]>
git.ipfire.org Git - thirdparty/pdns.git/log
Remi Gacogne [Wed, 1 Mar 2023 09:17:29 +0000 (10:17 +0100)]
Merge pull request #12598 from rgacogne/rec-update-validation-state-missing-negative-indication
rec: Update validation state after a missing negative indication
Otto Moerbeek [Tue, 28 Feb 2023 10:41:40 +0000 (11:41 +0100)]
Merge pull request #12595 from omoerbeek/rec-serve-stale-wipe
rec: Call the right wipe function for negcache in the serve-stale case
Otto Moerbeek [Tue, 28 Feb 2023 09:50:50 +0000 (10:50 +0100)]
Call the right wipe function for negcache in the serve-stale case
This is a reason serve-stale is causing an intermittent high CPU
load: the wipe function actually called was deleting a (potentially
large) subtree of the negcache on all shards.
Remi Gacogne [Mon, 27 Feb 2023 14:37:36 +0000 (15:37 +0100)]
Merge pull request #12593 from rgacogne/clean-up-m4
m4: Clean up the fortify and LTO m4 by not directly editing flags
Remi Gacogne [Mon, 27 Feb 2023 12:58:34 +0000 (13:58 +0100)]
Merge pull request #12592 from rgacogne/ddist-servfail-metric
dnsdist: Only increment the 'servfail-responses' metric on backend responses
Remi Gacogne [Mon, 27 Feb 2023 11:21:48 +0000 (12:21 +0100)]
m4: Clean up the fortify and LTO m4 by not directly editing flags
Remi Gacogne [Mon, 27 Feb 2023 10:39:02 +0000 (11:39 +0100)]
Merge pull request #12586 from rgacogne/ddist-harvest-dest-addr
dnsdist: Fix the harvesting of destination addresses
Remi Gacogne [Mon, 27 Feb 2023 09:58:38 +0000 (10:58 +0100)]
dnsdist: Only increment the 'servfail-responses' metric on backend responses
Reported by phonedph1 (many thanks!).
Remi Gacogne [Mon, 27 Feb 2023 09:23:06 +0000 (10:23 +0100)]
Merge pull request #12589 from rgacogne/yahttp-cxx11-detection
YaHTTP: Better detection of whether C++11 features are available
Remi Gacogne [Fri, 24 Feb 2023 16:44:34 +0000 (17:44 +0100)]
Merge pull request #12588 from AdamMajer/doh_compilation_fix
dnsdist-protobuf: fix compilation with DoH disabled
Remi Gacogne [Fri, 24 Feb 2023 16:35:53 +0000 (17:35 +0100)]
yahttp: Better detection of whether C++11 features are available
The previous version relied on having `HAVE_CXX11` defined, which
is not true when you are compiling with C++17, for example, even
though the C++11 features are available (`HAVE_CXX17` is defined
but that does not help).
Adam Majer [Fri, 24 Feb 2023 15:46:23 +0000 (16:46 +0100)]
dnsdist-protobuf: fix compilation with DoH disabled
Remi Gacogne [Fri, 24 Feb 2023 14:28:52 +0000 (15:28 +0100)]
Merge pull request #12585 from romeroalx/repo-odbc-cleanup
Avoid Microsoft repo for ODBC packages. Step 3 of 3: cleanup manual installation of ODBC packages
Remi Gacogne [Fri, 24 Feb 2023 14:25:01 +0000 (15:25 +0100)]
dnsdist: Only fall back origDest, not hopLocal, to the frontend's address
Remi Gacogne [Fri, 24 Feb 2023 14:14:43 +0000 (15:14 +0100)]
Merge pull request #12587 from rgacogne/ddist-no-tsan-signal-warning
dnsdist: Skip signal-unsafe logging when we are about to exit, with TSAN
Remi Gacogne [Fri, 24 Feb 2023 11:08:27 +0000 (12:08 +0100)]
dnsdist: Skip signal-unsafe logging when we are about to exit, with TSAN
TSAN is rightfully unhappy about this:
```
WARNING: ThreadSanitizer: signal-unsafe call inside of a signal
```
This is not a real problem for us, as the worst case is that
we crash trying to exit, but let's try to avoid the warnings
in our tests.
