]>
git.ipfire.org Git - thirdparty/pdns.git/log
Frank Louwers [Tue, 2 Jun 2020 12:55:06 +0000 (14:55 +0200)]
Update docs/tsig.rst
Co-authored-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Frank Louwers [Fri, 29 May 2020 13:37:58 +0000 (15:37 +0200)]
Clarify allow-axfr-ips behaviour in combination with TSIG
aerique [Thu, 28 May 2020 21:45:34 +0000 (23:45 +0200)]
Merge pull request #9152 from aerique/feature/add-supported-for-unsigned-packages
Make sure we can install unsigned packages.
Peter van Dijk [Thu, 28 May 2020 09:33:07 +0000 (11:33 +0200)]
Merge pull request #9160 from Habbie/spelling-only-docs
limit spell checking to docs
Peter van Dijk [Thu, 28 May 2020 08:55:53 +0000 (10:55 +0200)]
Merge pull request #9166 from cmouse/patch-
1590648655
opensslsigners: Add missing 'static' keyword
Remi Gacogne [Thu, 28 May 2020 07:19:39 +0000 (09:19 +0200)]
Merge pull request #9162 from jsoref/clarify-docs
Clarify docs
Aki Tuomi [Thu, 28 May 2020 06:50:04 +0000 (09:50 +0300)]
opensslsigners: Add missing 'static' keyword
openssl_pthreads_locking_callback and openssl_pthreads_id_callback are
local functions, so they need static.
Josh Soref [Wed, 27 May 2020 19:40:50 +0000 (15:40 -0400)]
rewrite pdns-distributes-queries
Peter van Dijk [Wed, 27 May 2020 15:40:41 +0000 (17:40 +0200)]
spellcheck: only run when docs have been changed
Josh Soref [Wed, 27 May 2020 14:48:30 +0000 (10:48 -0400)]
clarify: reuseports behavior re worker threads
Josh Soref [Wed, 27 May 2020 14:41:24 +0000 (10:41 -0400)]
Wishy-washy
Josh Soref [Wed, 27 May 2020 14:24:40 +0000 (10:24 -0400)]
Update recursordist: reuseport
Peter van Dijk [Wed, 27 May 2020 14:04:56 +0000 (16:04 +0200)]
we keep allowing these words so that we can do incidental spellchecks later
Peter van Dijk [Wed, 27 May 2020 13:55:04 +0000 (15:55 +0200)]
remove spelling cron; limit spelling to docs
aerique [Tue, 26 May 2020 07:06:56 +0000 (09:06 +0200)]
Add `--nobest` when installing PDNS software.
This is for testing in Docker images, we just want them to build.
aerique [Mon, 25 May 2020 15:08:07 +0000 (17:08 +0200)]
Make sure we can install unsigned packages.
Sometimes we need to install unsigned packages from our own ad-hoc repo,
installing `apt-transport-https` makes sure we can do this (at least on
Debian Stretch).
Remi Gacogne [Mon, 25 May 2020 14:08:17 +0000 (16:08 +0200)]
Merge pull request #9141 from rgacogne/rec-remove-getquerylocaladdress-stub
rec: Remove unused getQueryLocalAddress stub in the unit tests
Remi Gacogne [Mon, 25 May 2020 12:45:07 +0000 (14:45 +0200)]
Merge pull request #9143 from Habbie/travis-unbreak-trusty
travis: install pdns package from direct download
Peter van Dijk [Mon, 25 May 2020 08:27:01 +0000 (10:27 +0200)]
travis: install pdns package from direct download
Remi Gacogne [Mon, 25 May 2020 09:17:24 +0000 (11:17 +0200)]
rec: Remove unused getQueryLocalAddress stub in the unit tests
The real function moved to the pdns namespace anyway.
