]>
git.ipfire.org Git - thirdparty/pdns.git/log
Peter van Dijk [Fri, 29 Jan 2021 21:28:16 +0000 (22:28 +0100)]
gh actions: build Docker images
Remi Gacogne [Fri, 29 Jan 2021 11:46:01 +0000 (12:46 +0100)]
Merge pull request #9997 from rgacogne/ddist-concurrent-conns
dnsdist: Limit the number of concurrent console and web connections
Remi Gacogne [Fri, 29 Jan 2021 10:24:30 +0000 (11:24 +0100)]
dnsdist: Add unit tests for the connection management code
Remi Gacogne [Thu, 21 Jan 2021 13:43:37 +0000 (14:43 +0100)]
dnsdist: Limit the number of concurrent web connections
Remi Gacogne [Thu, 21 Jan 2021 12:58:29 +0000 (13:58 +0100)]
dnsdist: Limit the number of concurrent console connections
Remi Gacogne [Thu, 28 Jan 2021 11:09:16 +0000 (12:09 +0100)]
Merge pull request #9950 from pieterlexis/maxtcpclient-error
dnsdist: Improve error with a hint on how to fix it
Pieter Lexis [Tue, 12 Jan 2021 08:58:50 +0000 (09:58 +0100)]
ddist: improve error with a hint on how to fix it
Remi Gacogne [Thu, 28 Jan 2021 09:26:12 +0000 (10:26 +0100)]
Merge pull request #10011 from pieterlexis/ddist-doc-deprecation
dnsdist: clean up docs for 1.6.0
Otto Moerbeek [Wed, 27 Jan 2021 16:28:17 +0000 (17:28 +0100)]
Merge pull request #10023 from omoerbeek/dnsdist-vdt-BasicQPSLimiter
dnsdist: Silence clang 12 warning
Otto Moerbeek [Wed, 27 Jan 2021 15:52:28 +0000 (16:52 +0100)]
Title underline too short
Otto Moerbeek [Wed, 27 Jan 2021 15:35:21 +0000 (16:35 +0100)]
Merge pull request #10004 from omoerbeek/rec-2038-unit-tests
rec: fix recursor caches to handle timestamps > 2038
Otto [Wed, 27 Jan 2021 15:22:14 +0000 (16:22 +0100)]
Silence clang 12 warning: destructor called on non-final 'QPSLimiter' that has virtual
functions but non-virtual destructor
Otto Moerbeek [Wed, 27 Jan 2021 14:25:09 +0000 (15:25 +0100)]
Merge pull request #10014 from omoerbeek/rec-validate-after-2038
Rec: validate signatures after 2038 and more
Otto Moerbeek [Wed, 27 Jan 2021 14:24:01 +0000 (15:24 +0100)]
Use named qtype
Co-authored-by: Remi Gacogne <rgacogne+github@valombre.net>
Pieter Lexis [Tue, 26 Jan 2021 11:14:11 +0000 (12:14 +0100)]
Remove functions deprecated before 1.4.0
Pieter Lexis [Tue, 26 Jan 2021 11:11:33 +0000 (12:11 +0100)]
remove all pre-1.4.0 versionchanged tags
Pieter Lexis [Tue, 26 Jan 2021 11:08:56 +0000 (12:08 +0100)]
remove all pre-1.4.0 versionadded tags
Otto Moerbeek [Wed, 27 Jan 2021 12:23:05 +0000 (13:23 +0100)]
Merge pull request #10020 from omoerbeek/rec-taskqueue-metrics
rec: Document taskqueue metrics and add them to SNMP MIB
Otto Moerbeek [Wed, 27 Jan 2021 10:42:44 +0000 (11:42 +0100)]
Merge pull request #10019 from omoerbeek/rec-dnssec-cd-docs
rec: Document CD bit better, reference detailed DNSSEC docs from settings
Otto [Wed, 27 Jan 2021 10:30:12 +0000 (11:30 +0100)]
Typos and spelling
Otto [Wed, 27 Jan 2021 10:19:41 +0000 (11:19 +0100)]
Document taskqueue metrics and add them to SNMP MIB
Otto [Wed, 27 Jan 2021 08:46:16 +0000 (09:46 +0100)]
Document CD bit better, reference detailed DNSSEC docs from settings
and reformat two item lists.
