- New option FASTPARSER=disable|enable
- New option CHECK=disable|enable for unittests execution
- Explicit CFLAGS="-g -O2 -DNDEBUG -D_FORTIFY_SOURCE=2 -fstack-protector-strong"
- Added --enable-dnstap

David Vasek authored 3 years ago and Daniel Salzman committed 3 years ago

This prevents a situtation when the deleted item may repeat in the array.
This solution is based on the assumption that the duplicate entries are rather rare.

Romain Labolle authored 3 years ago and Daniel Salzman committed 3 years ago

fixes #774

This avoids problems with future changes and reduces overhead of conf_clone()

David Vasek authored 3 years ago and Daniel Salzman committed 3 years ago

While there, fix the use of space containing paths in this operation.

Robert Edmonds authored 3 years ago and Daniel Salzman committed 3 years ago

Previously, mod-dnstap would log query messages with downcased QNAMEs,
because knotd had already downcased the QNAME in the query packet buffer
passed to the dnstap module. This is not necessarily the same as the
original DNS wire query message if any uppercase letters were used in
the QNAME.

The knotd_qdata_t object already stores the original QNAME before
downcasing in the 'extra' field, which is inaccessible to query modules.
This commit introduces a new 'knotd_qdata_orig_qname()' function that
query modules can call to access the original QNAME.

This commit updates the mod-dnstap message logging code to patch the
buffer used for the wire message behind the 'query_message' field in the
dnstap protobuf message by copying the original QNAME back into the
query packet buffer, and then re-downcasing the QNAME in the query
packet buffer after the dnstap protobuf message has been serialized.
(This avoids the overhead of allocating space for a copy of the query
packet, making a copy of the packet, and performing the QNAME
restoration on the copy.)

fixes #773

David Vasek authored 3 years ago and Daniel Salzman committed 3 years ago

The original \W and \S are non-portable extensions to regular expressions in GNU sed.
The extra (the third) brackets are needed here as m4 escape characters for the character
class brackets.

Robert Edmonds authored 3 years ago and Daniel Salzman committed 3 years ago

This commit adds a 'responses-with-queries' option to the dnstap module.
When enabled, it also adds the original query message to AUTH_RESPONSE
type dnstap message payloads in addition to the response message.

The dnstap protobuf definition has separate 'query_message' and
'response_message' fields for dnstap message objects, and for
AUTH_RESPONSE messages the 'query_message' field can optionally be
filled in.

closes #764

David Vasek authored 3 years ago and Daniel Salzman committed 3 years ago

fixes #770