TUN-1615: revert miekg/dns to last known working revision

The last known good commit is 6da3249dfb57fbaa16efafcd8744cee8809d80cd before the first release tag.

vendor/github.com/miekg/dns/.codecov.yml

@@ -1,8 +0,0 @@
-coverage:
-  status:
-    project:
-      default:
-        target: 40%
-        threshold: null
-    patch: false
-    changes: false

vendor/github.com/miekg/dns/Gopkg.lock

@@ -7,15 +7,9 @@
   packages = ["ed25519","ed25519/internal/edwards25519"]
   revision = "b080dc9a8c480b08e698fb1219160d598526310f"
 
-[[projects]]
-  branch = "master"
-  name = "golang.org/x/net"
-  packages = ["bpf","internal/iana","internal/socket","ipv4","ipv6"]
-  revision = "894f8ed5849b15b810ae41e9590a0d05395bba27"
-
 [solve-meta]
   analyzer-name = "dep"
   analyzer-version = 1
-  inputs-digest = "c4abc38abaeeeeb9be92455c9c02cae32841122b8982aaa067ef25bb8e86ff9d"
+  inputs-digest = "5046e265393bd5e54f570ce29ae8bc6fa3f30ef5110e922996540400f287c64a"
   solver-name = "gps-cdcl"
   solver-version = 1

vendor/github.com/miekg/dns/Makefile.release

@@ -1,52 +0,0 @@
-# Makefile for releasing.
-#
-# The release is controlled from version.go. The version found there is
-# used to tag the git repo, we're not building any artifects so there is nothing
-# to upload to github.
-#
-# * Up the version in version.go
-# * Run: make -f Makefile.release release
-#   * will *commit* your change with 'Release $VERSION'
-#   * push to github
-#
-
-define GO
-//+build ignore
-
-package main
-
-import (
-	"fmt"
-
-	"github.com/miekg/dns"
-)
-
-func main() {
-	fmt.Println(dns.Version.String())
-}
-endef
-
-$(file > version_release.go,$(GO))
-VERSION:=$(shell go run version_release.go)
-TAG="v$(VERSION)"
-
-all:
-	@echo Use the \'release\' target to start a release $(VERSION)
-	rm -f version_release.go
-
-.PHONY: release
-release: commit push
-	@echo Released $(VERSION)
-	rm -f version_release.go
-
-.PHONY: commit
-commit:
-	@echo Committing release $(VERSION)
-	git commit -am"Release $(VERSION)"
-	git tag $(TAG)
-
-.PHONY: push
-push:
-	@echo Pushing release $(VERSION) to master
-	git push --tags
-	git push

vendor/github.com/miekg/dns/README.md

@@ -62,8 +62,6 @@ A not-so-up-to-date-list-that-may-be-actually-current:
 * https://dnssectest.net/
 * https://dns.apebits.com
 * https://github.com/oif/apex
-* https://github.com/jedisct1/dnscrypt-proxy
-* https://github.com/jedisct1/rpdns
 
 Send pull request if you want to be listed here.
 

vendor/github.com/miekg/dns/client.go

@@ -7,27 +7,22 @@ import (
 	"context"
 	"crypto/tls"
 	"encoding/binary"
-	"fmt"
 	"io"
-	"io/ioutil"
 	"net"
-	"net/http"
 	"strings"
 	"time"
 )
 
-const (
-	dnsTimeout     time.Duration = 2 * time.Second
-	tcpIdleTimeout time.Duration = 8 * time.Second
-
-	dohMimeType = "application/dns-message"
-)
+const dnsTimeout time.Duration = 2 * time.Second
+const tcpIdleTimeout time.Duration = 8 * time.Second
 
 // A Conn represents a connection to a DNS server.
 type Conn struct {
 	net.Conn                         // a net.Conn holding the connection
 	UDPSize        uint16            // minimum receive buffer for UDP messages
 	TsigSecret     map[string]string // secret(s) for Tsig map[<zonename>]<base64 secret>, zonename must be in canonical form (lowercase, fqdn, see RFC 4034 Section 6.2)
+	rtt            time.Duration
+	t              time.Time
 	tsigRequestMAC string
 }
 
@@ -44,7 +39,6 @@ type Client struct {
 	DialTimeout    time.Duration     // net.DialTimeout, defaults to 2 seconds, or net.Dialer.Timeout if expiring earlier - overridden by Timeout when that value is non-zero
 	ReadTimeout    time.Duration     // net.Conn.SetReadTimeout value for connections, defaults to 2 seconds - overridden by Timeout when that value is non-zero
 	WriteTimeout   time.Duration     // net.Conn.SetWriteTimeout value for connections, defaults to 2 seconds - overridden by Timeout when that value is non-zero
-	HTTPClient     *http.Client      // The http.Client to use for DNS-over-HTTPS
 	TsigSecret     map[string]string // secret(s) for Tsig map[<zonename>]<base64 secret>, zonename must be in canonical form (lowercase, fqdn, see RFC 4034 Section 6.2)
 	SingleInflight bool              // if true suppress multiple outstanding queries for the same Qname, Qtype and Qclass
 	group          singleflight
@@ -89,10 +83,11 @@ func (c *Client) Dial(address string) (conn *Conn, err error) {
 	// create a new dialer with the appropriate timeout
 	var d net.Dialer
 	if c.Dialer == nil {
-		d = net.Dialer{Timeout:c.getTimeoutForRequest(c.dialTimeout())}
+		d = net.Dialer{}
 	} else {
 		d = net.Dialer(*c.Dialer)
 	}
+	d.Timeout = c.getTimeoutForRequest(c.writeTimeout())
 
 	network := "udp"
 	useTLS := false
@@ -141,11 +136,6 @@ func (c *Client) Dial(address string) (conn *Conn, err error) {
 // attribute appropriately
 func (c *Client) Exchange(m *Msg, address string) (r *Msg, rtt time.Duration, err error) {
 	if !c.SingleInflight {
-		if c.Net == "https" {
-			// TODO(tmthrgd): pipe timeouts into exchangeDOH
-			return c.exchangeDOH(context.TODO(), m, address)
-		}
-
 		return c.exchange(m, address)
 	}
 
@@ -158,11 +148,6 @@ func (c *Client) Exchange(m *Msg, address string) (r *Msg, rtt time.Duration, er
 		cl = cl1
 	}
 	r, rtt, err, shared := c.group.Do(m.Question[0].Name+t+cl, func() (*Msg, time.Duration, error) {
-		if c.Net == "https" {
-			// TODO(tmthrgd): pipe timeouts into exchangeDOH
-			return c.exchangeDOH(context.TODO(), m, address)
-		}
-
 		return c.exchange(m, address)
 	})
 	if r != nil && shared {
@@ -192,9 +177,8 @@ func (c *Client) exchange(m *Msg, a string) (r *Msg, rtt time.Duration, err erro
 	}
 
 	co.TsigSecret = c.TsigSecret
-	t := time.Now()
 	// write with the appropriate write timeout
-	co.SetWriteDeadline(t.Add(c.getTimeoutForRequest(c.writeTimeout())))
+	co.SetWriteDeadline(time.Now().Add(c.getTimeoutForRequest(c.writeTimeout())))
 	if err = co.WriteMsg(m); err != nil {
 		return nil, 0, err
 	}
@@ -204,76 +188,12 @@ func (c *Client) exchange(m *Msg, a string) (r *Msg, rtt time.Duration, err erro
 	if err == nil && r.Id != m.Id {
 		err = ErrId
 	}
-	rtt = time.Since(t)
-	return r, rtt, err
-}
-
-func (c *Client) exchangeDOH(ctx context.Context, m *Msg, a string) (r *Msg, rtt time.Duration, err error) {
-	p, err := m.Pack()
-	if err != nil {
-		return nil, 0, err
-	}
-
-	req, err := http.NewRequest(http.MethodPost, a, bytes.NewReader(p))
-	if err != nil {
-		return nil, 0, err
-	}
-
-	req.Header.Set("Content-Type", dohMimeType)
-	req.Header.Set("Accept", dohMimeType)
-
-	hc := http.DefaultClient
-	if c.HTTPClient != nil {
-		hc = c.HTTPClient
-	}
-
-	if ctx != context.Background() && ctx != context.TODO() {
-		req = req.WithContext(ctx)
-	}
-
-	t := time.Now()
-
-	resp, err := hc.Do(req)
-	if err != nil {
-		return nil, 0, err
-	}
-	defer closeHTTPBody(resp.Body)
-
-	if resp.StatusCode != http.StatusOK {
-		return nil, 0, fmt.Errorf("dns: server returned HTTP %d error: %q", resp.StatusCode, resp.Status)
-	}
-
-	if ct := resp.Header.Get("Content-Type"); ct != dohMimeType {
-		return nil, 0, fmt.Errorf("dns: unexpected Content-Type %q; expected %q", ct, dohMimeType)
-	}
-
-	p, err = ioutil.ReadAll(resp.Body)
-	if err != nil {
-		return nil, 0, err
-	}
-
-	rtt = time.Since(t)
-
-	r = new(Msg)
-	if err := r.Unpack(p); err != nil {
-		return r, 0, err
-	}
-
-	// TODO: TSIG? Is it even supported over DoH?
-
-	return r, rtt, nil
-}
-
-func closeHTTPBody(r io.ReadCloser) error {
-	io.Copy(ioutil.Discard, io.LimitReader(r, 8<<20))
-	return r.Close()
+	return r, co.rtt, err
 }
 
 // ReadMsg reads a message from the connection co.
-// If the received message contains a TSIG record the transaction signature
-// is verified. This method always tries to return the message, however if an
-// error is returned there are no guarantees that the returned message is a
-// valid representation of the packet read.
+// If the received message contains a TSIG record the transaction
+// signature is verified.
 func (co *Conn) ReadMsg() (*Msg, error) {
 	p, err := co.ReadMsgHeader(nil)
 	if err != nil {
@@ -282,10 +202,13 @@ func (co *Conn) ReadMsg() (*Msg, error) {
 
 	m := new(Msg)
 	if err := m.Unpack(p); err != nil {
-		// If an error was returned, we still want to allow the user to use
+		// If ErrTruncated was returned, we still want to allow the user to use
 		// the message, but naively they can just check err if they don't want
-		// to use an erroneous message
-		return m, err
+		// to use a truncated message
+		if err == ErrTruncated {
+			return m, err
+		}
+		return nil, err
 	}
 	if t := m.IsTsig(); t != nil {
 		if _, ok := co.TsigSecret[t.Hdr.Name]; !ok {
@@ -318,6 +241,7 @@ func (co *Conn) ReadMsgHeader(hdr *Header) ([]byte, error) {
 		}
 		p = make([]byte, l)
 		n, err = tcpRead(r, p)
+		co.rtt = time.Since(co.t)
 	default:
 		if co.UDPSize > MinMsgSize {
 			p = make([]byte, co.UDPSize)
@@ -325,6 +249,7 @@ func (co *Conn) ReadMsgHeader(hdr *Header) ([]byte, error) {
 			p = make([]byte, MinMsgSize)
 		}
 		n, err = co.Read(p)
+		co.rtt = time.Since(co.t)
 	}
 
 	if err != nil {
@@ -437,6 +362,7 @@ func (co *Conn) WriteMsg(m *Msg) (err error) {
 	if err != nil {
 		return err
 	}
+	co.t = time.Now()
 	if _, err = co.Write(out); err != nil {
 		return err
 	}
@@ -568,10 +494,6 @@ func DialTimeoutWithTLS(network, address string, tlsConfig *tls.Config, timeout
 // context, if present. If there is both a context deadline and a configured
 // timeout on the client, the earliest of the two takes effect.
 func (c *Client) ExchangeContext(ctx context.Context, m *Msg, a string) (r *Msg, rtt time.Duration, err error) {
-	if !c.SingleInflight && c.Net == "https" {
-		return c.exchangeDOH(ctx, m, a)
-	}
-
 	var timeout time.Duration
 	if deadline, ok := ctx.Deadline(); !ok {
 		timeout = 0
@@ -580,7 +502,6 @@ func (c *Client) ExchangeContext(ctx context.Context, m *Msg, a string) (r *Msg,
 	}
 	// not passing the context to the underlying calls, as the API does not support
 	// context. For timeouts you should set up Client.Dialer and call Client.Exchange.
-	// TODO(tmthrgd): this is a race condition
 	c.Dialer = &net.Dialer{Timeout: timeout}
 	return c.Exchange(m, a)
 }

vendor/github.com/miekg/dns/clientconfig.go

@@ -91,7 +91,7 @@ func ClientConfigFromReader(resolvconf io.Reader) (*ClientConfig, error) {
 						n = 1
 					}
 					c.Timeout = n
-				case len(s) >= 9 && s[:9] == "attempts:":
+				case len(s) >= 8 && s[:9] == "attempts:":
 					n, _ := strconv.Atoi(s[9:])
 					if n < 1 {
 						n = 1

vendor/github.com/miekg/dns/compress_generate.go

@@ -18,7 +18,8 @@ import (
 )
 
 var packageHdr = `
-// Code generated by "go run compress_generate.go"; DO NOT EDIT.
+// *** DO NOT MODIFY ***
+// AUTOGENERATED BY go generate from compress_generate.go
 
 package dns
 
@@ -101,8 +102,7 @@ Names:
 