Remi Gacogne [Wed, 27 Jan 2021 08:41:24 +0000 (09:41 +0100)]
Merge pull request #10015 from rgacogne/ddist-nmg-exclude
dnsdist: Accept a NMG to fill DynBlockRulesGroup ranges
Remi Gacogne [Tue, 26 Jan 2021 16:39:00 +0000 (17:39 +0100)]
dnsdist: Accept a NMG to fill DynBlockRulesGroup ranges
Remi Gacogne [Tue, 26 Jan 2021 15:59:21 +0000 (16:59 +0100)]
Merge pull request #9974 from rgacogne/ddist-rename-non-terminal-actions
dnsdist: Unify non-terminal actions as SetXXXAction()
Otto [Tue, 26 Jan 2021 14:54:23 +0000 (15:54 +0100)]
Allow testing at a specific point in time for SyncRes and primeHints.
Use this to test various signature validation cases at interesting
moments in time. Beyond 2106 fails atm.
Otto [Tue, 26 Jan 2021 14:53:18 +0000 (15:53 +0100)]
Mention rfc4034.tx in comments, marking the spots something has to be done in the future.
Remi Gacogne [Tue, 26 Jan 2021 13:41:04 +0000 (14:41 +0100)]
Merge pull request #9998 from rgacogne/dnsdist-aligned-atomics
dnsdist: aligned atomics
Remi Gacogne [Tue, 26 Jan 2021 13:06:57 +0000 (14:06 +0100)]
Merge pull request #10012 from rgacogne/ddist-fix-edns-servfail-no-server
dnsdist: Fix EDNS in ServFail generated when no server is available
Remi Gacogne [Tue, 26 Jan 2021 11:53:59 +0000 (12:53 +0100)]
dnsdist: Fix EDNS in ServFail generated when no server is available
Remi Gacogne [Tue, 26 Jan 2021 11:43:12 +0000 (12:43 +0100)]
dnsdist: Fix issues and comments from the code review
Otto [Tue, 26 Jan 2021 10:02:34 +0000 (11:02 +0100)]
Formatting
Remi Gacogne [Thu, 14 Jan 2021 15:34:28 +0000 (16:34 +0100)]
dnsdist: Unify non-terminal actions as SetXXXAction()
Remi Gacogne [Tue, 26 Jan 2021 09:07:25 +0000 (10:07 +0100)]
Merge pull request #9999 from rgacogne/ddist-qps-cache-hits
dnsdist: Don't apply QPS to backend server on cache hits
Remi Gacogne [Tue, 26 Jan 2021 08:44:11 +0000 (09:44 +0100)]
dnsdist: Fix source files order in Makefile.am
Pieter Lexis [Mon, 25 Jan 2021 15:14:54 +0000 (16:14 +0100)]
Merge pull request #10003 from pieterlexis/rec-spec-fixes
Two spec-file fixes for the recursor
Otto [Mon, 25 Jan 2021 15:11:21 +0000 (16:11 +0100)]
Basic test for negcache.
This one seems to be safe from code inspection. All timestamps are time_t.
Pieter Lexis [Mon, 25 Jan 2021 09:43:25 +0000 (10:43 +0100)]
rec rpms: pull in fstrm unconditionally
Otto [Mon, 25 Jan 2021 12:44:42 +0000 (13:44 +0100)]
More elaborate unit tests for recursor cache and fix implemantation.
There remain cases where a time_t is assigned to a uint32_t. This is wrong
but cannot be avoided atm due to swicthing back and forth between ttl and ttd
in records. This will cause trouble when time causes uint32_t to wrap.
Otto [Mon, 25 Jan 2021 10:00:53 +0000 (11:00 +0100)]
Add/modify test so the timestamps involved pass the 2038 high cliff.
Recursor cache one is currently failing, a few functions return
int32_t instead of time_t.
