]>
git.ipfire.org Git - thirdparty/pdns.git/log
Chris Hofstaedtler [Fri, 29 May 2020 12:12:38 +0000 (14:12 +0200)]
Address feedback from #9176
Chris Hofstaedtler [Wed, 27 May 2020 21:20:08 +0000 (23:20 +0200)]
Optimize IXFR-to-AXFR fallback path
Avoid making new backends when we are going to either deny the XFR, or
fall back to AXFR anyway.
This cuts down the number of new backends from four (three for IXFR
pre-checks plus one for AXFR) to one (just the AXFR one).
When replying in IXFR mode, we keep making _one_ new backend, which is
also better than before.
While we now hold the s_plock for a while longer, we only take it once
in doIXFR; before we took it twice -- for TSIG retrieval, which now
re-uses the IXFR backend.
Remi Gacogne [Mon, 25 May 2020 14:08:17 +0000 (16:08 +0200)]
Merge pull request #9141 from rgacogne/rec-remove-getquerylocaladdress-stub
rec: Remove unused getQueryLocalAddress stub in the unit tests
Remi Gacogne [Mon, 25 May 2020 12:45:07 +0000 (14:45 +0200)]
Merge pull request #9143 from Habbie/travis-unbreak-trusty
travis: install pdns package from direct download
Peter van Dijk [Mon, 25 May 2020 08:27:01 +0000 (10:27 +0200)]
travis: install pdns package from direct download
Remi Gacogne [Mon, 25 May 2020 09:17:24 +0000 (11:17 +0200)]
rec: Remove unused getQueryLocalAddress stub in the unit tests
The real function moved to the pdns namespace anyway.
Remi Gacogne [Mon, 25 May 2020 07:50:02 +0000 (09:50 +0200)]
Merge pull request #9137 from phonedph1/patch-21
rec: Update syncres.cc
Remi Gacogne [Mon, 25 May 2020 07:49:48 +0000 (09:49 +0200)]
Merge pull request #9138 from PowerDNS/omoerbeek-patch-1
rec: Typos and ref to rec instead of auth in security advisory
Otto Moerbeek [Fri, 22 May 2020 06:44:57 +0000 (08:44 +0200)]
Typos and ref to rec instead of auth
phonedph1 [Thu, 21 May 2020 01:27:01 +0000 (19:27 -0600)]
Update syncres.cc
Otto Moerbeek [Wed, 20 May 2020 08:47:48 +0000 (10:47 +0200)]
Merge pull request #9134 from omoerbeek/secpoll-cleanup
Secpoll cleanup, mark prereleases with vulnerabilities as such.
Otto Moerbeek [Wed, 20 May 2020 07:38:59 +0000 (09:38 +0200)]
Secpoll cleanup, mark prereleases with vulnerabilities as such.
Otto Moerbeek [Wed, 20 May 2020 07:12:32 +0000 (09:12 +0200)]
Merge pull request #9131 from mnordhoff/patch-6
rec: docs: Update the allow-from setting default
Matt Nordhoff [Tue, 19 May 2020 21:56:55 +0000 (21:56 +0000)]
rec: docs: Update the allow-from setting default.
The default is LOCAL_NETS, but the copy of it in the documentation was incomplete.
