mirror of
https://github.com/NLnetLabs/unbound.git
synced 2024-09-21 22:57:08 +00:00
Merge pull request #478 from edevil/tcp_auth_query_timeout
Allow configuration of TCP timeout while waiting for response
This commit is contained in:
commit
09b924f35b
@ -1795,7 +1795,8 @@ worker_init(struct worker* worker, struct config_file *cfg,
|
||||
cfg->do_udp || cfg->udp_upstream_without_downstream,
|
||||
worker->daemon->connect_sslctx, cfg->delay_close,
|
||||
cfg->tls_use_sni, dtenv, cfg->udp_connect,
|
||||
cfg->max_reuse_tcp_queries, cfg->tcp_reuse_timeout);
|
||||
cfg->max_reuse_tcp_queries, cfg->tcp_reuse_timeout,
|
||||
cfg->tcp_auth_query_timeout);
|
||||
if(!worker->back) {
|
||||
log_err("could not create outgoing sockets");
|
||||
worker_delete(worker);
|
||||
|
@ -906,6 +906,9 @@ server:
|
||||
# tcp-reuse-timeout: 60000
|
||||
# Max number of queries on a reuse connection.
|
||||
# max-reuse-tcp-queries: 200
|
||||
# Timeout in milliseconds for TCP queries to auth servers.
|
||||
# tcp-auth-query-timeout: 3000
|
||||
|
||||
|
||||
# Python config section. To enable:
|
||||
# o use --with-pythonmodule to configure before compiling.
|
||||
|
@ -460,6 +460,10 @@ The maximum number of queries that can be sent on a persistent TCP
|
||||
connection.
|
||||
This option defaults to 200 queries.
|
||||
.TP
|
||||
.B tcp-auth-query-timeout: \fI<number>\fR
|
||||
Timeout in milliseconds for TCP queries to auth servers.
|
||||
This option defaults to 3000 milliseconds.
|
||||
.TP
|
||||
.B edns-tcp-keepalive: \fI<yes or no>\fR
|
||||
Enable or disable EDNS TCP Keepalive. Default is no.
|
||||
.TP
|
||||
|
@ -242,7 +242,8 @@ libworker_setup(struct ub_ctx* ctx, int is_bg, struct ub_event_base* eb)
|
||||
cfg->outgoing_tcp_mss, &libworker_alloc_cleanup, w,
|
||||
cfg->do_udp || cfg->udp_upstream_without_downstream, w->sslctx,
|
||||
cfg->delay_close, cfg->tls_use_sni, NULL, cfg->udp_connect,
|
||||
cfg->max_reuse_tcp_queries, cfg->tcp_reuse_timeout);
|
||||
cfg->max_reuse_tcp_queries, cfg->tcp_reuse_timeout,
|
||||
cfg->tcp_auth_query_timeout);
|
||||
w->env->outnet = w->back;
|
||||
if(!w->is_bg || w->is_bg_thread) {
|
||||
lock_basic_unlock(&ctx->cfglock);
|
||||
|
@ -1404,7 +1404,8 @@ outside_network_create(struct comm_base *base, size_t bufsize,
|
||||
int numavailports, size_t unwanted_threshold, int tcp_mss,
|
||||
void (*unwanted_action)(void*), void* unwanted_param, int do_udp,
|
||||
void* sslctx, int delayclose, int tls_use_sni, struct dt_env* dtenv,
|
||||
int udp_connect, int max_reuse_tcp_queries, int tcp_reuse_timeout)
|
||||
int udp_connect, int max_reuse_tcp_queries, int tcp_reuse_timeout,
|
||||
int tcp_auth_query_timeout)
|
||||
{
|
||||
struct outside_network* outnet = (struct outside_network*)
|
||||
calloc(1, sizeof(struct outside_network));
|
||||
@ -1418,6 +1419,7 @@ outside_network_create(struct comm_base *base, size_t bufsize,
|
||||
outnet->num_tcp = num_tcp;
|
||||
outnet->max_reuse_tcp_queries = max_reuse_tcp_queries;
