]>
git.ipfire.org Git - thirdparty/pdns.git/log
Matt Nordhoff [Wed, 12 Feb 2020 14:52:42 +0000 (14:52 +0000)]
Deduplicate EXTRA_DIST and dist_doc_DATA in modified Makefile.ams
Matt Nordhoff [Sun, 2 Feb 2020 20:40:10 +0000 (20:40 +0000)]
auth: Include bind schema files in debs
Matt Nordhoff [Sun, 2 Feb 2020 20:14:54 +0000 (20:14 +0000)]
auth: Include bind schema files in pdns RPM
Matt Nordhoff [Sun, 2 Feb 2020 16:36:34 +0000 (16:36 +0000)]
auth: List the 3.4.0+ SQL schema files wherever the older files are.
And clean up godbcbackend's Makefile.am.
Matt Nordhoff [Sun, 2 Feb 2020 15:29:07 +0000 (15:29 +0000)]
auth: Add enable-foreign-keys.mysql.sql to packages and Makefile.am
Matt Nordhoff [Sun, 2 Feb 2020 15:20:47 +0000 (15:20 +0000)]
auth: Add 4.3.0 schema files to Makefile.ams
Peter van Dijk [Fri, 14 Feb 2020 14:18:22 +0000 (15:18 +0100)]
Merge pull request #8094 from mind04/pdns-diff-config
auth: add full option to 'pdns_control show-config'
Otto Moerbeek [Fri, 14 Feb 2020 13:58:25 +0000 (14:58 +0100)]
Merge pull request #8823 from omoerbeek/rec-rpz-passthru
Rec: do continue rpz processing if the current policy is passthru
Peter van Dijk [Fri, 14 Feb 2020 12:53:17 +0000 (13:53 +0100)]
Merge pull request #8799 from Habbie/odbc-threading
auth CI: enable ODBC thread locking
Peter van Dijk [Fri, 14 Feb 2020 12:47:30 +0000 (13:47 +0100)]
Merge pull request #8815 from pieterlexis/yahttp-ipv6-address
YaHTTP: Support bracketed IPv6 addresses
Peter van Dijk [Fri, 14 Feb 2020 12:46:54 +0000 (13:46 +0100)]
Merge pull request #8779 from Habbie/empty-ixfr-soa-rrsig
IXFR: only sign SOA in empty response for +DO queries
Otto Moerbeek [Fri, 14 Feb 2020 12:46:21 +0000 (13:46 +0100)]
Rebased to handle NetmaskTree changes
Otto Moerbeek [Fri, 14 Feb 2020 10:48:15 +0000 (11:48 +0100)]
Fix compilation issue on older compilers
Otto Moerbeek [Fri, 14 Feb 2020 09:55:11 +0000 (10:55 +0100)]
Formatting
Otto Moerbeek [Fri, 14 Feb 2020 09:22:12 +0000 (10:22 +0100)]
Avoid copying policies around by passing a Policy& that gets modified
if a match is found.
Remi Gacogne [Thu, 13 Feb 2020 14:24:42 +0000 (15:24 +0100)]
rec: Lookup RPZ Client IP rules before qname ones
Remi Gacogne [Thu, 13 Feb 2020 14:23:57 +0000 (15:23 +0100)]
rec: Add more RPZ regression tests
Otto Moerbeek [Wed, 12 Feb 2020 16:04:39 +0000 (17:04 +0100)]
Test clientIP before name, fix one more cutoff condition.
Remi Gacogne [Wed, 12 Feb 2020 15:53:47 +0000 (16:53 +0100)]
rec: Add unit tests for the RPZ policy priorities and ordering
Otto Moerbeek [Wed, 12 Feb 2020 15:49:58 +0000 (16:49 +0100)]
Set the d_priority field in the policy objects of a zone.
Comments from racacogne:
Better name for currentPriority, more elegant loops with right cutoff.