 	// compressionLenHelperType - all types that have domain-name/cdomain-name can be used for compressing names
 
-	fmt.Fprint(b, "func compressionLenHelperType(c map[string]int, r RR, initLen int) int {\n")
-	fmt.Fprint(b, "currentLen := initLen\n")
+	fmt.Fprint(b, "func compressionLenHelperType(c map[string]int, r RR) {\n")
 	fmt.Fprint(b, "switch x := r.(type) {\n")
 	for _, name := range domainTypes {
 		o := scope.Lookup(name)
@@ -110,10 +110,7 @@ Names:
 
 		fmt.Fprintf(b, "case *%s:\n", name)
 		for i := 1; i < st.NumFields(); i++ {
-			out := func(s string) {
-				fmt.Fprintf(b, "currentLen -= len(x.%s) + 1\n", st.Field(i).Name())
-				fmt.Fprintf(b, "currentLen += compressionLenHelper(c, x.%s, currentLen)\n", st.Field(i).Name())
-			}
+			out := func(s string) { fmt.Fprintf(b, "compressionLenHelper(c, x.%s)\n", st.Field(i).Name()) }
 
 			if _, ok := st.Field(i).Type().(*types.Slice); ok {
 				switch st.Tag(i) {
@@ -122,12 +119,8 @@ Names:
 				case `dns:"cdomain-name"`:
 					// For HIP we need to slice over the elements in this slice.
 					fmt.Fprintf(b, `for i := range x.%s {
-	currentLen -= len(x.%s[i]) + 1
-}
-`, st.Field(i).Name(), st.Field(i).Name())
-					fmt.Fprintf(b, `for i := range x.%s {
-	currentLen += compressionLenHelper(c, x.%s[i], currentLen)
-}
+						compressionLenHelper(c, x.%s[i])
+					}
 `, st.Field(i).Name(), st.Field(i).Name())
 				}
 				continue
@@ -141,11 +134,11 @@ Names:
 			}
 		}
 	}
-	fmt.Fprintln(b, "}\nreturn currentLen - initLen\n}\n\n")
+	fmt.Fprintln(b, "}\n}\n\n")
 
 	// compressionLenSearchType - search cdomain-tags types for compressible names.
 
-	fmt.Fprint(b, "func compressionLenSearchType(c map[string]int, r RR) (int, bool, int) {\n")
+	fmt.Fprint(b, "func compressionLenSearchType(c map[string]int, r RR) (int, bool) {\n")
 	fmt.Fprint(b, "switch x := r.(type) {\n")
 	for _, name := range cdomainTypes {
 		o := scope.Lookup(name)
@@ -155,7 +148,7 @@ Names:
 		j := 1
 		for i := 1; i < st.NumFields(); i++ {
 			out := func(s string, j int) {
-				fmt.Fprintf(b, "k%d, ok%d, sz%d := compressionLenSearch(c, x.%s)\n", j, j, j, st.Field(i).Name())
+				fmt.Fprintf(b, "k%d, ok%d := compressionLenSearch(c, x.%s)\n", j, j, st.Field(i).Name())
 			}
 
 			// There are no slice types with names that can be compressed.
@@ -168,15 +161,13 @@ Names:
 		}
 		k := "k1"
 		ok := "ok1"
-		sz := "sz1"
 		for i := 2; i < j; i++ {
 			k += fmt.Sprintf(" + k%d", i)
 			ok += fmt.Sprintf(" && ok%d", i)
-			sz += fmt.Sprintf(" + sz%d", i)
 		}
-		fmt.Fprintf(b, "return %s, %s, %s\n", k, ok, sz)
+		fmt.Fprintf(b, "return %s, %s\n", k, ok)
 	}
-	fmt.Fprintln(b, "}\nreturn 0, false, 0\n}\n\n")
+	fmt.Fprintln(b, "}\nreturn 0, false\n}\n\n")
 
 	// gofmt
 	res, err := format.Source(b.Bytes())

vendor/github.com/miekg/dns/defaults.go

@@ -273,11 +273,8 @@ func (t Type) String() string {
 
 // String returns the string representation for the class c.
 func (c Class) String() string {
-	if s, ok := ClassToString[uint16(c)]; ok {
-		// Only emit mnemonics when they are unambiguous, specically ANY is in both.
-		if _, ok := StringToType[s]; !ok {
-			return s
-		}
+	if c1, ok := ClassToString[uint16(c)]; ok {
+		return c1
 	}
 	return "CLASS" + strconv.Itoa(int(c))
 }

vendor/github.com/miekg/dns/dns.go

@@ -55,6 +55,16 @@ func (h *RR_Header) Header() *RR_Header { return h }
 // Just to implement the RR interface.
 func (h *RR_Header) copy() RR { return nil }
 
+func (h *RR_Header) copyHeader() *RR_Header {
+	r := new(RR_Header)
+	r.Name = h.Name
+	r.Rrtype = h.Rrtype
+	r.Class = h.Class
+	r.Ttl = h.Ttl
+	r.Rdlength = h.Rdlength
+	return r
+}
+
 func (h *RR_Header) String() string {
 	var s string
 

vendor/github.com/miekg/dns/dnssec.go

@@ -73,7 +73,6 @@ var StringToAlgorithm = reverseInt8(AlgorithmToString)
 // AlgorithmToHash is a map of algorithm crypto hash IDs to crypto.Hash's.
 var AlgorithmToHash = map[uint8]crypto.Hash{
 	RSAMD5:           crypto.MD5, // Deprecated in RFC 6725
-	DSA:              crypto.SHA1,
 	RSASHA1:          crypto.SHA1,
 	RSASHA1NSEC3SHA1: crypto.SHA1,
 	RSASHA256:        crypto.SHA256,
@@ -240,7 +239,7 @@ func (k *DNSKEY) ToDS(h uint8) *DS {
 // ToCDNSKEY converts a DNSKEY record to a CDNSKEY record.
 func (k *DNSKEY) ToCDNSKEY() *CDNSKEY {
 	c := &CDNSKEY{DNSKEY: *k}
-	c.Hdr = k.Hdr
+	c.Hdr = *k.Hdr.copyHeader()
 	c.Hdr.Rrtype = TypeCDNSKEY
 	return c
 }
@@ -248,7 +247,7 @@ func (k *DNSKEY) ToCDNSKEY() *CDNSKEY {
 // ToCDS converts a DS record to a CDS record.
 func (d *DS) ToCDS() *CDS {
 	c := &CDS{DS: *d}
-	c.Hdr = d.Hdr
+	c.Hdr = *d.Hdr.copyHeader()
 	c.Hdr.Rrtype = TypeCDS
 	return c
 }
@@ -542,20 +541,20 @@ func (k *DNSKEY) publicKeyRSA() *rsa.PublicKey {
 		explen = uint16(keybuf[1])<<8 | uint16(keybuf[2])
 		keyoff = 3
 	}
-	if explen > 4 {
-		// Larger exponent than supported by the crypto package.
-		return nil
-	}
 	pubkey := new(rsa.PublicKey)
 
 	pubkey.N = big.NewInt(0)
+	shift := uint64((explen - 1) * 8)
 	expo := uint64(0)
-	for i := 0; i < int(explen); i++ {
-		expo <<= 8
-		expo |= uint64(keybuf[keyoff+i])
+	for i := int(explen - 1); i > 0; i-- {
+		expo += uint64(keybuf[keyoff+i]) << shift
+		shift -= 8
 	}
-	if expo > 1<<31-1 {
-		// Larger exponent than supported by the crypto package.
+	// Remainder
+	expo += uint64(keybuf[keyoff])
+	if expo > (2<<31)+1 {
+		// Larger expo than supported.
+		// println("dns: F5 primes (or larger) are not supported")
 		return nil
 	}
 	pubkey.E = int(expo)

vendor/github.com/miekg/dns/doc.go

@@ -73,11 +73,11 @@ and port to use for the connection:
 		Port: 12345,
 		Zone: "",
 	}
-	c.Dialer := &net.Dialer{
+	d := net.Dialer{
 		Timeout: 200 * time.Millisecond,
 		LocalAddr: &laddr,
 	}
-	in, rtt, err := c.Exchange(m1, "8.8.8.8:53")
+	in, rtt, err := c.ExchangeWithDialer(&d, m1, "8.8.8.8:53")
 
 If these "advanced" features are not needed, a simple UDP query can be sent,
 with:

vendor/github.com/miekg/dns/edns.go

@@ -102,15 +102,12 @@ func (rr *OPT) SetVersion(v uint8) {
 
 // ExtendedRcode returns the EDNS extended RCODE field (the upper 8 bits of the TTL).
 func (rr *OPT) ExtendedRcode() int {
-	return int((rr.Hdr.Ttl&0xFF000000)>>24) + 15
+	return int((rr.Hdr.Ttl & 0xFF000000) >> 24)
 }
 
 // SetExtendedRcode sets the EDNS extended RCODE field.
 func (rr *OPT) SetExtendedRcode(v uint8) {
-	if v < RcodeBadVers { // Smaller than 16.. Use the 4 bits you have!
-		return
-	}
-	rr.Hdr.Ttl = rr.Hdr.Ttl&0x00FFFFFF | (uint32(v-15) << 24)
+	rr.Hdr.Ttl = rr.Hdr.Ttl&0x00FFFFFF | (uint32(v) << 24)
 }
 
 // UDPSize returns the UDP buffer size.
@@ -423,7 +420,6 @@ func (e *EDNS0_LLQ) String() string {
 	return s
 }
 
-// EDNS0_DUA implements the EDNS0 "DNSSEC Algorithm Understood" option. See RFC 6975.
 type EDNS0_DAU struct {
 	Code    uint16 // Always EDNS0DAU
 	AlgCode []uint8
@@ -446,7 +442,6 @@ func (e *EDNS0_DAU) String() string {
 	return s
 }
 
-// EDNS0_DHU implements the EDNS0 "DS Hash Understood" option. See RFC 6975.
 type EDNS0_DHU struct {
 	Code    uint16 // Always EDNS0DHU
 	AlgCode []uint8
@@ -469,7 +464,6 @@ func (e *EDNS0_DHU) String() string {
 	return s
 }
 
-// EDNS0_N3U implements the EDNS0 "NSEC3 Hash Understood" option. See RFC 6975.
 type EDNS0_N3U struct {
 	Code    uint16 // Always EDNS0N3U
 	AlgCode []uint8
@@ -493,7 +487,6 @@ func (e *EDNS0_N3U) String() string {
 	return s
 }
 
-// EDNS0_EXPIRE implementes the EDNS0 option as described in RFC 7314.
 type EDNS0_EXPIRE struct {
 	Code   uint16 // Always EDNS0EXPIRE
 	Expire uint32

vendor/github.com/miekg/dns/internal/socket/cmsghdr.go

@@ -0,0 +1,7 @@
+// +build linux
+
+package socket
+
+func (h *cmsghdr) len() int { return int(h.Len) }
+func (h *cmsghdr) lvl() int { return int(h.Level) }
+func (h *cmsghdr) typ() int { return int(h.Type) }

vendor/github.com/miekg/dns/internal/socket/cmsghdr_linux_32bit.go

@@ -0,0 +1,20 @@
+// +build arm mips mipsle 386
+// +build linux
+
+package socket
+
+type cmsghdr struct {
+	Len   uint32
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofCmsghdr = 0xc
+)
+
+func (h *cmsghdr) set(l, lvl, typ int) {
+	h.Len = uint32(l)
+	h.Level = int32(lvl)
+	h.Type = int32(typ)
+}

vendor/github.com/miekg/dns/internal/socket/cmsghdr_linux_64bit.go

@@ -0,0 +1,20 @@
+// +build arm64 amd64 ppc64 ppc64le mips64 mips64le s390x
+// +build linux
+
+package socket
+
+type cmsghdr struct {
+	Len   uint64
+	Level int32
+	Type  int32
+}
+
+const (
+	sizeofCmsghdr = 0x10
+)
+
+func (h *cmsghdr) set(l, lvl, typ int) {
+	h.Len = uint64(l)
+	h.Level = int32(lvl)
+	h.Type = int32(typ)
+}

vendor/github.com/miekg/dns/internal/socket/cmsghdr_other.go

@@ -0,0 +1,13 @@
+// +build !linux
+
+package socket
+
+type cmsghdr struct{}
+
+const sizeofCmsghdr = 0
+
+func (h *cmsghdr) len() int { return 0 }
+func (h *cmsghdr) lvl() int { return 0 }
+func (h *cmsghdr) typ() int { return 0 }
+
+func (h *cmsghdr) set(l, lvl, typ int) {}

