diff options
Diffstat (limited to '')
-rw-r--r-- | modules/bogus_log/meson.build | 2 | ||||
-rw-r--r-- | modules/dnstap/dnstap.c | 1 | ||||
-rw-r--r-- | modules/dnstap/meson.build | 3 | ||||
-rw-r--r-- | modules/edns_keepalive/meson.build | 2 | ||||
-rw-r--r-- | modules/extended_error/meson.build | 4 | ||||
-rw-r--r-- | modules/hints/hints.c | 21 | ||||
-rw-r--r-- | modules/hints/meson.build | 7 | ||||
-rw-r--r-- | modules/http/meson.build | 4 | ||||
-rw-r--r-- | modules/meson.build | 7 | ||||
-rw-r--r-- | modules/nsid/meson.build | 5 | ||||
-rw-r--r-- | modules/policy/lua-aho-corasick/.gitignore | 6 | ||||
-rw-r--r-- | modules/refuse_nord/meson.build | 2 | ||||
-rw-r--r-- | modules/stats/README.rst | 2 | ||||
-rw-r--r-- | modules/stats/meson.build | 4 | ||||
-rw-r--r-- | modules/stats/stats.c | 96 |
15 files changed, 114 insertions, 52 deletions
diff --git a/modules/bogus_log/meson.build b/modules/bogus_log/meson.build index e2faed5..3fa8d3c 100644 --- a/modules/bogus_log/meson.build +++ b/modules/bogus_log/meson.build @@ -9,7 +9,7 @@ c_src_lint += bogus_log_src bogus_log_mod = shared_module( 'bogus_log', bogus_log_src, - dependencies: libknot, + dependencies: mod_deps, include_directories: mod_inc_dir, name_prefix: '', install: true, diff --git a/modules/dnstap/dnstap.c b/modules/dnstap/dnstap.c index 7572667..07780fc 100644 --- a/modules/dnstap/dnstap.c +++ b/modules/dnstap/dnstap.c @@ -193,6 +193,7 @@ static int dnstap_log(kr_layer_t *ctx, enum dnstap_log_phase phase) { m.socket_family = DNSTAP__SOCKET_FAMILY__INET6; m.has_socket_family = true; break; + default:; } } diff --git a/modules/dnstap/meson.build b/modules/dnstap/meson.build index e8a94bf..038bf3e 100644 --- a/modules/dnstap/meson.build +++ b/modules/dnstap/meson.build @@ -43,11 +43,10 @@ if build_dnstap dnstap_mod = shared_module( 'dnstap', dnstap_src, - dependencies: [ + dependencies: mod_deps + [ declare_dependency(sources: dnstap_pb), libfstrm, libprotobuf_c, - libknot, ], include_directories: mod_inc_dir, name_prefix: '', diff --git a/modules/edns_keepalive/meson.build b/modules/edns_keepalive/meson.build index d125ec4..8370cdb 100644 --- a/modules/edns_keepalive/meson.build +++ b/modules/edns_keepalive/meson.build @@ -9,7 +9,7 @@ c_src_lint += edns_keepalive_src edns_keepalive_mod = shared_module( 'edns_keepalive', edns_keepalive_src, - dependencies: libknot, + dependencies: mod_deps, include_directories: mod_inc_dir, name_prefix: '', install: true, diff --git a/modules/extended_error/meson.build b/modules/extended_error/meson.build index 15a1772..9de514a 100644 --- a/modules/extended_error/meson.build +++ b/modules/extended_error/meson.build @@ -9,9 +9,7 @@ c_src_lint += extended_error_src extended_error_mod = shared_module( 'extended_error', extended_error_src, - dependencies: [ - libknot, - ], + dependencies: mod_deps, include_directories: mod_inc_dir, name_prefix: '', install: true, diff --git a/modules/hints/hints.c b/modules/hints/hints.c index a3f2f30..2195ca3 100644 --- a/modules/hints/hints.c +++ b/modules/hints/hints.c @@ -194,9 +194,11 @@ static const knot_dname_t * raw_addr2reverse(const uint8_t *raw_addr, int family #undef REV_MAXLEN if (family == AF_INET) { - snprintf(reverse_addr, sizeof(reverse_addr), - "%d.%d.%d.%d.in-addr.arpa.", - raw_addr[3], raw_addr[2], raw_addr[1], raw_addr[0]); + int ret = snprintf(reverse_addr, sizeof(reverse_addr), + "%d.%d.%d.