Remi Gacogne [Wed, 12 Feb 2020 14:54:38 +0000 (15:54 +0100)]
rec: Add regression tests for the ordering of RPZ policies
Otto Moerbeek [Wed, 12 Feb 2020 14:35:12 +0000 (15:35 +0100)]
Continue evaluation of RPZ rules after passthru, taking
into account RPZ priorities.
Peter van Dijk [Mon, 10 Feb 2020 09:26:15 +0000 (10:26 +0100)]
travis: enable ODBC thread locking
Peter van Dijk [Mon, 10 Feb 2020 09:26:09 +0000 (10:26 +0100)]
circleci: enable ODBC thread locking
Peter van Dijk [Wed, 12 Feb 2020 21:00:28 +0000 (22:00 +0100)]
Merge pull request #8614 from zeha/api-rm-unimplemented-check
Remove not implemented zone check API from spec
Peter van Dijk [Wed, 12 Feb 2020 20:16:30 +0000 (21:16 +0100)]
Merge pull request #8766 from zeha/chrish
Update my name in old changelogs
Peter van Dijk [Wed, 12 Feb 2020 20:06:24 +0000 (21:06 +0100)]
Merge pull request #8793 from rgacogne/auth-reserve-caches
auth: Prepare the caches' buckets in advance
Peter van Dijk [Wed, 12 Feb 2020 19:03:43 +0000 (20:03 +0100)]
docs security-policy: fix typo in my email address
Pieter Lexis [Wed, 12 Feb 2020 14:29:01 +0000 (15:29 +0100)]
YaHTTP: Send correct Host header for IPv6 address
Pieter Lexis [Wed, 12 Feb 2020 14:27:18 +0000 (15:27 +0100)]
YaHTTP: Parse addresses with IPv6 literals
A URL like http://[::1]:81 are parsed correctly now.
Remi Gacogne [Wed, 12 Feb 2020 09:09:24 +0000 (10:09 +0100)]
Merge pull request #8760 from rgacogne/ddist-doh-exact-match
dnsdist: Don't accept sub-paths of configured DoH URLs
Remi Gacogne [Wed, 12 Feb 2020 09:09:04 +0000 (10:09 +0100)]
Update pdns/dnsdistdist/docs/upgrade_guide.rst
Co-Authored-By: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Remi Gacogne [Wed, 12 Feb 2020 08:43:49 +0000 (09:43 +0100)]
Merge pull request #8355 from stephanbosch/netmask-tree
Rework NetmaskTree for better CPU and memory efficiency.
Stephan Bosch [Wed, 9 Oct 2019 00:06:33 +0000 (02:06 +0200)]
iputils.hh: NetmaskTree: Make the node_type key value const.
This prevents changing the key used by the tree, which would otherwise provide
an opportunity to corrupt the tree.
Stephan Bosch [Mon, 30 Sep 2019 13:10:42 +0000 (15:10 +0200)]
iputils.hh: NetmaskTree: Make the iterator reference a normal reference rather than a pointer.
This is possible now that the iterator type is no longer dictated by the
internal std::set. This changes the NetmaskTree::iterator API, but it makes it
more standard, less cumbersome, and less confusing.
Stephan Bosch [Mon, 30 Sep 2019 12:33:43 +0000 (14:33 +0200)]
iputils.hh: NetmaskTree: Make TreeNode::node a normal field rather than a pointer.
It no longer needs to be allocated separately.
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree: Drop the internal std::set.
It is now superfluous.
Otto Moerbeek [Tue, 11 Feb 2020 16:08:28 +0000 (17:08 +0100)]
Merge pull request #8777 from omoerbeek/rec-wip-qname-vs-ds
rec: QNAME minimization sometimes uses 1 label too many
Remi Gacogne [Tue, 11 Feb 2020 15:40:31 +0000 (16:40 +0100)]
dnsdist: Document that we no longer start as root by default
Remi Gacogne [Tue, 11 Feb 2020 15:40:11 +0000 (16:40 +0100)]
dnsdist: Document that DoH paths are now exact matches.
