Hey Petr and Simon, On Thu, 2021-09-09 at 23:35 +0100, Simon Kelley wrote: > Much tidier is to simplify things and add an extra parameter to > log_query which is the type, if type is non-zero, log_query calls > querystr(), so > > log_query(flags, name, addr, querystr("description", type)); > > becomes > > log_query(flags, name, addr, "description", type); >
I agree this is a good solution, patch attached. I hope to have caught all places (I don't have the dependencies to build all possible combinations myself). On Thu, 2021-09-09 at 23:35 +0100, Simon Kelley wrote: > querystr becomes a local function to cache.c or just gets rolled into > log_query(). I did the former. Merging it into log_query() would make an already complex routine even longer. Concerning performance: The loop can at most iterate over 89 entries before it says: "Didn't find". However, for the vast vast majority of cases, the match will be in the first 30ish (AAAA and SRV) as query types behind those are not very likely to be seen. The loop breaks as soon as the match is found. Looking at the gcc11 x86_64 -O2 assembly, there are no surprises, only very few assembler instructions per iteration are needed. The next type integers in the table can always be found 16 bytes after the former. Hence, we just need .FOR_LOOP add rax, 1 cmp rax, 89 je .NOT_FOUND mov rdx, rax movsx rcx, eax sal rdx, 4 cmp DWORD PTR typestr[rdx], r1d jne .FOR_LOOP [... stuff if found ...] Given we call library functions like strlen() and sprintf(), our loop here is surely not any kind of bottleneck. Even if it'd be even larger. Best, Dominik
From e0d56e962e058add871c2d49c0e224d41157057a Mon Sep 17 00:00:00 2001 From: Dominik DL6ER <dl...@dl6er.de> Date: Fri, 10 Sep 2021 10:00:56 +0200 Subject: [PATCH] Move call to querystr() inside log_query() to ensure it is only called when logging is enabled. Signed-off-by: DL6ER <dl...@dl6er.de> --- src/auth.c | 40 +++++++++++++------------- src/cache.c | 10 +++++-- src/dnsmasq.h | 3 +- src/dnssec.c | 16 +++++------ src/domain-match.c | 6 ++-- src/forward.c | 40 +++++++++++++------------- src/rfc1035.c | 70 +++++++++++++++++++++++----------------------- 7 files changed, 93 insertions(+), 92 deletions(-) diff --git a/src/auth.c b/src/auth.c index 172a4b2..7be1613 100644 --- a/src/auth.c +++ b/src/auth.c @@ -210,7 +210,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n if (local_query || in_zone(zone, intr->name, NULL)) { found = 1; - log_query(flag | F_REVERSE | F_CONFIG, intr->name, &addr, NULL); + log_query(flag | F_REVERSE | F_CONFIG, intr->name, &addr, NULL, 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl, NULL, T_PTR, C_IN, "d", intr->name)) @@ -234,7 +234,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n strcat(name, "."); strcat(name, zone->domain); } - log_query(flag | F_DHCP | F_REVERSE, name, &addr, record_source(crecp->uid)); + log_query(flag | F_DHCP | F_REVERSE, name, &addr, record_source(crecp->uid), 0); found = 1; if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl, NULL, @@ -243,7 +243,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n } else if (crecp->flags & (F_DHCP | F_HOSTS) && (local_query || in_zone(zone, name, NULL))) { - log_query(crecp->flags & ~F_FORWARD, name, &addr, record_source(crecp->uid)); + log_query(crecp->flags & ~F_FORWARD, name, &addr, record_source(crecp->uid), 0); found = 1; if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl, NULL, @@ -257,7 +257,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n if (!found && is_rev_synth(flag, &addr, name) && (local_query || in_zone(zone, name, NULL))) { - log_query(F_CONFIG | F_REVERSE | flag, name, &addr, NULL); + log_query(F_CONFIG | F_REVERSE | flag, name, &addr, NULL, 0); found = 1; if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, @@ -269,7 +269,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n if (found) nxdomain = 0; else - log_query(flag | F_NEG | F_NXDOMAIN | F_REVERSE | (auth ? F_AUTH : 0), NULL, &addr, NULL); + log_query(flag | F_NEG | F_NXDOMAIN | F_REVERSE | (auth ? F_AUTH : 0), NULL, &addr, NULL, 0); continue; } @@ -300,7 +300,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n if (rc == 2 && qtype == T_MX) { found = 1; - log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>"); + log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>", 