Hey Petr and Simon,
On Thu, 2021-09-09 at 23:35 +0100, Simon Kelley wrote:
> Much tidier is to simplify things and add an extra parameter to
> log_query which is the type, if type is non-zero, log_query calls
> querystr(), so
>
> log_query(flags, name, addr, querystr("description", type));
>
> becomes
>
> log_query(flags, name, addr, "description", type);
>
I agree this is a good solution, patch attached. I hope to have caught
all places (I don't have the dependencies to build all possible
combinations myself).
On Thu, 2021-09-09 at 23:35 +0100, Simon Kelley wrote:
> querystr becomes a local function to cache.c or just gets rolled into
> log_query().
I did the former. Merging it into log_query() would make an already
complex routine even longer.
Concerning performance: The loop can at most iterate over 89 entries
before it says: "Didn't find". However, for the vast vast majority of
cases, the match will be in the first 30ish (AAAA and SRV) as query
types behind those are not very likely to be seen. The loop breaks as
soon as the match is found. Looking at the gcc11 x86_64 -O2 assembly,
there are no surprises, only very few assembler instructions per
iteration are needed. The next type integers in the table can always be
found 16 bytes after the former. Hence, we just need
.FOR_LOOP
add rax, 1
cmp rax, 89
je .NOT_FOUND
mov rdx, rax
movsx rcx, eax
sal rdx, 4
cmp DWORD PTR typestr[rdx], r1d
jne .FOR_LOOP
[... stuff if found ...]
Given we call library functions like strlen() and sprintf(), our loop
here is surely not any kind of bottleneck. Even if it'd be even larger.
Best,
Dominik
From e0d56e962e058add871c2d49c0e224d41157057a Mon Sep 17 00:00:00 2001
From: Dominik DL6ER <dl...@dl6er.de>
Date: Fri, 10 Sep 2021 10:00:56 +0200
Subject: [PATCH] Move call to querystr() inside log_query() to ensure it is
only called when logging is enabled.
Signed-off-by: DL6ER <dl...@dl6er.de>
---
src/auth.c | 40 +++++++++++++-------------
src/cache.c | 10 +++++--
src/dnsmasq.h | 3 +-
src/dnssec.c | 16 +++++------
src/domain-match.c | 6 ++--
src/forward.c | 40 +++++++++++++-------------
src/rfc1035.c | 70 +++++++++++++++++++++++-----------------------
7 files changed, 93 insertions(+), 92 deletions(-)
diff --git a/src/auth.c b/src/auth.c
index 172a4b2..7be1613 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -210,7 +210,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
if (local_query || in_zone(zone, intr->name, NULL))
{
found = 1;
- log_query(flag | F_REVERSE | F_CONFIG, intr->name, &addr, NULL);
+ log_query(flag | F_REVERSE | F_CONFIG, intr->name, &addr, NULL, 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->auth_ttl, NULL,
T_PTR, C_IN, "d", intr->name))
@@ -234,7 +234,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
strcat(name, ".");
strcat(name, zone->domain);
}
- log_query(flag | F_DHCP | F_REVERSE, name, &addr, record_source(crecp->uid));
+ log_query(flag | F_DHCP | F_REVERSE, name, &addr, record_source(crecp->uid), 0);
found = 1;
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->auth_ttl, NULL,
@@ -243,7 +243,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
}
else if (crecp->flags & (F_DHCP | F_HOSTS) && (local_query || in_zone(zone, name, NULL)))
{
- log_query(crecp->flags & ~F_FORWARD, name, &addr, record_source(crecp->uid));
+ log_query(crecp->flags & ~F_FORWARD, name, &addr, record_source(crecp->uid), 0);
found = 1;
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->auth_ttl, NULL,
@@ -257,7 +257,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
if (!found && is_rev_synth(flag, &addr, name) && (local_query || in_zone(zone, name, NULL)))
{
- log_query(F_CONFIG | F_REVERSE | flag, name, &addr, NULL);
+ log_query(F_CONFIG | F_REVERSE | flag, name, &addr, NULL, 0);
found = 1;
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
@@ -269,7 +269,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
if (found)
nxdomain = 0;
else
- log_query(flag | F_NEG | F_NXDOMAIN | F_REVERSE | (auth ? F_AUTH : 0), NULL, &addr, NULL);
+ log_query(flag | F_NEG | F_NXDOMAIN | F_REVERSE | (auth ? F_AUTH : 0), NULL, &addr, NULL, 0);
continue;
}
@@ -300,7 +300,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
if (rc == 2 && qtype == T_MX)
