/src/pdns/pdns/dnsdistdist/packetcache.hh

Source
/*
 * This file is part of PowerDNS or dnsdist.
 * Copyright -- PowerDNS.COM B.V. and its contributors
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2 of the GNU General Public License as
 * published by the Free Software Foundation.
 *
 * In addition, for the avoidance of any doubt, permission is granted to
 * link this program with OpenSSL and to (re)distribute the binaries
 * produced as the result of such linking.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#pragma once
#include "ednsoptions.hh"
#include "misc.hh"
#include "iputils.hh"

class PacketCache : public boost::noncopyable
{
public:

  /* hash the packet from the provided position, which should point right after tje qname. This skips:
     - the query ID ;
     - EDNS Cookie options, if any ;
     - Any given option code present in optionsToSkip
  */
  static uint32_t hashAfterQname(const std::string_view& packet, uint32_t currentHash, size_t pos, const std::unordered_set<uint16_t>& optionsToSkip = {EDNSOptionCode::COOKIE}, const std::vector<uint16_t>& payloadRanks = {})
  {
    const size_t packetSize = packet.size();
    assert(packetSize >= sizeof(dnsheader));

    /* we need at least 2 (QTYPE) + 2 (QCLASS)

       + OPT root label (1), type (2), class (2) and ttl (4)
       + the OPT RR rdlen (2)
       = 15
    */
    const dnsheader_aligned dnsheaderdata(packet.data());
    const struct dnsheader *dh = dnsheaderdata.get();
    if (ntohs(dh->qdcount) != 1 || ntohs(dh->ancount) != 0 || ntohs(dh->nscount) != 0 || ntohs(dh->arcount) != 1 || (pos + 15) > packetSize) {
      if (packetSize > pos) {
        currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), packetSize - pos, currentHash);
      }
      return currentHash;
    }

    if (payloadRanks.empty()) {
      currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), 15, currentHash);
    }
    else {
      std::vector<unsigned char> optrr(packet.begin() + pos, packet.begin() + pos + 15);
      uint16_t bufSize = optrr.at(7) * 256 + optrr.at(8);
      auto it = std::upper_bound(payloadRanks.begin(), payloadRanks.end(), bufSize);
      if (it != payloadRanks.begin()) {
        it--;
        optrr[7] = (*it) >> 8;
        optrr[8] = (*it) & 0xff;
      }
      currentHash = burtle(reinterpret_cast<const unsigned char*>(&optrr.at(0)), 15, currentHash);
    }
    if ( (pos + 15) == packetSize ) {
      return currentHash;
    }

    /* skip the qtype (2), qclass (2) */
    /* root label (1), type (2), class (2) and ttl (4) */
    /* already hashed above */
    pos += 13;

    const uint16_t rdLen = ((static_cast<uint16_t>(packet.at(pos)) * 256) + static_cast<uint16_t>(packet.at(pos + 1)));
    /* skip the rd length */
    /* already hashed above */
    pos += 2;

    if (rdLen > (packetSize - pos)) {
      if (pos < packetSize) {
        currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), packetSize - pos, currentHash);
      }
      return currentHash;
    }

    uint16_t rdataRead = 0;
    uint16_t optionCode;
    uint16_t optionLen;

    while (pos < packetSize && rdataRead < rdLen && getNextEDNSOption(&packet.at(pos), rdLen - rdataRead, optionCode, optionLen)) {
      if (optionLen > (rdLen - rdataRead - 4)) {
        if (packetSize > pos) {
          currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), packetSize - pos, currentHash);
        }
        return currentHash;
      }

      if (optionsToSkip.count(optionCode) == 0) {
        /* hash the option code, length and content */
        currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), 4 + optionLen, currentHash);
      }
      else {
        /* skip option: hash only its code and length */
        currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), 4, currentHash);
      }

      pos += 4 + optionLen;
      rdataRead += 4 + optionLen;
    }

    if (pos < packetSize) {
      currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), packetSize - pos, currentHash);
    }

