Jorge Aparicio
2a04299fbc
Add 'conformance/' from commit '2a86c07974b27af6de6cdb0cc87074aaf57b8c39'
...
git-subtree-dir: conformance
git-subtree-mainline: f1489da675
git-subtree-split: 2a86c07974
2024-06-07 11:03:57 +02:00
Jorge Aparicio
f1489da675
ci: pin nightly version
...
the past-future job fails with latest nightly toolchain:
1.80.0-nightly (da159eb33 2024-05-28)
this commit pins the nightly version to a known to work version
closes #2223
2024-05-30 12:05:04 +02:00
Christian Poveda Ruiz
2a86c07974
Merge pull request #67 from ferrous-systems/ja-bump-hickory
...
bump hickory-dns and unignore fixed tests
2024-05-29 10:17:31 -05:00
Jorge Aparicio
0d529d4f41
bump hickory-dns and unignore fixed tests
...
also build hickory-dns with dnssec support and enable security
awareness
2024-05-29 12:46:32 +02:00
Андрей Листочкин (Andrei Listochkin)
568c75ec6f
Merge pull request #65 from ferrous-systems/ja-graph-two-point-o
...
tweak `Graph::build` to support anydomain.com. as leaf zone
2024-05-23 12:22:37 +01:00
Jorge Aparicio
f87d98eaaf
explore: use Graph
API and use mydomain.com.
as leaf zone
2024-05-23 13:11:04 +02:00
Jorge Aparicio
a0909f3c04
tweak Graph::build
to support anydomain.com. as leaf zone
2024-05-23 13:10:53 +02:00
Jorge Aparicio
ab2aa39b06
NameServer: fix generation of SOA record
...
`unbound` requires that the MNAME lies underneath the zone. That is
`primaryNN.nameservers.com.` is not a valid MNAME for a nameserver
authoritative over `mydomain.com.`. For that zone,
`primaryNN.mydomain.com.` would be a valid MNAME.
2024-05-23 13:10:53 +02:00
Jorge Aparicio
0ba63a167d
Merge pull request #58 from ferrous-systems/refactor-test-helpers
...
Refactor test helpers
2024-05-22 19:07:58 +02:00
Sebastian Ziebell
0ea1397480
Add function to return root hint
...
This adds a function to `NameServer` to return root hints.
2024-05-22 19:00:55 +02:00
Sebastian Ziebell
0bcf749617
Add function to set referral via other nameserver
...
* fix clippy lints
2024-05-22 18:51:44 +02:00
Sebastian Ziebell
96b3b6650d
Add function to return A record
...
A NameServer can now return the `Record::A` entry for itself.
2024-05-22 18:49:12 +02:00
Jorge Aparicio
14ee8fd6cc
Merge pull request #57 from ferrous-systems/ja-clear-ad-bit-on-queries
...
resolver: check that out queries don't have the AD bit
2024-05-22 18:06:26 +02:00
Jorge Aparicio
2de7139bc6
resolver: check that out queries don't have the AD bit
2024-05-22 17:56:57 +02:00
Jorge Aparicio
a58fb71eeb
Merge pull request #56 from ferrous-systems/ja-cd-bit-handling
...
resolver: add CD bit handling tests
2024-05-22 17:49:11 +02:00
Jorge Aparicio
b6e97bf3b6
move existing test into RFC4035 section 3.2.2
2024-05-22 17:44:08 +02:00
Jorge Aparicio
8f414879b8
test CD bit forwarding
2024-05-22 17:39:13 +02:00
Jorge Aparicio
c50b28262e
Merge pull request #53 from ferrous-systems/ja-do-bit-tests
...
resolver: test DO bit handling
2024-05-22 14:56:14 +02:00
Jorge Aparicio
8b582baffc
resolver: test DO bit handling
...
this corresponds to section 3.2.1 of RFC4035
2024-05-22 14:47:06 +02:00
Jorge Aparicio
b3b214317a
Merge pull request #54 from ferrous-systems/ja-ds-query
...
resolver: test that DS query is sent to parent zone
2024-05-22 14:44:38 +02:00
Jorge Aparicio
261b9f4428
resolver: test that DS query is sent to parent zone
2024-05-22 14:38:50 +02:00
Jorge Aparicio
fef26b7139
dns-test: add getters & make some fields public
2024-05-22 14:32:02 +02:00
Jorge Aparicio
3a54e693fa
Merge pull request #31 from ferrous-systems/ja-explore-opt-in-dnssec
...
