- When a granchild delegation is returned, remove any cached child delegations

  up to parent to not cause delegation invalidation because of an
  expired child delegation that would never be updated. Most likely to
  happen without qname-minimisation. Reported by Roland van Rijswijk-Deij.

Author: gthess

iterator/iterator.c

@@ -52,6 +52,7 @@
 #include "iterator/iter_priv.h"
 #include "validator/val_neg.h"
 #include "services/cache/dns.h"
+#include "services/cache/rrset.h"
 #include "services/cache/infra.h"
 #include "services/authzone.h"
 #include "util/module.h"
@@ -3255,6 +3256,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq,
 		}
 		return final_state(iq);
 	} else if(type == RESPONSE_TYPE_REFERRAL) {
+		struct delegpt* old_dp = NULL;
 		/* REFERRAL type responses get a reset of the 
 		 * delegation point, and back to the QUERYTARGETS_STATE. */
 		verbose(VERB_DETAIL, "query response was REFERRAL");
@@ -3306,13 +3308,29 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq,
 		/* Reset the event state, setting the current delegation 
 		 * point to the referral. */
 		iq->deleg_msg = iq->response;
+		/* Keep current delegation point for label comparison */
+		old_dp = iq->dp;
 		iq->dp = delegpt_from_message(iq->response, qstate->region);
 		if (qstate->env->cfg->qname_minimisation)
 			iq->minimisation_state = INIT_MINIMISE_STATE;
 		if(!iq->dp) {
 			errinf(qstate, "malloc failure, for delegation point");
 			return error_response(qstate, id, LDNS_RCODE_SERVFAIL);
 		}
+		if(old_dp->namelabs + 1 < iq->dp->namelabs) {
+			/* We got a grandchild delegation (more than one label
+			 * difference) than expected. Check for in-between
+			 * delegations in the cache and remove them.
+			 * They could prove problematic when they expire
+			 * and rrset_expired_above() encounters them during
+			 * delegation cache lookups. */
+			uint8_t* qname = iq->dp->name;
+			size_t qnamelen = iq->dp->namelen;
+			rrset_cache_remove_above(qstate->env->rrset_cache,
+				&qname, &qnamelen, LDNS_RR_TYPE_NS,
+				iq->qchase.qclass, *qstate->env->now,
+				old_dp->name, old_dp->namelen);
+		}
 		if(!cache_fill_missing(qstate->env, iq->qchase.qclass, 
 			qstate->region, iq->dp)) {
 			errinf(qstate, "malloc failure, copy extra info into delegation point");

services/cache/dns.c

@@ -193,46 +193,6 @@ dns_cache_store_msg(struct module_env* env, struct query_info* qinfo,
 	slabhash_insert(env->msg_cache, hash, &e->entry, rep, env->alloc);
 }
 
-/** see if an rrset is expired above the qname, return upper qname. */
-static int
-rrset_expired_above(struct module_env* env, uint8_t** qname, size_t* qnamelen,
-	uint16_t searchtype, uint16_t qclass, time_t now, uint8_t* expiretop,
-	size_t expiretoplen)
-{
-	struct ub_packed_rrset_key *rrset;
-	uint8_t lablen;
-
-	while(*qnamelen > 0) {
-		/* look one label higher */
-		lablen = **qname;
-		*qname += lablen + 1;
-		*qnamelen -= lablen + 1;
-		if(*qnamelen <= 0)
-			break;
-
-		/* looks up with a time of 0, to see expired entries */
-		if((rrset = rrset_cache_lookup(env->rrset_cache, *qname,
-			*qnamelen, searchtype, qclass, 0, 0, 0))) {
-			struct packed_rrset_data* data =
-				(struct packed_rrset_data*)rrset->entry.data;
-			if(now > data->ttl) {
-				/* it is expired, this is not wanted */
-				lock_rw_unlock(&rrset->entry.lock);
-				log_nametypeclass(VERB_ALGO, "this rrset is expired", *qname, searchtype, qclass);
-				return 1;
-			}
-			/* it is not expired, continue looking */
-			lock_rw_unlock(&rrset->entry.lock);
-		}
-
-		/* do not look above the expiretop. */
-		if(expiretop && *qnamelen == expiretoplen &&
-			query_dname_compare(*qname, expiretop)==0)
-			break;
-	}
-	return 0;
-}
-
 /** find closest NS or DNAME and returns the rrset (locked) */
 static struct ub_packed_rrset_key*
 find_closest_of_type(struct module_env* env, uint8_t* qname, size_t qnamelen, 
@@ -266,12 +226,12 @@ find_closest_of_type(struct module_env* env, uint8_t* qname, size_t qnamelen,
 			/* check for expiry, but we have to let go of the rrset
 			 * for the lock ordering */
 			lock_rw_unlock(&rrset->entry.lock);
-			/* the expired_above function always takes off one
-			 * label (if qnamelen>0) and returns the final qname
-			 * where it searched, so we can continue from there
-			 * turning the O N*N search into O N. */
-			if(!rrset_expired_above(env, &qname, &qnamelen,
-				searchtype, qclass, now, expiretop,
+			/* the rrset_cache_expired_above function always takes
+			 * off one label (if qnamelen>0) and returns the final
+			 * qname where it searched, so we can continue from
+			 * there turning the O N*N search into O N. */
+			if(!rrset_cache_expired_above(env->rrset_cache, &qname,
+				&qnamelen, searchtype, qclass, now, expiretop,
 				expiretoplen)) {
 				/* we want to return rrset, but it may be
 				 * gone from cache, if so, just loop like

services/cache/rrset.c

@@ -46,6 +46,7 @@
 #include "util/data/packed_rrset.h"
 #include "util/data/msgreply.h"
 #include "util/data/msgparse.h"
+#include "util/data/dname.h"
 #include "util/regional.h"
 #include "util/alloc.h"
 #include "util/net_help.h"
@@ -443,6 +444,89 @@ rrset_check_sec_status(struct rrset_cache* r,
 	lock_rw_unlock(&e->lock);
 }
 
