mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-22 18:19:42 +00:00
Code Issues Releases Wiki Activity
bind/lib/ns/server.c

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

252 lines
6.1 KiB
C
Raw Normal View History

[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
Update the copyright information in all files in the repository This commit converts the license handling to adhere to the REUSE specification. It specifically: 1. Adds used licnses to LICENSES/ directory 2. Add "isc" template for adding the copyright boilerplate 3. Changes all source files to include copyright and SPDX license header, this includes all the C sources, documentation, zone files, configuration files. There are notes in the doc/dev/copyrights file on how to add correct headers to the new files. 4. Handle the rest that can't be modified via .reuse/dep5 file. The binary (or otherwise unmodifiable) files could have license places next to them in <foo>.license file, but this would lead to cluttered repository and most of the files handled in the .reuse/dep5 file are system test files.
2021-06-03 08:37:05 +02:00
*
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
Update license headers to not include years in copyright in all applicable files
2018-02-23 09:53:12 +01:00
*
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
/*! \file */
Replace custom isc_boolean_t with C standard bool type
2018-04-17 08:29:14 -07:00
#include <stdbool.h>
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
#include <isc/mem.h>
#include <isc/stats.h>
4774. [bug] <isc/util.h> was incorrectly included in several header files. [RT #46311]
2017-10-19 12:26:32 +11:00
#include <isc/util.h>
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
#include <dns/stats.h>
#include <dns/tkey.h>
refactor filter-aaaa implementation - the goal of this change is for AAAA filtering to be fully contained in the query logic, and implemented at discrete points that can be replaced with hook callouts later on. - the new code may be slightly less efficient than the old filter-aaaa implementation, but maximum efficiency was never a priority for AAAA filtering anyway. - we now use the rdataset RENDERED attribute to indicate that an AAAA rdataset should not be included when rendering the message. (this flag was originally meant to indicate that an rdataset has already been rendered and should not be repeated, but it can also be used to prevent rendering in the first place.) - the DNS_MESSAGERENDER_FILTER_AAAA, NS_CLIENTATTR_FILTER_AAAA, and DNS_RDATASETGLUE_FILTERAAAA flags are all now unnecessary and have been removed.
2018-08-06 19:34:20 -07:00
#include <ns/query.h>
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
#include <ns/server.h>
#include <ns/stats.h>
#define SCTX_MAGIC ISC_MAGIC('S', 'c', 't', 'x')
#define SCTX_VALID(s) ISC_MAGIC_VALID(s, SCTX_MAGIC)
#define CHECKFATAL(op) \
do { \
result = (op); \
RUNTIME_CHECK(result == ISC_R_SUCCESS); \
} while (0)
Refactor ns_server_create() to return void After isc_stats_create() change, the ns_server_create() cannot fail, so refactor the function to return void and fix all its uses.
2023-06-26 11:09:26 +02:00
void
Replace all random functions with isc_random, isc_random_buf and isc_random_uniform API. The three functions has been modeled after the arc4random family of functions, and they will always return random bytes. The isc_random family of functions internally use these CSPRNG (if available): 1. getrandom() libc call (might be available on Linux and Solaris) 2. SYS_getrandom syscall (might be available on Linux, detected at runtime) 3. arc4random(), arc4random_buf() and arc4random_uniform() (available on BSDs and Mac OS X) 4. crypto library function: 4a. RAND_bytes in case OpenSSL 4b. pkcs_C_GenerateRandom() in case PKCS#11 library
2018-04-22 14:56:28 +02:00
ns_server_create(isc_mem_t *mctx, ns_matchview_t matchingview,
ns_server_t **sctxp) {
make "max_restarts" a configurable value MAX_RESTARTS is no longer hard-coded; ns_server_setmaxrestarts() and dns_client_setmaxrestarts() can now be used to modify the max-restarts value at runtime. in both cases, the default is 11.
2024-06-25 14:30:20 -07:00
ns_server_t *sctx = NULL;
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
REQUIRE(sctxp != NULL && *sctxp == NULL);
Use designated initializers instead of memset()/MEM_ZERO for structs In several places, the structures were cleaned with memset(...)) and thus the semantic patch converted the isc_mem_get(...) to isc_mem_getx(..., ISC_MEM_ZERO). Use the designated initializer to initialized the structures instead of zeroing the memory with ISC_MEM_ZERO flag as this better matches the intended purpose.
