]>
git.ipfire.org Git - thirdparty/pdns.git/log
Remi Gacogne [Tue, 5 Mar 2024 08:10:38 +0000 (09:10 +0100)]
dnsdist: Delint dnsdist-rings.cc
Remi Gacogne [Mon, 4 Mar 2024 16:38:44 +0000 (17:38 +0100)]
dnsdist: Delint dnsdist-lua-inspection.cc
Remi Gacogne [Mon, 4 Mar 2024 16:37:31 +0000 (17:37 +0100)]
dnsdist: Delint dnsdist-lua-rules.cc
Remi Gacogne [Mon, 4 Mar 2024 14:45:30 +0000 (15:45 +0100)]
dnsdist: Delint dnsdist-lua-bindings.cc
Remi Gacogne [Mon, 4 Mar 2024 14:40:48 +0000 (15:40 +0100)]
dnsdist: Delint dnsdist-lua-bindings-dnsquestion.cc
Remi Gacogne [Mon, 4 Mar 2024 13:38:26 +0000 (14:38 +0100)]
dnsdist: Delint dnsdist-lua-actions.cc
Remi Gacogne [Mon, 4 Mar 2024 13:14:48 +0000 (14:14 +0100)]
dnsdist: Delint dnsdist-dynbpf.cc
Remi Gacogne [Mon, 4 Mar 2024 11:30:03 +0000 (12:30 +0100)]
dnsdist: Delint test-dnsdist_cc.cc
Remi Gacogne [Mon, 4 Mar 2024 11:26:39 +0000 (12:26 +0100)]
dnsdist: Delint dnsdist-dnscrypt.cc
Remi Gacogne [Mon, 4 Mar 2024 11:12:21 +0000 (12:12 +0100)]
dnsdist: Delint test-dnsdistpacketcache_cc.cc
Remi Gacogne [Mon, 4 Mar 2024 11:12:09 +0000 (12:12 +0100)]
dnsdist: Delint dnsdist-cache.cc
Remi Gacogne [Mon, 4 Mar 2024 11:11:55 +0000 (12:11 +0100)]
dnsdist: Delint dnsdist-carbon.cc
Remi Gacogne [Mon, 4 Mar 2024 10:17:46 +0000 (11:17 +0100)]
dnsdist: Format moved files
Remi Gacogne [Mon, 4 Mar 2024 10:09:14 +0000 (11:09 +0100)]
dnsdist: Move dnsdist-specific files
Remi Gacogne [Mon, 4 Mar 2024 10:08:30 +0000 (11:08 +0100)]
dnsdist: Remove symbolic links for dnsdist-specific files
Remi Gacogne [Wed, 6 Mar 2024 10:36:27 +0000 (11:36 +0100)]
Merge pull request #13851 from dwfreed/fix-alpn-selection
tcpiohandler: Use server preference algoritm for ALPN selection
Peter van Dijk [Tue, 5 Mar 2024 19:38:51 +0000 (20:38 +0100)]
Merge pull request #13849 from maresac/fix/docker-startup-config-debug-mode
Docker: Only print config if debug flag is set
Peter van Dijk [Tue, 5 Mar 2024 13:53:46 +0000 (14:53 +0100)]
nits
Remi Gacogne [Mon, 4 Mar 2024 20:16:50 +0000 (21:16 +0100)]
Merge pull request #13848 from rgacogne/ddist-fix-http1-upgrade-guide
dnsdist: Fix HTTP/1 -> HTTP/2 mistake in the upgrade notes
Peter van Dijk [Mon, 4 Mar 2024 13:31:45 +0000 (14:31 +0100)]
Merge pull request #13855 from Habbie/remotebackend-test-silent-failure
auth: revive remotebackend tests and fix failures
Peter van Dijk [Mon, 4 Mar 2024 12:47:53 +0000 (13:47 +0100)]
remotebackend tests: use unsigned domain_id (thanks ubsan)
Peter van Dijk [Mon, 4 Mar 2024 12:28:21 +0000 (13:28 +0100)]
remotebackend tests: do pass empty array
Peter van Dijk [Mon, 4 Mar 2024 11:48:41 +0000 (12:48 +0100)]
don't log from destructors, g_log might be gone already (thanks asan)
Peter van Dijk [Mon, 4 Mar 2024 11:48:28 +0000 (12:48 +0100)]
remotebackend tests: report exit value correctly
Remi Gacogne [Mon, 4 Mar 2024 10:02:56 +0000 (11:02 +0100)]
