]>
git.ipfire.org Git - thirdparty/pdns.git/log
Eli Schwartz [Mon, 11 Dec 2023 23:18:11 +0000 (18:18 -0500)]
configure: remove broken bashism
In a configure check that was carefully written for pre-unix-wars
versions of the bourne shell, some code which was only valid using GNU
bash was included.
The `==` operator is a bash-specific alias for `=`. It behaves exactly
the same, except more confusing. It contains no added functionality,
other than making an otherwise /bin/sh compatible script only work when
/bin/sh is a symlink to /bin/bash.
Otto Moerbeek [Tue, 2 Apr 2024 14:33:04 +0000 (16:33 +0200)]
Merge pull request #14018 from omoerbeek/rec-proxy-exception
Rec: add setting to exclude specific listen socket addresses from requiring proxy protocol
Otto Moerbeek [Tue, 2 Apr 2024 13:20:16 +0000 (15:20 +0200)]
Typo
Co-authored-by: Remi Gacogne <github@coredump.fr>
Otto Moerbeek [Tue, 2 Apr 2024 12:33:35 +0000 (14:33 +0200)]
Merge pull request #14020 from omoerbeek/rec-compiling-rust-dcos
rec: mention rust compiler in compiling docs
Otto Moerbeek [Tue, 2 Apr 2024 11:52:57 +0000 (13:52 +0200)]
rec: mention rust compiler in compiling docs
Fixes #14019
Otto Moerbeek [Tue, 2 Apr 2024 08:33:45 +0000 (10:33 +0200)]
Add test for proxy exception mechanism
Otto Moerbeek [Tue, 2 Apr 2024 08:02:07 +0000 (10:02 +0200)]
rec: allow exception to proxy protocal usage for specific listen addresses
Remi Gacogne [Tue, 2 Apr 2024 08:58:42 +0000 (10:58 +0200)]
Merge pull request #14006 from rgacogne/fdwrapper-negative-values
FDWrapper: Do not try to close negative file descriptors
Remi Gacogne [Tue, 2 Apr 2024 07:54:15 +0000 (09:54 +0200)]
FDWrapper: Always reset the internal descriptor to -1
Even if it was a different negative value, which happens for example
with the bpf helper functions which return `-errno`.
Remi Gacogne [Fri, 29 Mar 2024 16:28:49 +0000 (17:28 +0100)]
Merge pull request #14001 from rgacogne/ddist-ffi-policy-no-server
dnsdist: Support "no server available" result from Lua FFI LB policies
Remi Gacogne [Fri, 29 Mar 2024 15:54:22 +0000 (16:54 +0100)]
dnsdist: Delint test-dnsdistlbpolicies_cc.cc
Remi Gacogne [Fri, 29 Mar 2024 15:35:55 +0000 (16:35 +0100)]
dnsdist: Fix clang-tidy warnings
Remi Gacogne [Fri, 29 Mar 2024 15:28:15 +0000 (16:28 +0100)]
Merge pull request #13922 from rgacogne/ddist-cachemiss-rule-chain
dnsdist: Add a new query rules chain triggered after a cache miss
Remi Gacogne [Fri, 29 Mar 2024 15:06:47 +0000 (16:06 +0100)]
Merge pull request #14005 from rgacogne/ddist-tcp-incoming-release
dnsdist: Release incoming TCP connection right away on backend failure
Remi Gacogne [Fri, 29 Mar 2024 15:04:10 +0000 (16:04 +0100)]
Merge pull request #14003 from rgacogne/ddist-fix-in-doh-crash
dnsdist: Fix a null-deref in incoming DoH w/ nghttp2
Remi Gacogne [Fri, 29 Mar 2024 15:03:24 +0000 (16:03 +0100)]
Merge pull request #14004 from rgacogne/ddist-tcp-downstream-release
dnsdist: Release failed TCP backend connections more quickly
Remi Gacogne [Fri, 29 Mar 2024 14:57:19 +0000 (15:57 +0100)]
dnsdist: Clarify how to return 'no server available' from the FFI policies
Remi Gacogne [Thu, 14 Mar 2024 15:03:41 +0000 (16:03 +0100)]
dnsdist: Add regression tests for the new cache-miss rules chain
Remi Gacogne [Fri, 8 Mar 2024 15:14:17 +0000 (16:14 +0100)]
dnsdist: Add a new query rules chain triggered after a cache miss
This new chain of rules allows postponing the decision of what to
do with the query to after a cache-lookup has been done. This is
particularly useful when dealing with abuse: we might want to allow
cache hits to be processed normally since they are cheap while dropping/
refusing/routing to a different pool queries that result in a cache
miss.
