]>
git.ipfire.org Git - thirdparty/pdns.git/log
Otto Moerbeek [Fri, 25 Aug 2023 12:08:36 +0000 (14:08 +0200)]
Include cstdint in mtasker_ucontext.cc, noted by @zeha
(cherry picked from commit
bbf76a06de324da40302d51850c7c475e465cb3a )
Otto Moerbeek [Wed, 23 Aug 2023 07:54:35 +0000 (09:54 +0200)]
Merge pull request #13163 from omoerbeek/backport-13071-to-rec-4.9.x
Backport 13071 to rec 4.9.x: Fix code producing json
Otto Moerbeek [Wed, 23 Aug 2023 07:29:19 +0000 (09:29 +0200)]
Merge pull request #13161 from omoerbeek/backport-13106-to-rec-4.9.x
rec: Backport 13106 to rec 4.9.x: replace data in the aggressive cache if new data becomes available
Otto Moerbeek [Wed, 23 Aug 2023 07:29:04 +0000 (09:29 +0200)]
Merge pull request #13160 from omoerbeek/backport-13151-to-rec-4.9.x
rec: Backport 13151 to rec-4.9.x: Fix a few typos.
Otto Moerbeek [Wed, 23 Aug 2023 06:53:40 +0000 (08:53 +0200)]
Merge pull request #13159 from omoerbeek/backport-13105-to-rec-4.9.x
rec: Backport 13105 to rec 4.9.x: (I)XFR: handle partial read of len prefix
Otto Moerbeek [Mon, 31 Jul 2023 13:51:31 +0000 (15:51 +0200)]
Skip smileys for now, they take 4 bytes to encode and out current mysql
schema has 'utf8', which only handles 3 bytes max, should be changed to
utf8mb4 one day.
(cherry picked from commit
93ad866b4e2f4afb017e8b3b08041598a2378ea5 )
Otto Moerbeek [Mon, 31 Jul 2023 12:44:13 +0000 (14:44 +0200)]
Test a few non-ASCII chars in comments
(cherry picked from commit
56726eb113ab135ec890e79e94c0393986e9edad )
Otto Moerbeek [Wed, 26 Jul 2023 07:35:05 +0000 (09:35 +0200)]
Add a few testcases for "incomplete" URLs
(cherry picked from commit
7ab40a80547d112914b71919d8f4aa14cc24b047 )
Otto Moerbeek [Fri, 21 Jul 2023 12:23:02 +0000 (14:23 +0200)]
Check all chars in the URL are valid URL chars.
Should probably (also) be done in YaHTTP::URL, though currently the
return value of YaHTTP::URL::parse() is completely ignored, so
there is no easy way to do.
(cherry picked from commit
35eb2fcffa40e7f70b716e99158efe72a0e864d9 )
Otto Moerbeek [Fri, 21 Jul 2023 11:43:57 +0000 (13:43 +0200)]
Implement recomendationm from #13050: step 1
Revert #12660
(cherry picked from commit
26f5d6058d8b0cf4ad2f8da729cb906796c297a0 )
Otto Moerbeek [Wed, 9 Aug 2023 11:45:12 +0000 (13:45 +0200)]
Make clang-tidy happy
(cherry picked from commit
993712a13a3b4d9faf7c4298412fbd2a6b3a7761 )
Otto Moerbeek [Tue, 8 Aug 2023 10:15:00 +0000 (12:15 +0200)]
rec: replace data in the aggressive cache if it becomes available
Currently, new data does not get recorded into the aggressive cache
if there's an existing entry that matches. Together with the fact
that in some cases pruning can be unfair (it scans the zones
always in the same order and stops clearing when it has reached the
goal) and/or not very active (when the recursor is lighlty loaded)
this has the consequence that old expired records can remain in
the cache that prevent new data to be recorded and used.
(cherry picked from commit
93b25e9613f252bc1798975dc1f7a475400f2996 )
Andreas Jakum [Thu, 17 Aug 2023 13:24:05 +0000 (15:24 +0200)]
Fix a few typos.