%d.in-addr.arpa.", + raw_addr[3], raw_addr[2], raw_addr[1], raw_addr[0]); + if (kr_fails_assert(ret > 0 && ret <= sizeof(reverse_addr))) + return NULL; } else if (family == AF_INET6) { char *ra_it = reverse_addr; for (int i = 15; i >= 0; --i) { @@ -262,7 +264,10 @@ static int add_reverse_pair(struct kr_zonecut *hints, const char *name, const ch return kr_error(EINVAL); } - return kr_zonecut_add(hints, key, ptr_name, knot_dname_size(ptr_name)); + size_t dname_size = knot_dname_size(ptr_name); + if (kr_fails_assert(dname_size < INT_MAX)) + return kr_error(EINVAL); + return kr_zonecut_add(hints, key, ptr_name, (int)dname_size); } /** For a given name, remove either one address or all of them (if == NULL). @@ -276,7 +281,9 @@ static int del_pair(struct hints_data *data, const char *name, const char *addr) if (!knot_dname_from_str(key, name, sizeof(key))) { return kr_error(EINVAL); } - int key_len = knot_dname_size(key); + size_t key_len = knot_dname_size(key); + if (kr_fails_assert(key_len <= KNOT_DNAME_MAXLEN)) + return kr_error(EINVAL); if (addr) { /* Remove the pair. */ @@ -286,7 +293,7 @@ static int del_pair(struct hints_data *data, const char *name, const char *addr) } const knot_dname_t *reverse_key = addr2reverse(addr); - kr_zonecut_del(&data->reverse_hints, reverse_key, key, key_len); + kr_zonecut_del(&data->reverse_hints, reverse_key, key, (int)key_len); return kr_zonecut_del(&data->hints, key, kr_inaddr(&ia.ip), kr_inaddr_len(&ia.ip)); } @@ -306,7 +313,7 @@ static int del_pair(struct hints_data *data, const char *name, const char *addr) ? AF_INET : AF_INET6; const knot_dname_t *reverse_key = raw_addr2reverse(addr_val, family); if (reverse_key != NULL) { - kr_zonecut_del(&data->reverse_hints, reverse_key, key, key_len); + kr_zonecut_del(&data->reverse_hints, reverse_key, key, (int)key_len); } } diff --git a/modules/hints/meson.build b/modules/hints/meson.build index b837918..7e681f1 100644 --- a/modules/hints/meson.build +++ b/modules/hints/meson.build @@ -9,10 +9,7 @@ c_src_lint += hints_src hints_mod = shared_module( 'hints', hints_src, - dependencies: [ - libknot, - luajit, - ], + dependencies: mod_deps, include_directories: mod_inc_dir, name_prefix: '', install: true, @@ -21,5 +18,5 @@ hints_mod = shared_module( ) config_tests += [ - ['hints', files('tests/hints.test.lua'), ['skip_asan']], + ['hints', files('tests/hints.test.lua')], ] diff --git a/modules/http/meson.build b/modules/http/meson.build index a36e9eb..7d89215 100644 --- a/modules/http/meson.build +++ b/modules/http/meson.build @@ -21,7 +21,7 @@ lua_mod_src += [ config_tests += [ ['http', files('http.test.lua')], ['http.doh', files('http_doh.test.lua')], - ['http.tls', files('test_tls/tls.test.lua')], + ['http.tls', files('test_tls/tls.test.lua'), ['skip_asan']], ] # install static files @@ -45,7 +45,7 @@ install_subdir( ) # auxiliary debug library for HTTP module - doesn't compile on Cygwin -if openssl.found() and host_machine.system() != 'cygwin' +if openssl.found() and host_machine.system() not in [ 'cygwin', 'darwin' ] debug_opensslkeylog_mod = shared_module( 'debug_opensslkeylog', ['debug_opensslkeylog.c'], diff --git a/modules/meson.build b/modules/meson.build index 3861225..48bd478 100644 --- a/modules/meson.build +++ b/modules/meson.build @@ -35,6 +35,13 @@ integr_tests += [ mod_inc_dir = include_directories('..', '../contrib', luajit.get_pkgconfig_variable('includedir')) +mod_deps = [ + contrib_dep, + libknot, + libuv, + luajit, +] + # handle more complex C/LUA modules separately subdir('bogus_log') # cookies module is not currently used diff --git a/modules/nsid/meson.build b/modules/nsid/meson.build index 354e70b..3c418bc 100644 --- a/modules/nsid/meson.build +++ b/modules/nsid/meson.build @@ -9,10 +9,7 @@ c_src_lint += nsid_src nsid_mod = shared_module( 'nsid', nsid_src, - dependencies: [ - libknot, - luajit, - ], + dependencies: mod_deps, include_directories: mod_inc_dir, name_prefix: '', install: true, diff --git a/modules/policy/lua-aho-corasick/.gitignore b/modules/policy/lua-aho-corasick/.gitignore new file mode 100644 index 0000000..04fd221 --- /dev/null +++ b/modules/policy/lua-aho-corasick/.gitignore @@ -0,0 +1,6 @@ +*.d +*.o +*.a +*.so +*_dep.txt +tests/testinput diff --git a/modules/refuse_nord/meson.build b/modules/refuse_nord/meson.build index 5142ded..7dc8b88 100644 --- a/modules/refuse_nord/meson.build +++ b/modules/refuse_nord/meson.build @@ -13,7 +13,7 @@ c_src_lint += refuse_nord_src refuse_nord_mod = shared_module( 'refuse_nord', refuse_nord_src, - dependencies: libknot, + dependencies: mod_deps, include_directories: mod_inc_dir, name_prefix: '', install: true, diff --git a/modules/stats/README.rst b/modules/stats/README.rst index 7d423aa..014c9f0 100644 --- a/modules/stats/README.rst +++ b/modules/stats/README.rst @@ -89,6 +89,8 @@ Built-in counters keep track of number of queries and answers matching specific +-----------------+----------------------------------+ | answer.slow | completed in more than 1500ms | +-----------------+----------------------------------+ +| answer.sum_ms | sum of all latencies in ms | ++-----------------+----------------------------------+ +-----------------+----------------------------------+ | **Answer flags** | diff --git a/modules/stats/meson.build b/modules/stats/meson.build index cb4ccd6..e1f4a49 100644 --- a/modules/stats/meson.build +++ b/modules/stats/meson.build @@ -14,9 +14,7 @@ integr_tests += [ stats_mod = shared_module( 'stats', stats_src, - dependencies: [ - libknot, - ], + dependencies: mod_deps, include_directories: mod_inc_dir, name_prefix: '', install: true, diff --git a/modules/stats/stats.c b/modules/stats/stats.c index ebb2877..3679615 100644 --- a/modules/stats/stats.c +++ b/modules/stats/stats.c @@ -42,11 +42,13 @@ X(answer,total) X(answer,noerror) X(answer,nodata) X(answer,nxdomain) X(answer,servfail) \ X(answer,cached) X(answer,1ms) X(answer,10ms) X(answer,50ms) X(answer,100ms) \ X(answer,250ms) X(answer,500ms) X(answer,1000ms) X(answer,1500ms) X(answer,slow) \ + X(answer,sum_ms) \ X(answer,aa) X(answer,tc) X(answer,rd) X(answer,ra) X(answer, ad) X(answer,cd) \ X(answer,edns0) X(answer,do) \ X(query,edns) X(query,dnssec) \ - X(request,total) X(request,udp) X(request,tcp) X(request,xdp) \ - X(request,dot) X(request,doh) X(request,internal) \ + X(request,total) X(request,total4) X(request,total6) X(request,internal) \ + X(request,udp4) X(request,tcp4) X(request,xdp4) X(request,dot4) X(request,doh4) \ + X(request,udp6) X(request,tcp6) X(request,xdp6) X(request,dot6) X(request,doh6) \ X(const,end) enum const_metric { @@ -63,6 +65,28 @@ static struct const_metric_elm const_metrics[] = { CONST_METRICS(X) #undef X }; + +/// These metrics are read-only views, each simply summing a pair of const_metrics items. +struct sum_metric { + const char *key; + const size_t *val1, *val2; +}; +static const struct sum_metric sum_metrics[] = { + // We're using this to aggregate v4 + v6 pairs. + #define DEF(proto) { \ + .key = "request." #proto, \ + .val1 = &const_metrics[metric_request_ ## proto ## 4].val, \ + .val2 = &const_metrics[metric_request_ ## proto ## 6].val, \ + } + DEF(udp), + DEF(tcp), + DEF(xdp), + DEF(dot), + DEF(doh), + #undef DEF +}; +static const size_t sum_metrics_len = sizeof(sum_metrics) / sizeof(sum_metrics[0]); + /** @endcond */ /** @internal LRU hash of most frequent names. */ @@ -116,7 +140,7 @@ static inline int collect_key(char *key, const knot_dname_t *name, uint16_t type if (key_len < 0) { return kr_error(key_len); } - return key_len + sizeof(type); + return key_len + (int)sizeof(type); } static void collect_sample(struct stat_data *data, struct kr_rplan *rplan) @@ -184,19 +208,26 @@ static int collect_transport(kr_layer_t *ctx) } /** - * Count each transport only once, + * Apart from the "total" stats, count each transport only once, * i.e. DoT does not count as TCP and XDP does not count as