`explore`: make DNSSEC opt-in
2024-05-22 14:31:40 +02:00
Jorge Aparicio
5d15aa2228
explore
: generate bind.keys
w/o querying resolver
...
this avoids the resolver caching any query. that way `tshark` can
observe all the messages involved in DNSSEC validating a query "from
scratch"
2024-05-22 14:26:55 +02:00
Jorge Aparicio
1aab8812df
explore
: make DNSSEC opt-in
2024-05-22 14:26:55 +02:00
Jorge Aparicio
a9c6e42715
Merge pull request #52 from ferrous-systems/ja-use-default-cache-size
...
hickory/resolver: drop _cache_size settings
2024-05-22 14:26:23 +02:00
Jorge Aparicio
b840819998
hickory/resolver: drop _cache_size settings
...
they are not required as default values exist
2024-05-22 14:21:38 +02:00
Jorge Aparicio
e12a1f4d92
Merge pull request #44 from ferrous-systems/ja-clippier
...
CI: make clippy check cfg(test) code, tests & examples
2024-05-22 14:21:17 +02:00
Jorge Aparicio
49990d2530
fix previously undetected clippy warning
2024-05-22 14:16:53 +02:00
Jorge Aparicio
cd2895a168
CI: make clippy check cfg(test) code, tests & examples
2024-05-22 14:16:53 +02:00
Jorge Aparicio
76d308c984
Merge pull request #43 from ferrous-systems/ja-immutable-subject-peer
...
turn `dns_test::{subject,peer}` into immutable statics
2024-05-22 14:16:27 +02:00
Jorge Aparicio
58239028f4
turn dns_test::{subject,peer} into immutable statics
...
using `std::env::set_var` to set or change the value of either
DNS_TEST_SUBJECT or DNS_TEST_PEER is A Bad Idea, specially so when
tests are running in parallel
we can't forbid the use of `env::set_var` _but_ at least we can ensure
that even in its presence the return value of `dns_test::{subject,peer}`
will not change
this is accomplished using a "lazy" static variable that gets
initialized at most once during the lifetime of the process instead of
reading the env var each time `{subject,peer}` is called
to better convey the fact that the return value of `{subject,peer}`
won't change, we present them as static variables instead
2024-05-22 14:03:18 +02:00
Dirkjan Ochtman
107635c6c5
Update dependencies
2024-05-21 10:24:01 -07:00
Dirkjan Ochtman
cde6f908c2
Remove broken mtls code
2024-05-21 10:24:01 -07:00
Sebastian Ziebell
2e46421927
Check hickory-dns is fully started
...
When starting `hickory-dns` there is no easy way to check the start
sequence has finished & its fully ready to accept connections. Other
tools, e.g. unbound, are designed as services, they will correctly
manage their `pidfile`. They also could be queried by the `servicectl`
inside the Docker container.
2024-05-21 15:05:29 +01:00
Benjamin Fry
978235f7cd
add RFC2931 SIG(0) as supported
2024-05-21 11:33:19 +02:00
Jonathan Davies
dbb48114ce
cargo: Enable LTO on release build.
2024-05-19 07:30:40 -07:00
Adrian Kappel
ede83dc7d6
Adds deref call in assertion for hickory-client README example ( #2173 )
...
* Adds deref call in assertion
* Adds inner struct to pattern match
---------
Co-authored-by: Benjamin Fry <benjaminfry@me.com>
2024-05-18 11:40:03 -07:00
Jorge Aparicio
f868f8e27d
recursor: send DS query to the parent zone
2024-05-18 11:33:35 -07:00
Benjamin Fry
202c2304da
retry all tcp on all IO errors recieved from UDP requests
2024-05-18 09:54:28 +02:00
Benjamin Fry
27018620b7
remove IO error from ResolveError and only use ProtoError(Io)
2024-05-18 09:54:28 +02:00
Dirkjan Ochtman
872ada02ef
recursor: rename Recursor::new() to builder()
2024-05-18 09:38:36 +02:00
Dirkjan Ochtman
5db65e336b
recursor: make security awareness depend on config
2024-05-18 09:38:36 +02:00
Jorge Aparicio
97e1f43456
expose security-aware setting in named.toml
2024-05-10 18:25:18 -07:00
Jorge Aparicio
36258a8a03
make Recursor configurable via a "builder"
...
and make security-awareness opt-in
2024-05-10 18:25:18 -07:00
Jorge Aparicio
f3a012cc36
recursor: honor DO bit in client's query
2024-05-10 18:25:18 -07:00
Jorge Aparicio
e558fcc43c
recursor: preserve DNSSEC records
2024-05-10 18:25:18 -07:00
Jorge Aparicio
cc81d5636e
recursor: set DO in outgoing queries
...
when the recursor is "security-aware" -- that is the "dnssec" feature is
enabled -- as per RFC 4035 section 3.2.1
2024-05-10 18:25:18 -07:00
Jorge Aparicio
fe3961ffe1
Merge pull request #42 from ferrous-systems/ja-terminate-hickory
...
implement terminate for Hickory
2024-05-08 12:44:14 +02:00
0xffffharry
cffc3fac2a
Make H3ClientStream Clonable
2024-05-04 11:13:01 -07:00