]>
git.ipfire.org Git - thirdparty/pdns.git/log
Pieter Lexis [Wed, 25 Mar 2020 08:26:29 +0000 (09:26 +0100)]
Merge pull request #8917 from Habbie/bind-packages-docs
auth docs: clarify absence/presence of pdns-backend-bind
Remi Gacogne [Wed, 25 Mar 2020 08:12:13 +0000 (09:12 +0100)]
Merge pull request #8971 from yantarou/layout_fix
Fix layout in the dnsdist Caching Responses guide
Jan Hilberath [Wed, 25 Mar 2020 05:55:37 +0000 (14:55 +0900)]
Fix layout in the dnsdist Caching Responses guide
Remi Gacogne [Tue, 24 Mar 2020 09:19:50 +0000 (10:19 +0100)]
Merge pull request #8962 from rgacogne/lmdb-safe-move-rvo
Remove a std::move() preventing Return-Value Optimization in lmdb-safe.cc
Remi Gacogne [Mon, 23 Mar 2020 09:20:48 +0000 (10:20 +0100)]
Remove a std::move() preventing Return-Value Optimization in lmdb-safe.cc
Remi Gacogne [Mon, 23 Mar 2020 08:55:40 +0000 (09:55 +0100)]
Merge pull request #8955 from omoerbeek/dnsdist-string-view-amb
On OpenBSD string_view is both in boost and std
Remi Gacogne [Mon, 23 Mar 2020 08:33:22 +0000 (09:33 +0100)]
Merge pull request #8956 from pieterlexis/dnsdist-smt-remove
dnsdist: expose SuffixMatchNode::remove in Lua
Otto Moerbeek [Mon, 23 Mar 2020 07:12:33 +0000 (08:12 +0100)]
Proper include guard for OpenBSD and FreeBSD: std::string_ref is available there.
Peter van Dijk [Sat, 21 Mar 2020 20:19:18 +0000 (21:19 +0100)]
Merge pull request #8960 from kpfleming/fix-swagger-typo
Correct typo in Swagger specification
Kevin P. Fleming [Sat, 21 Mar 2020 20:10:23 +0000 (16:10 -0400)]
Correct typo in Swagger specification
Found when loading the spec into a validating parser :-)
Signed-off-by: Kevin P. Fleming <kevin@km6g.us>
Peter van Dijk [Fri, 20 Mar 2020 23:25:41 +0000 (00:25 +0100)]
Merge pull request #8916 from Habbie/lmdb-namespaces-fbsd
auth lmdb: avoid blanket std import; fixes #8872
Otto Moerbeek [Fri, 20 Mar 2020 16:18:22 +0000 (17:18 +0100)]
Include FreeBSD in conditional
Peter van Dijk [Mon, 9 Mar 2020 19:13:58 +0000 (20:13 +0100)]
auth docs: clarify absence/presence of pdns-backend-bind
Otto Moerbeek [Fri, 20 Mar 2020 11:58:05 +0000 (12:58 +0100)]
On OpenBSD string_view is both in boost and std
Remi Gacogne [Fri, 20 Mar 2020 12:52:29 +0000 (13:52 +0100)]
Merge pull request #8953 from rgacogne/ddist-150a1
dnsdist: Update ChangeLog and secpoll for 1.5.0-alpha1
Pieter Lexis [Fri, 20 Mar 2020 12:44:40 +0000 (13:44 +0100)]
dnsdist: expose SuffixMatchNode::remove in Lua
Remi Gacogne [Fri, 20 Mar 2020 08:09:52 +0000 (09:09 +0100)]
Merge pull request #8952 from rgacogne/ddist-document-xpf-proxy
dnsdist: Add more documentation about XPF and the Proxy Protocol
Remi Gacogne [Fri, 20 Mar 2020 08:08:49 +0000 (09:08 +0100)]
Merge pull request #8954 from rgacogne/ddist-string-ref
dnsdist: Fix compilation issues with older boost::string_ref and string_view
Remi Gacogne [Thu, 19 Mar 2020 16:35:06 +0000 (17:35 +0100)]
dnsdist: Fix compilation issues with older boost::string_ref and string_view
Remi Gacogne [Thu, 19 Mar 2020 16:34:29 +0000 (17:34 +0100)]
dnsdist: Add missing changelog tags to the documentation
Remi Gacogne [Thu, 19 Mar 2020 16:12:02 +0000 (17:12 +0100)]
