|
|
1cca9a5aa7
|
Phase 1.3: in-memory store + ServeDNS query dispatch
ServeDNS now answers authoritatively for the configured zone(s):
- Apex SOA → synthetic SOA (serial = store generation counter)
- Apex NS → synthetic NS pointing at p.Nameserver
- In-store lookups for any qtype
- NODATA vs NXDOMAIN correctly distinguished (SOA in authority section)
- UPDATE opcode → REFUSED (Phase 1.4 implements properly)
- Queries outside our zones pass through to Next
Added:
- store.go: recordStore with sync.RWMutex + atomic generation counter.
Operations: Add (de-dupes), RemoveRRset, RemoveRR, RemoveName, Lookup
(returns a copy so callers can't corrupt internal state), NameExists.
All keyed on canonical lowercase + trailing-dot names.
- plugin.go: ServeDNS dispatch, findZone (longest-suffix match),
syntheticSOA, syntheticNS. New Nameserver field.
- setup.go: nameserver directive. Default Nameserver = first zone apex.
Store initialised at parse time.
- store_test.go: 12 unit tests covering add/dedupe/remove/lookup/
generation/case-insensitivity/copy-safety.
- plugin_test.go: 10 dispatch tests covering pass-through, apex
synthetics, in-store lookups, NXDOMAIN/NODATA semantics, UPDATE
refusal, findZone longest-suffix-wins and case behavior.
- setup_test.go: 3 new cases for the nameserver directive + store init.
Total: 38 tests passing.
Module: git.supported.systems/rsp2k/coredns-rfc2136
|
2026-05-21 10:37:48 -06:00 |
|
|
|
eba6313ec0
|
Phase 1.2: wire parser → typed config + 13 unit tests
The Corefile parser now fully populates typed fields on RFC2136 instead
of just recognising directives. Validation happens at parse-time so
configuration errors fail loud at CoreDNS startup rather than silent at
request time.
Added:
- config.go: tsigKey type, TSIG algorithm allowlist (rejects HMAC-MD5
deliberately), base64 secret decoder with 8-byte minimum length check,
canonical-key-name normalisation (lowercase + trailing dot).
- plugin.go: RFC2136 struct now carries TSIGKeys map, TTL uint32,
PersistPath string. DefaultTTL=60.
- setup.go: parse() validates and stores tsig-key/ttl/persist directives.
Duplicate key names rejected. Multiple TSIG keys allowed (for rotation).
At-least-one-zone is enforced.
- setup_test.go: 13 table-driven cases (5 happy + 8 error paths) using
caddy.NewTestController. All pass.
ServeDNS still passes through — UPDATE handling lands in Phase 1.4.
Module path: git.supported.systems/rsp2k/coredns-rfc2136
|
2026-05-21 10:31:22 -06:00 |
|