Currently, there are some links that we access with **HTTP**, it is
redirected to **HTTPS** automatically. So this commit aims to
replace **http://...** by **https://...** for security.
Co-Authored-By: Nguyen Phuong An <AnNP@vn.fujitsu.com>
Signed-off-by: Kim Bao Long <longkb@vn.fujitsu.com>
* Stop importing testing in the main binary
Stop importing "testing" into the main binary:
* test/helpers.go imported it; remote that and change function signature
* update all tests that use this
Signed-off-by: Miek Gieben <miek@miek.nl>
* Drop import testing from metrics plugin
Signed-off-by: Miek Gieben <miek@miek.nl>
* more fiddling
Signed-off-by: Miek Gieben <miek@miek.nl>
* Default to upstream to self
This is a backwards incompatible change.
This is a massive (cleanup) PR where we default to resolving external
names by the coredns process itself, instead of directly forwarding them
to some upstream.
This ignores any arguments `upstream` may have had and makes it depend
on proxy/forward configuration in the Corefile. This allows resolved
upstream names to be cached and we have better healthchecking of the
upstreams. It also means there is only one way to resolve names, by
either using the proxy or forward plugin.
The proxy/forward lookup.go functions have been removed. This also
lessen the dependency on proxy, meaning deprecating proxy will become
easier. Some tests have been removed as well, or moved to the top-level
test directory as they now require a full coredns process instead of
just the plugin.
For the etcd plugin, the entire StubZone resolving is *dropped*! This
was a hacky (but working) solution to say the least. If someone cares
deeply it can be brought back (maybe)?
The pkg/upstream is now very small and almost does nothing. Also the
New() function was changed to return a pointer to upstream.Upstream. It
also returns only one parameter, so any stragglers using it will
encounter a compile error.
All documentation has been adapted. This affected the following plugins:
* etcd
* file
* auto
* secondary
* federation
* template
* route53
A followup PR will make any upstream directives with arguments an error,
right now they are ignored.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix etcd build - probably still fails unit test
Signed-off-by: Miek Gieben <miek@miek.nl>
* Slightly smarter lookup check in upstream
Signed-off-by: Miek Gieben <miek@miek.nl>
* Compilez
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix EDNS0 compliance
Do SizeAndDo in the server (ScrubWriter) and remove all uses of this
from the plugins. Also *always* do it. This is to get into compliance
for https://dnsflagday.net/.
The pkg/edns0 now exports the EDNS0 options we understand; this is
exported to allow plugins add things there. The *rewrite* plugin used
this to add custom EDNS0 option codes that the server needs to
understand.
This also needs a new release of miekg/dns because it triggered a
race-condition that was basicly there forever.
See:
* https://github.com/miekg/dns/issues/857
* https://github.com/miekg/dns/pull/859
Running a test instance and pointing the https://ednscomp.isc.org/ednscomp
to it shows the tests are now fixed:
~~~
EDNS Compliance Tester
Checking: 'miek.nl' as at 2018-12-01T17:53:15Z
miek.nl. @147.75.204.203 (drone.coredns.io.): dns=ok edns=ok edns1=ok edns@512=ok ednsopt=ok edns1opt=ok do=ok ednsflags=ok docookie=ok edns512tcp=ok optlist=ok
miek.nl. @2604:1380:2002:a000::1 (drone.coredns.io.): dns=ok edns=ok edns1=ok edns@512=ok ednsopt=ok edns1opt=ok do=ok ednsflags=ok docookie=ok edns512tcp=ok optlist=ok
All Ok
Codes
ok - test passed.
~~~
Signed-off-by: Miek Gieben <miek@miek.nl>
Signed-off-by: Miek Gieben <miek@miek.nl>
* typos in comments
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/file: Use new zone parser API
Use new dns lib 1.0.14 and default to using the new zone parser that
does not leak go-routines.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Use new API
Signed-off-by: Miek Gieben <miek@miek.nl>
While running the following, noticed the whitespace warning from presubmit:
```
ubuntu@ubuntu:~/coredns$ docker run -i -t --rm -v $PWD:/go/src/github.com/coredns/coredns --net=host golang:1.11
root@ubuntu:/go# cd src/github.com/coredns/coredns/
root@ubuntu:/go/src/github.com/coredns/coredns# make
** presubmit/context
** presubmit/filename-hyphen
** presubmit/test-lowercase
** presubmit/trailing-whitespace
plugin/auto/README.md:* `reload` interval to perform reload of zone if SOA version changes. Default is one minute.
plugin/auto/README.md: Value of `0` means to not scan for changes and reload. eg. `30s` checks zonefile every 30 seconds
plugin/file/README.md:* `reload` interval to perform reload of zone if SOA version changes. Default is one minute.
plugin/file/README.md: Value of `0` means to not scan for changes and reload. eg. `30s` checks zonefile every 30 seconds
** presubmit/trailing-whitespace: please remove any trailing white space
```
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
For zone files with more than 10,000 records, the goroutines and memory
pinned by dns.ParseZone won't be released unless the tokens chan is
drained. As Parse is called by (*Zone).Reload very frequently, this
causes memory leaks and OOM conditions.