+void
+rrset_cache_remove_above(struct rrset_cache* r, uint8_t** qname, size_t*
+	qnamelen, uint16_t searchtype, uint16_t qclass, time_t now, uint8_t*
+	qnametop, size_t qnametoplen)
+{
+	struct ub_packed_rrset_key *rrset;
+	uint8_t lablen;
+
+	while(*qnamelen > 0) {
+		/* look one label higher */
+		lablen = **qname;
+		*qname += lablen + 1;
+		*qnamelen -= lablen + 1;
+		if(*qnamelen <= 0)
+			return;
+
+		/* stop at qnametop */
+		if(qnametop && *qnamelen == qnametoplen &&
+			query_dname_compare(*qname, qnametop)==0)
+			return;
+
+		if(verbosity >= VERB_ALGO) {
+			/* looks up with a time of 0, to see expired entries */
+			if((rrset = rrset_cache_lookup(r, *qname,
+				*qnamelen, searchtype, qclass, 0, 0, 0))) {
+				struct packed_rrset_data* data =
+					(struct packed_rrset_data*)rrset->entry.data;
+				int expired = (now > data->ttl);
+				lock_rw_unlock(&rrset->entry.lock);
+				if(expired)
+					log_nametypeclass(verbosity, "this "
+						"(grand)parent rrset will be "
+						"removed (expired)",
+						*qname, searchtype, qclass);
+				else	log_nametypeclass(verbosity, "this "
+						"(grand)parent rrset will be "
+						"removed",
+						*qname, searchtype, qclass);
+			}
+		}
+		rrset_cache_remove(r, *qname, *qnamelen, searchtype, qclass, 0);
+	}
+}
+
+int
+rrset_cache_expired_above(struct rrset_cache* r, uint8_t** qname, size_t*
+	qnamelen, uint16_t searchtype, uint16_t qclass, time_t now, uint8_t*
+	qnametop, size_t qnametoplen)
+{
+	struct ub_packed_rrset_key *rrset;
+	uint8_t lablen;
+
+	while(*qnamelen > 0) {
+		/* look one label higher */
+		lablen = **qname;
+		*qname += lablen + 1;
+		*qnamelen -= lablen + 1;
+		if(*qnamelen <= 0)
+			break;
+
+		/* looks up with a time of 0, to see expired entries */
+		if((rrset = rrset_cache_lookup(r, *qname,
+			*qnamelen, searchtype, qclass, 0, 0, 0))) {
+			struct packed_rrset_data* data =
+				(struct packed_rrset_data*)rrset->entry.data;
+			if(now > data->ttl) {
+				/* it is expired, this is not wanted */
+				lock_rw_unlock(&rrset->entry.lock);
+				log_nametypeclass(VERB_ALGO, "this rrset is expired", *qname, searchtype, qclass);
+				return 1;
+			}
+			/* it is not expired, continue looking */
+			lock_rw_unlock(&rrset->entry.lock);
+		}
+
+		/* do not look above the qnametop. */
+		if(qnametop && *qnamelen == qnametoplen &&
+			query_dname_compare(*qname, qnametop)==0)
+			break;
+	}
+	return 0;
+}
+
 void rrset_cache_remove(struct rrset_cache* r, uint8_t* nm, size_t nmlen,
 	uint16_t type, uint16_t dclass, uint32_t flags)
 {

services/cache/rrset.h

@@ -231,6 +231,37 @@ void rrset_update_sec_status(struct rrset_cache* r,
 void rrset_check_sec_status(struct rrset_cache* r, 
 	struct ub_packed_rrset_key* rrset, time_t now);
 
+/**
+ * Removes rrsets above the qname, returns upper qname.
+ * @param r: the rrset cache.
+ * @param qname: the start qname, also used as the output.
+ * @param qnamelen: length of qname, updated when it returns.
+ * @param searchtype: qtype to search for.
+ * @param qclass: qclass to search for.
+ * @param now: current time.
+ * @param qnametop: the top qname to stop removal (it is not removed).
+ * @param qnametoplen: length of qnametop.
+ */
+void rrset_cache_remove_above(struct rrset_cache* r, uint8_t** qname,
+	size_t* qnamelen, uint16_t searchtype, uint16_t qclass, time_t now,
+	uint8_t* qnametop, size_t qnametoplen);
+
+/**
+ * Sees if an rrset is expired above the qname, returns upper qname.
+ * @param r: the rrset cache.
+ * @param qname: the start qname, also used as the output.
+ * @param qnamelen: length of qname, updated when it returns.
+ * @param searchtype: qtype to search for.
+ * @param qclass: qclass to search for.
+ * @param now: current time.
+ * @param qnametop: the top qname, don't look farther than that.
+ * @param qnametoplen: length of qnametop.
+ * @return true if there is an expired rrset above, false otherwise.
+ */
+int rrset_cache_expired_above(struct rrset_cache* r, uint8_t** qname,
+	size_t* qnamelen, uint16_t searchtype, uint16_t qclass, time_t now,
+	uint8_t* qnametop, size_t qnametoplen);
+
 /**
  * Remove an rrset from the cache, by name and type and flags
  * @param r: rrset cache