    return currentHash;
  }

  static uint32_t hashHeaderAndQName(const std::string& packet, size_t& pos)
  {
    const size_t packetSize = packet.size();
    assert(packetSize >= sizeof(dnsheader));
    // Quite some bits in the header are actually irrelevant for
    // incoming queries.  If we ever change that and ignore them for
    // hashing, don't forget to also adapt the `queryHeaderMatches`
    // code, as it should be consistent with the hash function.
    uint32_t currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(2)), sizeof(dnsheader) - 2, 0); // rest of dnsheader, skip id

    for (pos = sizeof(dnsheader); pos < packetSize; ) {
      const unsigned char labelLen = static_cast<unsigned char>(packet.at(pos));
      ++pos;
      if (labelLen == 0) {
        break;
      }
      pos = std::min(pos + labelLen, packetSize);
    }
    return burtleCI(reinterpret_cast<const unsigned char*>(&packet.at(sizeof(dnsheader))), pos - sizeof(dnsheader), currentHash);
  }

  /* hash the packet from the beginning, including the qname. This skips:
     - the query ID ;
     - EDNS Cookie options, if any ;
     - Any given option code present in optionsToSkip
  */
  static uint32_t canHashPacket(const std::string& packet, const std::unordered_set<uint16_t>& optionsToSkip = {EDNSOptionCode::COOKIE})
  {
    size_t pos = 0;
    uint32_t currentHash = hashHeaderAndQName(packet, pos);

    if (pos >= packet.size()) {
      return currentHash;
    }

    return hashAfterQname(packet, currentHash, pos, optionsToSkip);
  }

  static bool queryHeaderMatches(const std::string& cachedQuery, const std::string& query)
  {
    if (cachedQuery.size() != query.size()) {
      return false;
    }

    return (cachedQuery.compare(/* skip the ID */ 2, sizeof(dnsheader) - 2, query, 2, sizeof(dnsheader) - 2) == 0);
  }

  static bool queryMatches(const std::string& cachedQuery, const std::string& query, const DNSName& qname, const std::unordered_set<uint16_t>& optionsToIgnore)
  {
    const size_t querySize = query.size();
    const size_t cachedQuerySize = cachedQuery.size();
    if (querySize != cachedQuerySize) {
      return false;
    }

    if (!queryHeaderMatches(cachedQuery, query)) {
      return false;
    }

    size_t pos = sizeof(dnsheader) + qname.wirelength();

    /* we need at least 2 (QTYPE) + 2 (QCLASS)
       + OPT root label (1), type (2), class (2) and ttl (4)
       + the OPT RR rdlen (2)
       = 15
    */
    const dnsheader_aligned dnsheaderdata(query.data());
    const struct dnsheader* dh = dnsheaderdata.get();
    if (ntohs(dh->qdcount) != 1 || ntohs(dh->ancount) != 0 || ntohs(dh->nscount) != 0 || ntohs(dh->arcount) != 1 || (pos + 15) >= querySize || optionsToIgnore.empty()) {
      return cachedQuery.compare(pos, cachedQuerySize - pos, query, pos, querySize - pos) == 0;
    }

    /* compare up to the first option, if any */
    if (cachedQuery.compare(pos, 15, query, pos, 15) != 0) {
      return false;
    }

    /* skip the qtype (2), qclass (2) */
    /* root label (1), type (2), class (2) and ttl (4) */
    /* already compared above */
    pos += 13;

    const uint16_t rdLen = ((static_cast<unsigned char>(query.at(pos)) * 256) + static_cast<unsigned char>(query.at(pos + 1)));
    /* skip the rd length */
    /* already compared above */
    pos += sizeof(uint16_t);

    if (rdLen > (querySize - pos)) {
      /* something is wrong, let's just compare everything */
      return cachedQuery.compare(pos, cachedQuerySize - pos, query, pos, querySize - pos) == 0;
    }

    uint16_t rdataRead = 0;
    uint16_t optionCode;
    uint16_t optionLen;

    while (pos < querySize && rdataRead < rdLen && getNextEDNSOption(&query.at(pos), rdLen - rdataRead, optionCode, optionLen)) {
      if (optionLen > (rdLen - rdataRead)) {
        return cachedQuery.compare(pos, cachedQuerySize - pos, query, pos, querySize - pos) == 0;
      }

