From: Pieter Lexis Date: Tue, 1 Dec 2015 11:09:31 +0000 (+0100) Subject: Webserver, API and dnsupdate are not experimental X-Git-Tag: dnsdist-1.0.0-alpha1~136^2~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d07bf7ff0be34a52cf3af3093db3373835402c5f;p=thirdparty%2Fpdns.git Webserver, API and dnsupdate are not experimental Closes #2961 --- diff --git a/docs/markdown/authoritative/dnsupdate.md b/docs/markdown/authoritative/dnsupdate.md index 017f8c2642..3dabaa1c8c 100644 --- a/docs/markdown/authoritative/dnsupdate.md +++ b/docs/markdown/authoritative/dnsupdate.md @@ -14,8 +14,8 @@ The implementation requires the backend to support a number of new oparations. C # Configuration options There are two configuration parameters that can be used within the powerdns configuration file. -## `experimental-dnsupdate` -A setting to enable/disable DNS update support completely. The default is no, which means that DNS updates are ignored by PowerDNS (no message is logged about this!). Change the setting to **experimental-dnsupdate=yes** to enable DNS update support. Default is **no**. +## `dnsupdate` +A setting to enable/disable DNS update support completely. The default is no, which means that DNS updates are ignored by PowerDNS (no message is logged about this!). Change the setting to **dnsupdate=yes** to enable DNS update support. Default is **no**. ## `allow-dnsupdate-from` A list of IP ranges that are allowed to perform updates on any domain. The default is 0.0.0.0/0, which means that all ranges are accepted. Multiple entries can be used on this line (**allow-dnsupdate-from=198.51.100.0/8 203.0.113.2/32**). The option can be left empty to disallow everything, this then should be used in combination with the **allow-dnsupdate-from** domainmetadata setting per zone. @@ -190,13 +190,13 @@ A number of small changes are needed to powerdns to make it accept dynamic updat Enabled DNS update (RFC2136) support functionality in PowerDNS by adding the following to the PowerDNS configuration file (pdns.conf). ``` -experimental-dnsupdate=yes +dnsupdate=yes allow-dnsupdate-from= ``` This tells PowerDNS to: -1. Enable DNS update support([`experimental-dnsupdate`](settings.md#experimental-dnsupdate)) +1. Enable DNS update support([`dnsupdate`](settings.md#dnsupdate)) 2. Allow updates from NO ip-address ([`allow-dnsupdate-from=`](settings.md#allow-dnsupdate-from)) We just told powerdns (via the configuration file) that we accept updates from nobody via the [`allow-dnsupdate-from`](settings.md#allow-dnsupdate-from) parameter. That's not very useful, so we're going to give permissions per zone, via the domainmetadata table. @@ -233,7 +233,7 @@ This is a short description of how DNS update messages are processed by PowerDNS 1. The DNS update message is received. If it is TSIG signed, the TSIG is validated against the tsigkeys table. If it is not valid, Refused is returned to the requestor. 2. A check is performed on the zone to see if it is a valid zone. ServFail is returned when not valid. -3. The **experimental-dnsupdate** setting is checked. Refused is returned when the setting is 'no'. +3. The **dnsupdate** setting is checked. Refused is returned when the setting is 'no'. 4. If the **ALLOW-DNSUPDATE-FROM** has a value (from both domainmetadata and the configuration file), a check on the value is performed. If the requestor (sender of the update message) does not match the values in **ALLOW-DNSUPDATE-FROM**, Refused is returned. 