* Refactor net.PacketConn checks into helper function
* Only treat a *net.UnixConn of unixgram as a packet conn
* Handle wrapped net.Conn types in isPacketConn
* Use Error instead of Fatal where appropriate in TestIsPacketConn
* Send DNS query in one packet when using TCP/TLS
* fix review comments
* Removed net.Buffers
* Added unit-tests for writing messages over TCP in one go
* Support generic net.PacketConn's for the Server
This commit adds support for listening on generic net.PacketConn's for
UDP DNS requests, previously *net.UDPConn was the only supported type.
In the event of a future v2 of this module, this should be streamlined.
* Eliminate wrapper functions around RunLocalXServerWithFinChan
* Eliminate RunLocalTCPServerWithTsig function
* Replace RunLocalTLSServer with a wrapper around RunLocalTCPServer
This reduces code duplication.
* Add net.PacketConn server tests
This provides coverage over nearly all of the newly added code (with
the unfortunate exception of (*response).RemoteAddr).
* Fix broken client_test.go tests
a433fbede4 was merged into master between this PR being opened and
being merged. This broke the CI tests in rather strange ways as the
code was being merged into master in a way that wasn't at all clear.
This commit fixes the two broken lines.
* Ignore replies with unexpected IDs
This fixes the following problem:
At time 0, we send a query with ID X from port P.
At time T, we time out the query due to lack of response, and then send
a different query with ID Y. By coincidence, the new query is sent from
the same port number P (since port numbers are only 16 bits, this can happen
with non-negligible probability when making queries at a high rate).
At time T+epsilon, we receive a response to the original query.
Since the ID in this response is X, not Y, we would previously return
ErrId, preventing the second query from succeeding.
With this commit, we simply ignore the response with the mismatched ID
and return once we receive the response with the correct ID.
* Update test for bad ID
The new test sends two replies: the first one has a bad ID, which should
be ignored, and the second one has the correct ID.
* Add test to ensure query times out when server returns bad ID
* Avoid use of error string matching in test case
* Check for mismatched query IDs when using TCP
* Reduce timeout in TestClientSyncBadID
This reduces the time it takes to run the test. Shorter timeouts on
clients to avoid awaiting for the detault timeouts.
It's also reduces the iterations in some test functions, this doesn't
seem to impact the tests indicating those numbers where random to begin
with.
Use shorter crypto keys, as we don't need to strength in tests.
Stop using Google Public DNS and other remotes in tests as well: it's
faster, keeps things local and avoids spilling info to Google.
This brings the test duration down from ~8s to ~2s on my machine, a 4x
reduction.
~~~
PASS
ok github.com/miekg/dns 2.046s
Switched to branch 'master'
Your branch is up-to-date with 'origin/master'.
PASS
ok github.com/miekg/dns 7.915s
~~~
Signed-off-by: Miek Gieben <miek@miek.nl>
One of the test from DNS Compliance testing validates that if the opcode
is not supported, a NOTIMPL rcode is returned.
e0884144dd/genreport.c (L293)
This diff makes the default acceptfunc support this case and reply with
NOTIMPL instead of FORMERR.
Generalize the srv.Unsafe and make it pluggeable. Also add a default
accept function that allows to discard malformed DNS messages very early
on. Before we allocate and parse anything furher.
Also re-use the client's message when sending a reply.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Add test that srv.conns is empty in checkInProgressQueriesAtShutdownServer
* Track ResponseWriter Close without nil-ing tcp
* Remove LocalAddr and RemoteAddr panic after Close
This is no longer needed as the tcp field is no longer set to nil in
Close.
* Add more explicit WriteMsg panic after Close
Previously this would panic with `dns: Write called after Close` which
is obviously less clear.
* Panic if Hijack is called after Close
Previously this worked, but later calls to Write would panic. This is
more explicit.
