]>
git.ipfire.org Git - thirdparty/pdns.git/log
Remi Gacogne [Fri, 7 Feb 2020 09:13:18 +0000 (10:13 +0100)]
Merge pull request #8782 from rgacogne/ddist-tag-response
dnsdist: Add getTag()/setTag() Lua bindings for a DNSResponse
Remi Gacogne [Thu, 6 Feb 2020 16:26:49 +0000 (17:26 +0100)]
auth: Prepare the caches' buckets in advance
Peter van Dijk [Thu, 6 Feb 2020 15:55:02 +0000 (16:55 +0100)]
Merge pull request #8788 from RobinGeuze/fixDefaultCDSCDNSKEYAxfr
Make sure the default-publish-cds and default-publish-cdnskey options are respected for AXFR
Robin Geuze [Thu, 6 Feb 2020 11:30:38 +0000 (12:30 +0100)]
Add AXFR to the default-publish-cds tests
Robin Geuze [Thu, 6 Feb 2020 09:31:18 +0000 (10:31 +0100)]
Make sure the default-publish-cds and default-publish-cdnskey options are respected for AXFR
Remi Gacogne [Thu, 6 Feb 2020 09:07:18 +0000 (10:07 +0100)]
dnsdist: Flush the TLS key material to the file right away
This feature is used to debug TLS flows, we don't really care about
the performance in that case and we want to have access to the keys
as soon as possible, without waiting for a buffer to be flushed.
Remi Gacogne [Thu, 6 Feb 2020 09:06:39 +0000 (10:06 +0100)]
dnsdist: Fix key logging for DNS over TLS
Peter van Dijk [Thu, 6 Feb 2020 08:23:06 +0000 (09:23 +0100)]
Merge pull request #8784 from Habbie/api-stats-no-rings
auth api: add includerings option to statistics endpoint
Peter van Dijk [Wed, 5 Feb 2020 16:19:05 +0000 (17:19 +0100)]
auth api: add includerings option to statistics endpoint
Peter van Dijk [Wed, 5 Feb 2020 10:31:38 +0000 (11:31 +0100)]
Merge pull request #8775 from mnordhoff/docs-4.3-schemas
docs: Add 4.2 SQL schema links
Remi Gacogne [Mon, 3 Feb 2020 10:51:54 +0000 (11:51 +0100)]
auth: Add steal and IO wait metrics
Remi Gacogne [Mon, 3 Feb 2020 10:51:35 +0000 (11:51 +0100)]
rec: Add steal and IO wait metrics
Remi Gacogne [Mon, 3 Feb 2020 10:50:38 +0000 (11:50 +0100)]
dnsdist: Add steal, iowait and UDP errors metrics
This commit also moves the prometheus metrics code to a separate
header.
Remi Gacogne [Mon, 3 Feb 2020 10:05:23 +0000 (11:05 +0100)]
Add functions to retrieve 'IO wait' and 'steal' metrics on Linux
Remi Gacogne [Wed, 5 Feb 2020 09:07:08 +0000 (10:07 +0100)]
dnsdist: Add getTag()/setTag() Lua bindings for a DNSResponse
LuaWrapper doesn't support inheritance, so even though DNSResponse
inherits from the DNSQuestion object the bindings are not inherited.
Peter van Dijk [Wed, 5 Feb 2020 08:42:36 +0000 (09:42 +0100)]
Merge pull request #8774 from spirillen/patch-1
Updated version number
Peter van Dijk [Wed, 5 Feb 2020 08:39:43 +0000 (09:39 +0100)]
Merge pull request #8780 from Habbie/remove-opendbx
opendbx: remove last file that was accidentally left in
Peter van Dijk [Wed, 5 Feb 2020 08:27:23 +0000 (09:27 +0100)]
Merge pull request #8781 from omoerbeek/security-emails
Update security email addresses
Otto Moerbeek [Tue, 4 Feb 2020 14:38:23 +0000 (15:38 +0100)]
Update security email addresses
Peter van Dijk [Tue, 4 Feb 2020 09:00:14 +0000 (10:00 +0100)]
opendbx: remove last file that was accidentally left in
Peter van Dijk [Tue, 4 Feb 2020 08:15:58 +0000 (09:15 +0100)]
IXFR: only sign SOA in empty response for +DO queries
Peter van Dijk [Mon, 3 Feb 2020 19:09:07 +0000 (20:09 +0100)]
rec RPZ dumpFile/seedFile: store/get SOA refresh on dump/load
Otto Moerbeek [Mon, 3 Feb 2020 11:15:25 +0000 (12:15 +0100)]
WIP for researching #8697
aerique [Mon, 3 Feb 2020 10:09:56 +0000 (11:09 +0100)]
Merge pull request #8770 from omoerbeek/rec-prep-rec-4.3.0-rc1
Prep rec-4.3.0-rc1
Otto Moerbeek [Mon, 3 Feb 2020 09:36:42 +0000 (10:36 +0100)]
tweaks
aerique [Mon, 3 Feb 2020 09:33:45 +0000 (10:33 +0100)]
Merge pull request #8771 from aerique/feature/repo-script-for-rec-43
Add support for rec-43.