vendor/github.com/miekg/dns/internal/socket/controlmessage.go

@@ -0,0 +1,118 @@
+package socket
+
+import (
+	"errors"
+	"unsafe"
+)
+
+func controlHeaderLen() int {
+	return roundup(sizeofCmsghdr)
+}
+
+func controlMessageLen(dataLen int) int {
+	return roundup(sizeofCmsghdr) + dataLen
+}
+
+// returns the whole length of control message.
+func ControlMessageSpace(dataLen int) int {
+	return roundup(sizeofCmsghdr) + roundup(dataLen)
+}
+
+// A ControlMessage represents the head message in a stream of control
+// messages.
+//
+// A control message comprises of a header, data and a few padding
+// fields to conform to the interface to the kernel.
+//
+// See RFC 3542 for further information.
+type ControlMessage []byte
+
+// Data returns the data field of the control message at the head.
+func (m ControlMessage) Data(dataLen int) []byte {
+	l := controlHeaderLen()
+	if len(m) < l || len(m) < l+dataLen {
+		return nil
+	}
+	return m[l : l+dataLen]
+}
+
+// ParseHeader parses and returns the header fields of the control
+// message at the head.
+func (m ControlMessage) ParseHeader() (lvl, typ, dataLen int, err error) {
+	l := controlHeaderLen()
+	if len(m) < l {
+		return 0, 0, 0, errors.New("short message")
+	}
+	h := (*cmsghdr)(unsafe.Pointer(&m[0]))
+	return h.lvl(), h.typ(), int(uint64(h.len()) - uint64(l)), nil
+}
+
+// Next returns the control message at the next.
+func (m ControlMessage) Next(dataLen int) ControlMessage {
+	l := ControlMessageSpace(dataLen)
+	if len(m) < l {
+		return nil
+	}
+	return m[l:]
+}
+
+// MarshalHeader marshals the header fields of the control message at
+// the head.
+func (m ControlMessage) MarshalHeader(lvl, typ, dataLen int) error {
+	if len(m) < controlHeaderLen() {
+		return errors.New("short message")
+	}
+	h := (*cmsghdr)(unsafe.Pointer(&m[0]))
+	h.set(controlMessageLen(dataLen), lvl, typ)
+	return nil
+}
+
+// Marshal marshals the control message at the head, and returns the next
+// control message.
+func (m ControlMessage) Marshal(lvl, typ int, data []byte) (ControlMessage, error) {
+	l := len(data)
+	if len(m) < ControlMessageSpace(l) {
+		return nil, errors.New("short message")
+	}
+	h := (*cmsghdr)(unsafe.Pointer(&m[0]))
+	h.set(controlMessageLen(l), lvl, typ)
+	if l > 0 {
+		copy(m.Data(l), data)
+	}
+	return m.Next(l), nil
+}
+
+// Parse parses as a single or multiple control messages.
+func (m ControlMessage) Parse() ([]ControlMessage, error) {
+	var ms []ControlMessage
+	for len(m) >= controlHeaderLen() {
+		h := (*cmsghdr)(unsafe.Pointer(&m[0]))
+		l := h.len()
+		if l <= 0 {
+			return nil, errors.New("invalid header length")
+		}
+		if uint64(l) < uint64(controlHeaderLen()) {
+			return nil, errors.New("invalid message length")
+		}
+		if uint64(l) > uint64(len(m)) {
+			return nil, errors.New("short buffer")
+		}
+		ms = append(ms, ControlMessage(m[:l]))
+		ll := l - controlHeaderLen()
+		if len(m) >= ControlMessageSpace(ll) {
+			m = m[ControlMessageSpace(ll):]
+		} else {
+			m = m[controlMessageLen(ll):]
+		}
+	}
+	return ms, nil
+}
+
+// NewControlMessage returns a new stream of control messages.
+func NewControlMessage(dataLen []int) ControlMessage {
+	var l int
+	for i := range dataLen {
+		l += ControlMessageSpace(dataLen[i])
+	}
+	return make([]byte, l)
+}

vendor/github.com/miekg/dns/internal/socket/socket.go

@@ -0,0 +1,4 @@
+// Package socket contains ControlMessage parsing code from
+// golang.org/x/net/internal/socket. Instead of supporting all possible
+// architectures, we're only supporting linux 32/64 bit.
+package socket

vendor/github.com/miekg/dns/internal/socket/sys.go

@@ -0,0 +1,14 @@
+package socket
+
+import "unsafe"
+
+var (
+	kernelAlign = func() int {
+		var p uintptr
+		return int(unsafe.Sizeof(p))
+	}()
+)
+
+func roundup(l int) int {
+	return (l + kernelAlign - 1) & ^(kernelAlign - 1)
+}

vendor/github.com/miekg/dns/msg.go

@@ -595,13 +595,6 @@ func UnpackRR(msg []byte, off int) (rr RR, off1 int, err error) {
 	if err != nil {
 		return nil, len(msg), err
 	}
-
-	return UnpackRRWithHeader(h, msg, off)
-}
-
-// UnpackRRWithHeader unpacks the record type specific payload given an existing
-// RR_Header.
-func UnpackRRWithHeader(h RR_Header, msg []byte, off int) (rr RR, off1 int, err error) {
 	end := off + int(h.Rdlength)
 
 	if fn, known := typeToUnpack[h.Rrtype]; !known {
@@ -619,8 +612,8 @@ func UnpackRRWithHeader(h RR_Header, msg []byte, off int) (rr RR, off1 int, err
 // If we cannot unpack the whole array, then it will return nil
 func unpackRRslice(l int, msg []byte, off int) (dst1 []RR, off1 int, err error) {
 	var r RR
-	// Don't pre-allocate, l may be under attacker control
-	var dst []RR
+	// Optimistically make dst be the length that was sent
+	dst := make([]RR, 0, l)
 	for i := 0; i < l; i++ {
 		off1 := off
 		r, off, err = UnpackRR(msg, off)
@@ -691,20 +684,18 @@ func (dns *Msg) Pack() (msg []byte, err error) {
 	return dns.PackBuffer(nil)
 }
 
-// PackBuffer packs a Msg, using the given buffer buf. If buf is too small a new buffer is allocated.
+// PackBuffer packs a Msg, using the given buffer buf. If buf is too small
+// a new buffer is allocated.
 func (dns *Msg) PackBuffer(buf []byte) (msg []byte, err error) {
-	var compression map[string]int
-	if dns.Compress {
-		compression = make(map[string]int) // Compression pointer mappings.
-	}
-	return dns.packBufferWithCompressionMap(buf, compression)
-}
-
-// packBufferWithCompressionMap packs a Msg, using the given buffer buf.
-func (dns *Msg) packBufferWithCompressionMap(buf []byte, compression map[string]int) (msg []byte, err error) {
 	// We use a similar function in tsig.go's stripTsig.
+	var (
+		dh          Header
+		compression map[string]int
+	)
 
-	var dh Header
+	if dns.Compress {
+		compression = make(map[string]int) // Compression pointer mappings
+	}
 
 	if dns.Rcode < 0 || dns.Rcode > 0xFFF {
 		return nil, ErrRcode
@@ -716,11 +707,12 @@ func (dns *Msg) packBufferWithCompressionMap(buf []byte, compression map[string]
 			return nil, ErrExtendedRcode
 		}
 		opt.SetExtendedRcode(uint8(dns.Rcode >> 4))
+		dns.Rcode &= 0xF
 	}
 
 	// Convert convenient Msg into wire-like Header.
 	dh.Id = dns.Id
-	dh.Bits = uint16(dns.Opcode)<<11 | uint16(dns.Rcode&0xF)
+	dh.Bits = uint16(dns.Opcode)<<11 | uint16(dns.Rcode)
 	if dns.Response {
 		dh.Bits |= _QR
 	}
@@ -819,19 +811,13 @@ func (dns *Msg) Unpack(msg []byte) (err error) {
 	dns.CheckingDisabled = (dh.Bits & _CD) != 0
 	dns.Rcode = int(dh.Bits & 0xF)
 
-	// If we are at the end of the message we should return *just* the
-	// header. This can still be useful to the caller. 9.9.9.9 sends these
-	// when responding with REFUSED for instance.
 	if off == len(msg) {
-		// reset sections before returning
-		dns.Question, dns.Answer, dns.Ns, dns.Extra = nil, nil, nil, nil
-		return nil
+		return ErrTruncated
 	}
 
-	// Qdcount, Ancount, Nscount, Arcount can't be trusted, as they are
-	// attacker controlled. This means we can't use them to pre-allocate
-	// slices.
-	dns.Question = nil
+	// Optimistically use the count given to us in the header
+	dns.Question = make([]Question, 0, int(dh.Qdcount))
+
 	for i := 0; i < int(dh.Qdcount); i++ {
 		off1 := off
 		var q Question
@@ -923,138 +909,94 @@ func (dns *Msg) String() string {
 // than packing it, measuring the size and discarding the buffer.
 func (dns *Msg) Len() int { return compressedLen(dns, dns.Compress) }
 
-func compressedLenWithCompressionMap(dns *Msg, compression map[string]int) int {
-	l := 12 // Message header is always 12 bytes
-	for _, r := range dns.Question {
-		compressionLenHelper(compression, r.Name, l)
-		l += r.len()
-	}
-	l += compressionLenSlice(l, compression, dns.Answer)
-	l += compressionLenSlice(l, compression, dns.Ns)
-	l += compressionLenSlice(l, compression, dns.Extra)
-	return l
-}
-
 // compressedLen returns the message length when in compressed wire format
 // when compress is true, otherwise the uncompressed length is returned.
 func compressedLen(dns *Msg, compress bool) int {
 	// We always return one more than needed.
+	l := 12 // Message header is always 12 bytes
 	if compress {
 		compression := map[string]int{}
-		return compressedLenWithCompressionMap(dns, compression)
-	}
-	l := 12 // Message header is always 12 bytes
-
-	for _, r := range dns.Question {
-		l += r.len()
-	}
-	for _, r := range dns.Answer {
-		if r != nil {
+		for _, r := range dns.Question {
+			l += r.len()
+			compressionLenHelper(compression, r.Name)
+		}
+		l += compressionLenSlice(compression, dns.Answer)
+		l += compressionLenSlice(compression, dns.Ns)
+		l += compressionLenSlice(compression, dns.Extra)
+	} else {
+		for _, r := range dns.Question {
 			l += r.len()
 		}
-	}
-	for _, r := range dns.Ns {
-		if r != nil {
-			l += r.len()
+		for _, r := range dns.Answer {
+			if r != nil {
+				l += r.len()
+			}
+		}
+		for _, r := range dns.Ns {
+			if r != nil {
+				l += r.len()
+			}
+		}
+		for _, r := range dns.Extra {
+			if r != nil {
+				l += r.len()
+			}
 		}
 	}
-	for _, r := range dns.Extra {
-		if r != nil {
-			l += r.len()
-		}
-	}
-
 	return l
 }
 
-func compressionLenSlice(lenp int, c map[string]int, rs []RR) int {
-	initLen := lenp
+func compressionLenSlice(c map[string]int, rs []RR) int {
+	var l int
 	for _, r := range rs {
 		if r == nil {
 			continue
 		}
-		// TmpLen is to track len of record at 14bits boudaries
-		tmpLen := lenp
-
-		x := r.len()
-		// track this length, and the global length in len, while taking compression into account for both.
-		k, ok, _ := compressionLenSearch(c, r.Header().Name)
+		l += r.len()
+		k, ok := compressionLenSearch(c, r.Header().Name)
 		if ok {
-			// Size of x is reduced by k, but we add 1 since k includes the '.' and label descriptor take 2 bytes
-			// so, basically x:= x - k - 1 + 2
-			x += 1 - k
+			l += 1 - k
 		}
-
-		tmpLen += compressionLenHelper(c, r.Header().Name, tmpLen)
-		k, ok, _ = compressionLenSearchType(c, r)
+		compressionLenHelper(c, r.Header().Name)
+		k, ok = compressionLenSearchType(c, r)
 		if ok {
-			x += 1 - k
+			l += 1 - k
 		}
-		lenp += x
-		tmpLen = lenp
-		tmpLen += compressionLenHelperType(c, r, tmpLen)
-
+		compressionLenHelperType(c, r)
 	}
-	return lenp - initLen
+	return l
 }
 
-// Put the parts of the name in the compression map, return the size in bytes added in payload
-func compressionLenHelper(c map[string]int, s string, currentLen int) int {
-	if currentLen > maxCompressionOffset {
-		// We won't be able to add any label that could be re-used later anyway
-		return 0
-	}
-	if _, ok := c[s]; ok {
-		return 0
-	}
-	initLen := currentLen
+// Put the parts of the name in the compression map.
+func compressionLenHelper(c map[string]int, s string) {
 	pref := ""
-	prev := s
 	lbs := Split(s)
-	for j := 0; j < len(lbs); j++ {
+	for j := len(lbs) - 1; j >= 0; j-- {
 		pref = s[lbs[j]:]
-		currentLen += len(prev) - len(pref)
-		prev = pref
 		if _, ok := c[pref]; !ok {
-			// If first byte label is within the first 14bits, it might be re-used later
-			if currentLen < maxCompressionOffset {
-				c[pref] = currentLen
-			}
-		} else {
-			added := currentLen - initLen
-			if j > 0 {
-				// We added a new PTR
-				added += 2
-			}
-			return added
+			c[pref] = len(pref)
 		}
 	}
-	return currentLen - initLen
 }
 
