This was found by fuzzing.
We need to make this a fully qualified domain name to catch all errors
in dnsserver/register.go and not later when plugin.Normalize() is called again on these
strings, with the prime difference being that the domain name is fully
qualified. This was found by fuzzing where "ȶ" is deemed OK, but "ȶ." is
not (might be a bug in miekg/dns actually). But here we were checking ȶ,
which is OK, and later we barf in ȶ. leading to "index out of range".
Added a tests and check manually if it would crash with the current code
(yes), and fail with an error in this PR (yes).
Signed-off-by: Miek Gieben <miek@miek.nl>
* core: fix v4 non-octet reverse zones
This fixes the reverse zones handling. Add expanstion of the reverse
notation to all octet boundary subnets and add those to the config - just as if
they were directly typed in the config.
This takes inspiration from #4501, but that (even with DCO!!) seems to
be just using https://github.com/apparentlymart/go-cidr/ so use that
instead - I think a minor function is still needed that one is copied
from #4501.
Also sort the zones we are listing on startup - caught in this PR
because of the expanded zones being not listed next to each other.
This also removes the need for FilterFunc from the config, so this is
now gone as well, making the whole thing slightly more efficient.
Add couple of reverse unit tests and a e2e test that queries for the
correct (and incorrect) reverse zones and checks the reply.
Closes: #4501Fixes: #2779
Signed-off-by: Miek Gieben <miek@miek.nl>
* Add more test cases
Add test from origin bug report: #2779
Signed-off-by: Miek Gieben <miek@miek.nl>
* Rebase and fix conflicts
Signed-off-by: Miek Gieben <miek@miek.nl>
The following test failure for `TestZoneReload` can be observed
periodically:
`file_reload_test.go:58: Expected two RR in answer section got 2`
This failure can be consistently reproduced using the following command
(on my machine, at least):
`( cd test ; go test -v -race -run "TestZoneReload" ./... -count=500)`
test/file_reload_test.go:
Address a typo in a test failure message.
Sleep for double the file reload interval to avoid a rare
race condition between test code and the file plugin's reload code,
which is presumably a result of the time it takes to actually reload.
Signed-off-by: Stephen Greene <sgreene@redhat.com>
* plugin/transfer: only allow outgoing axfr over tcp
Return refused when the query comes in over udp.
No need to add a new test case as the current crop needed to be changed
to use TCP.
Fixes: #4450
Signed-off-by: Miek Gieben <miek@miek.nl>
* transfer tests: this needs tcp as well
Signed-off-by: Miek Gieben <miek@miek.nl>
* pass through nxdomain results
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* return srvfail and nodata results
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* cover more response cases
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
Doing a reload every 10ms and sleeping 10ms makes this too racy,
increase all those sleeps to 5ms. A better method would be to get
notified of the reload/change, this would require some polling to get
the RR we expect, with a much longer timeout to stop the test
eventually.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Setup GitHub Actions for auto remove trailing whitespaces
This PR setup GitHub Actions for auto remove trailing whitespaces,
if any non-go files are touched (.git directory are ignored)
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Remove TestTrailingWhitespace in presubmit tests
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* paths and paths-ignore are mutually exlcusive so only keep paths-ignore
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Remove redundent bufio import
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Add github testing workflow, simplify the Makefile because that was
complex because of Travis. Remove the fuzzing, needs to be re-added when
that works properly with go modules (it has been disabled for quite some
time). Multiple builds and files have been added so these tests can all
run in parallel. Our testing now tests a couple of minutes, the codeql
is by far the more expensive.
Move metric's naming test to test/presubmit_test.go
Add longer sleep in the TestAutoAXFR.
Bye bye travis!
Closes: #4266
Signed-off-by: Miek Gieben <miek@miek.nl>
* Speed up testing
* make notification run in the background, this recudes the test_readme
time from 18s to 0.10s
* reduce time for zone reload
* TestServeDNSConcurrent remove entirely. This took a whopping 58s for
... ? A few minutes staring didn't reveal wth it is actually testing.
Making values smaller revealed race conditions in the tests. Remove
entirely.
* Move many interval values to variables so we can reset them to short
values for the tests.