Peter van Dijk [Mon, 3 Feb 2020 09:01:04 +0000 (10:01 +0100)]
Merge pull request #8682 from rgacogne/auth-bind-extended-status
auth: Add an extended status report in the bind backend
Peter van Dijk [Mon, 3 Feb 2020 08:48:34 +0000 (09:48 +0100)]
Merge pull request #8763 from rgacogne/remove-dnsresourcerecord-dtor
Remove the empty user-defined destructor of DNSResourceRecord
Otto Moerbeek [Mon, 3 Feb 2020 08:36:31 +0000 (09:36 +0100)]
Merge branch 'master' into rec-prep-rec-4.3.0-rc1
Matt Nordhoff [Sat, 1 Feb 2020 20:23:12 +0000 (20:23 +0000)]
docs: Add 4.2 schema links
spirillen [Sat, 1 Feb 2020 11:03:01 +0000 (12:03 +0100)]
Updated version number
Updated version number for shown Sql as the `published BOOL DEFAULT 1,` is for pdns-4.3.x
Erik Winkels [Fri, 31 Jan 2020 10:25:24 +0000 (11:25 +0100)]
Add support for rec-43.
Remi Gacogne [Fri, 31 Jan 2020 10:15:32 +0000 (11:15 +0100)]
dnsdist: Add backend status to prometheus metrics
aerique [Fri, 31 Jan 2020 10:03:59 +0000 (11:03 +0100)]
Merge pull request #8755 from Habbie/auth-4.3.0-beta1-docs
changelog and secpoll for auth-4.3.0-beta1
Otto Moerbeek [Wed, 29 Jan 2020 12:48:43 +0000 (13:48 +0100)]
Prep rec-4.3.0-rc1
Otto Moerbeek [Fri, 31 Jan 2020 05:57:51 +0000 (06:57 +0100)]
Merge pull request #8764 from mnordhoff/performance-distributor-threads
Add distributor-threads setting to rec performance docs
Otto Moerbeek [Fri, 31 Jan 2020 05:56:12 +0000 (06:56 +0100)]
Merge pull request #8768 from yantarou/typo_fix
Fix typo in Recursor Performance Guide
Jan Hilberath [Fri, 31 Jan 2020 01:06:16 +0000 (10:06 +0900)]
Fix typo in Recursor Performance Guide
Chris Hofstaedtler [Thu, 30 Jan 2020 17:07:55 +0000 (18:07 +0100)]
Update my name in old changelogs
Peter van Dijk [Thu, 30 Jan 2020 16:06:28 +0000 (17:06 +0100)]
fix typo
Co-Authored-By: Pieter Lexis <pieter@plexis.eu>
Peter van Dijk [Tue, 28 Jan 2020 13:33:24 +0000 (14:33 +0100)]
changelog, upgrade notes, secpoll for auth-4.3.0-beta1
Peter van Dijk [Thu, 30 Jan 2020 15:31:17 +0000 (16:31 +0100)]
Merge pull request #8765 from RobinGeuze/addLmdbSchemaVersionDocumentation
Add some documentation for the LMDB schema version setting
RobinGeuze [Thu, 30 Jan 2020 15:28:41 +0000 (16:28 +0100)]
Apply suggestions from code review
One typo and a better documentation text.