Remi Gacogne [Fri, 29 Mar 2024 14:14:55 +0000 (15:14 +0100)]
FDWrapper: Do not try to close negative file descriptors
It turns out that some of the BPF helper functions return
a negative `errno` value in case of failure, and since we
wrap the return value into a `FDWrapper` right away this
led to a warning from Valgrind about trying to close an
invalid file descriptor.
Remi Gacogne [Fri, 29 Mar 2024 14:08:29 +0000 (15:08 +0100)]
dnsdist: Release failed TCP backend connections more quickly
After a timeout we cannot reuse the TCP connection to the backend
anyway, so let's release it immediately.
Remi Gacogne [Fri, 29 Mar 2024 13:22:40 +0000 (14:22 +0100)]
dnsdist: Release incoming TCP connection right away on backend failure
We used to keep a shared pointer to the incoming TCP connection around
in `TCPConnectionToBackend::d_currentQuery.d_sender` even after all queries
sent to the backend failed, which prevented the incoming TCP connection
from being closed as soon as it should have.
Remi Gacogne [Fri, 29 Mar 2024 13:12:29 +0000 (14:12 +0100)]
dnsdist: Fix a null-deref in incoming DoH w/ nghttp2
When an incoming DoH connection using the `nghttp2` provider is waiting
for a response from a backend that results in a I/O error or timeout,
and the incoming connection also fails due to a I/O error or timeout,
dnsdist could in some cases try to dereference a null pointer, leading
to a crash.
Remi Gacogne [Thu, 28 Mar 2024 16:12:48 +0000 (17:12 +0100)]
dnsdist: Support "no server available" result from Lua FFI LB policies
Remi Gacogne [Thu, 28 Mar 2024 15:51:39 +0000 (16:51 +0100)]
Merge pull request #13923 from rgacogne/ddist-xfr-response-chain
dnsdist: Add a new response chain for XFR responses
Remi Gacogne [Thu, 28 Mar 2024 15:51:19 +0000 (16:51 +0100)]
Merge pull request #13999 from rgacogne/ddist-inc-http1-counter-alpn
dnsdist: Fix DNS over HTTP connections/queries counters with `nghttp2`
Remi Gacogne [Thu, 28 Mar 2024 10:37:59 +0000 (11:37 +0100)]
Merge pull request #13998 from romeroalx/fix-dockerfile-rpmsbom
Dockerfile.rpmsbom: fix grep syntax for authoritative on rhel>7
Remi Gacogne [Thu, 28 Mar 2024 10:37:35 +0000 (11:37 +0100)]
dnsdist: Fix formatting in dnsdist-nghttp2-in.cc
Remi Gacogne [Thu, 28 Mar 2024 10:25:34 +0000 (11:25 +0100)]
dnsdist: Add a regression test for DoH connection counters
Remi Gacogne [Thu, 28 Mar 2024 10:24:44 +0000 (11:24 +0100)]
dnsdist: Properly increase the HTTP connections counter w/ nghttp2
Remi Gacogne [Thu, 28 Mar 2024 09:30:10 +0000 (10:30 +0100)]
dnsdist: Remove commented out include directive
Remi Gacogne [Thu, 28 Mar 2024 09:27:15 +0000 (10:27 +0100)]
dnsdist: Increase the HTTP/1.1 query counter when DoH with 1.1 ALPN
This way we can keep track of how many HTTP/1.1 connections attempt
we see. We will not actually process the DNS over HTTP/1.1 payload
anyway when the `nghttp2` provider is used.