{
found = 1;
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>", 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl,
NULL, T_MX, C_IN, "sd", rec->weight, rec->target))
anscount++;
@@ -315,7 +315,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
if (rc == 2 && qtype == T_SRV)
{
found = 1;
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<SRV>");
+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<SRV>", 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl,
NULL, T_SRV, C_IN, "sssd",
rec->priority, rec->weight, rec->srvport, rec->target))
@@ -349,7 +349,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
if (rc == 2 && txt->class == qtype)
{
found = 1;
- log_query(F_CONFIG | F_RRNAME, name, NULL, querystr(NULL, txt->class));
+ log_query(F_CONFIG | F_RRNAME, name, NULL, NULL, txt->class);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl,
NULL, txt->class, C_IN, "t", txt->len, txt->txt))
anscount++;
@@ -363,7 +363,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
if (rc == 2 && qtype == T_TXT)
{
found = 1;
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>");
+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>", 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl,
NULL, T_TXT, C_IN, "t", txt->len, txt->txt))
anscount++;
@@ -377,7 +377,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
if (rc == 2 && qtype == T_NAPTR)
{
found = 1;
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>");
+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>", 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->auth_ttl,
NULL, T_NAPTR, C_IN, "sszzzd",
na->order, na->pref, na->flags, na->services, na->regexp, na->replace))
@@ -407,7 +407,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
continue;
found = 1;
- log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL);
+ log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL, 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->auth_ttl, NULL, qtype, C_IN,
qtype == T_A ? "4" : "6", &addrlist->addr))
@@ -420,7 +420,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
found = 1;
nxdomain = 0;
- log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL);
+ log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL, 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->auth_ttl, NULL, qtype, C_IN, qtype == T_A ? "4" : "6", &addr))
anscount++;
@@ -434,7 +434,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
{
auth = soa = 1; /* inhibits auth section */
found = 1;
- log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<SOA>");
+ log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<SOA>", 0);
}
else if (qtype == T_AXFR)
{
@@ -471,14 +471,14 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
axfr = 1;
found = 1;
axfroffset = nameoffset;
- log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<AXFR>");
+ log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<AXFR>", 0);
}
else if (qtype == T_NS)
{
auth = 1;
ns = 1; /* inhibits auth section */
found = 1;
- log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<NS>");
+ log_query(F_RRNAME | F_AUTH, zone->domain, NULL, "<NS>", 0);
}
}
@@ -496,7 +496,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
(local_query || filter_zone(zone, flag, &(crecp->addr))))
{
*cut = '.'; /* restore domain part */
- log_query(crecp->flags, name, &crecp->addr, record_source(crecp->uid));
+ log_query(crecp->flags, name, &crecp->addr, record_source(crecp->uid), 0);
*cut = 0; /* remove domain part */
found = 1;
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
@@ -518,7 +518,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
nxdomain = 0;
if ((crecp->flags & flag) && (local_query || filter_zone(zone, flag, &(crecp->addr))))
{
- log_query(crecp->flags, name, &crecp->addr, record_source(crecp->uid));
+ log_query(crecp->flags, name, &crecp->addr, record_source(crecp->uid), 0);
found = 1;
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->auth_ttl, NULL, qtype, C_IN,
@@ -566,7 +566,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
if (candidate)
{
- log_query(F_CONFIG | F_CNAME, name, NULL, NULL);
+ log_query(F_CONFIG | F_CNAME, name, NULL, NULL, 0);
strcpy(name, candidate->target);
if (!strchr(name, '.'))
