aboutsummaryrefslogtreecommitdiff
path: root/request
diff options
context:
space:
mode:
authorGravatar Miek Gieben <miek@miek.nl> 2020-09-17 16:28:43 +0200
committerGravatar GitHub <noreply@github.com> 2020-09-17 07:28:43 -0700
commitacf9a0fa19928e605ac8ac3314890c9fef73e16b (patch)
treea442ad2a7894d86b462eade46c44db4572016333 /request
parent22b68466262219284a47063e7f7bf9a833d21b61 (diff)
downloadcoredns-acf9a0fa19928e605ac8ac3314890c9fef73e16b.tar.gz
coredns-acf9a0fa19928e605ac8ac3314890c9fef73e16b.tar.zst
coredns-acf9a0fa19928e605ac8ac3314890c9fef73e16b.zip
cache: default to DNSSEC (#4085)
* cache: default to DNSSEC This change does away with the DNS/DNSSEC distinction the cache currently makes. Cache will always make coredns perform a DNSSEC query and store that result. If a client just needs plain DNS, the DNSSEC records are stripped from the response. It should also be more memory efficient, because we store a reply once and not one DNS and another for DNSSEC. Fixes: #3836 Signed-off-by: Miek Gieben <miek@miek.nl> * Change OPT RR when one is present in the msg. Signed-off-by: Miek Gieben <miek@miek.nl> * Fix comment for isDNSSEC Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/cache/handler.go Co-authored-by: Chris O'Haver <cohaver@infoblox.com> * Update plugin/cache/item.go Co-authored-by: Chris O'Haver <cohaver@infoblox.com> * Code review; fix comment for isDNSSEC Signed-off-by: Miek Gieben <miek@miek.nl> * Update doc and set AD to false Set Authenticated Data to false when DNSSEC was not wanted. Also update the readme with the new behavior. Signed-off-by: Miek Gieben <miek@miek.nl> * Update plugin/cache/handler.go Co-authored-by: Chris O'Haver <cohaver@infoblox.com> Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Diffstat (limited to 'request')
-rw-r--r--request/request.go2
1 files changed, 1 insertions, 1 deletions
diff --git a/request/request.go b/request/request.go
index 7374b0bd6..649e573c1 100644
--- a/request/request.go
+++ b/request/request.go
@@ -144,7 +144,7 @@ func (r *Request) Family() int {
return 2
}
-// Do returns if the request has the DO (DNSSEC OK) bit set.
+// Do returns true if the request has the DO (DNSSEC OK) bit set.
func (r *Request) Do() bool {
if r.size != 0 {
return r.do