(cherry picked from commit
84d2423481cff98765c482964d11ef828a2774d2 )
Otto Moerbeek [Wed, 9 Aug 2023 08:09:36 +0000 (10:09 +0200)]
remove redundant assignment
(cherry picked from commit
8d3ab63b412fb4b9fd8732af47a5d1c18ba7e786 )
Peter van Dijk [Mon, 7 Aug 2023 17:13:36 +0000 (19:13 +0200)]
IXFR client: handle partial reads of the TCP chunk length header, plus:
* add primarySOACount to exception text
* add indicator of current state to exception text
* a test
(cherry picked from commit
8faf5a90992b2613cf5999c8dd5e26b0025050b7 )
Peter van Dijk [Mon, 7 Aug 2023 17:13:11 +0000 (19:13 +0200)]
Otto Moerbeek [Mon, 31 Jul 2023 16:10:09 +0000 (18:10 +0200)]
Merge pull request #13057 from omoerbeek/rec-backport-13021-to-rec-4.9.x
rec: Backport 13021 to rec-4.9.x: fix setting of policy tags
Otto Moerbeek [Thu, 20 Jul 2023 13:33:36 +0000 (15:33 +0200)]
Backport #13059: Don't check TTLs of records coming out of packet cache
Otto Moerbeek [Thu, 20 Jul 2023 09:42:23 +0000 (11:42 +0200)]
rec: Backport 13021 to rec-4.9.x: fix setting of policy tags
Backport of #13021
Otto Moerbeek [Mon, 10 Jul 2023 08:56:31 +0000 (10:56 +0200)]
Merge pull request #12995 from omoerbeek/backport-12961-to-rec-4.9.x
rec: Backport 12961 to rec-4.9.x: Work around Red Hat 8 pooping the bed in OpenSSL's headers
Otto Moerbeek [Mon, 10 Jul 2023 08:56:18 +0000 (10:56 +0200)]
Merge pull request #12994 from omoerbeek/backport-12935-to-rec-4.9.x
rec: backport of 12935 to rec-4.9.x: Stop using the now deprecated ERR_load_CRYPTO_strings() to detect OpenSSL
Remi Gacogne [Wed, 28 Jun 2023 13:23:35 +0000 (15:23 +0200)]
Work around Red Hat 8 pooping the bed in OpenSSL's headers
The openssl/kdf.h header on EL8 is invalid because someone backported
a work-in-progress feature to an older OpenSSL branch and did not
bother to backport the fixes that were added later.
Red Hat declined to fix their mess and helpfully suggested we do the
work instead in https://bugzilla.redhat.com/show_bug.cgi?id=
2215856
(cherry picked from commit
3dabf2d4a1a478fb00a232259e8043f075eb4d03 )
Remi Gacogne [Wed, 21 Jun 2023 12:58:15 +0000 (14:58 +0200)]
Stop using the now deprecated ERR_load_CRYPTO_strings() to detect OpenSSL
And move to BN_new() instead, which has been present since at least
0.9.6 and is still in 3.1.
(cherry picked from commit
9fcef4932c9323b085984f8a087045fef70103f5 )
Otto Moerbeek [Thu, 29 Jun 2023 13:37:46 +0000 (15:37 +0200)]
Merge pull request #12968 from omoerbeek/backport-12963-to-rec-4.9.x
rec: Backport 12963 to rec 4.9.x: fix qname length getting out-of-sync with qname-minimization iteration count
Otto Moerbeek [Thu, 29 Jun 2023 07:31:46 +0000 (09:31 +0200)]
rec: fix qname length getting out-of-sync with qname-minimization iteration count
Approach two: fall back to non-QM mode if loop detected
Fixes #12956
(cherry picked from commit
7b9450932da11f34a8a729b7b7e47202276fff5f )
Otto Moerbeek [Mon, 26 Jun 2023 10:35:03 +0000 (12:35 +0200)]
Merge pull request #12936 from omoerbeek/backport-12933-to-rec-4.9.x
rec: Backport 12933 to rec 4.9.x: rewrite and fix verifyOne() loop
Otto Moerbeek [Mon, 26 Jun 2023 10:34:49 +0000 (12:34 +0200)]
Merge pull request #12932 from omoerbeek/backport-12836-to-rec-4.9.x
rec: Backport 12928 to rec-4.9.x: fix daemonize()
Otto Moerbeek [Wed, 21 Jun 2023 11:17:01 +0000 (13:17 +0200)]
Typo inc omment
Co-authored-by: Remi Gacogne <github@coredump.fr>
(cherry picked from commit
da6a2d87c8d8cfe49dc6eda3481b82f8faf5a832 )
Otto Moerbeek [Wed, 21 Jun 2023 08:43:26 +0000 (10:43 +0200)]
Followup to #12893: Rewrite and fix verifyOne() loop
Previous version could return true if the first iteration succeeded, but
the second one threw. Spotted by pt01 on IRC.