 // Look for each part in the compression map and returns its length,
 // keep on searching so we get the longest match.
-// Will return the size of compression found, whether a match has been
-// found and the size of record if added in payload
-func compressionLenSearch(c map[string]int, s string) (int, bool, int) {
+func compressionLenSearch(c map[string]int, s string) (int, bool) {
 	off := 0
 	end := false
 	if s == "" { // don't bork on bogus data
-		return 0, false, 0
+		return 0, false
 	}
-	fullSize := 0
 	for {
 		if _, ok := c[s[off:]]; ok {
-			return len(s[off:]), true, fullSize + off
+			return len(s[off:]), true
 		}
 		if end {
 			break
 		}
-		// Each label descriptor takes 2 bytes, add it
-		fullSize += 2
 		off, end = NextLabel(s, off)
 	}
-	return 0, false, fullSize + len(s)
+	return 0, false
 }
 
 // Copy returns a new RR which is a deep-copy of r.

vendor/github.com/miekg/dns/msg_generate.go

@@ -18,7 +18,8 @@ import (
 )
 
 var packageHdr = `
-// Code generated by "go run msg_generate.go"; DO NOT EDIT.
+// *** DO NOT MODIFY ***
+// AUTOGENERATED BY go generate from msg_generate.go
 
 package dns
 

vendor/github.com/miekg/dns/msg_helpers.go

@@ -141,24 +141,20 @@ func truncateMsgFromRdlength(msg []byte, off int, rdlength uint16) (truncmsg []b
 	return msg[:lenrd], nil
 }
 
-var base32HexNoPadEncoding = base32.HexEncoding.WithPadding(base32.NoPadding)
-
 func fromBase32(s []byte) (buf []byte, err error) {
 	for i, b := range s {
 		if b >= 'a' && b <= 'z' {
 			s[i] = b - 32
 		}
 	}
-	buflen := base32HexNoPadEncoding.DecodedLen(len(s))
+	buflen := base32.HexEncoding.DecodedLen(len(s))
 	buf = make([]byte, buflen)
-	n, err := base32HexNoPadEncoding.Decode(buf, s)
+	n, err := base32.HexEncoding.Decode(buf, s)
 	buf = buf[:n]
 	return
 }
 
-func toBase32(b []byte) string {
-	return base32HexNoPadEncoding.EncodeToString(b)
-}
+func toBase32(b []byte) string { return base32.HexEncoding.EncodeToString(b) }
 
 func fromBase64(s []byte) (buf []byte, err error) {
 	buflen := base64.StdEncoding.DecodedLen(len(s))

vendor/github.com/miekg/dns/privaterr.go

@@ -56,7 +56,8 @@ func (r *PrivateRR) len() int { return r.Hdr.len() + r.Data.Len() }
 func (r *PrivateRR) copy() RR {
 	// make new RR like this:
 	rr := mkPrivateRR(r.Hdr.Rrtype)
-	rr.Hdr = r.Hdr
+	newh := r.Hdr.copyHeader()
+	rr.Hdr = *newh
 
 	err := r.Data.Copy(rr.Data)
 	if err != nil {

vendor/github.com/miekg/dns/sanitize.go

@@ -3,7 +3,7 @@ package dns
 // Dedup removes identical RRs from rrs. It preserves the original ordering.
 // The lowest TTL of any duplicates is used in the remaining one. Dedup modifies
 // rrs.
-// m is used to store the RRs temporary. If it is nil a new map will be allocated.
+// m is used to store the RRs temporay. If it is nil a new map will be allocated.
 func Dedup(rrs []RR, m map[string]RR) []RR {
 	if m == nil {
 		m = make(map[string]RR)

vendor/github.com/miekg/dns/scan.go

@@ -1,10 +1,8 @@
 package dns
 
 import (
-	"fmt"
 	"io"
 	"os"
-	"path/filepath"
 	"strconv"
 	"strings"
 )
@@ -299,24 +297,16 @@ func parseZone(r io.Reader, origin, f string, defttl *ttlState, t chan *Token, i
 				return
 			}
 			// Start with the new file
-			includePath := l.token
-			if !filepath.IsAbs(includePath) {
-				includePath = filepath.Join(filepath.Dir(f), includePath)
-			}
-			r1, e1 := os.Open(includePath)
+			r1, e1 := os.Open(l.token)
 			if e1 != nil {
-				msg := fmt.Sprintf("failed to open `%s'", l.token)
-				if !filepath.IsAbs(l.token) {
-					msg += fmt.Sprintf(" as `%s'", includePath)
-				}
-				t <- &Token{Error: &ParseError{f, msg, l}}
+				t <- &Token{Error: &ParseError{f, "failed to open `" + l.token + "'", l}}
 				return
 			}
 			if include+1 > 7 {
 				t <- &Token{Error: &ParseError{f, "too deeply nested $INCLUDE", l}}
 				return
 			}
-			parseZone(r1, neworigin, includePath, defttl, t, include+1)
+			parseZone(r1, neworigin, l.token, defttl, t, include+1)
 			st = zExpectOwnerDir
 		case zExpectDirTTLBl:
 			if l.value != zBlank {
@@ -577,7 +567,6 @@ func zlexer(s *scan, c chan lex) {
 								return
 							}
 							l.value = zRrtpe
-							rrtype = true
 							l.torc = t
 						}
 					}
@@ -601,7 +590,7 @@ func zlexer(s *scan, c chan lex) {
 				c <- l
 			}
 			stri = 0
-
+			// I reverse space stuff here
 			if !space && !commt {
 				l.value = zBlank
 				l.token = " "

vendor/github.com/miekg/dns/scan_rr.go

@@ -1255,10 +1255,8 @@ func setNSEC3(h RR_Header, c chan lex, o, f string) (RR, *ParseError, string) {
 	if len(l.token) == 0 || l.err {
 		return nil, &ParseError{f, "bad NSEC3 Salt", l}, ""
 	}
-	if l.token != "-" {
-		rr.SaltLength = uint8(len(l.token)) / 2
-		rr.Salt = l.token
-	}
+	rr.SaltLength = uint8(len(l.token)) / 2
+	rr.Salt = l.token
 
 	<-c
 	l = <-c
@@ -1323,10 +1321,8 @@ func setNSEC3PARAM(h RR_Header, c chan lex, o, f string) (RR, *ParseError, strin
 	rr.Iterations = uint16(i)
 	<-c
 	l = <-c
-	if l.token != "-" {
-		rr.SaltLength = uint8(len(l.token))
-		rr.Salt = l.token
-	}
+	rr.SaltLength = uint8(len(l.token))
+	rr.Salt = l.token
 	return rr, nil, ""
 }
 
@@ -2099,7 +2095,7 @@ func setTKEY(h RR_Header, c chan lex, o, f string) (RR, *ParseError, string) {
 		return nil, &ParseError{f, "bad TKEY algorithm", l}, ""
 	}
 	rr.Algorithm = l.token
-	<-c // zBlank
+	<-c     // zBlank
 
 	// Get the key length and key values
 	l = <-c
@@ -2108,13 +2104,13 @@ func setTKEY(h RR_Header, c chan lex, o, f string) (RR, *ParseError, string) {
 		return nil, &ParseError{f, "bad TKEY key length", l}, ""
 	}
 	rr.KeySize = uint16(i)
-	<-c // zBlank
+	<-c     // zBlank
 	l = <-c
 	if l.value != zString {
 		return nil, &ParseError{f, "bad TKEY key", l}, ""
 	}
 	rr.Key = l.token
-	<-c // zBlank
+	<-c     // zBlank
 
 	// Get the otherdata length and string data
 	l = <-c
@@ -2123,7 +2119,7 @@ func setTKEY(h RR_Header, c chan lex, o, f string) (RR, *ParseError, string) {
 		return nil, &ParseError{f, "bad TKEY otherdata length", l}, ""
 	}
 	rr.OtherLen = uint16(i)
-	<-c // zBlank
+	<-c     // zBlank
 	l = <-c
 	if l.value != zString {
 		return nil, &ParseError{f, "bad TKEY otherday", l}, ""

vendor/github.com/miekg/dns/server.go

@@ -9,19 +9,12 @@ import (
 	"io"
 	"net"
 	"sync"
-	"sync/atomic"
 	"time"
 )
 
-// Default maximum number of TCP queries before we close the socket.
+// Maximum number of TCP queries before we close the socket.
 const maxTCPQueries = 128
 
-// Interval for stop worker if no load
-const idleWorkerTimeout = 10 * time.Second
-
-// Maximum number of workers
-const maxWorkersCount = 10000
-
 // Handler is implemented by any value that implements ServeDNS.
 type Handler interface {
 	ServeDNS(w ResponseWriter, r *Msg)
@@ -50,7 +43,6 @@ type ResponseWriter interface {
 }
 
 type response struct {
-	msg            []byte
 	hijacked       bool // connection has been hijacked by handler
 	tsigStatus     error
 	tsigTimersOnly bool
@@ -59,6 +51,7 @@ type response struct {
 	udp            *net.UDPConn      // i/o connection if UDP was used
 	tcp            net.Conn          // i/o connection if TCP was used
 	udpSession     *SessionUDP       // oob data to get egress interface right
+	remoteAddr     net.Addr          // address of the client
 	writer         Writer            // writer to output the raw DNS bits
 }
 
@@ -303,63 +296,12 @@ type Server struct {
 	DecorateReader DecorateReader
 	// DecorateWriter is optional, allows customization of the process that writes raw DNS messages.
 	DecorateWriter DecorateWriter
-	// Maximum number of TCP queries before we close the socket. Default is maxTCPQueries (unlimited if -1).
-	MaxTCPQueries int
 
-	// UDP packet or TCP connection queue
-	queue chan *response
-	// Workers count
-	workersCount int32
 	// Shutdown handling
 	lock    sync.RWMutex
 	started bool
 }
 
-func (srv *Server) worker(w *response) {
-	srv.serve(w)
-
-	for {
-		count := atomic.LoadInt32(&srv.workersCount)
-		if count > maxWorkersCount {
-			return
-		}
-		if atomic.CompareAndSwapInt32(&srv.workersCount, count, count+1) {
-			break
-		}
-	}
-
-	defer atomic.AddInt32(&srv.workersCount, -1)
-
-	inUse := false
-	timeout := time.NewTimer(idleWorkerTimeout)
-	defer timeout.Stop()
-LOOP:
-	for {
-		select {
-		case w, ok := <-srv.queue:
-			if !ok {
-				break LOOP
-			}
-			inUse = true
-			srv.serve(w)
-		case <-timeout.C:
-			if !inUse {
-				break LOOP
-			}
-			inUse = false
-			timeout.Reset(idleWorkerTimeout)
-		}
-	}
-}
-
-func (srv *Server) spawnWorker(w *response) {
-	select {
-	case srv.queue <- w:
-	default:
-		go srv.worker(w)
-	}
-}
-
 // ListenAndServe starts a nameserver on the configured address in *Server.
 func (srv *Server) ListenAndServe() error {
 	srv.lock.Lock()
@@ -367,7 +309,6 @@ func (srv *Server) ListenAndServe() error {
 	if srv.started {
 		return &Error{err: "server already started"}
 	}
-
 	addr := srv.Addr
 	if addr == "" {
 		addr = ":domain"
@@ -375,8 +316,6 @@ func (srv *Server) ListenAndServe() error {
 	if srv.UDPSize == 0 {
 		srv.UDPSize = MinMsgSize
 	}
-	srv.queue = make(chan *response)
-	defer close(srv.queue)
 	switch srv.Net {
 	case "tcp", "tcp4", "tcp6":
 		a, err := net.ResolveTCPAddr(srv.Net, addr)
@@ -441,11 +380,8 @@ func (srv *Server) ActivateAndServe() error {
 	if srv.started {
 		return &Error{err: "server already started"}
 	}
-
 	pConn := srv.PacketConn
 	l := srv.Listener
-	srv.queue = make(chan *response)
-	defer close(srv.queue)
 	if pConn != nil {
 		if srv.UDPSize == 0 {
 			srv.UDPSize = MinMsgSize
@@ -503,6 +439,7 @@ func (srv *Server) getReadTimeout() time.Duration {
 }
 
 // serveTCP starts a TCP listener for the server.
+// Each request is handled in a separate goroutine.
 func (srv *Server) serveTCP(l net.Listener) error {
 	defer l.Close()
 
@@ -510,8 +447,26 @@ func (srv *Server) serveTCP(l net.Listener) error {
 		srv.NotifyStartedFunc()
 	}
 
+	reader := Reader(&defaultReader{srv})
+	if srv.DecorateReader != nil {
+		reader = srv.DecorateReader(reader)
+	}
+
+	handler := srv.Handler
+	if handler == nil {
+		handler = DefaultServeMux
+	}
+	rtimeout := srv.getReadTimeout()
+	// deadline is not used here
 	for {
 		rw, err := l.Accept()
+		if err != nil {
+			if neterr, ok := err.(net.Error); ok && neterr.Temporary() {
+				continue
+			}
+			return err
+		}
+		m, err := reader.ReadTCP(rw, rtimeout)
 		srv.lock.RLock()
 		if !srv.started {
 			srv.lock.RUnlock()
@@ -519,16 +474,14 @@ func (srv *Server) serveTCP(l net.Listener) error {
 		}
 		srv.lock.RUnlock()
 		if err != nil {
-			if neterr, ok := err.(net.Error); ok && neterr.Temporary() {
-				continue
-			}
-			return err
+			continue
 		}
-		srv.spawnWorker(&response{tsigSecret: srv.TsigSecret, tcp: rw})
+		go srv.serve(rw.RemoteAddr(), handler, m, nil, nil, rw)
 	}
 }
 
