DNS-Compliance-Testing issueshttps://gitlab.isc.org/isc-projects/DNS-Compliance-Testing/-/issues2023-07-08T17:39:46Zhttps://gitlab.isc.org/isc-projects/DNS-Compliance-Testing/-/issues/39glibc 2.342023-07-08T17:39:46Zcaseglibc 2.34To quote the release notes from GLIBC 2.34:
* Various symbols previously defined in libresolv have been moved to libc
in order to prepare for libresolv moving entirely into libc (see earlier
entry for merging libraries into libc). ...To quote the release notes from GLIBC 2.34:
* Various symbols previously defined in libresolv have been moved to libc
in order to prepare for libresolv moving entirely into libc (see earlier
entry for merging libraries into libc). The symbols __dn_comp,
__dn_expand, __dn_skipname, __res_dnok, __res_hnok, __res_mailok,
__res_mkquery, __res_nmkquery, __res_nquery, __res_nquerydomain,
__res_nsearch, __res_nsend, __res_ownok, __res_query, __res_querydomain,
__res_search, __res_send formerly in libresolv have been renamed and no
longer have a __ prefix. They are now available in libc.
This impacts this project directly, as it fails to build in reference to three functions:
```shell
> /build/source/genreport.c:3375: undefined reference to `ns_makecanon'
> /nix/store/cimp3vp40msz4afq1c3602p2rn9bff0d-binutils-2.35.2/bin/ld: genreport.o: in function `lookupns':
> /build/source/genreport.c:2296: undefined reference to `ns_makecanon'
> /nix/store/cimp3vp40msz4afq1c3602p2rn9bff0d-binutils-2.35.2/bin/ld: genreport.o: in function `findglue':
> /build/source/genreport.c:3354: undefined reference to `ns_makecanon'
```https://gitlab.isc.org/isc-projects/DNS-Compliance-Testing/-/issues/37Please provide test code for DNS Flag Day 2020 (edns512tcp)2020-10-13T21:01:59ZHanno BöckPlease provide test code for DNS Flag Day 2020 (edns512tcp)My understanding from the DNS flag day page is that the edns512tcp test is the relevant thing to look for in terms of testing compatibility with the dns flag day 2020 requirements.
However that test seems to be unpublished. While the ED...My understanding from the DNS flag day page is that the edns512tcp test is the relevant thing to look for in terms of testing compatibility with the dns flag day 2020 requirements.
However that test seems to be unpublished. While the EDNS Compliance Tester page links to this source repo, the code does not contain the edns512tcp test.https://gitlab.isc.org/isc-projects/DNS-Compliance-Testing/-/issues/35Replace RFC 6966 with RFC 7766 at https://ednscomp.isc.org/ednscomp/2022-12-27T11:59:12ZGhost UserReplace RFC 6966 with RFC 7766 at https://ednscomp.isc.org/ednscomp/https://ednscomp.isc.org/ednscomp/1d4f143106 says
```
EDNS - over TCP Response (edns@512tcp)
dig +vc +nocookie +norec +noad +edns +dnssec +bufsize=512 dnskey zone @server
expect: NOERROR
expect: OPT record with version set to 0
See RFC5...https://ednscomp.isc.org/ednscomp/1d4f143106 says
```
EDNS - over TCP Response (edns@512tcp)
dig +vc +nocookie +norec +noad +edns +dnssec +bufsize=512 dnskey zone @server
expect: NOERROR
expect: OPT record with version set to 0
See RFC5966 and See RFC6891
```
Since RFC5966 is obsoleted by RFC 7766, the latter RFC shall be referenced.https://gitlab.isc.org/isc-projects/DNS-Compliance-Testing/-/issues/32Extend the DNS compliance tester do that it would be useful TLD operators to ...2022-12-27T11:37:16ZMark AndrewsExtend the DNS compliance tester do that it would be useful TLD operators to do staged warnings.Extend the EDNS compliance tester so that it emits a staged warning stream at 120 days, 90 days, 60 days, 30 days, 15 days, 10 days, 5 days then daily for zones with broken servers.
This also needs to detect firewalls that are systemati...Extend the EDNS compliance tester so that it emits a staged warning stream at 120 days, 90 days, 60 days, 30 days, 15 days, 10 days, 5 days then daily for zones with broken servers.
This also needs to detect firewalls that are systematically blocking specific requests from packet loss. There needs to be a multi-day history of firewall detection before emitting the first warning.
It also needs to detect STD 13 (RFC 1034, RFC 1035) servers and not emit warnings if that is the only reason a server is otherwise flagged for EDNS protocol violations.https://gitlab.isc.org/isc-projects/DNS-Compliance-Testing/-/issues/31Please provide an alternative to autoconf2022-12-27T11:10:22ZVicky Riskvicky@isc.orgPlease provide an alternative to autoconfCan you provide a configure script? I got the following questions from someone trying to run this on ... Solaris.
Sorry Mark, I have no idea what I am asking for here.
-------
It only comes with configure.ac so you need autoconf. I’ve...Can you provide a configure script? I got the following questions from someone trying to run this on ... Solaris.
Sorry Mark, I have no idea what I am asking for here.
-------
It only comes with configure.ac so you need autoconf. I’ve seen the list of digs that you run, but if I eyeball them then the results are subject to my interpretation. And it’s the interpretation of the EDNS RFC that’s at the base of our current difficulties…..
-------
Do you have a version of ednscomp that I can run on a lab server that isn’t accessible from the internet? I tried downloading the source for genreport but I seem to need autoconf to generate a configure script….https://gitlab.isc.org/isc-projects/DNS-Compliance-Testing/-/issues/22No manual page is generated2023-07-08T17:34:50ZPetr MenšíkNo manual page is generatedIs there any way to generate manual page for genreport tool?
I spent some time on it, I found [ronn](https://github.com/rtomayko/ronn) can be used to generate nice enough manual page, but basic structure of current markdown has to be ch...Is there any way to generate manual page for genreport tool?
I spent some time on it, I found [ronn](https://github.com/rtomayko/ronn) can be used to generate nice enough manual page, but basic structure of current markdown has to be changed.
Then this command would produce good enough manual page:
ronn --roff --pipe --manual="genreport(1)" --organization="Internet Systems Consortium" genreport.md
I think format of markdown html generated page is still very similar.
Is any other tool known to produce usable manual page?
[0001-Modify-a-bit-documentation-template.patch](/uploads/f16e8b3da17566410590a0b89c72d6cc/0001-Modify-a-bit-documentation-template.patch)https://gitlab.isc.org/isc-projects/DNS-Compliance-Testing/-/issues/11Add support to report how long a entry has been in error.2019-01-17T01:26:58ZMark AndrewsAdd support to report how long a entry has been in error.add the ability to specify a database to record this information.
use a key of <zone> or <zone,server,type> or < zone,server,address> depending upon the error type.
record the fail timestamp on error, do not update if it already exists.
...add the ability to specify a database to record this information.
use a key of <zone> or <zone,server,type> or < zone,server,address> depending upon the error type.
record the fail timestamp on error, do not update if it already exists.
clear the above keys on success where success is:
* ns lookup succeeded for <zone>
* address lookup succeeded for <zone,server,type>
* tests succeeded for zone,server,address>