Otto Moerbeek [Tue, 11 Feb 2020 14:58:35 +0000 (15:58 +0100)]
Typos
Peter van Dijk [Tue, 11 Feb 2020 12:22:44 +0000 (13:22 +0100)]
builder: also touch /var/lib/rpm/* before build-specs
Otto Moerbeek [Tue, 11 Feb 2020 11:33:09 +0000 (12:33 +0100)]
Merge pull request #8778 from Habbie/recursor-rpz-refresh
rec RPZ dumpFile/seedFile: store/get SOA refresh on dump/load
Otto Moerbeek [Tue, 11 Feb 2020 11:30:29 +0000 (12:30 +0100)]
Warn at refresh=0
Peter van Dijk [Tue, 11 Feb 2020 10:33:32 +0000 (11:33 +0100)]
Merge pull request #8807 from Habbie/docker-ovl-rpm
builder: touch /var/lib/rpm/* in every docker layer that uses rpmdb
Peter van Dijk [Tue, 11 Feb 2020 10:06:03 +0000 (11:06 +0100)]
builder: touch /var/lib/rpm/* in every docker layer that uses rpmdb
references:
https://github.com/pombredanne/dnf-plugin-ovl
https://bugzilla.redhat.com/show_bug.cgi?id=
1213602
Peter van Dijk [Tue, 11 Feb 2020 05:56:30 +0000 (06:56 +0100)]
Merge pull request #8804 from rgacogne/ddist-install-config-file
dnsdist: Fix configuration file installation / chmod
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree: Add iterator class and use it for begin() and end() methods.
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree: Keep track of the left-most node in the tree.
Needed to provide a begin() iterator in constant time.
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree: Copy the tree using tree traversal.
Before, it used the internal std::set.
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree::TreeNode: Implement tree traversal methods.
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree: Make tree cleanup mandatory.
Potentially leaving branches full of unassigned nodes unnecessarily complicates
tree algorithms. Disabling tree cleanup was not used anywhere, except for a unit
test. Note that, after this change, individual branch nodes can still be
unassigned, but not the whole branch. So, when e.g. the left sub-branch of a
node exists, algorithms can rely on the fact that there is at least one assigned
node in there.
Stephan Bosch [Wed, 9 Oct 2019 20:49:21 +0000 (22:49 +0200)]
iputils.hh: NetmaskTree: Always normalize key netmasks.
This makes address bits below the network mask all zero, which is consistent
with the tree's behavior.
This change addresses one sensitivity to this behavioral change in the recursor
cache.
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree: Reduce the number of tree nodes.
Before, it created a tree node for every network bit in the netmask. Now, it
only creates a tree node when necessary (only for values and branches).
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree: Initialize TreeNode::node immediately.
Later commit relies on this.
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree: Use for loops instead of while loops.
Makes using `continue' easier in later commit.
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree: Restructure the tree with separate branches for for IPv4 and IPv6
This simplifies the code considerably.
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree: Rename field "root" to "d_root"
Stephan Bosch [Mon, 30 Sep 2019 08:30:25 +0000 (10:30 +0200)]
iputils.hh: NetmaskTree: Use ComboAddress::getBit() and Netmask::getBit()
Stephan Bosch [Wed, 9 Oct 2019 01:49:33 +0000 (03:49 +0200)]
iputils.hh: NetmaskTree: Make cleanup_tree() method private.
Stephan Bosch [Mon, 30 Sep 2019 08:30:24 +0000 (10:30 +0200)]
iputils.hh: Netmask: Prevent the construction of a 128-bit IPv4 netmask.
