rec: implement DNS cookie support for outgoing requests

[omoerbeek]

Short description

Draft, as I need to do some bulk tests.

Checklist

I have:

• read the CONTRIBUTING.md document
• compiled this code
• tested this code
• included documentation (including possible behaviour changes)
• documented the code
• added or modified regression test(s)
• added or modified unit test(s)

[coveralls]

Pull Request Test Coverage Report for Build 14754294555

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

• For more information on this, see Tracking coverage changes with pull request builds.
• To avoid this issue with future PRs, see these Recommended CI Configurations.
• For a quick fix, rebase this PR at GitHub. Your next report should be accurate.

Details

• 256 of 315 (81.27%) changed or added relevant lines in 10 files are covered.
• 72 unchanged lines in 12 files lost coverage.
• Overall coverage increased (+0.1%) to 63.685%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
pdns/ednscookies.cc	17	19	89.47%
pdns/recursordist/syncres.cc	17	21	80.95%
pdns/recursordist/rec-cookiestore.cc	22	27	81.48%
pdns/recursordist/rec-cookiestore.hh	16	21	76.19%
pdns/recursordist/rec_channel_rec.cc	7	17	41.18%
pdns/recursordist/lwres.cc	156	189	82.54%

Files with Coverage Reduction	New Missed Lines	%
pdns/signingpipe.cc	1	86.06%
pdns/validate.cc	1	68.42%
pdns/query-local-address.cc	2	91.49%
pdns/recursordist/syncres.cc	2	80.63%
pdns/iputils.cc	3	58.32%
pdns/rcpgenerator.cc	3	90.73%
pdns/recursordist/test-syncres_cc2.cc	3	88.85%
pdns/dnsdistdist/dnsdist-tcp.cc	5	77.15%
pdns/recursordist/test-syncres_cc1.cc	5	90.08%
modules/lmdbbackend/lmdbbackend.cc	14	73.2%

Totals
Change from base Build 14753779081:	0.1%
Covered Lines:	130006
Relevant Lines:	169348

---

💛 - Coveralls

[miodvallat]

Avoid an ever-growing cookie store? I'm not sure the cookie monster will like this.

[omoerbeek]

Rebased to fix conflicts

[omoerbeek]

Did a few bulk tests both with cookie enabled and disabled and saw no issues. So ready for review.

[Habbie]

not a full review, just some comments

[Habbie]

(not for this PR really)

should this .txt be in git at all? it is generated

[omoerbeek]

We refer to it from docs, so it needs to be somewhere.

[Habbie]

This looks solid. I reviewed all code -except- the tests (which somebody should definitely still do, that's where the proof is).

I wonder about the case where an auth

• responds normally to non-EDNS queries
• responds correctly to EDNS queries
• responds FORMERR to EDNS queries with a cookie, with the distinctive cases of (1) it tells you it hates the cookie opt [by having EDNS in the reply] (2) it tells you it has broken EDNS support [by not having EDNS in the reply]

[Habbie]

given that entries eventually expire, this sentence is not completely accurate. I don't have better wording though (and I suspect this problem is not limited to this PR)

[omoerbeek]

Number of of authoritative server IPs currently known to support cookies?

[Habbie]

but a single IP might still be counted twice if we don't talk to it for a while, right?

[omoerbeek]

Right... Number of cookies probes resulting in succes?

[Habbie]

ah yes, I suppose so! in that case it goes with the cookie* stats, not the cookies* stats, and the same for Unsupported, so cookieProbeSupported and cookieProbeUnsupported

[omoerbeek]

Thanks! I did all the trivial things. Will review the EDNS supported/FormErr etc logic soon.