Pieter Lexis [Mon, 25 Jan 2021 09:43:06 +0000 (10:43 +0100)]
rec rpms: stop pulling in protobuf build depends
Pieter Lexis [Fri, 22 Jan 2021 13:36:39 +0000 (14:36 +0100)]
Merge pull request #10001 from wopfel/carbon_instance_help_text
Fix help text for carbon-instance
Otto Moerbeek [Fri, 22 Jan 2021 13:15:18 +0000 (14:15 +0100)]
Merge pull request #9996 from pieterlexis/rec-rfc6761-localhost
rec: treat the .localhost domain as special
Bernd Arnold [Fri, 22 Jan 2021 12:11:08 +0000 (13:11 +0100)]
Fix help text for carbon-instance
"the the"
When running `pdns_recursor --help`, or `pdns_server --help`:
--carbon-instance=...
If set overwrites the the instance name default
Remi Gacogne [Thu, 21 Jan 2021 16:25:51 +0000 (17:25 +0100)]
dnsdist: Don't apply QPS to backend server on cache hits
Otto Moerbeek [Fri, 11 Sep 2020 09:53:15 +0000 (11:53 +0200)]
Separate out stat_h into a .hh file and make it a template in the pdns namespace.
Otto Moerbeek [Wed, 9 Sep 2020 12:34:51 +0000 (14:34 +0200)]
Use atomics aligned to CPU_LEVEL1_DCACHE_LINESIZE for stats
Pieter Lexis [Thu, 21 Jan 2021 10:10:19 +0000 (11:10 +0100)]
rec: treat the .localhost domain as special
This satisfies the SHOULD in RFC6761 section 6.3 point 4.
Remi Gacogne [Wed, 20 Jan 2021 10:54:09 +0000 (11:54 +0100)]
Merge pull request #9993 from rgacogne/ddist-offensive-terms
dnsdist: Replace offensive terms in our code and documentation
Remi Gacogne [Wed, 20 Jan 2021 09:50:39 +0000 (10:50 +0100)]
Merge pull request #9991 from rgacogne/ddist-notimp-empty-queries
dnsdist: Send a NotImp answer on empty (qdcount=0) queries
Remi Gacogne [Wed, 20 Jan 2021 09:48:25 +0000 (10:48 +0100)]
Merge pull request #9992 from rgacogne/ddist-rule-truncated-counters
dnsdist: Add a counter for queries truncated because of a rule
Remi Gacogne [Wed, 20 Jan 2021 09:45:15 +0000 (10:45 +0100)]
dnsdist: Replace offensive terms in our code and documentation
Remi Gacogne [Tue, 19 Jan 2021 18:23:46 +0000 (19:23 +0100)]
dnsdist: Add a counter for queries truncated because of a rule
Remi Gacogne [Tue, 19 Jan 2021 15:33:21 +0000 (16:33 +0100)]
dnsdist: Send a NotImp answer on empty (qdcount=0) queries
Remi Gacogne [Tue, 19 Jan 2021 10:00:53 +0000 (11:00 +0100)]
Merge pull request #9957 from rgacogne/ddist-tcp-worker-threads
dnsdist: Start all TCP worker threads on startup
Remi Gacogne [Tue, 19 Jan 2021 10:00:22 +0000 (11:00 +0100)]
Merge pull request #9972 from rgacogne/ddist-stats-no-auth
dnsdist: Deprecate parameters to webserver(), add 'statsRequireAuthentication' parameter
Remi Gacogne [Tue, 19 Jan 2021 09:59:31 +0000 (10:59 +0100)]
Merge pull request #9984 from rgacogne/ddist-dynblock-response-count-as-query
dnsdist: Add a test for "Dynamic Block RCode rules messing up the queries count"
Remi Gacogne [Tue, 19 Jan 2021 09:59:14 +0000 (10:59 +0100)]
Merge pull request #9989 from rgacogne/ddist-named-facilities
dnsdist: Handle syslog facility as string, document the numerical one
Remi Gacogne [Tue, 19 Jan 2021 09:58:34 +0000 (10:58 +0100)]
Merge pull request #9986 from rgacogne/ddist-cert-ocsp-reloading
dnsdist: Add regression tests for certificates and OCSP reloading
Remi Gacogne [Mon, 18 Jan 2021 16:55:24 +0000 (17:55 +0100)]