{
@@ -584,7 +584,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
else if (cache_find_non_terminal(name, now))
nxdomain = 0;
- log_query(flag | F_NEG | (nxdomain ? F_NXDOMAIN : 0) | F_FORWARD | F_AUTH, name, NULL, NULL);
+ log_query(flag | F_NEG | (nxdomain ? F_NXDOMAIN : 0) | F_FORWARD | F_AUTH, name, NULL, NULL, 0);
}
}
@@ -892,7 +892,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
header->nscount = htons(0);
addr.log.rcode = REFUSED;
addr.log.ede = EDE_NOT_AUTH;
- log_query(F_UPSTREAM | F_RCODE, "error", &addr, NULL);
+ log_query(F_UPSTREAM | F_RCODE, "error", &addr, NULL, 0);
return resize_packet(header, ansp - (unsigned char *)header, NULL, 0);
}
diff --git a/src/cache.c b/src/cache.c
index 9a151b4..b3b3c7c 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -1855,7 +1855,7 @@ char *record_source(unsigned int index)
return "<unknown>";
}
-char *querystr(char *desc, unsigned short type)
+static char *querystr(char *desc, unsigned short type)
{
unsigned int i;
int len = 10; /* strlen("type=xxxxx") */
@@ -1943,7 +1943,7 @@ static char *edestr(int ede)
}
}
-void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg)
+void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg, unsigned short type)
{
char *source, *dest = arg;
char *verb = "is";
@@ -1951,7 +1951,11 @@ void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg)
if (!option_bool(OPT_LOG))
return;
-
+
+ /* build query type string if requested */
+ if(type > 0)
+ arg = querystr(arg, type);
+
#ifdef HAVE_DNSSEC
if ((flags & F_DNSSECOK) && option_bool(OPT_EXTRALOG))
extra = " (DNSSEC signed)";
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index 8674823..56a3f1d 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -1245,9 +1245,8 @@ extern struct daemon {
/* cache.c */
void cache_init(void);
void next_uid(struct crec *crecp);
-void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg);
+void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg, unsigned short type);
char *record_source(unsigned int index);
-char *querystr(char *desc, unsigned short type);
int cache_find_non_terminal(char *name, time_t now);
struct crec *cache_find_by_addr(struct crec *crecp,
union all_addr *addr, time_t now,
diff --git a/src/dnssec.c b/src/dnssec.c
index 153cac4..90818a6 100644
--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -954,9 +954,9 @@ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, ch
a.log.keytag = keytag;
a.log.algo = algo;
if (algo_digest_name(algo))
- log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu");
+ log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu", 0);
else
- log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu (not supported)");
+ log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu (not supported)", 0);
}
}
}
@@ -973,7 +973,7 @@ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, ch
return STAT_OK;
}
- log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DNSKEY");
+ log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DNSKEY", 0);
return STAT_BOGUS | failflags;
}
@@ -1012,7 +1012,7 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
if (STAT_ISEQUAL(rc, STAT_INSECURE))
{
my_syslog(LOG_WARNING, _("Insecure DS reply received for %s, check domain configuration and upstream DNS server DNSSEC support"), name);
- log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DS - not secure");
+ log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DS - not secure", 0);
return STAT_BOGUS | DNSSEC_FAIL_INDET;
}
@@ -1025,7 +1025,7 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
from the DS's zone, and not the parent zone. */