Stephan Bosch [Mon, 30 Sep 2019 08:30:24 +0000 (10:30 +0200)]
iputils.hh: Netmask: Add getBit()
Stephan Bosch [Mon, 30 Sep 2019 08:30:24 +0000 (10:30 +0200)]
iputils.hh: Netmask: Add getAddressBits()
Stephan Bosch [Mon, 30 Sep 2019 08:30:24 +0000 (10:30 +0200)]
iputils.hh: ComboAddress: Add getBit()
Stephan Bosch [Mon, 30 Sep 2019 08:30:24 +0000 (10:30 +0200)]
iputils.hh: ComboAddress: Add getBits()
Stephan Bosch [Wed, 9 Oct 2019 00:23:30 +0000 (02:23 +0200)]
iputils.hh: Netmask: Add getSuper()
Stephan Bosch [Mon, 30 Sep 2019 08:30:24 +0000 (10:30 +0200)]
test-iputils_hh.cc: Add tests for NetmaskTree copy, swap and iterator operations.
Stephan Bosch [Wed, 9 Oct 2019 00:34:15 +0000 (02:34 +0200)]
iputils.hh: Netmask: Add getNormalized()
Stephan Bosch [Mon, 30 Sep 2019 08:30:24 +0000 (10:30 +0200)]
test-iputils_hh.cc: Test 0.0.0.0 address at serveral network bit ranges.
Stephan Bosch [Mon, 30 Sep 2019 08:30:24 +0000 (10:30 +0200)]
test-iputils_hh.cc: Better verify the NetmaskTree container size during tests.
Stephan Bosch [Wed, 9 Oct 2019 01:34:13 +0000 (03:34 +0200)]
iputils.hh: Consistently use nullptr rather than NULL.
Stephan Bosch [Wed, 9 Oct 2019 20:36:12 +0000 (22:36 +0200)]
iputils.hh: Fix erroneous comments.
Stephan Bosch [Mon, 30 Sep 2019 08:30:24 +0000 (10:30 +0200)]
Reformat test-iputils_hh.cc.
Remove a few empty lines.
Stephan Bosch [Mon, 30 Sep 2019 08:30:24 +0000 (10:30 +0200)]
Reformat iputils.hh
Mainly removed whitespace at end of line and fixed several indenting mishaps.
Peter van Dijk [Mon, 10 Feb 2020 18:23:08 +0000 (19:23 +0100)]
Merge pull request #8803 from rgacogne/dnsname-centos-6
Fix "error: 'strlen' was not declared in this scope" on CentOS 6
Remi Gacogne [Mon, 10 Feb 2020 17:12:47 +0000 (18:12 +0100)]
dnsdist: Fix configuration file installation / chmod
Introduced in
c98c0ef694de0c536e6d71af8c58a16f6635ea35
Remi Gacogne [Mon, 10 Feb 2020 17:10:01 +0000 (18:10 +0100)]
Fix "error: 'strlen' was not declared in this scope" on CentOS 6
Peter van Dijk [Mon, 10 Feb 2020 16:33:18 +0000 (17:33 +0100)]
Merge pull request #8800 from Habbie/dnsdist-docs-tables
dnsdist docs: refer to new tables. Fixes #8798
Remi Gacogne [Mon, 10 Feb 2020 14:36:47 +0000 (15:36 +0100)]
Merge pull request #8783 from rgacogne/cpu-steal-iowait
Add 'IO wait' and 'steal' metrics on Linux
Otto Moerbeek [Mon, 10 Feb 2020 14:17:09 +0000 (15:17 +0100)]
Tweaks for minimum time
Otto Moerbeek [Mon, 10 Feb 2020 13:31:41 +0000 (14:31 +0100)]
Introduce an explicit refreshFromConf arg to RPZIXFRTracker.
Always load and store the rpz refresh value from and to the zone.
That we we can easily decide which value to use: if an explicit
refreshFromConf value is set, use that one, otherwise use the one
in the rpz zone.
Remi Gacogne [Mon, 10 Feb 2020 10:53:24 +0000 (11:53 +0100)]
Document that IO wait and steal metrics are in units of USER_HZ.