Co-Authored-By: Peter van Dijk <peter.van.dijk@powerdns.com>
Robin Geuze [Thu, 30 Jan 2020 15:15:04 +0000 (16:15 +0100)]
Add some documentation for the LMDB schema version setting
Matt Nordhoff [Thu, 30 Jan 2020 14:31:33 +0000 (14:31 +0000)]
Add distributor-threads setting to rec performance docs
Remi Gacogne [Wed, 29 Jan 2020 19:50:13 +0000 (20:50 +0100)]
Merge pull request #8761 from rgacogne/ddist-dot-refcount-context
dnsdist: Use ref counting for the DoT TLS context
Peter van Dijk [Wed, 29 Jan 2020 18:43:48 +0000 (19:43 +0100)]
Merge pull request #8754 from pieterlexis/remove-algo-5-to-7-upgrade
Remove the algo 5 -> 7 upgrade
Remi Gacogne [Wed, 29 Jan 2020 14:41:45 +0000 (15:41 +0100)]
Remove the empty user-defined destructor of DNSResourceRecord
Having a user-defined destructor prevents the compiler from generating
implicit definition of the move constructor and the move assignment
operator, which might have a serious performance impact.
Remi Gacogne [Wed, 29 Jan 2020 13:57:06 +0000 (14:57 +0100)]
dnsdist: Implement Cache-Control headers in DoH
Remi Gacogne [Wed, 29 Jan 2020 10:33:01 +0000 (11:33 +0100)]
dnsdist: Use ref counting for the DoT TLS context
Otherwise we can end up with a DNS over TLS connection using a
TLS Session Ticket Encryption Key, OCSP response or even `SSL_CTX`
object after it was released following a reload of the TLS context
(via `reloadAllCertificates()`, for example), triggering a
use-after-free, possibly leading to a crash.
Remi Gacogne [Wed, 8 Jan 2020 16:46:10 +0000 (17:46 +0100)]
auth: Add an extended status report in the bind backend
Otto Moerbeek [Wed, 29 Jan 2020 08:40:36 +0000 (09:40 +0100)]
Merge pull request #8756 from omoerbeek/rec-doc-quit-nicely
rec: Document the difference between rec_control quit and quit-nicely.
Otto Moerbeek [Wed, 29 Jan 2020 08:37:00 +0000 (09:37 +0100)]
typo
Co-Authored-By: Matt Nordhoff <mnordhoff@mattnordhoff.com>
Otto Moerbeek [Tue, 28 Jan 2020 14:33:38 +0000 (15:33 +0100)]
Document the difference between rec_control quit and quit-nicely.
Fixes #2267
Peter van Dijk [Tue, 28 Jan 2020 13:56:29 +0000 (14:56 +0100)]
Merge pull request #8732 from pieterlexis/remote-support-getUnfreshSlaveInfos
Remote: Implement getUnfreshSlaveInfos and setFresh
Pieter Lexis [Tue, 28 Jan 2020 13:25:53 +0000 (14:25 +0100)]
Remove the algo 5 -> 7 upgrade
Closes #3267
Peter van Dijk [Tue, 28 Jan 2020 13:21:50 +0000 (14:21 +0100)]
Merge pull request #8177 from RobinGeuze/hiddenDnsKeys
Initial work for adding hidden dnssec keys
Peter van Dijk [Tue, 28 Jan 2020 13:19:24 +0000 (14:19 +0100)]
Merge pull request #8668 from cmouse/apex-dname
ws-auth: Allow DNAME in apex with SOA and NS records
Peter van Dijk [Tue, 28 Jan 2020 13:17:14 +0000 (14:17 +0100)]
Merge pull request #8715 from rgacogne/auth-hashed-key-cache
auth: Use a hashed index instead of an ordered one for the key cache
Robin Geuze [Thu, 8 Aug 2019 18:03:28 +0000 (20:03 +0200)]
Implement published and unpublished dnskeys to allow algorith rollovers.
