From: Otto Moerbeek Date: Mon, 24 Jun 2024 13:56:10 +0000 (+0200) Subject: Prep for rec-5.1.0-rc1 X-Git-Tag: rec-5.2.0-alpha1~221^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F14377%2Fhead;p=thirdparty%2Fpdns.git Prep for rec-5.1.0-rc1 --- diff --git a/.github/actions/spell-check/expect.txt b/.github/actions/spell-check/expect.txt index cd77ab8d20..9208e86cd1 100644 --- a/.github/actions/spell-check/expect.txt +++ b/.github/actions/spell-check/expect.txt @@ -391,6 +391,7 @@ elgoog endbr Enden enp +Ensar ent envoutput epel diff --git a/docs/secpoll.zone b/docs/secpoll.zone index 0868960b34..786b693689 100644 --- a/docs/secpoll.zone +++ b/docs/secpoll.zone @@ -1,4 +1,4 @@ -@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2024062000 10800 3600 604800 10800 +@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2024062501 10800 3600 604800 10800 @ 3600 IN NS pdns-public-ns1.powerdns.com. @ 3600 IN NS pdns-public-ns2.powerdns.com. @@ -386,7 +386,8 @@ recursor-5.0.4.security-status 60 IN TXT "1 OK" recursor-5.0.5.security-status 60 IN TXT "1 OK" recursor-5.0.6.security-status 60 IN TXT "1 OK" recursor-5.1.0-alpha1.security-status 60 IN TXT "2 Superseded pre-release" -recursor-5.1.0-beta1.security-status 60 IN TXT "1 Unsupported pre-release" +recursor-5.1.0-beta1.security-status 60 IN TXT "2 Superseded pre-release" +recursor-5.1.0-rc1.security-status 60 IN TXT "1 Unsupported pre-release" ; Recursor Debian recursor-3.6.2-2.debian.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2015-01/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/" diff --git a/pdns/recursordist/docs/changelog/5.1.rst b/pdns/recursordist/docs/changelog/5.1.rst index c4dc952bd0..168c94e302 100644 --- a/pdns/recursordist/docs/changelog/5.1.rst +++ b/pdns/recursordist/docs/changelog/5.1.rst @@ -3,6 +3,68 @@ Changelogs for 5.1.X Before upgrading, it is advised to read the :doc:`../upgrade`. +.. changelog:: + :version: 5.1.0-rc1 + :released: 25th of June 2024 + + .. change:: + :tags: Bug Fixes + :pullreq: 14373 + :tickets: 14362 + + Don't send double SOA record in the case of a dns64 CNAME that does not resolve. + + .. change:: + :tags: Improvements + :pullreq: 14265,14374 + :tickets: 13935 + + Allow recursor.conf file to contain YAML to ease transition to YAML config. + + .. change:: + :tags: Improvements + :pullreq: 14318 + + Add nsName into outgoing protobuf request/response messages. + + .. change:: + :tags: Bug Fixes + :pullreq: 14359 + :tickets: 14356 + + dns.cc: use pdns::views::UnsignedCharView. + + .. change:: + :tags: Bug Fixes + :pullreq: 14346 + :tickets: 13021 + + Fix TCP case for policy tags set by gettag(_ffi). + + .. change:: + :tags: Bug Fixes + :pullreq: 14340 + + Fix client remotes count when using proxy protocol. + + .. change:: + :tags: Improvements + :pullreq: 14312 + + Do not add UDR field to outgoingProtobuf answer messages + + .. change:: + :tags: Improvements + :pullreq: 14275 + + Add options for ignoring domains for UDR purposes (Ensar Sarajčić). + + .. change:: + :tags: Improvements + :pullreq: 14309 + + Make max CNAME chain length handled settable, previously fixed at 10. + .. changelog:: :version: 5.1.0-beta1 :released: 6th of June 2024 diff --git a/pdns/recursordist/docs/upgrade.rst b/pdns/recursordist/docs/upgrade.rst index d797f76f78..236519f0e7 100644 --- a/pdns/recursordist/docs/upgrade.rst +++ b/pdns/recursordist/docs/upgrade.rst @@ -7,6 +7,9 @@ When upgrading several versions, please read **all** notes applying to the upgra 5.0.6 to 5.1.0 and master ------------------------- +The recursor.conf configuration file may contain YAML configuration syntax and new installs using our packages from repo.powerdns.com will install a configuration file using YAML syntax. +Note to third-party package maintainers: please start doing the same. + New settings ^^^^^^^^^^^^ @@ -17,6 +20,9 @@ New settings - The :ref:`setting-system-resolver-interval` setting has been introduced to set the interval of resolve checks done by the system resolver. - The :ref:`setting-system-resolver-self-resolve-check` setting has been introduced to disable to discovery of self-resolving configurations. - The :ref:`setting-max-chain-length` setting has been introduced to limit the maximum number of queries that can be attached to an outgoing request chain. +- The :ref:`setting-max-cnames-followed` setting has been introduced to limit the length of CNAME chains followed. Previously this limit was fixed at 10. +- The :ref:`setting-new-domain-ignore-list-file`, :ref:`setting-unique-response-ignore-list` and :ref:`setting-unique-response-ignore-list-file` settings have been introduced to filter names reported by the NOD and UDR subsystems. + Changed settings ^^^^^^^^^^^^^^^^ diff --git a/pdns/recursordist/settings/table.py b/pdns/recursordist/settings/table.py index 9255c98ff9..7cb17f94d4 100644 --- a/pdns/recursordist/settings/table.py +++ b/pdns/recursordist/settings/table.py @@ -1811,6 +1811,7 @@ feature. 'name' : 'ignore_list_file', 'section' : 'nod', 'type' : LType.String, + 'oldname' : 'new-domain-ignore-list-file', 'default' : '', 'help' : 'File with a list of domains (and implicitly all subdomains) which will never be considered a new domain', 'doc' : ''' @@ -3021,9 +3022,9 @@ a unique DNS response is observed. 'help' : 'List of domains (and implicitly all subdomains) which will never be considered for UDR', 'doc' : ''' This setting is a list of all domains (and implicitly all subdomains) -that will never be considered for a new unique domain request. +that will never be considered for new unique domain responses. For example, if the domain 'example.com' is in the list, then 'foo.bar.example.com' -will never be considered for a new unique domain request. +will never be considered for a new unique domain response. ''', 'versionadded': '5.1.0' },