Remi Gacogne [Mon, 10 Feb 2020 10:26:33 +0000 (11:26 +0100)]
Merge pull request #8801 from rgacogne/ddist-setwebapikey
dnsdist: Fix a typo 'apikey' -> 'apiKey' in setWebserverConfig() doc
Remi Gacogne [Mon, 10 Feb 2020 10:25:16 +0000 (11:25 +0100)]
dnsdist: Fix a typo 'apikey' -> 'apiKey' in setWebserverConfig() doc
Peter van Dijk [Mon, 10 Feb 2020 09:40:39 +0000 (10:40 +0100)]
dnsdist docs: refer to new tables. Fixes #8798
Remi Gacogne [Mon, 10 Feb 2020 09:17:39 +0000 (10:17 +0100)]
Merge pull request #8792 from rgacogne/dnsname-strlen
DNSName: Don't call strlen() when the length is already known
Remi Gacogne [Fri, 7 Feb 2020 14:32:57 +0000 (15:32 +0100)]
Merge pull request #8737 from Habbie/circleci-pager
avoid 'git show -s' from starting a pager in CircleCI
Remi Gacogne [Thu, 30 Jan 2020 14:11:53 +0000 (15:11 +0100)]
DNSName: Don't call strlen() when the length is already known
Remi Gacogne [Fri, 7 Feb 2020 14:29:39 +0000 (15:29 +0100)]
Merge pull request #8795 from omoerbeek/rec-lua-docs-policytag
rec: Remove duplicate *PolicyTags docs
Remi Gacogne [Fri, 7 Feb 2020 14:28:42 +0000 (15:28 +0100)]
Merge pull request #8171 from rgacogne/dnsdist-soa-in-negative
dnsdist: Add SetNegativeAndSOAAction() and its Lua binding
Otto Moerbeek [Fri, 7 Feb 2020 12:08:42 +0000 (13:08 +0100)]
Remove duplicate *PolicyTags docs
Remi Gacogne [Fri, 7 Feb 2020 11:15:36 +0000 (12:15 +0100)]
Merge pull request #7820 from pieterlexis/systemd-no-setuid
dnsdist: don't start as root within a systemd environment
Remi Gacogne [Fri, 7 Feb 2020 11:06:07 +0000 (12:06 +0100)]
dnsdist: Add the ability to set flags in SetNegativeAndSOAAction()
Otto Moerbeek [Fri, 7 Feb 2020 10:48:22 +0000 (11:48 +0100)]
Merge pull request #8794 from atopuzov/tsig-typo-fix
Fix typo in tsig documentation
Aleksandar Topuzović [Fri, 7 Feb 2020 10:44:28 +0000 (10:44 +0000)]
Fix typo in tsig documentation
Remi Gacogne [Fri, 7 Feb 2020 10:29:19 +0000 (11:29 +0100)]
dnsdist: Don't add EDNS to raw answers
Remi Gacogne [Tue, 6 Aug 2019 15:44:56 +0000 (17:44 +0200)]
dnsdist: Add SetNegativeAndSOAAction() and its Lua binding
Remi Gacogne [Fri, 7 Feb 2020 10:09:29 +0000 (11:09 +0100)]
Merge pull request #8115 from rgacogne/dnsdist-ecs-before-tsig
dnsdist: Fix ECS addition when the OPT record is not the last one
Remi Gacogne [Fri, 7 Feb 2020 09:38:52 +0000 (10:38 +0100)]
Merge pull request #8787 from rgacogne/ddist-tls-key-log-file
dnsdist: Fix key logging for DNS over TLS
Remi Gacogne [Fri, 7 Feb 2020 09:23:20 +0000 (10:23 +0100)]
Merge pull request #8722 from rgacogne/ddist-lua-raw-content-rebased
dnsdist: Add spoofRawAction() to craft answers from raw bytes