1ae8c6e27Sflorian /*
2ae8c6e27Sflorian * services/cache/rrset.c - Resource record set cache.
3ae8c6e27Sflorian *
4ae8c6e27Sflorian * Copyright (c) 2007, NLnet Labs. All rights reserved.
5ae8c6e27Sflorian *
6ae8c6e27Sflorian * This software is open source.
7ae8c6e27Sflorian *
8ae8c6e27Sflorian * Redistribution and use in source and binary forms, with or without
9ae8c6e27Sflorian * modification, are permitted provided that the following conditions
10ae8c6e27Sflorian * are met:
11ae8c6e27Sflorian *
12ae8c6e27Sflorian * Redistributions of source code must retain the above copyright notice,
13ae8c6e27Sflorian * this list of conditions and the following disclaimer.
14ae8c6e27Sflorian *
15ae8c6e27Sflorian * Redistributions in binary form must reproduce the above copyright notice,
16ae8c6e27Sflorian * this list of conditions and the following disclaimer in the documentation
17ae8c6e27Sflorian * and/or other materials provided with the distribution.
18ae8c6e27Sflorian *
19ae8c6e27Sflorian * Neither the name of the NLNET LABS nor the names of its contributors may
20ae8c6e27Sflorian * be used to endorse or promote products derived from this software without
21ae8c6e27Sflorian * specific prior written permission.
22ae8c6e27Sflorian *
23ae8c6e27Sflorian * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24ae8c6e27Sflorian * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25ae8c6e27Sflorian * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26ae8c6e27Sflorian * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27ae8c6e27Sflorian * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28ae8c6e27Sflorian * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29ae8c6e27Sflorian * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30ae8c6e27Sflorian * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31ae8c6e27Sflorian * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32ae8c6e27Sflorian * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33ae8c6e27Sflorian * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34ae8c6e27Sflorian */
35ae8c6e27Sflorian
36ae8c6e27Sflorian /**
37ae8c6e27Sflorian * \file
38ae8c6e27Sflorian *
39ae8c6e27Sflorian * This file contains the rrset cache.
40ae8c6e27Sflorian */
41ae8c6e27Sflorian #include "config.h"
42ae8c6e27Sflorian #include "services/cache/rrset.h"
43ae8c6e27Sflorian #include "sldns/rrdef.h"
44ae8c6e27Sflorian #include "util/storage/slabhash.h"
45ae8c6e27Sflorian #include "util/config_file.h"
46ae8c6e27Sflorian #include "util/data/packed_rrset.h"
47ae8c6e27Sflorian #include "util/data/msgreply.h"
48*a8eaceedSflorian #include "util/data/msgparse.h"
49ae8c6e27Sflorian #include "util/regional.h"
50ae8c6e27Sflorian #include "util/alloc.h"
51ae8c6e27Sflorian #include "util/net_help.h"
52ae8c6e27Sflorian
53ae8c6e27Sflorian void
rrset_markdel(void * key)54ae8c6e27Sflorian rrset_markdel(void* key)
55ae8c6e27Sflorian {
56ae8c6e27Sflorian struct ub_packed_rrset_key* r = (struct ub_packed_rrset_key*)key;
57ae8c6e27Sflorian r->id = 0;
58ae8c6e27Sflorian }
59ae8c6e27Sflorian
rrset_cache_create(struct config_file * cfg,struct alloc_cache * alloc)60ae8c6e27Sflorian struct rrset_cache* rrset_cache_create(struct config_file* cfg,