Remi Gacogne [Fri, 24 Feb 2023 10:30:44 +0000 (11:30 +0100)]
dnsdist: Fix the harvesting of destination addresses
The original destination was not properly updated: 'hopLocal' contains
the destination address of the packet we received, and matches 'origDest'
unless the proxy protocol is used, in which case 'origDest' will be
updated by the 'real' destination address as seen by the client and
the first hop.
Reported by phonedph1 (many thanks!).
Alexis Romero [Fri, 24 Feb 2023 10:24:26 +0000 (11:24 +0100)]
Avoid Microsoft repo for ODBC. Step 3: unixodbc install cleanup
Otto Moerbeek [Fri, 24 Feb 2023 10:15:55 +0000 (11:15 +0100)]
Merge pull request #12584 from omoerbeek/auth-include-crypto
auth: Add flags to find libssl includes to two modules needing them
Otto Moerbeek [Fri, 24 Feb 2023 09:08:31 +0000 (10:08 +0100)]
Add flags to find libssl includes to two modules needing them
Remi Gacogne [Fri, 24 Feb 2023 08:57:44 +0000 (09:57 +0100)]
Merge pull request #12582 from hlindqvist/dnsdist-svcb-dohpath-key7
Use key7 for dohpath in SVCB examples in dnsdist
Håkan Lindqvist [Thu, 23 Feb 2023 20:58:48 +0000 (21:58 +0100)]
Use key7 for dohpath in SVCB examples in dnsdist
As per the IANA registry, 7 is the id assigned for the dohpath SVCB
parameter: https://www.iana.org/assignments/dns-svcb/dns-svcb.xhtml
Remi Gacogne [Thu, 23 Feb 2023 15:40:12 +0000 (16:40 +0100)]
Merge pull request #12577 from romeroalx/repo-odbc-codeql-allow-downgrades
Avoid Microsoft repo for ODBC packages. Step 1b: codeql - allow apt downgrades
Remi Gacogne [Thu, 23 Feb 2023 15:39:10 +0000 (16:39 +0100)]
Merge pull request #12578 from aerique/feature/add-dnsdist-18-to-repo-script
Add dnsdist-18 to repo test script.
Remi Gacogne [Thu, 23 Feb 2023 10:21:21 +0000 (11:21 +0100)]
Merge pull request #12576 from rgacogne/ddist-180-rc1-secpoll-2
dnsdist: The security status for 1.8.0-rc1 should be 1, not 3
Erik Winkels [Thu, 23 Feb 2023 10:08:06 +0000 (11:08 +0100)]
Add dnsdist-18 to repo test script.
Alexis Romero [Thu, 23 Feb 2023 10:03:30 +0000 (11:03 +0100)]
Avoid Microsoft repo for ODBC. Step 1: codeql allow apt downgrades
Remi Gacogne [Thu, 23 Feb 2023 09:57:49 +0000 (10:57 +0100)]
dnsdist: Actually, 1 is even better than 2 for pre-releases
Remi Gacogne [Thu, 23 Feb 2023 09:52:41 +0000 (10:52 +0100)]
dnsdist: The security status for 1.8.0-rc1 should be 2, not 3
Which means Update recommended instead of mandatory. Neither are nice,
so perhaps we need a different level for pre-releases?
Fred Morcos [Thu, 23 Feb 2023 09:43:49 +0000 (10:43 +0100)]
Merge pull request #12550 from fredmorcos/openssl3-pkcs11-signers
OpenSSL 3.0: PKCS11 signers
Remi Gacogne [Thu, 23 Feb 2023 09:09:38 +0000 (10:09 +0100)]
Merge pull request #12575 from rgacogne/ddist-180-rc1
dnsdist: ChangeLog and secpoll update for 1.8.0-rc1
Remi Gacogne [Wed, 15 Feb 2023 14:22:01 +0000 (15:22 +0100)]
spell-check: Allow new names and technical terms
Remi Gacogne [Wed, 15 Feb 2023 13:57:37 +0000 (14:57 +0100)]
dnsdist: ChangeLog and secpoll update for 1.8.0-rc1
romeroalx [Wed, 22 Feb 2023 12:58:13 +0000 (13:58 +0100)]
Merge pull request #12573 from romeroalx/repo-odbc-apt-allow-downgrades
Avoid Microsoft repo for ODBC packages. Step 1 of 3: allow apt downgrades
Fred Morcos [Wed, 15 Feb 2023 10:18:22 +0000 (11:18 +0100)]
OpenSSL 3.0: PKCS11 signer
Fred Morcos [Wed, 22 Feb 2023 11:49:27 +0000 (12:49 +0100)]
PKCS11 Signer: Fix buffer overflow
Alexis Romero [Wed, 22 Feb 2023 10:48:28 +0000 (11:48 +0100)]
Avoid Microsoft repo for ODBC. Step 1: allow apt downgrades
Fred Morcos [Wed, 15 Feb 2023 09:42:49 +0000 (10:42 +0100)]
pkcs11signers cleanup
Peter van Dijk [Wed, 22 Feb 2023 09:30:02 +0000 (10:30 +0100)]
Merge pull request #12555 from romeroalx/gh-auth-ldap-geoip
GH Actions: added ldap and geoip-mmdb tests. Removed from CircleCI.