Remi Gacogne [Mon, 25 May 2020 07:50:02 +0000 (09:50 +0200)]
Merge pull request #9137 from phonedph1/patch-21
rec: Update syncres.cc
Remi Gacogne [Mon, 25 May 2020 07:49:48 +0000 (09:49 +0200)]
Merge pull request #9138 from PowerDNS/omoerbeek-patch-1
rec: Typos and ref to rec instead of auth in security advisory
Otto Moerbeek [Fri, 22 May 2020 06:44:57 +0000 (08:44 +0200)]
Typos and ref to rec instead of auth
phonedph1 [Thu, 21 May 2020 01:27:01 +0000 (19:27 -0600)]
Update syncres.cc
Otto Moerbeek [Wed, 20 May 2020 08:47:48 +0000 (10:47 +0200)]
Merge pull request #9134 from omoerbeek/secpoll-cleanup
Secpoll cleanup, mark prereleases with vulnerabilities as such.
Otto Moerbeek [Wed, 20 May 2020 07:38:59 +0000 (09:38 +0200)]
Secpoll cleanup, mark prereleases with vulnerabilities as such.
Otto Moerbeek [Wed, 20 May 2020 07:12:32 +0000 (09:12 +0200)]
Merge pull request #9131 from mnordhoff/patch-6
rec: docs: Update the allow-from setting default
Matt Nordhoff [Tue, 19 May 2020 21:56:55 +0000 (21:56 +0000)]
rec: docs: Update the allow-from setting default.
The default is LOCAL_NETS, but the copy of it in the documentation was incomplete.
Remi Gacogne [Tue, 19 May 2020 15:21:26 +0000 (17:21 +0200)]
Merge pull request #9111 from omoerbeek/dnsreplay-loop
Support LOOP link type in dnsreplay
Otto Moerbeek [Tue, 19 May 2020 13:39:17 +0000 (15:39 +0200)]
Merge pull request #9126 from omoerbeek/rec-4.1.16-secpoll
Prepare rec 4.1.16 secpoll update
Otto Moerbeek [Tue, 19 May 2020 12:53:01 +0000 (14:53 +0200)]
Prepare rec 4.1.16 secpoll update
Remi Gacogne [Tue, 19 May 2020 10:51:22 +0000 (12:51 +0200)]
Merge pull request #9124 from rgacogne/powerdns-advisory-2020-002
rec: powerdns-advisory-2020-002 -> powerdns-advisory-2020-02
Remi Gacogne [Tue, 19 May 2020 10:23:16 +0000 (12:23 +0200)]
rec: powerdns-advisory-2020-002 -> powerdns-advisory-2020-02
Otto Moerbeek [Tue, 19 May 2020 10:14:30 +0000 (12:14 +0200)]
Merge pull request #9118 from pieterlexis/fix-rec-docs
Fix LaTeX-pdns recursor docs
Otto Moerbeek [Tue, 19 May 2020 10:14:16 +0000 (12:14 +0200)]
Merge pull request #9119 from omoerbeek/fix-formatting
fix formatting
Otto Moerbeek [Tue, 19 May 2020 09:51:03 +0000 (11:51 +0200)]
fix formatting
Pieter Lexis [Tue, 19 May 2020 09:25:57 +0000 (11:25 +0200)]
Add names and vars to spelling whitelist
Pieter Lexis [Tue, 19 May 2020 09:16:37 +0000 (11:16 +0200)]
Fix LaTeX-pdns recursor docs
Pieter Lexis [Tue, 19 May 2020 08:49:13 +0000 (10:49 +0200)]
Merge pull request #9114 from pieterlexis/rec-may-2020
Recursor fixes May 2020
Pieter Lexis [Tue, 19 May 2020 08:26:26 +0000 (10:26 +0200)]
Merge pull request #9113 from pieterlexis/rec-prep-may-2020
rec: prep for May 2020 releases
Otto Moerbeek [Wed, 13 May 2020 11:21:50 +0000 (13:21 +0200)]
rec: prep for May 2020 security releases
Otto Moerbeek [Mon, 18 May 2020 13:28:40 +0000 (15:28 +0200)]
Merge pull request #9106 from omoerbeek/release-cycles
Tell about the release cycles.
