An RRSet (=label) consisting of multiple records with different TTLs is
something not supported by most providers, and should be avoided.
Furthermore it is deprecated in rfc2181#section-5.2
Emit a warning for now during validation, eventually turning it into a full-blown error.
Fixes#1372
* Emit warning in case of label having multiple TTLs
An RRSet (=label) consisting of multiple records with different TTLs is
something not supported by most providers, and should be avoided.
Furthermore it is deprecated in rfc2181#section-5.2
Emit a warning for now during validation, eventually turning it into a full-blown error.
Fixes#1372
* normalize: less verbose checkLabelHasMultipleTTLs
Code would previously emit a warning for each record it found matching a
previously found label but with a different ttl. This could potentially become
too verbose of an output for larger zones.
Split the loop into two loops, one storing labels and their records' TTLs, the
second checking for multiple TTLs, in order to minimize the messages logged to
one message per problematic label, regardless for the number of records involved.
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
012_duration creates multiple records under the same label, with different TTLs
We plan to deprecate this going forward, in #1372.
Modify the test in a way that creates one label per record, each having a
different TTL format as before, to be validated.
All functions in should test for only one condition. There already is a
function that tests for long TXT records: TxtNoLongStrings.
Add calls to TxtNoLongStrings in all providers that use
TxtNoMultipleStrings, to keep functionality, except for NS1 and ClouDNS,
which allow for any TXT record length, but not for multiple strings per
TXT.
* Add integration test for SOA
* Add docs for SOA record
* MAINT: Rename SoaInfo to SoaDefaults.
gorename -v -from '"github.com/StackExchange/dnscontrol/v3/providers/bind".SoaInfo' -to SoaDefaults
* Adds SOA record to JS, zone parsing and record validation
* adds JS parsing test for SOA record
* fix validation & regenerates static resources
* Adds label and target test for SOA record
* Removes serial from SOA JS macro
* Adds generated resources
* reformat with gofmt
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
TXT records are now handled different.
1. The raw input from dnsconfig.js is passed all the way to the provider. The provider can determine if it can or can't handle such records (auditrecords.go) and processes them internally as such.
2. The CanUseTXTMulti capability is no longer needed.
* DSPs now register a table of functions
* Use audits for txt record variations
* unit tests pass. integration fails.
* fix deepcopy problem
* rename to AuditRecordSupport
* Reduce use of TXTMulti
* Remove CanUseTXTMulti
* fix Test Skip
* fix DO
* fix vultr
* fix NDC
* msdns fixes
* Fix powerdns and cloudflare
* HEDNS: Fix usage of target field to resolve TXT handling (#1067)
* Fix HEXONET
Co-authored-by: Robert Blenkinsopp <robert@blenkinsopp.net>
Co-authored-by: Jakob Ackermann <das7pad@outlook.com>
* Implement main feature
* BIND: Permit printf-like file name formats
* BIND: Make filenameformat work forwards and backwards.
* Fix extrator test cases
This type is identical to TXT but used for other purposes, it is
officially supported by OctoDNS.
Co-authored-by: Tom Limoncelli <tlimoncelli@stackoverflow.com>
* js_test.go: Do a zonefile test if $TESTNAME/parse_tests/{zonefile} exists.
* Add parse_tests zone files for all the tests that make sense.
* js_test.go: Addd the test datafile when displaying failures.
* 007-importTransformTTL.js: Was referring to a non-existent domain.
* 012-duration.js: Had duplicate DNS records.
* 029-dextendsub.js: Move CF-related tests to separate test.
* validate.go: Report non-existent domains as an error.
* cloudflareProvider.go: newCloudflare should not talk to the API.
* TXT records should check length
* Add validation to TXT generator
* Split and validate long TXT targets
* Add a metaparameter to TXT records to indicate autosplit is requested.
* SPF_BUILDER marks TXT records as needing to be autosplit.
* Validate should check for overly-long TXT targets
* Add ability to specify variables that are passed to js
* Use SplitN to respect a = in value part
* Add JSON parsing for cli variables
* Remove JSON parsing for cli variables
* Add a function to set CLI defaults
* Update static.go
* VULTR: Update govultr to v1.0.0 (fixes#892) (#897)
* go get -u github.com/hexonet/go-sdk
* Fix HEXONET providers.json entry
* providers.json: json commma
* providers.json: fmtjson
* HEXONET: Implement get-zones. Fix tests and docs.
* fixup!