|
||||
outnet->tcp_reuse_timeout= tcp_reuse_timeout;
|
||||
outnet->tcp_auth_query_timeout = tcp_auth_query_timeout;
|
||||
outnet->num_tcp_outgoing = 0;
|
||||
outnet->infra = infra;
|
||||
outnet->rnd = rnd;
|
||||
@ -2875,7 +2877,7 @@ serviced_tcp_initiate(struct serviced_query* sq, sldns_buffer* buff)
|
||||
sq->status==serviced_query_TCP_EDNS?"EDNS":"");
|
||||
serviced_encode(sq, buff, sq->status == serviced_query_TCP_EDNS);
|
||||
sq->last_sent_time = *sq->outnet->now_tv;
|
||||
sq->pending = pending_tcp_query(sq, buff, TCP_AUTH_QUERY_TIMEOUT,
|
||||
sq->pending = pending_tcp_query(sq, buff, sq->outnet->tcp_auth_query_timeout,
|
||||
serviced_tcp_callback, sq);
|
||||
if(!sq->pending) {
|
||||
/* delete from tree so that a retry by above layer does not
|
||||
@ -2903,10 +2905,10 @@ serviced_tcp_send(struct serviced_query* sq, sldns_buffer* buff)
|
||||
sq->last_sent_time = *sq->outnet->now_tv;
|
||||
if(sq->tcp_upstream || sq->ssl_upstream) {
|
||||
timeout = rtt;
|
||||
if(rtt >= UNKNOWN_SERVER_NICENESS && rtt < TCP_AUTH_QUERY_TIMEOUT)
|
||||
timeout = TCP_AUTH_QUERY_TIMEOUT;
|
||||
if(rtt >= UNKNOWN_SERVER_NICENESS && rtt < sq->outnet->tcp_auth_query_timeout)
|
||||
timeout = sq->outnet->tcp_auth_query_timeout;
|
||||
} else {
|
||||
timeout = TCP_AUTH_QUERY_TIMEOUT;
|
||||
timeout = sq->outnet->tcp_auth_query_timeout;
|
||||
}
|
||||
sq->pending = pending_tcp_query(sq, buff, timeout,
|
||||
serviced_tcp_callback, sq);
|
||||
|
@ -162,6 +162,8 @@ struct outside_network {
|
||||
size_t max_reuse_tcp_queries;
|
||||
/** timeout for REUSE entries in milliseconds. */
|
||||
int tcp_reuse_timeout;
|
||||
/** timeout in milliseconds for TCP queries to auth servers. */
|
||||
int tcp_auth_query_timeout;
|
||||
/**
|
||||
* tree of still-open and waiting tcp connections for reuse.
|
||||
* can be closed and reopened to get a new tcp connection.
|
||||
@ -541,6 +543,7 @@ struct serviced_query {
|
||||
* @param udp_connect: if the udp_connect option is enabled.
|
||||
* @param max_reuse_tcp_queries: max number of queries on a reuse connection.
|
||||
* @param tcp_reuse_timeout: timeout for REUSE entries in milliseconds.
|
||||
* @param tcp_auth_query_timeout: timeout in milliseconds for TCP queries to auth servers.
|
||||
* @return: the new structure (with no pending answers) or NULL on error.
|
||||
*/
|
||||
struct outside_network* outside_network_create(struct comm_base* base,
|
||||
@ -550,7 +553,8 @@ struct outside_network* outside_network_create(struct comm_base* base,
|
||||
int numavailports, size_t unwanted_threshold, int tcp_mss,
|
||||
void (*unwanted_action)(void*), void* unwanted_param, int do_udp,
|
||||
void* sslctx, int delayclose, int tls_use_sni, struct dt_env *dtenv,
|
||||
int udp_connect, int max_reuse_tcp_queries, int tcp_reuse_timeout);
|
||||
int udp_connect, int max_reuse_tcp_queries, int tcp_reuse_timeout,
|
||||
int tcp_auth_query_timeout);
|
||||
|
||||
/**
|
||||
* Delete outside_network structure.
