MEDIUM: resolvers: add supports of TCP nameservers in resolvers.

This patch introduce the new line "server" to set a TCP nameserver in a "resolvers" section: server <name> <address> [param*] Used to configure a DNS TCP or stream server. This supports for all "server" parameters found in 5.2 paragraph. Some of these parameters are irrelevant for DNS resolving. Note: currently 4 queries are pipelined on the same connections. A batch of idle connections are removed every 5 seconds. "maxconn" can be configured to limit the amount of those concurrent connections and TLS should also usable if the server supports . The current implementation limits to 4 pipelined The name of the line in configuration is open to discussion and could be changed before the next release.
2025-01-20 20:50:44 +00:00 · 2021-02-12 20:05:45 +01:00 · 2021-02-12 20:05:45 +01:00 · 56fc5d9ebc
commit 56fc5d9ebc
parent fd647d5f5f
2 changed files with 91 additions and 2 deletions
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@ -14621,11 +14621,19 @@ accepted_payload_size <nb>
  Note: the maximum allowed value is 8192.
 nameserver <id> <ip>:<port>
-  DNS server description:
+  UDP DNS server description:
    <id>   : label of the server, should be unique
    <ip>   : IP address of the server
    <port> : port where the DNS service actually runs
 server <name> <address> [param*]
  Used to configure a DNS TCP or stream server. This supports for all
  "server" parameters found in 5.2 paragraph. Some of these parameters
  are irrelevant for DNS resolving. Note: currently 4 queries are pipelined
  on the same connections. A batch of idle connections are removed every
  5 seconds. "maxconn" can be configured to limit the amount of those
  concurrent connections and TLS should also usable if the server supports.
 parse-resolv-conf
  Adds all nameservers found in /etc/resolv.conf to this resolvers nameservers
  list. Ordered as if each nameserver in /etc/resolv.conf was individually
--- a/src/resolvers.c
+++ b/src/resolvers.c
@ -2097,6 +2097,15 @@ static void resolvers_deinit(void)
 					ring_free(ns->dgram->ring_req);
 				free(ns->dgram);
 			}
 			if (ns->stream) {
 				if (ns->stream->ring_req)
 					ring_free(ns->stream->ring_req);
 				if (ns->stream->task_req)
 					task_destroy(ns->stream->task_req);
 				if (ns->stream->task_rsp)
 					task_destroy(ns->stream->task_rsp);
 				free(ns->stream);
 			}
 			LIST_DEL(&ns->list);
 			EXTRA_COUNTERS_FREE(ns->extra_counters);
 			free(ns);
@ -2881,6 +2890,9 @@ int cfg_parse_resolvers(const char *file, int linenum, char **args, int kwm)
 		LIST_INIT(&curr_resolvers->resolutions.wait);
 		HA_SPIN_INIT(&curr_resolvers->lock);
 	}
 	else if (strcmp(args[0],"server") == 0) {
 		err_code |= parse_server(file, linenum, args, curr_resolvers->px, NULL, 1, 0, 1);
        }
 	else if (strcmp(args[0], "nameserver") == 0) { /* nameserver definition */
 		struct dns_nameserver *newnameserver = NULL;
 		struct sockaddr_storage *sk;
@ -3214,7 +3226,76 @@ resolv_out:
 	free(errmsg);
 	return err_code;
 }
 int cfg_post_parse_resolvers()
 {
 	int err_code = 0;
 	struct server *srv;
-REGISTER_CONFIG_SECTION("resolvers",      cfg_parse_resolvers, NULL);
+	if (curr_resolvers) {
 		/* prepare forward server descriptors */
 		if (curr_resolvers->px) {
 			srv = curr_resolvers->px->srv;
 			while (srv) {
 				struct dns_nameserver *ns;
 				list_for_each_entry(ns, &curr_resolvers->nameservers, list) {
 					/* Error if two resolvers owns the same name */
 					if (strcmp(ns->id, srv->id) == 0) {
 						ha_alert("Parsing [%s:%d]: nameserver '%s' has same name as another nameserver (declared at %s:%d).\n",
 							 srv->conf.file, srv->conf.line, srv->id, ns->conf.file, ns->conf.line);
 						err_code |= ERR_ALERT | ERR_FATAL;
 						break;
 					}
 				}
 				/* init ssl if needed */
 				if (srv->use_ssl == 1 && xprt_get(XPRT_SSL) && xprt_get(XPRT_SSL)->prepare_srv) {
 					if (xprt_get(XPRT_SSL)->prepare_srv(srv)) {
 						ha_alert("unable to prepare SSL for server '%s' in resolvers section '%s'.\n", srv->id, curr_resolvers->id);
 						err_code |= ERR_ALERT | ERR_FATAL;
 						break;
 					}
 				}
 				/* allocate nameserver */
 				ns = calloc(1, sizeof(*ns));
 				if (!ns) {
 					ha_alert("memory allocation error initializing tcp server '%s' in resolvers section '%s'.\n", srv->id, curr_resolvers->id);
 					err_code |= ERR_ALERT | ERR_FATAL;
 					break;
 				}
 				if (dns_stream_init(ns, srv) < 0) {
 					ha_alert("memory allocation error initializing tcp server '%s' in resolvers section '%s'.\n", srv->id, curr_resolvers->id);
 					err_code |= ERR_ALERT|ERR_ABORT;
 					break;
 				}
 				ns->conf.file = strdup(srv->conf.file);
 				if (!ns->conf.file) {
 					ha_alert("memory allocation error initializing tcp server '%s' in resolvers section '%s'.\n", srv->id, curr_resolvers->id);
 					err_code |= ERR_ALERT|ERR_ABORT;
 					break;
 				}
 				ns->id = strdup(srv->id);
 				if (!ns->id) {
 					ha_alert("memory allocation error initializing tcp server '%s' in resolvers section '%s'.\n", srv->id, curr_resolvers->id);
 					err_code |= ERR_ALERT|ERR_ABORT;
 					break;
 				}
 				ns->conf.line = srv->conf.line;
 				ns->process_responses = resolv_process_responses;
 				ns->parent = curr_resolvers;
 				LIST_ADDQ(&curr_resolvers->nameservers, &ns->list);
 				srv = srv->next;
 			}
 		}
 	}
 	curr_resolvers = NULL;
 	return err_code;
 }
 REGISTER_CONFIG_SECTION("resolvers",      cfg_parse_resolvers, cfg_post_parse_resolvers);
 REGISTER_POST_DEINIT(resolvers_deinit);
 REGISTER_CONFIG_POSTPARSER("dns runtime resolver", resolvers_finalize_config);