61ae8c6e27Sflorian struct alloc_cache* alloc)
62ae8c6e27Sflorian {
63ae8c6e27Sflorian size_t slabs = (cfg?cfg->rrset_cache_slabs:HASH_DEFAULT_SLABS);
64ae8c6e27Sflorian size_t startarray = HASH_DEFAULT_STARTARRAY;
65ae8c6e27Sflorian size_t maxmem = (cfg?cfg->rrset_cache_size:HASH_DEFAULT_MAXMEM);
66ae8c6e27Sflorian
67ae8c6e27Sflorian struct rrset_cache *r = (struct rrset_cache*)slabhash_create(slabs,
68ae8c6e27Sflorian startarray, maxmem, ub_rrset_sizefunc, ub_rrset_compare,
69ae8c6e27Sflorian ub_rrset_key_delete, rrset_data_delete, alloc);
70ae8c6e27Sflorian slabhash_setmarkdel(&r->table, &rrset_markdel);
71ae8c6e27Sflorian return r;
72ae8c6e27Sflorian }
73ae8c6e27Sflorian
rrset_cache_delete(struct rrset_cache * r)74ae8c6e27Sflorian void rrset_cache_delete(struct rrset_cache* r)
75ae8c6e27Sflorian {
76ae8c6e27Sflorian if(!r)
77ae8c6e27Sflorian return;
78ae8c6e27Sflorian slabhash_delete(&r->table);
79ae8c6e27Sflorian /* slabhash delete also does free(r), since table is first in struct*/
80ae8c6e27Sflorian }
81ae8c6e27Sflorian
rrset_cache_adjust(struct rrset_cache * r,struct config_file * cfg,struct alloc_cache * alloc)82ae8c6e27Sflorian struct rrset_cache* rrset_cache_adjust(struct rrset_cache *r,
83ae8c6e27Sflorian struct config_file* cfg, struct alloc_cache* alloc)
84ae8c6e27Sflorian {
85ae8c6e27Sflorian if(!r || !cfg || !slabhash_is_size(&r->table, cfg->rrset_cache_size,
86ae8c6e27Sflorian cfg->rrset_cache_slabs))
87ae8c6e27Sflorian {
88ae8c6e27Sflorian rrset_cache_delete(r);
89ae8c6e27Sflorian r = rrset_cache_create(cfg, alloc);
90ae8c6e27Sflorian }
91ae8c6e27Sflorian return r;
92ae8c6e27Sflorian }
93ae8c6e27Sflorian
94ae8c6e27Sflorian void
rrset_cache_touch(struct rrset_cache * r,struct ub_packed_rrset_key * key,hashvalue_type hash,rrset_id_type id)95ae8c6e27Sflorian rrset_cache_touch(struct rrset_cache* r, struct ub_packed_rrset_key* key,
96ae8c6e27Sflorian hashvalue_type hash, rrset_id_type id)
97ae8c6e27Sflorian {
98ae8c6e27Sflorian struct lruhash* table = slabhash_gettable(&r->table, hash);
99ae8c6e27Sflorian /*
100ae8c6e27Sflorian * This leads to locking problems, deadlocks, if the caller is
101ae8c6e27Sflorian * holding any other rrset lock.
102ae8c6e27Sflorian * Because a lookup through the hashtable does:
103ae8c6e27Sflorian * tablelock -> entrylock (for that entry caller holds)
104ae8c6e27Sflorian * And this would do
105ae8c6e27Sflorian * entrylock(already held) -> tablelock
106ae8c6e27Sflorian * And if two threads do this, it results in deadlock.
107ae8c6e27Sflorian * So, the caller must not hold entrylock.
108ae8c6e27Sflorian */
109ae8c6e27Sflorian lock_quick_lock(&table->lock);
110ae8c6e27Sflorian /* we have locked the hash table, the item can still be deleted.
111ae8c6e27Sflorian * because it could already have been reclaimed, but not yet set id=0.
112ae8c6e27Sflorian * This is because some lruhash routines have lazy deletion.
113ae8c6e27Sflorian * so, we must acquire a lock on the item to verify the id != 0.
114ae8c6e27Sflorian * also, with hash not changed, we are using the right slab.