* test_large_axfr: make the zone smaller. The number used 64K has no
rational, make it 64/10 to speed up.
* TestProxyThreeWay: use client with shorter timeout
A few random tidbits in other tests.
Total time saved: 177s (almost 3m) - which makes it worthwhile again to
run the test locally:
this branch:
~~~
ok github.com/coredns/coredns/test 10.437s
cd plugin; time go t ./...
5,51s user 7,51s system 11,15s elapsed 744%CPU (
~~~
master:
~~~
ok github.com/coredns/coredns/test 35.252s
cd plugin; time go t ./...
157,64s user 15,39s system 50,05s elapsed 345%CPU ()
~~~
tests/ -25s
plugins/ -40s
This brings the total on 20s, and another 10s can be saved by fixing
dnstapio. Moving this to 5s would be even better, but 10s is also nice.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Also 0.01
Signed-off-by: Miek Gieben <miek@miek.nl>
Not sure why this is proving so difficult.. pointers are hard? [Was
tempted to rollback all tweaks here, but the original issue we're fixing
it too important to not have a proper fix].
But we need to make a copy of the message at the earliest point in the
handler because we are changing it (adding an opt rr). If we do this on
the original message (which is a pointer) we change it (obvs). When
undoing those changes we do work on a copy.
Re: testing. There isn't a explicit test for this, so I've added on to
the top-level test/ directory, which indeed makes the issue visible:
master:
~~~
go test -v -run=TestLookupCacheWithoutEdns
=== RUN TestLookupCacheWithoutEdns
cache_test.go:154: Expected no OPT RR, but got:
;; OPT PSEUDOSECTION:
; EDNS: version 0; flags: do; udp: 2048
--- FAIL: TestLookupCacheWithoutEdns (0.01s)
FAIL
~~~
This branch:
~~~
% go test -v -run=TestLookupCacheWithoutEdns
=== RUN TestLookupCacheWithoutEdns
--- PASS: TestLookupCacheWithoutEdns (0.01s)
PASS
ok github.com/coredns/coredns/test 0.109s
~~~
Signed-off-by: Miek Gieben <miek@miek.nl>
This reduces the amount of sleep time to speed up testing.
master:
PASS
ok github.com/coredns/coredns/test 42.088s
12,33s user 1,30s system 44,29s elapsed 30%CPU ()
this branch:
PASS
ok github.com/coredns/coredns/test 33.527s
Signed-off-by: Miek Gieben <miek@miek.nl>
The filtering of DNSSEC records in the cache plugin was not done
correctly. Also the change to introduced this bug didn't take into
account that the cache - by virtue of differentiating between DNSSEC and
no-DNSSEC - relied on not copying the data from the cache.
This change copies and then filters the data and factors the filtering
into a function that is used in two places (albeit with on ugly boolean
parameters to prevent copying things twice).
Add tests, do_test.go is moved to test/cache_test.go because the OPT
handing is done outside of the cache plugin. The core server re-attaches
the correct OPT when replying, so that makes for a better e2e test.
Added small unit test for filterRRslice and an explicit test that asks
for DNSSEC first and then plain, and vice versa to test cache behavior.
Fixes: #4146
Signed-off-by: Miek Gieben <miek@miek.nl>
* For caddy v1 in our org
This RP changes all imports for caddyserver/caddy to coredns/caddy. This
is the v1 code of caddy.
For the coredns/caddy repo the following changes have been made:
* anything not needed by us is deleted
* all `telemetry` stuff is deleted
* all its import paths are also changed to point to coredns/caddy
* the v1 branch has been moved to the master branch
* a v1.1.0 tag has been added to signal the latest release
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix imports
Signed-off-by: Miek Gieben <miek@miek.nl>
* Group coredns/caddy with out plugins
Signed-off-by: Miek Gieben <miek@miek.nl>
* remove this file
Signed-off-by: Miek Gieben <miek@miek.nl>
* Relax import ordering
github.com/coredns is now also a coredns dep, this makes
github.com/coredns/caddy fit more natural in the list.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix final import
Signed-off-by: Miek Gieben <miek@miek.nl>
* cleanup tempfiles for auto_test
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
* cleanup tempfiles for metrics_test
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
Cleanup a variety of metric issues.
