colin/hickory-dns
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

remove default feature "dnssec" from client

Browse Source
This commit is contained in:
Benjamin Fry 2021-06-19 15:25:29 -07:00
parent d9424717ee
commit 4f591f94b6
11 changed files with 47 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
bin/benches/comparison_benches.rs
View File

@ -21,12 +21,12 @@ use tokio::runtime::Runtime;
use trust_dns_client::client::*;
use trust_dns_client::op::*;
use trust_dns_client::rr::dnssec::Signer;
use trust_dns_client::rr::*;
use trust_dns_client::tcp::*;
use trust_dns_client::udp::*;
use trust_dns_proto::error::*;
use trust_dns_proto::iocompat::AsyncIoTokioAsStd;
use trust_dns_proto::op::NoopMessageFinalizer;
use trust_dns_proto::xfer::*;
fn find_test_port() -> u16 {
@ -184,7 +184,7 @@ fn trust_dns_tcp_bench(b: &mut Bencher) {
.next()
.unwrap();
let (stream, sender) = TcpClientStream::<AsyncIoTokioAsStd<TcpStream>>::new(addr);
let mp = DnsMultiplexer::new(stream, sender, None::<Arc<Signer>>);
let mp = DnsMultiplexer::new(stream, sender, None::<Arc<NoopMessageFinalizer>>);
bench(b, mp);
// cleaning up the named process
@ -259,7 +259,7 @@ fn bind_tcp_bench(b: &mut Bencher) {
.next()
.unwrap();
let (stream, sender) = TcpClientStream::<AsyncIoTokioAsStd<TcpStream>>::new(addr);
let mp = DnsMultiplexer::new(stream, sender, None::<Arc<Signer>>);
let mp = DnsMultiplexer::new(stream, sender, None::<Arc<NoopMessageFinalizer>>);
bench(b, mp);
// cleaning up the named process

1
bin/src/named.rs
View File

@ -40,6 +40,7 @@ extern crate clap;
#[macro_use]
extern crate log;
#[cfg(feature = "dnssec")]
use std::future::Future;
use std::net::{IpAddr, Ipv4Addr, SocketAddr, ToSocketAddrs};
use std::path::{Path, PathBuf};

14
bin/tests/server_harness/mod.rs
View File

@ -16,10 +16,11 @@ use tokio::runtime::Runtime;
use trust_dns_client::client::*;
use trust_dns_client::proto::xfer::DnsResponse;
use trust_dns_client::rr::dnssec::*;
use trust_dns_client::rr::rdata::DNSSECRData;
use trust_dns_client::rr::*;
#[cfg(feature = "dnssec")]
use trust_dns_client::rr::{dnssec::*, rdata::DNSSECRData};
#[cfg(feature = "dnssec")]
use self::mut_message_client::MutMessageHandle;
fn collect_and_print<R: BufRead>(read: &mut R, output: &mut String) {
@ -238,6 +239,7 @@ pub fn query_a<C: ClientHandle>(io_loop: &mut Runtime, client: &mut C) {
// This only validates that a query to the server works, it shouldn't be used for more than this.
// i.e. more complex checks live with the clients and authorities to validate deeper functionality
#[allow(dead_code)]
#[cfg(feature = "dnssec")]
pub fn query_all_dnssec(
io_loop: &mut Runtime,
client: AsyncClient,
@ -246,9 +248,11 @@ pub fn query_all_dnssec(
) {
let name = Name::from_str("example.com.").unwrap();
let mut client = MutMessageHandle::new(client);
client.dnssec_ok = true;
client.lookup_options.set_is_dnssec(true);
if with_rfc6975 {
client.support_algorithms = Some(SupportedAlgorithms::from_vec(&[algorithm]));
client
.lookup_options
.set_supported_algorithms(SupportedAlgorithms::from_vec(&[algorithm]));
}
let response = query_message(io_loop, &mut client, name.clone(), RecordType::DNSKEY);
@ -286,6 +290,7 @@ pub fn query_all_dnssec(
}
#[allow(dead_code)]
#[cfg(feature = "dnssec")]
pub fn query_all_dnssec_with_rfc6975(
io_loop: &mut Runtime,
client: AsyncClient,
@ -295,6 +300,7 @@ pub fn query_all_dnssec_with_rfc6975(
}
#[allow(dead_code)]
#[cfg(feature = "dnssec")]
pub fn query_all_dnssec_wo_rfc6975(
io_loop: &mut Runtime,
client: AsyncClient,