115ae8c6e27Sflorian */
116ae8c6e27Sflorian lock_rw_rdlock(&key->entry.lock);
117ae8c6e27Sflorian if(key->id == id && key->entry.hash == hash) {
118ae8c6e27Sflorian lru_touch(table, &key->entry);
119ae8c6e27Sflorian }
120ae8c6e27Sflorian lock_rw_unlock(&key->entry.lock);
121ae8c6e27Sflorian lock_quick_unlock(&table->lock);
122ae8c6e27Sflorian }
123ae8c6e27Sflorian
124ae8c6e27Sflorian /** see if rrset needs to be updated in the cache */
125ae8c6e27Sflorian static int
need_to_update_rrset(void * nd,void * cd,time_t timenow,int equal,int ns)126ae8c6e27Sflorian need_to_update_rrset(void* nd, void* cd, time_t timenow, int equal, int ns)
127ae8c6e27Sflorian {
128ae8c6e27Sflorian struct packed_rrset_data* newd = (struct packed_rrset_data*)nd;
129ae8c6e27Sflorian struct packed_rrset_data* cached = (struct packed_rrset_data*)cd;
130ae8c6e27Sflorian /* o store if rrset has been validated
131ae8c6e27Sflorian * everything better than bogus data
132ae8c6e27Sflorian * secure is preferred */
133ae8c6e27Sflorian if( newd->security == sec_status_secure &&
134ae8c6e27Sflorian cached->security != sec_status_secure)
135ae8c6e27Sflorian return 1;
136ae8c6e27Sflorian if( cached->security == sec_status_bogus &&
137ae8c6e27Sflorian newd->security != sec_status_bogus && !equal)
138ae8c6e27Sflorian return 1;
139ae8c6e27Sflorian /* o if current RRset is more trustworthy - insert it */
140ae8c6e27Sflorian if( newd->trust > cached->trust ) {
141ae8c6e27Sflorian /* if the cached rrset is bogus, and this one equal,
142ae8c6e27Sflorian * do not update the TTL - let it expire. */
143ae8c6e27Sflorian if(equal && cached->ttl >= timenow &&
144ae8c6e27Sflorian cached->security == sec_status_bogus)
145ae8c6e27Sflorian return 0;
146ae8c6e27Sflorian return 1;
147ae8c6e27Sflorian }
148ae8c6e27Sflorian /* o item in cache has expired */
149ae8c6e27Sflorian if( cached->ttl < timenow )
150ae8c6e27Sflorian return 1;
151ae8c6e27Sflorian /* o same trust, but different in data - insert it */
152ae8c6e27Sflorian if( newd->trust == cached->trust && !equal ) {
153ae8c6e27Sflorian /* if this is type NS, do not 'stick' to owner that changes
154ae8c6e27Sflorian * the NS RRset, but use the old TTL for the new data, and
155ae8c6e27Sflorian * update to fetch the latest data. ttl is not expired, because
156ae8c6e27Sflorian * that check was before this one. */
157ae8c6e27Sflorian if(ns) {
158ae8c6e27Sflorian size_t i;
159ae8c6e27Sflorian newd->ttl = cached->ttl;
160ae8c6e27Sflorian for(i=0; i<(newd->count+newd->rrsig_count); i++)
161ae8c6e27Sflorian if(newd->rr_ttl[i] > newd->ttl)
162ae8c6e27Sflorian newd->rr_ttl[i] = newd->ttl;
163ae8c6e27Sflorian }
164ae8c6e27Sflorian return 1;
165ae8c6e27Sflorian }
166ae8c6e27Sflorian return 0;
167ae8c6e27Sflorian }
168ae8c6e27Sflorian
169ae8c6e27Sflorian /** Update RRSet special key ID */
170ae8c6e27Sflorian static void
