]>
git.ipfire.org Git - thirdparty/pdns.git/log
Remi Gacogne [Sun, 19 Feb 2023 21:25:45 +0000 (22:25 +0100)]
Security policy: Our bug bounty program moved from HackerOne to YesWeHack
Peter van Dijk [Sat, 18 Feb 2023 22:24:38 +0000 (23:24 +0100)]
Merge pull request #12566 from jpmens/patch-13
replace address of primary
Jan-Piet Mens [Sat, 18 Feb 2023 21:44:13 +0000 (22:44 +0100)]
replace address of primary
I think the address `127.0.0.1` makes little sense when creating a secondary zone, and I hope this is a tad less confusing.
Peter van Dijk [Fri, 17 Feb 2023 14:41:06 +0000 (15:41 +0100)]
Merge pull request #12562 from romeroalx/workaround-fix-grub-error
Workaround for grub error raised after apt-get dist-upgrade
romeroalx [Fri, 17 Feb 2023 13:59:34 +0000 (14:59 +0100)]
Update FIXME comment in build-scripts/gh-actions-setup-inv
Co-authored-by: Remi Gacogne <github@coredump.fr>
Alexis Romero [Fri, 17 Feb 2023 10:13:01 +0000 (11:13 +0100)]
workaround for grub error raised after apt-get dist-upgrade
Remi Gacogne [Fri, 17 Feb 2023 13:36:50 +0000 (14:36 +0100)]
Merge pull request #12543 from rgacogne/ddist-build-lto
dnsdist: Enable Link-Time Optimization for our packages
Remi Gacogne [Thu, 16 Feb 2023 08:42:30 +0000 (09:42 +0100)]
Merge pull request #12553 from rgacogne/ddist-custom-metrics-prom-name
dnsdist: Add support for custom prometheus names in custom metrics
Remi Gacogne [Thu, 16 Feb 2023 08:32:00 +0000 (09:32 +0100)]
Merge pull request #12552 from rgacogne/ddist-check-response-cache-metrics
dnsdist: Add regression tests for responses, cache metrics
Remi Gacogne [Thu, 16 Feb 2023 08:31:34 +0000 (09:31 +0100)]
Merge pull request #12551 from rgacogne/ddist-fix-doh-conn-counter-race
dnsdist: Fix a use-after-free in the incoming DoH path
Remi Gacogne [Thu, 16 Feb 2023 08:31:01 +0000 (09:31 +0100)]
Merge pull request #12520 from rgacogne/ddist-protobuf-meta
dnsdist: Add support for metadata in protobuf messages
Otto Moerbeek [Thu, 16 Feb 2023 07:34:59 +0000 (08:34 +0100)]
Merge pull request #12554 from aj-gh/doc-recursor-servestale
rec doc: serve-stale-extensions works on 30s so an hour should be 120x
Andreas Jakum [Wed, 15 Feb 2023 15:11:46 +0000 (16:11 +0100)]
rec: serve-stale-extensions works on 30s so an hour should be 120x.
Remi Gacogne [Wed, 15 Feb 2023 11:31:06 +0000 (12:31 +0100)]
dnsdist: Add support for custom prometheus names in custom metrics
Remi Gacogne [Wed, 15 Feb 2023 10:47:10 +0000 (11:47 +0100)]
dnsdist: Add regression tests for responses, cache metrics
Remi Gacogne [Wed, 15 Feb 2023 10:18:38 +0000 (11:18 +0100)]
dnsdist: Fix a use-after-free in the incoming DoH path
During the recent addition of the concurrent connection checks for
incoming DoH connections, I introduced a bug by using the connection
object just after it has been released.
