*."+wcarddomain+"' in "<<authdomain<<endl;
+ LOG(prefix<<qname<<": trying '*."+wcarddomain+"' in "<<authdomain<<endl);
range=iter->second.d_records.equal_range(make_tuple("*."+wcarddomain));
if(range.first==range.second)
continue;
@@ -192,7 +193,7 @@
ret.push_back(rr);
}
}
- LOG<<prefix<<qname<<": in '"<<authdomain<<"', had wildcard match on '*."+wcarddomain+"'"<<endl;
+ LOG(prefix<<qname<<": in '"<<authdomain<<"', had wildcard match on '*."+wcarddomain+"'"<<endl);
res=RCode::NoError;
return true;
}
@@ -211,7 +212,7 @@
}
}
if(ret.empty()) {
- LOG<<prefix<<qname<<": no NS match in zone '"<<authdomain<<"' either, handing out SOA"<<endl;
+ LOG(prefix<<qname<<": no NS match in zone '"<<authdomain<<"' either, handing out SOA"<<endl);
ziter=iter->second.d_records.find(make_tuple(authdomain, QType(QType::SOA)));
if(ziter!=iter->second.d_records.end()) {
DNSResourceRecord rr=*ziter;
@@ -219,7 +220,7 @@
ret.push_back(rr);
}
else
- LOG<<prefix<<qname<<": can't find SOA record '"<<authdomain<<"' in our zone!"<<endl;
+ LOG(prefix<<qname<<": can't find SOA record '"<<authdomain<<"' in our zone!"<<endl);
res=RCode::NXDomain;
}
else
@@ -282,7 +283,7 @@
if(ednsstatus->modeSetAt && ednsstatus->modeSetAt + 3600 < d_now.tv_sec) {
*ednsstatus=SyncRes::EDNSStatus();
- // cerr<<"Resetting EDNS Status for "<<ip.toString()<<endl;
+ // cerr<<"Resetting EDNS Status for "<<ip.toString()<<endl);
}
if(s_noEDNSPing && ednsstatus->mode == EDNSStatus::UNKNOWN)
@@ -294,7 +295,7 @@
int ret;
for(int tries = 0; tries < 3; ++tries) {
- // cerr<<"Remote '"<<ip.toString()<<"' currently in mode "<<mode<<endl;
+ // cerr<<"Remote '"<<ip.toString()<<"' currently in mode "<<mode<<endl);
if(mode==EDNSStatus::CONFIRMEDPINGER || mode==EDNSStatus::UNKNOWN || mode==EDNSStatus::EDNSPINGOK || mode==EDNSStatus::EDNSIGNORANT)
EDNSLevel = 2;
@@ -309,7 +310,7 @@
ret=asyncresolve(ip, domain, type, doTCP, sendRDQuery, EDNSLevel, now, res);
if(ret == 0 || ret < 0) {
- // cerr<<"Transport error or timeout (ret="<<ret<<"), no change in mode"<<endl;
+ // cerr<<"Transport error or timeout (ret="<<ret<<"), no change in mode"<<endl);
return ret;
}
@@ -328,7 +329,7 @@
}
else if(mode==EDNSStatus::UNKNOWN || mode==EDNSStatus::EDNSPINGOK || mode == EDNSStatus::EDNSIGNORANT ) {
if(res->d_rcode == RCode::FormErr) {
- // cerr<<"Downgrading to EDNSNOPING because of FORMERR!"<<endl;
+ // cerr<<"Downgrading to EDNSNOPING because of FORMERR!"<<endl);
mode = EDNSStatus::EDNSNOPING;
continue;
}
@@ -347,13 +348,13 @@
else if(!res->d_haveEDNS) {
if(mode != EDNSStatus::EDNSIGNORANT) {
mode = EDNSStatus::EDNSIGNORANT;
- // cerr<<"We find that "<<ip.toString()<<" is an EDNS-ignorer, moving to mode 3"<<endl;
+ // cerr<<"We find that "<<ip.toString()<<" is an EDNS-ignorer, moving to mode 3"<<endl);
}
}
}
else if(mode==EDNSStatus::EDNSNOPING) {
if(res->d_rcode == RCode::FormErr) {
- // cerr<<"Downgrading to mode 4, FORMERR!"<<endl;
+ // cerr<<"Downgrading to mode 4, FORMERR!"<<endl);
mode = EDNSStatus::NOEDNS;
continue;
}
@@ -367,7 +368,7 @@
}
if(oldmode != mode)
ednsstatus->modeSetAt=d_now.tv_sec;
- // cerr<<"Result: ret="<<ret<<", EDNS-level: "<<EDNSLevel<<", haveEDNS: "<<res->d_haveEDNS<<", EDNS-PING correct: "<<res->d_pingCorrect<<", new mode: "<<mode<<endl;
+ // cerr<<"Result: ret="<<ret<<", EDNS-level: "<<EDNSLevel<<", haveEDNS: "<<res->d_haveEDNS<<", EDNS-PING correct: "<<res->d_pingCorrect<<", new mode: "<<mode<<endl);
return ret;
}
@@ -377,7 +378,7 @@
int SyncRes::doResolve(const string &qname, const QType &qtype, vector<DNSResourceRecord>&ret, int depth, set<GetBestNSAnswer>& beenthere)
{
string prefix;
- if(s_log) {
+ if(doLog()) {
prefix=d_prefix;
prefix.append(depth, ' ');
}
@@ -386,7 +387,7 @@
if(!(d_nocache && qtype.getCode()==QType::NS && qname==".")) {
if(d_cacheonly) { // very limited OOB support
LWResult lwr;
- LOG<<prefix<<qname<<": Recursion not requested for '"<<qname<<"|"<<qtype.getName()<<"', peeking at auth/forward zones"<<endl;