Remi Gacogne [Tue, 19 May 2020 15:21:26 +0000 (17:21 +0200)]
Merge pull request #9111 from omoerbeek/dnsreplay-loop
Support LOOP link type in dnsreplay
Otto Moerbeek [Tue, 19 May 2020 13:39:17 +0000 (15:39 +0200)]
Merge pull request #9126 from omoerbeek/rec-4.1.16-secpoll
Prepare rec 4.1.16 secpoll update
Otto Moerbeek [Tue, 19 May 2020 12:53:01 +0000 (14:53 +0200)]
Prepare rec 4.1.16 secpoll update
Remi Gacogne [Tue, 19 May 2020 10:51:22 +0000 (12:51 +0200)]
Merge pull request #9124 from rgacogne/powerdns-advisory-2020-002
rec: powerdns-advisory-2020-002 -> powerdns-advisory-2020-02
Remi Gacogne [Tue, 19 May 2020 10:23:16 +0000 (12:23 +0200)]
rec: powerdns-advisory-2020-002 -> powerdns-advisory-2020-02
Otto Moerbeek [Tue, 19 May 2020 10:14:30 +0000 (12:14 +0200)]
Merge pull request #9118 from pieterlexis/fix-rec-docs
Fix LaTeX-pdns recursor docs
Otto Moerbeek [Tue, 19 May 2020 10:14:16 +0000 (12:14 +0200)]
Merge pull request #9119 from omoerbeek/fix-formatting
fix formatting
Otto Moerbeek [Tue, 19 May 2020 09:51:03 +0000 (11:51 +0200)]
fix formatting
Pieter Lexis [Tue, 19 May 2020 09:25:57 +0000 (11:25 +0200)]
Add names and vars to spelling whitelist
Pieter Lexis [Tue, 19 May 2020 09:16:37 +0000 (11:16 +0200)]
Fix LaTeX-pdns recursor docs
Pieter Lexis [Tue, 19 May 2020 08:49:13 +0000 (10:49 +0200)]
Merge pull request #9114 from pieterlexis/rec-may-2020
Recursor fixes May 2020
Pieter Lexis [Tue, 19 May 2020 08:26:26 +0000 (10:26 +0200)]
Merge pull request #9113 from pieterlexis/rec-prep-may-2020
rec: prep for May 2020 releases
Otto Moerbeek [Wed, 13 May 2020 11:21:50 +0000 (13:21 +0200)]
rec: prep for May 2020 security releases
Otto Moerbeek [Mon, 18 May 2020 13:28:40 +0000 (15:28 +0200)]
Merge pull request #9106 from omoerbeek/release-cycles
Tell about the release cycles.
Otto Moerbeek [Mon, 18 May 2020 12:40:00 +0000 (14:40 +0200)]
Merge pull request #8940 from pieterlexis/resolver-query-local-address6
Merge query-local-address6 into query-local-address
Otto Moerbeek [Mon, 18 May 2020 11:35:54 +0000 (13:35 +0200)]
"Adress" is actually prural in query-local-address
Co-authored-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Otto Moerbeek [Mon, 18 May 2020 11:26:13 +0000 (13:26 +0200)]
Merge pull request #9073 from pieterlexis/runtime-dirs-virtual-hosting
Ensure runtime dirs for virtual services differ
Otto Moerbeek [Mon, 18 May 2020 11:24:16 +0000 (13:24 +0200)]
Merge pull request #9085 from zeha/config
builder: improve shipped config files
Otto Moerbeek [Fri, 15 May 2020 08:11:41 +0000 (10:11 +0200)]
Tell about the release cycles.
Peter van Dijk [Fri, 15 May 2020 19:16:40 +0000 (21:16 +0200)]
Merge pull request #9107 from jsoref/spell-check
Update check-spelling to 0.0.16-a
Josh Soref [Fri, 15 May 2020 15:09:22 +0000 (11:09 -0400)]
Update expects
Josh Soref [Fri, 15 May 2020 15:09:07 +0000 (11:09 -0400)]
spelling: Wshadow
Josh Soref [Fri, 15 May 2020 14:46:35 +0000 (10:46 -0400)]
Ignore c(xx)flags
Josh Soref [Fri, 15 May 2020 14:44:51 +0000 (10:44 -0400)]
spelling: with
Josh Soref [Fri, 15 May 2020 14:43:05 +0000 (10:43 -0400)]
spelling: target
Josh Soref [Fri, 15 May 2020 14:42:48 +0000 (10:42 -0400)]
spelling: should
Josh Soref [Fri, 15 May 2020 14:42:37 +0000 (10:42 -0400)]
spelling: record
Josh Soref [Fri, 15 May 2020 14:42:20 +0000 (10:42 -0400)]
spelling: milliseconds
Josh Soref [Fri, 15 May 2020 14:40:26 +0000 (10:40 -0400)]
spelling: improvements
Josh Soref [Fri, 15 May 2020 14:39:58 +0000 (10:39 -0400)]
spelling: first
Josh Soref [Fri, 15 May 2020 14:38:55 +0000 (10:38 -0400)]
spelling: answer
Josh Soref [Fri, 15 May 2020 14:30:24 +0000 (10:30 -0400)]
Update check-spelling action
Peter van Dijk [Fri, 15 May 2020 14:26:19 +0000 (16:26 +0200)]
Merge pull request #9018 from jsoref/spell-check
Set up spell-checking action
Otto Moerbeek [Fri, 15 May 2020 13:33:12 +0000 (15:33 +0200)]
Support LOOP link type
Otto Moerbeek [Fri, 15 May 2020 08:38:27 +0000 (10:38 +0200)]
Merge pull request #9105 from omoerbeek/auth-4.0-eol
Mark auth 4.0.x as EOL, plus some even older versions.
