Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-10-30 01:34:21 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
e2ece87035f67bbf6012b9feb8b7e79c9dba1353
coredns/plugin/file/lookup.go

398 lines
10 KiB
Go
Raw Normal View History

Implement a DNS zone Full implementation, DNS (and in the future DNSSEC). Returns answer in a hopefully standards compliant way. Testing with my miek.nl zone are included as well. This should correctly handle nodata, nxdomain and cnames.
2016-03-27 07:37:23 +01:00
package file
More stuff
2016-03-29 08:17:45 +01:00
import (
Remove context.Context from request.Request (#2726) * Remove context.Context from request.Request This removes the context from request.Request and makes all the changes in the code to make it compile again. It's all mechanical. It did unearth some weirdness in that the context was kept in handler structs which may cause havoc with concurrently handling of requests. Fixes #2721 Signed-off-by: Miek Gieben <miek@miek.nl> * Make test compile Signed-off-by: Miek Gieben <miek@miek.nl>
2019-03-26 14:37:30 +00:00
"context"
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
"github.com/coredns/coredns/plugin/file/rrutil"
Remove the word middleware (#1067) * Rename middleware to plugin first pass; mostly used 'sed', few spots where I manually changed text. This still builds a coredns binary. * fmt error * Rename AddMiddleware to AddPlugin * Readd AddMiddleware to remain backwards compat
2017-09-14 09:36:06 +01:00
"github.com/coredns/coredns/plugin/file/tree"
Fix import path `github.com/miekg/coredns` -> `github.com/coredns/coredns` (#547) This fix fixes import path from `github.com/miekg/coredns` -> `github.com/coredns/coredns`
2017-02-21 22:51:47 -08:00
"github.com/coredns/coredns/request"
add closest encloser stuff
2016-03-30 16:45:02 +00:00
More stuff
2016-03-29 08:17:45 +01:00
"github.com/miekg/dns"
)
Implement a DNS zone Full implementation, DNS (and in the future DNSSEC). Returns answer in a hopefully standards compliant way. Testing with my miek.nl zone are included as well. This should correctly handle nodata, nxdomain and cnames.
2016-03-27 07:37:23 +01:00
// Result is the result of a Lookup
type Result int
const (
Golint2 (#280) * Fix linter errors * More linting fixes * More docs and making members private that dont need to be public * Fix linter errors * More linting fixes * More docs and making members private that dont need to be public * More lint fixes This leaves: ~~~ middleware/kubernetes/nametemplate/nametemplate.go:64:6: exported type NameTemplate should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:71:1: exported method NameTemplate.SetTemplate should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:108:1: exported method NameTemplate.GetZoneFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:116:1: exported method NameTemplate.GetNamespaceFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:120:1: exported method NameTemplate.GetServiceFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:124:1: exported method NameTemplate.GetTypeFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:135:1: exported method NameTemplate.GetSymbolFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:167:1: exported method NameTemplate.IsValid should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:182:6: exported type NameValues should have comment or be unexported middleware/kubernetes/util/util.go:1:1: package comment should be of the form "Package util ..." middleware/kubernetes/util/util.go:27:2: exported const WildcardStar should have comment (or a comment on this block) or be unexported middleware/proxy/lookup.go:66:1: exported method Proxy.Forward should have comment or be unexported middleware/proxy/proxy.go:24:6: exported type Client should have comment or be unexported middleware/proxy/proxy.go:107:1: exported function Clients should have comment or be unexported middleware/proxy/reverseproxy.go:10:6: exported type ReverseProxy should have comment or be unexported middleware/proxy/reverseproxy.go:16:1: exported method ReverseProxy.ServeDNS should have comment or be unexported middleware/proxy/upstream.go:42:6: exported type Options should have comment or be unexported ~~~ I plan on reworking the proxy anyway, so I'll leave that be.
2016-09-23 09:14:12 +01:00
// Success is a successful lookup.
Implement a DNS zone Full implementation, DNS (and in the future DNSSEC). Returns answer in a hopefully standards compliant way. Testing with my miek.nl zone are included as well. This should correctly handle nodata, nxdomain and cnames.
2016-03-27 07:37:23 +01:00
Success Result = iota
Golint2 (#280) * Fix linter errors * More linting fixes * More docs and making members private that dont need to be public * Fix linter errors * More linting fixes * More docs and making members private that dont need to be public * More lint fixes This leaves: ~~~ middleware/kubernetes/nametemplate/nametemplate.go:64:6: exported type NameTemplate should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:71:1: exported method NameTemplate.SetTemplate should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:108:1: exported method NameTemplate.GetZoneFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:116:1: exported method NameTemplate.GetNamespaceFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:120:1: exported method NameTemplate.GetServiceFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:124:1: exported method NameTemplate.GetTypeFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:135:1: exported method NameTemplate.GetSymbolFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:167:1: exported method NameTemplate.IsValid should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:182:6: exported type NameValues should have comment or be unexported middleware/kubernetes/util/util.go:1:1: package comment should be of the form "Package util ..." middleware/kubernetes/util/util.go:27:2: exported const WildcardStar should have comment (or a comment on this block) or be unexported middleware/proxy/lookup.go:66:1: exported method Proxy.Forward should have comment or be unexported middleware/proxy/proxy.go:24:6: exported type Client should have comment or be unexported middleware/proxy/proxy.go:107:1: exported function Clients should have comment or be unexported middleware/proxy/reverseproxy.go:10:6: exported type ReverseProxy should have comment or be unexported middleware/proxy/reverseproxy.go:16:1: exported method ReverseProxy.ServeDNS should have comment or be unexported middleware/proxy/upstream.go:42:6: exported type Options should have comment or be unexported ~~~ I plan on reworking the proxy anyway, so I'll leave that be.
2016-09-23 09:14:12 +01:00
// NameError indicates a nameerror
Implement a DNS zone Full implementation, DNS (and in the future DNSSEC). Returns answer in a hopefully standards compliant way. Testing with my miek.nl zone are included as well. This should correctly handle nodata, nxdomain and cnames.