* Eliminate department of redundancy "count_total" naming.
* Use the plural of the unit when appropriate. (ex, "requests")
* Remove label names from metric names where appropriate. (ex, "rcode")
* Simplify request metrics by consolidating type label in to the base
request counter.
* Re-generate man pages.
Signed-off-by: Ben Kochie <superq@gmail.com>
Co-authored-by: Ben Kochie <superq@gmail.com>
Add a test for this as well as it's annoying to point out in every code
review.
Fix all the import paths that are flagged by this new test.
Fixes: #3634
Signed-off-by: Miek Gieben <miek@miek.nl>
This ports the shell presubmit to Go and makes them better; esp the
Errorf/Logf/Fatalf one because it actually parses the code and works of
the AST.
These error will now show up in the travis/circle CI runs where they
belong.
Signed-off-by: Miek Gieben <miek@miek.nl>
* presubmit tests
Rename the test file to presubmit_test.go
Remove println from previous merge.
Add filename hyphen check
Remove the shell presubmit file that did this before
Signed-off-by: Miek Gieben <miek@miek.nl>
* remove
Signed-off-by: Miek Gieben <miek@miek.nl>
This fixes the vet warning: the cancel function returned by
context.WithTimeout should be called, not discarded, to avoid a context
leak.
Signed-off-by: Ingo Gottwald <in.gottwald@gmail.com>
* Run gostaticheck
Run gostaticcheck on the codebase and fix almost all flagged items.
Only keep
* coremain/run.go:192:2: var appVersion is unused (U1000)
* plugin/chaos/setup.go:54:3: the surrounding loop is unconditionally terminated (SA4004)
* plugin/etcd/setup.go:103:3: the surrounding loop is unconditionally terminated (SA4004)
* plugin/pkg/replacer/replacer.go:274:13: argument should be pointer-like to avoid allocations (SA6002)
* plugin/route53/setup.go:124:28: session.New is deprecated: Use NewSession functions to create sessions instead. NewSession has the same functionality as New except an error can be returned when the func is called instead of waiting to receive an error until a request is made. (SA1019)
* test/grpc_test.go:25:69: grpc.WithTimeout is deprecated: use DialContext and context.WithTimeout instead. Will be supported throughout 1.x. (SA1019)
The first one isn't true, as this is set via ldflags. The rest is
minor. The deprecation should be fixed at some point; I'll file some
issues.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Make sure to plug in the plugins
import the plugins, that file that did this was removed, put it in the
reload test as this requires an almost complete coredns server.
Signed-off-by: Miek Gieben <miek@miek.nl>
This is needed as well to make it compile cleanly. Follow up to #3214.
Manually removed github.com/coreos/etcd/ from go.mod
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/file: respond correctly to IXFR message
Respond with a sing SOA record to an IXFR request if the SOA serials
match.
The added test fails on the current code with:
~~~
=== RUN TestIxfrResponse
--- FAIL: TestIxfrResponse (0.00s)
secondary_test.go:122: Expected answer section with single RR
FAIL
exit status 1
~~~
And obviously passes with the new code. This should cut down on the
weird number of zone transfers that I was seeing. At some point IXFR
support might be cool.
Fixes: #3176
Signed-off-by: Miek Gieben <miek@miek.nl>
* reuse code
Signed-off-by: Miek Gieben <miek@miek.nl>
* Sligtht tweaks
Signed-off-by: Miek Gieben <miek@miek.nl>
* fuzz: use gofuzz build tag instead of fuzz
Since go-fuzz does not support Go modules yet, vendor dependencies.
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* fuzz: avoid vendoring code for go-fuzz
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
Various fixes to make things less flaky:
* kubernetes: put klog.SetOutput in the setup function, not in the init
function to see if that helps
* file: make z.Expired a boolean instead of a pointer to a boolean
* test: fix TestSecondaryZoneTransfer test, which wasn't actually
testing in the right way. It's more right now, but may still be racy
(race introduced because a file's lazy loading of zones)
Signed-off-by: Miek Gieben <miek@miek.nl>