19
bin/tests/server_harness/mut_message_client.rs
View File

@ -1,21 +1,21 @@
use trust_dns_client::client::*;
use trust_dns_client::proto::xfer::{DnsHandle, DnsRequest};
use trust_dns_client::rr::dnssec::*;
#[cfg(feature = "dnssec")]
use trust_dns_client::rr::rdata::opt::EdnsOption;
use trust_dns_server::authority::LookupOptions;
#[derive(Clone)]
pub struct MutMessageHandle<C: ClientHandle + Unpin> {
client: C,
pub dnssec_ok: bool,
pub support_algorithms: Option<SupportedAlgorithms>,
pub lookup_options: LookupOptions,
}
impl<C: ClientHandle + Unpin> MutMessageHandle<C> {
#[allow(dead_code)]
pub fn new(client: C) -> Self {
MutMessageHandle {
client,
dnssec_ok: false,
support_algorithms: None,
lookup_options: Default::default(),
}
}
}
@ -28,16 +28,17 @@ impl<C: ClientHandle + Unpin> DnsHandle for MutMessageHandle<C> {
true
}
#[allow(unused_mut)]
fn send<R: Into<DnsRequest> + Unpin>(&mut self, request: R) -> Self::Response {
let mut request = request.into();
#[cfg(feature = "dnssec")]
{
// mutable block
let edns = request.edns_mut();
edns.set_dnssec_ok(true);
if let Some(supported_algs) = self.support_algorithms {
edns.options_mut().insert(EdnsOption::DAU(supported_algs));
}
edns.options_mut()
.insert(EdnsOption::DAU(self.lookup_options.supported_algorithms()));
}
println!("sending message");

4
crates/client/Cargo.toml
View File

@ -41,8 +41,6 @@ codecov = { repository = "bluejekyll/trust-dns", branch = "main", service = "git
maintenance = { status = "actively-developed" }
[features]
default = ["dnssec"]
backtrace = ["trust-dns-proto/backtrace"]
# TODO: the rustls and openssl crates are not deps... should we change that to make them easier to use?
# or change this to also be external?
@ -84,7 +82,7 @@ rustls = { version = "0.19", optional = true }
serde = { version = "1.0", features = ["derive"], optional = true }
thiserror = "1.0.20"
tokio = { version = "1.0", features = ["rt"] }
trust-dns-proto = { version = "0.21.0-alpha.1", path = "../proto", features = ["dnssec"]}
trust-dns-proto = { version = "0.21.0-alpha.1", path = "../proto"}
webpki = { version = "0.21", optional = true }
[dev-dependencies]

2
crates/proto/benches/lib.rs
View File

@ -139,6 +139,6 @@ fn bench_parse_real_message(b: &mut Bencher) {
];
b.iter(|| {
let mut decoder = BinDecoder::new(&bytes[..]);
Message::read(&mut decoder);
assert!(Message::read(&mut decoder).is_ok());
})
}

1
crates/server/src/authority/auth_lookup.rs
View File

@ -351,6 +351,7 @@ impl<'a> IntoIterator for &'a LookupRecords {
type Item = &'a Record;
type IntoIter = LookupRecordsIter<'a>;
#[allow(unused_variables)]
fn into_iter(self) -> Self::IntoIter {
match self {
LookupRecords::Empty => LookupRecordsIter::Empty,