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl, NULL, T_MX, C_IN, "sd", rec->weight, rec->target)) anscount++; @@ -315,7 +315,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n if (rc == 2 && qtype == T_SRV) { found = 1; - log_query(F_CONFIG | F_RRNAME, name, NULL, "<SRV>"); + log_query(F_CONFIG | F_RRNAME, name, NULL, "<SRV>", 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl, NULL, T_SRV, C_IN, "sssd", rec->priority, rec->weight, rec->srvport, rec->target)) @@ -349,7 +349,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n if (rc == 2 && txt->class == qtype) { found = 1; - log_query(F_CONFIG | F_RRNAME, name, NULL, querystr(NULL, txt->class)); + log_query(F_CONFIG | F_RRNAME, name, NULL, NULL, txt->class); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl, NULL, txt->class, C_IN, "t", txt->len, txt->txt)) anscount++; @@ -363,7 +363,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n if (rc == 2 && qtype == T_TXT) { found = 1; - log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>"); + log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>", 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl, NULL, T_TXT, C_IN, "t", txt->len, txt->txt)) anscount++; @@ -377,7 +377,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n if (rc == 2 && qtype == T_NAPTR) { found = 1; - log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>"); + log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>", 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl, NULL, T_NAPTR, C_IN, "sszzzd", na->order, na->pref, na->flags, na->services, na->regexp, na->replace)) @@ -407,7 +407,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n continue; found = 1; - log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL); + log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL, 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl, NULL, qtype, C_IN, qtype == T_A ? "4" : "6", &addrlist->addr)) @@ -420,7 +420,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n found = 1; nxdomain = 0; - log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL); + log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL, 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl, NULL, qtype, C_IN, qtype == T_A ? "4" : "6", &addr)) anscount++; @@ -434,7 +434,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n { auth = soa = 1; /* inhibits auth section */ found = 1; - log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<SOA>"); + log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<SOA>", 0); } else if (qtype == T_AXFR) { @@ -471,14 +471,14 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n axfr = 1; found = 1; axfroffset = nameoffset; - log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<AXFR>"); + log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<AXFR>", 0); } else if (qtype == T_NS) { auth = 1; ns = 1; /* inhibits auth section */ found = 1; - log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<NS>"); + log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<NS>", 0); } } @@ -496,7 +496,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n (local_query || filter_zone(zone, flag, &(crecp->addr)))) { *cut = '.'; /* restore domain part */ - log_query(crecp->flags, name, &crecp->addr, record_source(crecp->uid)); + log_query(crecp->flags, name, &crecp->addr, record_source(crecp->uid), 0); *cut = 0; /* remove domain part */ found = 1; if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, @@ -518,7 +518,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n nxdomain = 0; if ((crecp->flags & flag) && (local_query || filter_zone(zone, flag, &(crecp->addr)))) { - log_query(crecp->flags, name, &crecp->addr, record_source(crecp->uid)); + log_query(crecp->flags, name, &crecp->addr, record_source(crecp->uid), 0); found = 1; if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl, NULL, qtype, C_IN, @@ -566,7 +566,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n if (candidate) { - log_query(F_CONFIG | F_CNAME, name, NULL, NULL); + log_query(F_CONFIG | F_CNAME, name, NULL, NULL, 0); strcpy(name, candidate->target); if (!strchr(name, '.')) { @@ -584,7 +584,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n else if (cache_find_non_terminal(name, now)) nxdomain = 0; - log_query(flag | F_NEG | (nxdomain ? F_NXDOMAIN : 0) | F_FORWARD | F_AUTH, name, NULL, NULL); + log_query(flag | F_NEG | (nxdomain ? F_NXDOMAIN : 0) | F_FORWARD | F_AUTH, name, NULL, NULL, 0); } } @@ -892,7 +892,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n header->nscount = htons(0); addr.log.rcode = REFUSED; addr.log.ede = EDE_NOT_AUTH; - log_query(F_UPSTREAM | F_RCODE, "error", &addr, NULL); + log_query(F_UPSTREAM | F_RCODE, "error", &addr, NULL, 0); return resize_packet(header, ansp - (unsigned char *)header, NULL, 0); } diff --git a/src/cache.c b/src/cache.c index 9a151b4..b3b3c7c 100644 --- a/src/cache.c +++ b/src/cache.c @@ -1855,7 +1855,7 @@ char *record_source(unsigned int index) return "<unknown>"; } -char *querystr(char *desc, unsigned short type) +static char *querystr(char *desc, unsigned short type) { unsigned int i; int len = 10; /* strlen("type=xxxxx") */ @@ -1943,7 +1943,7 @@ static char *edestr(int ede) } } -void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg) +void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg, unsigned short type) { char *source, *dest = arg; char *verb = "is"; @@ -1951,7 +1951,11 @@ void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg) if (!option_bool(OPT_LOG)) return; - + + /* build query type string if requested */ + if(type > 0) + arg = querystr(arg, type); + #ifdef HAVE_DNSSEC if ((flags & F_DNSSECOK) && option_bool(OPT_EXTRALOG)) extra = " (DNSSEC signed)"; diff --git a/src/dnsmasq.h b/src/dnsmasq.h index 8674823..56a3f1d 100644 --- a/src/dnsmasq.h +++ b/src/dnsmasq.h @@ -1245,9 +1245,8 @@ extern struct daemon { /* cache.c */ void cache_init(void); void next_uid(struct crec *crecp); -void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg); +void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg, unsigned short type); char *record_source(unsigned int index); -char *querystr(char *desc, unsigned short type); int cache_find_non_terminal(char *name, time_t now); struct crec *cache_find_by_addr(struct crec *crecp, union all_addr *addr, time_t now, diff --git a/src/dnssec.c b/src/dnssec.c index 153cac4..90818a6 100644 --- a/src/dnssec.c +++ b/src/dnssec.c @@ -954,9 +954,9 @@ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, ch a.log.keytag = keytag; a.log.algo = algo; if (algo_digest_name(algo)) - log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu"); + log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu", 0); else - log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu (not supported)"); + log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu (not supported)", 0); } } } @@ -973,7 +973,7 @@ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, ch return STAT_OK; } - log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DNSKEY"); + log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DNSKEY", 0); return STAT_BOGUS | failflags; } @@ -1012,7 +1012,7 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char if (STAT_ISEQUAL(rc, STAT_INSECURE)) { my_syslog(LOG_WARNING, _("Insecure DS reply received for %s, check domain configuration and upstream DNS server DNSSEC support"), name); - log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DS - not secure"); + log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DS - not secure", 0); return STAT_BOGUS | DNSSEC_FAIL_INDET; } @@ -1025,7 +1025,7 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char from the DS's zone, and not the parent zone. */ if (STAT_ISEQUAL(rc, STAT_NEED_KEY) && hostname_isequal(name, keyname)) { - log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DS"); + log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DS", 0); return STAT_BOGUS; } @@ -1081,9 +1081,9 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char a.log.algo = algo; a.log.digest = digest; if (ds_digest_name(digest) && algo_digest_name(algo)) - log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu"); + log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu", 0); else - log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu (not supported)"); + log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu (not supported)", 0); } } @@ -1116,7 +1116,7 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char cache_end_insert(); - log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, nons ? "no DS/cut" : "no