Remi Gacogne [Wed, 22 Feb 2023 09:26:53 +0000 (10:26 +0100)]
rec: Update validation state after a missing negative indication
Remi Gacogne [Wed, 22 Feb 2023 08:37:27 +0000 (09:37 +0100)]
Merge pull request #12561 from rgacogne/ddist-test-protobuf-doh-tags-all-protocols
dnsdist: Ensure we have at least one protobuf MetaValue
Remi Gacogne [Wed, 22 Feb 2023 08:30:29 +0000 (09:30 +0100)]
Merge pull request #12549 from fredmorcos/unused-args-cleanup
Auth: Cleanup unused argument warnings, and other things
Peter van Dijk [Tue, 21 Feb 2023 15:30:18 +0000 (16:30 +0100)]
Merge pull request #12570 from jsoref/docs-an-experimental-feature
docs: harmonize `an experimental feature`
Peter van Dijk [Tue, 21 Feb 2023 15:18:05 +0000 (16:18 +0100)]
Merge pull request #12536 from PowerDNS/dependabot/github_actions/actions/cache-3.2.5
build(deps): bump actions/cache from 3.2.4 to 3.2.5
Peter van Dijk [Tue, 21 Feb 2023 15:15:15 +0000 (16:15 +0100)]
Merge pull request #12525 from jpmens/patch-12
Small typo in ALSO-NOTIFY
Alexis Romero [Thu, 16 Feb 2023 05:55:48 +0000 (06:55 +0100)]
removed ldap and geoip-mmdb tests from circleci
Alexis Romero [Thu, 16 Feb 2023 05:54:23 +0000 (06:54 +0100)]
gh actions: simplified collector job in build-and-test-all.yml
Alexis Romero [Thu, 16 Feb 2023 05:52:49 +0000 (06:52 +0100)]
gh actions: added ldap and geoip-mmdb tests
Josh Soref [Mon, 20 Feb 2023 21:17:48 +0000 (16:17 -0500)]
docs: harmonize `an experimental feature`
Remi Gacogne [Mon, 20 Feb 2023 18:01:51 +0000 (19:01 +0100)]
Merge pull request #12569 from tjikkun/gcc13
dnsdist-protocols.hh: include <cstdint>
Sander Hoentjen [Mon, 20 Feb 2023 15:51:07 +0000 (16:51 +0100)]
dnsdist-protocols.hh: include <cstdint>
This fixes building dnsdist with gcc13:
```
In file included from dnsdist-protocols.cc:26:
dnsdist-protocols.hh:32:8: error: use of enum 'typeenum' without previous declaration
32 | enum typeenum : uint8_t
| ^~~~~~~~
dnsdist-protocols.hh:32:19: error: 'uint8_t' was not declared in this scope
32 | enum typeenum : uint8_t
| ^~~~~~~
dnsdist-protocols.hh:25:1: note: 'uint8_t' is defined in header '<cstdint>'; did you forget to '#include <cstdint>'?
24 | #include <vector>
+++ |+#include <cstdint>
25 | #include <string>
```
Fred Morcos [Fri, 17 Feb 2023 08:22:34 +0000 (09:22 +0100)]
Remove -Wno-unused-parameter from default C(XX)FLAGS
Fred Morcos [Fri, 17 Feb 2023 08:26:18 +0000 (09:26 +0100)]
Revert LMDB backend cleanups
Fred Morcos [Fri, 17 Feb 2023 08:26:12 +0000 (09:26 +0100)]
Revert "LMDB: Fix unused argument warnings"
This reverts commit
95e730e65c5bac46cfc9df0dae8ac6c6d667d0b4 .