Peter van Dijk [Tue, 28 Jan 2020 11:17:34 +0000 (12:17 +0100)]
Merge pull request #8749 from Habbie/local-ipv6-one-more-release
allow local-ipv6 until 4.4.0
Otto Moerbeek [Tue, 28 Jan 2020 10:17:24 +0000 (11:17 +0100)]
Merge pull request #8740 from pieterlexis/boost-context-fixes
Update boost.m4
Peter van Dijk [Tue, 28 Jan 2020 09:07:04 +0000 (10:07 +0100)]
Merge pull request #8750 from peterthomassen/patch-2
docs: clarify Zone object description, closes #8748
Peter Thomassen [Tue, 28 Jan 2020 08:48:50 +0000 (09:48 +0100)]
docs: clarify Zone object description, closes #8748
Point out that the `rrsets` is only included at the zone detail endpoint
Peter van Dijk [Mon, 27 Jan 2020 20:25:55 +0000 (21:25 +0100)]
Merge pull request #8745 from Habbie/pdnsutil-dead-code2
pdnsutil: remove dead code
Peter van Dijk [Mon, 27 Jan 2020 20:25:12 +0000 (21:25 +0100)]
Merge pull request #8594 from Habbie/default-publish-cds
auth: add default-publish-{cds|cdnskey} options
Peter van Dijk [Mon, 27 Jan 2020 20:21:43 +0000 (21:21 +0100)]
allow local-ipv6 until 4.4.0
Peter van Dijk [Mon, 27 Jan 2020 12:00:03 +0000 (13:00 +0100)]
auth: add default-publish-cds test
Peter van Dijk [Mon, 27 Jan 2020 13:53:20 +0000 (14:53 +0100)]
Merge pull request #8744 from zeha/lua-mandatory
Make Lua mandatory for Auth
Peter van Dijk [Mon, 27 Jan 2020 11:03:33 +0000 (12:03 +0100)]
Merge pull request #8680 from rgacogne/auth-bindbackend-records-cleanup
auth: Make it clearer that records are never altered, only replaced
Peter van Dijk [Mon, 27 Jan 2020 09:59:16 +0000 (10:59 +0100)]
pdnsutil: remove dead code
Peter van Dijk [Mon, 27 Jan 2020 09:40:33 +0000 (10:40 +0100)]
Merge pull request #8681 from rgacogne/auth-stats-rings-size
auth: Add metrics about the size of our in-memory rings
Peter van Dijk [Mon, 27 Jan 2020 08:29:01 +0000 (09:29 +0100)]
auth circleci: build with lua2backend and LUA records
Chris Hofstaedtler [Sat, 25 Jan 2020 22:45:45 +0000 (23:45 +0100)]
Update docs
Chris Hofstaedtler [Sat, 25 Jan 2020 22:34:14 +0000 (23:34 +0100)]
Make Lua mandatory for Auth
Peter van Dijk [Fri, 24 Jan 2020 14:48:55 +0000 (15:48 +0100)]
Merge pull request #8659 from rgacogne/auth-dnsseckeeper-clear-static
auth: Make DNSSECKeeper::clear{All,}Caches() static
Peter van Dijk [Fri, 24 Jan 2020 14:46:56 +0000 (15:46 +0100)]
Merge pull request #8628 from mind04/pdns-place
auth: make sure get() is always returning the default value for d_place
Peter van Dijk [Fri, 24 Jan 2020 12:46:08 +0000 (13:46 +0100)]
Merge pull request #8627 from zeha/psql-no-prep
gpgsqlbackend: Avoid actually prepared statements
Pieter Lexis [Fri, 24 Jan 2020 07:43:05 +0000 (08:43 +0100)]
Merge pull request #8735 from Habbie/doc-dnssec-ttls
auth dnssec docs: some notes on TTL usage
Peter van Dijk [Thu, 23 Jan 2020 23:05:52 +0000 (00:05 +0100)]
Merge pull request #8474 from omoerbeek/auth-fix-logging-no-cache
auth: Fix auth logging if no packet cache; from Habbie
Peter van Dijk [Thu, 23 Jan 2020 22:36:28 +0000 (23:36 +0100)]
Merge pull request #8713 from rgacogne/auth-strict-caches-size
auth: Enforce a strict maximum size for the packet and records caches
Remi Gacogne [Thu, 23 Jan 2020 14:21:24 +0000 (15:21 +0100)]
dnsdist: Don't accept sub-paths of configured DoH URLs
Pieter Lexis [Wed, 22 Jan 2020 15:03:59 +0000 (16:03 +0100)]
Update boost.m4