Peter van Dijk [Wed, 15 Feb 2023 09:39:54 +0000 (10:39 +0100)]
Merge pull request #12548 from romeroalx/workaround-ci-unixodbc-misc
Apply odbc packages workaround to misc-dailies workflow
Remi Gacogne [Wed, 15 Feb 2023 08:49:25 +0000 (09:49 +0100)]
Merge pull request #12540 from fredmorcos/signers-cleanup
Signers cleanup
Alexis Romero [Wed, 15 Feb 2023 08:47:40 +0000 (09:47 +0100)]
Apply odbc packages workaround to misc-dailies workflow
Peter van Dijk [Tue, 14 Feb 2023 15:32:26 +0000 (16:32 +0100)]
Merge pull request #12526 from romeroalx/gh-auth-odbc-tests
GH actions: added auth odbc{sqlitle3, mssql} tests. Removed from CircleCI
Alexis Romero [Thu, 9 Feb 2023 11:16:04 +0000 (12:16 +0100)]
GH actions: added auth odbc{sqlitle3, mssql} tests. Removed from CircleCI
Fred Morcos [Mon, 13 Feb 2023 08:53:06 +0000 (09:53 +0100)]
Introduce DNSCryptoKeyEngine::convertToPEMString
Fred Morcos [Mon, 13 Feb 2023 08:44:58 +0000 (09:44 +0100)]
Introduce DNSCryptoKeyEngine::makeFromPEMString
Fred Morcos [Mon, 13 Feb 2023 08:37:02 +0000 (09:37 +0100)]
Make the filename argument to createFromPEMFile optional
Remi Gacogne [Tue, 14 Feb 2023 13:37:11 +0000 (14:37 +0100)]
Merge pull request #12541 from rgacogne/ddist-10855-doc-doh-exactpath
dnsdist: Make it clearer that exactPathMatching was introduced in 1.6
Remi Gacogne [Tue, 14 Feb 2023 13:07:23 +0000 (14:07 +0100)]
Merge pull request #12534 from rgacogne/ddist-missing-prometheus-meta
dnsdist: Add prometheus type and help for 'cache_cleanup_count'
Remi Gacogne [Tue, 14 Feb 2023 13:06:45 +0000 (14:06 +0100)]
Merge pull request #12542 from rgacogne/ddist-cppcheck
dnsdist: Fix warnings from cppcheck
Remi Gacogne [Tue, 14 Feb 2023 13:06:33 +0000 (14:06 +0100)]
Merge pull request #12545 from rgacogne/dnsdist-ktls
dnsdist: Enable experimental kTLS support with OpenSSL on Linux
Remi Gacogne [Mon, 13 Feb 2023 16:26:41 +0000 (17:26 +0100)]
spell: Allow 'ktls'
Remi Gacogne [Wed, 2 Feb 2022 14:41:00 +0000 (15:41 +0100)]
dnsdist: Enable experimental kTLS support with OpenSSL on Linux
Remi Gacogne [Mon, 13 Feb 2023 13:10:00 +0000 (14:10 +0100)]
dnsdist: Use gcc-ar and gcc-ranlib when building EL packages
Remi Gacogne [Mon, 13 Feb 2023 10:26:52 +0000 (11:26 +0100)]
dnsdist: Enable Link-Time Optimization for our packages
Remi Gacogne [Mon, 13 Feb 2023 12:53:43 +0000 (13:53 +0100)]
dnsdist: Fix warnings from cppcheck
Most of these are 'performance' warnings in parts of code where performance
does not really matter, but there is no harm in being more consistent.
It also makes it easier to spot more meaningful warnings in the future.
The remaining changes are false-positives where cppcheck does not detect
that null-pointer dereferences cannot actually happen, so I edited
the code to make it clearer (removing redundant checks in some cases,
actually adding some in other cases).
Remi Gacogne [Mon, 13 Feb 2023 09:39:43 +0000 (10:39 +0100)]
dnsdist: Make it clearer that exactPathMatching was introduced in 1.6
Remi Gacogne [Mon, 13 Feb 2023 16:28:55 +0000 (17:28 +0100)]
dnsdist: Document help and type for cache_cleanup_count_total
Remi Gacogne [Fri, 10 Feb 2023 14:10:08 +0000 (15:10 +0100)]
dnsdist: Add prometheus type and help for 'cache_cleanup_count'
Also make sure that we test the caching metrics in our regression tests.