Otto Moerbeek [Fri, 15 May 2020 07:58:21 +0000 (09:58 +0200)]
Mark auth 4.0.x as EOL, plus some even older versions.
Otto Moerbeek [Thu, 14 May 2020 08:22:00 +0000 (10:22 +0200)]
Merge pull request #9099 from PowerDNS/omoerbeek-patch-1
rec: don't suggest to add a TA for powerdns.com
Otto Moerbeek [Thu, 14 May 2020 08:21:39 +0000 (10:21 +0200)]
Merge pull request #9100 from omoerbeek/secpol-err-msg
Less negatives in error messages improves readability.
Otto Moerbeek [Wed, 13 May 2020 14:29:42 +0000 (16:29 +0200)]
Also update surrounding text as noted by phonedph1
Otto Moerbeek [Wed, 13 May 2020 12:27:42 +0000 (14:27 +0200)]
Less negatives in error messages improves readability.
Otto Moerbeek [Wed, 13 May 2020 12:17:44 +0000 (14:17 +0200)]
don't suggest to a TA for pwerdns.com
Remi Gacogne [Mon, 17 Feb 2020 14:20:32 +0000 (15:20 +0100)]
Don't read potentially uninitalized memory if gethostname() failed
If the buffer is smaller than `HOST_NAME_MAX` (64 on Linux but up to
255 bytes in POSIX, which FreeBSD, MacOS etc honor) gethostname()
might return -1 without null-terminating the buffer, causing an
out-of-bounds read.
As we look for the first '.' using `strchr()`, replacing it with a
null byte, we also have a one-byte out-of-bounds write which might
result in a crash or, albeit very unlikely, arbitrary code execution.
Remi Gacogne [Fri, 24 Apr 2020 09:48:16 +0000 (11:48 +0200)]
rec: Fix DNSSEC validation of completely empty NXDomain answers
If the answer has no SOA and no NSEC inside a DNSSEC-secure zone,
we should go Bogus.
Remi Gacogne [Wed, 25 Mar 2020 13:34:29 +0000 (14:34 +0100)]
rec: Add a regression test for duplicate entries in a RPZ XFR update
Remi Gacogne [Wed, 25 Mar 2020 13:15:59 +0000 (14:15 +0100)]
rec: Don't crash on a duplicate RPZ entry received over XFR
Otto Moerbeek [Tue, 24 Mar 2020 11:42:05 +0000 (12:42 +0100)]
Mention versionadded for the three branches
Otto Moerbeek [Tue, 4 Feb 2020 12:52:51 +0000 (13:52 +0100)]
Limit the number of queries sent out to get NS addresses per query.