Update secpoll for dnsdist 1.5.0-alpha1
Remi Gacogne [Thu, 19 Mar 2020 16:11:33 +0000 (17:11 +0100)]
dnsdist: Update ChangeLog for 1.5.0-alpha1
Remi Gacogne [Thu, 19 Mar 2020 14:42:45 +0000 (15:42 +0100)]
dnsdist: Fix a broken reference in the documentation
Remi Gacogne [Thu, 19 Mar 2020 14:42:09 +0000 (15:42 +0100)]
dnsdist: Add more documentation about XPF and the Proxy Protocol
Remi Gacogne [Thu, 19 Mar 2020 12:46:31 +0000 (13:46 +0100)]
Merge pull request #8950 from rgacogne/ddist-warn-low-weight
dnsdist: Warn on startup about low weight values with chashed
Remi Gacogne [Thu, 19 Mar 2020 10:45:10 +0000 (11:45 +0100)]
Merge pull request #8945 from rgacogne/ddist-x-forwarded-for
dnsdist: Add support for the processing of X-Forwarded-For headers
Remi Gacogne [Thu, 19 Mar 2020 10:37:07 +0000 (11:37 +0100)]
dnsdist: Warn on startup about low weight values with chashed
Remi Gacogne [Thu, 19 Mar 2020 09:41:41 +0000 (10:41 +0100)]
Merge pull request #8923 from atoomic/daemon-reload
Reload systemctl service on updates
Remi Gacogne [Thu, 19 Mar 2020 08:58:36 +0000 (09:58 +0100)]
Merge pull request #8947 from rgacogne/ddist-doc-delay
dnsdist: Clarify how DelayResponseAction differs from DelayAction
Remi Gacogne [Thu, 19 Mar 2020 08:58:10 +0000 (09:58 +0100)]
Merge pull request #8948 from rgacogne/ddist-doc-set-smt-rule
dnsdist: Document DynBlockRulesGroup:setSuffixMatchRule
Remi Gacogne [Thu, 19 Mar 2020 08:56:32 +0000 (09:56 +0100)]
Merge pull request #8949 from rgacogne/ddist-doh-rotation-delay
dnsdist: Set the DoH ticket rotation delay before loading tickets
Remi Gacogne [Wed, 18 Mar 2020 16:47:49 +0000 (17:47 +0100)]
dnsdist: Set the DoH ticket rotation delay before loading tickets
Before that change, we could have loaded DoH STEK from a file without
properly setting the next rotation, causing a ticket rotation to
happen during the first TLS session establishment.
This can be prevented by setting `ticketsKeysRotationDelay=0`.
Remi Gacogne [Wed, 18 Mar 2020 15:35:52 +0000 (16:35 +0100)]
dnsdist: Document DynBlockRulesGroup:setSuffixMatchRule
Remi Gacogne [Wed, 18 Mar 2020 14:42:27 +0000 (15:42 +0100)]
dnsdist: Clarify how DelayResponseAction differs from DelayAction
Remi Gacogne [Wed, 18 Mar 2020 14:34:12 +0000 (15:34 +0100)]
Merge pull request #8927 from rgacogne/rec-rpz-tags
rec: Add custom tags to RPZ hits
Otto Moerbeek [Wed, 18 Mar 2020 14:33:33 +0000 (15:33 +0100)]
Merge pull request #8946 from omoerbeek/rec-buildbot-test
rec: test now uses rec_control, so supply location of the executable
Otto Moerbeek [Wed, 18 Mar 2020 14:22:49 +0000 (15:22 +0100)]
Test now uses rec_control, so supply location of the executable
Remi Gacogne [Wed, 18 Mar 2020 13:07:57 +0000 (14:07 +0100)]
dnsdist: Add support for the processing of X-Forwarded-For headers
aerique [Wed, 18 Mar 2020 11:54:02 +0000 (12:54 +0100)]
Merge pull request #8938 from Habbie/auth-4.3.0-rc2-docs
auth: secpoll&changelog for 4.3.0-rc2
Remi Gacogne [Tue, 17 Mar 2020 13:08:30 +0000 (14:08 +0100)]
rec: Only account RPZ truncation actions over UDP
Since they will be ignored over TCP anyway.