romeroalx [Thu, 28 Mar 2024 08:59:21 +0000 (09:59 +0100)]
fix grep syntax Dockerfile.rpmsbom
Remi Gacogne [Thu, 28 Mar 2024 08:46:51 +0000 (09:46 +0100)]
Merge pull request #13983 from rgacogne/generate-sbom
Generate Software Bill Of Materials (SBOMs) for our RPM packages
Otto Moerbeek [Wed, 27 Mar 2024 10:54:29 +0000 (11:54 +0100)]
Merge pull request #13969 from omoerbeek/rec-nod-threads
rec: use shared NOD (and/or UDR) DB, to avoid multiple copies in memory and on disk
Otto Moerbeek [Wed, 27 Mar 2024 10:08:46 +0000 (11:08 +0100)]
Explain the d_cachedir_mutex is only used for protecting init() calls
Otto Moerbeek [Wed, 27 Mar 2024 07:03:28 +0000 (08:03 +0100)]
Merge pull request #13984 from rgacogne/rec-fix-nsec3s-count-closest-encloser
rec: Correctly count NSEC3s considered when chasing the closest encloser
Otto Moerbeek [Wed, 27 Mar 2024 06:27:54 +0000 (07:27 +0100)]
Merge pull request #13985 from omoerbeek/rec-system-res-fixup
rec: fixup res-system-resolve.cc on FreeBSD: resolve.h needs netinet/in.h
Fred Morcos [Tue, 26 Mar 2024 19:31:35 +0000 (20:31 +0100)]
Merge pull request #13959 from fredmorcos/meson
Add Meson as a build system for auth
Otto Moerbeek [Tue, 26 Mar 2024 15:39:58 +0000 (16:39 +0100)]
rec: fixup res-system-resolve.cc on FreeBSD: resolve.h needs netinet/in.h
Otto Moerbeek [Tue, 26 Mar 2024 15:00:08 +0000 (16:00 +0100)]
Merge pull request #13982 from Habbie/resqueryunderscores
rec: also look for __res_query symbol
Remi Gacogne [Tue, 26 Mar 2024 14:36:07 +0000 (15:36 +0100)]
SBOM: Dynamically generate the list of auth-related packages
Remi Gacogne [Tue, 26 Mar 2024 13:44:15 +0000 (14:44 +0100)]
rec: Correctly count NSEC3s considered when chasing the closest encloser
We need to count the number of NSEC3s that are present in the response,
not the number of times we have to consider possible NSEC3s when
looking for the NSEC3 closest encloser, label by label.
Peter van Dijk [Tue, 26 Mar 2024 10:49:48 +0000 (11:49 +0100)]
rec: also look for __res_query symbol
Remi Gacogne [Tue, 26 Mar 2024 10:25:14 +0000 (11:25 +0100)]
SBOM: Fix the builder target variable
Remi Gacogne [Tue, 26 Mar 2024 09:47:11 +0000 (10:47 +0100)]
Fix syntax errors
Remi Gacogne [Tue, 26 Mar 2024 09:18:40 +0000 (10:18 +0100)]
Disable SBOM generation on el-7 (almost EOL), fix it on el-8
Remi Gacogne [Mon, 25 Mar 2024 19:04:13 +0000 (20:04 +0100)]
Hopefully fix SBOM generation
Remi Gacogne [Mon, 25 Mar 2024 13:51:05 +0000 (14:51 +0100)]
Attempt to generate SBOMs after building packages
Otto Moerbeek [Tue, 26 Mar 2024 06:58:00 +0000 (07:58 +0100)]
Merge pull request #13921 from omoerbeek/rec-system-resolve
Rec: add feature to allow names (resolved by system resolver) in forwarding config
Peter van Dijk [Mon, 25 Mar 2024 18:02:19 +0000 (19:02 +0100)]
Merge pull request #12849 from PowerDNS/dependabot/pip/regression-tests.api/requests-2.31.0
build(deps): bump requests from 2.20.0 to 2.31.0 in /regression-tests.api
Peter van Dijk [Mon, 25 Mar 2024 17:57:09 +0000 (18:57 +0100)]
Merge pull request #13981 from rgacogne/fix-rec-builds
Fix recursor packages builds
Remi Gacogne [Mon, 25 Mar 2024 16:01:19 +0000 (17:01 +0100)]
Fix recursor builds: fix invalid path for builder-support/helpers
Remi Gacogne [Mon, 25 Mar 2024 15:24:47 +0000 (16:24 +0100)]
Fix recursor builds: we now require `jq` during the `dist` phase
dependabot[bot] [Mon, 25 Mar 2024 14:57:28 +0000 (14:57 +0000)]
build(deps): bump requests in /regression-tests.api