5. If the message is TSIG signed, the TSIG keyname is compared with the TSIG keyname in domainmetadata. If they do not match, a Refused is send. The TSIG-ALLOW-DNSUPDATE domainmetadata setting is used to find which key belongs to the domain. 6. The backends are queried to find the backend for the given domain. diff --git a/docs/markdown/authoritative/settings.md b/docs/markdown/authoritative/settings.md index 90c752a60b..ea40a20cfe 100644 --- a/docs/markdown/authoritative/settings.md +++ b/docs/markdown/authoritative/settings.md @@ -54,6 +54,19 @@ always receive a notification. Even if they do not match the list in Answer questions for the ANY and RRSIG types on UDP with a truncated packet that refers the remote server to TCP. Useful for mitigating reflection attacks. +## `api-readonly` +* Boolean +* Default: no +* Available since: 3.4 + +Disallow data modification through the json API when set. + +## `api-key` +* String +* Available since: 3.4.1 + +api-key REST API Static authentication key (required for API use) + ## `cache-ttl` * Integer * Default: 20 @@ -230,6 +243,12 @@ Do not listen to TCP queries. Breaks RFC compliance. Number of Distributor (backend) threads to start per receiver thread. See ["Authoritative Server Performance"](performance.md). +## `dnsupdate` +* Boolean +* Default: no + +Enable/Disable DNS update (RFC2136) support. + ## `do-ipv6-additional-processing` * Boolean * Default: yes @@ -256,19 +275,6 @@ Enables EDNS subnet processing, for backends that support it. Entropy source file to use. -## `experimental-api-readonly` -* Boolean -* Default: no -* Available since: 3.4 - -Disallow data modification through the json API when set. - -## `experimental-api-key` -* String -* Available since: 3.4.1 - -experimental-api-key REST API Static authentication key (required for API use) - ## `experimental-dname-processing` * Boolean * Default: no @@ -276,13 +282,7 @@ experimental-api-key REST API Static authentication key (required for API use) Synthesise CNAME records from DNAME records as required. This approximately doubles query load. **Do not combine with DNSSEC!** -## `experimental-dnsupdate` -* Boolean -* Default: no - -Enable/Disable DNS update (RFC2136) support. - -## `experimental-json-interface` +## `json-interface` * Boolean * Default: no diff --git a/docs/markdown/authoritative/upgrading.md b/docs/markdown/authoritative/upgrading.md index b165303dd2..13f6a21b2f 100644 --- a/docs/markdown/authoritative/upgrading.md +++ b/docs/markdown/authoritative/upgrading.md @@ -26,7 +26,7 @@ No breaking changes. ## Configuration option changes ### New options -* [`experimental-api-key`](settings.md#experimental-api-key) +* [`experimental-api-key`](settings.md#api-key) * [`security-poll-suffix`](settings.md#security-poll-suffix) # 3.3.1 to 3.4.0 diff --git a/docs/markdown/httpapi/README.md b/docs/markdown/httpapi/README.md index 63647f92e4..bca389f7eb 100644 --- a/docs/markdown/httpapi/README.md +++ b/docs/markdown/httpapi/README.md @@ -22,8 +22,8 @@ PostgreSQL or SQLite3). Then configure as follows: - experimental-json-interface=yes - experimental-api-key=changeme + json-interface=yes + api-key=changeme webserver=yes @@ -72,8 +72,8 @@ Try it (Recursor edition) Install PowerDNS Recursor, configured as follows: - experimental-webserver=yes - experimental-api-key=changeme + webserver=yes + api-key=changeme auth-zones= forward-zones= forward-zones-recurse= diff --git a/docs/markdown/httpapi/api_spec.md b/docs/markdown/httpapi/api_spec.md index 780d2741fd..184c20e218 100644 --- a/docs/markdown/httpapi/api_spec.md +++ b/docs/markdown/httpapi/api_spec.md @@ -60,7 +60,7 @@ Authentication -------------- The