dnsdist: Handle syslog facility as string, document the numerical one
Remi Gacogne [Mon, 18 Jan 2021 14:41:10 +0000 (15:41 +0100)]
dnsdist: Add regression tests for certificates and OCSP reloading
Peter van Dijk [Mon, 18 Jan 2021 10:55:57 +0000 (11:55 +0100)]
Merge pull request #9885 from RobinGeuze/clearLMDBCacheMaster
Clear the LMDB set state when performing a new lookup or list to prevent corruption cases
Remi Gacogne [Mon, 18 Jan 2021 10:19:56 +0000 (11:19 +0100)]
dnsdist: Add a debugging function to load a grepq into the rings
Remi Gacogne [Mon, 18 Jan 2021 10:19:40 +0000 (11:19 +0100)]
dnsdist: Add a test for "Dynamic Block RCode rules messing up the queries count"
Peter van Dijk [Mon, 18 Jan 2021 07:52:49 +0000 (08:52 +0100)]
Merge pull request #9966 from Habbie/auth-4.4-docs-ipseckey
auth upgrade notes: IPSECKEY did not make it into 4.4
Remi Gacogne [Mon, 18 Jan 2021 07:19:43 +0000 (08:19 +0100)]
Merge pull request #9962 from rgacogne/ddist-doh-sub-paths
dnsdist: Add an option to allow sub-paths for DoH
Remi Gacogne [Mon, 18 Jan 2021 07:19:09 +0000 (08:19 +0100)]
Merge pull request #9976 from rgacogne/ddist-more-dynblock-unit-tests
dnsdist: More tests for the dynamic block's sliding window
Peter van Dijk [Sat, 16 Jan 2021 19:32:59 +0000 (20:32 +0100)]
Merge pull request #9959 from omoerbeek/rec-docs-plusassign
rec: Mention += in the docs plus an example
Peter van Dijk [Sat, 16 Jan 2021 19:27:33 +0000 (20:27 +0100)]
Merge pull request #9969 from zeha/doc-nit-alias
auth: Document resolver setting
Peter van Dijk [Sat, 16 Jan 2021 19:26:40 +0000 (20:26 +0100)]
Merge pull request #9975 from aerique/feature/add-rec-45-to-repo-script
Add rec-45 to repo test script.
Peter van Dijk [Sat, 16 Jan 2021 19:25:12 +0000 (20:25 +0100)]
Merge pull request #9981 from franklouwers/feature/update-lmdb-schema-docs
Document LMDB backend schema versions
Otto Moerbeek [Sat, 16 Jan 2021 19:23:48 +0000 (20:23 +0100)]
Merge pull request #9983 from omoerbeek/dist-tar-ustar
Move to ustar format for dist tarballs.
Peter van Dijk [Sat, 16 Jan 2021 19:22:49 +0000 (20:22 +0100)]
Merge pull request #9979 from omoerbeek/calidns-msg_iovlen-type
Some platforms actually have an unsigned msghdr.msg_iovlen even though Posix says it should be an int.
Otto Moerbeek [Sat, 16 Jan 2021 16:51:10 +0000 (17:51 +0100)]
Merge pull request #9982 from omoerbeek/rm-c++17
Rm c++17
Otto [Sat, 16 Jan 2021 14:00:09 +0000 (15:00 +0100)]
Move to ustar format for dnsdist dist tarball.
Pre-Posix format has too low limit on path length that might
get hit on long branch names.
Otto Moerbeek [Fri, 15 Jan 2021 12:56:36 +0000 (12:56 +0000)]
Addding re2 flags wil break c++17, so override
Frank Louwers [Fri, 15 Jan 2021 19:55:22 +0000 (20:55 +0100)]
Update docs/backends/lmdb.rst
Co-authored-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Frank Louwers [Fri, 15 Jan 2021 19:50:49 +0000 (20:50 +0100)]
Document LMDB backend schema versions
Otto [Fri, 15 Jan 2021 14:59:06 +0000 (15:59 +0100)]
Some platforms actually have an unsigned msghdr.msg_iovlen even
though Posix says it should be an int.
So use the power of C++ to make the var the same type as msghdr.msg_iovlen.