Bumps [requests](https://github.com/psf/requests) from 2.20.0 to 2.31.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.20.0...v2.31.0)
---
updated-dependencies:
- dependency-name: requests
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Peter van Dijk [Mon, 25 Mar 2024 14:53:06 +0000 (15:53 +0100)]
Merge pull request #10933 from swegener/64-bit-time-support
m4: Enable 64-bit time_t on 32-bit systems with glibc-2.34
Otto Moerbeek [Mon, 25 Mar 2024 14:40:30 +0000 (15:40 +0100)]
Use FDWrapper, modify its reset() to return the close() return value
Remi Gacogne [Mon, 25 Mar 2024 14:28:37 +0000 (15:28 +0100)]
Merge pull request #13972 from rgacogne/external-libs-to-json
Move the version (and hashes) of external dependencies to JSON files
Otto Moerbeek [Mon, 25 Mar 2024 14:25:27 +0000 (15:25 +0100)]
Update pdns/recursordist/settings/docs-new-preamble-in.rst
Co-authored-by: Remi Gacogne <github@coredump.fr>
Otto Moerbeek [Mon, 25 Mar 2024 13:34:28 +0000 (14:34 +0100)]
Comment fixes, some of them only made sense for the non-shared setup
Otto Moerbeek [Mon, 25 Mar 2024 13:07:54 +0000 (14:07 +0100)]
Merge pull request #13844 from omoerbeek/rec-sl-only
rec: remove the possiblility to disable structured logging
Otto Moerbeek [Mon, 25 Mar 2024 12:33:41 +0000 (13:33 +0100)]
Make resolve check interval and self-resolve check settable
Peter van Dijk [Mon, 25 Mar 2024 11:52:03 +0000 (12:52 +0100)]
Merge pull request #13770 from Assumeru/require-tsig
auth: Add setting to make TSIG required for DNS updates
Otto Moerbeek [Mon, 25 Mar 2024 11:31:26 +0000 (12:31 +0100)]
Remove changes var and releted method, they are unused
Otto Moerbeek [Mon, 25 Mar 2024 11:24:28 +0000 (12:24 +0100)]
Apply suggestions from code review
Co-authored-by: Fred Morcos <fm@fredmorcos.com>
Co-authored-by: Remi Gacogne <github@coredump.fr>
Peter van Dijk [Mon, 25 Mar 2024 11:17:55 +0000 (12:17 +0100)]
more clang-tidy
Otto Moerbeek [Mon, 25 Mar 2024 11:04:44 +0000 (12:04 +0100)]
Merge pull request #13979 from omoerbeek/rec-netmask-docs
rec: fix netmask docs wrt deprecatd isIpX() functions
Remi Gacogne [Mon, 25 Mar 2024 10:57:11 +0000 (11:57 +0100)]
Add license, publisher information to the external deps data
Fred Morcos [Mon, 25 Mar 2024 10:34:03 +0000 (11:34 +0100)]
Meson: Remove unit-tests-verbose and favor meson test --verbose
Fred Morcos [Mon, 25 Mar 2024 10:30:15 +0000 (11:30 +0100)]
Meson: Fix passing thread dependency on platforms that need it
e.g. FreeBSD needs -lpthread
Otto Moerbeek [Mon, 25 Mar 2024 10:24:40 +0000 (11:24 +0100)]
rec: fix netmask docs wrt deprecatd isIpX() functions
Fixes #13978
Peter van Dijk [Mon, 25 Mar 2024 10:00:17 +0000 (11:00 +0100)]
clang-tidy: more descriptive variable name
Otto Moerbeek [Mon, 25 Mar 2024 09:45:08 +0000 (10:45 +0100)]
process review comments; move toTimestampStringMilli() to Logging namespace
Peter van Dijk [Mon, 25 Mar 2024 10:00:55 +0000 (11:00 +0100)]
Merge pull request #12769 from neilcook/patch-1
Update Dynamic DNS Update Docs with GSS-TSIG
Otto Moerbeek [Fri, 1 Mar 2024 14:36:13 +0000 (15:36 +0100)]
remove unused branch in SLOG macro (ifdef RECURSOR)
Otto Moerbeek [Fri, 1 Mar 2024 10:54:35 +0000 (11:54 +0100)]
rec: remove the possiblility to disable structured logging
Otto Moerbeek [Mon, 25 Mar 2024 08:54:18 +0000 (09:54 +0100)]
Sort result vector of getaddrinfo
Otto Moerbeek [Mon, 25 Mar 2024 08:21:49 +0000 (09:21 +0100)]
Apply suggestions from code review: typos in comments
Co-authored-by: Fred Morcos <fm@fredmorcos.com>
Otto Moerbeek [Fri, 15 Mar 2024 15:32:49 +0000 (16:32 +0100)]