      /* compare the option code and length */
      if (cachedQuery.compare(pos, 4, query, pos, 4) != 0) {
        return false;
      }
      pos += 4;
      rdataRead += 4;

      if (optionLen > 0 && optionsToIgnore.count(optionCode) == 0) {
        if (cachedQuery.compare(pos, optionLen, query, pos, optionLen) != 0) {
          return false;
        }
      }
      pos += optionLen;
      rdataRead += optionLen;
    }

    if (pos >= querySize) {
        return true;
    }

    return cachedQuery.compare(pos, cachedQuerySize - pos, query, pos, querySize - pos) == 0;
  }

};

Coverage Report

Created: 2026-03-08 06:22

Line	Count	Source
1		/*
2		* This file is part of PowerDNS or dnsdist.
3		* Copyright -- PowerDNS.COM B.V. and its contributors
4		*
5		* This program is free software; you can redistribute it and/or modify
6		* it under the terms of version 2 of the GNU General Public License as
7		* published by the Free Software Foundation.
8		*
9		* In addition, for the avoidance of any doubt, permission is granted to
10		* link this program with OpenSSL and to (re)distribute the binaries
11		* produced as the result of such linking.
12		*
13		* This program is distributed in the hope that it will be useful,
14		* but WITHOUT ANY WARRANTY; without even the implied warranty of
15		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16		* GNU General Public License for more details.
17		*
18		* You should have received a copy of the GNU General Public License
19		* along with this program; if not, write to the Free Software
20		* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21		*/
22		#pragma once
23		#include "ednsoptions.hh"
24		#include "misc.hh"
25		#include "iputils.hh"
26
27		class PacketCache : public boost::noncopyable
28		{
29		public:
30
31		/* hash the packet from the provided position, which should point right after tje qname. This skips:
32		- the query ID ;
33		- EDNS Cookie options, if any ;
34		- Any given option code present in optionsToSkip
35		*/
36		static uint32_t hashAfterQname(const std::string_view& packet, uint32_t currentHash, size_t pos, const std::unordered_set<uint16_t>& optionsToSkip = {EDNSOptionCode::COOKIE}, const std::vector<uint16_t>& payloadRanks = {})
37	2.10k	{
38	2.10k	const size_t packetSize = packet.size();
39	2.10k	assert(packetSize >= sizeof(dnsheader));
40
41		/* we need at least 2 (QTYPE) + 2 (QCLASS)
42
43		+ OPT root label (1), type (2), class (2) and ttl (4)
44		+ the OPT RR rdlen (2)
45		= 15
46		*/
47	2.10k	const dnsheader_aligned dnsheaderdata(packet.data());
48	2.10k	const struct dnsheader *dh = dnsheaderdata.get();
49	2.10k	if (ntohs(dh->qdcount) != 1 \|\| ntohs(dh->ancount) != 0 \|\| ntohs(dh->nscount) != 0 \|\| ntohs(dh->arcount) != 1 \|\| (pos + 15) > packetSize) {
50	572	if (packetSize > pos) {
51	572	currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), packetSize - pos, currentHash);
52	572	}
53	572	return currentHash;
54	572	}
55
56	1.52k	if (payloadRanks.empty()) {
57	1.52k	currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), 15, currentHash);
58	1.52k	}
59	0	else {
60	0	std::vector<unsigned char> optrr(packet.begin() + pos, packet.begin() + pos + 15);
61	0	uint16_t bufSize = optrr.at(7) * 256 + optrr.at(8);
62	0	auto it = std::upper_bound(payloadRanks.begin(), payloadRanks.end(), bufSize);