Remi Gacogne [Wed, 13 May 2020 08:54:28 +0000 (10:54 +0200)]
Merge pull request #9095 from rgacogne/dnsdist-1.5.0-rc2-changelog
dnsdist: Update the ChangeLog and secpoll for 1.5.0-rc2
Remi Gacogne [Mon, 11 May 2020 08:50:29 +0000 (10:50 +0200)]
dnsdist: Update the ChangeLog and secpoll for 1.5.0-rc2
Remi Gacogne [Wed, 6 May 2020 08:46:57 +0000 (10:46 +0200)]
Merge pull request #9070 from rgacogne/boost-173
Boost 1.73 moved boost::bind placeholders to the placeholders namespace
Otto Moerbeek [Mon, 4 May 2020 10:53:13 +0000 (12:53 +0200)]
Merge pull request #9079 from omoerbeek/coverity-
1428667
Avoid throwing an exception in Logger::log().
Otto Moerbeek [Mon, 4 May 2020 10:52:51 +0000 (12:52 +0200)]
Merge pull request #9080 from omoerbeek/coverity-
1401969 -sqllite
auth: better (actual) fix for mem leak in SSQLite3::execute()
Remi Gacogne [Mon, 4 May 2020 09:48:35 +0000 (11:48 +0200)]
Merge pull request #9076 from rgacogne/clang-10-warnings
Fix useless copies in loop reported by clang++ 10
Remi Gacogne [Mon, 4 May 2020 09:19:37 +0000 (11:19 +0200)]
Merge pull request #9084 from pieterlexis/dnsdist_latency_prometheus_help
dnsdist: add the unit to the help for latency buckets
Otto Moerbeek [Mon, 4 May 2020 09:08:26 +0000 (11:08 +0200)]
sqlite3_exec does not return SQLITE_DONE or SQLITE_ROW plus one forgottten throw
conversion
Otto Moerbeek [Mon, 4 May 2020 09:00:23 +0000 (11:00 +0200)]
Apply suggestions from code review
Co-authored-by: Remi Gacogne <rgacogne+github@valombre.net>
Otto Moerbeek [Mon, 4 May 2020 08:50:31 +0000 (10:50 +0200)]
Merge pull request #9078 from omoerbeek/coverity-
1419400
NetmaskTree: do not test node for null, the loop guarantees node is not null.
Otto Moerbeek [Sat, 2 May 2020 13:34:34 +0000 (15:34 +0200)]
Merge pull request #9087 from kpfleming/patch-1
Correct doc for ecs-add-for default
Kevin P. Fleming [Sat, 2 May 2020 13:16:54 +0000 (09:16 -0400)]
Correct doc for ecs-add-for default
The default setting for `ecs-add-for` includes "::/0", not "::".
Chris Hofstaedtler [Fri, 1 May 2020 21:48:37 +0000 (23:48 +0200)]
builder: avoid config change prompts on each pdns-recursor update
Chris Hofstaedtler [Fri, 1 May 2020 21:45:32 +0000 (23:45 +0200)]
builder: use new --config=default for building config templates
Pieter Lexis [Fri, 1 May 2020 16:16:46 +0000 (18:16 +0200)]
dnsdist: add the unit to the help for latency buckets
Otto Moerbeek [Fri, 1 May 2020 10:26:51 +0000 (12:26 +0200)]
Better version that also plug the leaks for errors != the ones tested for.
Otto Moerbeek [Fri, 1 May 2020 09:55:51 +0000 (11:55 +0200)]
Better (actual) fix for leak reported by Coverity.
Always free errmsg; use two diffferent string vars to avoid shadowing.
Coverity
1401969 .
Otto Moerbeek [Fri, 1 May 2020 08:56:09 +0000 (10:56 +0200)]
Avoid throwing an exception in Logger::log().
Throwing an exception in the logger, almost cetainly will cause
trouble. Coverity
1428667 shows this can happen in
LdapBackend::~LdapBackend().
Otto Moerbeek [Fri, 1 May 2020 08:52:50 +0000 (10:52 +0200)]
Do not test node for null, the loop guarantees node is not null.
Found by Coverity (
1419400 ), which concludes that if node could be
null, the following node->node.first.getBits() would deref a nullptr.
Remi Gacogne [Thu, 30 Apr 2020 08:30:34 +0000 (10:30 +0200)]
auth: Remove unused variable in the LDAP backend
Remi Gacogne [Thu, 30 Apr 2020 08:30:22 +0000 (10:30 +0200)]
auth: Fix 'loop variable [...] creates a copy' warnings
Reported by clang++ 10.
