From: Kees Monshouwer <mind04@monshouwer.org>
Date: Tue, 17 Dec 2013 09:19:55 +0000 (+0100)
Subject: remove experimental status from direct-dnskey
X-Git-Tag: rec-3.6.0-rc1~290^2~1
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=cc8df07f937a40af0758fec3c7d80da0f1c07ae0;p=pdns

remove experimental status from direct-dnskey
---

diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc
index eb7505491..1a2227d87 100644
--- a/pdns/common_startup.cc
+++ b/pdns/common_startup.cc
@@ -145,7 +145,7 @@ void declareArguments()
   ::arg().set("lua-prequery-script", "Lua script with prequery handler")="";
 
   ::arg().setSwitch("traceback-handler","Enable the traceback handler (Linux only)")="yes";
-  ::arg().setSwitch("experimental-direct-dnskey","EXPERIMENTAL: fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
+  ::arg().setSwitch("direct-dnskey","Fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
   ::arg().setSwitch("add-superfluous-nsec3-for-old-bind","Add superfluous NSEC3 record to positive wildcard response")="yes";
   ::arg().set("default-ksk-algorithms","Default KSK algorithms")="rsasha256";
   ::arg().set("default-ksk-size","Default KSK size (0 means default)")="0";
diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index e43802403..cd05ba909 100644
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -223,7 +223,7 @@ bool PacketHandler::addDNSKEY(DNSPacket *p, DNSPacket *r, const SOAData& sd)
     haveOne=true;
   }
 
-  if(::arg().mustDo("experimental-direct-dnskey")) {
+  if(::arg().mustDo("direct-dnskey")) {
     B.lookup(QType(QType::DNSKEY), p->qdomain, p, sd.domain_id);
     while(B.get(rr)) {
       rr.ttl=sd.default_ttl;
@@ -890,7 +890,7 @@ void PacketHandler::synthesiseRRSIGs(DNSPacket* p, DNSPacket* r)
     }
     
     // fix direct DNSKEY ttl
-    if(::arg().mustDo("experimental-direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY) {
+    if(::arg().mustDo("direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY) {
       rr.ttl = sd.default_ttl;
     }
 
diff --git a/pdns/pdns.conf-dist b/pdns/pdns.conf-dist
index e487e3613..4490949d4 100644
--- a/pdns/pdns.conf-dist
+++ b/pdns/pdns.conf-dist
@@ -89,6 +89,11 @@
 #
 # default-zsk-size=0
 
+#################################
+# direct-dnskey	Fetch DNSKEY RRs from backend during DNSKEY synthesis
+#
+# direct-dnskey=no
+
 #################################
 # disable-axfr	Disable zonetransfers but do allow TCP queries
 #
@@ -124,11 +129,6 @@
 #
 # entropy-source=/dev/urandom
 
-#################################
-# experimental-direct-dnskey	EXPERIMENTAL: fetch DNSKEY RRs from backend during DNSKEY synthesis
-#
-# experimental-direct-dnskey=no
-
 #################################
 # experimental-json-interface	If the webserver should serve JSON data
 #
diff --git a/pdns/pdnssec.cc b/pdns/pdnssec.cc
index e49bd92ab..fe0e5fadc 100644
--- a/pdns/pdnssec.cc
+++ b/pdns/pdnssec.cc
@@ -137,7 +137,7 @@ void loadMainConfig(const std::string& configdir)
   ::arg().set("module-dir","Default directory for modules")=LIBDIR;
   ::arg().set("entropy-source", "If set, read entropy from this file")="/dev/urandom";
 
-  ::arg().setSwitch("experimental-direct-dnskey","EXPERIMENTAL: fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
+  ::arg().setSwitch("direct-dnskey","Fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
   ::arg().laxFile(configname.c_str());
 
   BackendMakers().launch(::arg()["launch"]); // vrooooom!
@@ -479,7 +479,7 @@ int checkZone(DNSSECKeeper &dk, UeberBackend &B, const std::string& zone)
 