63	0	if (it != payloadRanks.begin()) {
64	0	it--;
65	0	optrr[7] = (*it) >> 8;
66	0	optrr[8] = (*it) & 0xff;
67	0	}
68	0	currentHash = burtle(reinterpret_cast<const unsigned char*>(&optrr.at(0)), 15, currentHash);
69	0	}
70	1.52k	if ( (pos + 15) == packetSize ) {
71	58	return currentHash;
72	58	}
73
74		/* skip the qtype (2), qclass (2) */
75		/* root label (1), type (2), class (2) and ttl (4) */
76		/* already hashed above */
77	1.47k	pos += 13;
78
79	1.47k	const uint16_t rdLen = ((static_cast<uint16_t>(packet.at(pos)) * 256) + static_cast<uint16_t>(packet.at(pos + 1)));
80		/* skip the rd length */
81		/* already hashed above */
82	1.47k	pos += 2;
83
84	1.47k	if (rdLen > (packetSize - pos)) {
85	272	if (pos < packetSize) {
86	272	currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), packetSize - pos, currentHash);
87	272	}
88	272	return currentHash;
89	272	}
90
91	1.19k	uint16_t rdataRead = 0;
92	1.19k	uint16_t optionCode;
93	1.19k	uint16_t optionLen;
94
95	27.2k	while (pos < packetSize && rdataRead < rdLen && getNextEDNSOption(&packet.at(pos), rdLen - rdataRead, optionCode, optionLen)) {
96	26.5k	if (optionLen > (rdLen - rdataRead - 4)) {
97	461	if (packetSize > pos) {
98	461	currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), packetSize - pos, currentHash);
99	461	}
100	461	return currentHash;
101	461	}
102
103	26.0k	if (optionsToSkip.count(optionCode) == 0) {
104		/* hash the option code, length and content */
105	24.5k	currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), 4 + optionLen, currentHash);
106	24.5k	}
107	1.49k	else {
108		/* skip option: hash only its code and length */
109	1.49k	currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), 4, currentHash);
110	1.49k	}
111
112	26.0k	pos += 4 + optionLen;
113	26.0k	rdataRead += 4 + optionLen;
114	26.0k	}
115
116	738	if (pos < packetSize) {
117	407	currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(pos)), packetSize - pos, currentHash);
118	407	}
119
120	738	return currentHash;
121	1.19k	}
122
123		static uint32_t hashHeaderAndQName(const std::string& packet, size_t& pos)
124		{
125		const size_t packetSize = packet.size();
126		assert(packetSize >= sizeof(dnsheader));
127		// Quite some bits in the header are actually irrelevant for
128		// incoming queries. If we ever change that and ignore them for
129		// hashing, don't forget to also adapt the `queryHeaderMatches`
130		// code, as it should be consistent with the hash function.
131		uint32_t currentHash = burtle(reinterpret_cast<const unsigned char*>(&packet.at(2)), sizeof(dnsheader) - 2, 0); // rest of dnsheader, skip id
132
133		for (pos = sizeof(dnsheader); pos < packetSize; ) {
134		const unsigned char labelLen = static_cast<unsigned char>(packet.at(pos));
135		++pos;
136		if (labelLen == 0) {
137		break;
138		}
139		pos = std::min(pos + labelLen, packetSize);
140		}
141		return burtleCI(reinterpret_cast<const unsigned char*>(&packet.at(sizeof(dnsheader))), pos - sizeof(dnsheader), currentHash);
142		}
143
144		/* hash the packet from the beginning, including the qname. This skips:
145		- the query ID ;
146		- EDNS Cookie options, if any ;
147		- Any given option code present in optionsToSkip
148		*/
149		static uint32_t canHashPacket(const std::string& packet, const std::unordered_set<uint16_t>& optionsToSkip = {EDNSOptionCode::COOKIE})