Updates miekg/dns#786
* Configurable zone reload interval in file plugin
* passing reload config from auto plugin to file plugin. removed noReload property from Zone struct. fixed tests based on short file reload hack
* plugin/kubernetes: remove bunch a string ops
This removes a bunch of appends to where not needed, makes dnsutil.Join
take variadic args which removes the need to wrap in a new string slice.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix calls to dnsutil.Join
Signed-off-by: Miek Gieben <miek@miek.nl>
* Revert these
Signed-off-by: Miek Gieben <miek@miek.nl>
Every plugin needs to deal with EDNS0 and should call Scrub to make a
message fit the client's buffer. Move this functionality into the server
and wrapping the ResponseWriter into a ScrubWriter that handles these
bits for us. Result:
Less code and faster, because multiple chained plugins could all be
calling scrub and SizeAndDo - now there is just one place.
Most tests in file/* and dnssec/* needed adjusting because in those unit
tests you don't see OPT RRs anymore. The DNSSEC signer was also looking
at the returned OPT RR to see if it needed to sign - as those are now
added by the server (and thus later), this needed to change slightly.
Scrub itself still exist (for backward compat reasons), but has been
made a noop. Scrub has been renamed to scrub as it should not be used by
external plugins.
Fixes: #2010
Signed-off-by: Miek Gieben <miek@miek.nl>
* Clean up tests logging
This cleans up the travis logs so you can see the failures better.
Older tests in tests/ would call log.SetOutput(ioutil.Discard) in
a haphazard way. This add log.Discard and put an `init` function in each
package's dir (no way to do this globally). The cleanup in tests/ is
clear.
All plugins also got this init function to have some uniformity and kill
any (future) logging there in the tests as well.
There is a one-off in pkg/healthcheck because that does log.
Signed-off-by: Miek Gieben <miek@miek.nl>
* bring back original log_test.go
Signed-off-by: Miek Gieben <miek@miek.nl>
* suppress logging here as well
Signed-off-by: Miek Gieben <miek@miek.nl>
add a test to see if we copy the rcode correctly. Some minor cleanup in
import ordering and renaming NewUpstream to New as we already are in the
upstream package.
* plugin/file: fix local CNAME lookup
Issue #1864 explains it will, when we serve the child zone as well we
should just recursive into ourself (upstream self). Thus relax the
IsSubDomain check in file/lookup.go and just query (even if the query
will hit a remote server).
I've looped over all other plugins that do something similar (CNAME
resolving) and they didn't do the IsSubDomain check; therefor I've
removed it from *file* as well.
Added test in file_upstream_test that shows this failed before but now
results in a reply.
Fixes#1864
* self does not need to be exported
* Fix test
We don't know if we had a valid reply. Check this.
Uppercase all these test errors as well. And extend the presubmit to
check for these in the future. Also do a slightly smarter grep to only
get t.<something>. as (because dump regexp) this also grep over non test
files.
* Remove Compress by default
Set Compress = true in Scrub only when the message doesn not fit the
advertized buffer. Doing compression is expensive, so try to avoid it.
Master vs this branch
pkg: github.com/coredns/coredns/plugin/cache
BenchmarkCacheResponse-2 50000 24774 ns/op
pkg: github.com/coredns/coredns/plugin/cache
BenchmarkCacheResponse-2 100000 21960 ns/op
* and make it compile
* update docs
* plugins: use plugin specific logging
Hooking up pkg/log also changed NewWithPlugin to just take a string
instead of a plugin.Handler as that is more flexible and for instance
the Root "plugin" doesn't implement it fully.