DS"); + log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, nons ? "no DS/cut" : "no DS", 0); } return STAT_OK; diff --git a/src/domain-match.c b/src/domain-match.c index f8e4796..0b0dcd9 100644 --- a/src/domain-match.c +++ b/src/domain-match.c @@ -393,7 +393,7 @@ size_t make_local_answer(int flags, int gotname, size_t size, struct dns_header union all_addr addr; if (flags & (F_NXDOMAIN | F_NOERR)) - log_query(flags | gotname | F_NEG | F_CONFIG | F_FORWARD, name, NULL, NULL); + log_query(flags | gotname | F_NEG | F_CONFIG | F_FORWARD, name, NULL, NULL, 0); setup_reply(header, flags, ede); @@ -412,7 +412,7 @@ size_t make_local_answer(int flags, int gotname, size_t size, struct dns_header header->ancount = htons(ntohs(header->ancount) + 1); add_resource_record(header, limit, &trunc, sizeof(struct dns_header), &p, daemon->local_ttl, NULL, T_A, C_IN, "4", &addr); - log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV6, name, (union all_addr *)&addr, NULL); + log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV6, name, (union all_addr *)&addr, NULL, 0); } if (flags & gotname & F_IPV6) @@ -427,7 +427,7 @@ size_t make_local_answer(int flags, int gotname, size_t size, struct dns_header header->ancount = htons(ntohs(header->ancount) + 1); add_resource_record(header, limit, &trunc, sizeof(struct dns_header), &p, daemon->local_ttl, NULL, T_AAAA, C_IN, "6", &addr); - log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV4, name, (union all_addr *)&addr, NULL); + log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV4, name, (union all_addr *)&addr, NULL, 0); } if (trunc) diff --git a/src/forward.c b/src/forward.c index 3d638e4..434ba77 100644 --- a/src/forward.c +++ b/src/forward.c @@ -119,12 +119,12 @@ static void set_outgoing_mark(struct frec *forward, int fd) } #endif -static void log_query_mysockaddr(unsigned int flags, char *name, union mysockaddr *addr, char *arg) +static void log_query_mysockaddr(unsigned int flags, char *name, union mysockaddr *addr, char *arg, unsigned short type) { if (addr->sa.sa_family == AF_INET) - log_query(flags | F_IPV4, name, (union all_addr *)&addr->in.sin_addr, arg); + log_query(flags | F_IPV4, name, (union all_addr *)&addr->in.sin_addr, arg, type); else - log_query(flags | F_IPV6, name, (union all_addr *)&addr->in6.sin6_addr, arg); + log_query(flags | F_IPV6, name, (union all_addr *)&addr->in6.sin6_addr, arg, type); } static void server_send(struct server *server, int fd, @@ -138,12 +138,13 @@ static void server_send(struct server *server, int fd, #ifdef HAVE_DNSSEC static void server_send_log(struct server *server, int fd, const void *header, size_t plen, int dumpflags, - unsigned int logflags, char *name, char *arg) + unsigned int logflags, char *name, char *arg, + unsigned short type) { #ifdef HAVE_DUMPFILE dump_packet(dumpflags, (void *)header, (size_t)plen, NULL, &server->addr); #endif - log_query_mysockaddr(logflags, name, &server->addr, arg); + log_query_mysockaddr(logflags, name, &server->addr, arg, type); server_send(server, fd, header, plen, 0); } #endif @@ -494,12 +495,12 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr, if (!gotname) strcpy(daemon->namebuff, "query"); log_query_mysockaddr(F_SERVER | F_FORWARD, daemon->namebuff, - &srv->addr, NULL); + &srv->addr, NULL, 0); } #ifdef HAVE_DNSSEC else log_query_mysockaddr(F_NOEXTRA | F_DNSSEC, daemon->namebuff, &srv->addr, - querystr("dnssec-retry", (forward->flags & FREC_DNSKEY_QUERY) ? T_DNSKEY : T_DS)); + "dnssec-retry", (forward->flags & FREC_DNSKEY_QUERY) ? T_DNSKEY : T_DS); #endif srv->queries++; @@ -653,7 +654,7 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server union all_addr a; a.log.rcode = rcode; a.log.ede = ede; - log_query(F_UPSTREAM | F_RCODE, "error", &a, NULL); + log_query(F_UPSTREAM | F_RCODE, "error", &a, NULL, 0); return resize_packet(header, n, pheader, plen); } @@ -889,7 +890,7 @@ static void dnssec_validate(struct frec *forward, struct dns_header *header, #endif server_send_log(server, fd, header, nn, DUMP_SEC_QUERY, F_NOEXTRA | F_DNSSEC, daemon->keyname, - querystr("dnssec-query", STAT_ISEQUAL(status, STAT_NEED_KEY) ? T_DNSKEY : T_DS)); + "dnssec-query", STAT_ISEQUAL(status, STAT_NEED_KEY) ? T_DNSKEY : T_DS); server->queries++; } @@ -1136,7 +1137,7 @@ static void return_reply(time_t now, struct frec *forward, struct