 // serveUDP starts a UDP listener for the server.
+// Each request is handled in a separate goroutine.
 func (srv *Server) serveUDP(l *net.UDPConn) error {
 	defer l.Close()
 
@@ -541,6 +494,10 @@ func (srv *Server) serveUDP(l *net.UDPConn) error {
 		reader = srv.DecorateReader(reader)
 	}
 
+	handler := srv.Handler
+	if handler == nil {
+		handler = DefaultServeMux
+	}
 	rtimeout := srv.getReadTimeout()
 	// deadline is not used here
 	for {
@@ -552,106 +509,82 @@ func (srv *Server) serveUDP(l *net.UDPConn) error {
 		}
 		srv.lock.RUnlock()
 		if err != nil {
-			if netErr, ok := err.(net.Error); ok && netErr.Temporary() {
-				continue
-			}
-			return err
-		}
-		if len(m) < headerSize {
 			continue
 		}
-		srv.spawnWorker(&response{msg: m, tsigSecret: srv.TsigSecret, udp: l, udpSession: s})
+		go srv.serve(s.RemoteAddr(), handler, m, l, s, nil)
 	}
 }
 
-func (srv *Server) serve(w *response) {
+// Serve a new connection.
+func (srv *Server) serve(a net.Addr, h Handler, m []byte, u *net.UDPConn, s *SessionUDP, t net.Conn) {
+	w := &response{tsigSecret: srv.TsigSecret, udp: u, tcp: t, remoteAddr: a, udpSession: s}
 	if srv.DecorateWriter != nil {
 		w.writer = srv.DecorateWriter(w)
 	} else {
 		w.writer = w
 	}
 
-	if w.udp != nil {
-		// serve UDP
-		srv.serveDNS(w)
-		return
-	}
+	q := 0 // counter for the amount of TCP queries we get
 
 	reader := Reader(&defaultReader{srv})
 	if srv.DecorateReader != nil {
 		reader = srv.DecorateReader(reader)
 	}
-
-	defer func() {
-		if !w.hijacked {
-			w.Close()
-		}
-	}()
-
-	idleTimeout := tcpIdleTimeout
-	if srv.IdleTimeout != nil {
-		idleTimeout = srv.IdleTimeout()
-	}
-
-	timeout := srv.getReadTimeout()
-
-	limit := srv.MaxTCPQueries
-	if limit == 0 {
-		limit = maxTCPQueries
-	}
-
-	for q := 0; q < limit || limit == -1; q++ {
-		var err error
-		w.msg, err = reader.ReadTCP(w.tcp, timeout)
-		if err != nil {
-			// TODO(tmthrgd): handle error
-			break
-		}
-		srv.serveDNS(w)
-		if w.tcp == nil {
-			break // Close() was called
-		}
-		if w.hijacked {
-			break // client will call Close() themselves
-		}
-		// The first read uses the read timeout, the rest use the
-		// idle timeout.
-		timeout = idleTimeout
-	}
-}
-
-func (srv *Server) serveDNS(w *response) {
+Redo:
 	req := new(Msg)
-	err := req.Unpack(w.msg)
+	err := req.Unpack(m)
 	if err != nil { // Send a FormatError back
 		x := new(Msg)
 		x.SetRcodeFormatError(req)
 		w.WriteMsg(x)
-		return
+		goto Exit
 	}
 	if !srv.Unsafe && req.Response {
-		return
+		goto Exit
 	}
 
 	w.tsigStatus = nil
 	if w.tsigSecret != nil {
 		if t := req.IsTsig(); t != nil {
-			if secret, ok := w.tsigSecret[t.Hdr.Name]; ok {
-				w.tsigStatus = TsigVerify(w.msg, secret, "", false)
-			} else {
-				w.tsigStatus = ErrSecret
+			secret := t.Hdr.Name
+			if _, ok := w.tsigSecret[secret]; !ok {
+				w.tsigStatus = ErrKeyAlg
 			}
+			w.tsigStatus = TsigVerify(m, w.tsigSecret[secret], "", false)
 			w.tsigTimersOnly = false
 			w.tsigRequestMAC = req.Extra[len(req.Extra)-1].(*TSIG).MAC
 		}
 	}
+	h.ServeDNS(w, req) // Writes back to the client
 
-	handler := srv.Handler
-	if handler == nil {
-		handler = DefaultServeMux
+Exit:
+	if w.tcp == nil {
+		return
+	}
+	// TODO(miek): make this number configurable?
+	if q > maxTCPQueries { // close socket after this many queries
+		w.Close()
+		return
 	}
 
-	handler.ServeDNS(w, req) // Writes back to the client
+	if w.hijacked {
+		return // client calls Close()
+	}
+	if u != nil { // UDP, "close" and return
+		w.Close()
+		return
+	}
+	idleTimeout := tcpIdleTimeout
+	if srv.IdleTimeout != nil {
+		idleTimeout = srv.IdleTimeout()
+	}
+	m, err = reader.ReadTCP(w.tcp, idleTimeout)
+	if err == nil {
+		q++
+		goto Redo
+	}
+	w.Close()
+	return
 }
 
 func (srv *Server) readTCP(conn net.Conn, timeout time.Duration) ([]byte, error) {
@@ -693,8 +626,11 @@ func (srv *Server) readUDP(conn *net.UDPConn, timeout time.Duration) ([]byte, *S
 	conn.SetReadDeadline(time.Now().Add(timeout))
 	m := make([]byte, srv.UDPSize)
 	n, s, err := ReadFromSessionUDP(conn, m)
-	if err != nil {
-		return nil, nil, err
+	if err != nil || n == 0 {
+		if err != nil {
+			return nil, nil, err
+		}
+		return nil, nil, ErrShortRead
 	}
 	m = m[:n]
 	return m, s, nil
@@ -754,12 +690,7 @@ func (w *response) LocalAddr() net.Addr {
 }
 
 // RemoteAddr implements the ResponseWriter.RemoteAddr method.
-func (w *response) RemoteAddr() net.Addr {
-	if w.tcp != nil {
-		return w.tcp.RemoteAddr()
-	}
-	return w.udpSession.RemoteAddr()
-}
+func (w *response) RemoteAddr() net.Addr { return w.remoteAddr }
 
 // TsigStatus implements the ResponseWriter.TsigStatus method.
 func (w *response) TsigStatus() error { return w.tsigStatus }

vendor/github.com/miekg/dns/types_generate.go

@@ -27,7 +27,8 @@ var skipLen = map[string]struct{}{
 }
 
 var packageHdr = `
-// Code generated by "go run types_generate.go"; DO NOT EDIT.
+// *** DO NOT MODIFY ***
+// AUTOGENERATED BY go generate from types_generate.go
 
 package dns
 
@@ -181,8 +182,6 @@ func main() {
 				fallthrough
 			case st.Tag(i) == `dns:"base64"`:
 				o("l += base64.StdEncoding.DecodedLen(len(rr.%s))\n")
-			case strings.HasPrefix(st.Tag(i), `dns:"size-hex:`): // this has an extra field where the length is stored
-				o("l += len(rr.%s)/2\n")
 			case strings.HasPrefix(st.Tag(i), `dns:"size-hex`):
 				fallthrough
 			case st.Tag(i) == `dns:"hex"`:
@@ -226,7 +225,7 @@ func main() {
 			continue
 		}
 		fmt.Fprintf(b, "func (rr *%s) copy() RR {\n", name)
-		fields := []string{"rr.Hdr"}
+		fields := []string{"*rr.Hdr.copyHeader()"}
 		for i := 1; i < st.NumFields(); i++ {
 			f := st.Field(i).Name()
 			if sl, ok := st.Field(i).Type().(*types.Slice); ok {

vendor/github.com/miekg/dns/udp.go

@@ -4,27 +4,8 @@ package dns
 
 import (
 	"net"
-
-	"golang.org/x/net/ipv4"
-	"golang.org/x/net/ipv6"
 )
 
-// This is the required size of the OOB buffer to pass to ReadMsgUDP.
-var udpOOBSize = func() int {
-	// We can't know whether we'll get an IPv4 control message or an
-	// IPv6 control message ahead of time. To get around this, we size
-	// the buffer equal to the largest of the two.
-
-	oob4 := ipv4.NewControlMessage(ipv4.FlagDst | ipv4.FlagInterface)
-	oob6 := ipv6.NewControlMessage(ipv6.FlagDst | ipv6.FlagInterface)
-
-	if len(oob4) > len(oob6) {
-		return len(oob4)
-	}
-
-	return len(oob6)
-}()
-
 // SessionUDP holds the remote address and the associated
 // out-of-band data.
 type SessionUDP struct {
@@ -38,7 +19,7 @@ func (s *SessionUDP) RemoteAddr() net.Addr { return s.raddr }
 // ReadFromSessionUDP acts just like net.UDPConn.ReadFrom(), but returns a session object instead of a
 // net.UDPAddr.
 func ReadFromSessionUDP(conn *net.UDPConn, b []byte) (int, *SessionUDP, error) {
-	oob := make([]byte, udpOOBSize)
+	oob := make([]byte, 40)
 	n, oobn, _, raddr, err := conn.ReadMsgUDP(b, oob)
 	if err != nil {
 		return n, nil, err
@@ -53,50 +34,12 @@ func WriteToSessionUDP(conn *net.UDPConn, b []byte, session *SessionUDP) (int, e
 	return n, err
 }
 
-func setUDPSocketOptions(conn *net.UDPConn) error {
-	// Try setting the flags for both families and ignore the errors unless they
-	// both error.
-	err6 := ipv6.NewPacketConn(conn).SetControlMessage(ipv6.FlagDst|ipv6.FlagInterface, true)
-	err4 := ipv4.NewPacketConn(conn).SetControlMessage(ipv4.FlagDst|ipv4.FlagInterface, true)
-	if err6 != nil && err4 != nil {
-		return err4
-	}
-	return nil
-}
-
-// parseDstFromOOB takes oob data and returns the destination IP.
-func parseDstFromOOB(oob []byte) net.IP {
-	// Start with IPv6 and then fallback to IPv4
-	// TODO(fastest963): Figure out a way to prefer one or the other. Looking at
-	// the lvl of the header for a 0 or 41 isn't cross-platform.
-	cm6 := new(ipv6.ControlMessage)
-	if cm6.Parse(oob) == nil && cm6.Dst != nil {
-		return cm6.Dst
-	}
-	cm4 := new(ipv4.ControlMessage)
-	if cm4.Parse(oob) == nil && cm4.Dst != nil {
-		return cm4.Dst
-	}
-	return nil
-}
-
 // correctSource takes oob data and returns new oob data with the Src equal to the Dst
 func correctSource(oob []byte) []byte {
-	dst := parseDstFromOOB(oob)
-	if dst == nil {
+	dst, err := parseUDPSocketDst(oob)
+	// If the destination could not be determined, ignore.
+	if err != nil || dst == nil {
 		return nil
 	}
-	// If the dst is definitely an IPv6, then use ipv6's ControlMessage to
-	// respond otherwise use ipv4's because ipv6's marshal ignores ipv4
-	// addresses.
-	if dst.To4() == nil {
-		cm := new(ipv6.ControlMessage)
-		cm.Src = dst
-		oob = cm.Marshal()
-	} else {
-		cm := new(ipv4.ControlMessage)
-		cm.Src = dst
-		oob = cm.Marshal()
-	}
-	return oob
+	return marshalUDPSocketSrc(dst)
 }

