as the submodule collects metrics from all sub-processes as well.
- TLS fixes for corner cases (!714, !700)
- fix build with -DNOVERBOSELOG (#424)
+- policy.{FORWARD,TLS_FORWARD,STUB}: respect net.ipv{4,6} setting (!710)
Improvements
------------
:return: boolean (default: true)
- Enable/disable using IPv6 for recursion.
+ Enable/disable using IPv6 for contacting upstream nameservers.
.. envvar:: net.ipv4 = true|false
:return: boolean (default: true)
- Enable/disable using IPv4 for recursion.
+ Enable/disable using IPv4 for contacting upstream nameservers.
.. function:: net.listen(addresses, [port = 53, flags = {tls = (port == 853)}])
};
/**
- * Set given NS address.
+ * Set given NS address. (Very low-level access to the list.)
* @param qry updated query
* @param index index of the updated target
* @param sock socket address to use (sockaddr_in or sockaddr_in6 or NULL)
- * @return 0 or an error code
+ * @return 0 or an error code, in particular kr_error(ENOENT) for net.ipvX
*/
KR_EXPORT
int kr_nsrep_set(struct kr_query *qry, size_t index, const struct sockaddr *sock);
-- Override the list of nameservers (forwarders)
local function set_nslist(qry, list)
- for i, ns in ipairs(list) do
+ local ns_i = 0
+ for _, ns in ipairs(list) do
-- kr_nsrep_set() can return kr_error(ENOENT), it's OK
- ffi.C.kr_nsrep_set(qry, i - 1, ns)
+ if ffi.C.kr_nsrep_set(qry, ns_i, ns) == 0 then
+ ns_i = ns_i + 1
+ end
end
-- If less than maximum NSs, insert guard to terminate the list
- if #list < 4 then
- assert(ffi.C.kr_nsrep_set(qry, #list, nil) == 0);
+ if ns_i < 3 then
+ assert(ffi.C.kr_nsrep_set(qry, ns_i, nil) == 0);
+ end
+ if ns_i == 0 then
+ -- would use assert() but don't want to compose the message if not triggered
+ error('no adress in the configured NS set is usable:\n' .. table_print(list, 2))
end
end
projects / thirdparty / knot-resolver.git / commitdiff
