BUG/MINOR: resolvers: new callback to properly handle SRV record errors
authorBaptiste Assmann <bedis9@gmail.com>
Thu, 19 Nov 2020 21:38:33 +0000 (22:38 +0100)
committerChristopher Faulet <cfaulet@haproxy.com>
Wed, 24 Feb 2021 21:35:00 +0000 (22:35 +0100)
When a SRV record was created, it used to register the regular server name
resolution callbacks. That said, SRV records and regular server name
resolution don't work the same way, furthermore on error management.

This patch introduces a new call back to manage DNS errors related to
the SRV queries.

this fixes github issue #50.

Backport status: 2.3, 2.2, 2.1, 2.0

(cherry picked from commit b4badf720ce484001f606011aee7cd216e5ce4e3)
[cf: Changes applied in src/dns.c and structures renamed]
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

include/haproxy/server.h
src/dns.c
src/server.c

index d63eb01..9a582b4 100644 (file)
@@ -60,6 +60,7 @@ struct server *new_server(struct proxy *proxy);
 int snr_update_srv_status(struct server *s, int has_no_ip);
 const char *update_server_fqdn(struct server *server, const char *fqdn, const char *updater, int dns_locked);
 int snr_resolution_cb(struct dns_requester *requester, struct dns_nameserver *nameserver);
+int srvrq_resolution_error_cb(struct dns_requester *requester, int error_code);
 int snr_resolution_error_cb(struct dns_requester *requester, int error_code);
 struct server *snr_check_ip_callback(struct server *srv, void *ip, unsigned char *ip_family);
 struct task *srv_cleanup_idle_connections(struct task *task, void *ctx, unsigned short state);
index a054b7b..5a572e1 100644 (file)
--- a/src/dns.c
+++ b/src/dns.c
@@ -1788,7 +1788,7 @@ int dns_link_resolution(void *requester, int requester_type, int requester_locke
                        req = srvrq->dns_requester;
 
                req->requester_cb       = snr_resolution_cb;
-               req->requester_error_cb = snr_resolution_error_cb;
+               req->requester_error_cb = srvrq_resolution_error_cb;
        }
        else if (stream) {
                if (stream->dns_ctx.dns_requester == NULL) {
index 035494b..daa9d4a 100644 (file)
@@ -3901,6 +3901,78 @@ int snr_resolution_cb(struct dns_requester *requester, struct dns_nameserver *na
 }
 
 /*
+ * SRV record error management callback
+ * returns:
+ *  0 on error
+ *  1 when no error or safe ignore
+ *
+ * Grabs the server's lock.
+ */
+int srvrq_resolution_error_cb(struct dns_requester *requester, int error_code)
+{
+       struct server *s;
+       struct dns_srvrq *srvrq;
+       struct dns_resolution *res;
+       struct dns_resolvers *resolvers;
+       int exp;
+
+       /* SRV records */
+       srvrq = objt_dns_srvrq(requester->owner);
+       if (!srvrq)
+               return 1;
+
+       resolvers = srvrq->resolvers;
+       res = requester->resolution;
+
+       switch (res->status) {
+
+               case RSLV_STATUS_NX:
+                       /* stop server if resolution is NX for a long enough period */
+                       exp = tick_add(res->last_valid, resolvers->hold.nx);
+                       if (!tick_is_expired(exp, now_ms))
+                               return 1;
+                       break;
+
+               case RSLV_STATUS_TIMEOUT:
+                       /* stop server if resolution is TIMEOUT for a long enough period */
+                       exp = tick_add(res->last_valid, resolvers->hold.timeout);
+                       if (!tick_is_expired(exp, now_ms))
+                               return 1;
+                       break;
+
+               case RSLV_STATUS_REFUSED:
+                       /* stop server if resolution is REFUSED for a long enough period */
+                       exp = tick_add(res->last_valid, resolvers->hold.refused);
+                       if (!tick_is_expired(exp, now_ms))
+                               return 1;
+                       break;
+
+               default:
+                       /* stop server if resolution failed for a long enough period */
+                       exp = tick_add(res->last_valid, resolvers->hold.other);
+                       if (!tick_is_expired(exp, now_ms))
+                               return 1;
+       }
+
+       /* Remove any associated server */
+       for (s = srvrq->proxy->srv; s != NULL; s = s->next) {
+               HA_SPIN_LOCK(SERVER_LOCK, &s->lock);
+               if (s->srvrq == srvrq) {
+                       snr_update_srv_status(s, 1);
+                       free(s->hostname);
+                       free(s->hostname_dn);
+                       s->hostname        = NULL;
+                       s->hostname_dn     = NULL;
+                       s->hostname_dn_len = 0;
+                       dns_unlink_resolution(s->dns_requester);
+               }
+               HA_SPIN_UNLOCK(SERVER_LOCK, &s->lock);
+       }
+
+       return 1;
+}
+
+/*
  * Server Name Resolution error management callback
  * returns:
  *  0 on error