[MaraDNS list] Deadwood update
Sam Trenholme
strenholme.usenet at gmail.com
Mon Sep 12 01:50:16 EDT 2011
I have finished up all of the work I am going to do for MaraDNS and
Deadwood for September 2011 (barring receiving more sponsorship). The
work I have done this weekend was made possible by a fairly modest
(but much appreciated) financial contribution.
Investigating the bug that Domenico Rotondi reported, I discovered
that there have been some issues with RD (recursion desired) being
incorrectly set when both upstream_servers and root_servers are set. I
have updated the code and hopefully RD will now always have the
correct value in DNS queries sent upstream.
In addition, I have updated Deadwood's parser:
* I consider it a bug if any valid dwood3rc file does not parse in
Python 2. That in mind, I have updated the dwood3rc parser to not
allow parameters to have any leading whitespace (since whitespace is
significant in Python).
This is OK:
recursive_acl = "127.0.0.1/16, 192.168.1.1/24"
But this will raise an error:
recursive_acl = "127.0.0.1/16, 192.168.1.1/24"
(Observe the extra space in the left of the second example)
* It is no longer allowed to set both root_servers or upstream_servers
for a given name. In other words, a configuration like this will now
raise an error:
upstream_servers = {}
upstream_servers["example.com."] = "127.0.0.1"
root_servers = {}
root_servers["example.com."] = "192.168.1.1"
* Deadwood now raises a warning when the same name is set more than
once. This will now trigger a warning:
upstream_servers = {}
upstream_servers["example.net."] = "10.1.2.3"
upstream_servers["example.net."] = "192.168.1.1"
I was tempted to make this fatal, but decided not to because making
this fatal would make it more difficult to manage large
anti-phish/malware blacklists.
* It is no longer permitted to initialize root_servers or
upstream_servers more than once. This will now raise an error:
upstream_servers = {}
upstream_servers["example.net."] = "10.1.2.3"
upstream_servers = {}
upstream_servers["example.com."] = "192.168.1.1"
* Deadwood will now raise an error for invalid lists of root or
upstream servers. This is now fatal:
root_servers = {}
root_servers["."] = "foo"
Yes, I am making the parser more anal. This is to help protect the
user from typos and other errors causing problems with Deadwood,
giving them a detailed description of the exact cause of a potential
problem before Deadwood starts to resolve queries, so that they find
and fix it before coming to the mailing list and complaining about the
issue.
In addition, I want to ensure that any valid dwood3rc file is also a
valid Python 2 script to make it much easier to use Deadwood
configuration files in Python scripts.
I have also updated the SQA tests; they now run in both Scientific
Linux 6 and in CentOS 5. Two new tests have been added:
sqa_server_fail and sqa_root_upstream
Whew! This was a lot of work; I spent most of Saturday and a couple of
hours this morning making all of these improvements. This will be all
of the work I do with MaraDNS/Deadwood this month unless I can get
more sponsorship.
It can be downloaded here:
http://www.maradns.org/deadwood/snap/
The next day I plan to work on MaraDNS/Deadwood without being
compensated for my time is on October 5, 2011.
More information about the list
mailing list