]>
git.ipfire.org Git - thirdparty/pdns.git/log
Peter van Dijk [Fri, 15 Nov 2019 12:01:01 +0000 (13:01 +0100)]
lmdbbackend: use nested transaction in lookup() when possible/needed
Pieter Lexis [Thu, 14 Nov 2019 11:37:20 +0000 (12:37 +0100)]
LMDB: Update lmdb-safe and make the backend compile
This updates lmdb-safe to
https://github.com/ahupowerdns/lmdb-safe/pull/6 at
7ce9a821412480c699ce73e85d8bbafa2a9535e5
Remi Gacogne [Thu, 14 Nov 2019 08:16:42 +0000 (09:16 +0100)]
Merge pull request #8531 from phonedph1/patch-18
dnsdist: Update dnsdist-console.cc
phonedph1 [Wed, 13 Nov 2019 21:38:58 +0000 (14:38 -0700)]
Update dnsdist-console.cc
Otto Moerbeek [Wed, 13 Nov 2019 14:03:42 +0000 (15:03 +0100)]
Merge pull request #8521 from omoerbeek/rec-quit-nicely-8347-retry
rec: Make threads run until asked to stop.
Otto Moerbeek [Wed, 13 Nov 2019 13:55:14 +0000 (14:55 +0100)]
Explicitly initialize RecursorControlChannel::stop
Remi Gacogne [Wed, 13 Nov 2019 08:02:40 +0000 (09:02 +0100)]
Merge pull request #8522 from rgacogne/ddist-statnode-noerrors-drops
dnsdist: Add bindings for the noerrors and drops members of StatNode
Remi Gacogne [Wed, 13 Nov 2019 08:00:30 +0000 (09:00 +0100)]
Merge pull request #8526 from rgacogne/ddist-prefer-server-order
dnsdist: Prefer the cipher suite from the server by default (DoH, DoT)
Remi Gacogne [Tue, 12 Nov 2019 13:24:30 +0000 (14:24 +0100)]
dnsdist: Prefer the cipher suite from the server by default (DoH, DoT)
This setting should only be set when all ciphers offered by the server
are considered secure, and our default suite still has a few options
offered for compatibility reasons, which might not be as secure as
other alternatives.
Apparently this also causes issue for some clients, even though it
should not matter.
Remi Gacogne [Tue, 12 Nov 2019 08:34:16 +0000 (09:34 +0100)]
dnsdist: Add bindings for the noerrors and drops members of StatNode
Remi Gacogne [Tue, 12 Nov 2019 08:33:26 +0000 (09:33 +0100)]
dnsdist: Correctly account actively discovered timeouts in StatNode
Otto Moerbeek [Mon, 11 Nov 2019 13:19:41 +0000 (13:19 +0000)]
Cleanup some global resources.
With this (on a short run):
==13452== HEAP SUMMARY:
==13452== in use at exit: 0 bytes in 0 blocks
==13452== total heap usage: 54,657 allocs, 54,657 frees, 14,008,997 bytes allocated
Otto Moerbeek [Mon, 11 Nov 2019 11:34:56 +0000 (12:34 +0100)]
Make threads run until asked to stop.
This is safer since the atexit handler is not ran while threads are
still active. Also, when using valgrind we get more clean leak reports.
Retry if the accidentally merged #8518 that was reverted.
Otto Moerbeek [Mon, 11 Nov 2019 11:24:57 +0000 (12:24 +0100)]
Merge pull request #8520 from omoerbeek/rec-8020-docs-fix-retry
rec: markup fix
Otto Moerbeek [Mon, 11 Nov 2019 11:22:01 +0000 (12:22 +0100)]
Markup fix
Otto Moerbeek [Mon, 11 Nov 2019 11:19:33 +0000 (12:19 +0100)]
Merge pull request #8519 from PowerDNS/revert-8518-rec-8020-docs-fix
Revert "Rec 8020 docs fix"
Otto Moerbeek [Mon, 11 Nov 2019 11:18:02 +0000 (12:18 +0100)]
Revert "Rec 8020 docs fix"
Otto Moerbeek [Mon, 11 Nov 2019 11:17:42 +0000 (12:17 +0100)]
Merge pull request #8518 from omoerbeek/rec-8020-docs-fix
Rec 8020 docs fix
Otto Moerbeek [Mon, 11 Nov 2019 11:04:43 +0000 (12:04 +0100)]
Fix markup
Pieter Lexis [Mon, 11 Nov 2019 09:51:10 +0000 (10:51 +0100)]
Merge pull request #8425 from Habbie/pdnsutil-ed448
pdnsutil: correctly report ed* algo availability
Pieter Lexis [Mon, 11 Nov 2019 09:50:49 +0000 (10:50 +0100)]
Merge pull request #8436 from mind04/pdns-remove-lua
auth: remove lua backend
Pieter Lexis [Mon, 11 Nov 2019 09:50:13 +0000 (10:50 +0100)]
Merge pull request #8440 from cmouse/shadow
Fix -WShadow warnings
Pieter Lexis [Mon, 11 Nov 2019 09:49:24 +0000 (10:49 +0100)]
Merge pull request #8477 from omoerbeek/rec-enable-qname-min
rec: enable qname minimization
Otto Moerbeek [Fri, 8 Nov 2019 14:58:36 +0000 (15:58 +0100)]
Join the worker thread in the unthreaded case as well, there is actually 1 thread plus
the main thread in that case.