2016-03-27 07:37:23 +01:00
NameError
Golint2 (#280) * Fix linter errors * More linting fixes * More docs and making members private that dont need to be public * Fix linter errors * More linting fixes * More docs and making members private that dont need to be public * More lint fixes This leaves: ~~~ middleware/kubernetes/nametemplate/nametemplate.go:64:6: exported type NameTemplate should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:71:1: exported method NameTemplate.SetTemplate should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:108:1: exported method NameTemplate.GetZoneFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:116:1: exported method NameTemplate.GetNamespaceFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:120:1: exported method NameTemplate.GetServiceFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:124:1: exported method NameTemplate.GetTypeFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:135:1: exported method NameTemplate.GetSymbolFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:167:1: exported method NameTemplate.IsValid should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:182:6: exported type NameValues should have comment or be unexported middleware/kubernetes/util/util.go:1:1: package comment should be of the form "Package util ..." middleware/kubernetes/util/util.go:27:2: exported const WildcardStar should have comment (or a comment on this block) or be unexported middleware/proxy/lookup.go:66:1: exported method Proxy.Forward should have comment or be unexported middleware/proxy/proxy.go:24:6: exported type Client should have comment or be unexported middleware/proxy/proxy.go:107:1: exported function Clients should have comment or be unexported middleware/proxy/reverseproxy.go:10:6: exported type ReverseProxy should have comment or be unexported middleware/proxy/reverseproxy.go:16:1: exported method ReverseProxy.ServeDNS should have comment or be unexported middleware/proxy/upstream.go:42:6: exported type Options should have comment or be unexported ~~~ I plan on reworking the proxy anyway, so I'll leave that be.
2016-09-23 09:14:12 +01:00
// Delegation indicates the lookup resulted in a delegation.
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well.
2016-04-16 16:16:52 +01:00
Delegation
Golint2 (#280) * Fix linter errors * More linting fixes * More docs and making members private that dont need to be public * Fix linter errors * More linting fixes * More docs and making members private that dont need to be public * More lint fixes This leaves: ~~~ middleware/kubernetes/nametemplate/nametemplate.go:64:6: exported type NameTemplate should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:71:1: exported method NameTemplate.SetTemplate should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:108:1: exported method NameTemplate.GetZoneFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:116:1: exported method NameTemplate.GetNamespaceFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:120:1: exported method NameTemplate.GetServiceFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:124:1: exported method NameTemplate.GetTypeFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:135:1: exported method NameTemplate.GetSymbolFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:167:1: exported method NameTemplate.IsValid should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:182:6: exported type NameValues should have comment or be unexported middleware/kubernetes/util/util.go:1:1: package comment should be of the form "Package util ..." middleware/kubernetes/util/util.go:27:2: exported const WildcardStar should have comment (or a comment on this block) or be unexported middleware/proxy/lookup.go:66:1: exported method Proxy.Forward should have comment or be unexported middleware/proxy/proxy.go:24:6: exported type Client should have comment or be unexported middleware/proxy/proxy.go:107:1: exported function Clients should have comment or be unexported middleware/proxy/reverseproxy.go:10:6: exported type ReverseProxy should have comment or be unexported middleware/proxy/reverseproxy.go:16:1: exported method ReverseProxy.ServeDNS should have comment or be unexported middleware/proxy/upstream.go:42:6: exported type Options should have comment or be unexported ~~~ I plan on reworking the proxy anyway, so I'll leave that be.
2016-09-23 09:14:12 +01:00
// NoData indicates the lookup resulted in a NODATA.
More stuff
2016-03-29 08:17:45 +01:00
NoData
Golint2 (#280) * Fix linter errors * More linting fixes * More docs and making members private that dont need to be public * Fix linter errors * More linting fixes * More docs and making members private that dont need to be public * More lint fixes This leaves: ~~~ middleware/kubernetes/nametemplate/nametemplate.go:64:6: exported type NameTemplate should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:71:1: exported method NameTemplate.SetTemplate should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:108:1: exported method NameTemplate.GetZoneFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:116:1: exported method NameTemplate.GetNamespaceFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:120:1: exported method NameTemplate.GetServiceFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:124:1: exported method NameTemplate.GetTypeFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:135:1: exported method NameTemplate.GetSymbolFromSegmentArray should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:167:1: exported method NameTemplate.IsValid should have comment or be unexported middleware/kubernetes/nametemplate/nametemplate.go:182:6: exported type NameValues should have comment or be unexported middleware/kubernetes/util/util.go:1:1: package comment should be of the form "Package util ..." middleware/kubernetes/util/util.go:27:2: exported const WildcardStar should have comment (or a comment on this block) or be unexported middleware/proxy/lookup.go:66:1: exported method Proxy.Forward should have comment or be unexported middleware/proxy/proxy.go:24:6: exported type Client should have comment or be unexported middleware/proxy/proxy.go:107:1: exported function Clients should have comment or be unexported middleware/proxy/reverseproxy.go:10:6: exported type ReverseProxy should have comment or be unexported middleware/proxy/reverseproxy.go:16:1: exported method ReverseProxy.ServeDNS should have comment or be unexported middleware/proxy/upstream.go:42:6: exported type Options should have comment or be unexported ~~~ I plan on reworking the proxy anyway, so I'll leave that be.
2016-09-23 09:14:12 +01:00
// ServerFailure indicates a server failure during the lookup.
More stuff
2016-03-29 08:17:45 +01:00
ServerFailure
Implement a DNS zone Full implementation, DNS (and in the future DNSSEC). Returns answer in a hopefully standards compliant way. Testing with my miek.nl zone are included as well. This should correctly handle nodata, nxdomain and cnames.
2016-03-27 07:37:23 +01:00
)
empty non-terminal support When looking for a name in tree, return wether we got to a longer one - if so we had an ent. Add tests + dnssec tests and refactor the tests as well a bit.
2016-04-02 16:56:16 +01:00
// Lookup looks up qname and qtype in the zone. When do is true DNSSEC records are included.
More stuff
2016-03-29 08:17:45 +01:00
// Three sets of records are returned, one for the answer, one for authority and one for the additional section.
Remove context.Context from request.Request (#2726) * Remove context.Context from request.Request This removes the context from request.Request and makes all the changes in the code to make it compile again. It's all mechanical. It did unearth some weirdness in that the context was kept in handler structs which may cause havoc with concurrently handling of requests. Fixes #2721 Signed-off-by: Miek Gieben <miek@miek.nl> * Make test compile Signed-off-by: Miek Gieben <miek@miek.nl>
2019-03-26 14:37:30 +00:00
func (z *Zone) Lookup(ctx context.Context, state request.Request, qname string) ([]dns.RR, []dns.RR, []dns.RR, Result) {
Implement external lookups for CNAMEs
2016-11-10 07:48:47 +00:00
qtype := state.QType()
do := state.Do()
Misspell correction (#826) Did a `misspell . | grep -v ^vendor` and fixed several typos. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2017-08-04 09:06:06 -07:00
// If z is a secondary zone we might not have transferred it, meaning we have
middleware/secondary: fix crash with no zone (#680) When CoreDNS starts up and can't get a zone transfer going the Apex is empty. This `nil` is then transformed into wireformat, which fails with a nil pointer dereference in Go DNS. In this case we should just return SERVFAIL, because we don't have any info (yet). Note the lookup code returned NXDOMAIN, which is correct from a lookup standpoint, but also invalidates every name in the future loaded zone. Anyway, look for an apex before doing the lookup and return SERVFAIL if nothing is found. Fixes #679
2017-06-01 12:33:40 +01:00
// all zone context setup, except the actual record. This means (for one thing) the apex
// is empty and we don't have a SOA record.