|
||||
|
@ -1047,7 +1047,8 @@ outside_network_create(struct comm_base* base, size_t bufsize,
|
||||
int ATTR_UNUSED(do_udp), void* ATTR_UNUSED(sslctx),
|
||||
int ATTR_UNUSED(delayclose), int ATTR_UNUSED(tls_use_sni),
|
||||
struct dt_env* ATTR_UNUSED(dtenv), int ATTR_UNUSED(udp_connect),
|
||||
int ATTR_UNUSED(max_reuse_tcp_queries), int ATTR_UNUSED(tcp_reuse_timeout))
|
||||
int ATTR_UNUSED(max_reuse_tcp_queries), int ATTR_UNUSED(tcp_reuse_timeout),
|
||||
int ATTR_UNUSED(tcp_auth_query_timeout))
|
||||
{
|
||||
struct replay_runtime* runtime = (struct replay_runtime*)base;
|
||||
struct outside_network* outnet = calloc(1,
|
||||
|
@ -112,6 +112,7 @@ config_create(void)
|
||||
cfg->tcp_mss = 0;
|
||||
cfg->outgoing_tcp_mss = 0;
|
||||
cfg->tcp_idle_timeout = 30 * 1000; /* 30s in millisecs */
|
||||
cfg->tcp_auth_query_timeout = 3 * 1000; /* 3s in millisecs */
|
||||
cfg->do_tcp_keepalive = 0;
|
||||
cfg->tcp_keepalive_timeout = 120 * 1000; /* 120s in millisecs */
|
||||
cfg->ssl_service_key = NULL;
|
||||
@ -519,6 +520,7 @@ int config_set_option(struct config_file* cfg, const char* opt,
|
||||
udp_upstream_without_downstream)
|
||||
else S_NUMBER_NONZERO("tcp-mss:", tcp_mss)
|
||||
else S_NUMBER_NONZERO("outgoing-tcp-mss:", outgoing_tcp_mss)
|
||||
else S_NUMBER_NONZERO("tcp-auth-query-timeout:", tcp_auth_query_timeout)
|
||||
else S_NUMBER_NONZERO("tcp-idle-timeout:", tcp_idle_timeout)
|
||||
else S_NUMBER_NONZERO("max-reuse-tcp-queries:", max_reuse_tcp_queries)
|
||||
else S_NUMBER_NONZERO("tcp-reuse-timeout:", tcp_reuse_timeout)
|
||||
@ -1011,6 +1013,7 @@ config_get_option(struct config_file* cfg, const char* opt,
|
||||
else O_YNO(opt, "udp-upstream-without-downstream", udp_upstream_without_downstream)
|
||||
else O_DEC(opt, "tcp-mss", tcp_mss)
|
||||
else O_DEC(opt, "outgoing-tcp-mss", outgoing_tcp_mss)
|
||||
else O_DEC(opt, "tcp-auth-query-timeout", tcp_auth_query_timeout)
|
||||
else O_DEC(opt, "tcp-idle-timeout", tcp_idle_timeout)
|
||||
else O_DEC(opt, "max-reuse-tcp-queries", max_reuse_tcp_queries)
|
||||
else O_DEC(opt, "tcp-reuse-timeout", tcp_reuse_timeout)
|
||||
|
@ -97,6 +97,8 @@ struct config_file {
|
||||
size_t max_reuse_tcp_queries;
|
||||
/** timeout for REUSE entries in milliseconds. */
|
||||
int tcp_reuse_timeout;
|
||||
/** timeout in milliseconds for TCP queries to auth servers. */
|
||||
int tcp_auth_query_timeout;
|
||||
/** tcp upstream queries (no UDP upstream queries) */
|
||||
int tcp_upstream;
|
||||
/** udp upstream enabled when no UDP downstream is enabled (do_udp no)*/
|
||||
|
7081
util/configlexer.c
7081
util/configlexer.c
File diff suppressed because it is too large
Load Diff
@ -237,6 +237,7 @@ outgoing-tcp-mss{COLON} { YDVAR(1, VAR_OUTGOING_TCP_MSS) }
|
||||
tcp-idle-timeout{COLON} { YDVAR(1, VAR_TCP_IDLE_TIMEOUT) }
|
||||