* Update azure test failures
* Move version info into its own package
* Use new version system
* fix get-zones code block indentation
* extend D_EXTEND to handle subdomains
* fix targets: make absolute incl. subdomain where necessary
* clarify subdomain target test (not IP && not fqdn)
* Add parse_tests for D and D_EXTEND
* _getDomainObject: examine all domains
* human readable form
* consistent test IP addresses
* Improve docs and formatting
* propagate subdomain to canonicalisation
* en-US spelling
* rm extraneous console.log
* ignore subdomain for CF_REDIRECT
* clarify D_EXTEND doc re. CF_REDIRECT
* rm extraneous linebreak
* _getDomainObject: examine all domains
* human readable form
* consistent test IP addresses
* propagate subdomain to canonicalisation
* en-US spelling
* rm extraneous console.log
* ignore subdomain for CF_REDIRECT
* clarify D_EXTEND doc re. CF_REDIRECT
* rm extraneous linebreak
* GANDI_V5: Use github.com/go-gandi/go-gandi, not github.com/tiramiseb/go-gandi (#883)
* DOCUMENTATION: Fix error in CNAME.md (#877)
The current example `CNAME("def", "test.subdomain"), // def.example.com -> test.subdomain.example.com` is invalid (correctly raises a validation error, "ERROR: in CNAME def.example.com: target (test.subdomain) must end with a (.)")
* typos, fmt; example syntax fixes and real output
* formatting; re-add lost comment
* RecordConfig subdomain should be nullable
* providers/cscglobal/api.go: Fix fmt string
* More tests and docs
* go generate
Co-authored-by: Ben L <47653825+ad8-bdl@users.noreply.github.com>
* Added DU() and getConfiguredDomains()
* Added docs for both new functions
* Added a space between option and its value
* Renamed "DU" to "D_EXTEND", adjusted docs
* Fixed: Changed old DU() calls to D_EXTEND()
* Add multiple string support to SPF optimizer
Notes:
* This implements [RFC 4408][rfc] for the SPF optimizer. Allowing for
more SPF records to fit within the 10 lookups by using multiple strings.
* By default the max size of the TXT remains at 255. Meaning users will
still only get a single 255 length string unless they modify `txtMaxSize`
and opt into this feature.
* The general recommendation when using multiple strings for TXT records
is to keep the size within a single UDP packet. It seems like the
maximum size for this depends on a bunch of factors that are sometimes
outside of your control. A similar tool has a [formula for estimating the
maximum allowed size][formula]. However I felt giving a user
configurable size would fit with the current configuration style that
dnscontrol has. Similar to how dnscontrol recommends only flattening a
record if absolutely needed, I can see this length being increased by
only enough to get you within 10 lookups.
[rfc]: https://tools.ietf.org/html/rfc4408#section-3.1.3
[formula]: https://github.com/oasys/mkspf/blob/master/Overhead.md
* Add a nice comment for the Chunks function
Open to other configuration opens for how best to make this optional. Or
potentially making this an opt in configuration item which would be a
breaking change.
The main reason that someone would want to disable this is if their raw
SPF record goes over the 255 characters. This is potentially another
place that could get some multi string support. But as it is only used
for debugging purposes it seems like there should be a way to outright
disable it too.
This functionality is required by the GCLOUD provider, which supports
recordsets of type DS but only for child records of the zone, to enable
further delegation. It does not support them at the apex of the zone (@)
because Google Cloud DNS is not itself a registrar which needs to model
this information.
A related change (14ff68b151, #760) was
previously introduced to enable DS support in Google, which broke
integration tests with this provider.
To cleanly support this, we introduce a new provider capability
CanUseDSForChildren and appropriate integration tests. Further, it is no
longer possible to verify a provider has the proper capabilities for a
zone simply by existence of particular records; we adapt the capability
checks to enable inspection of the individual recordsets where this is
required.
Closes#762
Thanks to @haraldkoch for starting this, @McNetic for picking it up.
* Added DS record type
* Added DS for cloudflare provider with tests
* Removed DS validation, fixed parse test
* Added generated files
* Added dnsimple ds record
* Regenerated documentation matrix
* rebased and regenerated
* Updated integration tests
* Rebase and regenerate
* Enable DS record type for provider desec
* Added DS record type
* Added DS for cloudflare provider with tests
* Removed DS validation, fixed parse test
* Added generated files
* Added dnsimple ds record
* Regenerated documentation matrix
* rebased and regenerated
* Updated integration tests
* Rebase and regenerate
* Enable DS record type for provider desec
* Rebase and fixes
Co-authored-by: Robert Koch <robert@kochie.io>
Co-authored-by: Nicolai Ehemann <nicolai.ehemann@enerko-informatik.de>