Same logging from the reload plugin:
.:1043
2018/04/22 08:56:37 [INFO] CoreDNS-1.1.1
2018/04/22 08:56:37 [INFO] linux/amd64, go1.10.1,
CoreDNS-1.1.1
linux/amd64, go1.10.1,
2018/04/22 08:56:37 [INFO] plugin/reload: Running configuration MD5 = ec4c9c55cd19759ea1c46b8c45742b06
2018/04/22 08:56:54 [INFO] Reloading
2018/04/22 08:56:54 [INFO] plugin/reload: Running configuration MD5 = 9e2bfdd85bdc9cceb740ba9c80f34c1a
2018/04/22 08:56:54 [INFO] Reloading complete
* update docs
* better doc
* global: move to context
Move from golang.org/x/net/context to std lib's context.
Change done with:
for i in $(grep -l '/context' **/*.go); do sed -e 's|golang.org/x/net/context|context|' -i $i; echo $i; done
for i in **/*.go; do goimports -w $i; done
* drop from dns.pb.go as well
* Update all plugins to use plugin/pkg/log
I wish this could have been done with sed. Alas manually changed all
callers to use the new plugin/pkg/log package.
* Error -> Info
* Add docs to debug plugin as well
* plugin/file: shutdown reload goroutine
Shutdown the z.Reload() routine (if started in the first place) on
shutdow and reload.
Fixes#1508
* Must be put in c.OnShutdown()
* up test coverage
This should have everyone, but the process was quite manual. The rename
from middleware -> plugin also meant I had to do some extra digging on
who actually submitted the PR. I also double checked the current list of
people with commit access.
Every plugin now has an OWNERS, except *reverse*. I'll file a bug for
that.
Fix the error handling. Log when we have an error during any of the
transfer state. And if there isn't an error transfer the zones.
Also fix the tests in test/ so we, at least, check the initial transfer.
Update the docs to show more about how errors are handled.
Ref #1400
* Add manual pages
Generate manual pages from the README and extend README with Name and
Description sections.
The generation requires 'ronn' which may not be available. Just check in
all generated manual pages.
When z.Tree.Prev returns zero we should break out of this loop, not
use elem as if nothing has happened.
Can be triggered by sending edns0 to unsigned zone.
DS is peculiar and needs some special cases to do the right things.
For a direct query return the DS, but if we're hitting below the
delegation return the NS+DS in a delegation response.
Don't put NS records in the answer section; if we see it is delegated
we should put the records in the AUTHORITY section.
This removes a special case, which is good.
* readme: more tests
Add dnssec and file plugin to the test readme. This requires creating a
bunch of files with the right content. Doing so already unconvered an
unconditional type assertion in DNSSEC. This PR will include the fix for
that as well.
Also extended the snippets in the file plugin README, so that they are
whole Corefile - showing more value and checking all corefile snippets.
Create outliner right now is the kubernetes plugin, because even setting
the right env vars will result in:
open /var/run/secrets/kubernetes.io/serviceaccount/token: no such file or directory":
Which we can't create for a test.
* lint
Fix file/fuzz.go build and docs in Makefile.fuzz
Each plugin can add a fuzz.go to join the fuzzing craze.
pkg/fuzz/do.go could be made a lot smarter, but is probably good enough
for starters.
$ make -f Makefile.fuzz <plugin>
will build with go-fuzz-build and then execute a go-fuzz run. Each
plugin's fuzz run uses a per-plugin directory to store the fuzz data.
* test: fix zone file
Add missing $TTL 3600 as the top.
Recent change in Go DNS made this mandatory - old behavior wasn't
standards compliant.
* and here
Add a full test server impl in this new package + tests. Move
dnsrecorder into this package as well and finish up the commented out
tests that were left in the old dnsrecorder package.
Update all callers and tests.
* plugin/{file,auto}: drop fsnotify
Reload every minute. This is more deterministic then fsnotify. Also
other thing cropped up: sharing zone files between zone; there is only
1 fsnotify event and we need to fan out the reload to all zone files.
This is a large rewrite (which could still be done), for now, poll the
zone file on disk.
Give serial no change a special error type so we can check for this.
Improve the logging for reloading:
2017/09/19 07:34:39 [INFO] Successfully reloaded zone "miek.nl." in "db.miek.nl" with serial 128263060
2017/09/19 07:34:45 [INFO] Successfully reloaded zone "miek.nl." in "db.miek.nl" with serial 128263059
2017/09/19 07:34:51 [INFO] Successfully reloaded zone "miek.nl." in "db.miek.nl" with serial 128263060
Fixes#1013
* typo
* Rename middleware to plugin
first pass; mostly used 'sed', few spots where I manually changed
text.
This still builds a coredns binary.
* fmt error
* Rename AddMiddleware to AddPlugin
* Readd AddMiddleware to remain backwards compat