dns_header *he domain = daemon->namebuff; } - log_query(F_SECSTAT, domain, &a, result); + log_query(F_SECSTAT, domain, &a, result, 0); } } #endif @@ -1202,7 +1203,7 @@ static void return_reply(time_t now, struct frec *forward, struct dns_header *he { daemon->log_display_id = src->log_id; daemon->log_source_addr = &src->source; - log_query(F_UPSTREAM, "query", NULL, "duplicate"); + log_query(F_UPSTREAM, "query", NULL, "duplicate", 0); } } } @@ -1509,10 +1510,8 @@ void receive_query(struct listener *listen, time_t now) #ifdef HAVE_AUTH struct auth_zone *zone; #endif - char *types = querystr(auth_dns ? "auth" : "query", type); - log_query_mysockaddr(F_QUERY | F_FORWARD, daemon->namebuff, - &source_addr, types); + &source_addr, auth_dns ? "auth" : "query", type); #ifdef HAVE_CONNTRACK is_single_query = 1; @@ -1808,7 +1807,7 @@ static int tcp_key_recurse(time_t now, int status, struct dns_header *header, si daemon->log_display_id = ++daemon->log_id; log_query_mysockaddr(F_NOEXTRA | F_DNSSEC, keyname, &server->addr, - querystr("dnssec-query", STAT_ISEQUAL(new_status, STAT_NEED_KEY) ? T_DNSKEY : T_DS)); + "dnssec-query", STAT_ISEQUAL(new_status, STAT_NEED_KEY) ? T_DNSKEY : T_DS); new_status = tcp_key_recurse(now, new_status, new_header, m, class, name, keyname, server, have_mark, mark, keycount); @@ -1946,11 +1945,10 @@ unsigned char *tcp_request(int confd, time_t now, #ifdef HAVE_AUTH struct auth_zone *zone; #endif - char *types = querystr(auth_dns ? "auth" : "query", qtype); - + log_query_mysockaddr(F_QUERY | F_FORWARD, daemon->namebuff, - &peer_addr, types); - + &peer_addr, auth_dns ? "auth" : "query", qtype); + #ifdef HAVE_CONNTRACK is_single_query = 1; #endif @@ -2089,7 +2087,7 @@ unsigned char *tcp_request(int confd, time_t now, /* get query name again for logging - may have been overwritten */ if (!(gotname = extract_request(header, (unsigned int)size, daemon->namebuff, &qtype))) strcpy(daemon->namebuff, "query"); - log_query_mysockaddr(F_SERVER | F_FORWARD, daemon->namebuff, &serv->addr, NULL); + log_query_mysockaddr(F_SERVER | F_FORWARD, daemon->namebuff, &serv->addr, NULL, 0); #ifdef HAVE_DNSSEC if (option_bool(OPT_DNSSEC_VALID) && !checking_disabled && (master->flags & SERV_DO_DNSSEC)) @@ -2121,7 +2119,7 @@ unsigned char *tcp_request(int confd, time_t now, domain = daemon->namebuff; } - log_query(F_SECSTAT, domain, &a, result); + log_query(F_SECSTAT, domain, &a, result, 0); } #endif diff --git a/src/rfc1035.c b/src/rfc1035.c index 6e195cc..3a7f3a5 100644 --- a/src/rfc1035.c +++ b/src/rfc1035.c @@ -526,7 +526,7 @@ static int print_txt(struct dns_header *header, const size_t qlen, char *name, } *p3 = 0; - log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, (char*)p1); + log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, (char*)p1, 0); /* restore */ memmove(p1 + 1, p1, i); *p1 = len; @@ -643,7 +643,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t #endif if (aqtype == T_CNAME) - log_query(secflag | F_CNAME | F_FORWARD | F_UPSTREAM, name, NULL, NULL); + log_query(secflag | F_CNAME | F_FORWARD | F_UPSTREAM, name, NULL, NULL, 0); if (!extract_name(header, qlen, &p1, name, 1, 0)) return 0; @@ -661,10 +661,10 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t found = 1; if (!name_encoding) - log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, querystr(NULL, aqtype)); + log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, NULL, aqtype); else { - log_query(name_encoding | secflag | F_REVERSE | F_UPSTREAM, name, &addr, NULL); + log_query(name_encoding | secflag | F_REVERSE | F_UPSTREAM, name, &addr, NULL, 0); if (insert) cache_insert(name, &addr, C_IN, now, cttl, name_encoding | secflag | F_REVERSE); } @@ -691,7 +691,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t cache_insert(NULL, &addr, C_IN, now, ttl, flags); } - log_query(flags | F_UPSTREAM, name, &addr, NULL); + log_query(flags | F_UPSTREAM, name, &addr, NULL, 0); } } else @@ -762,7 +762,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t if (!cname_count--) return 0; /* looped CNAMES */ - log_query(secflag | F_CNAME | F_FORWARD | F_UPSTREAM, name, NULL, NULL); + log_query(secflag | F_CNAME | F_FORWARD | F_UPSTREAM, name, NULL, NULL, 0); if (insert) { @@ -797,7 +797,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t #ifdef HAVE_DNSSEC if (!option_bool(OPT_DNSSEC_VALID) || aqtype != T_RRSIG) #endif - log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, querystr(NULL, aqtype)); + log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, NULL, aqtype); } else if (!