Otto Moerbeek [Mon, 18 May 2020 12:40:00 +0000 (14:40 +0200)]
Merge pull request #8940 from pieterlexis/resolver-query-local-address6
Merge query-local-address6 into query-local-address
Otto Moerbeek [Mon, 18 May 2020 11:35:54 +0000 (13:35 +0200)]
"Adress" is actually prural in query-local-address
Co-authored-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Otto Moerbeek [Mon, 18 May 2020 11:26:13 +0000 (13:26 +0200)]
Merge pull request #9073 from pieterlexis/runtime-dirs-virtual-hosting
Ensure runtime dirs for virtual services differ
Otto Moerbeek [Mon, 18 May 2020 11:24:16 +0000 (13:24 +0200)]
Merge pull request #9085 from zeha/config
builder: improve shipped config files
Otto Moerbeek [Fri, 15 May 2020 08:11:41 +0000 (10:11 +0200)]
Tell about the release cycles.
Peter van Dijk [Fri, 15 May 2020 19:16:40 +0000 (21:16 +0200)]
Merge pull request #9107 from jsoref/spell-check
Update check-spelling to 0.0.16-a
Josh Soref [Fri, 15 May 2020 15:09:22 +0000 (11:09 -0400)]
Update expects
Josh Soref [Fri, 15 May 2020 15:09:07 +0000 (11:09 -0400)]
spelling: Wshadow
Josh Soref [Fri, 15 May 2020 14:46:35 +0000 (10:46 -0400)]
Ignore c(xx)flags
Josh Soref [Fri, 15 May 2020 14:44:51 +0000 (10:44 -0400)]
spelling: with
Josh Soref [Fri, 15 May 2020 14:43:05 +0000 (10:43 -0400)]
spelling: target
Josh Soref [Fri, 15 May 2020 14:42:48 +0000 (10:42 -0400)]
spelling: should
Josh Soref [Fri, 15 May 2020 14:42:37 +0000 (10:42 -0400)]
spelling: record
Josh Soref [Fri, 15 May 2020 14:42:20 +0000 (10:42 -0400)]
spelling: milliseconds
Josh Soref [Fri, 15 May 2020 14:40:26 +0000 (10:40 -0400)]
spelling: improvements
Josh Soref [Fri, 15 May 2020 14:39:58 +0000 (10:39 -0400)]
spelling: first
Josh Soref [Fri, 15 May 2020 14:38:55 +0000 (10:38 -0400)]
spelling: answer
Josh Soref [Fri, 15 May 2020 14:30:24 +0000 (10:30 -0400)]
Update check-spelling action
Peter van Dijk [Fri, 15 May 2020 14:26:19 +0000 (16:26 +0200)]
Merge pull request #9018 from jsoref/spell-check
Set up spell-checking action
Otto Moerbeek [Fri, 15 May 2020 13:33:12 +0000 (15:33 +0200)]
Support LOOP link type
Otto Moerbeek [Fri, 15 May 2020 08:38:27 +0000 (10:38 +0200)]
Merge pull request #9105 from omoerbeek/auth-4.0-eol
Mark auth 4.0.x as EOL, plus some even older versions.
Otto Moerbeek [Fri, 15 May 2020 07:58:21 +0000 (09:58 +0200)]
Mark auth 4.0.x as EOL, plus some even older versions.
Otto Moerbeek [Thu, 14 May 2020 08:22:00 +0000 (10:22 +0200)]
Merge pull request #9099 from PowerDNS/omoerbeek-patch-1
rec: don't suggest to add a TA for powerdns.com
Otto Moerbeek [Thu, 14 May 2020 08:21:39 +0000 (10:21 +0200)]
Merge pull request #9100 from omoerbeek/secpol-err-msg
Less negatives in error messages improves readability.