Remi Gacogne [Tue, 14 Feb 2023 11:40:05 +0000 (12:40 +0100)]
Merge pull request #12537 from rgacogne/ddist-faster-maxqpsiprule
dnsdist: Improve the scalability of MaxQPSIPRule()
Remi Gacogne [Tue, 14 Feb 2023 11:37:22 +0000 (12:37 +0100)]
dnsdist: Support exporting tags in the Protocol Buffer 'tags' field
Remi Gacogne [Tue, 14 Feb 2023 11:00:10 +0000 (12:00 +0100)]
dnsdist: No trailing ':' after the protobuf tag key when the value is empty
Remi Gacogne [Tue, 14 Feb 2023 10:26:59 +0000 (11:26 +0100)]
Merge pull request #12547 from rgacogne/ddist-flags-tests
dnsdist: Give the 'flags on timeout' test more headroom
Remi Gacogne [Tue, 14 Feb 2023 10:05:36 +0000 (11:05 +0100)]
dnsdist: Use repeated string values for MetaValue protobuf field
Remi Gacogne [Mon, 13 Feb 2023 16:31:46 +0000 (17:31 +0100)]
dnsdist: Fix the description of protobuf meta key-value pairs
As suggested by Charles-Henri Bruyand (thanks!).
Remi Gacogne [Mon, 30 Jan 2023 17:15:05 +0000 (18:15 +0100)]
dnsdist: Add support for metadata in protobuf messages
Fred Morcos [Fri, 10 Feb 2023 14:51:06 +0000 (15:51 +0100)]
Documentation formatting and ordering for createFromPEMFile
Fred Morcos [Fri, 10 Feb 2023 14:50:53 +0000 (15:50 +0100)]
Fix the argument ordering of createFromPEMFile
Fred Morcos [Fri, 10 Feb 2023 14:29:23 +0000 (15:29 +0100)]
Fix the confusing argument ordering of makeFromPEMFile
Fred Morcos [Thu, 9 Feb 2023 16:39:00 +0000 (17:39 +0100)]
Auto format test-signers.cc
Fred Morcos [Thu, 9 Feb 2023 16:38:03 +0000 (17:38 +0100)]
test-signers.cc: Don't auto format test data
Fred Morcos [Thu, 9 Feb 2023 16:34:03 +0000 (17:34 +0100)]
Rename (and cleanup) convertToPEM to convertToPEMFile
Fred Morcos [Thu, 9 Feb 2023 16:16:08 +0000 (17:16 +0100)]
Cleanup
Fred Morcos [Thu, 9 Feb 2023 16:35:10 +0000 (17:35 +0100)]
Auto format sodiumsigners.cc
Remi Gacogne [Tue, 14 Feb 2023 08:49:32 +0000 (09:49 +0100)]
dnsdist: Give the 'flags on timeout' test more headroom
It looks like it takes longer than expected for the timeout to be
recorded when running on GitHub Actions.
Peter van Dijk [Tue, 14 Feb 2023 08:33:59 +0000 (09:33 +0100)]
Merge pull request #12544 from romeroalx/workaround-ci-unixodbc-dev
gh actions: added manual removal/installation of odbc packages
Peter van Dijk [Tue, 14 Feb 2023 07:59:38 +0000 (08:59 +0100)]
Merge pull request #12522 from jsoref/schedule-on-var
Run scheduled workflows only if a var is set
Alexis Romero [Mon, 13 Feb 2023 14:49:45 +0000 (15:49 +0100)]
gh actions: added manual removal/installation of odbc packages
Remi Gacogne [Mon, 13 Feb 2023 16:30:07 +0000 (17:30 +0100)]
Merge pull request #12538 from rgacogne/ddist-remove-boost-get_value_or
dnsdist: Stop using the deprecated `boost::optional::get_value_or`
Remi Gacogne [Mon, 13 Feb 2023 15:34:56 +0000 (16:34 +0100)]
Merge pull request #12535 from rgacogne/ddist-showserver-format
dnsdist: Fix the formatting of 'showServers'
Remi Gacogne [Mon, 13 Feb 2023 15:30:27 +0000 (16:30 +0100)]
Merge pull request #12531 from rgacogne/ddist-make-certs
dnsdist: Move the certs handling to a Makefile in the regression tests
Remi Gacogne [Mon, 13 Feb 2023 15:30:17 +0000 (16:30 +0100)]
Merge pull request #12532 from rgacogne/ddist-document-ipv6-link-local
