DNS name resolver improvements

- Cache intermediate CNAME records
- Bug fixes

Change-Id: I06dcb558212fc5e9434281493c872577cf9b83e1
Signed-off-by: Dave Barach <dave@barachs.net>
diff --git a/src/vnet/dns/dns.c b/src/vnet/dns/dns.c
index 90079e1..71ae7bb 100644
--- a/src/vnet/dns/dns.c
+++ b/src/vnet/dns/dns.c
@@ -523,6 +523,10 @@
   u8 *request;
   u32 qp_offset;
 
+  /* This can easily happen if sitting in GDB, etc. */
+  if (ep->flags & DNS_CACHE_ENTRY_FLAG_VALID)
+    return;
+
   /* Construct the dns request, if we haven't been here already */
   if (vec_len (ep->dns_request) == 0)
     {
@@ -628,7 +632,6 @@
     return VNET_API_ERROR_NO_SUCH_ENTRY;
 
   ep = pool_elt_at_index (dm->entries, index);
-
   if (!(ep->flags & DNS_CACHE_ENTRY_FLAG_VALID))
     {
       for (i = 0; i < vec_len (dm->unresolved_entries); i++)
@@ -772,6 +775,7 @@
   *retp = 0;
 
   dns_cache_lock (dm);
+search_again:
   p = hash_get_mem (dm->cache_entry_by_name, name);
   if (p)
     {
@@ -782,18 +786,70 @@
 	  if (((ep->flags & DNS_CACHE_ENTRY_FLAG_STATIC) == 0)
 	      && (now > ep->expiration_time))
 	    {
-	      clib_warning ("Re-resolve %s", name);
+	      int i;
+	      u32 *indices_to_delete = 0;
+
+	      /*
+	       * Take out the rest of the resolution chain
+	       * This isn't optimal, but it won't happen very often.
+	       */
+	      while (ep)
+		{
+		  if ((ep->flags & DNS_CACHE_ENTRY_FLAG_CNAME))
+		    {
+		      vec_add1 (indices_to_delete, ep - dm->entries);
+
+		      p = hash_get_mem (dm->cache_entry_by_name, ep->cname);
+		      if (!p)
+			break;
+		      ep = pool_elt_at_index (dm->entries, p[0]);
+		    }
+		  else
+		    {
+		      vec_add1 (indices_to_delete, ep - dm->entries);
+		      break;
+		    }
+		}
+	      for (i = 0; i < vec_len (indices_to_delete); i++)
+		{
+		  /* Reenable to watch re-resolutions */
+		  if (0)
+		    {
+		      ep = pool_elt_at_index (dm->entries,
+					      indices_to_delete[i]);
+		      clib_warning ("Re-resolve %s", ep->name);
+		    }
+
+		  vnet_dns_delete_entry_by_index_nolock
+		    (dm, indices_to_delete[i]);
+		}
+	      vec_free (indices_to_delete);
 	      /* Yes, kill it... */
-	      vnet_dns_delete_entry_by_index_nolock (dm, p[0]);
 	      goto re_resolve;
 	    }
 
+	  if (ep->flags & DNS_CACHE_ENTRY_FLAG_CNAME)
+	    {
+	      name = ep->cname;
+	      goto search_again;
+	    }
+
 	  /* Note: caller must drop the lock! */
 	  *retp = ep;
 	  return (0);
 	}
+      else
+	{
+	  /*
+	   * Resolution pending. Add request to the pending vector(s) */
+	  vec_add1 (ep->api_clients_to_notify, client_index);
+	  vec_add1 (ep->api_client_contexts, client_context);
+	  dns_cache_unlock (dm);
+	  return (0);
+	}
     }
 
+re_resolve:
   if (pool_elts (dm->entries) == dm->name_cache_size)
     {
       /* Will only fail if the cache is totally filled w/ static entries... */
@@ -805,7 +861,6 @@
 	}
     }
 
-re_resolve:
   /* add new hash table entry */
   pool_get (dm->entries, ep);
   memset (ep, 0, sizeof (*ep));
@@ -820,18 +875,22 @@
   vec_add1 (ep->api_client_contexts, client_context);
   vnet_send_dns_request (dm, ep);
   dns_cache_unlock (dm);
-
   return 0;
 }
 
