PowerDNS
rec: notify_allowed should be processed for auth_zones, forward_zones and forward_zones_recurse
Until now AuthZones did not have the field at all, and for ForwardZones it was only processed if reading from a forward_zones_file.
A slight drawback is the thing mentioned in the comment: the zones will be shown in allow_notify_for if you
run pdns_recursor --config, while they aren't actually there in any config file.
Short description
Checklist
I have:
- [X] read the CONTRIBUTING.md document
- [X] compiled this code
- [X] tested this code
- [X] included documentation (including possible behaviour changes)
- [X] documented the code
- [X] added or modified regression test(s)
- [ ] added or modified unit test(s)
Pull Request Test Coverage Report for Build 11214103293
Details
- 5 of 9 (55.56%) changed or added relevant lines in 1 file are covered.
- 63 unchanged lines in 12 files lost coverage.
- Overall coverage decreased (-0.03%) to 64.691%
| Changes Missing Coverage | Covered Lines | Changed/Added Lines | % |
|---|---|---|---|
| pdns/recursordist/settings/cxxsupport.cc | 5 | 9 | 55.56% |
| <!-- | Total: | 5 | 9 |
| Files with Coverage Reduction | New Missed Lines | % |
|---|---|---|
| pdns/pollmplexer.cc | 1 | 83.66% |
| pdns/sstuff.hh | 2 | 56.83% |
| pdns/recursordist/syncres.cc | 2 | 79.28% |
| pdns/rcpgenerator.cc | 2 | 89.95% |
| pdns/stubresolver.cc | 3 | 77.58% |
| pdns/packethandler.cc | 3 | 73.03% |
| pdns/axfr-retriever.cc | 3 | 67.07% |
| pdns/recursordist/recpacketcache.hh | 3 | 89.55% |
| pdns/recursordist/test-syncres_cc1.cc | 8 | 89.55% |
| pdns/dnsdistdist/dnsdist-tcp.cc | 8 | 75.85% |
| <!-- | Total: | 63 |
| Totals | |
|---|---|
| Change from base Build 11213210825: | -0.03% |
| Covered Lines: | 124977 |
| Relevant Lines: | 162440 |
💛 - Coveralls
I don't quite get why we would want to process notify queries for authoritative zones: is there a way to reload them without using rec_control reload-zones or the API?
I checked the log message, but missed that it actually does not cause a reload of auth zones somehow. I'll look into that.
So what is happening is: the caches get flushed but the auth zone is not reloaded. This does not seem very useful functionality for auth zones. A reload of an auth zone is already flushing the relevant cache entries. A notify for auth zones only is useful if it actually reloads, and we do not have that functionality at the moment, and there's no easy way to get it (for a specific zone).
So I think I'll be removing the notify_allowed field for auth zones.
So I think I'll be removing the notify_allowed field for auth zones.
Makes sense to me.