|
|
eba6313ec0
|
Phase 1.2: wire parser → typed config + 13 unit tests
The Corefile parser now fully populates typed fields on RFC2136 instead
of just recognising directives. Validation happens at parse-time so
configuration errors fail loud at CoreDNS startup rather than silent at
request time.
Added:
- config.go: tsigKey type, TSIG algorithm allowlist (rejects HMAC-MD5
deliberately), base64 secret decoder with 8-byte minimum length check,
canonical-key-name normalisation (lowercase + trailing dot).
- plugin.go: RFC2136 struct now carries TSIGKeys map, TTL uint32,
PersistPath string. DefaultTTL=60.
- setup.go: parse() validates and stores tsig-key/ttl/persist directives.
Duplicate key names rejected. Multiple TSIG keys allowed (for rotation).
At-least-one-zone is enforced.
- setup_test.go: 13 table-driven cases (5 happy + 8 error paths) using
caddy.NewTestController. All pass.
ServeDNS still passes through — UPDATE handling lands in Phase 1.4.
Module path: git.supported.systems/rsp2k/coredns-rfc2136
|
2026-05-21 10:31:22 -06:00 |
|