rrset_update_id(struct rrset_ref * ref,struct alloc_cache * alloc)171ae8c6e27Sflorian rrset_update_id(struct rrset_ref* ref, struct alloc_cache* alloc)
172ae8c6e27Sflorian {
173ae8c6e27Sflorian /* this may clear the cache and invalidate lock below */
174ae8c6e27Sflorian uint64_t newid = alloc_get_id(alloc);
175ae8c6e27Sflorian /* obtain writelock */
176ae8c6e27Sflorian lock_rw_wrlock(&ref->key->entry.lock);
177ae8c6e27Sflorian /* check if it was deleted in the meantime, if so, skip update */
178ae8c6e27Sflorian if(ref->key->id == ref->id) {
179ae8c6e27Sflorian ref->key->id = newid;
180ae8c6e27Sflorian ref->id = newid;
181ae8c6e27Sflorian }
182ae8c6e27Sflorian lock_rw_unlock(&ref->key->entry.lock);
183ae8c6e27Sflorian }
184ae8c6e27Sflorian
185ae8c6e27Sflorian int
rrset_cache_update(struct rrset_cache * r,struct rrset_ref * ref,struct alloc_cache * alloc,time_t timenow)186ae8c6e27Sflorian rrset_cache_update(struct rrset_cache* r, struct rrset_ref* ref,
187ae8c6e27Sflorian struct alloc_cache* alloc, time_t timenow)
188ae8c6e27Sflorian {
189ae8c6e27Sflorian struct lruhash_entry* e;
190ae8c6e27Sflorian struct ub_packed_rrset_key* k = ref->key;
191ae8c6e27Sflorian hashvalue_type h = k->entry.hash;
192ae8c6e27Sflorian uint16_t rrset_type = ntohs(k->rk.type);
193ae8c6e27Sflorian int equal = 0;
194ae8c6e27Sflorian log_assert(ref->id != 0 && k->id != 0);
195ae8c6e27Sflorian log_assert(k->rk.dname != NULL);
196ae8c6e27Sflorian /* looks up item with a readlock - no editing! */
197ae8c6e27Sflorian if((e=slabhash_lookup(&r->table, h, k, 0)) != 0) {
198ae8c6e27Sflorian /* return id and key as they will be used in the cache
199ae8c6e27Sflorian * since the lruhash_insert, if item already exists, deallocs
200ae8c6e27Sflorian * the passed key in favor of the already stored key.
201ae8c6e27Sflorian * because of the small gap (see below) this key ptr and id
202ae8c6e27Sflorian * may prove later to be already deleted, which is no problem
203ae8c6e27Sflorian * as it only makes a cache miss.
204ae8c6e27Sflorian */
205ae8c6e27Sflorian ref->key = (struct ub_packed_rrset_key*)e->key;
206ae8c6e27Sflorian ref->id = ref->key->id;
207ae8c6e27Sflorian equal = rrsetdata_equal((struct packed_rrset_data*)k->entry.
208ae8c6e27Sflorian data, (struct packed_rrset_data*)e->data);
209ae8c6e27Sflorian if(!need_to_update_rrset(k->entry.data, e->data, timenow,
210ae8c6e27Sflorian equal, (rrset_type==LDNS_RR_TYPE_NS))) {
211ae8c6e27Sflorian /* cache is superior, return that value */
212ae8c6e27Sflorian lock_rw_unlock(&e->lock);
213ae8c6e27Sflorian ub_packed_rrset_parsedelete(k, alloc);
214ae8c6e27Sflorian if(equal) return 2;
215ae8c6e27Sflorian return 1;
216ae8c6e27Sflorian }
217ae8c6e27Sflorian lock_rw_unlock(&e->lock);
218ae8c6e27Sflorian /* Go on and insert the passed item.
219ae8c6e27Sflorian * small gap here, where entry is not locked.
220ae8c6e27Sflorian * possibly entry is updated with something else.
221ae8c6e27Sflorian * we then overwrite that with our data.