* Return an error if Close called multiple times
Neither io.Closer, nor ResponseWriter, provide any guarantees about the
behaviour of multiple calls to Close. This was made explicit in
https://golang.org/cl/8575043 and in practice implementations differ
wildly.
This matches ShutdownContext which returns an error if called multiple
times.
* Check map len under lock in checkInProgressQueriesAtShutdownServer
* Correct error message in checkInProgressQueriesAtShutdownServer
* Remove panic-after-Close from Hijack
* Return errors, not panic, on Write after Close
* Replace the trigger type with chan in server_test.go
This was a lot of code to do very little.
* Check the error from ActivateAndServe in TestHandlerCloseTCP
May as well add this missing error check in while we're here.
* Bugfix for miekg/dns#748
w.msg was being prematurely cleared prior to use by TsigVerify
* Modified patch after feedback from tmthrgd
Added a disposeBuffer method to the server that's passed a response. This wipes the reference to and frees the buffer used to store the message after TSIG validation has occured, not before. Since the pool is an attribute of the server (and the logic refers to a server UDPSize attribute), it made sense to make this a function of the server rather than a function of the response.
* Added TestServerRoundtripTsig to server_test.go
This test generates a TSIG signed query, and makes sure that server TSIG validation does not produce an error.
* Fixed data races introduced by TestServerRoundtripTsig
* Simplified error signalling in TestServerRoundtripTsig
* RunLocalUDPServerWithFinChan variadic closure argument added
This (clever hack suggested by tmthrgd) allows specifying field values (like TsigSecret) on Server instances at test time without making the race detector grouchy, but is backwards compatible with existing invocations of RunLocalUDPServerWithFinChan.
* [tls] Carry TLS state within (possibly) response writer
This allows a server to make decision wether or not the link used to
connect to the DNS server is using TLS.
This can be used by the handler for instance to (but not limited to):
- log that the request was TLS vs TCP
- craft specific responsed knowing that the link is secured
- return custom answers based on client cert (if provided)
...
Fixes#711
* Address @tmthrgd comments:
- do not check whether w.tcp is nil
- create RR after setting txt value
* Address @miekg comments.
Attempt to make a TLS connection state specific test, it goes over
testing each individual server types (TLS, TCP, UDP) and validate that
tls.Connectionstate is only accessible when expected.
* ConnectionState() returns value instead of pointer
* * make ConnectionStater.ConnectionState() return a pointer again
* rename interface ConnectionState to ConnectionStater
* fix nits pointed by @tmthrgd
* @tmthrgd comment: Do not use concret type in `ConnectionState`
* Make Shutdown wait for connections to terminate gracefully
* Add graceful shutdown test files from #713
* Tidy up graceful shutdown tests
* Call t.Error directly in checkInProgressQueriesAtShutdownServer
* Remove timeout arguments from RunLocal*ServerWithFinChan
* Merge defers together in (*Server).serve
This removes the defer from the UDP path, in favour of directly
calling (*sync.WaitGroup).Done after (*Serve).serveDNS has
returned.
* Replace checkInProgressQueriesAtShutdownServer implementation
This performs dialing, writing and reading as three seperate steps.
* Add sleep after writing shutdown test messages
* Avoid race condition when setting server timeouts
Server timeouts cannot be set after the server has started without
triggering the race detector. The timeout's are not strictly needed, so
remove them.
* Use a sync.Cond for testShutdownNotify
Using a chan erroneously triggered the race detector, using a sync.Cond
avoids that problem.
* Remove TestShutdownUDPWithContext
This doesn't really add anything.
* Move shutdown and conn into (*Server).init
* Only log ResponseWriter.WriteMsg error once
* Test that ShutdownContext waits for the reply
* Remove stray newline from diff
* Rename err to ctxErr in ShutdownContext
* Reword testShutdownNotify comment
* Use strings.TrimSuffix in ListenAndServe for TLS
This replaces the if/else statements with something simpler.
Interestingly, the first pull request I submitted to this library was
to fix the tcp6-tls case way back in 4744e915eb.