dnsdist: Document that IPv6 link-local addresses require the interface
Remi Gacogne [Mon, 13 Feb 2023 15:29:39 +0000 (16:29 +0100)]
Merge pull request #12529 from rgacogne/dnsdist-flags-timeout
dnsdist: Properly record the incoming flags on a timeout
Remi Gacogne [Mon, 13 Feb 2023 15:29:14 +0000 (16:29 +0100)]
Merge pull request #12530 from rgacogne/ddist-output-version-earlier
dnsdist: List version number early
Remi Gacogne [Mon, 13 Feb 2023 09:19:02 +0000 (10:19 +0100)]
Merge pull request #12500 from rgacogne/ddist-cache-api-wording
dnsdist: Better wording for the 'no cache' case
Remi Gacogne [Mon, 13 Feb 2023 09:15:19 +0000 (10:15 +0100)]
Merge pull request #12539 from mnordhoff/patch-14
rec: Fix doc typo
Matt Nordhoff [Sat, 11 Feb 2023 07:18:02 +0000 (07:18 +0000)]
rec: Fix doc typo
Remi Gacogne [Fri, 10 Feb 2023 16:38:23 +0000 (17:38 +0100)]
dnsdist: Stop using the deprecated `boost::optional::get_value_or`
Remi Gacogne [Fri, 10 Feb 2023 16:32:43 +0000 (17:32 +0100)]
dnsdist: Stop using the deprecated 'boost::optional::get_value_or'
Remi Gacogne [Fri, 10 Feb 2023 16:06:06 +0000 (17:06 +0100)]
dnsdist: Shard MaxQPSIPRule() for better scalability
Remi Gacogne [Fri, 10 Feb 2023 15:47:38 +0000 (16:47 +0100)]
Merge pull request #12527 from fredmorcos/checkkey-cleanup
Avoid the use of raw pointers in checkKey(s) routines
Otto Moerbeek [Fri, 10 Feb 2023 15:42:08 +0000 (16:42 +0100)]
Merge pull request #12493 from omoerbeek/rec-aggr-min-nsec3-bin
Only store NSEC3 records in aggressive cache if we expect them to be effective.
Remi Gacogne [Fri, 10 Feb 2023 15:24:22 +0000 (16:24 +0100)]
dnsdist: Faster lookups in MaxQPSIPRule()
Remi Gacogne [Fri, 10 Feb 2023 15:17:56 +0000 (16:17 +0100)]
dnsdist: Prevent duplicated cleanup in MaxQPSIPRule()
Remi Gacogne [Fri, 10 Feb 2023 15:01:58 +0000 (16:01 +0100)]
dnsdist: Fix the formatting of 'showServers'
Long IPv6 addresses and huge weight and order values were not properly
handled.
Otto Moerbeek [Fri, 10 Feb 2023 10:23:49 +0000 (11:23 +0100)]
Rename option and adapt docs to reflect that.
This remains complicated to docuemnt.
Otto Moerbeek [Fri, 3 Feb 2023 09:30:09 +0000 (10:30 +0100)]
Use vector instead of C array
Otto Moerbeek [Fri, 3 Feb 2023 09:23:31 +0000 (10:23 +0100)]
Take bound into account while computing common prefix
Otto Moerbeek [Fri, 3 Feb 2023 09:13:34 +0000 (10:13 +0100)]
Setting, based on estimated number of names in a zone.
Zero means no NSEC3 entries in aggressive cache at all
Otto Moerbeek [Wed, 1 Feb 2023 14:45:05 +0000 (15:45 +0100)]
A few unit tests
Otto Moerbeek [Wed, 21 Dec 2022 13:43:39 +0000 (14:43 +0100)]
Only store NSEC3 records in aggressive cache if we expect them to be effective.
The aggressive cache is not very effective for large NSEC3 domains: each NSEC3 record only
covers a relatively small amount of random names.
We only want to put NSEC3 records in the aggresive cache if there is a decent
chance a hash will hit it. Hashes are random wrt the corresponding names.
So look at the bitwise common prefix of the owner and next, and do
not store the record if the common prefix is long.
We also might want to introduce a switch to completely forget the aggressive
cache for the NSEC3 case.