222ae8c6e27Sflorian * this is just too bad, its cache anyway. */
223ae8c6e27Sflorian /* use insert to update entry to manage lruhash
224ae8c6e27Sflorian * cache size values nicely. */
225ae8c6e27Sflorian }
226ae8c6e27Sflorian log_assert(ref->key->id != 0);
227ae8c6e27Sflorian slabhash_insert(&r->table, h, &k->entry, k->entry.data, alloc);
228ae8c6e27Sflorian if(e) {
229ae8c6e27Sflorian /* For NSEC, NSEC3, DNAME, when rdata is updated, update
230ae8c6e27Sflorian * the ID number so that proofs in message cache are
231ae8c6e27Sflorian * invalidated */
232ae8c6e27Sflorian if((rrset_type == LDNS_RR_TYPE_NSEC
233ae8c6e27Sflorian || rrset_type == LDNS_RR_TYPE_NSEC3
234ae8c6e27Sflorian || rrset_type == LDNS_RR_TYPE_DNAME) && !equal) {
235ae8c6e27Sflorian rrset_update_id(ref, alloc);
236ae8c6e27Sflorian }
237ae8c6e27Sflorian return 1;
238ae8c6e27Sflorian }
239ae8c6e27Sflorian return 0;
240ae8c6e27Sflorian }
241ae8c6e27Sflorian
rrset_cache_update_wildcard(struct rrset_cache * rrset_cache,struct ub_packed_rrset_key * rrset,uint8_t * ce,size_t ce_len,struct alloc_cache * alloc,time_t timenow)242ae8c6e27Sflorian void rrset_cache_update_wildcard(struct rrset_cache* rrset_cache,
243ae8c6e27Sflorian struct ub_packed_rrset_key* rrset, uint8_t* ce, size_t ce_len,
244ae8c6e27Sflorian struct alloc_cache* alloc, time_t timenow)
245ae8c6e27Sflorian {
246ae8c6e27Sflorian struct rrset_ref ref;
247ae8c6e27Sflorian uint8_t wc_dname[LDNS_MAX_DOMAINLEN+3];
248ae8c6e27Sflorian rrset = packed_rrset_copy_alloc(rrset, alloc, timenow);
249ae8c6e27Sflorian if(!rrset) {
250ae8c6e27Sflorian log_err("malloc failure in rrset_cache_update_wildcard");
251ae8c6e27Sflorian return;
252ae8c6e27Sflorian }
253ae8c6e27Sflorian /* ce has at least one label less then qname, we can therefore safely
254ae8c6e27Sflorian * add the wildcard label. */
255ae8c6e27Sflorian wc_dname[0] = 1;
256ae8c6e27Sflorian wc_dname[1] = (uint8_t)'*';
257ae8c6e27Sflorian memmove(wc_dname+2, ce, ce_len);
258ae8c6e27Sflorian
259ae8c6e27Sflorian free(rrset->rk.dname);
260ae8c6e27Sflorian rrset->rk.dname_len = ce_len + 2;
261ae8c6e27Sflorian rrset->rk.dname = (uint8_t*)memdup(wc_dname, rrset->rk.dname_len);
262ae8c6e27Sflorian if(!rrset->rk.dname) {
263ae8c6e27Sflorian alloc_special_release(alloc, rrset);
264ae8c6e27Sflorian log_err("memdup failure in rrset_cache_update_wildcard");
265ae8c6e27Sflorian return;
266ae8c6e27Sflorian }
267ae8c6e27Sflorian
268ae8c6e27Sflorian rrset->entry.hash = rrset_key_hash(&rrset->rk);
269ae8c6e27Sflorian ref.key = rrset;
270ae8c6e27Sflorian ref.id = rrset->id;
271ae8c6e27Sflorian /* ignore ret: if it was in the cache, ref updated */
272ae8c6e27Sflorian (void)rrset_cache_update(rrset_cache, &ref, alloc, timenow);
273ae8c6e27Sflorian }
274ae8c6e27Sflorian
275ae8c6e27Sflorian struct ub_packed_rrset_key*
rrset_cache_lookup(struct rrset_cache * r,uint8_t * qname,size_t qnamelen,uint16_t qtype,uint16_t qclass,uint32_t flags,time_t timenow,int wr)276ae8c6e27Sflorian rrset_cache_lookup(struct rrset_cache* r, uint8_t* qname, size_t qnamelen,