+ LOG(prefix<<qname<<": Recursion not requested for '"<<qname<<"|"<<qtype.getName()<<"', peeking at auth/forward zones"<<endl);
string authname(qname);
domainmap_t::const_iterator iter=getBestAuthZone(&authname);
if(iter != t_sstorage->domainmap->end()) {
@@ -398,7 +399,7 @@
}
else {
const ComboAddress remoteIP = servers.front();
- LOG<<prefix<<qname<<": forwarding query to hardcoded nameserver '"<< remoteIP.toStringWithPort()<<"' for zone '"<<authname<<"'"<<endl;
+ LOG(prefix<<qname<<": forwarding query to hardcoded nameserver '"<< remoteIP.toStringWithPort()<<"' for zone '"<<authname<<"'"<<endl);
res=asyncresolveWrapper(remoteIP, qname, qtype.getCode(), false, false, &d_now, &lwr);
// filter out the good stuff from lwr.result()
@@ -422,7 +423,7 @@
if(d_cacheonly)
return 0;
- LOG<<prefix<<qname<<": No cache hit for '"<<qname<<"|"<<qtype.getName()<<"', trying to find an appropriate NS record"<<endl;
+ LOG(prefix<<qname<<": No cache hit for '"<<qname<<"|"<<qtype.getName()<<"', trying to find an appropriate NS record"<<endl);
string subdomain(qname);
@@ -438,7 +439,7 @@
if(!(res=doResolveAt(nsset, subdomain, flawedNSSet, qname, qtype, ret, depth, beenthere)))
return 0;
- LOG<<prefix<<qname<<": failed (res="<<res<<")"<<endl;
+ LOG(prefix<<qname<<": failed (res="<<res<<")"<<endl);
return res<0 ? RCode::ServFail : res;
}
@@ -493,14 +494,14 @@
void SyncRes::getBestNSFromCache(const string &qname, set<DNSResourceRecord>&bestns, bool* flawedNSSet, int depth, set<GetBestNSAnswer>& beenthere)
{
string prefix, subdomain(qname);
- if(s_log) {
+ if(doLog()) {
prefix=d_prefix;
prefix.append(depth, ' ');
}
bestns.clear();
do {
- LOG<<prefix<<qname<<": Checking if we have NS in cache for '"<<subdomain<<"'"<<endl;
+ LOG(prefix<<qname<<": Checking if we have NS in cache for '"<<subdomain<<"'"<<endl);
set<DNSResourceRecord> ns;
*flawedNSSet = false;
if(t_RC->get(d_now.tv_sec, subdomain, QType(QType::NS), &ns) > 0) {
@@ -511,20 +512,20 @@
DNSResourceRecord rr=*k;
rr.content=k->content;
if(!dottedEndsOn(rr.content, subdomain) || t_RC->get(d_now.tv_sec, rr.content, s_doIPv6 ? QType(QType::ADDR) : QType(QType::A),
- s_log ? &aset : 0) > 5) {
+ doLog() ? &aset : 0) > 5) {
bestns.insert(rr);
- LOG<<prefix<<qname<<": NS (with ip, or non-glue) in cache for '"<<subdomain<<"' -> '"<<rr.content<<"'"<<endl;
- LOG<<prefix<<qname<<": within bailiwick: "<<dottedEndsOn(rr.content, subdomain);
+ LOG(prefix<<qname<<": NS (with ip, or non-glue) in cache for '"<<subdomain<<"' -> '"<<rr.content<<"'"<<endl);
+ LOG(prefix<<qname<<": within bailiwick: "<<dottedEndsOn(rr.content, subdomain));
if(!aset.empty()) {
- LOG<<", in cache, ttl="<<(unsigned int)(((time_t)aset.begin()->ttl- d_now.tv_sec ))<<endl;
+ LOG(", in cache, ttl="<<(unsigned int)(((time_t)aset.begin()->ttl- d_now.tv_sec ))<<endl);
}
else {
- LOG<<", not in cache / did not look at cache"<<endl;
+ LOG(", not in cache / did not look at cache"<<endl);
}
}
else {
*flawedNSSet=true;
- LOG<<prefix<<qname<<": NS in cache for '"<<subdomain<<"', but needs glue ("<<k->content<<") which we miss or is expired"<<endl;
+ LOG(prefix<<qname<<": NS in cache for '"<<subdomain<<"', but needs glue ("<<k->content<<") which we miss or is expired"<<endl);
}
}
}
@@ -532,20 +533,21 @@
GetBestNSAnswer answer;
answer.qname=qname; answer.bestns=bestns;
if(beenthere.count(answer)) {
- LOG<<prefix<<qname<<": We have NS in cache for '"<<subdomain<<"' but part of LOOP! Trying less specific NS"<<endl;
- if(s_log)
- for( set<GetBestNSAnswer>::const_iterator j=beenthere.begin();j!=beenthere.end();++j)
- LOG<<prefix<<qname<<": beenthere: "<<j->qname<<" ("<<(unsigned int)j->bestns.size()<<")"<<endl;
+ LOG(prefix<<qname<<": We have NS in cache for '"<<subdomain<<"' but part of LOOP! Trying less specific NS"<<endl);
+ if(doLog())
+ for( set<GetBestNSAnswer>::const_iterator j=beenthere.begin();j!=beenthere.end();++j) {
+ LOG(prefix<<qname<<": beenthere: "<<j->qname<<" ("<<(unsigned int)j->bestns.size()<<")"<<endl);