PowerDNS daemons accept a static API Key, configured with the -[`experimental-api-key`]('../authoritative/settings.md#experimental-api-key') +[`api-key`]('../authoritative/settings.md#api-key') option, which has to be sent in the `X-API-Key` header. Note: Authoritative Server 3.4.0 and Recursor 3.6.0 and 3.6.1 use HTTP diff --git a/docs/markdown/recursor/settings.md b/docs/markdown/recursor/settings.md index 732c7c6d42..e5a015fdc5 100644 --- a/docs/markdown/recursor/settings.md +++ b/docs/markdown/recursor/settings.md @@ -44,6 +44,30 @@ line, with optional comments preceded by a \#. Available since version 3.1.5. Answer questions for the ANY type on UDP with a truncated packet that refers the remote server to TCP. Useful for mitigating ANY reflection attacks. +## `api-config-dir` +* Path +* Default: unset + +Directory where the REST API stores its configuration and zones. + +## `api-key` +* String +* Default: unset + +Static pre-shared authentication key for access to the REST API. + +## `api-readonly` +* Boolean +* Default: no + +Whether or not the JSON API is read only. + +## `api-logfile` +* Path +* Default: unset + +Location of the logs from the JSON parser. + ## `auth-can-lower-ttl` * Boolean * Default: no @@ -162,60 +186,36 @@ this source will be `/dev/urandom`, which will always supply random numbers, even if entropy is lacking. Change to `/dev/random` if PowerDNS should block waiting for enough entropy to arrive. -## `experimental-api-config-dir` -* Path -* Default: unset - -Directory where the REST API stores its configuration and zones. - -## `experimental-api-key` -* String -* Default: unset - -Static pre-shared authentication key for access to the REST API. - -## `experimental-api-readonly` -* Boolean -* Default: no - -Whether or not the JSON API is read only. - -## `experimental-logfile` -* Path -* Default: unset - -Location of the logs from the JSON parser. - -## `experimental-webserver` +## `webserver` * Boolean * Default: no -Start the experimental webserver for monitoring. +Start the webserver for monitoring. -## `experimental-webserver-address` +## `webserver-address` * IP Addresses, separated by spaces * Default: 127.0.0.1 IP address for the webserver to listen on. -## `experimental-webserver-password` +## `webserver-allow-from` +* IP addresses, comma separated +* Default: 0.0.0.0, ::/0 + +These subnets are allowed to access the webserver. + +## `webserver-password` * String * Default: unset Password required to access the webserver. -## `experimental-webserver-port` +## `webserver-port` * Integer * Default: 8082 TCP port where the webserver should listen on. -## `webserver-allow-from` -* IP addresses, comma separated -* Default: 0.0.0.0, ::/0 - -These subnets are allowed to access the webserver. - ## `etc-hosts-file` * Path * Default: /etc/hosts diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc index 910fae6a65..529940cf41 100644 --- a/pdns/common_startup.cc +++ b/pdns/common_startup.cc @@ -53,7 +53,7 @@ ArgvMap &arg() void declareArguments() { ::arg().set("local-port","The port on which we listen")="53"; - ::arg().setSwitch("experimental-dnsupdate","Enable/Disable DNS update (RFC2136) support. Default is no.")="no"; + ::arg().setSwitch("dnsupdate","Enable/Disable DNS update (RFC2136) support. Default is no.")="no"; ::arg().setSwitch("write-pid","Write a PID file")="yes"; ::arg().set("allow-dnsupdate-from","A global setting to allow DNS updates from these IP ranges.")="127.0.0.0/8,::1"; ::arg().setSwitch("forward-dnsupdate","A global setting to allow DNS update packages that are for a Slave domain, to be forwarded to the master.")