Otto Moerbeek [Fri, 8 Nov 2019 14:38:18 +0000 (15:38 +0100)]
sig_atomic_t is defined in signal.h
Otto Moerbeek [Fri, 8 Nov 2019 13:34:39 +0000 (14:34 +0100)]
Make threads run until asked to stop.
This is safer since the atexit handler is not ran while threads are
still active. Also, when using valgrind we get more clean leak reports.
Otto Moerbeek [Tue, 5 Nov 2019 09:04:33 +0000 (10:04 +0100)]
Typos in comments
Otto Moerbeek [Mon, 28 Oct 2019 13:54:00 +0000 (14:54 +0100)]
Enable qname minimization by default.
To be able to do that, make sure that qnames that are forwarded or
in and authzone are handled without QM. Also, some tests are dependent
on specific queries or responses, disable QM for them.
Otto Moerbeek [Fri, 8 Nov 2019 06:56:07 +0000 (07:56 +0100)]
Merge pull request #8511 from omoerbeek/rec-8020-dnssec
Rec: do RFC 8020 only if cache entry is dnssec validated
Otto Moerbeek [Wed, 6 Nov 2019 14:38:13 +0000 (15:38 +0100)]
Zap unsued code in test
Otto Moerbeek [Wed, 6 Nov 2019 13:19:12 +0000 (14:19 +0100)]
Doc tweaks
Otto Moerbeek [Wed, 6 Nov 2019 09:48:48 +0000 (10:48 +0100)]
Test case for 8020 with dnssec enabled
Otto Moerbeek [Wed, 6 Nov 2019 10:21:35 +0000 (11:21 +0100)]
Merge pull request #8510 from omoerbeek/rec-rootnszones-mthread-safe
rec: Avoid mthread race when using the set of rootNSZones.
Otto Moerbeek [Wed, 6 Nov 2019 10:15:30 +0000 (11:15 +0100)]
Avoid mthread race when using the set of rootNSZones.
Remi Gacogne [Tue, 5 Nov 2019 20:15:51 +0000 (21:15 +0100)]
Merge pull request #8509 from zeha/typos
Fix typo: settting to setting
Chris Hofstaedtler [Tue, 5 Nov 2019 20:13:56 +0000 (21:13 +0100)]
Fix typo: settting to setting
Found by Debians lintian.
Otto Moerbeek [Tue, 5 Nov 2019 13:03:19 +0000 (14:03 +0100)]
Even for HardenNXD::Yes we don't want to believe Bogus NXDOMAINs.
Otto Moerbeek [Tue, 5 Nov 2019 13:02:44 +0000 (14:02 +0100)]
Updated docs for nothing-below-nxdomain
Otto Moerbeek [Mon, 4 Nov 2019 15:57:29 +0000 (16:57 +0100)]
Less aggressive 8020: by default only cut at NXDOMAIN if the entry is Secure.
We might want to explicitly validate Inderminate records if needed.
That code is not written yet.