4
crates/server/src/authority/authority.rs
View File

@ -10,11 +10,12 @@ use std::future::Future;
use std::pin::Pin;
use crate::client::op::LowerQuery;
use crate::client::rr::{LowerName, Name, RecordType};
use crate::client::rr::{LowerName, RecordType};
#[cfg(feature = "dnssec")]
use crate::client::{
proto::rr::dnssec::rdata::key::KEY,
rr::dnssec::{DnsSecResult, SigSigner, SupportedAlgorithms},
rr::Name,
};
use crate::authority::{LookupError, MessageRequest, UpdateResult, ZoneType};
@ -54,6 +55,7 @@ impl LookupOptions {
}
/// Specify that this lookup should return DNSSEC related records as well, e.g. RRSIG
#[allow(clippy::needless_update)]
pub fn set_is_dnssec(self, val: bool) -> Self {
Self {
is_dnssec: val,

9
crates/server/src/authority/catalog.rs
View File

@ -25,8 +25,10 @@ use crate::authority::{
};
use crate::client::op::{Edns, Header, LowerQuery, MessageType, OpCode, ResponseCode};
#[cfg(feature = "dnssec")]
use crate::client::rr::dnssec::{Algorithm, SupportedAlgorithms};
use crate::client::rr::rdata::opt::{EdnsCode, EdnsOption};
use crate::client::rr::{
dnssec::{Algorithm, SupportedAlgorithms},
rdata::opt::{EdnsCode, EdnsOption},
};
use crate::client::rr::{LowerName, RecordType};
use crate::server::{Request, RequestHandler, ResponseHandler};
@ -36,7 +38,7 @@ pub struct Catalog {
authorities: HashMap<LowerName, Box<dyn AuthorityObject>>,
}
#[allow(unused_mut)]
#[allow(unused_mut, unused_variables)]
fn send_response<R: ResponseHandler>(
response_edns: Option<Edns>,
mut response: MessageResponse<'_, '_>,
@ -424,6 +426,7 @@ async fn lookup<R: ResponseHandler + Unpin>(
}
}
#[allow(unused_variables)]
fn lookup_options_for_edns(edns: Option<&Edns>) -> LookupOptions {
let edns = match edns {
Some(edns) => edns,

20
crates/server/src/store/sqlite/authority.rs
View File

@ -15,26 +15,28 @@ use std::sync::Arc;
use log::{error, info, warn};
use crate::client::op::LowerQuery;
use crate::client::rr::dnssec::{DnsSecResult, SigSigner};
use crate::client::rr::{LowerName, RrKey};
use crate::proto::op::ResponseCode;
use crate::proto::rr::dnssec::rdata::key::KEY;
use crate::proto::rr::{DNSClass, Name, RData, Record, RecordSet, RecordType};
use crate::authority::{
Authority, LookupError, LookupOptions, MessageRequest, UpdateResult, ZoneType,
};
#[cfg(feature = "dnssec")]
use crate::authority::{DnssecAuthority, UpdateRequest};
use crate::client::op::LowerQuery;
use crate::client::rr::{LowerName, RrKey};
use crate::error::{PersistenceErrorKind, PersistenceResult};
use crate::proto::op::ResponseCode;
use crate::proto::rr::{DNSClass, Name, RData, Record, RecordSet, RecordType};
use crate::store::in_memory::InMemoryAuthority;
use crate::store::sqlite::{Journal, SqliteConfig};
#[cfg(feature = "dnssec")]
use crate::{
authority::{DnssecAuthority, UpdateRequest},
client::rr::dnssec::{DnsSecResult, SigSigner},
proto::rr::dnssec::rdata::key::KEY,
};
/// SqliteAuthority is responsible for storing the resource records for a particular zone.
///
/// Authorities default to DNSClass IN. The ZoneType specifies if this should be treated as the
/// start of authority for the zone, is a Secondary, or a cached zone.
#[allow(dead_code)]
pub struct SqliteAuthority {
in_memory: InMemoryAuthority,
journal: Option<Journal>,

1
crates/server/tests/authority_battery/basic.rs
View File

@ -7,7 +7,6 @@ use std::str::FromStr;
use futures_executor::block_on;
use trust_dns_client::op::{Message, Query, ResponseCode};
use trust_dns_client::rr::dnssec::SupportedAlgorithms;
use trust_dns_client::rr::{Name, RData, Record, RecordType};
use trust_dns_server::authority::{
AuthLookup, Authority, LookupError, LookupOptions, MessageRequest,