vendor/github.com/miekg/dns/udp_linux.go

@@ -0,0 +1,220 @@
+// +build linux,!appengine
+
+package dns
+
+// See:
+// * http://stackoverflow.com/questions/3062205/setting-the-source-ip-for-a-udp-socket and
+// * http://blog.powerdns.com/2012/10/08/on-binding-datagram-udp-sockets-to-the-any-addresses/
+//
+// Why do we need this: When listening on 0.0.0.0 with UDP so kernel decides what is the outgoing
+// interface, this might not always be the correct one. This code will make sure the egress
+// packet's interface matched the ingress' one.
+
+import (
+	"net"
+	"syscall"
+	"unsafe"
+
+	"github.com/miekg/dns/internal/socket"
+)
+
+const (
+	sizeofInet6Pktinfo = 0x14
+	sizeofInetPktinfo  = 0xc
+	protocolIP         = 0
+	protocolIPv6       = 41
+)
+
+type inetPktinfo struct {
+	Ifindex  int32
+	Spec_dst [4]byte /* in_addr */
+	Addr     [4]byte /* in_addr */
+}
+
+type inet6Pktinfo struct {
+	Addr    [16]byte /* in6_addr */
+	Ifindex int32
+}
+
+type inetControlMessage struct {
+	Src net.IP // source address, specifying only
+	Dst net.IP // destination address, receiving only
+}
+
+// setUDPSocketOptions sets the UDP socket options.
+// This function is implemented on a per platform basis. See udp_*.go for more details
+func setUDPSocketOptions(conn *net.UDPConn) error {
+	sa, err := getUDPSocketName(conn)
+	if err != nil {
+		return err
+	}
+	switch sa.(type) {
+	case *syscall.SockaddrInet6:
+		v6only, err := getUDPSocketOptions6Only(conn)
+		if err != nil {
+			return err
+		}
+		setUDPSocketOptions6(conn)
+		if !v6only {
+			setUDPSocketOptions4(conn)
+		}
+	case *syscall.SockaddrInet4:
+		setUDPSocketOptions4(conn)
+	}
+	return nil
+}
+
+// setUDPSocketOptions4 prepares the v4 socket for sessions.
+func setUDPSocketOptions4(conn *net.UDPConn) error {
+	file, err := conn.File()
+	if err != nil {
+		return err
+	}
+	if err := syscall.SetsockoptInt(int(file.Fd()), syscall.IPPROTO_IP, syscall.IP_PKTINFO, 1); err != nil {
+		file.Close()
+		return err
+	}
+	// Calling File() above results in the connection becoming blocking, we must fix that.
+	// See https://github.com/miekg/dns/issues/279
+	err = syscall.SetNonblock(int(file.Fd()), true)
+	if err != nil {
+		file.Close()
+		return err
+	}
+	file.Close()
+	return nil
+}
+
+// setUDPSocketOptions6 prepares the v6 socket for sessions.
+func setUDPSocketOptions6(conn *net.UDPConn) error {
+	file, err := conn.File()
+	if err != nil {
+		return err
+	}
+	if err := syscall.SetsockoptInt(int(file.Fd()), syscall.IPPROTO_IPV6, syscall.IPV6_RECVPKTINFO, 1); err != nil {
+		file.Close()
+		return err
+	}
+	err = syscall.SetNonblock(int(file.Fd()), true)
+	if err != nil {
+		file.Close()
+		return err
+	}
+	file.Close()
+	return nil
+}
+
+// getUDPSocketOption6Only return true if the socket is v6 only and false when it is v4/v6 combined
+// (dualstack).
+func getUDPSocketOptions6Only(conn *net.UDPConn) (bool, error) {
+	file, err := conn.File()
+	if err != nil {
+		return false, err
+	}
+	// dual stack. See http://stackoverflow.com/questions/1618240/how-to-support-both-ipv4-and-ipv6-connections
+	v6only, err := syscall.GetsockoptInt(int(file.Fd()), syscall.IPPROTO_IPV6, syscall.IPV6_V6ONLY)
+	if err != nil {
+		file.Close()
+		return false, err
+	}
+	file.Close()
+	return v6only == 1, nil
+}
+
+func getUDPSocketName(conn *net.UDPConn) (syscall.Sockaddr, error) {
+	file, err := conn.File()
+	if err != nil {
+		return nil, err
+	}
+	defer file.Close()
+	return syscall.Getsockname(int(file.Fd()))
+}
+
+// marshalInetPacketInfo marshals a ipv4 control message, returning
+// the byte slice for the next marshal, if any
+func marshalInetPacketInfo(b []byte, cm *inetControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(protocolIP, syscall.IP_PKTINFO, sizeofInetPktinfo)
+	if cm != nil {
+		pi := (*inetPktinfo)(unsafe.Pointer(&m.Data(sizeofInetPktinfo)[0]))
+		if ip := cm.Src.To4(); ip != nil {
+			copy(pi.Spec_dst[:], ip)
+		}
+	}
+	return m.Next(sizeofInetPktinfo)
+}
+
+// marshalInet6PacketInfo marshals a ipv6 control message, returning
+// the byte slice for the next marshal, if any
+func marshalInet6PacketInfo(b []byte, cm *inetControlMessage) []byte {
+	m := socket.ControlMessage(b)
+	m.MarshalHeader(protocolIPv6, syscall.IPV6_PKTINFO, sizeofInet6Pktinfo)
+	if cm != nil {
+		pi := (*inet6Pktinfo)(unsafe.Pointer(&m.Data(sizeofInet6Pktinfo)[0]))
+		if ip := cm.Src.To16(); ip != nil && ip.To4() == nil {
+			copy(pi.Addr[:], ip)
+		}
+	}
+	return m.Next(sizeofInet6Pktinfo)
+}
+
+func parseInetPacketInfo(cm *inetControlMessage, b []byte) {
+	pi := (*inetPktinfo)(unsafe.Pointer(&b[0]))
+	if len(cm.Dst) < net.IPv4len {
+		cm.Dst = make(net.IP, net.IPv4len)
+	}
+	copy(cm.Dst, pi.Addr[:])
+}
+
+func parseInet6PacketInfo(cm *inetControlMessage, b []byte) {
+	pi := (*inet6Pktinfo)(unsafe.Pointer(&b[0]))
+	if len(cm.Dst) < net.IPv6len {
+		cm.Dst = make(net.IP, net.IPv6len)
+	}
+	copy(cm.Dst, pi.Addr[:])
+}
+
+// parseUDPSocketDst takes out-of-band data from ReadMsgUDP and parses it for
+// the Dst address
+func parseUDPSocketDst(oob []byte) (net.IP, error) {
+	cm := new(inetControlMessage)
+	ms, err := socket.ControlMessage(oob).Parse()
+	if err != nil {
+		return nil, err
+	}
+	for _, m := range ms {
+		lvl, typ, l, err := m.ParseHeader()
+		if err != nil {
+			return nil, err
+		}
+		if lvl == protocolIPv6 { // IPv6
+			if typ == syscall.IPV6_PKTINFO && l >= sizeofInet6Pktinfo {
+				parseInet6PacketInfo(cm, m.Data(l))
+			}
+		} else if lvl == protocolIP { // IPv4
+			if typ == syscall.IP_PKTINFO && l >= sizeofInetPktinfo {
+				parseInetPacketInfo(cm, m.Data(l))
+			}
+		}
+	}
+	return cm.Dst, nil
+}
+
+// marshalUDPSocketSrc takes the given src address and returns out-of-band data
+// to give to WriteMsgUDP
+func marshalUDPSocketSrc(src net.IP) []byte {
+	var oob []byte
+	// If the dst is definitely an ipv6, then use ipv6 control to respond
+	// otherwise use ipv4 because the ipv6 marshal ignores ipv4 messages.
+	// See marshalInet6PacketInfo
+	cm := new(inetControlMessage)
+	cm.Src = src
+	if src.To4() == nil {
+		oob = make([]byte, socket.ControlMessageSpace(sizeofInet6Pktinfo))
+		marshalInet6PacketInfo(oob, cm)
+	} else {
+		oob = make([]byte, socket.ControlMessageSpace(sizeofInetPktinfo))
+		marshalInetPacketInfo(oob, cm)
+	}
+	return oob
+}

vendor/github.com/miekg/dns/udp_other.go

@@ -0,0 +1,17 @@
+// +build !linux appengine
+
+package dns
+
+import (
+	"net"
+)
+
+// These do nothing. See udp_linux.go for an example of how to implement this.
+
+// We tried to adhire to some kind of naming scheme.
+func setUDPSocketOptions(conn *net.UDPConn) error              { return nil }
+func setUDPSocketOptions4(conn *net.UDPConn) error             { return nil }
+func setUDPSocketOptions6(conn *net.UDPConn) error             { return nil }
+func getUDPSocketOptions6Only(conn *net.UDPConn) (bool, error) { return false, nil }
+func parseUDPSocketDst(oob []byte) (net.IP, error)             { return nil, nil }
+func marshalUDPSocketSrc(src net.IP) []byte                    { return nil }

vendor/github.com/miekg/dns/udp_windows.go

@@ -14,7 +14,6 @@ func (s *SessionUDP) RemoteAddr() net.Addr { return s.raddr }
 
 // ReadFromSessionUDP acts just like net.UDPConn.ReadFrom(), but returns a session object instead of a
 // net.UDPAddr.
-// TODO(fastest963): Once go1.10 is released, use ReadMsgUDP.
 func ReadFromSessionUDP(conn *net.UDPConn, b []byte) (int, *SessionUDP, error) {
 	n, raddr, err := conn.ReadFrom(b)
 	if err != nil {
@@ -25,13 +24,7 @@ func ReadFromSessionUDP(conn *net.UDPConn, b []byte) (int, *SessionUDP, error) {
 }
 
 // WriteToSessionUDP acts just like net.UDPConn.WriteTo(), but uses a *SessionUDP instead of a net.Addr.
-// TODO(fastest963): Once go1.10 is released, use WriteMsgUDP.
 func WriteToSessionUDP(conn *net.UDPConn, b []byte, session *SessionUDP) (int, error) {
 	n, err := conn.WriteTo(b, session.raddr)
 	return n, err
 }
-
-// TODO(fastest963): Once go1.10 is released and we can use *MsgUDP methods
-// use the standard method in udp.go for these.
-func setUDPSocketOptions(*net.UDPConn) error { return nil }
-func parseDstFromOOB([]byte, net.IP) net.IP  { return nil }

vendor/github.com/miekg/dns/version.go

@@ -1,15 +0,0 @@
-package dns
-
-import "fmt"
-
-// Version is current version of this library.
-var Version = V{1, 0, 8}
-
-// V holds the version of this library.
-type V struct {
-	Major, Minor, Patch int
-}
-
-func (v V) String() string {
-	return fmt.Sprintf("%d.%d.%d", v.Major, v.Minor, v.Patch)
-}

vendor/github.com/miekg/dns/zcompress.go

@@ -1,155 +1,119 @@
-// Code generated by "go run compress_generate.go"; DO NOT EDIT.
+// *** DO NOT MODIFY ***
+// AUTOGENERATED BY go generate from compress_generate.go
 