if (STAT_ISEQUAL(rc, STAT_NEED_KEY) && hostname_isequal(name, keyname))
{
- log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DS");
+ log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DS", 0);
return STAT_BOGUS;
}
@@ -1081,9 +1081,9 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
a.log.algo = algo;
a.log.digest = digest;
if (ds_digest_name(digest) && algo_digest_name(algo))
- log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu");
+ log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu", 0);
else
- log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu (not supported)");
+ log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu (not supported)", 0);
}
}
@@ -1116,7 +1116,7 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
cache_end_insert();
- log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, nons ? "no DS/cut" : "no DS");
+ log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, nons ? "no DS/cut" : "no DS", 0);
}
return STAT_OK;
diff --git a/src/domain-match.c b/src/domain-match.c
index f8e4796..0b0dcd9 100644
--- a/src/domain-match.c
+++ b/src/domain-match.c
@@ -393,7 +393,7 @@ size_t make_local_answer(int flags, int gotname, size_t size, struct dns_header
union all_addr addr;
if (flags & (F_NXDOMAIN | F_NOERR))
- log_query(flags | gotname | F_NEG | F_CONFIG | F_FORWARD, name, NULL, NULL);
+ log_query(flags | gotname | F_NEG | F_CONFIG | F_FORWARD, name, NULL, NULL, 0);
setup_reply(header, flags, ede);
@@ -412,7 +412,7 @@ size_t make_local_answer(int flags, int gotname, size_t size, struct dns_header
header->ancount = htons(ntohs(header->ancount) + 1);
add_resource_record(header, limit, &trunc, sizeof(struct dns_header), &p, daemon->local_ttl, NULL, T_A, C_IN, "4", &addr);
- log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV6, name, (union all_addr *)&addr, NULL);
+ log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV6, name, (union all_addr *)&addr, NULL, 0);
}
if (flags & gotname & F_IPV6)
@@ -427,7 +427,7 @@ size_t make_local_answer(int flags, int gotname, size_t size, struct dns_header
header->ancount = htons(ntohs(header->ancount) + 1);
add_resource_record(header, limit, &trunc, sizeof(struct dns_header), &p, daemon->local_ttl, NULL, T_AAAA, C_IN, "6", &addr);
- log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV4, name, (union all_addr *)&addr, NULL);
+ log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV4, name, (union all_addr *)&addr, NULL, 0);
}
if (trunc)
diff --git a/src/forward.c b/src/forward.c
index 3d638e4..434ba77 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -119,12 +119,12 @@ static void set_outgoing_mark(struct frec *forward, int fd)
}
#endif
-static void log_query_mysockaddr(unsigned int flags, char *name, union mysockaddr *addr, char *arg)
+static void log_query_mysockaddr(unsigned int flags, char *name, union mysockaddr *addr, char *arg, unsigned short type)
{
if (addr->sa.sa_family == AF_INET)
- log_query(flags | F_IPV4, name, (union all_addr *)&addr->in.sin_addr, arg);
+ log_query(flags | F_IPV4, name, (union all_addr *)&addr->in.sin_addr, arg, type);
else
- log_query(flags | F_IPV6, name, (union all_addr *)&addr->in6.sin6_addr, arg);
+ log_query(flags | F_IPV6, name, (union all_addr *)&addr->in6.sin6_addr, arg, type);
}
static void server_send(struct server *server, int fd,
@@ -138,12 +138,13 @@ static void server_send(struct server *server, int fd,
#ifdef HAVE_DNSSEC
static void server_send_log(struct server *server, int fd,
const void *header, size_t plen, int dumpflags,
- unsigned int logflags, char *name, char *arg)