277ae8c6e27Sflorian uint16_t qtype, uint16_t qclass, uint32_t flags, time_t timenow,
278ae8c6e27Sflorian int wr)
279ae8c6e27Sflorian {
280ae8c6e27Sflorian struct lruhash_entry* e;
281ae8c6e27Sflorian struct ub_packed_rrset_key key;
282ae8c6e27Sflorian
283ae8c6e27Sflorian key.entry.key = &key;
284ae8c6e27Sflorian key.entry.data = NULL;
285ae8c6e27Sflorian key.rk.dname = qname;
286ae8c6e27Sflorian key.rk.dname_len = qnamelen;
287ae8c6e27Sflorian key.rk.type = htons(qtype);
288ae8c6e27Sflorian key.rk.rrset_class = htons(qclass);
289ae8c6e27Sflorian key.rk.flags = flags;
290ae8c6e27Sflorian
291ae8c6e27Sflorian key.entry.hash = rrset_key_hash(&key.rk);
292ae8c6e27Sflorian
293ae8c6e27Sflorian if((e = slabhash_lookup(&r->table, key.entry.hash, &key, wr))) {
294ae8c6e27Sflorian /* check TTL */
295ae8c6e27Sflorian struct packed_rrset_data* data =
296ae8c6e27Sflorian (struct packed_rrset_data*)e->data;
297ae8c6e27Sflorian if(timenow > data->ttl) {
298ae8c6e27Sflorian lock_rw_unlock(&e->lock);
299ae8c6e27Sflorian return NULL;
300ae8c6e27Sflorian }
301ae8c6e27Sflorian /* we're done */
302ae8c6e27Sflorian return (struct ub_packed_rrset_key*)e->key;
303ae8c6e27Sflorian }
304ae8c6e27Sflorian return NULL;
305ae8c6e27Sflorian }
306ae8c6e27Sflorian
307ae8c6e27Sflorian int
rrset_array_lock(struct rrset_ref * ref,size_t count,time_t timenow)308ae8c6e27Sflorian rrset_array_lock(struct rrset_ref* ref, size_t count, time_t timenow)
309ae8c6e27Sflorian {
310ae8c6e27Sflorian size_t i;
311ae8c6e27Sflorian for(i=0; i<count; i++) {
312ae8c6e27Sflorian if(i>0 && ref[i].key == ref[i-1].key)
313ae8c6e27Sflorian continue; /* only lock items once */
314ae8c6e27Sflorian lock_rw_rdlock(&ref[i].key->entry.lock);
315ae8c6e27Sflorian if(ref[i].id != ref[i].key->id || timenow >
316ae8c6e27Sflorian ((struct packed_rrset_data*)(ref[i].key->entry.data))
317ae8c6e27Sflorian ->ttl) {
318ae8c6e27Sflorian /* failure! rollback our readlocks */
319ae8c6e27Sflorian rrset_array_unlock(ref, i+1);
320ae8c6e27Sflorian return 0;
321ae8c6e27Sflorian }
322ae8c6e27Sflorian }
323ae8c6e27Sflorian return 1;
324ae8c6e27Sflorian }
325ae8c6e27Sflorian
326ae8c6e27Sflorian void
rrset_array_unlock(struct rrset_ref * ref,size_t count)327ae8c6e27Sflorian rrset_array_unlock(struct rrset_ref* ref, size_t count)
328ae8c6e27Sflorian {
329ae8c6e27Sflorian size_t i;
330ae8c6e27Sflorian for(i=0; i<count; i++) {
331ae8c6e27Sflorian if(i>0 && ref[i].key == ref[i-1].key)
332ae8c6e27Sflorian continue; /* only unlock items once */
333ae8c6e27Sflorian lock_rw_unlock(&ref[i].key->entry.lock);
334ae8c6e27Sflorian }
335ae8c6e27Sflorian }
336ae8c6e27Sflorian
337ae8c6e27Sflorian void
rrset_array_unlock_touch(struct rrset_cache * r,struct regional * scratch,struct rrset_ref * ref,size_t count)338ae8c6e27Sflorian rrset_array_unlock_touch(struct rrset_cache* r, struct regional* scratch,
339ae8c6e27Sflorian struct rrset_ref* ref, size_t count)
340ae8c6e27Sflorian {
341ae8c6e27Sflorian hashvalue_type* h;
342ae8c6e27Sflorian size_t i;
343ae8c6e27Sflorian if(count > RR_COUNT_MAX || !(h = (hashvalue_type*)regional_alloc(
344ae8c6e27Sflorian scratch, sizeof(hashvalue_type)*count))) {
345ae8c6e27Sflorian log_warn("rrset LRU: memory allocation failed");
346ae8c6e27Sflorian h = NULL;
347ae8c6e27Sflorian } else /* store hash values */
348ae8c6e27Sflorian for(i=0; i<count; i++)
349ae8c6e27Sflorian h[i] = ref[i].key->entry.hash;
350ae8c6e27Sflorian /* unlock */
351ae8c6e27Sflorian for(i=0; i<count; i++) {
352ae8c6e27Sflorian if(i>0 && ref[i].key == ref[i-1].key)
353ae8c6e27Sflorian continue; /* only unlock items once */
354ae8c6e27Sflorian lock_rw_unlock(&ref[i].key->entry.lock);
355ae8c6e27Sflorian }
356ae8c6e27Sflorian if(h) {
357ae8c6e27Sflorian /* LRU touch, with no rrset locks held */
358ae8c6e27Sflorian for(i=0; i<count; i++) {
359ae8c6e27Sflorian if(i>0 && ref[i].key == ref[i-1].key)
360ae8c6e27Sflorian continue; /* only touch items once */
361ae8c6e27Sflorian rrset_cache_touch(r, ref[i].key, h[i], ref[i].id);
362ae8c6e27Sflorian }
363ae8c6e27Sflorian }
364ae8c6e27Sflorian }
365ae8c6e27Sflorian
366ae8c6e27Sflorian void
rrset_update_sec_status(struct rrset_cache * r,struct ub_packed_rrset_key * rrset,time_t now)367ae8c6e27Sflorian rrset_update_sec_status(struct rrset_cache* r,
368ae8c6e27Sflorian struct ub_packed_rrset_key* rrset, time_t now)
369ae8c6e27Sflorian {
370ae8c6e27Sflorian struct packed_rrset_data* updata =
371ae8c6e27Sflorian (struct packed_rrset_data*)rrset->entry.data;
372ae8c6e27Sflorian struct lruhash_entry* e;
373ae8c6e27Sflorian struct packed_rrset_data* cachedata;
374ae8c6e27Sflorian
375ae8c6e27Sflorian /* hash it again to make sure it has a hash */
376ae8c6e27Sflorian rrset->entry.hash = rrset_key_hash(&rrset->rk);
377ae8c6e27Sflorian
378ae8c6e27Sflorian e = slabhash_lookup(&r->table, rrset->entry.hash, rrset, 1);
379ae8c6e27Sflorian if(!e)
380ae8c6e27Sflorian return; /* not in the cache anymore */
381ae8c6e27Sflorian cachedata = (struct packed_rrset_data*)e->data;
382ae8c6e27Sflorian if(!rrsetdata_equal(updata, cachedata)) {
383ae8c6e27Sflorian lock_rw_unlock(&e->lock);
384ae8c6e27Sflorian return; /* rrset has changed in the meantime */
385ae8c6e27Sflorian }
386ae8c6e27Sflorian /* update the cached rrset */
387ae8c6e27Sflorian if(updata->security > cachedata->security) {
388ae8c6e27Sflorian size_t i;
389ae8c6e27Sflorian if(updata->trust > cachedata->trust)
390ae8c6e27Sflorian cachedata->trust = updata->trust;
391ae8c6e27Sflorian cachedata->security = updata->security;
392ae8c6e27Sflorian /* for NS records only shorter TTLs, other types: update it */
393ae8c6e27Sflorian if(ntohs(rrset->rk.type) != LDNS_RR_TYPE_NS ||
394ae8c6e27Sflorian updata->ttl+now < cachedata->ttl ||
395ae8c6e27Sflorian cachedata->ttl < now ||
396ae8c6e27Sflorian updata->security == sec_status_bogus) {
397ae8c6e27Sflorian cachedata->ttl = updata->ttl + now;