+ }
bestns.clear();
}
else {
beenthere.insert(answer);
- LOG<<prefix<<qname<<": We have NS in cache for '"<<subdomain<<"' (flawedNSSet="<<*flawedNSSet<<")"<<endl;
+ LOG(prefix<<qname<<": We have NS in cache for '"<<subdomain<<"' (flawedNSSet="<<*flawedNSSet<<")"<<endl);
return;
}
}
}
- LOG<<prefix<<qname<<": no valid/useful NS in cache for '"<<subdomain<<"'"<<endl;
+ LOG(prefix<<qname<<": no valid/useful NS in cache for '"<<subdomain<<"'"<<endl);
if(subdomain==".") { primeHints(); }
}while(chopOffDotted(subdomain));
}
@@ -593,24 +595,24 @@
bool SyncRes::doCNAMECacheCheck(const string &qname, const QType &qtype, vector<DNSResourceRecord>&ret, int depth, int &res)
{
string prefix;
- if(s_log) {
+ if(doLog()) {
prefix=d_prefix;
prefix.append(depth, ' ');
}
if(depth>10) {
- LOG<<prefix<<qname<<": CNAME loop too deep, depth="<<depth<<endl;
+ LOG(prefix<<qname<<": CNAME loop too deep, depth="<<depth<<endl);
res=RCode::ServFail;
return true;
}
- LOG<<prefix<<qname<<": Looking for CNAME cache hit of '"<<(qname+"|CNAME")<<"'"<<endl;
+ LOG(prefix<<qname<<": Looking for CNAME cache hit of '"<<(qname+"|CNAME")<<"'"<<endl);
set<DNSResourceRecord> cset;
if(t_RC->get(d_now.tv_sec, qname,QType(QType::CNAME),&cset) > 0) {
for(set<DNSResourceRecord>::const_iterator j=cset.begin();j!=cset.end();++j) {
if(j->ttl>(unsigned int) d_now.tv_sec) {
- LOG<<prefix<<qname<<": Found cache CNAME hit for '"<< (qname+"|CNAME") <<"' to '"<<j->content<<"'"<<endl;
+ LOG(prefix<<qname<<": Found cache CNAME hit for '"<< (qname+"|CNAME") <<"' to '"<<j->content<<"'"<<endl);
DNSResourceRecord rr=*j;
rr.ttl-=d_now.tv_sec;
ret.push_back(rr);
@@ -624,7 +626,7 @@
}
}
}
- LOG<<prefix<<qname<<": No CNAME cache hit of '"<< (qname+"|CNAME") <<"' found"<<endl;
+ LOG(prefix<<qname<<": No CNAME cache hit of '"<< (qname+"|CNAME") <<"' found"<<endl);
return false;
}
@@ -636,7 +638,7 @@
bool giveNegative=false;
string prefix;
- if(s_log) {
+ if(doLog()) {
prefix=d_prefix;
prefix.append(depth, ' ');
}
@@ -655,11 +657,11 @@
if((uint32_t)d_now.tv_sec < ni->d_ttd) {
sttl=ni->d_ttd - d_now.tv_sec;
if(ni->d_qtype.getCode()) {
- LOG<<prefix<<qname<<": "<<qtype.getName()<<" is negatively cached via '"<<ni->d_qname<<"' for another "<<sttl<<" seconds"<<endl;
+ LOG(prefix<<qname<<": "<<qtype.getName()<<" is negatively cached via '"<<ni->d_qname<<"' for another "<<sttl<<" seconds"<<endl);
res = RCode::NoError;
}
else {
- LOG<<prefix<<qname<<": Entire record '"<<qname<<"', is negatively cached via '"<<ni->d_qname<<"' for another "<<sttl<<" seconds"<<endl;
+ LOG(prefix<<qname<<": Entire record '"<<qname<<"', is negatively cached via '"<<ni->d_qname<<"' for another "<<sttl<<" seconds"<<endl);
res= RCode::NXDomain;
}
giveNegative=true;
@@ -669,7 +671,7 @@
break;
}
else {
- LOG<<prefix<<qname<<": Entire record '"<<qname<<"' or type was negatively cached, but entry expired"<<endl;
+ LOG(prefix<<qname<<": Entire record '"<<qname<<"' or type was negatively cached, but entry expired"<<endl);
moveCacheItemToFront(t_sstorage->negcache, ni);
}
}
@@ -679,9 +681,9 @@
bool found=false, expired=false;
if(t_RC->get(d_now.tv_sec, sqname, sqt, &cset) > 0) {
- LOG<<prefix<<sqname<<": Found cache hit for "<<sqt.getName()<<": ";
+ LOG(prefix<<sqname<<": Found cache hit for "<<sqt.getName()<<": ");
for(set<DNSResourceRecord>::const_iterator j=cset.begin();j!=cset.end();++j) {
- LOG<<j->content;
+ LOG(j->content);
if(j->ttl>(unsigned int) d_now.tv_sec) {
DNSResourceRecord rr=*j;
rr.ttl-=d_now.tv_sec;
@@ -690,23 +692,23 @@
rr.ttl=sttl;
}
ret.push_back(rr);
- LOG<<"[ttl="<<rr.ttl<<"] ";
+ LOG("[ttl="<<rr.ttl<<"] ");
found=true;
}
else {
- LOG<<"[expired] ";
+ LOG("[expired] ");
expired=true;
}
}
- LOG<<endl;
+ LOG(endl);
if(found && !expired) {
if(!giveNegative)
res=0;
return true;
}
else
- LOG<<prefix<<qname<<": cache had only stale entries"<<endl;
+ LOG(prefix<<qname<<": cache had only stale entries"<<endl);
}
return false;
@@ -752,17 +754,18 @@
speedOrder so(speeds);
