CVE-2023-31442 Address DNS poisoning vulnerability (#385)

* CVE-2023-31442 Address DNS poisoning vulnerability (and DNS concurrency bug) * Remove sequential dns id generator * fix scalafmt * Fix bug in isSameQuestion And ensure that DnsClient only removes inflight messages when the questions match * fix up exception message to remove reference to 'sequence' generator * Add tests to failed commands and drop requests --------- Co-authored-by: PJ Fanning <pjfanning@users.noreply.github.com>
2023-06-14 19:38:20 +01:00 · 2023-06-14 19:38:20 +01:00 · c56edca78f
commit c56edca78f
parent fbf923fc68
11 changed files with 602 additions and 80 deletions
--- a/bench-jmh/src/main/scala/org/apache/pekko/io/dns/IdGeneratorBanchmark.scala
+++ b/bench-jmh/src/main/scala/org/apache/pekko/io/dns/IdGeneratorBanchmark.scala
@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * license agreements; and to You under the Apache License, version 2.0:
+ *
+ *   https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * This file is part of the Apache Pekko project, derived from Akka.
+ */
+
+package org.apache.pekko.io.dns
+
+import org.openjdk.jmh.annotations.{
+  Benchmark,
+  BenchmarkMode,
+  Fork,
+  Measurement,
+  Mode,
+  OutputTimeUnit,
+  Scope,
+  State,
+  Threads,
+  Warmup
+}
+
+import java.util.concurrent.{ ThreadLocalRandom, TimeUnit }
+import java.security.SecureRandom
+
+@BenchmarkMode(Array(Mode.Throughput))
+@OutputTimeUnit(TimeUnit.NANOSECONDS)
+@Warmup(iterations = 3, time = 5, timeUnit = TimeUnit.SECONDS)
+@Measurement(iterations = 3, time = 5)
+@Threads(8)
+@Fork(1)
+@State(Scope.Benchmark)
+class IdGeneratorBanchmark {
+  val threadLocalRandom = IdGenerator.random(ThreadLocalRandom.current())
+  val secureRandom = IdGenerator.random(new SecureRandom())
+
+  @Benchmark
+  def measureThreadLocalRandom(): Short = threadLocalRandom.nextId()
+
+  @Benchmark
+  def measureSecureRandom(): Short = secureRandom.nextId()
+}