This detects boost::context on boost version 1.61 through 1.65 correctly
Remi Gacogne [Wed, 22 Jan 2020 14:59:13 +0000 (15:59 +0100)]
Merge pull request #8733 from rgacogne/ddist-openssl-init
dnsdist: Load an openssl configuration file, if any, during startup
Peter van Dijk [Wed, 22 Jan 2020 13:54:42 +0000 (14:54 +0100)]
avoid 'git show -s' from starting a pager in CircleCI
this
is
a
very
long
commit
message
to
trigger
the
problem
where
our
circleci
setup
tries
to
use
the
pager
to
show
long
commit
messages
just
like
this
one
although
there
are
others
quite
like
it
but
those
tend
to
be
way
easier
to
read
Peter van Dijk [Wed, 22 Jan 2020 12:19:22 +0000 (13:19 +0100)]
auth dnssec docs: some notes on TTL usage
Remi Gacogne [Wed, 22 Jan 2020 12:10:21 +0000 (13:10 +0100)]
dnsdist: LibreSSL introduced automatic thread-specific callbacks
Otto Moerbeek [Wed, 22 Jan 2020 10:29:11 +0000 (11:29 +0100)]
Merge pull request #8729 from omoerbeek/rec-build-dnstap-debian
rec: Explicitly enable dnstap for debian-stretch and buster
Remi Gacogne [Tue, 21 Jan 2020 14:00:01 +0000 (15:00 +0100)]
dnsdist: Load an openssl configuration file, if any, during startup
This way dnsdist will load the default OpenSSL configuration, or a
custom one specified via the OPENSSL_CONF environment variable.
It allows loading an engine or configuration various options supported
by OpenSSL.
This requires OpenSSL >= 1.1.0.
Peter van Dijk [Tue, 21 Jan 2020 13:52:21 +0000 (14:52 +0100)]
Merge pull request #8331 from mind04/pdns-lmdb-cleanup
auth: lmdb-backend, remove duplicate code and some unused variables
Pieter Lexis [Mon, 20 Jan 2020 14:27:44 +0000 (15:27 +0100)]
Remote: Implement getUnfreshSlaveInfos and setFresh
Otto Moerbeek [Tue, 21 Jan 2020 10:10:39 +0000 (11:10 +0100)]
Merge pull request #8723 from rgacogne/rec-optout-unit-tests
rec: Add unit tests for the NSEC3 Opt-Out case
Otto Moerbeek [Tue, 21 Jan 2020 10:09:55 +0000 (11:09 +0100)]
Merge pull request #8718 from rgacogne/rec-fix-pb-source-port
Make ComboAddress::setPort() update the current object
Remi Gacogne [Tue, 21 Jan 2020 09:53:15 +0000 (10:53 +0100)]
rec: Bow to formatting gods
Remi Gacogne [Tue, 21 Jan 2020 09:25:40 +0000 (10:25 +0100)]
Fix braces formatting in pdns/recursordist/test-syncres_cc.cc
Co-Authored-By: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Otto Moerbeek [Tue, 21 Jan 2020 09:13:03 +0000 (10:13 +0100)]
- Explcitly enable dnstap for debian-stretch and buster
- Fix inconsistent ref to stretch vs buster in ubuntu-bionic
Remi Gacogne [Mon, 20 Jan 2020 18:24:13 +0000 (19:24 +0100)]
rec: Add unit tests for the NSEC3 Opt-Out case
An Opt-Out NSEC3 only proves that there is no delegation, so we
should not consider a DS NODATA or a NXDOMAIN proved by that RR
secure but insecure.
This was fixed in
18c8faae6c67f734583c5c881d0d083d3253b49e and this
commit adds a few unit tests to cover the fix.
Remi Gacogne [Thu, 14 Nov 2019 14:51:23 +0000 (15:51 +0100)]
dnsdist: Add spoofRawAction() to craft answers from raw bytes
Otto Moerbeek [Mon, 20 Jan 2020 15:23:07 +0000 (16:23 +0100)]
Merge pull request #8720 from omoerbeek/dnsdist-fstrm-elpel8
dnsdist: EPEL 8 now has libfstrm-devel
Remi Gacogne [Mon, 20 Jan 2020 15:22:29 +0000 (16:22 +0100)]
Merge pull request #8556 from rgacogne/dnsdist-spoof-flags
dnsdist: Support setting the value of AA, AD and RA when self-generating answers