+ unsigned int logflags, char *name, char *arg,
+ unsigned short type)
{
#ifdef HAVE_DUMPFILE
dump_packet(dumpflags, (void *)header, (size_t)plen, NULL, &server->addr);
#endif
- log_query_mysockaddr(logflags, name, &server->addr, arg);
+ log_query_mysockaddr(logflags, name, &server->addr, arg, type);
server_send(server, fd, header, plen, 0);
}
#endif
@@ -494,12 +495,12 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
if (!gotname)
strcpy(daemon->namebuff, "query");
log_query_mysockaddr(F_SERVER | F_FORWARD, daemon->namebuff,
- &srv->addr, NULL);
+ &srv->addr, NULL, 0);
}
#ifdef HAVE_DNSSEC
else
log_query_mysockaddr(F_NOEXTRA | F_DNSSEC, daemon->namebuff, &srv->addr,
- querystr("dnssec-retry", (forward->flags & FREC_DNSKEY_QUERY) ? T_DNSKEY : T_DS));
+ "dnssec-retry", (forward->flags & FREC_DNSKEY_QUERY) ? T_DNSKEY : T_DS);
#endif
srv->queries++;
@@ -653,7 +654,7 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
union all_addr a;
a.log.rcode = rcode;
a.log.ede = ede;
- log_query(F_UPSTREAM | F_RCODE, "error", &a, NULL);
+ log_query(F_UPSTREAM | F_RCODE, "error", &a, NULL, 0);
return resize_packet(header, n, pheader, plen);
}
@@ -889,7 +890,7 @@ static void dnssec_validate(struct frec *forward, struct dns_header *header,
#endif
server_send_log(server, fd, header, nn, DUMP_SEC_QUERY,
F_NOEXTRA | F_DNSSEC, daemon->keyname,
- querystr("dnssec-query", STAT_ISEQUAL(status, STAT_NEED_KEY) ? T_DNSKEY : T_DS));
+ "dnssec-query", STAT_ISEQUAL(status, STAT_NEED_KEY) ? T_DNSKEY : T_DS);
server->queries++;
}
@@ -1136,7 +1137,7 @@ static void return_reply(time_t now, struct frec *forward, struct dns_header *he
domain = daemon->namebuff;
}
- log_query(F_SECSTAT, domain, &a, result);
+ log_query(F_SECSTAT, domain, &a, result, 0);
}
}
#endif
@@ -1202,7 +1203,7 @@ static void return_reply(time_t now, struct frec *forward, struct dns_header *he
{
daemon->log_display_id = src->log_id;
daemon->log_source_addr = &src->source;
- log_query(F_UPSTREAM, "query", NULL, "duplicate");
+ log_query(F_UPSTREAM, "query", NULL, "duplicate", 0);
}
}
}
@@ -1509,10 +1510,8 @@ void receive_query(struct listener *listen, time_t now)
#ifdef HAVE_AUTH
struct auth_zone *zone;
#endif
- char *types = querystr(auth_dns ? "auth" : "query", type);
-
log_query_mysockaddr(F_QUERY | F_FORWARD, daemon->namebuff,
- &source_addr, types);
+ &source_addr, auth_dns ? "auth" : "query", type);
#ifdef HAVE_CONNTRACK
is_single_query = 1;
@@ -1808,7 +1807,7 @@ static int tcp_key_recurse(time_t now, int status, struct dns_header *header, si
daemon->log_display_id = ++daemon->log_id;
log_query_mysockaddr(F_NOEXTRA | F_DNSSEC, keyname, &server->addr,
- querystr("dnssec-query", STAT_ISEQUAL(new_status, STAT_NEED_KEY) ? T_DNSKEY : T_DS));
+ "dnssec-query", STAT_ISEQUAL(new_status, STAT_NEED_KEY) ? T_DNSKEY : T_DS);
new_status = tcp_key_recurse(now, new_status, new_header, m, class, name, keyname, server, have_mark, mark, keycount);
@@ -1946,11 +1945,10 @@ unsigned char *tcp_request(int confd, time_t now,
#ifdef HAVE_AUTH
struct auth_zone *zone;
#endif
- char *types = querystr(auth_dns ? "auth" : "query", qtype);
-
+
log_query_mysockaddr(F_QUERY | F_FORWARD, daemon->namebuff,
- &peer_addr, types);
-
+ &peer_addr, auth_dns ? "auth" : "query", qtype);
+
#ifdef HAVE_CONNTRACK
is_single_query = 1;
#endif
@@ -2089,7 +2087,7 @@ unsigned char *tcp_request(int confd, time_t now,
/* get query name again for logging - may have been overwritten */
if (!(gotname = extract_request(header, (unsigned int)size, daemon->namebuff, &qtype)))
strcpy(daemon->namebuff, "query");