(cherry picked from commit
891f17371c4e1007f91abb4695c4b0e95c3f2995 )
Otto Moerbeek [Wed, 21 Jun 2023 08:24:45 +0000 (10:24 +0200)]
rec: Backport of 12928 to rec-4.9.x: fix daemonize()
Otto Moerbeek [Tue, 13 Jun 2023 07:07:59 +0000 (09:07 +0200)]
Merge pull request #12907 from omoerbeek/rec-specialize-4.9.x-branch
rec-4.9.x: specialize GH workflows for branch
Otto Moerbeek [Mon, 12 Jun 2023 12:28:37 +0000 (14:28 +0200)]
rec-4.9.x: specialize GH workflows for branch
Otto Moerbeek [Mon, 12 Jun 2023 11:49:37 +0000 (13:49 +0200)]
Merge pull request #12904 from omoerbeek/rec-gid_t-uid_t-can-be-unsigned
rec: uid_t and gid_t can be unsigned, so doing > on an -1 value is tricky
Otto Moerbeek [Mon, 12 Jun 2023 11:49:22 +0000 (13:49 +0200)]
Merge pull request #12906 from omoerbeek/rec-sdjournal-escape
rec: systemd-journal backend: escape keys that are special
Otto Moerbeek [Mon, 12 Jun 2023 11:48:51 +0000 (13:48 +0200)]
Merge pull request #12893 from omoerbeek/rec-dnssec-alg-setting
rec: add feature to switch off unsupported DNSSEC algos
Otto Moerbeek [Wed, 7 Jun 2023 11:11:33 +0000 (13:11 +0200)]
Tidy and process review comments
Remi Gacogne [Mon, 12 Jun 2023 09:49:26 +0000 (11:49 +0200)]
Merge pull request #12905 from rgacogne/ddist-async-test-racy
dnsdist: Remove a racy test in the AsynchronousHolder unit tests
Peter van Dijk [Mon, 12 Jun 2023 09:41:29 +0000 (11:41 +0200)]
Merge pull request #12881 from Habbie/dispatch-bookworm
builder-dispatch: add debian-bookworm target to defaults
Otto Moerbeek [Mon, 12 Jun 2023 09:22:56 +0000 (11:22 +0200)]
Merge pull request #12900 from omoerbeek/rec-serve-stale-dup-cname
rec: Prevent duplicate C/DNAMEs being included when doing serve-stale
Otto Moerbeek [Mon, 12 Jun 2023 09:02:02 +0000 (11:02 +0200)]
Don't double print and delint
Remi Gacogne [Mon, 12 Jun 2023 09:04:51 +0000 (11:04 +0200)]
dnsdist: Remove a racy test in the AsynchronousHolder unit tests
We are adding an expired event so the worker thread of the
AsynchronousHolder can pick it up immediately, even before we come
back from the call to push(), which leads to a racy test.
This was observed on GitHub Actions when running with TSAN:
```
FAIL: testrunner
================
Running 170 test cases...
test-dnsdistasync.cc(156): error: in "test_dnsdistasync/test_AddingExpiredEvent": check !holder->empty() has failed
*** 1 failure is detected in the test module "unit"
FAIL testrunner (exit status: 201)
```
Otto Moerbeek [Mon, 12 Jun 2023 09:03:50 +0000 (11:03 +0200)]
Merge pull request #12896 from omoerbeek/rec-nod-metrics
rec: expose NOD/UDR metrics
Otto Moerbeek [Mon, 12 Jun 2023 08:41:02 +0000 (10:41 +0200)]
rec: uid_t and gid_t can be unsigned, so doing > on and -1 value is tricky
Otto Moerbeek [Mon, 12 Jun 2023 08:35:34 +0000 (10:35 +0200)]
Merge pull request #12883 from omoerbeek/rec-rpz-soa
rec: add SOA to RPZ modified answers if configured to do so
Otto Moerbeek [Mon, 12 Jun 2023 08:33:47 +0000 (10:33 +0200)]
delint
Otto Moerbeek [Mon, 12 Jun 2023 08:14:03 +0000 (10:14 +0200)]
Process review comments
Remi Gacogne [Mon, 12 Jun 2023 08:10:20 +0000 (10:10 +0200)]
Merge pull request #12840 from phonedph1/patch-39
Update dnsdist-console.cc
Otto Moerbeek [Mon, 12 Jun 2023 07:08:10 +0000 (09:08 +0200)]
Add tests to see if CNAME records are not included multiple times
Remi Gacogne [Mon, 12 Jun 2023 08:08:45 +0000 (10:08 +0200)]
Merge pull request #12839 from phonedph1/patch-38
Update rules-actions.rst
Otto Moerbeek [Mon, 12 Jun 2023 07:40:18 +0000 (09:40 +0200)]
rec: Escape (by prepending "PDNS") message keys that are special to systemd-journal
Otto Moerbeek [Fri, 9 Jun 2023 09:51:04 +0000 (11:51 +0200)]
rec: Prevent duplicate C/DNAMEs to be included when doing serve-stale
This can happen if the CNAME record itself was found, but its target not
Otto Moerbeek [Fri, 9 Jun 2023 06:06:06 +0000 (08:06 +0200)]
Merge pull request #12898 from omoerbeek/rec-depth
rec: keep track of max depth reached and report it if !quiet
Otto Moerbeek [Thu, 8 Jun 2023 11:22:43 +0000 (13:22 +0200)]
Prometheus does not like counter names ending in -count
Otto Moerbeek [Thu, 8 Jun 2023 10:49:01 +0000 (12:49 +0200)]
(Partial) Tidy
Otto Moerbeek [Thu, 8 Jun 2023 10:44:17 +0000 (12:44 +0200)]
rec: keep track of max depth reaches and report it if !quiet
This is enough for now, mostly a metric only interesting to devs
Otto Moerbeek [Thu, 8 Jun 2023 10:11:26 +0000 (12:11 +0200)]
Extend SNMP test to include new OIDs
Otto Moerbeek [Thu, 8 Jun 2023 09:52:02 +0000 (11:52 +0200)]
Add Prometheus and SNMP version of NOD/UDR metrics
Otto Moerbeek [Thu, 8 Jun 2023 09:30:01 +0000 (11:30 +0200)]
Keep track of metrics for NOD and UDR events.