Add test to also test changing forwarder. Needs ENABLE_SUDO_TESTS
Todo: modify tasks.py to add ENABLE_SUDO_TESTS to test run, like dnsdist does
Otto Moerbeek [Fri, 15 Mar 2024 13:54:13 +0000 (14:54 +0100)]
Simple test of named forward, a bit ugly as it depends on external servers
Otto Moerbeek [Fri, 15 Mar 2024 11:26:50 +0000 (12:26 +0100)]
Comments & docs
Otto Moerbeek [Wed, 13 Mar 2024 11:55:39 +0000 (12:55 +0100)]
Avoid race setting serverID
Otto Moerbeek [Wed, 13 Mar 2024 11:04:32 +0000 (12:04 +0100)]
Enable explicitly only
Otto Moerbeek [Tue, 12 Mar 2024 07:43:00 +0000 (08:43 +0100)]
Search -lresolv (if applicable) the proper auto* way
Otto Moerbeek [Mon, 11 Mar 2024 16:34:02 +0000 (17:34 +0100)]
selfresolve check wip
Otto Moerbeek [Fri, 23 Feb 2024 13:43:03 +0000 (14:43 +0100)]
rec: facility to resolve names via system resolver
Remi Gacogne [Fri, 22 Mar 2024 14:38:08 +0000 (15:38 +0100)]
Move the version (and hashes) of external dependencies to JSON files
Otto Moerbeek [Mon, 25 Mar 2024 09:05:09 +0000 (10:05 +0100)]
Merge pull request #13975 from omoerbeek/more-if-vs-ifdef-have
Fix the remaining cases of #if vs #ifdef HAVE_XYZ
Otto Moerbeek [Mon, 25 Mar 2024 09:04:44 +0000 (10:04 +0100)]
Merge pull request #12989 from Habbie/stderr
auth, rec: update option text and docs to clarify logging is to stderr, not stdout
Remi Gacogne [Mon, 25 Mar 2024 09:01:52 +0000 (10:01 +0100)]
Merge pull request #13914 from rgacogne/ddist-fix-xsk-error
dnsdist: Fix XSK-enabled check when reconnecting a backend
Otto Moerbeek [Mon, 25 Mar 2024 08:13:50 +0000 (09:13 +0100)]
Fix the remaining cases of #if vs #ifdef HAVE_XYZ
Remi Gacogne [Mon, 25 Mar 2024 07:50:13 +0000 (08:50 +0100)]
Merge pull request #13971 from omoerbeek/check-have-with-ifdef
Always check HAVE_XYZ flags with #ifdef
Remi Gacogne [Mon, 25 Mar 2024 07:49:42 +0000 (08:49 +0100)]
Merge pull request #13973 from jsoref/clarify-job-description
Clarify workflow name
Peter van Dijk [Fri, 22 Mar 2024 18:28:34 +0000 (19:28 +0100)]
Merge pull request #13548 from PowerDNS/dependabot/pip/docs/urllib3-2.0.7
build(deps): bump urllib3 from 2.0.3 to 2.0.7 in /docs
Josh Soref [Fri, 22 Mar 2024 18:17:30 +0000 (14:17 -0400)]
Clarify workflow name
The workflow performs two very unrelated tasks:
* Verify source code formatting
* Check Makefile.am sort order
Peter van Dijk [Wed, 5 Jul 2023 20:07:29 +0000 (22:07 +0200)]
auth, rec: update option text and docs to clarify logging is to stderr, not stdout
Peter van Dijk [Fri, 22 Mar 2024 15:17:53 +0000 (16:17 +0100)]
accept the complexity of this function for now
Peter van Dijk [Fri, 22 Mar 2024 14:59:49 +0000 (15:59 +0100)]
Merge pull request #13970 from jsoref/build-tags-permissions
Allow build-tags to run on forks
Otto Moerbeek [Fri, 22 Mar 2024 14:10:31 +0000 (15:10 +0100)]
Always check HAVE_XYZ flags with #ifdef
Meson uses #define HAVE_FEATURE (without 1), so it matters there
Josh Soref [Fri, 22 Mar 2024 12:33:44 +0000 (08:33 -0400)]
Allow build-tags to run on forks
build-tags uses: PowerDNS/pdns/.github/workflows/build-packages.yml@master
As of
f107ec62467b8779db9bbdb175721ef232ed52e5 , that workflow requires:
permissions:
actions: read # To read the workflow path.
id-token: write # To sign the provenance.
contents: write # To be able to upload assets as release artifacts
Per https://docs.github.com/en/actions/using-workflows/reusing-workflows
in order for this to work, the calling job (in build-tags) needs to
have the maximum required permissions in order for the calling workflow
to be run.