+#define foreach_notification_to_move            \
+_(api_clients_to_notify)                        \
+_(api_client_contexts)                          \
+_(ip4_peers_to_notify)                          \
+_(ip6_peers_to_notify)
+
 /**
  * Handle cname indirection. JFC. Called with the cache locked.
  * returns 0 if the reply is not a CNAME.
  */
 
 int
-vnet_dns_cname_indirection_nolock (dns_main_t * dm, dns_cache_entry_t * ep,
-				   u8 * reply)
+vnet_dns_cname_indirection_nolock (dns_main_t * dm, u32 ep_index, u8 * reply)
 {
   dns_header_t *h;
   dns_query_t *qp;
@@ -844,6 +903,8 @@
   u32 qp_offset;
   u16 flags;
   u16 rcode;
+  dns_cache_entry_t *ep, *next_ep;
+  f64 now;
 
   h = (dns_header_t *) reply;
   flags = clib_net_to_host_u16 (h->flags);
@@ -891,11 +952,55 @@
   if (clib_net_to_host_u16 (rr->type) != DNS_TYPE_CNAME)
     return 0;
 
-  /* Crap. Chase the CNAME name chain. */
+  /* This is a CNAME record, chase the name chain. */
 
+  /* The last request is no longer pending.. */
+  for (i = 0; i < vec_len (dm->unresolved_entries); i++)
+    if (ep_index == dm->unresolved_entries[i])
+      {
+	vec_delete (dm->unresolved_entries, 1, i);
+	goto found_last_request;
+      }
+  clib_warning ("pool elt %d supposedly pending, but not found...", ep_index);
+
+found_last_request:
+
+  now = vlib_time_now (dm->vlib_main);
   cname = labels_to_name (rr->rdata, reply, &pos2);
+  /* Save the cname */
+  vec_add1 (cname, 0);
+  _vec_len (cname) -= 1;
+  ep = pool_elt_at_index (dm->entries, ep_index);
+  ep->cname = cname;
+  ep->flags |= (DNS_CACHE_ENTRY_FLAG_CNAME | DNS_CACHE_ENTRY_FLAG_VALID);
+  /* Save the response */
+  ep->dns_response = reply;
+  /* Set up expiration time */
+  ep->expiration_time = now + clib_net_to_host_u32 (rr->ttl);
+
+  pool_get (dm->entries, next_ep);
+
+  /* Need to recompute ep post pool-get */
+  ep = pool_elt_at_index (dm->entries, ep_index);
+
+  memset (next_ep, 0, sizeof (*next_ep));
+  next_ep->name = vec_dup (cname);
+  vec_add1 (next_ep->name, 0);
+  _vec_len (next_ep->name) -= 1;
+
+  hash_set_mem (dm->cache_entry_by_name, next_ep->name,
+		next_ep - dm->entries);
+
+  /* Use the same server */
+  next_ep->server_rotor = ep->server_rotor;
+  next_ep->server_af = ep->server_af;
+
+  /* Move notification data to the next name in the chain */
+#define _(a) next_ep->a = ep->a; ep->a = 0;
+  foreach_notification_to_move;
+#undef _
+
   request = name_to_labels (cname);
-  vec_free (cname);
 
   qp_offset = vec_len (request);
 
@@ -913,7 +1018,7 @@
   h = (dns_header_t *) request;
 
   /* Transaction ID = pool index */
-  h->id = clib_host_to_net_u16 (ep - dm->entries);
+  h->id = clib_host_to_net_u16 (next_ep - dm->entries);
 
   /* Ask for a recursive lookup */
   h->flags = clib_host_to_net_u16 (DNS_RD | DNS_OPCODE_QUERY);
@@ -921,22 +1026,17 @@
   h->nscount = 0;
   h->arcount = 0;
 
-  vec_free (ep->dns_request);
-  ep->dns_request = request;
-  ep->retry_timer = vlib_time_now (dm->vlib_main) + 2.0;
-  ep->retry_count = 0;
+  next_ep->dns_request = request;
+  next_ep->retry_timer = now + 2.0;
+  next_ep->retry_count = 0;
 