While there, change level of ndr logs to Notice, it was Debug before
Otto Moerbeek [Wed, 7 Jun 2023 10:27:30 +0000 (12:27 +0200)]
Add docs
Otto Moerbeek [Wed, 7 Jun 2023 10:10:26 +0000 (12:10 +0200)]
Add rec_control command to list supported algo names
Otto Moerbeek [Wed, 7 Jun 2023 09:42:48 +0000 (11:42 +0200)]
Distinguish auto and manual disabling in logging
Otto Moerbeek [Wed, 7 Jun 2023 08:19:13 +0000 (10:19 +0200)]
Impelement verification of algos 5 and 7
Otto Moerbeek [Tue, 6 Jun 2023 14:11:59 +0000 (16:11 +0200)]
rec: implement a way to disable specific DNSSEC algorithms
This could be needed when runing RHEL9, to avoid having zones signed
with algo 5 or 7 going Bogus. RHEL9 does not support these algorithms,
unless the globalsecurity policy is modified.
Peter van Dijk [Tue, 6 Jun 2023 07:49:02 +0000 (09:49 +0200)]
Merge pull request #12889 from Habbie/auth-4.8-eol-update
auth 4.8: EOL update
Peter van Dijk [Mon, 5 Jun 2023 14:34:15 +0000 (16:34 +0200)]
auth 4.8: EOL update
Otto Moerbeek [Fri, 2 Jun 2023 12:16:40 +0000 (14:16 +0200)]
delint
Otto Moerbeek [Fri, 2 Jun 2023 12:09:10 +0000 (14:09 +0200)]
Merge pull request #12793 from omoerbeek/assorted-delint
Another set of delinting
Otto Moerbeek [Fri, 2 Jun 2023 09:05:33 +0000 (11:05 +0200)]
Merge pull request #12867 from omoerbeek/rec-prep-4.9.0-beta1
rec: Prep for rec-4.9.0-beta1
Otto Moerbeek [Wed, 31 May 2023 08:28:00 +0000 (10:28 +0200)]
Prep for rec-4.9.0-beta1
Peter van Dijk [Thu, 1 Jun 2023 19:13:48 +0000 (21:13 +0200)]
Merge pull request #12880 from Habbie/swagger-no-docker
swagger-syntax-check: run outside of Docker
Peter van Dijk [Thu, 1 Jun 2023 18:39:56 +0000 (20:39 +0200)]
builder-dispatch: add debian-bookworm target to defaults
Peter van Dijk [Thu, 1 Jun 2023 16:57:17 +0000 (18:57 +0200)]
swagger-syntax-check: run outside of Docker
Peter van Dijk [Thu, 1 Jun 2023 16:28:17 +0000 (18:28 +0200)]
Merge pull request #12875 from Habbie/upgrade-notes-46-47-master
auth upgrading: fix 4.6/4.7 header; update LMDB text
romeroalx [Thu, 1 Jun 2023 14:57:59 +0000 (16:57 +0200)]
Merge pull request #12856 from romeroalx/enable-ipv6-actions-container
Enable ipv6 for actions running on docker containers
Peter van Dijk [Thu, 1 Jun 2023 12:03:58 +0000 (14:03 +0200)]
auth upgrading: fix 4.6/4.7 header; update LMDB text
Peter van Dijk [Thu, 1 Jun 2023 11:16:54 +0000 (13:16 +0200)]
Merge pull request #12874 from Habbie/auth-4.8.0-docs-secpoll
auth-4.8.0: docs and secpoll
Peter van Dijk [Thu, 1 Jun 2023 11:04:59 +0000 (13:04 +0200)]
auth-4.8.0: docs and secpoll
aerique [Thu, 1 Jun 2023 10:56:12 +0000 (12:56 +0200)]
Merge pull request #12873 from aerique/feature/add-bookwork-to-repo-test-script
Add Bookworm to repo test script.