398ae8c6e27Sflorian for(i=0; i<cachedata->count+cachedata->rrsig_count; i++)
399ae8c6e27Sflorian cachedata->rr_ttl[i] = updata->rr_ttl[i]+now;
400*a8eaceedSflorian cachedata->ttl_add = now;
401ae8c6e27Sflorian }
402ae8c6e27Sflorian }
403ae8c6e27Sflorian lock_rw_unlock(&e->lock);
404ae8c6e27Sflorian }
405ae8c6e27Sflorian
406ae8c6e27Sflorian void
rrset_check_sec_status(struct rrset_cache * r,struct ub_packed_rrset_key * rrset,time_t now)407ae8c6e27Sflorian rrset_check_sec_status(struct rrset_cache* r,
408ae8c6e27Sflorian struct ub_packed_rrset_key* rrset, time_t now)
409ae8c6e27Sflorian {
410ae8c6e27Sflorian struct packed_rrset_data* updata =
411ae8c6e27Sflorian (struct packed_rrset_data*)rrset->entry.data;
412ae8c6e27Sflorian struct lruhash_entry* e;
413ae8c6e27Sflorian struct packed_rrset_data* cachedata;
414ae8c6e27Sflorian
415ae8c6e27Sflorian /* hash it again to make sure it has a hash */
416ae8c6e27Sflorian rrset->entry.hash = rrset_key_hash(&rrset->rk);
417ae8c6e27Sflorian
418ae8c6e27Sflorian e = slabhash_lookup(&r->table, rrset->entry.hash, rrset, 0);
419ae8c6e27Sflorian if(!e)
420ae8c6e27Sflorian return; /* not in the cache anymore */
421ae8c6e27Sflorian cachedata = (struct packed_rrset_data*)e->data;
422ae8c6e27Sflorian if(now > cachedata->ttl || !rrsetdata_equal(updata, cachedata)) {
423ae8c6e27Sflorian lock_rw_unlock(&e->lock);
424ae8c6e27Sflorian return; /* expired, or rrset has changed in the meantime */
425ae8c6e27Sflorian }
426ae8c6e27Sflorian if(cachedata->security > updata->security) {
427ae8c6e27Sflorian updata->security = cachedata->security;
428ae8c6e27Sflorian if(cachedata->security == sec_status_bogus) {
429ae8c6e27Sflorian size_t i;
430ae8c6e27Sflorian updata->ttl = cachedata->ttl - now;
431ae8c6e27Sflorian for(i=0; i<cachedata->count+cachedata->rrsig_count; i++)
432ae8c6e27Sflorian if(cachedata->rr_ttl[i] < now)
433ae8c6e27Sflorian updata->rr_ttl[i] = 0;
434ae8c6e27Sflorian else updata->rr_ttl[i] =
435ae8c6e27Sflorian cachedata->rr_ttl[i]-now;
436ae8c6e27Sflorian }
437ae8c6e27Sflorian if(cachedata->trust > updata->trust)
438ae8c6e27Sflorian updata->trust = cachedata->trust;
439ae8c6e27Sflorian }
440ae8c6e27Sflorian lock_rw_unlock(&e->lock);
441ae8c6e27Sflorian }
442ae8c6e27Sflorian
rrset_cache_remove(struct rrset_cache * r,uint8_t * nm,size_t nmlen,uint16_t type,uint16_t dclass,uint32_t flags)443ae8c6e27Sflorian void rrset_cache_remove(struct rrset_cache* r, uint8_t* nm, size_t nmlen,
444ae8c6e27Sflorian uint16_t type, uint16_t dclass, uint32_t flags)
445ae8c6e27Sflorian {
446ae8c6e27Sflorian struct ub_packed_rrset_key key;
447ae8c6e27Sflorian key.entry.key = &key;
448ae8c6e27Sflorian key.rk.dname = nm;
449ae8c6e27Sflorian key.rk.dname_len = nmlen;
450ae8c6e27Sflorian key.rk.rrset_class = htons(dclass);
451ae8c6e27Sflorian key.rk.type = htons(type);
452ae8c6e27Sflorian key.rk.flags = flags;
453ae8c6e27Sflorian key.entry.hash = rrset_key_hash(&key.rk);
454ae8c6e27Sflorian slabhash_remove(&r->table, key.entry.hash, &key);
455ae8c6e27Sflorian }
456