="yes"; @@ -71,9 +71,10 @@ void declareArguments() ::arg().set("max-queue-length","Maximum queuelength before considering situation lost")="5000"; ::arg().set("retrieval-threads", "Number of AXFR-retrieval threads for slave operation")="2"; - ::arg().setSwitch("experimental-json-interface", "If the webserver should serve JSON data")="no"; - ::arg().setSwitch("experimental-api-readonly", "If the JSON API should disallow data modification")="no"; - ::arg().set("experimental-api-key", "REST API Static authentication key (required for API use)")=""; + ::arg().setSwitch("json-interface", "If the webserver should serve JSON data")="no"; + ::arg().setSwitch("api-readonly", "If the JSON API should disallow data modification")="no"; + ::arg().set("api-key", "REST API Static authentication key (required for API use)")=""; + ::arg().set("api-logfile", "Filename of the log file for JSON parser" )= "/var/log/pdns.log"; ::arg().setSwitch("experimental-dname-processing", "If we should support DNAME records")="no"; ::arg().setCmd("help","Provide a helpful message"); @@ -154,7 +155,6 @@ void declareArguments() ::arg().set("max-tcp-connections","Maximum number of TCP connections")="10"; ::arg().setSwitch("no-shuffle","Set this to prevent random shuffling of answers - for regression testing")="off"; - ::arg().set("experimental-logfile", "Filename of the log file for JSON parser" )= "/var/log/pdns.log"; ::arg().set("setuid","If set, change user id to this uid for more security")=""; ::arg().set("setgid","If set, change group id to this gid for more security")=""; diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc index 8f063f28bd..95f26cb36e 100644 --- a/pdns/pdns_recursor.cc +++ b/pdns/pdns_recursor.cc @@ -2386,7 +2386,7 @@ try t_fdm=getMultiplexer(); if(!t_id) { - if(::arg().mustDo("experimental-webserver")) { + if(::arg().mustDo("webserver")) { L<d.id) + ") from " + p->getRemote() + " for " + p->qdomain.toString() + ": "; diff --git a/pdns/webserver.cc b/pdns/webserver.cc index 6587c8cc7b..25387739a8 100644 --- a/pdns/webserver.cc +++ b/pdns/webserver.cc @@ -114,7 +114,7 @@ static bool optionsHandler(HttpRequest* req, HttpResponse* resp) { } static void apiWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp) { - const string& api_key = arg()["experimental-api-key"]; + const string& api_key = arg()["api-key"]; if (optionsHandler(req, resp)) return; diff --git a/pdns/ws-api.cc b/pdns/ws-api.cc index 4e7a01ba17..a03be15621 100644 --- a/pdns/ws-api.cc +++ b/pdns/ws-api.cc @@ -191,7 +191,7 @@ void apiServerSearchLog(HttpRequest* req, HttpResponse* resp) { throw HttpMethodNotAllowedException(); string prefix = " " + s_programname + "["; - resp->body = logGrep(req->getvars["q"], ::arg()["experimental-logfile"], prefix); + resp->body = logGrep(req->getvars["q"], ::arg()["api-logfile"], prefix); } void apiServerStatistics(HttpRequest* req, HttpResponse* resp) { diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc index 16df5ec17f..6942ea092d 100644 --- a/pdns/ws-auth.cc +++ b/pdns/ws-auth.cc @@ -600,7 +600,7 @@ static void gatherRecordsFromZone(const Value &container, vectormethod == "POST" && !::arg().mustDo("experimental-api-readonly")) { + if (req->method == "POST" && !::arg().mustDo("api-readonly")) { DomainInfo di; Document document; req->json(document); @@ -753,7 +753,7 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) { static void apiServerZoneDetail(HttpRequest* req, HttpResponse* resp) { DNSName zonename = apiZoneIdToName(req->parameters["id"]); - if(req->method == "PUT" && !::arg().mustDo("experimental-api-readonly")) { + if(req->method == "PUT" && !::arg().mustDo("api-readonly")) { // update domain settings UeberBackend B; DomainInfo di; @@ -768,7 +768,7 @@ static void apiServerZoneDetail(HttpRequest* req, HttpResponse* resp) { fillZone(zonename, resp); return; } - else if(req->method == "DELETE" && !::arg().mustDo("experimental-api-readonly")) { + else if(req->method == "DELETE" && !::arg().mustDo("api-readonly")) { // delete domain UeberBackend B; DomainInfo di; @@ -782,7 +782,7 @@ static void apiServerZoneDetail(HttpRequest* req, HttpResponse* resp) { resp->body = ""; resp->status = 204; // No Content: declare that the zone is gone now return; - } else if (req->method == "PATCH" && !::arg().mustDo("experimental-api-readonly")) { + } else if (req->method == "PATCH" && !::arg().mustDo("api-readonly")) { patchZone(req, resp); return; } else if (req->method == "GET") { @@ -1225,7 +1225,7 @@ void AuthWebServer::cssfunction(HttpRequest* req, HttpResponse* resp) void AuthWebServer::webThread() { try { - if(::arg().mustDo("experimental-json-interface")) { + if(::arg().mustDo("json-interface")) { d_ws->registerApiHandler("/servers/localhost/config", &apiServerConfig); d_ws->registerApiHandler("/servers/localhost/flush-cache", &apiServerFlushCache); d_ws->registerApiHandler("/servers/localhost/search-log", &apiServerSearchLog); diff --git a/pdns/ws-recursor.cc b/pdns/ws-recursor.cc index 497421aaff..f923f6e0f3 100644 --- a/pdns/ws-recursor.cc +++ b/pdns/ws-recursor.cc @@ -53,11 +53,11 @@ void productServerStatisticsFetch(map& out) static void apiWriteConfigFile(const string& filebasename, const string& content) { - if (::arg()["experimental-api-config-dir"].empty()) { - throw ApiException("Config Option \"experimental-api-config-dir\" must be set"); + if (::arg()["api-config-dir"].empty()) { + throw ApiException("Config Option \"api-config-dir\" must be set"); } - string filename = ::arg()["experimental-api-config-dir"] + "/" + filebasename + ".conf"; + string filename = ::arg()["api-config-dir"] + "/" + filebasename + ".conf"; ofstream ofconf(filename.c_str()); if (!ofconf) { throw ApiException("Could not open config fragment file '"+filename+"' for writing: "+stringerror()); @@ -69,7 +69,7 @@ static void apiWriteConfigFile(const string& filebasename, const string& content static void apiServerConfigAllowFrom(HttpRequest* req, HttpResponse* resp) { - if (req->method == "PUT" && !::arg().mustDo("experimental-api-readonly")) { + if (req->method == "PUT" && !::arg().mustDo("api-readonly")) { Document document; req->json(document); const Value &jlist = document["value"]; @@ -183,8 +183,8 @@ static void fillZone(const DNSName& zonename, HttpResponse* resp) static void doCreateZone(const Value& document) { - if (::arg()["experimental-api-config-dir"].empty()) { - throw ApiException("Config Option \"experimental-api-config-dir\" must be set"); + if (::arg()["api-config-dir"].empty()) { + throw ApiException("Config Option \"api-config-dir\" must be set"); } if(stringFromJson(document, "name").empty()) @@ -211,7 +211,7 @@ static void doCreateZone(const Value& document) throw ApiException("Single IP target '"+singleIPTarget+"' is invalid"); } } - string zonefilename = ::arg()["experimental-api-config-dir"] + "/" + confbasename + ".zone"; + string zonefilename = ::arg()["api-config-dir"] + "/" + confbasename + ".zone"; ofstream ofzone(zonefilename.c_str()); if (!ofzone) { throw ApiException("Could not open '"+zonefilename+"' for writing: "+stringerror()); @@ -252,20 +252,20 @@ static void doCreateZone(const Value& document) static bool doDeleteZone(const DNSName& zonename) { - if (::arg()["experimental-api-config-dir"].empty()) { - throw ApiException("Config Option \"experimental-api-config-dir\" must be set"); + if (::arg()["api-config-dir"].empty()) { + throw ApiException("Config Option \"api-config-dir\" must be set"); } string filename; // this one must exist - filename = ::arg()["experimental-api-config-dir"] + "/zone-" + apiZoneNameToId(zonename) + ".conf"; + filename = ::arg()["api-config-dir"] + "/zone-" + apiZoneNameToId(zonename) + ".conf"; if (unlink(filename.c_str()) != 0) { return false; } // .zone file is optional - filename = ::arg()["experimental-api-config-dir"] + "/zone-" + apiZoneNameToId(zonename) + ".zone"; + filename = ::arg()["api-config-dir"] + "/zone-" + apiZoneNameToId(zonename) + ".zone"; unlink(filename.c_str()); return true; @@ -273,9 +273,9 @@ static bool doDeleteZone(const DNSName& zonename) static void apiServerZones(HttpRequest* req, HttpResponse* resp) { - if (req->method == "POST" && !::arg().mustDo("experimental-api-readonly")) { - if (::arg()["experimental-api-config-dir"].empty()) { - throw ApiException("Config Option \"experimental-api-config-dir\" must be set"); + if (req->method == "POST" && !::arg().mustDo("api-readonly")) { + if (::arg()["api-config-dir"].empty()) { + throw ApiException("Config Option \"api-config-dir\" must be set"); } Document document; @@ -335,7 +335,7 @@ static void apiServerZoneDetail(HttpRequest* req, HttpResponse* resp) if (iter == t_sstorage->domainmap->end()) throw ApiException("Could not find domain '"+zonename.toString()+"'"); - if(req->method == "PUT" && !::arg().mustDo("experimental-api-readonly")) { + if(req->method == "PUT" && !::arg().mustDo("api-readonly")) { Document document; req->json(document); @@ -344,7 +344,7 @@ static void apiServerZoneDetail(HttpRequest* req, HttpResponse* resp) reloadAuthAndForwards(); fillZone(DNSName(stringFromJson(document, "name")), resp); } - else if(req->method == "DELETE" && !::arg().mustDo("experimental-api-readonly")) { + else if(req->method == "DELETE" && !::arg().mustDo("api-readonly")) { if (!doDeleteZone(zonename)) { throw ApiException("Deleting domain failed"); } @@ -430,7 +430,7 @@ RecursorWebServer::RecursorWebServer(FDMultiplexer* fdm) { RecursorControlParser rcp; // inits - d_ws = new AsyncWebServer(fdm, arg()["experimental-webserver-address"], arg().asNum("experimental-webserver-port")); + d_ws = new AsyncWebServer(fdm, arg()["webserver-address"], arg().asNum("webserver-port")); d_ws->bind(); // legacy dispatch diff --git a/regression-tests.api/runtests.py b/regression-tests.api/runtests.py index f44b7a765a..42443e4fa7 100755 --- a/regression-tests.api/runtests.py +++ b/regression-tests.api/runtests.py @@ -37,7 +37,7 @@ REC_CONF_TPL = """ auth-zones= forward-zones= forward-zones-recurse= -experimental-api-config-dir=%(conf_dir)s +api-config-dir=%(conf_dir)s include-dir=%(conf_dir)s """ @@ -78,7 +78,7 @@ if daemon == 'authoritative': tf.seek(0, os.SEEK_SET) # rewind subprocess.check_call(["sqlite3", SQLITE_DB], stdin=tf) - pdnscmd = ("../pdns/pdns_server --daemon=no --local-port=5300 --socket-dir=./ --module-dir=../regression-tests/modules --no-shuffle --launch=gsqlite3 --gsqlite3-dnssec --send-root-referral --experimental-dnsupdate=yes --cache-ttl=0 --no-config --gsqlite3-dnssec=on --gsqlite3-database="+SQLITE_DB+" --experimental-json-interface=yes --webserver=yes --webserver-port="+WEBPORT+" --webserver-address=127.0.0.1 --webserver-password=something --experimental-api-key="+APIKEY).split() + pdnscmd = ("../pdns/pdns_server --daemon=no --local-port=5300 --socket-dir=./ --module-dir=../regression-tests/modules --no-shuffle --launch=gsqlite3 --gsqlite3-dnssec --send-root-referral --dnsupdate=yes --cache-ttl=0 --no-config --gsqlite3-dnssec=on --gsqlite3-database="+SQLITE_DB+" --json-interface=yes --webserver=yes --webserver-port="+WEBPORT+" --webserver-address=127.0.0.1 --webserver-password=something --api-key="+APIKEY).split() else: conf_dir = 'rec-conf.d' @@ -90,7 +90,7 @@ else: with open(conf_dir+'/example.com..conf', 'w') as conf_file: conf_file.write(REC_EXAMPLE_COM_CONF_TPL) - pdnscmd = ("../pdns/pdns_recursor --daemon=no --socket-dir=. --config-dir=. --allow-from-file=acl.list --local-port=5555 --experimental-webserver=yes --experimental-webserver-port="+WEBPORT+" --experimental-webserver-address=127.0.0.1 --experimental-webserver-password=something --experimental-api-key="+APIKEY).split() + pdnscmd = ("../pdns/pdns_recursor --daemon=no --socket-dir=. --config-dir=. --allow-from-file=acl.list --local-port=5555 --webserver=yes --webserver-port="+WEBPORT+" --webserver-address=127.0.0.1 --webserver-password=something --api-key="+APIKEY).split() # Now run pdns and the tests. diff --git a/regression-tests/backends/bind-slave b/regression-tests/backends/bind-slave index 27ffa64633..bb9249bada 100644 --- a/regression-tests/backends/bind-slave +++ b/regression-tests/backends/bind-slave @@ -29,7 +29,7 @@ $RUNWRAPPER $PDNS2 --daemon=no --local-port=$port --socket-dir=./ \ --no-shuffle --launch=bind --bind-config=./named-slave.conf --slave \ --send-root-referral --retrieval-threads=1 --config-name=bind-slave \ - --experimental-dnsupdate=yes \ + --dnsupdate=yes \ --cache-ttl=$cachettl --no-config --experimental-dname-processing --bind-dnssec-db=./dnssec-slave.sqlite3 \ --module-dir=./modules & echo 'waiting for zones to be loaded' diff --git a/regression-tests/backends/gsql-common b/regression-tests/backends/gsql-common index 0a1a386437..837188236d 100644 --- a/regression-tests/backends/gsql-common +++ b/regression-tests/backends/gsql-common @@ -36,7 +36,7 @@ gsql_master() $RUNWRAPPER $PDNS --daemon=no --local-port=$port --config-dir=. \ --config-name=$backend --socket-dir=./ --no-shuffle \ --send-root-referral \ - --experimental-dnsupdate=yes \ + --dnsupdate=yes \ --cache-ttl=$cachettl --experimental-dname-processing \ --disable-axfr-rectify=yes $lua_prequery & diff --git a/regression-tests/backends/remote-master b/regression-tests/backends/remote-master index 8bef5bcd84..449677734c 100644 --- a/regression-tests/backends/remote-master +++ b/regression-tests/backends/remote-master @@ -113,7 +113,7 @@ EOF --no-shuffle --launch=remote \ --cache-ttl=$cachettl --experimental-dname-processing --no-config \ --send-root-referral --distributor-threads=1 \ - --experimental-dnsupdate=yes \ + --dnsupdate=yes \ --remote-connection-string="$connstr" $remote_add_param --module-dir=./modules & ;; diff --git a/regression-tests/backends/tinydns-master b/regression-tests/backends/tinydns-master index 2cb8b79c2b..3000361b88 100644 --- a/regression-tests/backends/tinydns-master +++ b/regression-tests/backends/tinydns-master @@ -4,7 +4,7 @@ case $context in --no-shuffle --launch=tinydns \ --cache-ttl=$cachettl --experimental-dname-processing --no-config \ --send-root-referral \ - --experimental-dnsupdate=yes \ + --dnsupdate=yes \ --tinydns-dbfile=../modules/tinydnsbackend/data.cdb --module-dir=./modules & skipreasons="nodnssec noent nodyndns nometa noaxfr" ;;