dnsname: Fix formatting issue
Remi Gacogne [Mon, 4 Mar 2024 09:24:53 +0000 (10:24 +0100)]
Add missing views.hh reference in the Makefiles
Remi Gacogne [Mon, 4 Mar 2024 09:13:36 +0000 (10:13 +0100)]
dnsdist: Use a view for parsing ALPN data, add a regression test
Otto Moerbeek [Mon, 4 Mar 2024 08:52:53 +0000 (09:52 +0100)]
Merge pull request #13847 from rgacogne/rec-fix-missing-nsec-forward-recurse
rec: Fix gathering of denial of existence proof for wildcard-expanded names
Remi Gacogne [Mon, 4 Mar 2024 08:14:58 +0000 (09:14 +0100)]
rec: Apply Otto's suggestions
Doug Freed [Sun, 3 Mar 2024 09:24:34 +0000 (09:24 +0000)]
tcpiohandler: Use server preference algoritm for ALPN selection
This complies with RFC 7301 section 3.2
Remi Gacogne [Fri, 1 Mar 2024 16:00:41 +0000 (17:00 +0100)]
rec: Fix clang-tidy warnings
Remi Gacogne [Fri, 1 Mar 2024 15:34:57 +0000 (16:34 +0100)]
dnsdist: Fix HTTP/1 -> HTTP/2 mistake in the upgrade notes
Reported by Martin Frausing (many thanks!).
Carolin Dohmen [Fri, 1 Mar 2024 15:19:04 +0000 (16:19 +0100)]
Only print config if debug flag is set
Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
Remi Gacogne [Fri, 1 Mar 2024 14:54:40 +0000 (15:54 +0100)]
rec: Add a unit test for the gathering of denial of existence proof for wildcard-expanded names
Remi Gacogne [Fri, 1 Mar 2024 13:07:35 +0000 (14:07 +0100)]
rec: Fix gathering of denial of existence proof for wildcard-expanded names
When the recursor is forwarding to a resolver, we accept the names composing
the CNAME chain starting at the queried name. This means we also need to gather
the denial of existence proof for CNAMEs that were expanded from a wildcard,
otherwise the response sent to the client cannot be DNSSEC-validated.
Remi Gacogne [Tue, 27 Feb 2024 16:58:06 +0000 (17:58 +0100)]
Merge pull request #13820 from devicenull/update-overload-docs
Update overload-queue-length and overload-drops documentation
Remi Gacogne [Tue, 27 Feb 2024 16:54:25 +0000 (17:54 +0100)]
Merge pull request #13805 from rgacogne/ddist-fix-compilation-warnings
dnsdist: Fix compilation warnings
Otto Moerbeek [Tue, 27 Feb 2024 09:03:13 +0000 (10:03 +0100)]
Merge pull request #13830 from omoerbeek/rec-rpz-mem
rec: reduce RPZ memory usage
Brian Rak [Tue, 27 Feb 2024 02:31:28 +0000 (21:31 -0500)]
Update docs/performance.rst
Co-authored-by: Remi Gacogne <github@coredump.fr>
Otto Moerbeek [Mon, 26 Feb 2024 14:14:26 +0000 (15:14 +0100)]
Merge pull request #13824 from omoerbeek/rec-keytrap-log
rec: log if a dnssec related limit was hit (if log_bogus is set)
Otto Moerbeek [Mon, 26 Feb 2024 08:45:04 +0000 (09:45 +0100)]
Also allocate custom records via unique ptr
Otto Moerbeek [Mon, 26 Feb 2024 08:09:54 +0000 (09:09 +0100)]
Do not keep a ref to a lua config around in startup code
Otto Moerbeek [Mon, 26 Feb 2024 07:55:35 +0000 (08:55 +0100)]