stable_sort(rnameservers.begin(),rnameservers.end(), so);
- if(s_log) {
- L<<Logger::Warning<<prefix<<"Nameservers: ";
+ if(doLog()) {
+ LOG(prefix<<"Nameservers: ");
for(vector<string>::const_iterator i=rnameservers.begin();i!=rnameservers.end();++i) {
if(i!=rnameservers.begin()) {
- L<<", ";
- if(!((i-rnameservers.begin())%3))
- L<<endl<<Logger::Warning<<prefix<<" ";
+ LOG(", ");
+ if(!((i-rnameservers.begin())%3)) {
+ LOG(endl<<prefix<<" ");
+ }
}
- L<<*i<<"(" << (int)(speeds[*i]/1000.0) <<"ms)";
+ LOG(*i<<"(" << (int)(speeds[*i]/1000.0) <<"ms)");
}
- L<<endl;
+ LOG(endl);
}
return rnameservers;
}
@@ -787,36 +790,34 @@
return answer.getCode() == QType::A || answer.getCode() == QType::AAAA;
}
-double g_avgLatency;
-
/** returns -1 in case of no results, rcode otherwise */
int SyncRes::doResolveAt(set<string, CIStringCompare> nameservers, string auth, bool flawedNSSet, const string &qname, const QType &qtype,
vector<DNSResourceRecord>&ret,
int depth, set<GetBestNSAnswer>&beenthere)
{
string prefix;
- if(s_log) {
+ if(doLog()) {
prefix=d_prefix;
prefix.append(depth, ' ');
}
- LOG<<prefix<<qname<<": Cache consultations done, have "<<(unsigned int)nameservers.size()<<" NS to contact"<<endl;
+ LOG(prefix<<qname<<": Cache consultations done, have "<<(unsigned int)nameservers.size()<<" NS to contact"<<endl);
for(;;) { // we may get more specific nameservers
- vector<string> rnameservers=shuffleInSpeedOrder(nameservers, s_log ? (prefix+qname+": ") : string() );
+ vector<string> rnameservers=shuffleInSpeedOrder(nameservers, doLog() ? (prefix+qname+": ") : string() );
for(vector<string>::const_iterator tns=rnameservers.begin();;++tns) {
if(tns==rnameservers.end()) {
- LOG<<prefix<<qname<<": Failed to resolve via any of the "<<(unsigned int)rnameservers.size()<<" offered NS at level '"<<auth<<"'"<<endl;
+ LOG(prefix<<qname<<": Failed to resolve via any of the "<<(unsigned int)rnameservers.size()<<" offered NS at level '"<<auth<<"'"<<endl);
if(auth!="." && flawedNSSet) {
- LOG<<prefix<<qname<<": Ageing nameservers for level '"<<auth<<"', next query might succeed"<<endl;
+ LOG(prefix<<qname<<": Ageing nameservers for level '"<<auth<<"', next query might succeed"<<endl);
if(t_RC->doAgeCache(d_now.tv_sec, auth, QType::NS, 10))
g_stats.nsSetInvalidations++;
}
return -1;
}
if(pdns_iequals(qname, *tns) && qtype.getCode()==QType::A && rnameservers.size() > 1) {
- LOG<<prefix<<qname<<": Not using NS to resolve itself!"<<endl;
+ LOG(prefix<<qname<<": Not using NS to resolve itself!"<<endl);
continue;
}
@@ -829,16 +830,16 @@
bool sendRDQuery=false;
LWResult lwr;
if(tns->empty()) {
- LOG<<prefix<<qname<<": Domain is out-of-band"<<endl;
+ LOG(prefix<<qname<<": Domain is out-of-band"<<endl);
doOOBResolve(qname, qtype, lwr.d_result, depth, lwr.d_rcode);
lwr.d_tcbit=false;
lwr.d_aabit=true;
}
else {
- LOG<<prefix<<qname<<": Trying to resolve NS '"<<*tns<<"' ("<<1+tns-rnameservers.begin()<<"/"<<(unsigned int)rnameservers.size()<<")"<<endl;
+ LOG(prefix<<qname<<": Trying to resolve NS '"<<*tns<<"' ("<<1+tns-rnameservers.begin()<<"/"<<(unsigned int)rnameservers.size()<<")"<<endl);
if(!isCanonical(*tns)) {
- LOG<<prefix<<qname<<": Domain has hardcoded nameserver(s)"<<endl;
+ LOG(prefix<<qname<<": Domain has hardcoded nameserver(s)"<<endl);
string txtAddr = *tns;
if(!tns->empty()) {
@@ -856,32 +857,33 @@
}
if(remoteIPs.empty()) {
- LOG<<prefix<<qname<<": Failed to get IP for NS "<<*tns<<", trying next if available"<<endl;
+ LOG(prefix<<qname<<": Failed to get IP for NS "<<*tns<<", trying next if available"<<endl);
flawedNSSet=true;
continue;
}
else {
- LOG<<prefix<<qname<<": Resolved '"+auth+"' NS "<<*tns<<" to: ";
+ LOG(prefix<<qname<<": Resolved '"+auth+"' NS "<<*tns<<" to: ");
for(remoteIP = remoteIPs.begin(); remoteIP != remoteIPs.end(); ++remoteIP) {
- if(remoteIP != remoteIPs.begin())
- LOG<<", ";
- LOG<<remoteIP->toString();
+ if(remoteIP != remoteIPs.begin()) {
+ LOG(", ");
+ }
+ LOG(remoteIP->toString());
