CoreVersion needs to be documented for golint, but we can't use too much
text because we grep this file for the coredns version.

* move flag blacklisting to main

Doing it in init() is the wrong place or something else changed. Doing
it in main() makes it easy to see *when* this happens.

* keep trapsignals

* plugin/forward: add out of tree forward plugin

This is a simpler proxy than *proxy*, include by default so it is easier
to switch (i.e. no recompile). It lacks features compared to proxy (did I
say it was simpler), but does cache udp and tcp connection, so it is
faster than proxy.

* Muck with the makefile

* Versioning forward now

Enable this Caddy plugin by default. Docs will go up coredns.io for this
as well.

See https://caddyserver.com/docs/on

These test cases became invalid with the fix of message truncation and
don't validate anything.

* Fix truncation of messages longer than permitted by the client

CoreDNS currently doesn't respect the maximum response size advertised
by the client and returns the full answer on a message with the TC bit
set. This breaks client implementations which rely on DNS servers
respecting the advertised size limit, for example the Ruby stdlib
client. It also has negative network performance implications, as large
messages will be split up into multiple UDP packets, even though the
client will discard the truncated response anyway.

While RFC 2181 permits the response of partial RRSets, finding the
correct number of records fitting into the advertised response size is
non-trivial. As clients should ignore truncated messages, this change
simply removes the full RRSet on truncated messages.

* Remove incorrect etcd test assertion

If a client requests a TXT record larger than its advertised buffer
size, a DNS server should _not_ respond with the answer, but truncate
the message and set the TC bit, so that the client can retry using TCP.

In order to track the rollout status of CoreDNS versions, add the common
build_info metric.

See #1400 and the discussion in that bug.

Fixes #1400

Fix the error handling. Log when we have an error during any of the
transfer state. And if there isn't an error transfer the zones.

Also fix the tests in test/ so we, at least, check the initial transfer.

Update the docs to show more about how errors are handled.

Ref #1400

Ignore most of the source code - this should lead to smaller docker
images.

Due to the one-off nature of releases 1.0.4 we need to manually bump
the version in master.

Resolves: #1313

* plugin/dnssec: filter bitmap also for NXDOMAIN responses

We change nxdomain to nodata, so at the point when we receive the
reply it can be nxdomain or nodata. In both cases we should filter the
nsec bitmap.

Change the code and add explicit tests for this.

* More tests

* plugin/health: add lameduck mode

Add a way to configure lameduck more, i.e. set health to false, stop
polling plugins. Then wait for a duration before shutting down. As the
health middleware is configured early on in the plugin list, it will
hold up all other shutdown, meaning we still answer queries.

* Add New

* More tests

* golint

* remove confusing text

* plugin/dnssec: check validityperiod of RRSIGs

Somehow we missed implementing this. If a sig a retrieved from the
cache, but not valid anymore, regenerate it instead of server invalid
signatures.

Fixes #1378

* drop from cache after 3/4 validity

* six days means 6 days

* Improve plugin/cache metrics

* Add coredns_cache_prefetch_total metric to track number of prefetches.
* Remove unnecessary Cache.get() call which would incorrectly increment
  cache counters.
* Initialize all counters and gauges at zero.

* Allow prefetching of a single request per ttl

The original implementation didn't allow prefetching queries which are
only requested once during the duration of a TTL. The minimum amount of
queries which had to be seen was therefore capped at 2.

This change also implements a real prefetch test. The existing test was
a noop and always passed regardless of any prefetch implementation.

* Fix prefetching for items with a short TTL

The default prefetch threshold (percentage) is 10% of the lifetime of a
cache item. With the previous implementation, this disabled prefetching
for all items with a TTL < 10s (the resulting percentage would be 0, at
which point a cached item is already discarded).

This change uses a time based threshold calculation and ensures that
a prefetch is triggered at a TTL of 1 at the latest.

* Fix wrong duration reporting of cached responses

The logging and metrics plugins (among others) included the duration of
a cache prefetch in the request latency of client request. This change
fixes this wrong reporting and executes the prefetch request in a
goroutine in the background.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

This fix is an enhancement of external plugin enabling.
Previously, it was already able to build a customerized
coredns with plugins enabled selectively, without changing
coredns source code. However, all default plugins are
actually bundled because of the import rule:
```
"github.com/coredns/coredns/coremain"
```

The issue is best described with the following:
```
root@localhost:/go/src/github.com/coredns/coredns/sample# cat sample.go
package main

import (
        _ "github.com/coredns/forward"

        "github.com/coredns/coredns/coremain"
        "github.com/coredns/coredns/core/dnsserver"
)

var directives = []string{
        "forward",
        "startup",
        "shutdown",
}

func init() {
        dnsserver.Directives = directives
}

func main() {
        coremain.Run()
}
root@localhost:/go/src/github.com/coredns/coredns/sample#
root@localhost:/go/src/github.com/coredns/coredns/sample# go build -v sample.go
root@localhost:/go/src/github.com/coredns/coredns/sample# ./sample -plugins
root@localhost:/go/src/github.com/coredns/coredns/sample# ./sample -plugins
Server types:
  dns

Caddyfile loaders:
  flag
  default

Other plugins:
  dns.auto
  dns.autopath
  dns.bind
  dns.cache
  dns.chaos
  dns.debug
  dns.dnssec
  dns.dnstap
  dns.erratic
  dns.errors
  dns.etcd
  dns.federation
  dns.file
  dns.forward
  dns.health
  dns.hosts
  dns.kubernetes
  dns.loadbalance
  dns.log
  dns.nsid
  dns.pprof
  dns.prometheus
  dns.proxy
  dns.reverse
  dns.rewrite
  dns.root
  dns.route53
  dns.secondary
  dns.template
....
```

This fix moves zplugins.go to a different package/directory so that
it is possible to "only import plugins as needed".

The following is the new output after this fix:
```
root@localhost:/go/src/github.com/coredns/coredns/sample# ./sample -plugins
Server types:
  dns

Caddyfile loaders:
  flag
  default

Other plugins:
  dns.forward
  dns.prometheus
  shutdown
  startup

root@localhost:/go/src/github.com/coredns/coredns/sample#
```
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Update vendor
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Add route53 plugin

This fix adds route53 plugin so that it is possible to
query route53 record through CoreDNS.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

SOA records are returned in the authority section, not as answer.

The original ServergRPC.Listen() method returns a tls.Listener
when tls protocol is specified. Unfortunate, tls.Listener
does not implement the caddy.Listener interface that is
needed for graceful restart to work.

The change is to have the ServergRPC.Listen() method returns the
inner net.Listener instead. The creation of the tls.Listener
is deferred to the ServergRPC.Serve() method.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

Minor textual cleanup.

The cache plugin always returned a minimum TTL of 5 seconds, regardless
of the actual TTL of the records. A cache is not authoritative for the
record TTL and should not extend it.

Minor textual cleanup.

More minor textual fixes.

Fixing a couple of small textual problems.

Just some textual cleanup:  A few misspellings and a few clarifications.

The changes in this fix have:
1. checkout master branch of dependencies (non-branch will trigger an error with go get -u)
2. go get -u
3. checkout specific versioon (not necessary a branch).
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>