Fred Morcos [Thu, 9 Feb 2023 16:09:08 +0000 (17:09 +0100)]
Avoid raw pointers in checkKey(s) routines
Remi Gacogne [Fri, 10 Feb 2023 12:22:12 +0000 (13:22 +0100)]
dnsdist: Fix a typo in the Makefile
Remi Gacogne [Fri, 10 Feb 2023 11:10:35 +0000 (12:10 +0100)]
dnsdist: Document that IPv6 link-local addresses require the interface
Remi Gacogne [Fri, 10 Feb 2023 10:43:07 +0000 (11:43 +0100)]
dnsdist: Move the certs handling to a Makefile in the regression tests
This makes my life easier during testing, and feels cleaner.
Remi Gacogne [Fri, 10 Feb 2023 10:39:22 +0000 (11:39 +0100)]
dnsdist: List version number early
This is very useful when investigating an issue that prevent dnsdist
from starting, for example.
Remi Gacogne [Fri, 10 Feb 2023 09:33:34 +0000 (10:33 +0100)]
dnsdist: Properly record the incoming flags on a timeout
Otto Moerbeek [Fri, 10 Feb 2023 07:28:27 +0000 (08:28 +0100)]
Merge pull request #11777 from omoerbeek/rec-trace-to-file
rec: rec_control trace-regex: trace to a file or stdout instead of the general log
Fred Morcos [Thu, 9 Feb 2023 16:09:05 +0000 (17:09 +0100)]
Cleanup
Fred Morcos [Thu, 9 Feb 2023 16:06:58 +0000 (17:06 +0100)]
Whitespace
Peter van Dijk [Thu, 9 Feb 2023 08:54:48 +0000 (09:54 +0100)]
Merge pull request #12524 from fredmorcos/openssl3-compat-fix
OpenSSL 3.0: Stay compatible with OpenSSL 1.0 to Fix CentOS7 builds
Remi Gacogne [Thu, 9 Feb 2023 08:46:02 +0000 (09:46 +0100)]
Merge pull request #12423 from fredmorcos/ddist-tls-provider
OpenSSL 3.0: Offer TLS providers as an alternative to TLS engines in DNSdist
Fred Morcos [Tue, 7 Feb 2023 18:07:08 +0000 (19:07 +0100)]
OpenSSL 3.0: Add loadTLSProvider to replace loadTLSEngine
Fred Morcos [Wed, 8 Feb 2023 16:31:40 +0000 (17:31 +0100)]
OpenSSL 3.0: Stay compatible with OpenSSL 1.0 to Fix CentOS7 builds
Otto Moerbeek [Wed, 8 Feb 2023 14:58:31 +0000 (15:58 +0100)]
Typo
Co-authored-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Otto Moerbeek [Wed, 8 Feb 2023 14:45:01 +0000 (15:45 +0100)]
Set trace fd to non-blocking and report errors writing
Josh Soref [Thu, 2 Feb 2023 17:57:11 +0000 (12:57 -0500)]
Conditional for SCHEDULED_MISC_DAILIES
Josh Soref [Thu, 2 Feb 2023 17:56:12 +0000 (12:56 -0500)]
Conditional for SCHEDULED_DOCKER
Josh Soref [Thu, 2 Feb 2023 17:55:48 +0000 (12:55 -0500)]
Conditional for SCHEDULED_CODEQL_ANALYSIS
Josh Soref [Thu, 2 Feb 2023 17:54:52 +0000 (12:54 -0500)]
Conditional for SCHEDULED_JOBS_BUILDER
Josh Soref [Thu, 2 Feb 2023 17:54:13 +0000 (12:54 -0500)]
Conditional for SCHEDULED_JOBS_BUILD_AND_TEST_ALL
Remi Gacogne [Wed, 8 Feb 2023 14:13:13 +0000 (15:13 +0100)]
Merge pull request #12518 from Y7n05h/master
remove duplicate code in xdp
Peter van Dijk [Wed, 8 Feb 2023 12:38:54 +0000 (13:38 +0100)]
Merge pull request #12488 from PowerDNS/dependabot/github_actions/actions/cache-3.2.4
build(deps): bump actions/cache from 3.0.11 to 3.2.4