}
- LOG<<endl;
+ LOG(endl);
}
for(remoteIP = remoteIPs.begin(); remoteIP != remoteIPs.end(); ++remoteIP) {
- LOG<<prefix<<qname<<": Trying IP "<< remoteIP->toStringWithPort() <<", asking '"<<qname<<"|"<<qtype.getName()<<"'"<<endl;
+ LOG(prefix<<qname<<": Trying IP "<< remoteIP->toStringWithPort() <<", asking '"<<qname<<"|"<<qtype.getName()<<"'"<<endl);
extern NetmaskGroup* g_dontQuery;
if(t_sstorage->throttle.shouldThrottle(d_now.tv_sec, make_tuple(*remoteIP, qname, qtype.getCode()))) {
- LOG<<prefix<<qname<<": query throttled "<<endl;
+ LOG(prefix<<qname<<": query throttled "<<endl);
s_throttledqueries++; d_throttledqueries++;
continue;
}
else if(!pierceDontQuery && g_dontQuery && g_dontQuery->match(&*remoteIP)) {
- LOG<<prefix<<qname<<": not sending query to " << remoteIP->toString() << ", blocked by 'dont-query' setting" << endl;
+ LOG(prefix<<qname<<": not sending query to " << remoteIP->toString() << ", blocked by 'dont-query' setting" << endl);
s_dontqueries++;
continue;
}
@@ -889,7 +891,7 @@
s_outqueries++; d_outqueries++;
TryTCP:
if(doTCP) {
- LOG<<prefix<<qname<<": using TCP with "<< remoteIP->toStringWithPort() <<endl;
+ LOG(prefix<<qname<<": using TCP with "<< remoteIP->toStringWithPort() <<endl);
s_tcpoutqueries++; d_tcpoutqueries++;
}
@@ -898,17 +900,17 @@
doTCP, sendRDQuery, &d_now, &lwr); // <- we go out on the wire!
if(resolveret != 1) {
if(resolveret==0) {
- LOG<<prefix<<qname<<": timeout resolving "<< (doTCP ? "over TCP" : "")<<endl;
+ LOG(prefix<<qname<<": timeout resolving "<< (doTCP ? "over TCP" : "")<<endl);
d_timeouts++;
s_outgoingtimeouts++;
}
else if(resolveret==-2) {
- LOG<<prefix<<qname<<": hit a local resource limit resolving"<< (doTCP ? " over TCP" : "")<<", probable error: "<<stringerror()<<endl;
+ LOG(prefix<<qname<<": hit a local resource limit resolving"<< (doTCP ? " over TCP" : "")<<", probable error: "<<stringerror()<<endl);
g_stats.resourceLimits++;
}
else {
s_unreachables++; d_unreachables++;
- LOG<<prefix<<qname<<": error resolving"<< (doTCP ? " over TCP" : "") <<", possible error: "<<strerror(errno)<< endl;
+ LOG(prefix<<qname<<": error resolving"<< (doTCP ? " over TCP" : "") <<", possible error: "<<strerror(errno)<< endl);
}
if(resolveret!=-2) { // don't account for resource limits, they are our own fault
@@ -926,7 +928,7 @@
break; // this IP address worked!
wasLame:; // well, it didn't
- LOG<<prefix<<qname<<": status=NS "<<*tns<<" ("<< remoteIP->toString() <<") is lame for '"<<auth<<"', trying sibling IP or NS"<<endl;
+ LOG(prefix<<qname<<": status=NS "<<*tns<<" ("<< remoteIP->toString() <<") is lame for '"<<auth<<"', trying sibling IP or NS"<<endl);
t_sstorage->throttle.throttle(d_now.tv_sec, make_tuple(*remoteIP, qname, qtype.getCode()), 60, 100); // lame
}
}
@@ -937,27 +939,25 @@
if(lwr.d_tcbit) {
if(!doTCP) {
doTCP=true;
- LOG<<prefix<<qname<<": truncated bit set, retrying via TCP"<<endl;
+ LOG(prefix<<qname<<": truncated bit set, retrying via TCP"<<endl);
goto TryTCP;
}
- LOG<<prefix<<qname<<": truncated bit set, over TCP?"<<endl;
+ LOG(prefix<<qname<<": truncated bit set, over TCP?"<<endl);
return RCode::ServFail;
}
if(lwr.d_rcode==RCode::ServFail) {
- LOG<<prefix<<qname<<": "<<*tns<<" returned a ServFail, trying sibling IP or NS"<<endl;
+ LOG(prefix<<qname<<": "<<*tns<<" returned a ServFail, trying sibling IP or NS"<<endl);
t_sstorage->throttle.throttle(d_now.tv_sec,make_tuple(*remoteIP, qname, qtype.getCode()),60,3); // servfail
continue;
}
- LOG<<prefix<<qname<<": Got "<<(unsigned int)lwr.d_result.size()<<" answers from "<<*tns<<" ("<< remoteIP->toString() <<"), rcode="<<lwr.d_rcode<<", aa="<<lwr.d_aabit<<", in "<<lwr.d_usec/1000<<"ms"<<endl;
+ LOG(prefix<<qname<<": Got "<<(unsigned int)lwr.d_result.size()<<" answers from "<<*tns<<" ("<< remoteIP->toString() <<"), rcode="<<lwr.d_rcode<<", aa="<<lwr.d_aabit<<", in "<<lwr.d_usec/1000<<"ms"<<endl);
/* // for you IPv6 fanatics :-)
if(remoteIP->sin4.sin_family==AF_INET6)