* Add SO_REUSEPORT implementation
Fixes#654
* Rename Reuseport field to ReusePort
* Rename supportsReuseport to match ReusePort
* Rename listenUDP and listenTCP file to listen_*.go
* Fix Serve benchmark failures
At present, these benchmarks don't actually work or measure anything.
SetQuestion must have a fully qualified domain name (trailing dot) to
be valid. Because the question wasn't valid, the request never reached
the server and was rejected by the client.
With the error check added, the benchmarks started failing with:
--- FAIL: BenchmarkServe
server_test.go:346: Exchange failed: dns: domain must be fully qualified
* Enable Serve6 benchmark
Currently this benchmark isn't run as it's not exported.
* Only enable BenchmarkServe6 when IPv6 is supported
The Serve6 benchmark has been disabled since 2014 (in 28d936c032)
because it doesn't play nice with Travis. We can just skip the benchmark
if it fails to bind to an IPv6 address.
* Test that Shutdown does not surface closed errors
This test checks that calling Shutdown does not cause ActivateAndServe
(via serveTCP and serveUDP) to return the underlying
'use of closed network connection' error.
This commit unifies TestShutdownTCP with TestShutdownUDP. After this
commit, both tests will check that ActivateAndServe returns a nil error
and that Shutdown succeeded.
This was previously broken for serveTCP.
* Add comment explaining why fin chan is buffered
* Server: drop inflight waitgroup
This drops the waitgroup in Server, the suspicion is this can make the server
fail to stop; doing this make graceful shutdown not work.
Add test that tries to find a race between starting on stopping race;
there was a data race on srv.Inflight.
The coredns' TestReadme doesn't race anymore with this as it did with
the more evasive PR #546.
Use :0 for loopback testing. This is more portable between testing environments.
Add testRR that calls NewRR and throws error away - apply it everywhere where needed.
It seems only Go 1.9 can deal with :0 being used. Disable 1.8 in travis.
Move some of them to Errorf and friends, but most of them are just
gone: This make go test -v actually readable.
Remove a bunch of test that used ipv6 on localhost as this does not work
on Travis.
* adds tests for shutdown bind port
* closes file descriptors in for udp on linux
* adds sleep after shutdown in test
* minimizes defer usages
* reduces sleep time
* replaces sleep with notify channel
after starting DNS server
We should allow the server to receive requests of an encrypted connection. This
is proposed on the document draft-ietf-dprive-dns-over-tls [1].
Now it is possible to initialize the DNS server to listen with TLS using
"tcp-tls" value in network parameter of ListenAndServe function, or passing a
listener initialized with tls.Listen to ActivateAndServe.
There's also an option in Server type to change the TLS confirguration, to
inform the certificates that are going to be used, or to change any other
desired option of tls.Config.
See #297
[1] http://tools.ietf.org/html/draft-ietf-dprive-dns-over-tls-02
The call to conn.File() causes Go to call dup() and then set the resulting FD
to be blocking. This sets the FD back to non-blocking, allowing Shutdown() to
work properly.
Fixes#279.
Reduce some code duplication by making Exchange() use Client.Exchange().
When performing an Exchange if the query ID does not match the answer ID
return an error. Also add a test for this condition.
Remove trailing \n from t.Log and t.Error messages as it's unnecessary.
In some instances, combine multiple t.Error()s into one
To provide more consistency across the tests, rename e to err and use %v
as the format arg for errors.
Replace Logf and Errorf with Log and Error when it made sense. For
example t.Errorf("%v", err) to t.Error(err)
João Oliveirinha
Tom Thorogood
Josh Soref
Andrey Meshkov
Andrew Ayer
Miek Gieben
Dominik Menke
chantra
Yaroslav Kolomiiets
Daniel Selifonov
insomniac
Diep Pham
Rafael Dantas Justo
Ryan Leavengood
Andrew Tunnell-Jones
Filippo Valsorda
James DeFelice
Michael Haro