Remi Gacogne [Tue, 17 Mar 2020 10:12:52 +0000 (11:12 +0100)]
rec: Fix const-ness in DNSFilterEngine
Co-Authored-By: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Remi Gacogne [Tue, 17 Mar 2020 10:12:35 +0000 (11:12 +0100)]
rec: Fix const-ness in DNSFilterEngine
Co-Authored-By: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Remi Gacogne [Fri, 13 Mar 2020 14:33:47 +0000 (15:33 +0100)]
rec: Add custom tags to RPZ hits
This commit adds the possibility to set custom tags to a RPZ zone,
adding these tags to the policy ones (that can be set with Lua)
when a policy matches.
It does so by creating a new PolicyZoneData object that is shared
between the zone and all the policies that it holds, in order to
- avoid duplicating the name, priority and tags for each policy ;
- prevent a circular dependency between shared pointers for the zone
and its policies.
It also refactors the handling of RPZ policy hits in `startDoResolve()`
to remove some code duplication.
Remi Gacogne [Wed, 18 Mar 2020 08:43:14 +0000 (09:43 +0100)]
Merge pull request #8944 from Leo-Neat/master
Turning dry_run off for CIFuzz
Leo Neat [Tue, 17 Mar 2020 23:14:00 +0000 (16:14 -0700)]
Turning dry_run off for CIFuzz
Remi Gacogne [Tue, 17 Mar 2020 15:55:22 +0000 (16:55 +0100)]
Merge pull request #8874 from rgacogne/ddist-proxy-protocol
Add support for Proxy Protocol between dnsdist and the recursor
Nicolas R [Thu, 12 Mar 2020 16:48:39 +0000 (10:48 -0600)]
Reload systemctl service on install and updates
Fix GH #8922
Make sure systemd is reloading the updated definition
of a service on updates and first installation.
Remi Gacogne [Mon, 16 Mar 2020 10:31:59 +0000 (11:31 +0100)]
rec: Clarify the behavior of the Proxy Protocol feature
Co-Authored-By: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Remi Gacogne [Mon, 16 Mar 2020 10:31:18 +0000 (11:31 +0100)]
rec: Fix a typo in the `proxy-protocol-from` documentation
Co-Authored-By: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Remi Gacogne [Mon, 16 Mar 2020 10:29:33 +0000 (11:29 +0100)]
Add fuzz_target_proxyprotocol to the git ignore list
Remi Gacogne [Fri, 13 Mar 2020 18:07:02 +0000 (19:07 +0100)]
Add a fuzzing target for the Proxy Protocol v2 parser
Remi Gacogne [Fri, 13 Mar 2020 15:58:29 +0000 (16:58 +0100)]
sdig: Document Proxy Protocol options
Remi Gacogne [Fri, 13 Mar 2020 15:52:37 +0000 (16:52 +0100)]
rec: Clarify interactions between 'allow-from' and the proxy protocol
Remi Gacogne [Fri, 13 Mar 2020 15:51:58 +0000 (16:51 +0100)]
rec: Apply Otto's suggestions made during code review
Remi Gacogne [Fri, 13 Mar 2020 15:39:21 +0000 (16:39 +0100)]
rec: Fix the version when for proxy protocol values were added to gettag
Remi Gacogne [Fri, 13 Mar 2020 15:38:24 +0000 (16:38 +0100)]
Fix Lua proxy protocol values syntax in the documentation