lwr.d_usec/=3;
*/
// cout<<"msec: "<<lwr.d_usec/1000.0<<", "<<g_avgLatency/1000.0<<'\n';
- double fract = 0.001;
- g_avgLatency = (1-fract) * g_avgLatency + fract * lwr.d_usec;
t_sstorage->nsSpeeds[*tns].submit(*remoteIP, lwr.d_usec, &d_now);
}
@@ -968,23 +968,23 @@
// reap all answers from this packet that are acceptable
for(LWResult::res_t::iterator i=lwr.d_result.begin();i != lwr.d_result.end();++i) {
if(i->qtype.getCode() == QType::OPT) {
- LOG<<prefix<<qname<<": skipping OPT answer '"<<i->qname<<"' from '"<<auth<<"' nameservers" <<endl;
+ LOG(prefix<<qname<<": skipping OPT answer '"<<i->qname<<"' from '"<<auth<<"' nameservers" <<endl);
continue;
}
- LOG<<prefix<<qname<<": accept answer '"<<i->qname<<"|"<<i->qtype.getName()<<"|"<<i->content<<"' from '"<<auth<<"' nameservers? ";
+ LOG(prefix<<qname<<": accept answer '"<<i->qname<<"|"<<i->qtype.getName()<<"|"<<i->content<<"' from '"<<auth<<"' nameservers? ");
if(i->qtype.getCode()==QType::ANY) {
- LOG<<"NO! - we don't accept 'ANY' data"<<endl;
+ LOG("NO! - we don't accept 'ANY' data"<<endl);
continue;
}
if(dottedEndsOn(i->qname, auth)) {
if(lwr.d_aabit && lwr.d_rcode==RCode::NoError && i->d_place==DNSResourceRecord::ANSWER && ::arg().contains("delegation-only",auth)) {
- LOG<<"NO! Is from delegation-only zone"<<endl;
+ LOG("NO! Is from delegation-only zone"<<endl);
s_nodelegated++;
return RCode::NXDomain;
}
else {
- LOG<<"YES!"<<endl;
+ LOG("YES!"<<endl);
i->ttl=min(s_maxcachettl, i->ttl);
@@ -1000,7 +1000,7 @@
}
}
else
- LOG<<"NO!"<<endl;
+ LOG("NO!"<<endl);
}
// supplant
@@ -1017,7 +1017,7 @@
t_RC->replace(d_now.tv_sec, i->first.first, i->first.second, i->second, lwr.d_aabit);
}
set<string, CIStringCompare> nsset;
- LOG<<prefix<<qname<<": determining status after receiving this packet"<<endl;
+ LOG(prefix<<qname<<": determining status after receiving this packet"<<endl);
bool done=false, realreferral=false, negindic=false;
string newauth, soaname, newtarget;
@@ -1025,7 +1025,7 @@
for(LWResult::res_t::iterator i=lwr.d_result.begin();i!=lwr.d_result.end();++i) {
if(i->d_place==DNSResourceRecord::AUTHORITY && i->qtype.getCode()==QType::SOA &&
lwr.d_rcode==RCode::NXDomain && dottedEndsOn(qname,i->qname) && dottedEndsOn(i->qname, auth)) {
- LOG<<prefix<<qname<<": got negative caching indication for RECORD '"<<qname+"' (accept="<<dottedEndsOn(i->qname, auth)<<"), newtarget='"<<newtarget<<"'"<<endl;
+ LOG(prefix<<qname<<": got negative caching indication for RECORD '"<<qname+"' (accept="<<dottedEndsOn(i->qname, auth)<<"), newtarget='"<<newtarget<<"'"<<endl);
i->ttl = min(i->ttl, s_maxnegttl);
if(!newtarget.length()) // only add a SOA if we're not going anywhere after this
@@ -1056,7 +1056,7 @@
)
{
- LOG<<prefix<<qname<<": answer is in: resolved to '"<< i->content<<"|"<<i->qtype.getName()<<"'"<<endl;
+ LOG(prefix<<qname<<": answer is in: resolved to '"<< i->content<<"|"<<i->qtype.getName()<<"'"<<endl);
done=true;
ret.push_back(*i);
@@ -1064,19 +1064,19 @@
else if(i->d_place==DNSResourceRecord::AUTHORITY && dottedEndsOn(qname,i->qname) && i->qtype.getCode()==QType::NS) {
if(moreSpecificThan(i->qname,auth)) {
newauth=i->qname;
- LOG<<prefix<<qname<<": got NS record '"<<i->qname<<"' -> '"<<i->content<<"'"<<endl;
+ LOG(prefix<<qname<<": got NS record '"<<i->qname<<"' -> '"<<i->content<<"'"<<endl);
realreferral=true;
}
else
- LOG<<prefix<<qname<<": got upwards/level NS record '"<<i->qname<<"' -> '"<<i->content<<"', had '"<<auth<<"'"<<endl;
+ LOG(prefix<<qname<<": got upwards/level NS record '"<<i->qname<<"' -> '"<<i->content<<"', had '"<<auth<<"'"<<endl);
nsset.insert(i->content);
}
else if(!done && i->d_place==DNSResourceRecord::AUTHORITY && dottedEndsOn(qname,i->qname) && i->qtype.getCode()==QType::SOA &&
lwr.d_rcode==RCode::NoError) {
- LOG<<prefix<<qname<<": got negative caching indication for '"<< (qname+"|"+i->qtype.getName()+"'") <<endl;
+ LOG(prefix<<qname<<": got negative caching indication for '"<< (qname+"|"+i->qtype.getName()+"'") <<endl);