rec: allocate hit data in policy on demand instead of always
Otto Moerbeek [Fri, 23 Feb 2024 12:24:25 +0000 (13:24 +0100)]
rec: log if a dnssec related limit was hit (if log_bogus is set)
Brian Rak [Thu, 22 Feb 2024 15:24:23 +0000 (15:24 +0000)]
Update overload-queue-length and overload-drops documentation
It wasn't clear to be what overload-queue-length did until I looked at
the code
Otto Moerbeek [Thu, 22 Feb 2024 06:43:12 +0000 (07:43 +0100)]
Merge pull request #13813 from omoerbeek/rec-dnspython-nsid
rec: dnspython's API changed wrt NSID, apply (version dependent) fix in regression test
Otto Moerbeek [Thu, 22 Feb 2024 06:38:52 +0000 (07:38 +0100)]
Merge pull request #13812 from omoerbeek/rec-add-petr
rec: add thanks to Petr Spacek to SA 2024-01
Otto Moerbeek [Mon, 19 Feb 2024 10:05:32 +0000 (11:05 +0100)]
rec: dnspython's API changed wrt NSID, apply (version dependent) fix in regression test
See https://dnspython.readthedocs.io/en/stable/whatsnew.html 2.6.0 2nd bullet
Otto Moerbeek [Mon, 19 Feb 2024 08:01:53 +0000 (09:01 +0100)]
rec: add thanks to Petr Spacek to SA 2024-01
Peter van Dijk [Fri, 16 Feb 2024 15:16:08 +0000 (16:16 +0100)]
Merge pull request #13804 from Habbie/auth-4.9.0-beta2-docs-secpoll
auth 4.9.0-beta2: docs&secpoll
Peter van Dijk [Fri, 16 Feb 2024 09:23:14 +0000 (10:23 +0100)]
auth 4.9.0-beta2: docs&secpoll
Remi Gacogne [Fri, 16 Feb 2024 14:23:02 +0000 (15:23 +0100)]
Merge pull request #13807 from rgacogne/ddist-eol
dnsdist: Update the EOL statements
Remi Gacogne [Fri, 16 Feb 2024 14:22:36 +0000 (15:22 +0100)]
Merge pull request #13800 from rgacogne/ddist-190rc2-changelog-secpoll
dnsdist: ChangeLog and secpoll update for 1.9.0 final!
Remi Gacogne [Fri, 16 Feb 2024 14:13:17 +0000 (15:13 +0100)]
dnsdist: Fix the EOL statements (c/p paste mistake from the Recursor)
Remi Gacogne [Fri, 16 Feb 2024 13:59:15 +0000 (14:59 +0100)]
dnsdist: Update the EOL statements
Peter van Dijk [Fri, 16 Feb 2024 10:45:29 +0000 (11:45 +0100)]
Merge pull request #13806 from chbruyand/ixfrdist-coverity-
1534661
ixfrdist: fix Coverity
1534661 and
1534662
Charles-Henri Bruyand [Fri, 16 Feb 2024 09:59:48 +0000 (10:59 +0100)]
ixfrdist: fix coverity
1534661 and
1534662
Remi Gacogne [Fri, 16 Feb 2024 09:32:37 +0000 (10:32 +0100)]
dnsdist: Move `linux/*.h` headers to xsk.cc to fix warnings
Remi Gacogne [Fri, 16 Feb 2024 09:32:04 +0000 (10:32 +0100)]
dnsdist: Fix outdated definition for `addMaintenanceCallback()`
Peter van Dijk [Thu, 15 Feb 2024 15:13:58 +0000 (16:13 +0100)]
Merge pull request #13803 from Habbie/lmdb-sync-mode
lmdb: remove mapasync mode, it was always a lie
Peter van Dijk [Thu, 15 Feb 2024 14:20:47 +0000 (15:20 +0100)]
Merge pull request #13802 from chbruyand/ixfrdist-coverity-
1534483
ixfrist: fix coverity report
1534483
Peter van Dijk [Thu, 15 Feb 2024 14:16:50 +0000 (15:16 +0100)]