Peter van Dijk [Fri, 15 Jan 2021 14:26:46 +0000 (15:26 +0100)]
Merge pull request #9978 from Habbie/configure-sanitizers
auth, rec, dnsdist: always show sanitizers in C[XX]FLAGS in configure output
Otto [Fri, 15 Jan 2021 14:16:30 +0000 (15:16 +0100)]
Refer to EOL policy
Peter van Dijk [Fri, 15 Jan 2021 12:39:42 +0000 (13:39 +0100)]
auth, rec, dnsdist: always show sanitizers in C[XX]FLAGS in configure output
Otto [Fri, 15 Jan 2021 11:37:12 +0000 (12:37 +0100)]
Now that configure adds the -std= flag always, we can stop specifying it manually
Remi Gacogne [Fri, 15 Jan 2021 11:01:30 +0000 (12:01 +0100)]
dnsdist: More tests for the dynamic block's sliding window
Check that we do not look at queries older than our sliding window,
but also that we correctly trigger a block with a huge peak of
queries not followed by any more queries.
Erik Winkels [Fri, 15 Jan 2021 10:08:13 +0000 (11:08 +0100)]
Remove `rec-41` from repo test script.
Otto Moerbeek [Fri, 15 Jan 2021 10:01:40 +0000 (11:01 +0100)]
Merge pull request #9971 from omoerbeek/rec-prep-450-alpha1
rec: Prep for rec-4.5.0-alpha1
Erik Winkels [Fri, 15 Jan 2021 09:59:14 +0000 (10:59 +0100)]
Add rec-45 to repo test script.
Peter van Dijk [Wed, 13 Jan 2021 08:38:12 +0000 (09:38 +0100)]
auth upgrade notes: IPSECKEY did not make it into 4.4
Peter van Dijk [Thu, 14 Jan 2021 10:20:03 +0000 (11:20 +0100)]
auth lmdb: do not reuse backend that has seen corrupted data
Robin Geuze [Wed, 16 Dec 2020 19:45:37 +0000 (20:45 +0100)]
Clear the LMDB set state when performing a new lookup or list to prevent corruption cases
Remi Gacogne [Thu, 14 Jan 2021 08:21:01 +0000 (09:21 +0100)]
Merge pull request #9960 from rgacogne/ddist-skip-cache-response-action
dnsdist: Add SkipCacheResponseAction
Remi Gacogne [Thu, 14 Jan 2021 08:20:25 +0000 (09:20 +0100)]
Merge pull request #9970 from rgacogne/rec-expanded-wildcard-nsec-ttl
rec: Account for the NSEC(3) denial TTL in expanded wildcard answers
Remi Gacogne [Thu, 14 Jan 2021 08:18:16 +0000 (09:18 +0100)]
dnsdist: Replace tabs with whitespaces in 'webserver()'
Remi Gacogne [Wed, 13 Jan 2021 17:35:02 +0000 (18:35 +0100)]
dnsdist: Deprecate parameters to webserver(), add 'statsRequireAuthentication' parameter
This PR deprecates the use of additional parameters with `webserver()`,
as the syntax is confusing and could lead to believe that the parameters
are per-instance while they actually are global.
Also implements an additional 'statsRequireAuthentication' parameter
to allow scraping the statistics without any kind of authentication,
which is useful to Prometheus setups with dynamic service discovery.
Otto [Wed, 13 Jan 2021 14:30:21 +0000 (15:30 +0100)]
Process review comments
Remi Gacogne [Wed, 13 Jan 2021 14:24:37 +0000 (15:24 +0100)]
rec: Test that we correctly cap the answer's TTL in expanded wildcard cases
Otto Moerbeek [Wed, 13 Jan 2021 13:07:14 +0000 (14:07 +0100)]
Merge pull request #9968 from omoerbeek/rec-cache-coverity-origttl
rec: As found by coverity, origTTL can be left uninitialized if all the entries found are expired.
Otto [Wed, 13 Jan 2021 12:46:37 +0000 (13:46 +0100)]
Start of upgrade guide for 4.5.0
Otto [Wed, 13 Jan 2021 11:42:50 +0000 (12:42 +0100)]
Prep for rec-4.5.0-alpha1
Remi Gacogne [Wed, 13 Jan 2021 11:10:03 +0000 (12:10 +0100)]
rec: Account for the NSEC(3) denial TTL in expanded wildcard answers