   /*
    * Enable this to watch recursive resolution happen...
    * fformat (stdout, "%U", format_dns_reply, request, 2);
    */
 
-  if (ep->server_af == 1 /* ip6 */ )
-    send_dns6_request (dm, ep, dm->ip6_name_servers + ep->server_rotor);
-  else
-    send_dns4_request (dm, ep, dm->ip4_name_servers + ep->server_rotor);
-
-  vec_free (reply);
+  vec_add1 (dm->unresolved_entries, next_ep - dm->entries);
+  vnet_send_dns_request (dm, next_ep);
   return (1);
 }
 
@@ -1461,6 +1561,31 @@
       pos += sizeof (*rr) + clib_net_to_host_u16 (rr->rdlength);
       break;
 
+    case DNS_TYPE_HINFO:
+      {
+	/* Two counted strings. DGMS */
+	u8 *len;
+	u8 *curpos;
+	int i;
+	if (verbose > 1)
+	  {
+	    s = format (s, "HINFO: ");
+	    len = rr->rdata;
+	    curpos = len + 1;
+	    for (i = 0; i < *len; i++)
+	      vec_add1 (s, *curpos++);
+
+	    vec_add1 (s, ' ');
+	    len = curpos++;
+	    for (i = 0; i < *len; i++)
+	      vec_add1 (s, *curpos++);
+
+	    vec_add1 (s, '\n');
+	  }
+      }
+      pos += sizeof (*rr) + clib_net_to_host_u16 (rr->rdlength);
+      break;
+
     case DNS_TYPE_NAMESERVER:
       if (verbose > 1)
 	{
@@ -1700,8 +1825,11 @@
 	      else
 		ss = "    ";
 
-	      s = format (s, "%s%s -> %U", ss, ep->name,
-			  format_dns_reply, ep->dns_response, verbose);
+	      if (verbose < 2 && ep->flags & DNS_CACHE_ENTRY_FLAG_CNAME)
+		s = format (s, "%s%s -> %s", ss, ep->name, ep->cname);
+	      else
+		s = format (s, "%s%s -> %U", ss, ep->name,
+			    format_dns_reply, ep->dns_response, verbose);
 	      if (!(ep->flags & DNS_CACHE_ENTRY_FLAG_STATIC))
 		{
 		  f64 time_left = ep->expiration_time - now;
@@ -1733,10 +1861,13 @@
         else
           ss = "    ";
 
-        s = format (s, "%s%s -> %U", ss, ep->name,
-                    format_dns_reply,
-                    ep->dns_response,
-                    verbose);
+        if (verbose < 2 && ep->flags & DNS_CACHE_ENTRY_FLAG_CNAME)
+          s = format (s, "%s%s -> %s", ss, ep->name, ep->cname);
+        else
+          s = format (s, "%s%s -> %U", ss, ep->name,
+                      format_dns_reply,
+                      ep->dns_response,
+                      verbose);
         if (!(ep->flags & DNS_CACHE_ENTRY_FLAG_STATIC))
           {
             f64 time_left = ep->expiration_time - now;
@@ -1744,6 +1875,10 @@
               s = format (s, "  TTL left %.1f", time_left);
             else
               s = format (s, "  EXPIRED");
+
+            if (verbose > 2)
+              s = format (s, "    %d client notifications pending\n",
+                          vec_len(ep->api_clients_to_notify));
           }
       }
     else
@@ -2103,6 +2238,50 @@
   .function = test_dns_unfmt_command_fn,
 };
 /* *INDENT-ON* */
+
+static clib_error_t *
+test_dns_expire_command_fn (vlib_main_t * vm,
+			    unformat_input_t * input,
+			    vlib_cli_command_t * cmd)
+{
+  dns_main_t *dm = &dns_main;
+  u8 *name;
+  uword *p;
+  clib_error_t *e;
+  dns_cache_entry_t *ep;
+
+  if (unformat (input, "%v", &name))
+    {
+      vec_add1 (name, 0);
+      _vec_len (name) -= 1;
+    }
+
+  dns_cache_lock (dm);
+
+  p = hash_get_mem (dm->cache_entry_by_name, name);
+  if (!p)
+    {
+      dns_cache_unlock (dm);
+      e = clib_error_return (0, "%s is not in the cache...", name);
+      vec_free (name);
+      return e;
+    }
+
+  ep = pool_elt_at_index (dm->entries, p[0]);
+
+  ep->expiration_time = 0;
+
+  return 0;
+}
+
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (test_dns_expire_command) =
+{
+  .path = "test dns expire",
+  .short_help = "test dns expire <name>",
+  .function = test_dns_expire_command_fn,
+};
+/* *INDENT-ON* */
 #endif
 
