remove SAFEMODE

I have no real solution in mind, I'll just keep a running list of what SAFEMODE does here, since I have been bitten in the backparts by it multiple times and the documentation really doesn't cut it (“Don’t use fancy stuff (EDNS, 0x20, …)”).

turns off Ox20 randomization
turns off server selection (to be changed in !1030 (merged))
turns off some EDNS stuff that I don't understand
ensures that there is a retry after REFUSED (see code below; this means that if you overwrite query->SAFEMODE after this, the resolver may cycle on REFUSED)

static int resolve_badmsg(knot_pkt_t *pkt, struct kr_request *req, struct kr_query *query)
{

#ifndef STRICT_MODE
	/* Work around broken auths/load balancers */
	if (query->flags.SAFEMODE) {
		return resolve_error(pkt, req);
	} else if (query->flags.NO_MINIMIZE) {
		query->flags.SAFEMODE = true;
		return KR_STATE_DONE;
	} else {
		query->flags.NO_MINIMIZE = true;
		return KR_STATE_DONE;
	}
#else
		return resolve_error(pkt, req);
#endif
}

Removing it, is probably a better idea: especially with the new server selection error reporting we could probably make the workarounds more granular than they are now.

Edited Dec 20, 2020 by Štěpán Balážik

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

Admin message

remove SAFEMODE