Fred Morcos [Wed, 15 Feb 2023 16:56:36 +0000 (17:56 +0100)]
Cleanup lwres.cc
Fred Morcos [Wed, 15 Feb 2023 15:28:01 +0000 (16:28 +0100)]
Cleanup handleIXFR
Fred Morcos [Wed, 15 Feb 2023 15:27:09 +0000 (16:27 +0100)]
Cleanup the UnixRemote constructor
Fred Morcos [Wed, 15 Feb 2023 15:25:15 +0000 (16:25 +0100)]
Cleanup emitRecord in zone2json.cc
Fred Morcos [Wed, 15 Feb 2023 15:23:31 +0000 (16:23 +0100)]
Cleanup gatherRecords in ws-auth.cc
Fred Morcos [Wed, 15 Feb 2023 15:15:18 +0000 (16:15 +0100)]
Cleanup TCPIOHandler constructor
Fred Morcos [Wed, 15 Feb 2023 15:13:44 +0000 (16:13 +0100)]
Cleanup Socker::recvFromAsync
Fred Morcos [Wed, 15 Feb 2023 15:11:35 +0000 (16:11 +0100)]
Cleanup CommunicatorClass
Fred Morcos [Wed, 15 Feb 2023 15:07:58 +0000 (16:07 +0100)]
Remove operator< from PKCS11DNSCryptoKeyEngine
Fred Morcos [Wed, 15 Feb 2023 15:05:12 +0000 (16:05 +0100)]
Cleanup pdnsutil.cc
Fred Morcos [Wed, 15 Feb 2023 15:03:43 +0000 (16:03 +0100)]
Remove makeOpt from dnsrecords
Fred Morcos [Wed, 15 Feb 2023 14:59:49 +0000 (15:59 +0100)]
Cleanup dbdnsseckeeper
Fred Morcos [Wed, 15 Feb 2023 14:54:57 +0000 (15:54 +0100)]
Cleanup cachecleaner.hh
Fred Morcos [Tue, 14 Feb 2023 09:01:18 +0000 (10:01 +0100)]
dnsbackend.hh: Lint fixes
Fred Morcos [Tue, 14 Feb 2023 08:53:58 +0000 (09:53 +0100)]
Fix unused argument warnings
Fred Morcos [Tue, 14 Feb 2023 08:46:17 +0000 (09:46 +0100)]
LMDB: Fix unused argument warnings
Fred Morcos [Tue, 14 Feb 2023 08:45:49 +0000 (09:45 +0100)]
JSON11: Fix unqualified calls to std::move
Fred Morcos [Tue, 14 Feb 2023 08:45:24 +0000 (09:45 +0100)]
JSON11: Fix unnamed arguments
Fred Morcos [Tue, 14 Feb 2023 08:46:08 +0000 (09:46 +0100)]
Whitespace
Remi Gacogne [Mon, 20 Feb 2023 07:56:36 +0000 (08:56 +0100)]
Merge pull request #12567 from PowerDNS/rgacogne-patch-1
Security policy: Our bug bounty program moved from HackerOne to YesWeHack
Remi Gacogne [Sun, 19 Feb 2023 21:25:45 +0000 (22:25 +0100)]
Security policy: Our bug bounty program moved from HackerOne to YesWeHack
Peter van Dijk [Sat, 18 Feb 2023 22:24:38 +0000 (23:24 +0100)]
Merge pull request #12566 from jpmens/patch-13
replace address of primary
Jan-Piet Mens [Sat, 18 Feb 2023 21:44:13 +0000 (22:44 +0100)]
replace address of primary
I think the address `127.0.0.1` makes little sense when creating a secondary zone, and I hope this is a tad less confusing.
Remi Gacogne [Fri, 17 Feb 2023 13:30:50 +0000 (14:30 +0100)]
dnsdist: Ensure we have at least one protobuf MetaValue
Remi Gacogne [Fri, 17 Feb 2023 09:41:17 +0000 (10:41 +0100)]
dnsdist: Test DoH 'meta' Protocol Buffer values for all protocols
The DoH-related values should be empty non-DoH protocols, but the
protocol buffer messages should still be sent, with the expected
content.