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
z.RLock()
ap := z.Apex
tr := z.Tree
z.RUnlock()
if ap.SOA == nil {
middleware/secondary: fix crash with no zone (#680) When CoreDNS starts up and can't get a zone transfer going the Apex is empty. This `nil` is then transformed into wireformat, which fails with a nil pointer dereference in Go DNS. In this case we should just return SERVFAIL, because we don't have any info (yet). Note the lookup code returned NXDOMAIN, which is correct from a lookup standpoint, but also invalidates every name in the future loaded zone. Anyway, look for an apex before doing the lookup and return SERVFAIL if nothing is found. Fixes #679
2017-06-01 12:33:40 +01:00
return nil, nil, nil, ServerFailure
}
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
if qtype == dns.TypeSOA {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
return ap.soa(do), ap.ns(do), nil, Success
Implement a DNS zone Full implementation, DNS (and in the future DNSSEC). Returns answer in a hopefully standards compliant way. Testing with my miek.nl zone are included as well. This should correctly handle nodata, nxdomain and cnames.
2016-03-27 07:37:23 +01:00
}
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well.
2016-04-16 16:16:52 +01:00
if qtype == dns.TypeNS && qname == z.origin {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
nsrrs := ap.ns(do)
glue := tr.Glue(nsrrs, do) // technically this isn't glue
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
return nsrrs, nil, glue, Success
}
var (
found, shot bool
parts string
i int
elem, wildElem *tree.Elem
)
// Lookup:
// * Per label from the right, look if it exists. We do this to find potential
// delegation records.
// * If the per-label search finds nothing, we will look for the wildcard at the
// level. If found we keep it around. If we don't find the complete name we will
// use the wildcard.
//
// Main for-loop handles delegation and finding or not finding the qname.
middleware/file: add DNAME support (#651) * Test DNAME handling If the DNAME itself matches the QTYPE, and the owner name matches QNAME, the relevant DNAME RR should be included in the answer section. Other parts of RFC 6672 are not implemented yet and hence left untested. * Implement the DNAME substitution As specified in RFC 6672, a DNAME substitution is performed by replacing the suffix labels of the name being sought matching the owner name of the DNAME resource record with the string of labels in the RDATA field. The matching labels end with the root label in all cases. Only whole labels are replaced. * Handle DNAME redirection A CNAME RR is created on-the-fly for the DNAME redirection. Be aware that we do not have all the edge cases covered yet. * Test DNAME owner name matching the QNAME A DNAME RR redirects DNS names subordinate to its owner name; the owner name of a DNAME is NOT redirected itself. * Ignore names next to and below a DNAME record According to RFC 6672, resource records MUST NOT exist at any subdomain of the owner of a DNAME RR. When loading a zone, those names below the DNAME RR will be quietly ignored. * Streamline DNAME processing Instead of checking DNAMEs during lookup, we use a preloaded list of DNAME RRs to streamline the process without any runtime performance penalty: * When loading the zone, keep a record of any DNAME RRs. * If there aren't any DNAMEs in the zone, just do the lookup as usual. * Only when the zone has one or more DNAME records, we look for the matching DNAME and ignore confronting subdomain(s) in the process. * Make it easier to trace back through test errors * Make DNAME handling part of lookup routine DNAME processing is invoked only if the zone has at least one DNAME RR. * Put DNAME resolution inside the searching of a hit We can drop some of the other ideas; we don't need to track if we have DNAMEs in the zone it just follows naturally from the current lookup code. See also: #664
2017-05-26 17:37:06 +08:00
// If found we check if it is a CNAME/DNAME and do CNAME processing
typo fixes (#3169) * spelling fixes * its/it's
2019-08-21 16:08:55 -04:00
// We also check if we have type and do a nodata response.
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
//
// If not found, we check the potential wildcard, and use that for further processing.
// If not found and no wildcard we will process this as an NXDOMAIN response.
for {
parts, shot = z.nameFromRight(qname, i)
// We overshot the name, break and check if we previously found something.
if shot {
break
middleware/file: add test for reload (#361) This add a highlevel integration test for zone reloading. It also fixes a data race in the actual reloading process.
2016-10-27 21:01:04 +01:00
}
middleware/file: reload on file mv (#365) When a file is moved into position we should also reload the zones' content. This also fixes deadlock bug in the locking, a reload would block any further lookups.
2016-10-28 12:57:02 +01:00
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
elem, found = tr.Search(parts)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
if !found {
// Apex will always be found, when we are here we can search for a wildcard
// and save the result of that search. So when nothing match, but we have a
middleware/file: fix multiple wildcards (#787) Don't hold on to the *first* wildcard you'll find, but keep searching, there may be one even deeper in the tree. Also add multi level wildcard test Fixes #776
2017-07-24 14:21:40 -07:00
// wildcard we should expand the wildcard.
middleware/file: reload on file mv (#365) When a file is moved into position we should also reload the zones' content. This also fixes deadlock bug in the locking, a reload would block any further lookups.
2016-10-28 12:57:02 +01:00
middleware/file: fix multiple wildcards (#787) Don't hold on to the *first* wildcard you'll find, but keep searching, there may be one even deeper in the tree. Also add multi level wildcard test Fixes #776
2017-07-24 14:21:40 -07:00
wildcard := replaceWithAsteriskLabel(parts)
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
if wild, found := tr.Search(wildcard); found {
middleware/file: fix multiple wildcards (#787) Don't hold on to the *first* wildcard you'll find, but keep searching, there may be one even deeper in the tree. Also add multi level wildcard test Fixes #776
2017-07-24 14:21:40 -07:00
wildElem = wild
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
}
// Keep on searching, because maybe we hit an empty-non-terminal (which aren't
// stored in the tree. Only when we have match the full qname (and possible wildcard
// we can be confident that we didn't find anything.
i++
continue
middleware/file: add test for reload (#361) This add a highlevel integration test for zone reloading. It also fixes a data race in the actual reloading process.
2016-10-27 21:01:04 +01:00
}
Implement a DNS zone Full implementation, DNS (and in the future DNSSEC). Returns answer in a hopefully standards compliant way. Testing with my miek.nl zone are included as well. This should correctly handle nodata, nxdomain and cnames.
2016-03-27 07:37:23 +01:00
middleware/file: add DNAME support (#651) * Test DNAME handling If the DNAME itself matches the QTYPE, and the owner name matches QNAME, the relevant DNAME RR should be included in the answer section. Other parts of RFC 6672 are not implemented yet and hence left untested. * Implement the DNAME substitution As specified in RFC 6672, a DNAME substitution is performed by replacing the suffix labels of the name being sought matching the owner name of the DNAME resource record with the string of labels in the RDATA field. The matching labels end with the root label in all cases. Only whole labels are replaced. * Handle DNAME redirection A CNAME RR is created on-the-fly for the DNAME redirection. Be aware that we do not have all the edge cases covered yet. * Test DNAME owner name matching the QNAME A DNAME RR redirects DNS names subordinate to its owner name; the owner name of a DNAME is NOT redirected itself. * Ignore names next to and below a DNAME record According to RFC 6672, resource records MUST NOT exist at any subdomain of the owner of a DNAME RR. When loading a zone, those names below the DNAME RR will be quietly ignored. * Streamline DNAME processing Instead of checking DNAMEs during lookup, we use a preloaded list of DNAME RRs to streamline the process without any runtime performance penalty: * When loading the zone, keep a record of any DNAME RRs. * If there aren't any DNAMEs in the zone, just do the lookup as usual. * Only when the zone has one or more DNAME records, we look for the matching DNAME and ignore confronting subdomain(s) in the process. * Make it easier to trace back through test errors * Make DNAME handling part of lookup routine DNAME processing is invoked only if the zone has at least one DNAME RR. * Put DNAME resolution inside the searching of a hit We can drop some of the other ideas; we don't need to track if we have DNAMEs in the zone it just follows naturally from the current lookup code. See also: #664
2017-05-26 17:37:06 +08:00
// If we see DNAME records, we should return those.
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
if dnamerrs := elem.Type(dns.TypeDNAME); dnamerrs != nil {
middleware/file: add DNSSEC support (#697) * middleware/file: add DNSSEC support Add tests for DNSSEC and check if everything is working. * add signatures * tweak * Add DNSSEC signing tests for DNAME * Just sign it all
2017-06-02 17:18:58 +01:00
// Only one DNAME is allowed per name. We just pick the first one to synthesize from.
middleware/file: add DNAME support (#651) * Test DNAME handling If the DNAME itself matches the QTYPE, and the owner name matches QNAME, the relevant DNAME RR should be included in the answer section. Other parts of RFC 6672 are not implemented yet and hence left untested. * Implement the DNAME substitution As specified in RFC 6672, a DNAME substitution is performed by replacing the suffix labels of the name being sought matching the owner name of the DNAME resource record with the string of labels in the RDATA field. The matching labels end with the root label in all cases. Only whole labels are replaced. * Handle DNAME redirection A CNAME RR is created on-the-fly for the DNAME redirection. Be aware that we do not have all the edge cases covered yet. * Test DNAME owner name matching the QNAME A DNAME RR redirects DNS names subordinate to its owner name; the owner name of a DNAME is NOT redirected itself. * Ignore names next to and below a DNAME record According to RFC 6672, resource records MUST NOT exist at any subdomain of the owner of a DNAME RR. When loading a zone, those names below the DNAME RR will be quietly ignored. * Streamline DNAME processing Instead of checking DNAMEs during lookup, we use a preloaded list of DNAME RRs to streamline the process without any runtime performance penalty: * When loading the zone, keep a record of any DNAME RRs. * If there aren't any DNAMEs in the zone, just do the lookup as usual. * Only when the zone has one or more DNAME records, we look for the matching DNAME and ignore confronting subdomain(s) in the process. * Make it easier to trace back through test errors * Make DNAME handling part of lookup routine DNAME processing is invoked only if the zone has at least one DNAME RR. * Put DNAME resolution inside the searching of a hit We can drop some of the other ideas; we don't need to track if we have DNAMEs in the zone it just follows naturally from the current lookup code. See also: #664
2017-05-26 17:37:06 +08:00
dname := dnamerrs[0]
if cname := synthesizeCNAME(state.Name(), dname.(*dns.DNAME)); cname != nil {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
answer, ns, extra, rcode := z.externalLookup(ctx, state, elem, []dns.RR{cname})
middleware/file: add DNAME support (#651) * Test DNAME handling If the DNAME itself matches the QTYPE, and the owner name matches QNAME, the relevant DNAME RR should be included in the answer section. Other parts of RFC 6672 are not implemented yet and hence left untested. * Implement the DNAME substitution As specified in RFC 6672, a DNAME substitution is performed by replacing the suffix labels of the name being sought matching the owner name of the DNAME resource record with the string of labels in the RDATA field. The matching labels end with the root label in all cases. Only whole labels are replaced. * Handle DNAME redirection A CNAME RR is created on-the-fly for the DNAME redirection. Be aware that we do not have all the edge cases covered yet. * Test DNAME owner name matching the QNAME A DNAME RR redirects DNS names subordinate to its owner name; the owner name of a DNAME is NOT redirected itself. * Ignore names next to and below a DNAME record According to RFC 6672, resource records MUST NOT exist at any subdomain of the owner of a DNAME RR. When loading a zone, those names below the DNAME RR will be quietly ignored. * Streamline DNAME processing Instead of checking DNAMEs during lookup, we use a preloaded list of DNAME RRs to streamline the process without any runtime performance penalty: * When loading the zone, keep a record of any DNAME RRs. * If there aren't any DNAMEs in the zone, just do the lookup as usual. * Only when the zone has one or more DNAME records, we look for the matching DNAME and ignore confronting subdomain(s) in the process. * Make it easier to trace back through test errors * Make DNAME handling part of lookup routine DNAME processing is invoked only if the zone has at least one DNAME RR. * Put DNAME resolution inside the searching of a hit We can drop some of the other ideas; we don't need to track if we have DNAMEs in the zone it just follows naturally from the current lookup code. See also: #664
2017-05-26 17:37:06 +08:00
middleware/file: add DNSSEC support (#697) * middleware/file: add DNSSEC support Add tests for DNSSEC and check if everything is working. * add signatures * tweak * Add DNSSEC signing tests for DNAME * Just sign it all
2017-06-02 17:18:58 +01:00
if do {
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
sigs := elem.Type(dns.TypeRRSIG)
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
sigs = rrutil.SubTypeSignature(sigs, dns.TypeDNAME)
middleware/file: add DNSSEC support (#697) * middleware/file: add DNSSEC support Add tests for DNSSEC and check if everything is working. * add signatures * tweak * Add DNSSEC signing tests for DNAME * Just sign it all
2017-06-02 17:18:58 +01:00
dnamerrs = append(dnamerrs, sigs...)
}
middleware/file: add DNAME support (#651) * Test DNAME handling If the DNAME itself matches the QTYPE, and the owner name matches QNAME, the relevant DNAME RR should be included in the answer section. Other parts of RFC 6672 are not implemented yet and hence left untested. * Implement the DNAME substitution As specified in RFC 6672, a DNAME substitution is performed by replacing the suffix labels of the name being sought matching the owner name of the DNAME resource record with the string of labels in the RDATA field. The matching labels end with the root label in all cases. Only whole labels are replaced. * Handle DNAME redirection A CNAME RR is created on-the-fly for the DNAME redirection. Be aware that we do not have all the edge cases covered yet. * Test DNAME owner name matching the QNAME A DNAME RR redirects DNS names subordinate to its owner name; the owner name of a DNAME is NOT redirected itself. * Ignore names next to and below a DNAME record According to RFC 6672, resource records MUST NOT exist at any subdomain of the owner of a DNAME RR. When loading a zone, those names below the DNAME RR will be quietly ignored. * Streamline DNAME processing Instead of checking DNAMEs during lookup, we use a preloaded list of DNAME RRs to streamline the process without any runtime performance penalty: * When loading the zone, keep a record of any DNAME RRs. * If there aren't any DNAMEs in the zone, just do the lookup as usual. * Only when the zone has one or more DNAME records, we look for the matching DNAME and ignore confronting subdomain(s) in the process. * Make it easier to trace back through test errors * Make DNAME handling part of lookup routine DNAME processing is invoked only if the zone has at least one DNAME RR. * Put DNAME resolution inside the searching of a hit We can drop some of the other ideas; we don't need to track if we have DNAMEs in the zone it just follows naturally from the current lookup code. See also: #664
2017-05-26 17:37:06 +08:00
// The relevant DNAME RR should be included in the answer section,
// if the DNAME is being employed as a substitution instruction.
middleware/file: add DNSSEC support (#697) * middleware/file: add DNSSEC support Add tests for DNSSEC and check if everything is working. * add signatures * tweak * Add DNSSEC signing tests for DNAME * Just sign it all
2017-06-02 17:18:58 +01:00
answer = append(dnamerrs, answer...)
middleware/file: add DNAME support (#651) * Test DNAME handling If the DNAME itself matches the QTYPE, and the owner name matches QNAME, the relevant DNAME RR should be included in the answer section. Other parts of RFC 6672 are not implemented yet and hence left untested. * Implement the DNAME substitution As specified in RFC 6672, a DNAME substitution is performed by replacing the suffix labels of the name being sought matching the owner name of the DNAME resource record with the string of labels in the RDATA field. The matching labels end with the root label in all cases. Only whole labels are replaced. * Handle DNAME redirection A CNAME RR is created on-the-fly for the DNAME redirection. Be aware that we do not have all the edge cases covered yet. * Test DNAME owner name matching the QNAME A DNAME RR redirects DNS names subordinate to its owner name; the owner name of a DNAME is NOT redirected itself. * Ignore names next to and below a DNAME record According to RFC 6672, resource records MUST NOT exist at any subdomain of the owner of a DNAME RR. When loading a zone, those names below the DNAME RR will be quietly ignored. * Streamline DNAME processing Instead of checking DNAMEs during lookup, we use a preloaded list of DNAME RRs to streamline the process without any runtime performance penalty: * When loading the zone, keep a record of any DNAME RRs. * If there aren't any DNAMEs in the zone, just do the lookup as usual. * Only when the zone has one or more DNAME records, we look for the matching DNAME and ignore confronting subdomain(s) in the process. * Make it easier to trace back through test errors * Make DNAME handling part of lookup routine DNAME processing is invoked only if the zone has at least one DNAME RR. * Put DNAME resolution inside the searching of a hit We can drop some of the other ideas; we don't need to track if we have DNAMEs in the zone it just follows naturally from the current lookup code. See also: #664
2017-05-26 17:37:06 +08:00
return answer, ns, extra, rcode
}
// The domain name that owns a DNAME record is allowed to have other RR types
// at that domain name, except those have restrictions on what they can coexist
// with (e.g. another DNAME). So there is nothing special left here.
}
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
// If we see NS records, it means the name as been delegated, and we should return the delegation.
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
if nsrrs := elem.Type(dns.TypeNS); nsrrs != nil {
plugin/file: Fix response for qtype=DS (#1300) DS is peculiar and needs some special cases to do the right things. For a direct query return the DS, but if we're hitting below the delegation return the NS+DS in a delegation response.
2017-12-11 14:17:41 +00:00
// If the query is specifically for DS and the qname matches the delegated name, we should
// return the DS in the answer section and leave the rest empty, i.e. just continue the loop
// and continue searching.
if qtype == dns.TypeDS && elem.Name() == qname {
i++
continue
}
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
glue := tr.Glue(nsrrs, do)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
if do {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
dss := typeFromElem(elem, dns.TypeDS, do)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
nsrrs = append(nsrrs, dss...)
}
return nil, nsrrs, glue, Delegation
}
i++
middleware/file: add test for reload (#361) This add a highlevel integration test for zone reloading. It also fixes a data race in the actual reloading process.
2016-10-27 21:01:04 +01:00
}
middleware/file: reload on file mv (#365) When a file is moved into position we should also reload the zones' content. This also fixes deadlock bug in the locking, a reload would block any further lookups.
2016-10-28 12:57:02 +01:00
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
// What does found and !shot mean - do we ever hit it?
if found && !shot {
return nil, nil, nil, ServerFailure
middleware/file: add test for reload (#361) This add a highlevel integration test for zone reloading. It also fixes a data race in the actual reloading process.
2016-10-27 21:01:04 +01:00
}
middleware/file: reload on file mv (#365) When a file is moved into position we should also reload the zones' content. This also fixes deadlock bug in the locking, a reload would block any further lookups.
2016-10-28 12:57:02 +01:00
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
// Found entire name.
if found && shot {
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
if rrs := elem.Type(dns.TypeCNAME); len(rrs) > 0 && qtype != dns.TypeCNAME {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
return z.externalLookup(ctx, state, elem, rrs)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
}
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
rrs := elem.Type(qtype)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
// NODATA
if len(rrs) == 0 {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
ret := ap.soa(do)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
if do {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
nsec := typeFromElem(elem, dns.TypeNSEC, do)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
ret = append(ret, nsec...)
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well.
2016-04-16 16:16:52 +01:00
}
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
return nil, ret, nil, NoData
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well.
2016-04-16 16:16:52 +01:00
}
Get positive dnssec stuff going
2016-03-28 21:18:16 +01:00
typo fixes (#3169) * spelling fixes * its/it's
2019-08-21 16:08:55 -04:00
// Additional section processing for MX, SRV. Check response and see if any of the names are in bailiwick -
middleware/file: additional section processing (#531) Add additional section processing for MX and SRV records. Update the tests.
2017-02-19 20:42:34 +00:00
// if so add IP addresses to the additional section.
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
additional := z.additionalProcessing(rrs, do)
middleware/file: additional section processing (#531) Add additional section processing for MX and SRV records. Update the tests.
2017-02-19 20:42:34 +00:00
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
if do {
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
sigs := elem.Type(dns.TypeRRSIG)
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
sigs = rrutil.SubTypeSignature(sigs, qtype)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
rrs = append(rrs, sigs...)
}
Implement a DNS zone Full implementation, DNS (and in the future DNSSEC). Returns answer in a hopefully standards compliant way. Testing with my miek.nl zone are included as well. This should correctly handle nodata, nxdomain and cnames.
2016-03-27 07:37:23 +01:00
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
return rrs, ap.ns(do), additional, Success
Fix positive replies
2016-03-29 13:22:17 +00:00
Implement a DNS zone Full implementation, DNS (and in the future DNSSEC). Returns answer in a hopefully standards compliant way. Testing with my miek.nl zone are included as well. This should correctly handle nodata, nxdomain and cnames.
2016-03-27 07:37:23 +01:00
}
middleware/file: proper support for wildcard (#323) Add support for wildcard records, while taking care of wildcard-cnames and DNSSEC. Add enough tests to check all the corner cases.
2016-10-08 15:22:31 +01:00
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
// Haven't found the original name.
Implement a DNS zone Full implementation, DNS (and in the future DNSSEC). Returns answer in a hopefully standards compliant way. Testing with my miek.nl zone are included as well. This should correctly handle nodata, nxdomain and cnames.
2016-03-27 07:37:23 +01:00
middleware/file: add nsec for wildcard expansion (#382) A NSEC record is need to deny any other name that might exist. Also don't blindly perform the interface conversion when getting glue for NS records as they now may include RRSIG - also add tests for that.
2016-11-06 08:32:07 +00:00
// Found wildcard.
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
if wildElem != nil {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
auth := ap.ns(do)
empty non-terminal support When looking for a name in tree, return wether we got to a longer one - if so we had an ent. Add tests + dnssec tests and refactor the tests as well a bit.
2016-04-02 16:56:16 +01:00
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
if rrs := wildElem.TypeForWildcard(dns.TypeCNAME, qname); len(rrs) > 0 {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
return z.externalLookup(ctx, state, wildElem, rrs)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
}
empty non-terminal support When looking for a name in tree, return wether we got to a longer one - if so we had an ent. Add tests + dnssec tests and refactor the tests as well a bit.
2016-04-02 16:56:16 +01:00
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
rrs := wildElem.TypeForWildcard(qtype, qname)
Positive wildcare replies Reply to queries when you have a wildcard in the zone. This works for DNS and DNSSEC. Thing missing is NODATA responses for that specific wildcard. Add wildcard_test.go as well.
2016-03-31 09:25:22 +00:00
middleware/file: add nsec for wildcard expansion (#382) A NSEC record is need to deny any other name that might exist. Also don't blindly perform the interface conversion when getting glue for NS records as they now may include RRSIG - also add tests for that.
2016-11-06 08:32:07 +00:00
// NODATA response.
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
if len(rrs) == 0 {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
ret := ap.soa(do)
Positive wildcare replies Reply to queries when you have a wildcard in the zone. This works for DNS and DNSSEC. Thing missing is NODATA responses for that specific wildcard. Add wildcard_test.go as well.
2016-03-31 09:25:22 +00:00
if do {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
nsec := typeFromElem(wildElem, dns.TypeNSEC, do)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
ret = append(ret, nsec...)
Positive wildcare replies Reply to queries when you have a wildcard in the zone. This works for DNS and DNSSEC. Thing missing is NODATA responses for that specific wildcard. Add wildcard_test.go as well.
2016-03-31 09:25:22 +00:00
}
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
return nil, ret, nil, Success
}
middleware/file: add nsec for wildcard expansion (#382) A NSEC record is need to deny any other name that might exist. Also don't blindly perform the interface conversion when getting glue for NS records as they now may include RRSIG - also add tests for that.
2016-11-06 08:32:07 +00:00
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
if do {
middleware/file: add nsec for wildcard expansion (#382) A NSEC record is need to deny any other name that might exist. Also don't blindly perform the interface conversion when getting glue for NS records as they now may include RRSIG - also add tests for that.
2016-11-06 08:32:07 +00:00
// An NSEC is needed to say no longer name exists under this wildcard.
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
if deny, found := tr.Prev(qname); found {
nsec := typeFromElem(deny, dns.TypeNSEC, do)
middleware/file: add nsec for wildcard expansion (#382) A NSEC record is need to deny any other name that might exist. Also don't blindly perform the interface conversion when getting glue for NS records as they now may include RRSIG - also add tests for that.
2016-11-06 08:32:07 +00:00
auth = append(auth, nsec...)
}
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
sigs := wildElem.TypeForWildcard(dns.TypeRRSIG, qname)
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
sigs = rrutil.SubTypeSignature(sigs, qtype)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
rrs = append(rrs, sigs...)
Positive wildcare replies Reply to queries when you have a wildcard in the zone. This works for DNS and DNSSEC. Thing missing is NODATA responses for that specific wildcard. Add wildcard_test.go as well.
2016-03-31 09:25:22 +00:00
}
middleware/file: add nsec for wildcard expansion (#382) A NSEC record is need to deny any other name that might exist. Also don't blindly perform the interface conversion when getting glue for NS records as they now may include RRSIG - also add tests for that.
2016-11-06 08:32:07 +00:00
return rrs, auth, nil, Success
Positive wildcare replies Reply to queries when you have a wildcard in the zone. This works for DNS and DNSSEC. Thing missing is NODATA responses for that specific wildcard. Add wildcard_test.go as well.
2016-03-31 09:25:22 +00:00
}
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
rcode := NameError
// Hacky way to get around empty-non-terminals. If a longer name does exist, but this qname, does not, it
middleware/file: additional section processing (#531) Add additional section processing for MX and SRV records. Update the tests.
2017-02-19 20:42:34 +00:00
// must be an empty-non-terminal. If so, we do the proper NXDOMAIN handling, but set the rcode to be success.
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
if x, found := tr.Next(qname); found {
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
if dns.IsSubDomain(qname, x.Name()) {
rcode = Success
}
}
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
ret := ap.soa(do)
Get positive dnssec stuff going
2016-03-28 21:18:16 +01:00
if do {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
deny, found := tr.Prev(qname)
plugin/file: fix crash (#1301) When z.Tree.Prev returns zero we should break out of this loop, not use elem as if nothing has happened. Can be triggered by sending edns0 to unsigned zone.
2017-12-11 14:32:51 +00:00
if !found {
goto Out
}
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
nsec := typeFromElem(deny, dns.TypeNSEC, do)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
ret = append(ret, nsec...)
if rcode != NameError {
goto Out
}
ce, found := z.ClosestEncloser(qname)
// wildcard denial only for NXDOMAIN
if found {
// wildcard denial
wildcard := "*." + ce.Name()
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
if ss, found := tr.Prev(wildcard); found {
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
// Only add this nsec if it is different than the one already added
if ss.Name() != deny.Name() {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
nsec := typeFromElem(ss, dns.TypeNSEC, do)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
ret = append(ret, nsec...)
}
}
}
Get positive dnssec stuff going
2016-03-28 21:18:16 +01:00
}
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
Out:
return nil, ret, nil, rcode
More stuff
2016-03-29 08:17:45 +01:00
}
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
// typeFromElem returns the type tp from e and adds signatures (if they exist) and do is true.
func typeFromElem(elem *tree.Elem, tp uint16, do bool) []dns.RR {
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
rrs := elem.Type(tp)
More stuff
2016-03-29 08:17:45 +01:00
if do {
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
sigs := elem.Type(dns.TypeRRSIG)
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
sigs = rrutil.SubTypeSignature(sigs, tp)
rrs = append(rrs, sigs...)
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well.
2016-04-16 16:16:52 +01:00
}
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
return rrs
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well.
2016-04-16 16:16:52 +01:00
}
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
func (a Apex) soa(do bool) []dns.RR {
middleware/file: Support delegations (#124) Return a delegation when seeing one while traversing the tree in search of an answer. Put the SOA and NS record in the zone.Apex as these are to be handled somewhat special. Lowercase record on insert to make compares easier. This lowercases all RR that have domain names in their rdata as well.
2016-04-16 16:16:52 +01:00
if do {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
ret := append([]dns.RR{a.SOA}, a.SIGSOA...)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
return ret
More stuff
2016-03-29 08:17:45 +01:00
}
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
return []dns.RR{a.SOA}
More stuff
2016-03-29 08:17:45 +01:00
}
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
func (a Apex) ns(do bool) []dns.RR {
More stuff
2016-03-29 08:17:45 +01:00
if do {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
ret := append(a.NS, a.SIGNS...)
middleware/file: fix delegations (#376) Fix the delegation handling in the *file* and *dnssec* middleware. Refactor tests a bit and show that they are failling. Add a Tree printer, cleanups and tests. Fix wildcard test - should get no answer from empty-non-terminal
2016-11-05 14:39:49 +00:00
return ret
More stuff
2016-03-29 08:17:45 +01:00
}
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
return a.NS
Implement a DNS zone Full implementation, DNS (and in the future DNSSEC). Returns answer in a hopefully standards compliant way. Testing with my miek.nl zone are included as well. This should correctly handle nodata, nxdomain and cnames.
2016-03-27 07:37:23 +01:00
}
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
// externalLookup adds signatures and tries to resolve CNAMEs that point to external names.
func (z *Zone) externalLookup(ctx context.Context, state request.Request, elem *tree.Elem, rrs []dns.RR) ([]dns.RR, []dns.RR, []dns.RR, Result) {
Implement external lookups for CNAMEs
2016-11-10 07:48:47 +00:00
qtype := state.QType()
do := state.Do()
middleware/file: Add CNAME chain support (#400) Up till now we would only chase 1 CNAME. Spec requires we will chase all. This PR add support for this. Up to 8 CNAMEs are chased (this could be longer, by just checking for cycles, but 8 seems enough for now). Also add RRSIG of the first CNAME for DNSSEC.
2016-11-09 10:02:26 +00:00
if do {
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
sigs := elem.Type(dns.TypeRRSIG)
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
sigs = rrutil.SubTypeSignature(sigs, dns.TypeCNAME)
rrs = append(rrs, sigs...)
middleware/file: Add CNAME chain support (#400) Up till now we would only chase 1 CNAME. Spec requires we will chase all. This PR add support for this. Up to 8 CNAMEs are chased (this could be longer, by just checking for cycles, but 8 seems enough for now). Also add RRSIG of the first CNAME for DNSSEC.
2016-11-09 10:02:26 +00:00
}
middleware/{file, auto}: resolve external CNAMEs Do the same thing as in etcd and give the option of externally resolving CNAME. This is needed when CoreDNS is a proxy as well is serving zones.
2016-11-09 21:26:49 +00:00
targetName := rrs[0].(*dns.CNAME).Target
elem, _ = z.Tree.Search(targetName)
Get positive dnssec stuff going
2016-03-28 21:18:16 +01:00
if elem == nil {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
rrs = append(rrs, z.doLookup(ctx, state, targetName, qtype)...)
return rrs, z.Apex.ns(do), nil, Success
Get positive dnssec stuff going
2016-03-28 21:18:16 +01:00
}
middleware/file: proper support for wildcard (#323) Add support for wildcard records, while taking care of wildcard-cnames and DNSSEC. Add enough tests to check all the corner cases.
2016-10-08 15:22:31 +01:00
middleware/file: Add CNAME chain support (#400) Up till now we would only chase 1 CNAME. Spec requires we will chase all. This PR add support for this. Up to 8 CNAMEs are chased (this could be longer, by just checking for cycles, but 8 seems enough for now). Also add RRSIG of the first CNAME for DNSSEC.
2016-11-09 10:02:26 +00:00
i := 0
Redo:
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
cname := elem.Type(dns.TypeCNAME)
middleware/file: Add CNAME chain support (#400) Up till now we would only chase 1 CNAME. Spec requires we will chase all. This PR add support for this. Up to 8 CNAMEs are chased (this could be longer, by just checking for cycles, but 8 seems enough for now). Also add RRSIG of the first CNAME for DNSSEC.
2016-11-09 10:02:26 +00:00
if len(cname) > 0 {
rrs = append(rrs, cname...)
if do {
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
sigs := elem.Type(dns.TypeRRSIG)
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
sigs = rrutil.SubTypeSignature(sigs, dns.TypeCNAME)
rrs = append(rrs, sigs...)
middleware/file: Add CNAME chain support (#400) Up till now we would only chase 1 CNAME. Spec requires we will chase all. This PR add support for this. Up to 8 CNAMEs are chased (this could be longer, by just checking for cycles, but 8 seems enough for now). Also add RRSIG of the first CNAME for DNSSEC.
2016-11-09 10:02:26 +00:00
}
middleware/{file, auto}: resolve external CNAMEs Do the same thing as in etcd and give the option of externally resolving CNAME. This is needed when CoreDNS is a proxy as well is serving zones.
2016-11-09 21:26:49 +00:00
targetName := cname[0].(*dns.CNAME).Target
elem, _ = z.Tree.Search(targetName)
middleware/file: Add CNAME chain support (#400) Up till now we would only chase 1 CNAME. Spec requires we will chase all. This PR add support for this. Up to 8 CNAMEs are chased (this could be longer, by just checking for cycles, but 8 seems enough for now). Also add RRSIG of the first CNAME for DNSSEC.
2016-11-09 10:02:26 +00:00
if elem == nil {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
rrs = append(rrs, z.doLookup(ctx, state, targetName, qtype)...)
return rrs, z.Apex.ns(do), nil, Success
middleware/file: Add CNAME chain support (#400) Up till now we would only chase 1 CNAME. Spec requires we will chase all. This PR add support for this. Up to 8 CNAMEs are chased (this could be longer, by just checking for cycles, but 8 seems enough for now). Also add RRSIG of the first CNAME for DNSSEC.