Peter van Dijk [Tue, 5 Nov 2019 11:50:49 +0000 (12:50 +0100)]
Merge pull request #8289 from Habbie/pdnsutil-increase-serial-inception-epoch
pdnsutil increase-serial: under SOA-EDIT=INCEPTION-EPOCH, bump as if it is EPOCH
Peter van Dijk [Tue, 5 Nov 2019 11:35:19 +0000 (12:35 +0100)]
Merge pull request #8235 from Habbie/dyn-dup-ptr
rfc2136, pdnsutil: somewhat improve duplicate record handling
Remi Gacogne [Tue, 5 Nov 2019 09:07:24 +0000 (10:07 +0100)]
Merge pull request #8492 from rgacogne/max-generate-steps
Add a parameter to limit the number of '$GENERATE' steps
Remi Gacogne [Thu, 31 Oct 2019 09:24:08 +0000 (10:24 +0100)]
rec: Disable '$GENERATE' when loading trust anchors files
Remi Gacogne [Wed, 30 Oct 2019 17:25:42 +0000 (18:25 +0100)]
rec: Enforce max-generate-steps when loading RPZ files
Remi Gacogne [Wed, 30 Oct 2019 17:24:38 +0000 (18:24 +0100)]
auth: Disable '$GENERATE' in comfun, ixfrdist, ixplore
Remi Gacogne [Thu, 31 Oct 2019 09:53:30 +0000 (10:53 +0100)]
auth: Fix compilation of comfun (ambiguous make_unique call)
Remi Gacogne [Wed, 30 Oct 2019 17:24:11 +0000 (18:24 +0100)]
Allow disabling '$GENERATE' in ZoneParserTNG
Remi Gacogne [Fri, 25 Oct 2019 14:35:37 +0000 (16:35 +0200)]
Add a parameter to limit the number of '$GENERATE' steps
Peter van Dijk [Wed, 30 Oct 2019 14:11:58 +0000 (15:11 +0100)]
casemix test: ignore SOA content because it changes every day
Peter van Dijk [Wed, 30 Oct 2019 13:28:42 +0000 (14:28 +0100)]
Merge pull request #8457 from mind04/pdns-api
auth: api: avoid a large number of new database connections
Otto Moerbeek [Wed, 30 Oct 2019 13:09:54 +0000 (14:09 +0100)]
Merge pull request #8418 from pieterlexis/deb-load-keys-from-disk
Deb: Load DNSSEC Keys from disk by default
Peter van Dijk [Wed, 30 Oct 2019 12:56:51 +0000 (13:56 +0100)]
improve code readability
Peter van Dijk [Wed, 30 Oct 2019 12:39:43 +0000 (13:39 +0100)]
document INCEPTION-EPOCH exception
Remi Gacogne [Wed, 30 Oct 2019 12:30:20 +0000 (13:30 +0100)]
Merge pull request #8488 from rgacogne/ddist-140-rc5-changelog-secpoll
dnsdist: Update secpoll zone and ChangeLog for 1.4.0-rc5
Peter van Dijk [Tue, 10 Sep 2019 10:53:29 +0000 (12:53 +0200)]
pdnsutil increase-serial: under SOA-EDIT=INCEPTION-EPOCH, bump as if it is EPOCH, fixes #8218
Peter van Dijk [Tue, 10 Sep 2019 10:46:58 +0000 (12:46 +0200)]
add clarifying comment
Remi Gacogne [Wed, 30 Oct 2019 10:19:39 +0000 (11:19 +0100)]
Merge pull request #8482 from rgacogne/rec-dnstap-clean
rec: Add generated dnstap.pb.{cc,h} to the 'clean' target
Remi Gacogne [Wed, 30 Oct 2019 10:19:28 +0000 (11:19 +0100)]
Merge pull request #8472 from rgacogne/remote-deprecated-floating_point_comparison
Remove deprecated floating_point_comparison.hpp header
Peter van Dijk [Wed, 30 Oct 2019 10:16:30 +0000 (11:16 +0100)]
Merge pull request #8489 from Habbie/circleci-small
circleci: use small resource class where possible
Peter van Dijk [Wed, 30 Oct 2019 09:00:36 +0000 (10:00 +0100)]
circleci: use small resource class where possible
Remi Gacogne [Wed, 30 Oct 2019 08:31:18 +0000 (09:31 +0100)]
dnsdist: Update secpoll zone and ChangeLog for 1.4.0-rc5
Peter van Dijk [Wed, 16 Oct 2019 23:17:33 +0000 (01:17 +0200)]
pdnsutil: correctly report ed* algo availability
Peter van Dijk [Tue, 29 Oct 2019 14:37:06 +0000 (15:37 +0100)]
Merge pull request #8483 from omoerbeek/regress-tests-pip-no-progressbar
Pipe the output of pip to cat, so it produces no progress bar
Otto Moerbeek [Tue, 29 Oct 2019 13:01:46 +0000 (14:01 +0100)]
Merge pull request #8481 from omoerbeek/rec-4.3.0-alpha2-prep
rec: 4.3.0 alpha3 prep
Otto Moerbeek [Mon, 28 Oct 2019 11:28:12 +0000 (12:28 +0100)]
Pipe the output of pip to cat, so it produces no procress bar which
looks very ugly and just fills the logs in CircleCI.