(flags & F_NXDOMAIN)) { @@ -847,7 +847,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t ipsets_cur = ipsets; while (*ipsets_cur) { - log_query((flags & (F_IPV4 | F_IPV6)) | F_IPSET, name, &addr, *ipsets_cur); + log_query((flags & (F_IPV4 | F_IPV6)) | F_IPSET, name, &addr, *ipsets_cur, 0); add_to_ipset(*ipsets_cur++, &addr, flags, 0); } } @@ -872,7 +872,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t return 0; } else - log_query(flags | F_FORWARD | secflag | F_UPSTREAM, name, &addr, querystr(NULL, aqtype)); + log_query(flags | F_FORWARD | secflag | F_UPSTREAM, name, &addr, NULL, aqtype); } p1 = endrr; @@ -891,7 +891,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t insert = 1; } - log_query(F_UPSTREAM | F_FORWARD | F_NEG | flags | (secure ? F_DNSSECOK : 0), name, NULL, NULL); + log_query(F_UPSTREAM | F_FORWARD | F_NEG | flags | (secure ? F_DNSSECOK : 0), name, NULL, NULL, 0); if (!searched_soa) { @@ -1089,7 +1089,7 @@ void setup_reply(struct dns_header *header, unsigned int flags, int ede) union all_addr a; a.log.rcode = REFUSED; a.log.ede = ede; - log_query(F_CONFIG | F_RCODE, "error", &a, NULL); + log_query(F_CONFIG | F_RCODE, "error", &a, NULL, 0); SET_RCODE(header, REFUSED); } } @@ -1459,7 +1459,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, if (qtype == T_CNAME) { if (!dryrun) - log_query(crecp->flags, name, NULL, record_source(crecp->uid)); + log_query(crecp->flags, name, NULL, record_source(crecp->uid), 0); auth = 0; nxdomain = 1; ans = 1; @@ -1481,7 +1481,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, if (!dryrun) { - log_query(crecp->flags, name, NULL, record_source(crecp->uid)); + log_query(crecp->flags, name, NULL, record_source(crecp->uid), 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, crec_ttl(crecp, now), &nameoffset, T_CNAME, C_IN, "d", cname_target)) @@ -1521,7 +1521,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, #endif if (ok) { - log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>"); + log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>", 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, ttl, NULL, T_TXT, t->class, "t", t->len, t->txt)) @@ -1543,7 +1543,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, if (!dryrun) { addr.log.rcode = NOTIMP; - log_query(F_CONFIG | F_RCODE, name, &addr, NULL); + log_query(F_CONFIG | F_RCODE, name, &addr, NULL, 0); } ans = 1, sec_data = 0; } @@ -1561,7 +1561,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, sec_data = 0; if (!dryrun) { - log_query(F_CONFIG | F_RRNAME, name, NULL, querystr(NULL, t->class)); + log_query(F_CONFIG | F_RRNAME, name, NULL, NULL, t->class); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, NULL, t->class, C_IN, "t", t->len, t->txt)) @@ -1617,7 +1617,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, ans = 1; if (!dryrun) { - log_query(is_arpa | F_REVERSE | F_CONFIG, intr->name, &addr, NULL); + log_query(is_arpa | F_REVERSE | F_CONFIG, intr->name, &addr, NULL, 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, NULL, T_PTR, C_IN, "d", intr->name)) @@ -1630,7 +1630,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, sec_data = 0; if (!dryrun) { - log_query(F_CONFIG | F_RRNAME, name, NULL, "<PTR>"); + log_query(F_CONFIG | F_RRNAME, name, NULL, "<PTR>", 0); for (ptr = daemon->ptr; ptr; ptr = ptr->next) if (hostname_isequal(name, ptr->name) && add_resource_record(header, limit, &trunc, nameoffset, &ansp, @@ -1665,7 +1665,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, if (crecp->flags & F_NXDOMAIN) nxdomain = 1; if (!dryrun) - log_query(crecp->flags & ~F_FORWARD, name, &addr, NULL); + log_query(crecp->flags & ~F_FORWARD, name, &addr, NULL, 0); } else { @@ -1674,7 +1674,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, if (!dryrun) { log_query(crecp->flags & ~F_FORWARD, cache_get_name(crecp), &addr, - record_source(crecp->uid)); + record_source(crecp->uid), 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, crec_ttl(crecp, now), NULL, @@ -1691,7 +1691,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, sec_data = 0; if (!dryrun) { - log_query(F_CONFIG | F_REVERSE | is_arpa, name, &addr, NULL); + log_query(F_CONFIG | F_REVERSE | is_arpa, name, &addr, NULL, 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, NULL, @@ -1709,7 +1709,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, nxdomain = 1; if (!dryrun) log_query(F_CONFIG | F_REVERSE | is_arpa | F_NEG | F_NXDOMAIN, - name, &addr, NULL); + name, &addr, NULL, 0); } } @@ -1764,7 +1764,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, if (!dryrun) { gotit = 1; - log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL); + log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL, 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, NULL, type, C_IN, type == T_A ? "4" : "6", &addrlist->addr)) @@ -1774,7 +1774,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, } if (!dryrun && !gotit) - log_query(F_FORWARD | F_CONFIG | flag | F_NEG, name, NULL, NULL); + log_query(F_FORWARD | F_CONFIG | flag | F_NEG, name, NULL, NULL, 0); continue; } @@ -1819,7 +1819,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, if (crecp->flags & F_NXDOMAIN) nxdomain = 1; if (!dryrun) - log_query(crecp->flags, name, NULL, NULL); + log_query(crecp->flags, name, NULL, NULL, 0); } else { @@ -1837,7 +1837,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, if (!dryrun) { log_query(crecp->flags & ~F_REVERSE, name, &crecp->addr, - record_source(crecp->uid)); + record_source(crecp->uid), 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, crec_ttl(crecp, now), NULL, type, C_IN, @@ -1852,7 +1852,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, ans = 1, sec_data = 0; if (!dryrun) { - log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL); + log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL, 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, NULL, type, C_IN, type == T_A ? "4" : "6", &addr)) anscount++; @@ -1871,7 +1871,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, if (!dryrun) { int offset; - log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>"); + log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>", 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, &offset, T_MX, C_IN, "sd", rec->weight, rec->target)) { @@ -1889,7 +1889,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, sec_data = 0; if (!dryrun) { - log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>"); + log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>", 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, NULL, T_MX, C_IN, "sd", 1, option_bool(OPT_SELFMX) ? name : daemon->mxtarget)) @@ -1911,7 +1911,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, if (!dryrun) { int offset; - log_query(F_CONFIG | F_RRNAME, name, NULL, "<SRV>"); + log_query(F_CONFIG | F_RRNAME, name, NULL, "<SRV>", 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, &offset, T_SRV, C_IN, "sssd", rec->priority, rec->weight, rec->srvport, rec->target)) @@ -1962,12 +1962,12 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, if (crecp->flags & F_NXDOMAIN) nxdomain = 1; if (!dryrun) - log_query(crecp->flags, name, NULL, NULL); + log_query(crecp->flags, name, NULL, NULL, 0); } else if (!dryrun) { char *target = blockdata_retrieve(crecp->addr.srv.target, crecp->addr.srv.targetlen, NULL); - log_query(crecp->flags, name, NULL, 0); + log_query(crecp->flags, name, NULL, NULL, 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, crec_ttl(crecp, now), NULL, T_SRV, C_IN, "sssd", @@ -1983,7 +1983,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, ans = 1; sec_data = 0; if (!dryrun) - log_query(F_CONFIG | F_NEG, name, NULL, NULL); + log_query(F_CONFIG | F_NEG, name, NULL, NULL, 0); } } @@ -1997,7 +1997,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, sec_data = 0; if (!dryrun) { - log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>"); + log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>", 0); if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, NULL, T_NAPTR, C_IN, "sszzzd", na->order, na->pref, na->flags, na->services, na->regexp, na->replace)) @@ -2014,7 +2014,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, ans = 1; sec_data = 0; if (!dryrun) - log_query(F_CONFIG | F_NEG, name, &addr, NULL); + log_query(F_CONFIG | F_NEG, name, &addr, NULL, 0); } } -- 2.25.1
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss