Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-11-02 10:13:14 -05:00
Code Issues Packages Projects Releases Wiki Activity
3,167 Commits 7 Branches 76 Tags
17fca596286287026b93d0691264bc3521457543
Commit Graph

1121 Commits

Author SHA1 Message Date
Chris O'Haver
17fca59628 Comment reason for non-exact match in direct cname loop checks (#5294) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-04-04 15:00:17 -04:00
Chris O'Haver
4d76faa4b4 plugin/etcd: Fix multi record TXT lookups (#5293) 
* fix multi-record txt

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-04-04 14:59:16 -04:00
coredns[bot]
7b880386ce auto go fmt 
Signed-off-by: coredns[bot] <bot@bot.coredns.io>
 2022-03-28 10:28:36 +00:00
Chris O'Haver
3df3147f8c plugin/k8s_external: Persist tc bit from lookup to client response (#4716) 
* persist reponse tc bit from lookup to client

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-03-25 13:50:23 -04:00
Yong Tang
90fd1ceb01 Avoid copy of large value in range (#5243) 2022-03-18 10:13:58 -07:00
Chris O'Haver
90680b7077 only warn when getting interface list fails (#5272) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-03-18 07:11:53 -07:00
Qasim Sarfraz
74b84a1377 update all +build statements (#5271) 
* update all +build statements

Signed-off-by: MQasimSarfraz <syed.qasim.sarfraz@gmail.com>

* remove old +build style

Signed-off-by: MQasimSarfraz <syed.qasim.sarfraz@gmail.com>
 2022-03-18 07:11:14 -07:00
xuweiwei
6788557507 plugin/file: add CAA record test case (#5219) 
Signed-off-by: xuweiwei <xuweiwei_yewu@cmss.chinamobile.com>
 2022-03-16 12:30:37 -04:00
Yong Tang
21fc65bfc8 [plugin/clouddns] Add additional doc in explaining credentials file field is optional (#5231) 
This PR adds additional doc in explaining credentials file field is optional,
in case user might be concerned to save an filename location in Corefile.

Technically since Corefile does not save plaintext secret for clouddns
(unlikely route53/azure), this is not too big of a concern, as far as I can see.
Still it is worth to pointing out in documentation.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-16 12:28:25 -04:00
Yong Tang
aa7818e1d3 Update to avoid pseudo-random number (#5225) 
* Update to avoid pseudo-random number

This PR update the usage of rand so that non-global seed is used.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Add concurrency-safe random source

See https://stackoverflow.com/questions/48958886/how-to-create-a-thread-safe-rand-source

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-16 12:24:58 -04:00
Yong Tang
54531d0a44 Clean up dependency on github.com/golang/protobuf (#5222) 
This PR cldean up remaining left over of github.com/golang/protobuf in coredns,
as github.com/golang/protobuf has been deprecated.

Note the github.com/golang/protobuf is now only indirectly
used by external libraries. Manually updating coredns' dependency to futher clean up has been tried.
However, it was not possible as external library usages of github.com/golang/protobuf are too interleaved.

This PR fixes 4939.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-14 09:09:50 -07:00
coredns[bot]
74830b35fd auto go fmt 
Signed-off-by: coredns[bot] <bot@bot.coredns.io>
 2022-03-14 10:28:20 +00:00
Yong Tang
6bb2db758f [plugin/route53] Deprecate plaintext secret in Corefile for route53 plugin (#5228) 
This PR deprecates plaintext secret in Corefile for route53 plugin (`aws_access_key`).
Since using environmental variables of `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`
have already been available, no other changes other than deprecation is needed.

This will avoid saving plaintext secret in Corefile which could be
of security concern.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-11 11:32:44 -08:00
Yong Tang
c7b55230e0 [plugin/reload]: Change hash from md5 to sha512 (#5226) 
This PR changes the reload plugin's hash from md5 to sha512,
for the purpose of avoid using md5. MD5 is a weak hash algorithm
and for security reasons we will avoid using it.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-07 09:55:10 -08:00
Chris O'Haver
3fe9d41a21 plugin/k8s_external: fix external nsAddrs when CoreDNS Service has no External IPs (#4891) 
fix external nsAddrs; add tests;

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-03-07 12:18:23 -05:00
Chris O'Haver
7263808fe1 plugin/k8s_external: implement zone transfers (#4977) 
Implement transfer for k8s_external. Notifies not supported.

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-03-07 12:16:24 -05:00
Yong Tang
e391a39322 [plugin/log] Expand {combined} and {common} in log format (#5230) 
This PR tries to address the issue raised in 5223 where `{combined}`
or `{common}` in log format will not expand when `{combined}` or `{common}`
is not the only token in the format.

This PR fixes 5223.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-07 06:49:56 -08:00
Yong Tang
ad41112a92 Add limit to ioutil.ReadAll for request body (#5224) 
This PR adds limit to ioutil.ReadAll for DoH request body
so that it will not be subject to large requests.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-04 12:18:05 -08:00
Chris O'Haver
967814161a use tickers instead of time.After to avoid memory leak (#5220) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-03-03 23:36:02 -08:00
Yong Tang
a1429e1445 [plugin/rewrite] Refactor to satisfy security scan (#5214) 
this PR re-arrange the logic to avoid a false positive DAST scan.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-01 14:33:52 -05:00
Chris O'Haver
66dc74caeb plugin/etcd+kubernetes: Persist truncated state to client if CNAME lookup response is truncated (#4715) 
Persist the TC bit to client response for truncated CNAME lookups.
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-22 09:38:57 -05:00
Chris O'Haver
74d4e9bb1b kubernetes: log server start delay and api connection failures (#5044) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-22 09:21:45 -05:00
Yong Tang
b1d5d7c572 Replace deprecated NewDeltaFIFO with NewDeltaFIFOWithOptions (#5200) 
Replace deprecated  `cache.NewDeltaFIFO`

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-22 09:20:29 -05:00
coredns[bot]
a226205299 auto remove trailing whitespaces 
Signed-off-by: coredns[bot] <bot@bot.coredns.io>
 2022-02-22 10:28:07 +00:00
Yong Tang
c0c72e5894 Harden tls on all places (#5184) 
PR 2938 hardens tls though there are other places that uses TLS
as well and setTLSDefaults are not invoked in other paths.

This PR hardens tls on all places.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-17 12:26:08 -08:00
Chris O'Haver
f8a02aaf58 dont panic when from-zone cannot be normalized (#5170) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-17 15:13:18 -05:00
xuweiwei
86a5902209 plugin/file: add TXT RR test case (#5079) 
Signed-off-by: xuweiwei <xuweiwei_yewu@cmss.chinamobile.com>
 2022-02-17 13:58:18 -05:00
Rudolf Schönecker
c121aaab34 Add metric counting DNS-over-HTTPS responses (#5130) 
Signed-off-by: Rudolf Schonecker <rudolf.schonecker@jamf.com>
 2022-02-17 08:37:40 -05:00
Chris O'Haver
e5626a77bb plugin/secondary: Fix startup transfer failure wrong zone logged (#5085) 
* avoid race

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-14 12:12:08 -05:00
Elijah Andrews
80195c399f add zones label to cache metrics (#5124) 
* add zones to cache metrics

Signed-off-by: Elijah Andrews <elijahcandrews@gmail.com>
 2022-02-14 12:10:30 -05:00
Yong Tang
c6709d930f Fix security scans by cleaning up file path (#5185) 
While performing security scans there were several
issue raised as G304 (CWE-22): Potential file inclusion via variable.
As some files path are taken from user input, it is possible the
filepath passed by user may have unintended effect if not properly formed.
This fix add Clean to remove the security warning and address some
potential issue.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-14 11:24:21 -05:00
coredns[bot]
b40f2a0a44 auto go fmt 
Signed-off-by: coredns[bot] <bot@bot.coredns.io>
 2022-02-14 10:32:27 +00:00
Chris O'Haver
fe9ba42590 plugin/autopath: Don't panic on empty token (#5169) 
* dont panic on empty token

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-10 09:00:27 -05:00
Chris O'Haver
c5eb7d0460 dont panic when from-zone cannot be normalized (#5171) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-10 08:59:34 -05:00
Chris O'Haver
d6743531ad fix healthy proxy error case (#5168) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-10 08:58:46 -05:00
Chris O'Haver
4693f40990 Revert "add wildcard warnings (#5030)" (#5167) 
This reverts commit 744468ea78.
 2022-02-09 11:25:15 -08:00
Chris O'Haver
4349b6fa63 dont panic on empty SRV segments (#5173) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-09 13:52:53 -05:00
Chris O'Haver
daace98352 plugin/metrics: Acknowledge other stats exported in README (#5172) 
* mention default go stats and other plugin stats in README

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-09 13:52:18 -05:00
Tomas Hulata
b0edae07f1 Health-checks should respect force_tcp (#5109) 
* health check should respect force_tcp

Signed-off-by: tombokombo <tombo@sysart.tech>
 2022-02-09 09:45:52 -05:00
Chris O'Haver
abaf938623 remove wildcard query functionality (#5019) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-09 09:25:10 -05:00
Yong Tang
041e1eabc6 Fix a couple of code scanning alerts (#5157) 
This PR fixed a couple of code scanning alerts:

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-07 09:09:12 -05:00
Chris O'Haver
911891f485 plugin/rewrite: Write failures with ResponseReverter (#5150) 
* write failures with ResponseReverter instead of letting server write them

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>

* fix comment

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-01 16:54:06 -05:00
soulfy
49ee97994e fix: convert key to domain (#5064) 
fix convert key to domain when key ends with '/'
 2022-02-01 09:45:43 -05:00
coredns[bot]
830a0f7dcb auto go fmt 
Signed-off-by: coredns[bot] <bot@bot.coredns.io>
 2022-01-31 10:27:19 +00:00
Chris O'Haver
49f0562f6c plugin/template: Persist truncated state to client if CNAME lookup response is truncated (#4713) 
* persist truncated state to client if cname lookup response is truncated

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-01-26 15:49:44 -05:00
Ondřej Benkovský
f713a51319 plugin/prometheus: write rcode properly to the metrics (#5126) 
* plugin/prometheus: write rcode properly to the metrics

Signed-off-by: Ondřej Benkovský <ondrej.benkovsky@jamf.com>
 2022-01-26 11:32:01 -05:00
xuweiwei
1d3e901157 plugin/file: optimize cname get rr by type (#5080) 
Signed-off-by: xuweiwei <xuweiwei_yewu@cmss.chinamobile.com>
 2022-01-21 15:05:11 -08:00
Chris O'Haver
1c6b68f3cb tls.PreferServerCipherSuites is ignored as of go 1.17 (#5108) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-01-21 15:04:36 -08:00
coredns[bot]
1c4e8eb75d auto remove trailing whitespaces 
Signed-off-by: coredns[bot] <bot@bot.coredns.io>
 2022-01-11 10:34:21 +00:00
coredns[bot]
7d629a0b9e auto go fmt 
Signed-off-by: coredns[bot] <bot@bot.coredns.io>
 2022-01-10 10:28:56 +00:00