picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

resolved: allow cache responses from local DNS servers

This commit is contained in:
Pavel Sapezhko 2020-11-24 16:44:07 +03:00 committed by Yu Watanabe
parent 2bb703e440
commit 6d8325f66a
8 changed files with 18 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
man/resolved.conf.xml
View File

@ -251,8 +251,16 @@
request. Be aware that turning off caching comes at a performance penalty, which is particularly high
when DNSSEC is used. If <literal>no-negative</literal>, only positive answers are cached.</para>
<para>Note that caching is turned off implicitly if the configured DNS server is on a host-local IP address
(such as 127.0.0.1 or ::1), in order to avoid duplicate local caching.</para></listitem>
<para>Note that caching is turned off by default for host-local DNS servers.
See <varname>CacheFromLocalhost=</varname> for details.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>CacheFromLocalhost=</varname></term>
<listitem><para>Takes a boolean as argument. If <literal>no</literal> (the default), and response cames from
host-local IP address (such as 127.0.0.1 or ::1), the result wouldn't be cached in order to avoid
potential duplicate local caching.</para>
</listitem>
</varlistentry>
<varlistentry>

8
src/resolve/resolved-dns-packet.h
View File

@ -221,14 +221,6 @@ void dns_packet_rewind(DnsPacket *p, size_t idx);
int dns_packet_skip_question(DnsPacket *p);
int dns_packet_extract(DnsPacket *p);
static inline bool DNS_PACKET_SHALL_CACHE(DnsPacket *p) {
/* Never cache data originating from localhost, under the
* assumption, that it's coming from a locally DNS forwarder
* or server, that is caching on its own. */
return in_addr_is_localhost(p->family, &p->sender) == 0;
}
/* https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-6 */
enum {
DNS_RCODE_SUCCESS = 0,

8
src/resolve/resolved-dns-transaction.c
View File

@ -682,11 +682,9 @@ static void dns_transaction_cache_answer(DnsTransaction *t) {
if (t->scope->manager->enable_cache == DNS_CACHE_MODE_NO)
return;
/* We never cache if this packet is from the local host, under
* the assumption that a locally running DNS server would
* cache this anyway, and probably knows better when to flush
* the cache then we could. */
if (!DNS_PACKET_SHALL_CACHE(t->received))
/* Packet from localhost? */
if (!t->scope->manager->cache_from_localhost &&
in_addr_is_localhost(t->received->family, &t->received->sender) != 0)
return;
dns_cache_put(&t->scope->cache,

1
src/resolve/resolved-dns-transaction.h
View File

@ -2,6 +2,7 @@
#pragma once
#include "sd-event.h"
#include "in-addr-util.h"
typedef struct DnsTransaction DnsTransaction;
typedef enum DnsTransactionState DnsTransactionState;

1
src/resolve/resolved-gperf.gperf
View File

@ -30,3 +30,4 @@ Resolve.DNSStubListener, config_parse_dns_stub_listener_mode, 0,
Resolve.ReadEtcHosts, config_parse_bool, 0, offsetof(Manager, read_etc_hosts)
Resolve.ResolveUnicastSingleLabel, config_parse_bool, 0, offsetof(Manager, resolve_unicast_single_label)
Resolve.DNSStubListenerExtra, config_parse_dns_stub_listener_extra, 0, offsetof(Manager, dns_extra_stub_listeners)
Resolve.CacheFromLocalhost, config_parse_bool, 0, offsetof(Manager, cache_from_localhost)

1
src/resolve/resolved-manager.h
View File

@ -39,6 +39,7 @@ struct Manager {
DnssecMode dnssec_mode;
DnsOverTlsMode dns_over_tls_mode;
DnsCacheMode enable_cache;
bool cache_from_localhost;
DnsStubListenerMode dns_stub_listener_mode;
#if ENABLE_DNS_OVER_TLS

1
src/resolve/resolved.conf.in
View File

@ -24,6 +24,7 @@
#MulticastDNS=@DEFAULT_MDNS_MODE@
#LLMNR=@DEFAULT_LLMNR_MODE@
#Cache=yes
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes

1
test/fuzz/fuzz-unit-file/directives.service
View File

@ -374,6 +374,7 @@ Bond=
Bridge=
Broadcast=
Cache=
CacheFromLocalhost=
ClientIdentifier=
ConfigureWithoutCarrier=
CopyDSCP=