Erik Winkels [Thu, 1 Jun 2023 09:41:23 +0000 (11:41 +0200)]
Add Bookworm to repo test script.
Add Debian Bookworm for `auth-master` & `auth-48` to repo test script.
Peter van Dijk [Wed, 31 May 2023 21:14:54 +0000 (23:14 +0200)]
Merge pull request #12866 from Habbie/auth-lmdb-dup-delete
auth lmdb: delete duplicate domain entries in deleteDomain
Otto Moerbeek [Tue, 30 May 2023 12:24:33 +0000 (14:24 +0200)]
Add test and fix TC=1 adding of SOA record
Otto Moerbeek [Tue, 30 May 2023 11:49:03 +0000 (13:49 +0200)]
rec: add SOA to RPZ result if configured to do so
Fixes #8232
Peter van Dijk [Wed, 31 May 2023 11:54:11 +0000 (13:54 +0200)]
Merge pull request #12860 from Habbie/auth-ent-wildcard
auth: do not answer with broken TYPE0 data when expanding an ENT wildcard
Peter van Dijk [Wed, 31 May 2023 11:53:52 +0000 (13:53 +0200)]
Merge pull request #12859 from Habbie/pdnsutil-edit-zone-wrong-key
pdnsutil: if user pushes unknown key in response to "problem with zone" prompt, do not throw away their changes
Peter van Dijk [Sun, 28 May 2023 21:05:35 +0000 (23:05 +0200)]
auth: do not answer with broken TYPE0 data when expanding an ENT wildcard
Otto Moerbeek [Tue, 16 May 2023 10:05:07 +0000 (12:05 +0200)]
Process review comments
Otto Moerbeek [Wed, 10 May 2023 07:44:52 +0000 (09:44 +0200)]
Reformat
Otto Moerbeek [Tue, 9 May 2023 11:15:34 +0000 (13:15 +0200)]
More delinting
A set of random files made clean. During this process .clang-tidy.full
was also amended a bit.
Peter van Dijk [Wed, 31 May 2023 08:33:56 +0000 (10:33 +0200)]
document shards=1 enforcement
Peter van Dijk [Wed, 31 May 2023 08:33:48 +0000 (10:33 +0200)]
format
Peter van Dijk [Wed, 31 May 2023 08:25:12 +0000 (10:25 +0200)]
simplify
Otto Moerbeek [Wed, 31 May 2023 07:52:37 +0000 (09:52 +0200)]
Merge pull request #12862 from omoerbeek/rec-recursion-bound
rec: bound maximum recursion depth to 16.
Otto Moerbeek [Wed, 31 May 2023 07:52:22 +0000 (09:52 +0200)]
Merge pull request #12861 from omoerbeek/rec-no-refresh
rec: Introduce a way to completely disable root-refresh
Peter van Dijk [Wed, 31 May 2023 07:34:02 +0000 (09:34 +0200)]
use d_transactiondomain[id]
Peter van Dijk [Wed, 31 May 2023 07:27:48 +0000 (09:27 +0200)]
Update modules/lmdbbackend/lmdbbackend.cc
Co-authored-by: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Peter van Dijk [Wed, 31 May 2023 07:25:26 +0000 (09:25 +0200)]
only throw when idvec is empty
Otto Moerbeek [Wed, 31 May 2023 06:39:36 +0000 (08:39 +0200)]
Merge pull request #12673 from omoerbeek/rec-origttl
rec: Sanitize d_orig_ttl stored in record cache
Peter van Dijk [Tue, 30 May 2023 16:50:47 +0000 (18:50 +0200)]
auth lmdb: enforce shards=1 when running in lightning-stream mode
Peter van Dijk [Tue, 30 May 2023 15:03:47 +0000 (17:03 +0200)]
auth lmdb: delete duplicate domain entries in deleteDomain
Otto Moerbeek [Tue, 30 May 2023 14:02:15 +0000 (16:02 +0200)]
Add the d_orig_ttl sanitization back, there still is a case where
it can wrap (which I'm unable to spot right now).