Remi Gacogne [Fri, 13 Mar 2020 15:34:48 +0000 (16:34 +0100)]
rec: Remove duplicate DNSQuestion:getPolicyTags() entry in the doc
Remi Gacogne [Fri, 13 Mar 2020 15:32:40 +0000 (16:32 +0100)]
Prevent an overflow of the proxy protocol header size
Remi Gacogne [Wed, 4 Mar 2020 13:03:32 +0000 (14:03 +0100)]
dnsdist: Only reuse an existing TCP connection if the same server was selected
Remi Gacogne [Tue, 3 Mar 2020 15:45:39 +0000 (16:45 +0100)]
dnsdist: Keep the TCP connection to a backend when there is no TLV
Remi Gacogne [Mon, 2 Mar 2020 16:17:46 +0000 (17:17 +0100)]
rec: Keep Proxy Protocol values between queries on the same connection
Remi Gacogne [Mon, 2 Mar 2020 15:46:46 +0000 (16:46 +0100)]
dnsdist: Don't reuse Proxy Protocol-enabled TCP connections to backends
Remi Gacogne [Fri, 28 Feb 2020 14:24:19 +0000 (15:24 +0100)]
rec: Fix a typo in one of the comment, reported by Habbie (thx!)
Remi Gacogne [Thu, 27 Feb 2020 11:34:23 +0000 (12:34 +0100)]
rec: Enforce 'proxy-protocol-maximum-size'
Remi Gacogne [Wed, 26 Feb 2020 11:20:00 +0000 (12:20 +0100)]
rec: Add regression tests for the proxy protocol
Remi Gacogne [Tue, 25 Feb 2020 10:04:59 +0000 (11:04 +0100)]
dnsdist: Make the Proxy Protocol tests compatible with Python 2
Remi Gacogne [Mon, 24 Feb 2020 15:28:15 +0000 (16:28 +0100)]
dnsdist: Add setProxyProtocolValuesAction()
Remi Gacogne [Mon, 24 Feb 2020 14:40:22 +0000 (15:40 +0100)]
dnsdist: Add regression tests for the proxy protocol
Remi Gacogne [Fri, 21 Feb 2020 18:07:26 +0000 (19:07 +0100)]
dnsdist: Add a proxy protocol header to DoH queries as well
Remi Gacogne [Thu, 27 Feb 2020 13:37:30 +0000 (14:37 +0100)]
rec: Add documentation for the new settings and Lua bindings
Remi Gacogne [Wed, 26 Feb 2020 17:25:24 +0000 (18:25 +0100)]
rec: Export Proxy Protocol values to gettag hooks
Remi Gacogne [Thu, 20 Feb 2020 11:12:15 +0000 (12:12 +0100)]
rec: Drop truncated UDP dgrams. Only accept large packets w/ proxy
Remi Gacogne [Thu, 20 Feb 2020 11:11:34 +0000 (12:11 +0100)]
Add proxy protocol unit tests, fix some parsing issues
Remi Gacogne [Wed, 19 Feb 2020 14:15:38 +0000 (15:15 +0100)]
Implement support for 'LOCAL' proxy protocol command
Remi Gacogne [Thu, 20 Feb 2020 11:13:55 +0000 (12:13 +0100)]
dnsdist: Run the proxy protocol unit tests
Remi Gacogne [Thu, 27 Feb 2020 13:40:30 +0000 (14:40 +0100)]
rec: Add support for TLV values
Remi Gacogne [Thu, 27 Feb 2020 13:40:23 +0000 (14:40 +0100)]
dnsdist: Add TLV support
Remi Gacogne [Thu, 27 Feb 2020 13:40:14 +0000 (14:40 +0100)]
rec: Parse incoming proxy protocol
Remi Gacogne [Thu, 20 Feb 2020 14:13:00 +0000 (15:13 +0100)]
dnsdist: Initial implementation of outgoing proxy protocol
Peter van Dijk [Wed, 5 Feb 2020 12:47:52 +0000 (13:47 +0100)]
sdig stdin: attempt to decode proxy headers