2022-08-26 11:58:51 +02:00
sctx = isc_mem_get(mctx, sizeof(*sctx));
*sctx = (ns_server_t){
.udpsize = 1232,
.transfer_tcp_message_size = 20480,
.fuzztype = isc_fuzz_none,
.matchingview = matchingview,
.answercookie = true,
};
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
isc_mem_attach(mctx, &sctx->mctx);
Allocate DNS send buffers using dedicated per-worker memory arenas This commit ensures that memory allocations related to DNS send buffers are routed through dedicated per-worker memory arenas in order to decrease memory usage on high load caused by TCP-based DNS transports. We do that by following jemalloc developers suggestions: https://github.com/jemalloc/jemalloc/issues/2483#issuecomment-1639019699 https://github.com/jemalloc/jemalloc/issues/2483#issuecomment-1698173849
2023-08-10 23:08:25 +03:00
/*
* See here for more details:
* https://github.com/jemalloc/jemalloc/issues/2483
*/
isc_refcount_init() now doesn't return isc_result_t and asserts on failed initialization
2018-08-01 11:46:11 +02:00
isc_refcount_init(&sctx->references, 1);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
isc_quota_init now returns 'void'
2018-11-16 15:45:01 +01:00
isc_quota_init(&sctx->xfroutquota, 10);
isc_quota_init(&sctx->tcpquota, 10);
isc_quota_init(&sctx->recursionquota, 100);
add an update quota limit the number of simultaneous DNS UPDATE events that can be processed by adding a quota for update and update forwarding. this quota currently, arbitrarily, defaults to 100. also add a statistics counter to record when the update quota has been exceeded.
2022-09-01 16:05:04 -07:00
isc_quota_init(&sctx->updquota, 100);
Add a quota for SIG(0) signature checks In order to protect from a malicious DNS client that sends many queries with a SIG(0)-signed message, add a quota of simultaneously running SIG(0) checks. This protection can only help when named is using more than one worker threads. For example, if named is running with the '-n 4' option, and 'sig0checks-quota 2;' is used, then named will make sure to not use more than 2 workers for the SIG(0) signature checks in parallel, thus leaving the other workers to serve the remaining clients which do not use SIG(0)-signed messages. That limitation is going to change when SIG(0) signature checks are offloaded to "slow" threads in a future commit. The 'sig0checks-quota-exempt' ACL option can be used to exempt certain clients from the quota requirements using their IP or network addresses. The 'sig0checks-quota-maxwait-ms' option is used to define a maximum amount of time for named to wait for a quota to appear. If during that time no new quota becomes available, named will answer to the client with DNS_R_REFUSED.
2024-03-25 11:07:47 +00:00
isc_quota_init(&sctx->sig0checksquota, 1);
Add (http-)listener-clients option (DoH quota mechanism) This commit adds support for http-listener-clients global options as well as ability to override the default in an HTTP server description, like: http local-http-server { ... listener-clients 100; ... }; This way we have ability to specify per-listener active connections quota globally and then override it when required. This is exactly what AT&T requested us: they wanted a functionality to specify quota globally and then override it for specific IPs. This change functionality makes such a configuration possible. It makes sense: for example, one could have different quotas for internal and external clients. Or, for example, one could use BIND's internal ability to serve encrypted DoH with some sane quota value for internal clients, while having un-encrypted DoH listener without quota to put BIND behind a load balancer doing TLS offloading for external clients. Moreover, the code no more shares the quota with TCP, which makes little sense anyway (see tcp-clients option), because of the nature of interaction of DoH clients: they tend to keep idle opened connections for longer periods of time, preventing the TCP and TLS client from being served. Thus, the need to have a separate, generally larger, quota for them. Also, the change makes any option within "http <name> { ... };" statement optional, making it easier to override only required default options. By default, the DoH connections are limited to 300 per listener. I hope that it is a good initial guesstimate.
2021-05-14 14:18:57 +03:00
ISC_LIST_INIT(sctx->http_quotas);
Store HTTP quota size inside a listenlist instead of the quota This way only quota size is passed to the interface/listener management code instead of a quota object. Thus, we can implement updating the quota object size instead of recreating the object.
2022-06-22 14:52:58 +03:00
isc_mutex_init(&sctx->http_quotas_lock);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Refactor isc_stats_create() and its downstream users to return void The isc_stats_create() can no longer return anything else than ISC_R_SUCCESS. Refactor isc_stats_create() and its variants in libdns, libns and named to just return void.