 /*
diff --git a/src/vnet/dns/dns.h b/src/vnet/dns/dns.h
index 5da2615..c55c6f3 100644
--- a/src/vnet/dns/dns.h
+++ b/src/vnet/dns/dns.h
@@ -32,6 +32,9 @@
   /** The name in "normal human being" notation, e.g. www.foobar.com */
   u8 *name;
 
+  /** For CNAME records, the "next name" to resolve */
+  u8 *cname;
+
   /** Expiration time */
   f64 expiration_time;
 
@@ -56,6 +59,7 @@
 
 #define DNS_CACHE_ENTRY_FLAG_VALID	(1<<0) /**< we have Actual Data */
 #define DNS_CACHE_ENTRY_FLAG_STATIC	(1<<1) /**< static entry */
+#define DNS_CACHE_ENTRY_FLAG_CNAME	(1<<2) /**< CNAME (indirect) entry */
 
 #define DNS_RETRIES_PER_SERVER 3
 
@@ -112,8 +116,9 @@
 } dns46_reply_error_t;
 
 void vnet_send_dns_request (dns_main_t * dm, dns_cache_entry_t * ep);
-int vnet_dns_cname_indirection_nolock (dns_main_t * dm,
-				       dns_cache_entry_t * ep, u8 * reply);
+int
+vnet_dns_cname_indirection_nolock (dns_main_t * dm, u32 ep_index, u8 * reply);
+
 int vnet_dns_delete_entry_by_index_nolock (dns_main_t * dm, u32 index);
 
 format_function_t format_dns_reply;
diff --git a/src/vnet/dns/dns_packet.h b/src/vnet/dns/dns_packet.h
index e0ea8fe..aa5daac 100644
--- a/src/vnet/dns/dns_packet.h
+++ b/src/vnet/dns/dns_packet.h
@@ -131,7 +131,8 @@
 _(TEXT, 16)     /**< a text string */           \
 _(NAMESERVER, 2) /**< a nameserver */           \
 _(CNAME, 5)      /**< a CNAME (alias) */	\
-_(MAIL_EXCHANGE, 15) /**< a mail exchange  */
+_(MAIL_EXCHANGE, 15) /**< a mail exchange  */	\
+_(HINFO, 13)	/**< Host info */
 
 typedef enum
 {
diff --git a/src/vnet/dns/resolver_process.c b/src/vnet/dns/resolver_process.c
index 91e5cef..5603371 100644
--- a/src/vnet/dns/resolver_process.c
+++ b/src/vnet/dns/resolver_process.c
@@ -81,7 +81,7 @@
     vec_free (ep->dns_response);
 
   /* Handle [sic] recursion AKA CNAME indirection */
-  if (vnet_dns_cname_indirection_nolock (dm, ep, reply))
+  if (vnet_dns_cname_indirection_nolock (dm, pool_index, reply))
     {
       dns_cache_unlock (dm);
       return;
@@ -120,6 +120,8 @@
   vec_free (ep->api_client_contexts);
 
   /* $$$ Add ip4/ip6 reply code */
+  vec_free (ep->ip4_peers_to_notify);
+  vec_free (ep->ip6_peers_to_notify);
 
   for (i = 0; i < vec_len (dm->unresolved_entries); i++)
     {
@@ -174,7 +176,6 @@
       ep = pool_elt_at_index (dm->entries, dm->unresolved_entries[i]);
 
       ASSERT ((ep->flags & DNS_CACHE_ENTRY_FLAG_VALID) == 0);
-
       vnet_send_dns_request (dm, ep);
       dns_cache_unlock (dm);
     }