Peter van Dijk [Fri, 17 Feb 2023 14:41:06 +0000 (15:41 +0100)]
Merge pull request #12562 from romeroalx/workaround-fix-grub-error
Workaround for grub error raised after apt-get dist-upgrade
romeroalx [Fri, 17 Feb 2023 13:59:34 +0000 (14:59 +0100)]
Update FIXME comment in build-scripts/gh-actions-setup-inv
Co-authored-by: Remi Gacogne <github@coredump.fr>
Alexis Romero [Fri, 17 Feb 2023 10:13:01 +0000 (11:13 +0100)]
workaround for grub error raised after apt-get dist-upgrade
Remi Gacogne [Fri, 17 Feb 2023 13:36:50 +0000 (14:36 +0100)]
Merge pull request #12543 from rgacogne/ddist-build-lto
dnsdist: Enable Link-Time Optimization for our packages
Remi Gacogne [Thu, 16 Feb 2023 08:42:30 +0000 (09:42 +0100)]
Merge pull request #12553 from rgacogne/ddist-custom-metrics-prom-name
dnsdist: Add support for custom prometheus names in custom metrics
Remi Gacogne [Thu, 16 Feb 2023 08:32:00 +0000 (09:32 +0100)]
Merge pull request #12552 from rgacogne/ddist-check-response-cache-metrics
dnsdist: Add regression tests for responses, cache metrics
Remi Gacogne [Thu, 16 Feb 2023 08:31:34 +0000 (09:31 +0100)]
Merge pull request #12551 from rgacogne/ddist-fix-doh-conn-counter-race
dnsdist: Fix a use-after-free in the incoming DoH path
Remi Gacogne [Thu, 16 Feb 2023 08:31:01 +0000 (09:31 +0100)]
Merge pull request #12520 from rgacogne/ddist-protobuf-meta
dnsdist: Add support for metadata in protobuf messages
Otto Moerbeek [Thu, 16 Feb 2023 07:34:59 +0000 (08:34 +0100)]
Merge pull request #12554 from aj-gh/doc-recursor-servestale
rec doc: serve-stale-extensions works on 30s so an hour should be 120x
Andreas Jakum [Wed, 15 Feb 2023 15:11:46 +0000 (16:11 +0100)]
rec: serve-stale-extensions works on 30s so an hour should be 120x.
Remi Gacogne [Wed, 15 Feb 2023 11:31:06 +0000 (12:31 +0100)]
dnsdist: Add support for custom prometheus names in custom metrics
Remi Gacogne [Wed, 15 Feb 2023 10:47:10 +0000 (11:47 +0100)]
dnsdist: Add regression tests for responses, cache metrics
Remi Gacogne [Wed, 15 Feb 2023 10:18:38 +0000 (11:18 +0100)]
dnsdist: Fix a use-after-free in the incoming DoH path
During the recent addition of the concurrent connection checks for
incoming DoH connections, I introduced a bug by using the connection
object just after it has been released.
Peter van Dijk [Wed, 15 Feb 2023 09:39:54 +0000 (10:39 +0100)]
Merge pull request #12548 from romeroalx/workaround-ci-unixodbc-misc
Apply odbc packages workaround to misc-dailies workflow
Remi Gacogne [Wed, 15 Feb 2023 08:49:25 +0000 (09:49 +0100)]
Merge pull request #12540 from fredmorcos/signers-cleanup
Signers cleanup
Alexis Romero [Wed, 15 Feb 2023 08:47:40 +0000 (09:47 +0100)]
Apply odbc packages workaround to misc-dailies workflow
Peter van Dijk [Tue, 14 Feb 2023 15:32:26 +0000 (16:32 +0100)]
Merge pull request #12526 from romeroalx/gh-auth-odbc-tests
GH actions: added auth odbc{sqlitle3, mssql} tests. Removed from CircleCI
Alexis Romero [Thu, 9 Feb 2023 11:16:04 +0000 (12:16 +0100)]
GH actions: added auth odbc{sqlitle3, mssql} tests. Removed from CircleCI
Fred Morcos [Mon, 13 Feb 2023 08:53:06 +0000 (09:53 +0100)]
Introduce DNSCryptoKeyEngine::convertToPEMString
Fred Morcos [Mon, 13 Feb 2023 08:44:58 +0000 (09:44 +0100)]
Introduce DNSCryptoKeyEngine::makeFromPEMString
Fred Morcos [Mon, 13 Feb 2023 08:37:02 +0000 (09:37 +0100)]
Make the filename argument to createFromPEMFile optional