Otto Moerbeek [Wed, 13 May 2020 14:29:42 +0000 (16:29 +0200)]
Also update surrounding text as noted by phonedph1
Otto Moerbeek [Wed, 13 May 2020 12:27:42 +0000 (14:27 +0200)]
Less negatives in error messages improves readability.
Otto Moerbeek [Wed, 13 May 2020 12:17:44 +0000 (14:17 +0200)]
don't suggest to a TA for pwerdns.com
Remi Gacogne [Mon, 17 Feb 2020 14:20:32 +0000 (15:20 +0100)]
Don't read potentially uninitalized memory if gethostname() failed
If the buffer is smaller than `HOST_NAME_MAX` (64 on Linux but up to
255 bytes in POSIX, which FreeBSD, MacOS etc honor) gethostname()
might return -1 without null-terminating the buffer, causing an
out-of-bounds read.
As we look for the first '.' using `strchr()`, replacing it with a
null byte, we also have a one-byte out-of-bounds write which might
result in a crash or, albeit very unlikely, arbitrary code execution.
Remi Gacogne [Fri, 24 Apr 2020 09:48:16 +0000 (11:48 +0200)]
rec: Fix DNSSEC validation of completely empty NXDomain answers
If the answer has no SOA and no NSEC inside a DNSSEC-secure zone,
we should go Bogus.
Remi Gacogne [Wed, 25 Mar 2020 13:34:29 +0000 (14:34 +0100)]
rec: Add a regression test for duplicate entries in a RPZ XFR update
Remi Gacogne [Wed, 25 Mar 2020 13:15:59 +0000 (14:15 +0100)]
rec: Don't crash on a duplicate RPZ entry received over XFR
Otto Moerbeek [Tue, 24 Mar 2020 11:42:05 +0000 (12:42 +0100)]
Mention versionadded for the three branches
Otto Moerbeek [Tue, 4 Feb 2020 12:52:51 +0000 (13:52 +0100)]
Limit the number of queries sent out to get NS addresses per query.
Remi Gacogne [Wed, 13 May 2020 08:54:28 +0000 (10:54 +0200)]
Merge pull request #9095 from rgacogne/dnsdist-1.5.0-rc2-changelog
dnsdist: Update the ChangeLog and secpoll for 1.5.0-rc2
Remi Gacogne [Mon, 11 May 2020 08:50:29 +0000 (10:50 +0200)]
dnsdist: Update the ChangeLog and secpoll for 1.5.0-rc2
Remi Gacogne [Wed, 6 May 2020 08:46:57 +0000 (10:46 +0200)]
Merge pull request #9070 from rgacogne/boost-173
Boost 1.73 moved boost::bind placeholders to the placeholders namespace
Otto Moerbeek [Mon, 4 May 2020 10:53:13 +0000 (12:53 +0200)]
Merge pull request #9079 from omoerbeek/coverity-
1428667
Avoid throwing an exception in Logger::log().
Otto Moerbeek [Mon, 4 May 2020 10:52:51 +0000 (12:52 +0200)]
Merge pull request #9080 from omoerbeek/coverity-
1401969 -sqllite
auth: better (actual) fix for mem leak in SSQLite3::execute()
Remi Gacogne [Mon, 4 May 2020 09:48:35 +0000 (11:48 +0200)]
Merge pull request #9076 from rgacogne/clang-10-warnings
Fix useless copies in loop reported by clang++ 10
Remi Gacogne [Mon, 4 May 2020 09:19:37 +0000 (11:19 +0200)]
Merge pull request #9084 from pieterlexis/dnsdist_latency_prometheus_help
dnsdist: add the unit to the help for latency buckets
Otto Moerbeek [Mon, 4 May 2020 09:08:26 +0000 (11:08 +0200)]
sqlite3_exec does not return SQLITE_DONE or SQLITE_ROW plus one forgottten throw
conversion
Otto Moerbeek [Mon, 4 May 2020 09:00:23 +0000 (11:00 +0200)]
Apply suggestions from code review
Co-authored-by: Remi Gacogne <rgacogne+github@valombre.net>
Otto Moerbeek [Mon, 4 May 2020 08:50:31 +0000 (10:50 +0200)]
Merge pull request #9078 from omoerbeek/coverity-
1419400
NetmaskTree: do not test node for null, the loop guarantees node is not null.