150		{
151		size_t pos = 0;
152		uint32_t currentHash = hashHeaderAndQName(packet, pos);
153
154		if (pos >= packet.size()) {
155		return currentHash;
156		}
157
158		return hashAfterQname(packet, currentHash, pos, optionsToSkip);
159		}
160
161		static bool queryHeaderMatches(const std::string& cachedQuery, const std::string& query)
162		{
163		if (cachedQuery.size() != query.size()) {
164		return false;
165		}
166
167		return (cachedQuery.compare(/* skip the ID */ 2, sizeof(dnsheader) - 2, query, 2, sizeof(dnsheader) - 2) == 0);
168		}
169
170		static bool queryMatches(const std::string& cachedQuery, const std::string& query, const DNSName& qname, const std::unordered_set<uint16_t>& optionsToIgnore)
171		{
172		const size_t querySize = query.size();
173		const size_t cachedQuerySize = cachedQuery.size();
174		if (querySize != cachedQuerySize) {
175		return false;
176		}
177
178		if (!queryHeaderMatches(cachedQuery, query)) {
179		return false;
180		}
181
182		size_t pos = sizeof(dnsheader) + qname.wirelength();
183
184		/* we need at least 2 (QTYPE) + 2 (QCLASS)
185		+ OPT root label (1), type (2), class (2) and ttl (4)
186		+ the OPT RR rdlen (2)
187		= 15
188		*/
189		const dnsheader_aligned dnsheaderdata(query.data());
190		const struct dnsheader* dh = dnsheaderdata.get();
191		if (ntohs(dh->qdcount) != 1 \|\| ntohs(dh->ancount) != 0 \|\| ntohs(dh->nscount) != 0 \|\| ntohs(dh->arcount) != 1 \|\| (pos + 15) >= querySize \|\| optionsToIgnore.empty()) {
192		return cachedQuery.compare(pos, cachedQuerySize - pos, query, pos, querySize - pos) == 0;
193		}
194
195		/* compare up to the first option, if any */
196		if (cachedQuery.compare(pos, 15, query, pos, 15) != 0) {
197		return false;
198		}
199
200		/* skip the qtype (2), qclass (2) */
201		/* root label (1), type (2), class (2) and ttl (4) */
202		/* already compared above */
203		pos += 13;
204
205		const uint16_t rdLen = ((static_cast<unsigned char>(query.at(pos)) * 256) + static_cast<unsigned char>(query.at(pos + 1)));
206		/* skip the rd length */
207		/* already compared above */
208		pos += sizeof(uint16_t);
209
210		if (rdLen > (querySize - pos)) {
211		/* something is wrong, let's just compare everything */
212		return cachedQuery.compare(pos, cachedQuerySize - pos, query, pos, querySize - pos) == 0;
213		}
214
215		uint16_t rdataRead = 0;
216		uint16_t optionCode;
217		uint16_t optionLen;
218
219		while (pos < querySize && rdataRead < rdLen && getNextEDNSOption(&query.at(pos), rdLen - rdataRead, optionCode, optionLen)) {
220		if (optionLen > (rdLen - rdataRead)) {
221		return cachedQuery.compare(pos, cachedQuerySize - pos, query, pos, querySize - pos) == 0;
222		}
223
224		/* compare the option code and length */
225		if (cachedQuery.compare(pos, 4, query, pos, 4) != 0) {
226		return false;
227		}
228		pos += 4;
229		rdataRead += 4;
230
231		if (optionLen > 0 && optionsToIgnore.count(optionCode) == 0) {
232		if (cachedQuery.compare(pos, optionLen, query, pos, optionLen) != 0) {
233		return false;
234		}
235		}
236		pos += optionLen;
237		rdataRead += optionLen;
238		}
239
240		if (pos >= querySize) {
241		return true;
242		}
243
244		return cachedQuery.compare(pos, cachedQuerySize - pos, query, pos, querySize - pos) == 0;
245		}
246
247		};