Remi Gacogne [Thu, 30 Apr 2020 08:29:06 +0000 (10:29 +0200)]
rec: Fix 'loop variable [...] creates a copy' warnings
Reported by clang++ 10.
Remi Gacogne [Thu, 30 Apr 2020 07:22:21 +0000 (09:22 +0200)]
Merge pull request #9067 from rgacogne/wrap-pthread-objects
Wrap pthread objects
Otto Moerbeek [Wed, 29 Apr 2020 10:36:27 +0000 (12:36 +0200)]
Make the constructors taking a pthread_rwlock_t * private.
This is to avoid re-introducing code using the unwrapped pthread_rwlock_t's.
While there, reorganize the classes to make the order more natural.
Pieter Lexis [Wed, 29 Apr 2020 09:32:23 +0000 (11:32 +0200)]
Set socket-dir to RUNTIME_DIRECTORY under systemd.
RUNTIME_DIRECTORY is set by systemd to the value to `RuntimeDirectory`
, which is managed by systemd and so it is safe to use for the socket-dir.
Pieter Lexis [Wed, 29 Apr 2020 08:12:03 +0000 (10:12 +0200)]
Ensure runtime dirs for virtual services differ
Remi Gacogne [Tue, 28 Apr 2020 15:51:47 +0000 (17:51 +0200)]
Replace boost's placeholders with the ones from the std namespace
Boost 1.73 moved boost::bind placeholders to the placeholders
namespace which did not exist before 1.60, let's switch to
std::bind and std::placeholders instead of doing per-version handling.
Remi Gacogne [Tue, 28 Apr 2020 13:59:46 +0000 (15:59 +0200)]
Lock: Remove the unused g_singleThreaded variable
Remi Gacogne [Tue, 28 Apr 2020 13:34:25 +0000 (15:34 +0200)]
Remove the now unused Lock class wrapping pthread_mutex_t objects
Remi Gacogne [Tue, 28 Apr 2020 13:33:47 +0000 (15:33 +0200)]
auth: Wrap a few more missed pthread_ objects
Remi Gacogne [Fri, 24 Apr 2020 19:02:41 +0000 (21:02 +0200)]
auth: Wrap pthread_ objects
Remi Gacogne [Fri, 24 Apr 2020 15:44:09 +0000 (17:44 +0200)]
rec: Wrap pthread_ objects
Remi Gacogne [Fri, 24 Apr 2020 15:27:50 +0000 (17:27 +0200)]
dnsdist: Wrap pthread_ objects
Otto Moerbeek [Tue, 28 Apr 2020 12:14:03 +0000 (14:14 +0200)]
Merge pull request #9069 from omoerbeek/test-destroy-with-waiters
Avoid "pthread_rwlock_destroy on rwlock with waiters!" on OpenBSD
Remi Gacogne [Tue, 28 Apr 2020 12:00:10 +0000 (14:00 +0200)]
Merge pull request #9068 from rgacogne/ddist-http2-counters
dnsdist: Fix duplicated HTTP/1 counter in 'showDOHFrontends()'
Otto Moerbeek [Tue, 28 Apr 2020 11:32:51 +0000 (13:32 +0200)]
Avoid "pthread_rwlock_destroy on rwlock with waiters!" on OpenBSD
Remi Gacogne [Tue, 28 Apr 2020 10:12:12 +0000 (12:12 +0200)]
dnsdist: Fix duplicated HTTP/1 counter in 'showDOHFrontends()'
Remi Gacogne [Tue, 28 Apr 2020 07:58:44 +0000 (09:58 +0200)]
Merge pull request #9057 from rgacogne/ddist-socket-removal
dnsdist: Gracefully handle a failure to remove FD on (re)-connection
Otto Moerbeek [Tue, 28 Apr 2020 06:41:30 +0000 (08:41 +0200)]
Merge pull request #9056 from omoerbeek/decl-warnings
Add -Wmissing-declarations -Wredundant-decls