max-reuse-tcp-queries{COLON} { YDVAR(1, VAR_MAX_REUSE_TCP_QUERIES) }
|
||||
tcp-reuse-timeout{COLON} { YDVAR(1, VAR_TCP_REUSE_TIMEOUT) }
|
||||
tcp-auth-query-timeout{COLON} { YDVAR(1, VAR_TCP_AUTH_QUERY_TIMEOUT) }
|
||||
edns-tcp-keepalive{COLON} { YDVAR(1, VAR_EDNS_TCP_KEEPALIVE) }
|
||||
edns-tcp-keepalive-timeout{COLON} { YDVAR(1, VAR_EDNS_TCP_KEEPALIVE_TIMEOUT) }
|
||||
ssl-upstream{COLON} { YDVAR(1, VAR_SSL_UPSTREAM) }
|
||||
|
9683
util/configparser.c
9683
util/configparser.c
File diff suppressed because it is too large
Load Diff
1050
util/configparser.h
1050
util/configparser.h
File diff suppressed because it is too large
Load Diff
@ -109,7 +109,7 @@ extern struct config_parser_state* cfg_parser;
|
||||
%token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH
|
||||
%token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN
|
||||
%token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS
|
||||
%token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
|
||||
%token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM VAR_TCP_AUTH_QUERY_TIMEOUT
|
||||
%token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
|
||||
%token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE
|
||||
%token VAR_HTTPS_PORT VAR_HTTP_ENDPOINT VAR_HTTP_MAX_STREAMS
|
||||
@ -302,7 +302,7 @@ content_server: server_num_threads | server_verbosity | server_port |
|
||||
server_tls_use_sni | server_edns_client_string |
|
||||
server_edns_client_string_opcode | server_nsid |
|
||||
server_zonemd_permissive_mode | server_max_reuse_tcp_queries |
|
||||
server_tcp_reuse_timeout
|
||||
server_tcp_reuse_timeout | server_tcp_auth_query_timeout
|
||||
|
||||
;
|
||||
stubstart: VAR_STUB_ZONE
|
||||
@ -883,6 +883,17 @@ server_tcp_reuse_timeout: VAR_TCP_REUSE_TIMEOUT STRING_ARG
|
||||
free($2);
|
||||
}
|
||||
;
|
||||
server_tcp_auth_query_timeout: VAR_TCP_AUTH_QUERY_TIMEOUT STRING_ARG
|
||||
{
|
||||
OUTYY(("P(server_tcp_auth_query_timeout:%s)\n", $2));
|
||||
if(atoi($2) == 0 && strcmp($2, "0") != 0)
|
||||
yyerror("number expected");
|
||||
else if (atoi($2) < 1)
|
||||
cfg_parser->cfg->tcp_auth_query_timeout = 0;
|
||||
else cfg_parser->cfg->tcp_auth_query_timeout = atoi($2);
|
||||
free($2);
|
||||
}
|
||||
;
|
||||
server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG
|
||||
{
|
||||
OUTYY(("P(server_tcp_keepalive:%s)\n", $2));
|
||||
|
@ -76,8 +76,6 @@ struct config_strlist;
|
||||
|
||||
/** timeout in milliseconds for UDP queries to auth servers. */
|
||||
#define UDP_AUTH_QUERY_TIMEOUT 3000
|
||||
/** timeout in milliseconds for TCP queries to auth servers. */
|
||||
#define TCP_AUTH_QUERY_TIMEOUT 3000
|
||||
/** Advertised version of EDNS capabilities */
|
||||
#define EDNS_ADVERTISED_VERSION 0
|
||||
/** Advertised size of EDNS capabilities */
|
||||
|
Loading…
Reference in New Issue
Block a user