- log_query_mysockaddr(F_SERVER | F_FORWARD, daemon->namebuff, &serv->addr, NULL);
+ log_query_mysockaddr(F_SERVER | F_FORWARD, daemon->namebuff, &serv->addr, NULL, 0);
#ifdef HAVE_DNSSEC
if (option_bool(OPT_DNSSEC_VALID) && !checking_disabled && (master->flags & SERV_DO_DNSSEC))
@@ -2121,7 +2119,7 @@ unsigned char *tcp_request(int confd, time_t now,
domain = daemon->namebuff;
}
- log_query(F_SECSTAT, domain, &a, result);
+ log_query(F_SECSTAT, domain, &a, result, 0);
}
#endif
diff --git a/src/rfc1035.c b/src/rfc1035.c
index 6e195cc..3a7f3a5 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -526,7 +526,7 @@ static int print_txt(struct dns_header *header, const size_t qlen, char *name,
}
*p3 = 0;
- log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, (char*)p1);
+ log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, (char*)p1, 0);
/* restore */
memmove(p1 + 1, p1, i);
*p1 = len;
@@ -643,7 +643,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
#endif
if (aqtype == T_CNAME)
- log_query(secflag | F_CNAME | F_FORWARD | F_UPSTREAM, name, NULL, NULL);
+ log_query(secflag | F_CNAME | F_FORWARD | F_UPSTREAM, name, NULL, NULL, 0);
if (!extract_name(header, qlen, &p1, name, 1, 0))
return 0;
@@ -661,10 +661,10 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
found = 1;
if (!name_encoding)
- log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, querystr(NULL, aqtype));
+ log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, NULL, aqtype);
else
{
- log_query(name_encoding | secflag | F_REVERSE | F_UPSTREAM, name, &addr, NULL);
+ log_query(name_encoding | secflag | F_REVERSE | F_UPSTREAM, name, &addr, NULL, 0);
if (insert)
cache_insert(name, &addr, C_IN, now, cttl, name_encoding | secflag | F_REVERSE);
}
@@ -691,7 +691,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
cache_insert(NULL, &addr, C_IN, now, ttl, flags);
}
- log_query(flags | F_UPSTREAM, name, &addr, NULL);
+ log_query(flags | F_UPSTREAM, name, &addr, NULL, 0);
}
}
else
@@ -762,7 +762,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
if (!cname_count--)
return 0; /* looped CNAMES */
- log_query(secflag | F_CNAME | F_FORWARD | F_UPSTREAM, name, NULL, NULL);
+ log_query(secflag | F_CNAME | F_FORWARD | F_UPSTREAM, name, NULL, NULL, 0);
if (insert)
{
@@ -797,7 +797,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
#ifdef HAVE_DNSSEC
if (!option_bool(OPT_DNSSEC_VALID) || aqtype != T_RRSIG)
#endif
- log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, querystr(NULL, aqtype));
+ log_query(secflag | F_FORWARD | F_UPSTREAM, name, NULL, NULL, aqtype);
}
else if (!(flags & F_NXDOMAIN))
{
@@ -847,7 +847,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
ipsets_cur = ipsets;
while (*ipsets_cur)
{
- log_query((flags & (F_IPV4 | F_IPV6)) | F_IPSET, name, &addr, *ipsets_cur);
+ log_query((flags & (F_IPV4 | F_IPV6)) | F_IPSET, name, &addr, *ipsets_cur, 0);
add_to_ipset(*ipsets_cur++, &addr, flags, 0);
}
}
@@ -872,7 +872,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
return 0;
}
else
- log_query(flags | F_FORWARD | secflag | F_UPSTREAM, name, &addr, querystr(NULL, aqtype));
+ log_query(flags | F_FORWARD | secflag | F_UPSTREAM, name, &addr, NULL, aqtype);
}
p1 = endrr;
@@ -891,7 +891,7 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
insert = 1;
}
- log_query(F_UPSTREAM | F_FORWARD | F_NEG | flags | (secure ? F_DNSSECOK : 0), name, NULL, NULL);
+ log_query(F_UPSTREAM | F_FORWARD | F_NEG | flags | (secure ? F_DNSSECOK : 0), name, NULL, NULL, 0);
if (!searched_soa)
{
@@ -1089,7 +1089,7 @@ void setup_reply(struct dns_header *header, unsigned int flags, int ede)