if(!newtarget.empty()) {
- LOG<<prefix<<qname<<": Hang on! Got a redirect to '"<<newtarget<<"' already"<<endl;
+ LOG(prefix<<qname<<": Hang on! Got a redirect to '"<<newtarget<<"' already"<<endl);
}
else {
i-> ttl = min(s_maxnegttl, i->ttl);
@@ -1095,33 +1095,33 @@
}
if(done){
- LOG<<prefix<<qname<<": status=got results, this level of recursion done"<<endl;
+ LOG(prefix<<qname<<": status=got results, this level of recursion done"<<endl);
return 0;
}
if(!newtarget.empty()) {
if(pdns_iequals(newtarget,qname)) {
- LOG<<prefix<<qname<<": status=got a CNAME referral to self, returning SERVFAIL"<<endl;
+ LOG(prefix<<qname<<": status=got a CNAME referral to self, returning SERVFAIL"<<endl);
return RCode::ServFail;
}
if(depth > 10) {
- LOG<<prefix<<qname<<": status=got a CNAME referral, but recursing too deep, returning SERVFAIL"<<endl;
+ LOG(prefix<<qname<<": status=got a CNAME referral, but recursing too deep, returning SERVFAIL"<<endl);
return RCode::ServFail;
}
- LOG<<prefix<<qname<<": status=got a CNAME referral, starting over with "<<newtarget<<endl;
+ LOG(prefix<<qname<<": status=got a CNAME referral, starting over with "<<newtarget<<endl);
set<GetBestNSAnswer> beenthere2;
return doResolve(newtarget, qtype, ret, depth + 1, beenthere2);
}
if(lwr.d_rcode==RCode::NXDomain) {
- LOG<<prefix<<qname<<": status=NXDOMAIN, we are done "<<(negindic ? "(have negative SOA)" : "")<<endl;
+ LOG(prefix<<qname<<": status=NXDOMAIN, we are done "<<(negindic ? "(have negative SOA)" : "")<<endl);
return RCode::NXDomain;
}
if(nsset.empty() && !lwr.d_rcode) {
- LOG<<prefix<<qname<<": status=noerror, other types may exist, but we are done "<<(negindic ? "(have negative SOA)" : "")<<endl;
+ LOG(prefix<<qname<<": status=noerror, other types may exist, but we are done "<<(negindic ? "(have negative SOA)" : "")<<endl);
return 0;
}
else if(realreferral) {
- LOG<<prefix<<qname<<": status=did not resolve, got "<<(unsigned int)nsset.size()<<" NS, looping to them"<<endl;
+ LOG(prefix<<qname<<": status=did not resolve, got "<<(unsigned int)nsset.size()<<" NS, looping to them"<<endl);
auth=newauth;
nameservers=nsset;
break;
@@ -1145,17 +1145,17 @@
if(k->d_place==DNSResourceRecord::AUTHORITY && k->qtype==QType(QType::SOA))
return;
- // LOG<<qname<<": Adding best authority records from cache"<<endl;
+ // LOG(qname<<": Adding best authority records from cache"<<endl);
// addAuthorityRecords(qname,ret,0);
- // LOG<<qname<<": Done adding best authority records."<<endl;
+ // LOG(qname<<": Done adding best authority records."<<endl);
- LOG<<d_prefix<<qname<<": Starting additional processing"<<endl;
+ LOG(d_prefix<<qname<<": Starting additional processing"<<endl);
vector<DNSResourceRecord> addit;
for(vector<DNSResourceRecord>::const_iterator k=ret.begin();k!=ret.end();++k)
if( (k->d_place==DNSResourceRecord::ANSWER && (k->qtype==QType(QType::MX) || k->qtype==QType(QType::SRV))) ||
((k->d_place==DNSResourceRecord::AUTHORITY || k->d_place==DNSResourceRecord::ANSWER) && k->qtype==QType(QType::NS))) {
- LOG<<d_prefix<<qname<<": record '"<<k->content<<"|"<<k->qtype.getName()<<"' needs IP for additional processing"<<endl;
+ LOG(d_prefix<<qname<<": record '"<<k->content<<"|"<<k->qtype.getName()<<"' needs IP for additional processing"<<endl);
set<GetBestNSAnswer> beenthere;
vector<pair<string::size_type, string::size_type> > fields;
vstringtok(fields, k->content, " ");
@@ -1181,7 +1181,7 @@
}
}
}
- LOG<<d_prefix<<qname<<": Done with additional processing"<<endl;
+ LOG(d_prefix<<qname<<": Done with additional processing"<<endl);
}
void SyncRes::addAuthorityRecords(const string& qname, vector<DNSResourceRecord>& ret, int depth)
@@ -1208,6 +1208,5 @@
SyncRes sr(now);
int res = sr.beginResolve(qname, QType(qtype), qclass, ret);
- cerr<<"Result: "<<res<<endl;
return res;
}
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/pdns/syncres.hh
^
|
| @@ -169,18 +169,31 @@
class SyncRes : public boost::noncopyable
{
public:
+ enum LogMode { LogNone, Log, Store};
+
explicit SyncRes(const struct timeval& now);
int beginResolve(const string &qname, const QType &qtype, uint16_t qclass, vector<DNSResourceRecord>&ret);
void setId(int id)
{
- if(s_log)
+ if(doLog())
d_prefix="["+itoa(id)+"] ";
}
- static void setLog(bool log)
+ static void setDefaultLogMode(LogMode lm)
+ {
+ s_lm = lm;
+ }
+
+ void setLogMode(LogMode lm)
+ {
+ d_lm = lm;
+ }
+
+ bool doLog()
{
- s_log=log;
+ return d_lm != LogNone;
}
+
void setCacheOnly(bool state=true)
{
d_cacheonly=state;
@@ -195,6 +208,11 @@
d_doEDNS0=state;
}
+ string getTrace() const
+ {
+ return d_trace.str();
+ }
+
int asyncresolveWrapper(const ComboAddress& ip, const string& domain, int type, bool doTCP, bool sendRDQuery, struct timeval* now, LWResult* res);
static void doEDNSDumpAndClose(int fd);
@@ -333,7 +351,8 @@
static unsigned int s_packetcacheservfailttl;
static bool s_nopacketcache;
static string s_serverID;
-
+
+
struct StaticStorage {
negcache_t negcache;
nsspeeds_t nsSpeeds;
@@ -361,11 +380,13 @@
vector<ComboAddress> getAs(const string &qname, int depth, set<GetBestNSAnswer>& beenthere);
private:
+ ostringstream d_trace;
string d_prefix;
- static bool s_log;
bool d_cacheonly;
bool d_nocache;
bool d_doEDNS0;
+ static LogMode s_lm;
+ LogMode d_lm;
struct GetBestNSAnswer
{
@@ -460,6 +481,7 @@
uint64_t answers0_1, answers1_10, answers10_100, answers100_1000, answersSlow;
uint64_t avgLatencyUsec;
uint64_t qcounter;
+ uint64_t ipv6qcounter;
uint64_t tcpqcounter;
uint64_t unauthorizedUDP;
uint64_t unauthorizedTCP;
@@ -522,12 +544,11 @@
};
extern __thread RemoteKeeper* t_remotes;
string doQueueReloadLuaScript(vector<string>::const_iterator begin, vector<string>::const_iterator end);
+string doTraceRegex(vector<string>::const_iterator begin, vector<string>::const_iterator end);
void parseACLs();
extern RecursorStats g_stats;
extern unsigned int g_numThreads;
-
-
std::string reloadAuthAndForwards();
ComboAddress parseIPAndPort(const std::string& input, uint16_t port);
ComboAddress getQueryLocalAddress(int family, uint16_t port);
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/regression-tests.recursor/config.sh
^
|
| @@ -34,8 +34,24 @@
EOF
chmod +x recursor-service/run
+cat > recursor-service/hintfile << EOF
+. 3600 IN NS ns.root.
+ns.root. 3600 IN A $PREFIX.8
+EOF
+
SOA="ns.example.net. hostmaster.example.net. 1 3600 1800 1209600 300"
+### fake root zone
+mkdir $PREFIX.8
+cat > $PREFIX.8/ROOT.zone <<EOF
+. 3600 IN SOA $SOA
+. 3600 IN NS ns.root.
+ns.root. 3600 IN A $PREFIX.8
+net. 3600 IN NS ns.example.net.
+net. 3600 IN NS ns2.example.net.
+ns.example.net. 3600 IN A $PREFIX.10
+ns2.example.net. 3600 IN A $PREFIX.11
+EOF
### plain example.net zone
mkdir $PREFIX.10
@@ -169,8 +185,13 @@
EOF
for zone in $(ls $dir | grep '\.zone$' | sed 's/\.zone$//')
do
+ realzone=$zone
+ if [ $realzone = ROOT ]
+ then
+ realzone='.'
+ fi
cat >> $dir/named.conf <<EOF
-zone "$zone"{
+zone "$realzone"{
type master;
file "./$zone.zone";
};
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/regression-tests.recursor/vars.sample
^
|
| @@ -1,3 +1,3 @@
PREFIX=10.0.3
AUTHRUN="exec authbind ../../../pdns/pdns_server --config-dir=. > logfile 2>&1"
-RECRUN="exec authbind ../../../pdns/pdns_recursor --config-dir=. --socket-dir=. --daemon=no --trace=yes --dont-query= --local-address=$PREFIX.9 --forward-zones=example.net=$PREFIX.10 > logfile 2>&1"
+RECRUN="exec authbind ../../../pdns/pdns_recursor --config-dir=. --socket-dir=. --daemon=no --trace=yes --dont-query= --local-address=$PREFIX.9 --hint-file=hintfile > logfile 2>&1"
|
|
[-]
[+]
|
Changed |
pdns-3.2.tar.gz/regression-tests/recursor-test
^
|
| @@ -24,4 +24,4 @@
echo "$DBT_OKPERCENTAGE% of domains resolved" > recursor-bulktest/diff
echo "<measurement><name>% domains resolved</name><value>$DBT_OKPERCENTAGE</value></measurement>" > recursor-bulktest/stdout
-context=recursor-bulktest ./toxml
+testsdir=. context=recursor-bulktest ./toxml
|