Peter van Dijk [Wed, 5 Feb 2020 12:10:41 +0000 (13:10 +0100)]
sdig: add basic TCP support to stdin packet parsing
Peter van Dijk [Tue, 22 Oct 2019 17:58:50 +0000 (19:58 +0200)]
proxy protocol first steps
Peter van Dijk [Tue, 22 Oct 2019 17:01:49 +0000 (19:01 +0200)]
sdig manpage: fix typo
Remi Gacogne [Tue, 17 Mar 2020 10:51:33 +0000 (11:51 +0100)]
Merge pull request #8937 from rgacogne/ddist-fstrm-options
dnsdist: Make FrameStream IO parameters configurable
Peter van Dijk [Mon, 16 Mar 2020 11:51:19 +0000 (12:51 +0100)]
auth: secpoll&changelog for 4.3.0-rc2
Remi Gacogne [Mon, 16 Mar 2020 10:24:06 +0000 (11:24 +0100)]
rec: Fix typos in the documentation of the FrameStream configuration
Remi Gacogne [Mon, 16 Mar 2020 10:23:11 +0000 (11:23 +0100)]
dnsdist: Make FrameStream IO parameters configurable
Peter van Dijk [Mon, 16 Mar 2020 09:04:41 +0000 (10:04 +0100)]
Merge pull request #8925 from RobinGeuze/fixNSEC3ForUnpublishedDNSKEYs
Fix it so NSEC and NSEC3 records if there are no published DNSKEY's
Peter van Dijk [Sun, 15 Mar 2020 21:16:39 +0000 (22:16 +0100)]
Merge pull request #8933 from yantarou/typo_fix
Fix typo
Jan Hilberath [Sun, 15 Mar 2020 10:51:09 +0000 (19:51 +0900)]
Fix typo
Robin Geuze [Sat, 14 Mar 2020 11:24:35 +0000 (12:24 +0100)]
Also only add CDS and CDNSKEY to the type map in case we have published DNSKEY's
Peter van Dijk [Fri, 13 Mar 2020 20:51:51 +0000 (21:51 +0100)]
Merge pull request #8929 from mind04/pdns-cache-clean
auth: make sure we look at 10% of all cached items during cleanup
Kees Monshouwer [Thu, 12 Mar 2020 18:17:19 +0000 (19:17 +0100)]
auth: make sure we look at 10% of all cached items during cleanup
Robin Geuze [Fri, 13 Mar 2020 12:09:10 +0000 (13:09 +0100)]
Fix it so NSEC and NSEC3 records will not include DNSKEY in the typemap if there are no published DNSKEY records
Remi Gacogne [Thu, 12 Mar 2020 09:31:41 +0000 (10:31 +0100)]
Merge pull request #8909 from rgacogne/ddist-bounded-load-weight
dnsdist: Implement bounded loads for the whashed and wrandom policies
Peter van Dijk [Mon, 9 Mar 2020 18:10:00 +0000 (19:10 +0100)]
auth lmdb: avoid blanket std import; fixes #8872
Peter van Dijk [Mon, 9 Mar 2020 16:59:01 +0000 (17:59 +0100)]
Merge pull request #8908 from Habbie/auth-malloc-arena
auth docs: talk about glibc & MALLOC_ARENA_MAX
Remi Gacogne [Mon, 9 Mar 2020 10:32:54 +0000 (11:32 +0100)]
Merge pull request #8900 from rgacogne/openssl-libssl-detection
Detect {Libre,Open}SSL functions availability during configure
Remi Gacogne [Mon, 9 Mar 2020 09:07:40 +0000 (10:07 +0100)]
Merge pull request #8887 from rgacogne/remote-logger-keep-queueing-reconnect
Better handling of reconnections in Remote Logger (dnsdist, rec)
Remi Gacogne [Fri, 6 Mar 2020 16:26:50 +0000 (17:26 +0100)]
dnsdist: Make sure that the bounded-load factor is >= .0