diff options
| author |   florian <florian@openbsd.org> | 2020-08-29 08:22:41 +0000 |
|---|---|---|
| committer | florian <florian@openbsd.org> | 2020-08-29 08:22:41 +0000 |
| commit | e47fef9e1b1660e28e09dda4a57a64dad989282f (patch) | |
| tree | eb22c67a05a3cb63025320e602aceaf028e38f8e /sbin/unwind/libunbound/iterator | |
| parent | typo; pointed out by Matthias (mpfr AT fn.de), thanks! (diff) | |
| download | wireguard-openbsd-e47fef9e1b1660e28e09dda4a57a64dad989282f.tar.xz wireguard-openbsd-e47fef9e1b1660e28e09dda4a57a64dad989282f.zip | |
sync to libunbound-1.11.0
all heavy lifting done by sthen in unbound
testing benno
Diffstat (limited to 'sbin/unwind/libunbound/iterator')
| -rw-r--r-- | sbin/unwind/libunbound/iterator/iter_utils.c | 57 | ||||
| -rw-r--r-- | sbin/unwind/libunbound/iterator/iterator.c | 11 | ||||
| -rw-r--r-- | sbin/unwind/libunbound/iterator/iterator.h | 5 |
3 files changed, 66 insertions, 7 deletions
diff --git a/sbin/unwind/libunbound/iterator/iter_utils.c b/sbin/unwind/libunbound/iterator/iter_utils.c index 3c14de86e7b..7bc67da69b2 100644 --- a/sbin/unwind/libunbound/iterator/iter_utils.c +++ b/sbin/unwind/libunbound/iterator/iter_utils.c @@ -484,6 +484,63 @@ iter_filter_order(struct iter_env* iter_env, struct module_env* env, got_num = num4ok; *selected_rtt = num4_lowrtt; } + } else if (env->cfg->prefer_ip4) { + int got_num4 = 0; + int low_rtt4 = 0; + int i; + int attempt = -1; /* filter to make sure addresses have + less attempts on them than the first, to force round + robin when all the IPv4 addresses fail */ + int num6ok = 0; /* number ip6 at low attempt count */ + int num6_lowrtt = 0; + prev = NULL; + a = dp->result_list; + for(i = 0; i < got_num; i++) { + swap_to_front = 0; + if(a->addr.ss_family != AF_INET && attempt == -1) { + /* if we only have ip6 at low attempt count, + * then ip4 is failing, and we need to + * select one of the remaining IPv6 addrs */ + attempt = a->attempts; + num6ok++; + num6_lowrtt = a->sel_rtt; + } else if(a->addr.ss_family != AF_INET && attempt == a->attempts) { + num6ok++; + if(num6_lowrtt == 0 || a->sel_rtt < num6_lowrtt) { + num6_lowrtt = a->sel_rtt; + } + } + if(a->addr.ss_family == AF_INET) { + if(attempt == -1) { + attempt = a->attempts; + } else if(a->attempts > attempt) { + break; + } + got_num4++; + swap_to_front = 1; + if(low_rtt4 == 0 || a->sel_rtt < low_rtt4) { + low_rtt4 = a->sel_rtt; + } + } + /* swap to front if IPv4, or move to next result */ + if(swap_to_front && prev) { + n = a->next_result; + prev->next_result = n; + a->next_result = dp->result_list; + dp->result_list = a; + a = n; + } else { + prev = a; + a = a->next_result; + } + } + if(got_num4 > 0) { + got_num = got_num4; + *selected_rtt = low_rtt4; + } else if(num6ok > 0) { + got_num = num6ok; + *selected_rtt = num6_lowrtt; + } } return got_num; } diff --git a/sbin/unwind/libunbound/iterator/iterator.c b/sbin/unwind/libunbound/iterator/iterator.c index 9d36660c0b1..23b07ea9095 100644 --- a/sbin/unwind/libunbound/iterator/iterator.c +++ b/sbin/unwind/libunbound/iterator/iterator.c @@ -162,7 +162,7 @@ iter_new(struct module_qstate* qstate, int id) iq->qchase = qstate->qinfo; outbound_list_init(&iq->outlist); iq->minimise_count = 0; - iq->minimise_timeout_count = 0; + iq->timeout_count = 0; if (qstate->env->cfg->qname_minimisation) iq->minimisation_state = INIT_MINIMISE_STATE; else @@ -2239,7 +2239,7 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq, iq->qinfo_out.qname = iq->qchase.qname; iq->qinfo_out.qname_len = iq->qchase.qname_len; iq->minimise_count++; - iq->minimise_timeout_count = 0; + iq->timeout_count = 0; iter_dec_attempts(iq->dp, 1); @@ -2327,7 +2327,7 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq, } } if(iq->minimisation_state == SKIP_MINIMISE_STATE) { - if(iq->minimise_timeout_count < MAX_MINIMISE_TIMEOUT_COUNT) + if(iq->timeout_count < MAX_MINIMISE_TIMEOUT_COUNT) /* Do not increment qname, continue incrementing next * iteration */ iq->minimisation_state = MINIMISE_STATE; @@ -2668,14 +2668,15 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, if(iq->response == NULL) { /* Don't increment qname when QNAME minimisation is enabled */ if(qstate->env->cfg->qname_minimisation) { - iq->minimise_timeout_count++; iq->minimisation_state = SKIP_MINIMISE_STATE; } + iq->timeout_count++; iq->chase_to_rd = 0; iq->dnssec_lame_query = 0; verbose(VERB_ALGO, "query response was timeout"); return next_state(iq, QUERYTARGETS_STATE); } + iq->timeout_count = 0; type = response_type_from_server( (int)((iq->chase_flags&BIT_RD) || iq->chase_to_rd), iq->response, &iq->qinfo_out, iq->dp); @@ -3690,7 +3691,7 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq, iq->response = NULL; iq->state = QUERY_RESP_STATE; if(event == module_event_noreply || event == module_event_error) { - if(event == module_event_noreply && iq->sent_count >= 3 && + if(event == module_event_noreply && iq->timeout_count >= 3 && qstate->env->cfg->use_caps_bits_for_id && !iq->caps_fallback && !is_caps_whitelisted(ie, iq)) { /* start fallback */ diff --git a/sbin/unwind/libunbound/iterator/iterator.h b/sbin/unwind/libunbound/iterator/iterator.h index 53dcab3b18b..342ac207e82 100644 --- a/sbin/unwind/libunbound/iterator/iterator.h +++ b/sbin/unwind/libunbound/iterator/iterator.h @@ -398,8 +398,9 @@ struct iter_qstate { /** * Count number of time-outs. Used to prevent resolving failures when - * the QNAME minimisation QTYPE is blocked. */ - int minimise_timeout_count; + * the QNAME minimisation QTYPE is blocked. Used to determine if + * capsforid fallback should be started.*/ + int timeout_count; /** True if the current response is from auth_zone */ int auth_zone_response; |