lmdb: remove mapasync mode, it was always a lie
fixes #12888
Peter van Dijk [Thu, 15 Feb 2024 13:59:25 +0000 (14:59 +0100)]
Merge pull request #11431 from jroessler-ox/docs-kskzskroll-update
updated KSK and ZSK Rollover procedures, small fixes in Algorithm Rol…
Charles-Henri Bruyand [Thu, 15 Feb 2024 13:00:08 +0000 (14:00 +0100)]
ixfrist: fix coverity report
1534483
Peter van Dijk [Thu, 15 Feb 2024 12:00:01 +0000 (13:00 +0100)]
Merge pull request #13801 from chbruyand/ixfrdist-fix-centos-build
ixfrdist: fix centos build
Charles-Henri Bruyand [Thu, 15 Feb 2024 10:49:10 +0000 (11:49 +0100)]
ixfrdist: fix centos build
Remi Gacogne [Wed, 14 Feb 2024 13:13:27 +0000 (14:13 +0100)]
dnsdist: ChangeLog and secpoll update for 1.9.0 final!
Peter van Dijk [Wed, 14 Feb 2024 19:10:27 +0000 (20:10 +0100)]
Merge pull request #13753 from chbruyand/ixfrdist-notify-out
ixfrdist: add support for outgoing notify
Peter van Dijk [Wed, 14 Feb 2024 19:07:46 +0000 (20:07 +0100)]
Merge pull request #13752 from chbruyand/auth-lua-pickchashed
auth: lua records, pickchashed function
Otto Moerbeek [Wed, 14 Feb 2024 12:11:27 +0000 (13:11 +0100)]
Merge pull request #13788 from omoerbeek/rec-ztc-regression
rec: fix the zoneToCache regression introduced by SA 2024-01
Otto Moerbeek [Wed, 14 Feb 2024 11:39:57 +0000 (12:39 +0100)]
Test ZTC with root zone
1. If code changes make the validation fail we want to know.
2. If root zone changes break something we want to know as well, this might even be more important than 1.
So I think we just have to accept the occasional network issues on GH.
Otto Moerbeek [Tue, 13 Feb 2024 15:55:10 +0000 (16:55 +0100)]
rec: fix the zoneToCache regression introduced by SA 2024-01
Test will follow
Remi Gacogne [Tue, 13 Feb 2024 16:35:46 +0000 (17:35 +0100)]
Merge pull request #13787 from omoerbeek/rec-regr-test-skip
rec: skip a few tests that depend on sidnlab's public test setup that no longer works
Otto Moerbeek [Tue, 13 Feb 2024 15:31:35 +0000 (16:31 +0100)]
rec: skip a few test that depend on sidnlab's public test setup that no longer works
Otto Moerbeek [Tue, 13 Feb 2024 13:41:19 +0000 (14:41 +0100)]
Merge pull request #13785 from omoerbeek/rec-prep-2024-01
rec: Prep for 2024-01 release
Otto Moerbeek [Tue, 13 Feb 2024 12:49:02 +0000 (13:49 +0100)]
Merge pull request #13781 from omoerbeek/rec-keytrap-public
rec: CVE-2023-50387 and CVE-2023-50868
Otto Moerbeek [Mon, 12 Feb 2024 10:19:09 +0000 (11:19 +0100)]
Prep for 2024-01
Remi Gacogne [Tue, 13 Feb 2024 10:44:35 +0000 (11:44 +0100)]
Merge pull request #13760 from rgacogne/ddist-doc-rules-mgmt
dnsdist: Refactor the rules (selectors and actions) documentation
Remi Gacogne [Tue, 13 Feb 2024 10:44:27 +0000 (11:44 +0100)]
Merge pull request #13780 from rgacogne/ddist-better-wording-setSuffixMatchRule
dnsdist: Clarify that setSuffixMatchRule blocks per suffix, not labels