UDP. + * We have two counts for each - IPv6 and IPv4 separately. */ + const bool isIPv6 = req->qsource.addr->sa_family == AF_INET6; + #define INC_PROTO(proto) \ + stat_const_add(data, isIPv6 ? metric_request_ ## proto ## 6 \ + : metric_request_ ## proto ## 4, 1) + INC_PROTO(total); if (req->qsource.flags.http) - stat_const_add(data, metric_request_doh, 1); + INC_PROTO(doh); else if (req->qsource.flags.tls) - stat_const_add(data, metric_request_dot, 1); + INC_PROTO(dot); else if (req->qsource.flags.tcp) - stat_const_add(data, metric_request_tcp, 1); + INC_PROTO(tcp); else if (req->qsource.flags.xdp) - stat_const_add(data, metric_request_xdp, 1); + INC_PROTO(xdp); else - stat_const_add(data, metric_request_udp, 1); + INC_PROTO(udp); + #undef INC_PROTO return ctx->state; } @@ -220,6 +251,7 @@ static int collect(kr_layer_t *ctx) /* Histogram of answer latency. */ struct kr_query *first = rplan->resolved.at[0]; uint64_t elapsed = kr_now() - first->timestamp_mono; + stat_const_add(data, metric_answer_sum_ms, elapsed); if (elapsed <= 1) { stat_const_add(data, metric_answer_1ms, 1); } else if (elapsed <= 10) { @@ -272,6 +304,7 @@ static int collect(kr_layer_t *ctx) * Set nominal value of a key. * * Input: { key, val } + * Aggregate metrics can't be set. * */ static char* stats_set(void *env, struct kr_module *module, const char *args) @@ -313,26 +346,36 @@ static char* stats_get(void *env, struct kr_module *module, const char *args) struct stat_data *data = module->data; /* Expecting CHAR_BIT to be 8, this is a safe bet */ - char *ret = malloc(3 * sizeof(size_t) + 2); - if (!ret) { - return NULL; - } + char *str_value = NULL; + int ret = 0; /* Check if it exists in const map. */ for (unsigned i = 0; i < metric_const_end; ++i) { if (strcmp(const_metrics[i].key, args) == 0) { - sprintf(ret, "%zu", const_metrics[i].val); - return ret; + ret = asprintf(&str_value, "%zu", const_metrics[i].val); + if (ret < 0) + return NULL; + return str_value; + } + } + /* Check if it exists in aggregate metrics. */ + for (int i = 0; i < sum_metrics_len; ++i) { + const struct sum_metric *smi = &sum_metrics[i]; + if (strcmp(smi->key, args) == 0) { + ret = asprintf(&str_value, "%zu", *smi->val1 + *smi->val2); + if (ret < 0) + return NULL; + return str_value; } } /* Check in variable map */ trie_val_t *val = trie_get_try(data->trie, args, strlen(args)); - if (!val) { - free(ret); + if (!val) return NULL; - } - sprintf(ret, "%zu", (size_t) *val); - return ret; + ret = asprintf(&str_value, "%zu", (size_t) *val); + if (ret < 0) + return NULL; + return str_value; } /** Checks whether: @@ -356,9 +399,9 @@ static int list_entry(const char *key, uint32_t key_len, trie_val_t *val, void * struct list_entry_context *ctx = baton; if (!key_matches_prefix(key, key_len, ctx->key_prefix, ctx->key_prefix_len)) return 0; - size_t number = (size_t) *val; + size_t number = (size_t)*val; auto_free char *key_nt = strndup(key, key_len); - json_append_member(ctx->root, key_nt, json_mknumber(number)); + json_append_member(ctx->root, key_nt, json_mknumber((double)number)); return 0; } @@ -375,7 +418,14 @@ static char* stats_list(void *env, struct kr_module *module, const char *args) for (unsigned i = 0; i < metric_const_end; ++i) { struct const_metric_elm *elm = &const_metrics[i]; if (!args || strncmp(elm->key, args, args_len) == 0) { - json_append_member(root, elm->key, json_mknumber(elm->val)); + json_append_member(root, elm->key, json_mknumber((double)elm->val)); + } + } + for (int i = 0; i < sum_metrics_len; ++i) { + const struct sum_metric *elm = &sum_metrics[i]; + if (!args || strncmp(elm->key, args, args_len) == 0) { + size_t val = *elm->val1 + *elm->val2; + json_append_member(root, elm->key, json_mknumber(val)); } } struct list_entry_context ctx = { |