Policy REFUSE; minot tweak

added 2 commits

• 4d45529a - policy: add REFUSE policy
• 778115b9 - kresd: improve error reporting if cache cannot be opened

Compare with previous version

assigned to @vcunat

@vcunat Please review https://gitlab.labs.nic.cz/knot/knot-resolver/merge_requests/549/diffs?commit_id=778115b9100c19041f132565e05db85ff75ff1d1 and merge it if it is okay. I do not see reason to have assert in here.

This code will leave the AD flag if the query had AD or DO. We probably don't want that. Currently we don't have lua bindings to set individual flags – we have ffi.C.kr_pkt_make_auth_header in policy specifically for this, but that also sets the AA flag – I'm not sure we want it in all cases, but it seems less bad than AD flag.

Otherwise, at least in the long run, we can bind all the flags into lua in some way, e.g. add non-inline clones of all the flag-setting c functions.

assigned to @pspacek

marked as a Work In Progress

Good catch, I did not realize this.

• fix header flags
• inspect flags in other policies as DROP etc. as well

assigned to @gdemidov

added 168 commits

• 778115b9...580a7ed4 - 166 commits from branch master
• 9f7f25ea - policy: add REFUSE policy
• 9583595b - kresd: improve error reporting if cache cannot be opened

Compare with previous version

added 1 commit

• 4152334a - policy: REFUSE policy, clear AD flag

Compare with previous version

Test https://gitlab.labs.nic.cz/knot/deckard/merge_requests/114

added 1 commit

• f37dd62a - policy: TC policy, clear AD flag

Compare with previous version

DROP & DENY policies don't return AD flag.

resolved all discussions

unmarked as a Work In Progress

kresd doesn't copy incoming AD flag, so i've reverted two last commits as they were meaningless.

merged

mentioned in commit bba85538