1. 25 Jan, 2019 2 commits
    • Evan Hunt's avatar
      complete the set of tools available in windows tests · 1bc0ab52
      Evan Hunt authored
      - dnssec-cds wasn't being built for windows
      - nsec3hash was available, but the NSEC3HASH variable wasn't
        set in conf.sh.win32
      1bc0ab52
    • Michał Kępień's avatar
      dig: return a non-zero exit code for failed TCP EOF retries · 0f168a4b
      Michał Kępień authored
      dig retries a TCP query when a server closes the connection prematurely.
      However, dig's exit code remains unaffected even if the second attempt
      to get a response also fails with the same error for the same lookup,
      which should not be the case.  Ensure the exit code is updated
      appropriately when a retry triggered by a TCP EOF condition fails.
      0f168a4b
  2. 22 Jan, 2019 1 commit
  3. 09 Jan, 2019 1 commit
  4. 08 Jan, 2019 1 commit
    • Michał Kępień's avatar
      Track forwarder timeouts in fetch contexts · 33350626
      Michał Kępień authored
      Since following a delegation resets most fetch context state, address
      marks (FCTX_ADDRINFO_MARK) set inside lib/dns/resolver.c are not
      preserved when a delegation is followed.  This is fine for full
      recursive resolution but when named is configured with "forward first;"
      and one of the specified forwarders times out, triggering a fallback to
      full recursive resolution, that forwarder should no longer be consulted
      at each delegation point subsequently reached within a given fetch
      context.
      
      Add a new badnstype_t enum value, badns_forwarder, and use it to mark a
      forwarder as bad when it times out in a "forward first;" configuration.
      Since the bad server list is not cleaned when a fetch context follows a
      delegation, this prevents a forwarder from being queried again after
      falling back to full recursive resolution.  Yet, as each fetch context
      maintains its own list of bad servers, this change does not cause a
      forwarder timeout to prevent that forwarder from being used by other
      fetch contexts.
      33350626
  5. 01 Jan, 2019 1 commit
  6. 19 Dec, 2018 3 commits
  7. 18 Dec, 2018 1 commit
  8. 11 Dec, 2018 3 commits
  9. 10 Dec, 2018 1 commit
  10. 06 Dec, 2018 3 commits
    • Evan Hunt's avatar
      add basic plugins documentation · c63ead9d
      Evan Hunt authored
      c63ead9d
    • Evan Hunt's avatar
      name change from "hook modules" to "plugins" · fd20f10d
      Evan Hunt authored
      - "hook" is now used only for hook points and hook actions
      - the "hook" statement in named.conf is now "plugin"
      - ns_module and ns_modlist are now ns_plugin and ns_plugins
      - ns_module_load is renamed ns_plugin_register
      - the mandatory functions in plugin modules (hook_register,
        hook_check, hook_version, hook_destroy) have been renamed
      fd20f10d
    • Evan Hunt's avatar
      set up hooks.c to enable setting hook points and loading modules · 70cc3f80
      Evan Hunt authored
      - move hooks.h to public include directory
      - ns_hooktable_init() initializes a hook table. if NULL is passed in, it
        initializes the global hook table
      - ns_hooktable_save() saves a pointer to the current global hook table.
      - ns_hooktable_reset() replaces the global hook table with different
        one
      - ns_hook_add() adds hooks at specified hook points in a hook table (or
        the global hook table if the specified table is NULL)
      - load and unload functions support dlopen() of hook modules (this is
        adapted from dyndb and not yet functional)
      - began adding new hook points to query.c
      70cc3f80
  11. 28 Nov, 2018 1 commit
  12. 22 Nov, 2018 1 commit
  13. 15 Nov, 2018 1 commit
  14. 14 Nov, 2018 1 commit
  15. 12 Nov, 2018 3 commits
  16. 10 Nov, 2018 1 commit
  17. 09 Nov, 2018 2 commits
  18. 07 Nov, 2018 1 commit
  19. 05 Nov, 2018 1 commit
  20. 26 Oct, 2018 2 commits
  21. 25 Oct, 2018 6 commits
  22. 24 Oct, 2018 3 commits
    • Michał Kępień's avatar
      Update documentation · 7bb3d000
      Michał Kępień authored
      7bb3d000
    • Michał Kępień's avatar
      Define a default master server list for the root zone · 2c69734b
      Michał Kępień authored
      To minimize the effort required to set up IANA root zone mirroring,
      define a default master server list for the root zone and use it when
      that zone is to be mirrored and no master server list was explicitly
      specified.  Contents of that list are taken from RFC 7706 and are
      subject to change in future releases.
      
      Since the static get_masters_def() function in bin/named/config.c does
      exactly what named_zone_configure() in bin/named/zoneconf.c needs to do,
      make the former non-static and use it in the latter to prevent code
      duplication.
      2c69734b
    • Michał Kępień's avatar
      Prevent mirror zones from being used when recursion is disabled · 34dc674f
      Michał Kępień authored
      Since mirror zone data is treated as cache data for access control
      purposes, configuring a mirror zone and disabling recursion at the same
      time would effectively prevent mirror zone data from being used since
      disabling recursion also disables cache access to all clients by
      default.  Even though this behavior can be inhibited by configuration,
      mirror zones are a recursive resolver feature and thus recursion is now
      required to use them.
      
      Ignore the fact that certain configurations might still trick named into
      assuming recursion is enabled when it effectively is not since this
      change is not meant to put a hard policy in place but rather just to
      prevent accidental mirror zone misuse.
      34dc674f