Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

plugin/file: Use NXDOMAIN response if CNAME target is NXDOMAIN #4303

Merged
merged 4 commits into from
Dec 9, 2020
Merged

plugin/file: Use NXDOMAIN response if CNAME target is NXDOMAIN #4303

merged 4 commits into from
Dec 9, 2020

Conversation

chrisohaver
Copy link
Member

@chrisohaver chrisohaver commented Nov 20, 2020
edited
Loading

Signed-off-by: Chris O'Haver cohaver@infoblox.com

1. Why is this pull request needed and what does it do?

As cited in #4288, per https://tools.ietf.org/html/rfc6604#section-3, when following a CNAME chain the response code sent to the client should be the same response code received when resolving the target of the final link in the chain. Strictly this means we should be passing through the exact Rcode received when looking up the final target. But since file uses an alternate response code datatype file.Result which does not map 1:1 to DNS response codes, making that happen might require some larger scope refactoring. So for now, just addressing response codes that do map.

2. Which issues (if any) are related?

fixes #4288

3. Which documentation changes (if any) need to be made?

4. Does this introduce a backward incompatible change or deprecation?

@chrisohaver
pass through nxdomain results
6f24485 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
@chrisohaver
return srvfail and nodata results
04bf4be 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
@miekg
Copy link
Member

miekg commented Nov 21, 2020

looks good. Maybe add a little test?

@chrisohaver
add test
331d277 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
@chrisohaver
cover more response cases
10b954c 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
@chrisohaver
Copy link
Member Author

looks good. Maybe add a little test?

Thanks, test added.

@chrisohaver chrisohaver changed the title plugin/file: Use NXDOMAIN response if CNAME target it NXDOMAIN plugin/file: Use NXDOMAIN response if CNAME target is NXDOMAIN Nov 25, 2020
@miekg miekg merged commit 6bbb48d into coredns:master Dec 9, 2020
@chrisohaver chrisohaver deleted the file-cnames branch January 9, 2021 14:45
@EchoStone1101 EchoStone1101 mentioned this pull request Apr 21, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@miekg miekg Awaiting requested review from miekg miekg is a code owner

@stp-ip stp-ip Awaiting requested review from stp-ip stp-ip is a code owner

@yongtang yongtang Awaiting requested review from yongtang yongtang is a code owner

@bradbeam bradbeam Awaiting requested review from bradbeam bradbeam is a code owner

@dilyevsky dilyevsky Awaiting requested review from dilyevsky dilyevsky is a code owner

@Isolus Isolus Awaiting requested review from Isolus Isolus is a code owner

@johnbelamaric johnbelamaric Awaiting requested review from johnbelamaric johnbelamaric is a code owner

@pmoroney pmoroney Awaiting requested review from pmoroney pmoroney is a code owner

@rajansandeep rajansandeep Awaiting requested review from rajansandeep rajansandeep is a code owner

@SuperQ SuperQ Awaiting requested review from SuperQ SuperQ is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Non-existent CNAME target in the same zone should be returned with NXDOMAIN instead of NOERROR rcode
2 participants
@chrisohaver @miekg