Merge pull request #4346 from mind04/anytotcp

change default for any-to-tcp to yes

docs/markdown/authoritative/settings.md

@@ -69,11 +69,11 @@ always receive a notification. Even if they do not match the list in
 
 ## `any-to-tcp`
 * Boolean
-* Default: no
+* Default: yes (no, in <= 4.0.1)
 * Available since: 3.3
 
-Answer questions for the ANY and RRSIG types on UDP with a truncated packet that
-refers the remote server to TCP. Useful for mitigating reflection attacks.
+Answer questions for the ANY on UDP with a truncated packet that refers the
+remote server to TCP. Useful for mitigating reflection attacks.
 
 ## `api`
 * Boolean

modules/geoipbackend/regression-tests/static-any-resolution/command

@@ -1,3 +1,3 @@
 #!/bin/sh
-cleandig geo.example.com ANY
+cleandig geo.example.com ANY tcp
 

pdns/common_startup.cc

@@ -128,7 +128,7 @@ void declareArguments()
   ::arg().setSwitch("webserver","Start a webserver for monitoring")="no"; 
   ::arg().setSwitch("webserver-print-arguments","If the webserver should print arguments")="no"; 
   ::arg().setSwitch("edns-subnet-processing","If we should act on EDNS Subnet options")="no"; 
-  ::arg().setSwitch("any-to-tcp","Answer ANY queries with tc=1, shunting to TCP")="no"; 
+  ::arg().setSwitch("any-to-tcp","Answer ANY queries with tc=1, shunting to TCP")="yes"; 
   ::arg().set("webserver-address","IP Address of webserver to listen on")="127.0.0.1";
   ::arg().set("webserver-port","Port of webserver to listen on")="8081";
   ::arg().set("webserver-password","Password required for accessing the webserver")="";

regression-tests/backends/gmysql-master

@@ -23,9 +23,11 @@ gmysql-dbname=$GMYSQLDB
 gmysql-user=$GMYSQLUSER
 gmysql-host=$GMYSQLHOST
 gmysql-password=$GMYSQLPASSWD
+
+any-to-tcp=no
 __EOF__
 
-		gsql_master gmysql
+		gsql_master gmysql dyndns
 		;;
 
 	*)

regression-tests/tests/any-nxdomain/command

@@ -1,4 +1,4 @@
 #!/bin/sh
 
-cleandig nxdomain.example.com ANY dnssec
+cleandig nxdomain.example.com ANY dnssec tcp
 

regression-tests/tests/any-query/command

@@ -1,3 +1,3 @@
 #!/bin/sh
-SDIGBUFSIZE=32768 cleandig example.com ANY
+SDIGBUFSIZE=32768 cleandig example.com ANY tcp
 

regression-tests/tests/any-to-tcp-query/command

@@ -0,0 +1,3 @@
+#!/bin/sh
+SDIGBUFSIZE=32768 cleandig example.com ANY
+

regression-tests/tests/any-to-tcp-query/description

@@ -0,0 +1 @@
+An udp ANY query should return TC=1

regression-tests/tests/any-to-tcp-query/expected_result

@@ -0,0 +1,3 @@
+2	.	IN	OPT	0	
+Rcode: 0 (No Error), RD: 0, QR: 1, TC: 1, AA: 1, opcode: 0
+Reply to question for qname='example.com.', qtype=ANY

regression-tests/tests/any-wildcard-dnssec/command

@@ -1,4 +1,4 @@
 #!/bin/sh
 
-cleandig www.something.wtest.com ANY dnssec
+cleandig www.something.wtest.com ANY dnssec tcp
 

regression-tests/tests/any-wildcard/command

@@ -1,4 +1,4 @@
 #!/bin/sh
 
-cleandig www.something.wtest.com ANY
+cleandig www.something.wtest.com ANY tcp
 

regression-tests/tests/cname-to-nxdomain-any/command

@@ -1,3 +1,3 @@
 #!/bin/sh
-cleandig nxd.example.com ANY dnssec
+cleandig nxd.example.com ANY dnssec tcp
 

regression-tests/tests/cname-to-unauth-any/command

@@ -1,3 +1,2 @@
 #!/bin/sh
-cleandig unauth.example.com ANY dnssec
-
+cleandig unauth.example.com ANY dnssec tcp

regression-tests/tests/ent-any/command

@@ -1,2 +1,2 @@
 #!/bin/sh
-cleandig c.test.com ANY dnssec showflags
+cleandig c.test.com ANY dnssec tcp showflags