     if(!presigned && rr.qtype.getCode() == QType::DNSKEY)
     {
-      if(::arg().mustDo("experimental-direct-dnskey"))
+      if(::arg().mustDo("direct-dnskey"))
       {
         if(rr.ttl != sd.default_ttl)
         {
@@ -784,7 +784,7 @@ bool showZone(DNSSECKeeper& dk, const std::string& zone)
       algorithm2name(value.first.d_algorithm, algname);
       cout<<"ID = "<<value.second.id<<" ("<<(value.second.keyOrZone ? "KSK" : "ZSK")<<"), tag = "<<value.first.getDNSKEY().getTag();
       cout<<", algo = "<<(int)value.first.d_algorithm<<", bits = "<<value.first.getKey()->getBits()<<"\tActive: "<<value.second.active<< " ( " + algname + " ) "<<endl;
-      if(value.second.keyOrZone || ::arg().mustDo("experimental-direct-dnskey"))
+      if(value.second.keyOrZone || ::arg().mustDo("direct-dnskey"))
         cout<<(value.second.keyOrZone ? "KSK" : "ZSK")<<" DNSKEY = "<<zone<<" IN DNSKEY "<< value.first.getDNSKEY().getZoneRepresentation() << " ; ( "  + algname + " )" << endl;
       if(value.second.keyOrZone) {
         cout<<"DS = "<<zone<<" IN DS "<<makeDSFromDNSKey(zone, value.first.getDNSKEY(), 1).getZoneRepresentation() << " ; ( SHA1 digest )" << endl;
diff --git a/pdns/rfc2136handler.cc b/pdns/rfc2136handler.cc
index 9102b918a..408b16ad1 100644
--- a/pdns/rfc2136handler.cc
+++ b/pdns/rfc2136handler.cc
@@ -97,7 +97,7 @@ uint PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord *rr,
     return 0;
   }
 
-  if (!isPresigned && ((!::arg().mustDo("experimental-direct-dnskey") && rrType == QType::DNSKEY) || rrType == QType::RRSIG)) {
+  if (!isPresigned && ((!::arg().mustDo("direct-dnskey") && rrType == QType::DNSKEY) || rrType == QType::RRSIG)) {
     L<<Logger::Warning<<msgPrefix<<"Trying to add/update/delete "<<rrLabel<<"|"<<rrType.getName()<<" in non-presigned zone, ignoring!"<<endl;
     return 0;
   }
diff --git a/pdns/tcpreceiver.cc b/pdns/tcpreceiver.cc
index f61d0e1ef..5797711fa 100644
--- a/pdns/tcpreceiver.cc
+++ b/pdns/tcpreceiver.cc
@@ -622,7 +622,7 @@ int TCPNameserver::doAXFR(const string &target, shared_ptr<DNSPacket> q, int out
     csp.submit(rr);
   }
   
-  if(::arg().mustDo("experimental-direct-dnskey")) {
+  if(::arg().mustDo("direct-dnskey")) {
     sd.db->lookup(QType(QType::DNSKEY), target, NULL, sd.domain_id);
     while(sd.db->get(rr)) {
       rr.ttl = sd.default_ttl;
@@ -671,7 +671,7 @@ int TCPNameserver::doAXFR(const string &target, shared_ptr<DNSPacket> q, int out
 
     // only skip the DNSKEY if direct-dnskey is enabled, to avoid changing behaviour
     // when it is not enabled.
-    if(::arg().mustDo("experimental-direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY)
+    if(::arg().mustDo("direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY)
       continue;
 
     records++;
diff --git a/regression-tests/start-test-stop b/regression-tests/start-test-stop
index b40bc3dd4..3c1c122b0 100755
--- a/regression-tests/start-test-stop
+++ b/regression-tests/start-test-stop
@@ -488,7 +488,7 @@ case $context in
 				--no-shuffle --launch=bind --bind-config=./named.conf \
 				--bind-dnssec-db=./dnssec.sqlite3 \
 				--send-root-referral \
-				--allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --experimental-direct-dnskey=yes \
+				--allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
 				--cache-ttl=$cachettl --no-config \
 				--bind-ignore-broken-records=yes $lua_prequery &
 			bindwait
@@ -525,7 +525,7 @@ __EOF__
 			$RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./  \
 				--no-shuffle --launch=gmysql \
 				--master --send-root-referral \
-				--allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --experimental-direct-dnskey=yes \
+				--allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
 				--cache-ttl=$cachettl --no-config \
 				--gmysql-dbname="$GMYSQLDB" \
 				--gmysql-user="$GMYSQLUSER" \
@@ -614,7 +614,7 @@ __EOF__
 			$RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./  \
 				--no-shuffle --launch --launch+=random --launch+=gmysql --launch+=random --gmysql-dnssec \
 				--send-root-referral \
-				--allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --experimental-direct-dnskey=yes \
+				--allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
 				--cache-ttl=$cachettl --no-config \
 				--gmysql-dbname="$GMYSQLDB" \
 				--gmysql-user="$GMYSQLUSER" \