Aki Tuomi [Mon, 21 Oct 2019 09:27:01 +0000 (12:27 +0300)]
speedtest.cc: Remove duplicate rr local
speedtest.cc:603:25: warning: declaration of 'rr' shadows a previous local
Aki Tuomi [Mon, 21 Oct 2019 09:26:14 +0000 (12:26 +0300)]
webserver.hh: Rename what as what_arg
webserver.hh:128:36: warning: declaration of 'what' shadows a member of 'this'
Aki Tuomi [Mon, 21 Oct 2019 09:25:10 +0000 (12:25 +0300)]
slavecommunicator.cc: Rename notify as doNotify
rfc2136handler.cc:616:30: warning: declaration of 'forwardPacket' shadows a member of 'this'
Aki Tuomi [Mon, 21 Oct 2019 09:24:08 +0000 (12:24 +0300)]
rfc2136handler.cc: Rename forwardPacket to l_forwardPacket
rfc2136handler.cc:616:30: warning: declaration of 'forwardPacket' shadows a member of 'this'
Aki Tuomi [Mon, 21 Oct 2019 09:22:42 +0000 (12:22 +0300)]
dnsdist.hh: Rename isTCP to isTCP_
dnsdist.hh:668:147: warning: declaration of 'isTCP' shadows a member of 'this'
Aki Tuomi [Mon, 21 Oct 2019 09:10:37 +0000 (12:10 +0300)]
iputils.hh: Rename parent to pparent
iputils.hh:785:32: warning: declaration of 'parent' shadows a global declaration
Aki Tuomi [Mon, 21 Oct 2019 09:08:44 +0000 (12:08 +0300)]
pipebackend: Rename receive variable to received
coprocess.cc:161:40: warning: declaration of 'receive' shadows a member of 'this'
Aki Tuomi [Mon, 21 Oct 2019 09:07:00 +0000 (12:07 +0300)]
gmysqlbackend: Rename connect to set_connect
smysql.cc:458:13: warning: declaration of 'reconnect' shadows a member of 'this'
Aki Tuomi [Mon, 21 Oct 2019 09:05:43 +0000 (12:05 +0300)]
opendbxbackend: Rename list to domains
odbxprivate.cc:190:138: warning: declaration of 'list' shadows a member of 'this'
Aki Tuomi [Sat, 19 Oct 2019 15:15:50 +0000 (18:15 +0300)]
opensslsigners.cc: Fix parameter name
It should be msg not hash
Aki Tuomi [Sat, 19 Oct 2019 14:47:19 +0000 (17:47 +0300)]
opensslsigners.cc: Fix shadowing variables
e.g.
opensslsigners.cc:761:10: warning: declaration of ‘hash’ shadows a member of 'this' [-Wshadow]
Aki Tuomi [Sat, 19 Oct 2019 14:45:18 +0000 (17:45 +0300)]
nsecrecords.cc: Fix shadowing variables
nsecrecords.cc:79:12: warning: declaration of ‘count’ shadows a member of 'this' [-Wshadow]
nsecrecords.cc:141:12: warning: declaration of ‘count’ shadows a member of 'this' [-Wshadow]
Aki Tuomi [Sat, 19 Oct 2019 14:44:14 +0000 (17:44 +0300)]
json.hh: Fix shadowing arg
json.hh:39:42: warning: declaration of ‘what’ shadows a member of 'this' [-Wshadow]
Otto Moerbeek [Tue, 29 Oct 2019 09:00:19 +0000 (10:00 +0100)]
Minor corrections as suggested by rgacogne
Otto Moerbeek [Mon, 28 Oct 2019 20:38:25 +0000 (21:38 +0100)]
Merge pull request #8480 from omoerbeek/rec-do-not-wipe-root
rec: Do not wipe . NS records from cache
Remi Gacogne [Mon, 28 Oct 2019 17:56:54 +0000 (18:56 +0100)]
rec: Add generated dnstap.pb.{cc,h} to the 'clean' target
Otto Moerbeek [Mon, 28 Oct 2019 16:27:23 +0000 (17:27 +0100)]
And alpha3 in secpoll
Otto Moerbeek [Mon, 28 Oct 2019 16:20:34 +0000 (17:20 +0100)]
Move to alpha3, since alpha2 contains a last-mintue introduced error.
