Skip to content

Commit

Permalink
Dedup only in specific places
Browse files Browse the repository at this point in the history
  • Loading branch information
omoerbeek committed Nov 19, 2024
1 parent fb4e019 commit 274b82b
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 5 deletions.
5 changes: 5 additions & 0 deletions pdns/recursordist/pdns_recursor.cc
Original file line number Diff line number Diff line change
Expand Up @@ -779,6 +779,9 @@ int getFakeAAAARecords(const DNSName& qname, ComboAddress prefix, vector<DNSReco
}),
ret.end());
}
else {
pdns::dedupRecords(ret);
}
t_Counters.at(rec::Counter::dns64prefixanswers)++;
return rcode;
}
Expand Down Expand Up @@ -1509,7 +1512,9 @@ void startDoResolve(void* arg) // NOLINT(readability-function-cognitive-complexi
}

if (!ret.empty()) {
#ifdef notyet
pdns::dedupRecords(ret);
#endif
pdns::orderAndShuffle(ret, false);
if (auto listToSort = luaconfsLocal->sortlist.getOrderCmp(comboWriter->d_source)) {
stable_sort(ret.begin(), ret.end(), *listToSort);
Expand Down
5 changes: 4 additions & 1 deletion pdns/recursordist/syncres.cc
Original file line number Diff line number Diff line change
Expand Up @@ -2727,6 +2727,7 @@ bool SyncRes::doCNAMECacheCheck(const DNSName& qname, const QType qtype, vector<
// so you can't trust that a real lookup will have been made.
res = doResolve(newTarget, qtype, ret, depth + 1, beenthere, cnameContext);
LOG(prefix << qname << ": Updating validation state for response to " << qname << " from " << context.state << " with the state from the DNAME/CNAME quest: " << cnameContext.state << endl);
pdns::dedupRecords(ret); // multiple NSECS coudl be added, #14120
updateValidationState(qname, context.state, cnameContext.state, prefix);

return true;
Expand Down Expand Up @@ -3268,7 +3269,7 @@ static void addNXNSECS(vector<DNSRecord>& ret, const vector<DNSRecord>& records)
ret.insert(ret.end(), negEntry.authoritySOA.signatures.begin(), negEntry.authoritySOA.signatures.end());
ret.insert(ret.end(), negEntry.DNSSECRecords.records.begin(), negEntry.DNSSECRecords.records.end());
ret.insert(ret.end(), negEntry.DNSSECRecords.signatures.begin(), negEntry.DNSSECRecords.signatures.end());
}
}

static bool rpzHitShouldReplaceContent(const DNSName& qname, const QType qtype, const std::vector<DNSRecord>& records)
{
Expand Down Expand Up @@ -4434,9 +4435,11 @@ void SyncRes::sanitizeRecordsPass2(const std::string& prefix, LWResult& lwr, con
}
lwr.d_records = std::move(vec);
}
#ifdef notyet
if (auto count = pdns::dedupRecords(lwr.d_records); count > 0) {
LOG(prefix << qname << ": Removed " << count << " duplicate records from response received from " << auth << endl);
}
#endif
}

void SyncRes::rememberParentSetIfNeeded(const DNSName& domain, const vector<DNSRecord>& newRecords, unsigned int depth, const string& prefix)
Expand Down
9 changes: 5 additions & 4 deletions pdns/recursordist/test-syncres_cc5.cc
Original file line number Diff line number Diff line change
Expand Up @@ -1575,6 +1575,7 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard_duplicated_n
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
return LWResult::Result::Success;
}
// The code below introduces duplicate NSEC3 records
if (address == ComboAddress("192.0.2.1:53")) {
setLWResult(res, 0, true, false, true);
/* no data */
Expand Down Expand Up @@ -1603,17 +1604,17 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard_duplicated_n
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(res, RCode::NoError);
BOOST_CHECK_EQUAL(sr->getValidationState(), vState::Secure);
/* the duplicated NSEC3 should have been dedupped */
BOOST_REQUIRE_EQUAL(ret.size(), 8U);
/* the duplicated NSEC3 have not been dedupped */
BOOST_REQUIRE_EQUAL(ret.size(), 9U);
BOOST_CHECK_EQUAL(queriesCount, 4U);

/* again, to test the cache */
ret.clear();
res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(res, RCode::NoError);
BOOST_CHECK_EQUAL(sr->getValidationState(), vState::Secure);
/* the duplicated NSEC3 should have been dedupped */
BOOST_REQUIRE_EQUAL(ret.size(), 8U);
/* the duplicated NSEC3 have not been dedupped */
BOOST_REQUIRE_EQUAL(ret.size(), 9U);
BOOST_CHECK_EQUAL(queriesCount, 4U);
}

Expand Down

0 comments on commit 274b82b

Please sign in to comment.