2016-11-09 10:02:26 +00:00
}
i++
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
if i > 8 {
return rrs, z.Apex.ns(do), nil, Success
middleware/file: Add CNAME chain support (#400) Up till now we would only chase 1 CNAME. Spec requires we will chase all. This PR add support for this. Up to 8 CNAMEs are chased (this could be longer, by just checking for cycles, but 8 seems enough for now). Also add RRSIG of the first CNAME for DNSSEC.
2016-11-09 10:02:26 +00:00
}
goto Redo
}
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
targets := rrutil.CNAMEForType(elem.All(), qtype)
middleware/file: Add CNAME chain support (#400) Up till now we would only chase 1 CNAME. Spec requires we will chase all. This PR add support for this. Up to 8 CNAMEs are chased (this could be longer, by just checking for cycles, but 8 seems enough for now). Also add RRSIG of the first CNAME for DNSSEC.
2016-11-09 10:02:26 +00:00
if len(targets) > 0 {
rrs = append(rrs, targets...)
if do {
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
sigs := elem.Type(dns.TypeRRSIG)
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
sigs = rrutil.SubTypeSignature(sigs, qtype)
rrs = append(rrs, sigs...)
Get positive dnssec stuff going
2016-03-28 21:18:16 +01:00
}
}
middleware/file: Add CNAME chain support (#400) Up till now we would only chase 1 CNAME. Spec requires we will chase all. This PR add support for this. Up to 8 CNAMEs are chased (this could be longer, by just checking for cycles, but 8 seems enough for now). Also add RRSIG of the first CNAME for DNSSEC.
2016-11-09 10:02:26 +00:00
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
return rrs, z.Apex.ns(do), nil, Success
Get positive dnssec stuff going
2016-03-28 21:18:16 +01:00
}
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
func (z *Zone) doLookup(ctx context.Context, state request.Request, target string, qtype uint16) []dns.RR {
Remove context.Context from request.Request (#2726) * Remove context.Context from request.Request This removes the context from request.Request and makes all the changes in the code to make it compile again. It's all mechanical. It did unearth some weirdness in that the context was kept in handler structs which may cause havoc with concurrently handling of requests. Fixes #2721 Signed-off-by: Miek Gieben <miek@miek.nl> * Make test compile Signed-off-by: Miek Gieben <miek@miek.nl>
2019-03-26 14:37:30 +00:00
m, e := z.Upstream.Lookup(ctx, state, target, qtype)
Compile fixes and make it work
2016-11-10 12:58:40 +00:00
if e != nil {
plugin/file: fix local CNAME lookup (#1866) * plugin/file: fix local CNAME lookup Issue #1864 explains it will, when we serve the child zone as well we should just recursive into ourself (upstream self). Thus relax the IsSubDomain check in file/lookup.go and just query (even if the query will hit a remote server). I've looped over all other plugins that do something similar (CNAME resolving) and they didn't do the IsSubDomain check; therefor I've removed it from *file* as well. Added test in file_upstream_test that shows this failed before but now results in a reply. Fixes #1864 * self does not need to be exported * Fix test We don't know if we had a valid reply. Check this.
2018-06-12 14:54:37 +01:00
return nil
}
if m == nil {
Implement external lookups for CNAMEs
2016-11-10 07:48:47 +00:00
return nil
}
return m.Answer
}
middleware/file: additional section processing (#531) Add additional section processing for MX and SRV records. Update the tests.
2017-02-19 20:42:34 +00:00
// additionalProcessing checks the current answer section and retrieves A or AAAA records
// (and possible SIGs) to need to be put in the additional section.
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
func (z *Zone) additionalProcessing(answer []dns.RR, do bool) (extra []dns.RR) {
middleware/file: additional section processing (#531) Add additional section processing for MX and SRV records. Update the tests.
2017-02-19 20:42:34 +00:00
for _, rr := range answer {
name := ""
switch x := rr.(type) {
case *dns.SRV:
name = x.Target
case *dns.MX:
name = x.Mx
}
plugin/file: fix panic in miekg/dns.CompareDomainName() (#3337) Signed-off-by: utrehubenka <utrehubenka@infoblox.com>
2019-10-01 15:22:42 +03:00
if len(name) == 0 || !dns.IsSubDomain(z.origin, name) {
middleware/file: additional section processing (#531) Add additional section processing for MX and SRV records. Update the tests.
2017-02-19 20:42:34 +00:00
continue
}
elem, _ := z.Tree.Search(name)
if elem == nil {
continue
}
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
sigs := elem.Type(dns.TypeRRSIG)
middleware/file: additional section processing (#531) Add additional section processing for MX and SRV records. Update the tests.
2017-02-19 20:42:34 +00:00
for _, addr := range []uint16{dns.TypeA, dns.TypeAAAA} {
plugin/file: Rename do to walk and cleanup and document (#2987) * plugin/file: Rename do to walk, cleanup and document * This renames Do to Walk to be more inline with Go standards. Also make it return an error instead of a bool. Also give give walk access to rrs. Alternatively e.m could be exported, but just access the map of rrs should work as well. Another alternative would be adding a whole bunch of helper functions, but those need grab and return the data. Just having access to the rrs should be easiest for most Walks. * It adds Type and TypeForWildcard to show the different functions * *Removes* the identical RR check when inserting; this was only done for A, AAAA and MX and not finished; removed under the mantra garbage in garbage out. * Reuses Types to return all the types in an *tree.Elem Signed-off-by: Miek Gieben <miek@miek.nl> * better comments Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-18 17:44:47 +00:00
if a := elem.Type(addr); a != nil {
middleware/file: additional section processing (#531) Add additional section processing for MX and SRV records. Update the tests.
2017-02-19 20:42:34 +00:00
extra = append(extra, a...)
if do {
plugin/file: simplify locking (#3024) * plugin/file: simplify locking Simplify the locking, remove the reloadMu and just piggyback on the other lock for accessing content, which assumes things can be move underneath. Copy the Apex and Zone to new vars to make sure the pointer isn't updated from under us. The releadMu isn't need at all, the time.Ticker firing while we're reading means we will just miss that tick and get it on the next go. Add rrutil subpackage and put some more generic functions in there, that are now used from file and the tree package. This removes some duplication. Rename additionalProcessing that didn't actually do that to externalLookup, because that's what being done at some point. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/file/lookup.go Co-Authored-By: Michael Grosser <development@stp-ip.net>
2019-07-23 18:32:44 +00:00
sig := rrutil.SubTypeSignature(sigs, addr)
middleware/file: additional section processing (#531) Add additional section processing for MX and SRV records. Update the tests.
2017-02-19 20:42:34 +00:00
extra = append(extra, sig...)
}
}
}
}
return extra
}
Reference in New Issue Copy Permalink