Otto Moerbeek [Mon, 28 Oct 2019 15:57:46 +0000 (16:57 +0100)]
It is better to make sure . entries are not added to the set.
Otto Moerbeek [Mon, 28 Oct 2019 15:35:43 +0000 (16:35 +0100)]
Do not wipe . NS; this can happen with custom hint files that are
used by regression tests.
Otto Moerbeek [Mon, 28 Oct 2019 13:22:35 +0000 (14:22 +0100)]
Prep for rec-4.3.0-alpha2
Otto Moerbeek [Mon, 28 Oct 2019 13:52:09 +0000 (14:52 +0100)]
Merge pull request #8470 from omoerbeek/rec-prime-root-servers-ns
rec: prime NS records of root-servers.net parent (.net)
Otto Moerbeek [Mon, 28 Oct 2019 13:42:43 +0000 (14:42 +0100)]
Merge pull request #8476 from rgacogne/rec-doc-max-concurrent-requests-per-tcp-connection
rec: Fix max-concurrent-requests-per-tcp-connection's underline
Remi Gacogne [Mon, 28 Oct 2019 13:39:39 +0000 (14:39 +0100)]
rec: Fix max-concurrent-requests-per-tcp-connection's underline
Otto Moerbeek [Mon, 28 Oct 2019 13:23:47 +0000 (14:23 +0100)]
Merge pull request #8473 from omoerbeek/rec-ooo-test-fix
rec: Fix OOO tests on CircleCI and enable DNSSEC for them as well.
Otto Moerbeek [Mon, 28 Oct 2019 12:58:01 +0000 (13:58 +0100)]
Wipe entry form cache before getting a new one to make sure we
actually get fresh records.
Otto Moerbeek [Mon, 28 Oct 2019 10:58:07 +0000 (10:58 +0000)]
Fix OOO tests on CircleCI and enable DNSSEC for them as well.
CircleCI is running a recursor on 127.0.0.11 and redirects packets to it,
eating the packets that were targeted for the test auth on 127.0.0.11.
Remi Gacogne [Mon, 28 Oct 2019 09:25:11 +0000 (10:25 +0100)]
Merge pull request #8439 from cmouse/geoip-netmask
geoipbackend: Use Netmask instead of string
Otto Moerbeek [Sun, 27 Oct 2019 07:35:39 +0000 (08:35 +0100)]
Merge pull request #8469 from omoerbeek/auth-illegal-to-invalid
Illegal -> Invalid
Remi Gacogne [Sat, 26 Oct 2019 21:44:06 +0000 (23:44 +0200)]
Merge pull request #8466 from rgacogne/ddist-add-prometheus-test
dnsdist: Add regression tests for our prometheus export
Remi Gacogne [Sat, 26 Oct 2019 21:43:47 +0000 (23:43 +0200)]
Merge pull request #8465 from rgacogne/ddist-prometheus-rename-frontend
dnsdist: Rename the 'address' label to 'frontend' for DoH metrics
Remi Gacogne [Sat, 26 Oct 2019 21:14:42 +0000 (23:14 +0200)]
Merge pull request #8471 from rgacogne/ddist-du-refcount-ids
dnsdist: Increment the DOHUnit ref count when it's set in the IDState
Remi Gacogne [Sat, 26 Oct 2019 16:47:49 +0000 (18:47 +0200)]
dnsdist: Fix a race condition in the DOHUnit reference counter
It was based on the reference counter used for the DOHAcceptContext
where thread safety was never an issue because those objects are
not shared between threads, but DOHUnit are.
Remi Gacogne [Fri, 25 Oct 2019 19:37:32 +0000 (21:37 +0200)]
dnsdist: Increment the DOHUnit ref count when it's set in the IDState
We need to increment the reference counter even before sending the
query to the backend, as soon as we copy a reference into the IDState.
Because:
- that makes sense anyway, we are storing a new copy ;
- otherwise, in the unlikely event where we reuse the IDState before
the query has been sent to the backend we might free the DOHUnit
before the reference counter has been incremented and cause a
double-free.
Remi Gacogne [Fri, 25 Oct 2019 15:50:25 +0000 (17:50 +0200)]
Remove deprecated floating_point_comparison.hpp header