 package dns
 
-func compressionLenHelperType(c map[string]int, r RR, initLen int) int {
-	currentLen := initLen
+func compressionLenHelperType(c map[string]int, r RR) {
 	switch x := r.(type) {
 	case *AFSDB:
-		currentLen -= len(x.Hostname) + 1
-		currentLen += compressionLenHelper(c, x.Hostname, currentLen)
+		compressionLenHelper(c, x.Hostname)
 	case *CNAME:
-		currentLen -= len(x.Target) + 1
-		currentLen += compressionLenHelper(c, x.Target, currentLen)
+		compressionLenHelper(c, x.Target)
 	case *DNAME:
-		currentLen -= len(x.Target) + 1
-		currentLen += compressionLenHelper(c, x.Target, currentLen)
+		compressionLenHelper(c, x.Target)
 	case *HIP:
 		for i := range x.RendezvousServers {
-			currentLen -= len(x.RendezvousServers[i]) + 1
-		}
-		for i := range x.RendezvousServers {
-			currentLen += compressionLenHelper(c, x.RendezvousServers[i], currentLen)
+			compressionLenHelper(c, x.RendezvousServers[i])
 		}
 	case *KX:
-		currentLen -= len(x.Exchanger) + 1
-		currentLen += compressionLenHelper(c, x.Exchanger, currentLen)
+		compressionLenHelper(c, x.Exchanger)
 	case *LP:
-		currentLen -= len(x.Fqdn) + 1
-		currentLen += compressionLenHelper(c, x.Fqdn, currentLen)
+		compressionLenHelper(c, x.Fqdn)
 	case *MB:
-		currentLen -= len(x.Mb) + 1
-		currentLen += compressionLenHelper(c, x.Mb, currentLen)
+		compressionLenHelper(c, x.Mb)
 	case *MD:
-		currentLen -= len(x.Md) + 1
-		currentLen += compressionLenHelper(c, x.Md, currentLen)
+		compressionLenHelper(c, x.Md)
 	case *MF:
-		currentLen -= len(x.Mf) + 1
-		currentLen += compressionLenHelper(c, x.Mf, currentLen)
+		compressionLenHelper(c, x.Mf)
 	case *MG:
-		currentLen -= len(x.Mg) + 1
-		currentLen += compressionLenHelper(c, x.Mg, currentLen)
+		compressionLenHelper(c, x.Mg)
 	case *MINFO:
-		currentLen -= len(x.Rmail) + 1
-		currentLen += compressionLenHelper(c, x.Rmail, currentLen)
-		currentLen -= len(x.Email) + 1
-		currentLen += compressionLenHelper(c, x.Email, currentLen)
+		compressionLenHelper(c, x.Rmail)
+		compressionLenHelper(c, x.Email)
 	case *MR:
-		currentLen -= len(x.Mr) + 1
-		currentLen += compressionLenHelper(c, x.Mr, currentLen)
+		compressionLenHelper(c, x.Mr)
 	case *MX:
-		currentLen -= len(x.Mx) + 1
-		currentLen += compressionLenHelper(c, x.Mx, currentLen)
+		compressionLenHelper(c, x.Mx)
 	case *NAPTR:
-		currentLen -= len(x.Replacement) + 1
-		currentLen += compressionLenHelper(c, x.Replacement, currentLen)
+		compressionLenHelper(c, x.Replacement)
 	case *NS:
-		currentLen -= len(x.Ns) + 1
-		currentLen += compressionLenHelper(c, x.Ns, currentLen)
+		compressionLenHelper(c, x.Ns)
 	case *NSAPPTR:
-		currentLen -= len(x.Ptr) + 1
-		currentLen += compressionLenHelper(c, x.Ptr, currentLen)
+		compressionLenHelper(c, x.Ptr)
 	case *NSEC:
-		currentLen -= len(x.NextDomain) + 1
-		currentLen += compressionLenHelper(c, x.NextDomain, currentLen)
+		compressionLenHelper(c, x.NextDomain)
 	case *PTR:
-		currentLen -= len(x.Ptr) + 1
-		currentLen += compressionLenHelper(c, x.Ptr, currentLen)
+		compressionLenHelper(c, x.Ptr)
 	case *PX:
-		currentLen -= len(x.Map822) + 1
-		currentLen += compressionLenHelper(c, x.Map822, currentLen)
-		currentLen -= len(x.Mapx400) + 1
-		currentLen += compressionLenHelper(c, x.Mapx400, currentLen)
+		compressionLenHelper(c, x.Map822)
+		compressionLenHelper(c, x.Mapx400)
 	case *RP:
-		currentLen -= len(x.Mbox) + 1
-		currentLen += compressionLenHelper(c, x.Mbox, currentLen)
-		currentLen -= len(x.Txt) + 1
-		currentLen += compressionLenHelper(c, x.Txt, currentLen)
+		compressionLenHelper(c, x.Mbox)
+		compressionLenHelper(c, x.Txt)
 	case *RRSIG:
-		currentLen -= len(x.SignerName) + 1
-		currentLen += compressionLenHelper(c, x.SignerName, currentLen)
+		compressionLenHelper(c, x.SignerName)
 	case *RT:
-		currentLen -= len(x.Host) + 1
-		currentLen += compressionLenHelper(c, x.Host, currentLen)
+		compressionLenHelper(c, x.Host)
 	case *SIG:
-		currentLen -= len(x.SignerName) + 1
-		currentLen += compressionLenHelper(c, x.SignerName, currentLen)
+		compressionLenHelper(c, x.SignerName)
 	case *SOA:
-		currentLen -= len(x.Ns) + 1
-		currentLen += compressionLenHelper(c, x.Ns, currentLen)
-		currentLen -= len(x.Mbox) + 1
-		currentLen += compressionLenHelper(c, x.Mbox, currentLen)
+		compressionLenHelper(c, x.Ns)
+		compressionLenHelper(c, x.Mbox)
 	case *SRV:
-		currentLen -= len(x.Target) + 1
-		currentLen += compressionLenHelper(c, x.Target, currentLen)
+		compressionLenHelper(c, x.Target)
 	case *TALINK:
-		currentLen -= len(x.PreviousName) + 1
-		currentLen += compressionLenHelper(c, x.PreviousName, currentLen)
-		currentLen -= len(x.NextName) + 1
-		currentLen += compressionLenHelper(c, x.NextName, currentLen)
+		compressionLenHelper(c, x.PreviousName)
+		compressionLenHelper(c, x.NextName)
 	case *TKEY:
-		currentLen -= len(x.Algorithm) + 1
-		currentLen += compressionLenHelper(c, x.Algorithm, currentLen)
+		compressionLenHelper(c, x.Algorithm)
 	case *TSIG:
-		currentLen -= len(x.Algorithm) + 1
-		currentLen += compressionLenHelper(c, x.Algorithm, currentLen)
+		compressionLenHelper(c, x.Algorithm)
 	}
-	return currentLen - initLen
 }
 
-func compressionLenSearchType(c map[string]int, r RR) (int, bool, int) {
+func compressionLenSearchType(c map[string]int, r RR) (int, bool) {
 	switch x := r.(type) {
 	case *AFSDB:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Hostname)
-		return k1, ok1, sz1
+		k1, ok1 := compressionLenSearch(c, x.Hostname)
+		return k1, ok1
 	case *CNAME:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Target)
-		return k1, ok1, sz1
+		k1, ok1 := compressionLenSearch(c, x.Target)
+		return k1, ok1
 	case *MB:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Mb)
-		return k1, ok1, sz1
+		k1, ok1 := compressionLenSearch(c, x.Mb)
+		return k1, ok1
 	case *MD:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Md)
-		return k1, ok1, sz1
+		k1, ok1 := compressionLenSearch(c, x.Md)
+		return k1, ok1
 	case *MF:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Mf)
-		return k1, ok1, sz1
+		k1, ok1 := compressionLenSearch(c, x.Mf)
+		return k1, ok1
 	case *MG:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Mg)
-		return k1, ok1, sz1
+		k1, ok1 := compressionLenSearch(c, x.Mg)
+		return k1, ok1
 	case *MINFO:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Rmail)
-		k2, ok2, sz2 := compressionLenSearch(c, x.Email)
-		return k1 + k2, ok1 && ok2, sz1 + sz2
+		k1, ok1 := compressionLenSearch(c, x.Rmail)
+		k2, ok2 := compressionLenSearch(c, x.Email)
+		return k1 + k2, ok1 && ok2
 	case *MR:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Mr)
-		return k1, ok1, sz1
+		k1, ok1 := compressionLenSearch(c, x.Mr)
+		return k1, ok1
 	case *MX:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Mx)
-		return k1, ok1, sz1
+		k1, ok1 := compressionLenSearch(c, x.Mx)
+		return k1, ok1
 	case *NS:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Ns)
-		return k1, ok1, sz1
+		k1, ok1 := compressionLenSearch(c, x.Ns)
+		return k1, ok1
 	case *PTR:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Ptr)
-		return k1, ok1, sz1
+		k1, ok1 := compressionLenSearch(c, x.Ptr)
+		return k1, ok1
 	case *RT:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Host)
-		return k1, ok1, sz1
+		k1, ok1 := compressionLenSearch(c, x.Host)
+		return k1, ok1
 	case *SOA:
-		k1, ok1, sz1 := compressionLenSearch(c, x.Ns)
-		k2, ok2, sz2 := compressionLenSearch(c, x.Mbox)
-		return k1 + k2, ok1 && ok2, sz1 + sz2
+		k1, ok1 := compressionLenSearch(c, x.Ns)
+		k2, ok2 := compressionLenSearch(c, x.Mbox)
+		return k1 + k2, ok1 && ok2
 	}
-	return 0, false, 0
+	return 0, false
 }

vendor/github.com/miekg/dns/zmsg.go

@@ -1,4 +1,5 @@
-// Code generated by "go run msg_generate.go"; DO NOT EDIT.
+// *** DO NOT MODIFY ***
+// AUTOGENERATED BY go generate from msg_generate.go
 
 package dns
 

vendor/github.com/miekg/dns/ztypes.go

@@ -1,4 +1,5 @@
-// Code generated by "go run types_generate.go"; DO NOT EDIT.
+// *** DO NOT MODIFY ***
+// AUTOGENERATED BY go generate from types_generate.go
 
 package dns
 
@@ -347,7 +348,7 @@ func (rr *HIP) len() int {
 	l++    // HitLength
 	l++    // PublicKeyAlgorithm
 	l += 2 // PublicKeyLength
-	l += len(rr.Hit) / 2
+	l += len(rr.Hit)/2 + 1
 	l += base64.StdEncoding.DecodedLen(len(rr.PublicKey))
 	for _, x := range rr.RendezvousServers {
 		l += len(x) + 1
@@ -470,7 +471,7 @@ func (rr *NSEC3PARAM) len() int {
 	l++    // Flags
 	l += 2 // Iterations
 	l++    // SaltLength
-	l += len(rr.Salt) / 2
+	l += len(rr.Salt)/2 + 1
 	return l
 }
 func (rr *OPENPGPKEY) len() int {
@@ -591,9 +592,9 @@ func (rr *TKEY) len() int {
 	l += 2 // Mode
 	l += 2 // Error
 	l += 2 // KeySize
-	l += len(rr.Key) / 2
+	l += len(rr.Key) + 1
 	l += 2 // OtherLen
-	l += len(rr.OtherData) / 2
+	l += len(rr.OtherData) + 1
 	return l
 }
 func (rr *TLSA) len() int {
@@ -610,11 +611,11 @@ func (rr *TSIG) len() int {
 	l += 6 // TimeSigned
 	l += 2 // Fudge
 	l += 2 // MACSize
-	l += len(rr.MAC) / 2
+	l += len(rr.MAC)/2 + 1
 	l += 2 // OrigId
 	l += 2 // Error
 	l += 2 // OtherLen
-	l += len(rr.OtherData) / 2
+	l += len(rr.OtherData)/2 + 1
 	return l
 }
 func (rr *TXT) len() int {
@@ -649,215 +650,215 @@ func (rr *X25) len() int {
 