union all_addr a;
a.log.rcode = REFUSED;
a.log.ede = ede;
- log_query(F_CONFIG | F_RCODE, "error", &a, NULL);
+ log_query(F_CONFIG | F_RCODE, "error", &a, NULL, 0);
SET_RCODE(header, REFUSED);
}
}
@@ -1459,7 +1459,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (qtype == T_CNAME)
{
if (!dryrun)
- log_query(crecp->flags, name, NULL, record_source(crecp->uid));
+ log_query(crecp->flags, name, NULL, record_source(crecp->uid), 0);
auth = 0;
nxdomain = 1;
ans = 1;
@@ -1481,7 +1481,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
- log_query(crecp->flags, name, NULL, record_source(crecp->uid));
+ log_query(crecp->flags, name, NULL, record_source(crecp->uid), 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
crec_ttl(crecp, now), &nameoffset,
T_CNAME, C_IN, "d", cname_target))
@@ -1521,7 +1521,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
#endif
if (ok)
{
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>");
+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>", 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
ttl, NULL,
T_TXT, t->class, "t", t->len, t->txt))
@@ -1543,7 +1543,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
addr.log.rcode = NOTIMP;
- log_query(F_CONFIG | F_RCODE, name, &addr, NULL);
+ log_query(F_CONFIG | F_RCODE, name, &addr, NULL, 0);
}
ans = 1, sec_data = 0;
}
@@ -1561,7 +1561,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
sec_data = 0;
if (!dryrun)
{
- log_query(F_CONFIG | F_RRNAME, name, NULL, querystr(NULL, t->class));
+ log_query(F_CONFIG | F_RRNAME, name, NULL, NULL, t->class);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->local_ttl, NULL,
t->class, C_IN, "t", t->len, t->txt))
@@ -1617,7 +1617,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
ans = 1;
if (!dryrun)
{
- log_query(is_arpa | F_REVERSE | F_CONFIG, intr->name, &addr, NULL);
+ log_query(is_arpa | F_REVERSE | F_CONFIG, intr->name, &addr, NULL, 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->local_ttl, NULL,
T_PTR, C_IN, "d", intr->name))
@@ -1630,7 +1630,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
sec_data = 0;
if (!dryrun)
{
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<PTR>");
+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<PTR>", 0);
for (ptr = daemon->ptr; ptr; ptr = ptr->next)
if (hostname_isequal(name, ptr->name) &&
add_resource_record(header, limit, &trunc, nameoffset, &ansp,
@@ -1665,7 +1665,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (crecp->flags & F_NXDOMAIN)
nxdomain = 1;
if (!dryrun)
- log_query(crecp->flags & ~F_FORWARD, name, &addr, NULL);
+ log_query(crecp->flags & ~F_FORWARD, name, &addr, NULL, 0);
}
else
{
@@ -1674,7 +1674,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(crecp->flags & ~F_FORWARD, cache_get_name(crecp), &addr,
- record_source(crecp->uid));
+ record_source(crecp->uid), 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
crec_ttl(crecp, now), NULL,
@@ -1691,7 +1691,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
sec_data = 0;
if (!dryrun)
{
- log_query(F_CONFIG | F_REVERSE | is_arpa, name, &addr, NULL);
+ log_query(F_CONFIG | F_REVERSE | is_arpa, name, &addr, NULL, 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->local_ttl, NULL,
@@ -1709,7 +1709,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
nxdomain = 1;
if (!dryrun)
log_query(F_CONFIG | F_REVERSE | is_arpa | F_NEG | F_NXDOMAIN,
- name, &addr, NULL);
+ name, &addr, NULL, 0);
}
}
@@ -1764,7 +1764,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
gotit = 1;
- log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL);