Remi Gacogne [Tue, 13 Feb 2024 09:04:08 +0000 (10:04 +0100)]
dnsdist: Clarify that setSuffixMatchRule blocks per suffix, not labels
Remi Gacogne [Mon, 12 Feb 2024 09:54:21 +0000 (10:54 +0100)]
Merge pull request #13779 from rgacogne/ddist-coverity-
20240212
dnsdist: Fix performance inefficiencies reported by Coverity
Remi Gacogne [Mon, 12 Feb 2024 09:08:56 +0000 (10:08 +0100)]
dnsdist: Fix performance inefficiencies reported by Coverity
Reported by Coverity as 414759 and 414760:
> Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
Otto Moerbeek [Sun, 11 Feb 2024 18:40:36 +0000 (19:40 +0100)]
Merge pull request #13778 from M0NsTeRRR/master
fix(doc): incorrect setting `query_local_address`
Ludovic Ortega [Sun, 11 Feb 2024 18:38:48 +0000 (19:38 +0100)]
fix: replace missing query_local_address
Ludovic Ortega [Sun, 11 Feb 2024 18:29:57 +0000 (19:29 +0100)]
fix(doc): incorrect setting `query_local_address`
Remi Gacogne [Fri, 9 Feb 2024 15:09:29 +0000 (16:09 +0100)]
Merge pull request #13774 from rgacogne/ddist-quiche-config-atomic-load
dnsdist: Fix a missing explicit atomic load of the Quiche configuration
Remi Gacogne [Fri, 9 Feb 2024 15:00:56 +0000 (16:00 +0100)]
Merge pull request #13771 from omoerbeek/dnsdist-lua-align
dnsdist: do not allocate 16-byte aligned objects through lua(jit)
Remi Gacogne [Fri, 9 Feb 2024 14:28:57 +0000 (15:28 +0100)]
dnsdist: Fix a missing explicit atomic load of the Quiche configuration
Reported by TSAN.
Charles-Henri Bruyand [Thu, 8 Feb 2024 13:20:45 +0000 (14:20 +0100)]
auth: lua-records, support cleaning old hashed entries
Charles-Henri Bruyand [Fri, 9 Feb 2024 12:27:38 +0000 (13:27 +0100)]
ixfrdist: clang-tidy cleanup
Charles-Henri Bruyand [Fri, 9 Feb 2024 10:27:22 +0000 (11:27 +0100)]
ixfrdist: add a simple test for outgoing notify
Charles-Henri Bruyand [Thu, 8 Feb 2024 15:11:14 +0000 (16:11 +0100)]
ixfrdist: add examples of notify out configuration
Charles-Henri Bruyand [Thu, 8 Feb 2024 14:46:16 +0000 (15:46 +0100)]
ixfrdist: clang-tidy cleanup
Charles-Henri Bruyand [Wed, 31 Jan 2024 17:22:50 +0000 (18:22 +0100)]
ixfrdist: send out notify
Otto Moerbeek [Fri, 9 Feb 2024 12:28:00 +0000 (13:28 +0100)]
rec: CVE-2023-50387 and CVE-2023-50868
Remi Gacogne [Fri, 9 Feb 2024 10:59:07 +0000 (11:59 +0100)]
Merge pull request #13759 from rgacogne/ddist-doc-tls-certificates
dnsdist: Improve the documentation around TLS certificates and keys
Charles-Henri Bruyand [Wed, 31 Jan 2024 13:25:34 +0000 (14:25 +0100)]
auth: fix typo in tests
Charles-Henri Bruyand [Wed, 31 Jan 2024 12:19:08 +0000 (13:19 +0100)]
auth: clang-tidy fixes
Charles-Henri Bruyand [Tue, 30 Jan 2024 15:30:18 +0000 (16:30 +0100)]
auth: tell spell check about pickchashed
Charles-Henri Bruyand [Tue, 30 Jan 2024 15:15:20 +0000 (16:15 +0100)]
auth: lua-records, add support for pickchashed function