2023-06-26 10:58:30 +02:00
ns_stats_create(mctx, ns_statscounter_max, &sctx->nsstats);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Refactor isc_stats_create() and its downstream users to return void The isc_stats_create() can no longer return anything else than ISC_R_SUCCESS. Refactor isc_stats_create() and its variants in libdns, libns and named to just return void.
2023-06-26 10:58:30 +02:00
dns_rdatatypestats_create(mctx, &sctx->rcvquerystats);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Refactor isc_stats_create() and its downstream users to return void The isc_stats_create() can no longer return anything else than ISC_R_SUCCESS. Refactor isc_stats_create() and its variants in libdns, libns and named to just return void.
2023-06-26 10:58:30 +02:00
dns_opcodestats_create(mctx, &sctx->opcodestats);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Refactor isc_stats_create() and its downstream users to return void The isc_stats_create() can no longer return anything else than ISC_R_SUCCESS. Refactor isc_stats_create() and its variants in libdns, libns and named to just return void.
2023-06-26 10:58:30 +02:00
dns_rcodestats_create(mctx, &sctx->rcodestats);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_create(mctx, DNS_SIZEHISTO_SIGBITSIN,
&sctx->udpinstats4);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_create(mctx, DNS_SIZEHISTO_SIGBITSOUT,
&sctx->udpoutstats4);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_create(mctx, DNS_SIZEHISTO_SIGBITSIN,
&sctx->udpinstats6);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_create(mctx, DNS_SIZEHISTO_SIGBITSOUT,
&sctx->udpoutstats6);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_create(mctx, DNS_SIZEHISTO_SIGBITSIN,
&sctx->tcpinstats4);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_create(mctx, DNS_SIZEHISTO_SIGBITSOUT,
&sctx->tcpoutstats4);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_create(mctx, DNS_SIZEHISTO_SIGBITSIN,
&sctx->tcpinstats6);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_create(mctx, DNS_SIZEHISTO_SIGBITSOUT,
&sctx->tcpoutstats6);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
ISC_LIST_INIT(sctx->altsecrets);
sctx->magic = SCTX_MAGIC;
*sctxp = sctx;
}
void
ns_server_attach(ns_server_t *src, ns_server_t **dest) {
REQUIRE(SCTX_VALID(src));
REQUIRE(dest != NULL && *dest == NULL);
Rewrite isc_refcount API to fetch_and_<op>, instead of former <op>_and_<fetch>
2018-08-17 15:16:59 +02:00
isc_refcount_increment(&src->references);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
*dest = src;
}
void
ns_server_detach(ns_server_t **sctxp) {
ns_server_t *sctx;
Refactor *_destroy and *_detach functions to unified order of actions. This properly orders clearing the freed pointer and calling isc_refcount_destroy as early as possible to have ability to put proper memory barrier when cleaning up reference counting.
2018-08-28 10:18:59 +02:00
REQUIRE(sctxp != NULL && SCTX_VALID(*sctxp));
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
sctx = *sctxp;
Refactor *_destroy and *_detach functions to unified order of actions. This properly orders clearing the freed pointer and calling isc_refcount_destroy as early as possible to have ability to put proper memory barrier when cleaning up reference counting.
2018-08-28 10:18:59 +02:00
*sctxp = NULL;
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Rewrite isc_refcount API to fetch_and_<op>, instead of former <op>_and_<fetch>
2018-08-17 15:16:59 +02:00
if (isc_refcount_decrement(&sctx->references) == 1) {
make all ISC_LIST_FOREACH calls safe previously, ISC_LIST_FOREACH and ISC_LIST_FOREACH_SAFE were two separate macros, with the _SAFE version allowing entries to be unlinked during the loop. ISC_LIST_FOREACH is now also safe, and the separate _SAFE macro has been removed. similarly, the ISC_LIST_FOREACH_REV macro is now safe, and ISC_LIST_FOREACH_REV_SAFE has also been removed.
2025-05-23 13:02:22 -07:00
ISC_LIST_FOREACH (sctx->altsecrets, altsecret, link) {
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
ISC_LIST_UNLINK(sctx->altsecrets, altsecret, link);
isc_mem_put(sctx->mctx, altsecret, sizeof(*altsecret));
}
Add a quota for SIG(0) signature checks In order to protect from a malicious DNS client that sends many queries with a SIG(0)-signed message, add a quota of simultaneously running SIG(0) checks. This protection can only help when named is using more than one worker threads. For example, if named is running with the '-n 4' option, and 'sig0checks-quota 2;' is used, then named will make sure to not use more than 2 workers for the SIG(0) signature checks in parallel, thus leaving the other workers to serve the remaining clients which do not use SIG(0)-signed messages. That limitation is going to change when SIG(0) signature checks are offloaded to "slow" threads in a future commit. The 'sig0checks-quota-exempt' ACL option can be used to exempt certain clients from the quota requirements using their IP or network addresses. The 'sig0checks-quota-maxwait-ms' option is used to define a maximum amount of time for named to wait for a quota to appear. If during that time no new quota becomes available, named will answer to the client with DNS_R_REFUSED.
2024-03-25 11:07:47 +00:00
if (sctx->sig0checksquota_exempt != NULL) {
dns_acl_detach(&sctx->sig0checksquota_exempt);
}
isc_quota_destroy(&sctx->sig0checksquota);
add an update quota limit the number of simultaneous DNS UPDATE events that can be processed by adding a quota for update and update forwarding. this quota currently, arbitrarily, defaults to 100. also add a statistics counter to record when the update quota has been exceeded.
2022-09-01 16:05:04 -07:00
isc_quota_destroy(&sctx->updquota);
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
isc_quota_destroy(&sctx->recursionquota);
isc_quota_destroy(&sctx->tcpquota);
isc_quota_destroy(&sctx->xfroutquota);
make all ISC_LIST_FOREACH calls safe previously, ISC_LIST_FOREACH and ISC_LIST_FOREACH_SAFE were two separate macros, with the _SAFE version allowing entries to be unlinked during the loop. ISC_LIST_FOREACH is now also safe, and the separate _SAFE macro has been removed. similarly, the ISC_LIST_FOREACH_REV macro is now safe, and ISC_LIST_FOREACH_REV_SAFE has also been removed.
2025-05-23 13:02:22 -07:00
ISC_LIST_FOREACH (sctx->http_quotas, http_quota, link) {
Add (http-)listener-clients option (DoH quota mechanism) This commit adds support for http-listener-clients global options as well as ability to override the default in an HTTP server description, like: http local-http-server { ... listener-clients 100; ... }; This way we have ability to specify per-listener active connections quota globally and then override it when required. This is exactly what AT&T requested us: they wanted a functionality to specify quota globally and then override it for specific IPs. This change functionality makes such a configuration possible. It makes sense: for example, one could have different quotas for internal and external clients. Or, for example, one could use BIND's internal ability to serve encrypted DoH with some sane quota value for internal clients, while having un-encrypted DoH listener without quota to put BIND behind a load balancer doing TLS offloading for external clients. Moreover, the code no more shares the quota with TCP, which makes little sense anyway (see tcp-clients option), because of the nature of interaction of DoH clients: they tend to keep idle opened connections for longer periods of time, preventing the TCP and TLS client from being served. Thus, the need to have a separate, generally larger, quota for them. Also, the change makes any option within "http <name> { ... };" statement optional, making it easier to override only required default options. By default, the DoH connections are limited to 300 per listener. I hope that it is a good initial guesstimate.
2021-05-14 14:18:57 +03:00
ISC_LIST_DEQUEUE(sctx->http_quotas, http_quota, link);
isc_quota_destroy(http_quota);
isc_mem_put(sctx->mctx, http_quota,
sizeof(*http_quota));
}
Store HTTP quota size inside a listenlist instead of the quota This way only quota size is passed to the interface/listener management code instead of a quota object. Thus, we can implement updating the quota object size instead of recreating the object.
2022-06-22 14:52:58 +03:00
isc_mutex_destroy(&sctx->http_quotas_lock);
Add (http-)listener-clients option (DoH quota mechanism) This commit adds support for http-listener-clients global options as well as ability to override the default in an HTTP server description, like: http local-http-server { ... listener-clients 100; ... }; This way we have ability to specify per-listener active connections quota globally and then override it when required. This is exactly what AT&T requested us: they wanted a functionality to specify quota globally and then override it for specific IPs. This change functionality makes such a configuration possible. It makes sense: for example, one could have different quotas for internal and external clients. Or, for example, one could use BIND's internal ability to serve encrypted DoH with some sane quota value for internal clients, while having un-encrypted DoH listener without quota to put BIND behind a load balancer doing TLS offloading for external clients. Moreover, the code no more shares the quota with TCP, which makes little sense anyway (see tcp-clients option), because of the nature of interaction of DoH clients: they tend to keep idle opened connections for longer periods of time, preventing the TCP and TLS client from being served. Thus, the need to have a separate, generally larger, quota for them. Also, the change makes any option within "http <name> { ... };" statement optional, making it easier to override only required default options. By default, the DoH connections are limited to 300 per listener. I hope that it is a good initial guesstimate.
2021-05-14 14:18:57 +03:00
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
if (sctx->server_id != NULL) {
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
isc_mem_free(sctx->mctx, sctx->server_id);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
if (sctx->blackholeacl != NULL) {
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
dns_acl_detach(&sctx->blackholeacl);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
if (sctx->tkeyctx != NULL) {
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
dns_tkeyctx_destroy(&sctx->tkeyctx);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
if (sctx->nsstats != NULL) {
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
ns_stats_detach(&sctx->nsstats);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
if (sctx->rcvquerystats != NULL) {
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
dns_stats_detach(&sctx->rcvquerystats);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
if (sctx->opcodestats != NULL) {
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
dns_stats_detach(&sctx->opcodestats);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
if (sctx->rcodestats != NULL) {
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
dns_stats_detach(&sctx->rcodestats);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
if (sctx->udpinstats4 != NULL) {
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_destroy(&sctx->udpinstats4);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
if (sctx->tcpinstats4 != NULL) {
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_destroy(&sctx->tcpinstats4);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
if (sctx->udpoutstats4 != NULL) {
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_destroy(&sctx->udpoutstats4);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
if (sctx->tcpoutstats4 != NULL) {
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_destroy(&sctx->tcpoutstats4);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
if (sctx->udpinstats6 != NULL) {
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_destroy(&sctx->udpinstats6);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
if (sctx->tcpinstats6 != NULL) {
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_destroy(&sctx->tcpinstats6);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
if (sctx->udpoutstats6 != NULL) {
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_destroy(&sctx->udpoutstats6);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
if (sctx->tcpoutstats6 != NULL) {
Use isc_histo for the message size statistics This should have no functional effects. The message size stats are specified by RSSAC002 so it's best not to mess around with how they appear in the statschannel. But it's worth changing the implementation to use general-purpose histograms, to reduce code size and benefit from sharded counters.
2023-03-16 14:31:46 +00:00
isc_histomulti_destroy(&sctx->tcpoutstats6);
Make lib/ns Thread Sanitizer clean
2019-07-04 15:45:06 +02:00
}
sctx->magic = 0;
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
isc_mem_putanddetach(&sctx->mctx, sctx, sizeof(*sctx));
}
}
isc_result_t
ns_server_setserverid(ns_server_t *sctx, const char *serverid) {
REQUIRE(SCTX_VALID(sctx));
if (sctx->server_id != NULL) {
isc_mem_free(sctx->mctx, sctx->server_id);
}
if (serverid != NULL) {
sctx->server_id = isc_mem_strdup(sctx->mctx, serverid);
}
return ISC_R_SUCCESS;
}
void
ns_server_setoption(ns_server_t *sctx, unsigned int option, bool value) {
REQUIRE(SCTX_VALID(sctx));
if (value) {
sctx->options |= option;
} else {
sctx->options &= ~option;
}
}
Replace custom isc_boolean_t with C standard bool type
2018-04-17 08:29:14 -07:00
bool
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
ns_server_getoption(ns_server_t *sctx, unsigned int option) {
REQUIRE(SCTX_VALID(sctx));
Turn (int & flag) into (int & flag) != 0 when implicitly typed to bool
2018-10-11 11:57:57 +02:00
return (sctx->options & option) != 0;
[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]
2017-09-08 13:39:09 -07:00
}
Store HTTP quota size inside a listenlist instead of the quota This way only quota size is passed to the interface/listener management code instead of a quota object. Thus, we can implement updating the quota object size instead of recreating the object.
2022-06-22 14:52:58 +03:00
void
ns_server_append_http_quota(ns_server_t *sctx, isc_quota_t *http_quota) {
REQUIRE(SCTX_VALID(sctx));
REQUIRE(http_quota != NULL);
LOCK(&sctx->http_quotas_lock);
ISC_LINK_INIT(http_quota, link);
ISC_LIST_APPEND(sctx->http_quotas, http_quota, link);
UNLOCK(&sctx->http_quotas_lock);
}
Reference in New Issue Copy Permalink