+ log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL, 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->local_ttl, NULL, type, C_IN,
type == T_A ? "4" : "6", &addrlist->addr))
@@ -1774,7 +1774,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
}
if (!dryrun && !gotit)
- log_query(F_FORWARD | F_CONFIG | flag | F_NEG, name, NULL, NULL);
+ log_query(F_FORWARD | F_CONFIG | flag | F_NEG, name, NULL, NULL, 0);
continue;
}
@@ -1819,7 +1819,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (crecp->flags & F_NXDOMAIN)
nxdomain = 1;
if (!dryrun)
- log_query(crecp->flags, name, NULL, NULL);
+ log_query(crecp->flags, name, NULL, NULL, 0);
}
else
{
@@ -1837,7 +1837,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
log_query(crecp->flags & ~F_REVERSE, name, &crecp->addr,
- record_source(crecp->uid));
+ record_source(crecp->uid), 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
crec_ttl(crecp, now), NULL, type, C_IN,
@@ -1852,7 +1852,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
ans = 1, sec_data = 0;
if (!dryrun)
{
- log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL);
+ log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL, 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
daemon->local_ttl, NULL, type, C_IN, type == T_A ? "4" : "6", &addr))
anscount++;
@@ -1871,7 +1871,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
int offset;
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>", 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
&offset, T_MX, C_IN, "sd", rec->weight, rec->target))
{
@@ -1889,7 +1889,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
sec_data = 0;
if (!dryrun)
{
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>", 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl, NULL,
T_MX, C_IN, "sd", 1,
option_bool(OPT_SELFMX) ? name : daemon->mxtarget))
@@ -1911,7 +1911,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (!dryrun)
{
int offset;
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<SRV>");
+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<SRV>", 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
&offset, T_SRV, C_IN, "sssd",
rec->priority, rec->weight, rec->srvport, rec->target))
@@ -1962,12 +1962,12 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
if (crecp->flags & F_NXDOMAIN)
nxdomain = 1;
if (!dryrun)
- log_query(crecp->flags, name, NULL, NULL);
+ log_query(crecp->flags, name, NULL, NULL, 0);
}
else if (!dryrun)
{
char *target = blockdata_retrieve(crecp->addr.srv.target, crecp->addr.srv.targetlen, NULL);
- log_query(crecp->flags, name, NULL, 0);
+ log_query(crecp->flags, name, NULL, NULL, 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
crec_ttl(crecp, now), NULL, T_SRV, C_IN, "sssd",
@@ -1983,7 +1983,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
ans = 1;
sec_data = 0;
if (!dryrun)
- log_query(F_CONFIG | F_NEG, name, NULL, NULL);
+ log_query(F_CONFIG | F_NEG, name, NULL, NULL, 0);
}
}
@@ -1997,7 +1997,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
sec_data = 0;
if (!dryrun)
{
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>");
+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>", 0);
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
NULL, T_NAPTR, C_IN, "sszzzd",
na->order, na->pref, na->flags, na->services, na->regexp, na->replace))
@@ -2014,7 +2014,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
ans = 1;
sec_data = 0;
if (!dryrun)
- log_query(F_CONFIG | F_NEG, name, &addr, NULL);
+ log_query(F_CONFIG | F_NEG, name, &addr, NULL, 0);
}
}
--
2.25.1
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