Otto Moerbeek [Sat, 2 May 2020 13:34:34 +0000 (15:34 +0200)]
Merge pull request #9087 from kpfleming/patch-1
Correct doc for ecs-add-for default
Kevin P. Fleming [Sat, 2 May 2020 13:16:54 +0000 (09:16 -0400)]
Correct doc for ecs-add-for default
The default setting for `ecs-add-for` includes "::/0", not "::".
Chris Hofstaedtler [Fri, 1 May 2020 21:48:37 +0000 (23:48 +0200)]
builder: avoid config change prompts on each pdns-recursor update
Chris Hofstaedtler [Fri, 1 May 2020 21:45:32 +0000 (23:45 +0200)]
builder: use new --config=default for building config templates
Pieter Lexis [Fri, 1 May 2020 16:16:46 +0000 (18:16 +0200)]
dnsdist: add the unit to the help for latency buckets
Otto Moerbeek [Fri, 1 May 2020 10:26:51 +0000 (12:26 +0200)]
Better version that also plug the leaks for errors != the ones tested for.
Otto Moerbeek [Fri, 1 May 2020 09:55:51 +0000 (11:55 +0200)]
Better (actual) fix for leak reported by Coverity.
Always free errmsg; use two diffferent string vars to avoid shadowing.
Coverity
1401969 .
Otto Moerbeek [Fri, 1 May 2020 08:56:09 +0000 (10:56 +0200)]
Avoid throwing an exception in Logger::log().
Throwing an exception in the logger, almost cetainly will cause
trouble. Coverity
1428667 shows this can happen in
LdapBackend::~LdapBackend().
Otto Moerbeek [Fri, 1 May 2020 08:52:50 +0000 (10:52 +0200)]
Do not test node for null, the loop guarantees node is not null.
Found by Coverity (
1419400 ), which concludes that if node could be
null, the following node->node.first.getBits() would deref a nullptr.
Remi Gacogne [Thu, 30 Apr 2020 08:30:34 +0000 (10:30 +0200)]
auth: Remove unused variable in the LDAP backend
Remi Gacogne [Thu, 30 Apr 2020 08:30:22 +0000 (10:30 +0200)]
auth: Fix 'loop variable [...] creates a copy' warnings
Reported by clang++ 10.
Remi Gacogne [Thu, 30 Apr 2020 08:29:06 +0000 (10:29 +0200)]
rec: Fix 'loop variable [...] creates a copy' warnings
Reported by clang++ 10.
Remi Gacogne [Thu, 30 Apr 2020 07:22:21 +0000 (09:22 +0200)]
Merge pull request #9067 from rgacogne/wrap-pthread-objects
Wrap pthread objects
Otto Moerbeek [Wed, 29 Apr 2020 10:36:27 +0000 (12:36 +0200)]
Make the constructors taking a pthread_rwlock_t * private.
This is to avoid re-introducing code using the unwrapped pthread_rwlock_t's.
While there, reorganize the classes to make the order more natural.
Pieter Lexis [Wed, 29 Apr 2020 09:32:23 +0000 (11:32 +0200)]
Set socket-dir to RUNTIME_DIRECTORY under systemd.
RUNTIME_DIRECTORY is set by systemd to the value to `RuntimeDirectory`
, which is managed by systemd and so it is safe to use for the socket-dir.