CC: dot@dotat.at
In-Reply-To: <alpine.LSU.2.00.1406191110370.3035@hermes-1.csi.cam.ac.uk>
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,RP_MATCHES_RCVD autolearn=ham autolearn_force=no version=3.4.0
X-Cam-Antivirus: no malware found
References: <alpine.LSU.2.00.1406191110370.3035@hermes-1.csi.cam.ac.uk>
Content-Type: text/plain; charset="utf-8"
Message-ID: <E1XAgkZ-0002L7-FA@hermes-1.csi.cam.ac.uk>
X-RT-Original-Encoding: utf-8
Received: from mx.ams1.isc.org (mx.ams1.isc.org [199.6.1.65]) by bugs.isc.org (Postfix) with ESMTP id EBED62D20574 for <bind9-bugs@bugs.isc.org>; Fri, 25 Jul 2014 14:45:38 +0000 (UTC)
Received: from ppsw-41.csi.cam.ac.uk (ppsw-41-v6.csi.cam.ac.uk [IPv6:2001:630:212:8::e:f41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.ams1.isc.org (Postfix) with ESMTPS id E9E1B1FCB59 for <bind9-bugs@isc.org>; Fri, 25 Jul 2014 14:45:35 +0000 (UTC)
Received: from hermes-1.csi.cam.ac.uk ([131.111.8.51]:47999) by ppsw-41.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.157]:25) with esmtpa (EXTERNAL:fanf2) id 1XAgkZ-0007aP-Ra (Exim 4.82_3-c0e5623) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 25 Jul 2014 15:45:35 +0100
Received: from fanf2 by hermes-1.csi.cam.ac.uk (hermes.cam.ac.uk) with local id 1XAgkZ-0002L7-FA (Exim 4.72) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 25 Jul 2014 15:45:35 +0100
Delivered-To: bind9-bugs@bugs.isc.org
Subject: [ISC-Bugs #36330] [PATCH 2/3] remove (probably) redundant EDNS512 flag - rely on ADB instead
Return-Path: <fanf2@hermes.cam.ac.uk>
X-Original-To: bind9-bugs@bugs.isc.org
Sender: Tony Finch <fanf2@hermes.cam.ac.uk>
Date: Fri, 25 Jul 2014 15:26:22 +0100
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mx.ams1.isc.org
To: bind9-bugs@isc.org
X-Cam-Scannerinfo: http://www.cam.ac.uk/cs/email/scanner/
From: Tony Finch <dot@dotat.at>
RT-Message-ID: <rt-3.8.6-35151-1406299539-1035.36330-0-0@isc.org>
Content-Length: 5674

---
 lib/dns/include/dns/resolver.h |  2 --
 lib/dns/resolver.c             | 79 ++++--------------------------------------
 2 files changed, 6 insertions(+), 75 deletions(-)

diff --git a/lib/dns/include/dns/resolver.h b/lib/dns/include/dns/resolver.h
index e9aabc2..a8f35e4 100644
--- a/lib/dns/include/dns/resolver.h
+++ b/lib/dns/include/dns/resolver.h
@@ -93,8 +93,6 @@ typedef struct dns_fetchevent {
 #define DNS_FETCHOPT_NOEDNS0		0x008	     /*%< Do not use EDNS. */
 #define DNS_FETCHOPT_FORWARDONLY	0x010	     /*%< Only use forwarders. */
 #define DNS_FETCHOPT_NOVALIDATE		0x020	     /*%< Disable validation. */
-#define DNS_FETCHOPT_EDNS512		0x040	     /*%< Advertise a 512 byte
-							  UDP buffer. */
 #define DNS_FETCHOPT_WANTNSID		0x080	     /*%< Request NSID */
 #define DNS_FETCHOPT_PREFETCH		0x100	     /*%< Do prefetch */
 #define DNS_FETCHOPT_NOCDFLAG		0x200	     /*%< Don't set CD flag. */
diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index e6e5315..884aeb8 100644
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -145,7 +145,7 @@
  * This defines the maximum number of timeouts we will permit before we
  * disable EDNS0 on the query.
  */
-#define MAX_EDNS0_TIMEOUTS      3
+#define MAX_EDNS0_TIMEOUTS      6
 
 typedef struct fetchctx fetchctx_t;
 
@@ -245,7 +245,6 @@ struct fetchctx {
 	dns_fwdpolicy_t			fwdpolicy;
 	isc_sockaddrlist_t		bad;
 	ISC_LIST(struct tried)		edns;
-	ISC_LIST(struct tried)		edns512;
 	isc_sockaddrlist_t		bad_edns;
 	dns_validator_t			*validator;
 	ISC_LIST(dns_validator_t)       validators;
@@ -1709,39 +1708,6 @@ add_triededns(fetchctx_t *fctx, isc_sockaddr_t *address) {
 	ISC_LIST_INITANDAPPEND(fctx->edns, tried, link);
 }
 
-static struct tried *
-triededns512(fetchctx_t *fctx, isc_sockaddr_t *address) {
-	struct tried *tried;
-
-	for (tried = ISC_LIST_HEAD(fctx->edns512);
-	     tried != NULL;
-	     tried = ISC_LIST_NEXT(tried, link)) {
-		if (isc_sockaddr_equal(&tried->addr, address))
-			return (tried);
-	}
-
-	return (NULL);
-}
-
-static void
-add_triededns512(fetchctx_t *fctx, isc_sockaddr_t *address) {
-	struct tried *tried;
-
-	tried = triededns512(fctx, address);
-	if (tried != NULL) {
-		tried->count++;
-		return;
-	}
-
-	tried = isc_mem_get(fctx->mctx, sizeof(*tried));
-	if (tried == NULL)
-		return;
-
-	tried->addr = *address;
-	tried->count = 1;
-	ISC_LIST_INITANDAPPEND(fctx->edns512, tried, link);
-}
-
 #ifdef ISC_PLATFORM_USESIT
 static void
 compute_cc(resquery_t *query, unsigned char *sit, size_t len) {
@@ -2011,26 +1977,12 @@ resquery_send(resquery_t *query) {
 
 
 	if (fctx->timeout && (query->options & DNS_FETCHOPT_NOEDNS0) == 0) {
-		isc_sockaddr_t *sockaddr = &query->addrinfo->sockaddr;
-		struct tried *tried;
-
-		if (fctx->timeouts > (MAX_EDNS0_TIMEOUTS * 2) &&
+		if (fctx->timeouts > MAX_EDNS0_TIMEOUTS &&
 		    !EDNSOK(query->addrinfo)) {
 			query->options |= DNS_FETCHOPT_NOEDNS0;
 			fctx->reason = "disabling EDNS";
-		} else if ((tried = triededns512(fctx, sockaddr)) != NULL &&
-		    tried->count >= 2U && !EDNSOK(query->addrinfo)) {
-			query->options |= DNS_FETCHOPT_NOEDNS0;
-			fctx->reason = "disabling EDNS";
-		} else if ((tried = triededns(fctx, sockaddr)) != NULL) {
-			if (tried->count == 1U) {
-				hint = dns_adb_getudpsize(fctx->adb,
-							  query->addrinfo);
-			} else if (tried->count >= 2U) {
-				query->options |= DNS_FETCHOPT_EDNS512;
-				fctx->reason = "reducing the advertised EDNS "
-					       "UDP packet size to 512 octets";
-			}
+		} else {
+			hint = dns_adb_getudpsize(fctx->adb, query->addrinfo);
 		}
 	}
 	fctx->timeout = ISC_FALSE;
@@ -2049,8 +2001,7 @@ resquery_send(resquery_t *query) {
 			unsigned char sit[64];
 #endif
 
-			if ((flags & FCTX_ADDRINFO_EDNSOK) != 0 &&
-			    (query->options & DNS_FETCHOPT_EDNS512) == 0) {
+			if ((flags & FCTX_ADDRINFO_EDNSOK) != 0) {
 				udpsize = dns_adb_probesize(fctx->adb,
 							    query->addrinfo);
 				if (udpsize > res->udpsize)
@@ -2064,12 +2015,6 @@ resquery_send(resquery_t *query) {
 				udpsize = 512;
 
 			/*
-			 * Was the size forced to 512 in the configuration?
-			 */
-			if (udpsize == 512U)
-			    query->options |= DNS_FETCHOPT_EDNS512;
-
-			/*
 			 * We have talked to this server before.
 			 */
 			if (hint != 0U)
@@ -2159,12 +2104,9 @@ resquery_send(resquery_t *query) {
 	 */
 	query->udpsize = udpsize;
 
-	if (udpsize > 512U)
+	if (udpsize > 0)
 		add_triededns(fctx, &query->addrinfo->sockaddr);
 
-	if (udpsize == 512U)
-		add_triededns512(fctx, &query->addrinfo->sockaddr);
-
 	/*
 	 * Clear CD if EDNS is not in use.
 	 */
@@ -3427,13 +3369,6 @@ fctx_destroy(fetchctx_t *fctx) {
 		isc_mem_put(fctx->mctx, tried, sizeof(*tried));
 	}
 
-	for (tried = ISC_LIST_HEAD(fctx->edns512);
-	     tried != NULL;
-	     tried = ISC_LIST_HEAD(fctx->edns512)) {
-		ISC_LIST_UNLINK(fctx->edns512, tried, link);
-		isc_mem_put(fctx->mctx, tried, sizeof(*tried));
-	}
-
 	for (sa = ISC_LIST_HEAD(fctx->bad_edns);
 	     sa != NULL;
 	     sa = next_sa) {
@@ -3831,7 +3766,6 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type,
 	fctx->fwdpolicy = dns_fwdpolicy_none;
 	ISC_LIST_INIT(fctx->bad);
 	ISC_LIST_INIT(fctx->edns);
-	ISC_LIST_INIT(fctx->edns512);
 	ISC_LIST_INIT(fctx->bad_edns);
 	ISC_LIST_INIT(fctx->validators);
 	fctx->validator = NULL;
@@ -7452,7 +7386,6 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
 			broken_server = DNS_R_TRUNCATEDTCP;
 			keep_trying = ISC_TRUE;
 		} else if ((query->options & DNS_FETCHOPT_NOEDNS0) == 0 &&
-			   (query->options & DNS_FETCHOPT_EDNS512) == 0 &&
 			   !triededns(fctx, &query->addrinfo->sockaddr)) {
 			resend = ISC_TRUE;
 		} else {
-- 
2.0.1