 // copy() functions
 func (rr *A) copy() RR {
-	return &A{rr.Hdr, copyIP(rr.A)}
+	return &A{*rr.Hdr.copyHeader(), copyIP(rr.A)}
 }
 func (rr *AAAA) copy() RR {
-	return &AAAA{rr.Hdr, copyIP(rr.AAAA)}
+	return &AAAA{*rr.Hdr.copyHeader(), copyIP(rr.AAAA)}
 }
 func (rr *AFSDB) copy() RR {
-	return &AFSDB{rr.Hdr, rr.Subtype, rr.Hostname}
+	return &AFSDB{*rr.Hdr.copyHeader(), rr.Subtype, rr.Hostname}
 }
 func (rr *ANY) copy() RR {
-	return &ANY{rr.Hdr}
+	return &ANY{*rr.Hdr.copyHeader()}
 }
 func (rr *AVC) copy() RR {
 	Txt := make([]string, len(rr.Txt))
 	copy(Txt, rr.Txt)
-	return &AVC{rr.Hdr, Txt}
+	return &AVC{*rr.Hdr.copyHeader(), Txt}
 }
 func (rr *CAA) copy() RR {
-	return &CAA{rr.Hdr, rr.Flag, rr.Tag, rr.Value}
+	return &CAA{*rr.Hdr.copyHeader(), rr.Flag, rr.Tag, rr.Value}
 }
 func (rr *CERT) copy() RR {
-	return &CERT{rr.Hdr, rr.Type, rr.KeyTag, rr.Algorithm, rr.Certificate}
+	return &CERT{*rr.Hdr.copyHeader(), rr.Type, rr.KeyTag, rr.Algorithm, rr.Certificate}
 }
 func (rr *CNAME) copy() RR {
-	return &CNAME{rr.Hdr, rr.Target}
+	return &CNAME{*rr.Hdr.copyHeader(), rr.Target}
 }
 func (rr *CSYNC) copy() RR {
 	TypeBitMap := make([]uint16, len(rr.TypeBitMap))
 	copy(TypeBitMap, rr.TypeBitMap)
-	return &CSYNC{rr.Hdr, rr.Serial, rr.Flags, TypeBitMap}
+	return &CSYNC{*rr.Hdr.copyHeader(), rr.Serial, rr.Flags, TypeBitMap}
 }
 func (rr *DHCID) copy() RR {
-	return &DHCID{rr.Hdr, rr.Digest}
+	return &DHCID{*rr.Hdr.copyHeader(), rr.Digest}
 }
 func (rr *DNAME) copy() RR {
-	return &DNAME{rr.Hdr, rr.Target}
+	return &DNAME{*rr.Hdr.copyHeader(), rr.Target}
 }
 func (rr *DNSKEY) copy() RR {
-	return &DNSKEY{rr.Hdr, rr.Flags, rr.Protocol, rr.Algorithm, rr.PublicKey}
+	return &DNSKEY{*rr.Hdr.copyHeader(), rr.Flags, rr.Protocol, rr.Algorithm, rr.PublicKey}
 }
 func (rr *DS) copy() RR {
-	return &DS{rr.Hdr, rr.KeyTag, rr.Algorithm, rr.DigestType, rr.Digest}
+	return &DS{*rr.Hdr.copyHeader(), rr.KeyTag, rr.Algorithm, rr.DigestType, rr.Digest}
 }
 func (rr *EID) copy() RR {
-	return &EID{rr.Hdr, rr.Endpoint}
+	return &EID{*rr.Hdr.copyHeader(), rr.Endpoint}
 }
 func (rr *EUI48) copy() RR {
-	return &EUI48{rr.Hdr, rr.Address}
+	return &EUI48{*rr.Hdr.copyHeader(), rr.Address}
 }
 func (rr *EUI64) copy() RR {
-	return &EUI64{rr.Hdr, rr.Address}
+	return &EUI64{*rr.Hdr.copyHeader(), rr.Address}
 }
 func (rr *GID) copy() RR {
-	return &GID{rr.Hdr, rr.Gid}
+	return &GID{*rr.Hdr.copyHeader(), rr.Gid}
 }
 func (rr *GPOS) copy() RR {
-	return &GPOS{rr.Hdr, rr.Longitude, rr.Latitude, rr.Altitude}
+	return &GPOS{*rr.Hdr.copyHeader(), rr.Longitude, rr.Latitude, rr.Altitude}
 }
 func (rr *HINFO) copy() RR {
-	return &HINFO{rr.Hdr, rr.Cpu, rr.Os}
+	return &HINFO{*rr.Hdr.copyHeader(), rr.Cpu, rr.Os}
 }
 func (rr *HIP) copy() RR {
 	RendezvousServers := make([]string, len(rr.RendezvousServers))
 	copy(RendezvousServers, rr.RendezvousServers)
-	return &HIP{rr.Hdr, rr.HitLength, rr.PublicKeyAlgorithm, rr.PublicKeyLength, rr.Hit, rr.PublicKey, RendezvousServers}
+	return &HIP{*rr.Hdr.copyHeader(), rr.HitLength, rr.PublicKeyAlgorithm, rr.PublicKeyLength, rr.Hit, rr.PublicKey, RendezvousServers}
 }
 func (rr *KX) copy() RR {
-	return &KX{rr.Hdr, rr.Preference, rr.Exchanger}
+	return &KX{*rr.Hdr.copyHeader(), rr.Preference, rr.Exchanger}
 }
 func (rr *L32) copy() RR {
-	return &L32{rr.Hdr, rr.Preference, copyIP(rr.Locator32)}
+	return &L32{*rr.Hdr.copyHeader(), rr.Preference, copyIP(rr.Locator32)}
 }
 func (rr *L64) copy() RR {
-	return &L64{rr.Hdr, rr.Preference, rr.Locator64}
+	return &L64{*rr.Hdr.copyHeader(), rr.Preference, rr.Locator64}
 }
 func (rr *LOC) copy() RR {
-	return &LOC{rr.Hdr, rr.Version, rr.Size, rr.HorizPre, rr.VertPre, rr.Latitude, rr.Longitude, rr.Altitude}
+	return &LOC{*rr.Hdr.copyHeader(), rr.Version, rr.Size, rr.HorizPre, rr.VertPre, rr.Latitude, rr.Longitude, rr.Altitude}
 }
 func (rr *LP) copy() RR {
-	return &LP{rr.Hdr, rr.Preference, rr.Fqdn}
+	return &LP{*rr.Hdr.copyHeader(), rr.Preference, rr.Fqdn}
 }
 func (rr *MB) copy() RR {
-	return &MB{rr.Hdr, rr.Mb}
+	return &MB{*rr.Hdr.copyHeader(), rr.Mb}
 }
 func (rr *MD) copy() RR {
-	return &MD{rr.Hdr, rr.Md}
+	return &MD{*rr.Hdr.copyHeader(), rr.Md}
 }
 func (rr *MF) copy() RR {
-	return &MF{rr.Hdr, rr.Mf}
+	return &MF{*rr.Hdr.copyHeader(), rr.Mf}
 }
 func (rr *MG) copy() RR {
-	return &MG{rr.Hdr, rr.Mg}
+	return &MG{*rr.Hdr.copyHeader(), rr.Mg}
 }
 func (rr *MINFO) copy() RR {
-	return &MINFO{rr.Hdr, rr.Rmail, rr.Email}
+	return &MINFO{*rr.Hdr.copyHeader(), rr.Rmail, rr.Email}
 }
 func (rr *MR) copy() RR {
-	return &MR{rr.Hdr, rr.Mr}
+	return &MR{*rr.Hdr.copyHeader(), rr.Mr}
 }
 func (rr *MX) copy() RR {
-	return &MX{rr.Hdr, rr.Preference, rr.Mx}
+	return &MX{*rr.Hdr.copyHeader(), rr.Preference, rr.Mx}
 }
 func (rr *NAPTR) copy() RR {
-	return &NAPTR{rr.Hdr, rr.Order, rr.Preference, rr.Flags, rr.Service, rr.Regexp, rr.Replacement}
+	return &NAPTR{*rr.Hdr.copyHeader(), rr.Order, rr.Preference, rr.Flags, rr.Service, rr.Regexp, rr.Replacement}
 }
 func (rr *NID) copy() RR {
-	return &NID{rr.Hdr, rr.Preference, rr.NodeID}
+	return &NID{*rr.Hdr.copyHeader(), rr.Preference, rr.NodeID}
 }
 func (rr *NIMLOC) copy() RR {
-	return &NIMLOC{rr.Hdr, rr.Locator}
+	return &NIMLOC{*rr.Hdr.copyHeader(), rr.Locator}
 }
 func (rr *NINFO) copy() RR {
 	ZSData := make([]string, len(rr.ZSData))
 	copy(ZSData, rr.ZSData)
-	return &NINFO{rr.Hdr, ZSData}
+	return &NINFO{*rr.Hdr.copyHeader(), ZSData}
 }
 func (rr *NS) copy() RR {
-	return &NS{rr.Hdr, rr.Ns}
+	return &NS{*rr.Hdr.copyHeader(), rr.Ns}
 }
 func (rr *NSAPPTR) copy() RR {
-	return &NSAPPTR{rr.Hdr, rr.Ptr}
+	return &NSAPPTR{*rr.Hdr.copyHeader(), rr.Ptr}
 }
 func (rr *NSEC) copy() RR {
 	TypeBitMap := make([]uint16, len(rr.TypeBitMap))
 	copy(TypeBitMap, rr.TypeBitMap)
-	return &NSEC{rr.Hdr, rr.NextDomain, TypeBitMap}
+	return &NSEC{*rr.Hdr.copyHeader(), rr.NextDomain, TypeBitMap}
 }
 func (rr *NSEC3) copy() RR {
 	TypeBitMap := make([]uint16, len(rr.TypeBitMap))
 	copy(TypeBitMap, rr.TypeBitMap)
-	return &NSEC3{rr.Hdr, rr.Hash, rr.Flags, rr.Iterations, rr.SaltLength, rr.Salt, rr.HashLength, rr.NextDomain, TypeBitMap}
+	return &NSEC3{*rr.Hdr.copyHeader(), rr.Hash, rr.Flags, rr.Iterations, rr.SaltLength, rr.Salt, rr.HashLength, rr.NextDomain, TypeBitMap}
 }
 func (rr *NSEC3PARAM) copy() RR {
-	return &NSEC3PARAM{rr.Hdr, rr.Hash, rr.Flags, rr.Iterations, rr.SaltLength, rr.Salt}
+	return &NSEC3PARAM{*rr.Hdr.copyHeader(), rr.Hash, rr.Flags, rr.Iterations, rr.SaltLength, rr.Salt}
 }
 func (rr *OPENPGPKEY) copy() RR {
-	return &OPENPGPKEY{rr.Hdr, rr.PublicKey}
+	return &OPENPGPKEY{*rr.Hdr.copyHeader(), rr.PublicKey}
 }
 func (rr *OPT) copy() RR {
 	Option := make([]EDNS0, len(rr.Option))
 	copy(Option, rr.Option)
-	return &OPT{rr.Hdr, Option}
+	return &OPT{*rr.Hdr.copyHeader(), Option}
 }
 func (rr *PTR) copy() RR {
-	return &PTR{rr.Hdr, rr.Ptr}
+	return &PTR{*rr.Hdr.copyHeader(), rr.Ptr}
 }
 func (rr *PX) copy() RR {
-	return &PX{rr.Hdr, rr.Preference, rr.Map822, rr.Mapx400}
+	return &PX{*rr.Hdr.copyHeader(), rr.Preference, rr.Map822, rr.Mapx400}
 }
 func (rr *RFC3597) copy() RR {
-	return &RFC3597{rr.Hdr, rr.Rdata}
+	return &RFC3597{*rr.Hdr.copyHeader(), rr.Rdata}
 }
 func (rr *RKEY) copy() RR {
-	return &RKEY{rr.Hdr, rr.Flags, rr.Protocol, rr.Algorithm, rr.PublicKey}
+	return &RKEY{*rr.Hdr.copyHeader(), rr.Flags, rr.Protocol, rr.Algorithm, rr.PublicKey}
 }
 func (rr *RP) copy() RR {
-	return &RP{rr.Hdr, rr.Mbox, rr.Txt}
+	return &RP{*rr.Hdr.copyHeader(), rr.Mbox, rr.Txt}
 }
 func (rr *RRSIG) copy() RR {
-	return &RRSIG{rr.Hdr, rr.TypeCovered, rr.Algorithm, rr.Labels, rr.OrigTtl, rr.Expiration, rr.Inception, rr.KeyTag, rr.SignerName, rr.Signature}
+	return &RRSIG{*rr.Hdr.copyHeader(), rr.TypeCovered, rr.Algorithm, rr.Labels, rr.OrigTtl, rr.Expiration, rr.Inception, rr.KeyTag, rr.SignerName, rr.Signature}
 }
 func (rr *RT) copy() RR {
-	return &RT{rr.Hdr, rr.Preference, rr.Host}
+	return &RT{*rr.Hdr.copyHeader(), rr.Preference, rr.Host}
 }
 func (rr *SMIMEA) copy() RR {
-	return &SMIMEA{rr.Hdr, rr.Usage, rr.Selector, rr.MatchingType, rr.Certificate}
+	return &SMIMEA{*rr.Hdr.copyHeader(), rr.Usage, rr.Selector, rr.MatchingType, rr.Certificate}
 }
 func (rr *SOA) copy() RR {
-	return &SOA{rr.Hdr, rr.Ns, rr.Mbox, rr.Serial, rr.Refresh, rr.Retry, rr.Expire, rr.Minttl}
+	return &SOA{*rr.Hdr.copyHeader(), rr.Ns, rr.Mbox, rr.Serial, rr.Refresh, rr.Retry, rr.Expire, rr.Minttl}
 }
 func (rr *SPF) copy() RR {
 	Txt := make([]string, len(rr.Txt))
 	copy(Txt, rr.Txt)
-	return &SPF{rr.Hdr, Txt}
+	return &SPF{*rr.Hdr.copyHeader(), Txt}
 }
 func (rr *SRV) copy() RR {
-	return &SRV{rr.Hdr, rr.Priority, rr.Weight, rr.Port, rr.Target}
+	return &SRV{*rr.Hdr.copyHeader(), rr.Priority, rr.Weight, rr.Port, rr.Target}
 }
 func (rr *SSHFP) copy() RR {
-	return &SSHFP{rr.Hdr, rr.Algorithm, rr.Type, rr.FingerPrint}
+	return &SSHFP{*rr.Hdr.copyHeader(), rr.Algorithm, rr.Type, rr.FingerPrint}
 }
 func (rr *TA) copy() RR {
-	return &TA{rr.Hdr, rr.KeyTag, rr.Algorithm, rr.DigestType, rr.Digest}
+	return &TA{*rr.Hdr.copyHeader(), rr.KeyTag, rr.Algorithm, rr.DigestType, rr.Digest}
 }
 func (rr *TALINK) copy() RR {
-	return &TALINK{rr.Hdr, rr.PreviousName, rr.NextName}
+	return &TALINK{*rr.Hdr.copyHeader(), rr.PreviousName, rr.NextName}
 }
 func (rr *TKEY) copy() RR {
-	return &TKEY{rr.Hdr, rr.Algorithm, rr.Inception, rr.Expiration, rr.Mode, rr.Error, rr.KeySize, rr.Key, rr.OtherLen, rr.OtherData}
+	return &TKEY{*rr.Hdr.copyHeader(), rr.Algorithm, rr.Inception, rr.Expiration, rr.Mode, rr.Error, rr.KeySize, rr.Key, rr.OtherLen, rr.OtherData}
 }
 func (rr *TLSA) copy() RR {
-	return &TLSA{rr.Hdr, rr.Usage, rr.Selector, rr.MatchingType, rr.Certificate}
+	return &TLSA{*rr.Hdr.copyHeader(), rr.Usage, rr.Selector, rr.MatchingType, rr.Certificate}
 }
 func (rr *TSIG) copy() RR {
-	return &TSIG{rr.Hdr, rr.Algorithm, rr.TimeSigned, rr.Fudge, rr.MACSize, rr.MAC, rr.OrigId, rr.Error, rr.OtherLen, rr.OtherData}
+	return &TSIG{*rr.Hdr.copyHeader(), rr.Algorithm, rr.TimeSigned, rr.Fudge, rr.MACSize, rr.MAC, rr.OrigId, rr.Error, rr.OtherLen, rr.OtherData}
 }
 func (rr *TXT) copy() RR {
 	Txt := make([]string, len(rr.Txt))
 	copy(Txt, rr.Txt)
-	return &TXT{rr.Hdr, Txt}
+	return &TXT{*rr.Hdr.copyHeader(), Txt}
 }
 func (rr *UID) copy() RR {
-	return &UID{rr.Hdr, rr.Uid}
+	return &UID{*rr.Hdr.copyHeader(), rr.Uid}
 }
 func (rr *UINFO) copy() RR {
-	return &UINFO{rr.Hdr, rr.Uinfo}
+	return &UINFO{*rr.Hdr.copyHeader(), rr.Uinfo}
 }
 func (rr *URI) copy() RR {
-	return &URI{rr.Hdr, rr.Priority, rr.Weight, rr.Target}
+	return &URI{*rr.Hdr.copyHeader(), rr.Priority, rr.Weight, rr.Target}
 }
 func (rr *X25) copy() RR {
-	return &X25{rr.Hdr, rr.PSDNAddress}
+	return &X25{*rr.Hdr.copyHeader(), rr.PSDNAddress}
 }