]>
git.ipfire.org Git - thirdparty/pdns.git/log
Remi Gacogne [Thu, 4 Apr 2019 09:31:31 +0000 (11:31 +0200)]
Merge pull request #7481 from rgacogne/ipcrypt
Add support for encrypting IP addresses #gdpr
Remi Gacogne [Thu, 4 Apr 2019 09:29:29 +0000 (11:29 +0200)]
Merge pull request #7620 from shane-kerr/readme-link-fixes
Correct dnsdist & recursor information in README
Remi Gacogne [Thu, 4 Apr 2019 09:29:04 +0000 (11:29 +0200)]
Merge pull request #7652 from Habbie/dnsdist-ednsoptionview
dnsdist, recursor: EDNSOptionView improvements
Remi Gacogne [Thu, 4 Apr 2019 09:27:16 +0000 (11:27 +0200)]
Merge pull request #7578 from qvr/addtl-gstats
dnsdist: add frontend response statistics
Remi Gacogne [Thu, 4 Apr 2019 09:26:24 +0000 (11:26 +0200)]
Merge pull request #7343 from rgacogne/dnsdist-dyngroup-smt
dnsdist: Add addDynBlockSMT() support to dynBlockRulesGroup
Remi Gacogne [Thu, 4 Apr 2019 09:25:05 +0000 (11:25 +0200)]
Merge pull request #7585 from rgacogne/dnsdist-zero-ttl
dnsdist: Prevent 0-TTL cache hits
Remi Gacogne [Thu, 4 Apr 2019 09:24:04 +0000 (11:24 +0200)]
Merge pull request #7586 from rgacogne/dnsdist-null-latency-web
dnsdist: Gracefully handle a null latency in the webserver's JS
Peter van Dijk [Wed, 3 Apr 2019 07:10:09 +0000 (09:10 +0200)]
Merge pull request #7598 from jsoref/spelling
Spelling
Peter van Dijk [Wed, 3 Apr 2019 07:03:11 +0000 (09:03 +0200)]
Merge pull request #7656 from Habbie/dnsdist-macos-build-nit
dnsdist README: update macOS instructions
Peter van Dijk [Tue, 2 Apr 2019 21:54:37 +0000 (23:54 +0200)]
always link in uuid-utils because webserver logging needs it now
Peter van Dijk [Tue, 2 Apr 2019 16:29:04 +0000 (18:29 +0200)]
1-index recursor EDNSOptionView
Peter van Dijk [Tue, 2 Apr 2019 15:33:53 +0000 (17:33 +0200)]
dnsdist README: update macOS instructions
aerique [Tue, 2 Apr 2019 12:26:43 +0000 (14:26 +0200)]
Merge pull request #7654 from aerique/feature/changelog-and-secpoll-for-rec-4.1.12
Update changelog and secpoll for rec-4.1.12.
Peter van Dijk [Tue, 2 Apr 2019 12:11:52 +0000 (14:11 +0200)]
simplify vector indexing
Peter van Dijk [Tue, 2 Apr 2019 12:10:59 +0000 (14:10 +0200)]
adjust indexes in tests
Erik Winkels [Tue, 2 Apr 2019 11:08:12 +0000 (13:08 +0200)]
Update changelog and secpoll for rec-4.1.12.
Otto Moerbeek [Tue, 2 Apr 2019 08:38:05 +0000 (10:38 +0200)]
Merge pull request #7631 from omoerbeek/rec-ecs-cache-limit-with-ttl
Rec ecs cache limit with ttl
Peter van Dijk [Mon, 1 Apr 2019 19:29:55 +0000 (21:29 +0200)]
Lua tables are indexed from 1
Peter van Dijk [Mon, 1 Apr 2019 19:29:09 +0000 (21:29 +0200)]
count is a method, not an attribute
bert hubert [Mon, 1 Apr 2019 12:47:59 +0000 (14:47 +0200)]
This provides CPU usage statistics per thread (worker & distributor).
(cherry picked from commit
4ae78615a5a0fb0721ebe1a58a1235e75c47d400 )
Remi Gacogne [Mon, 1 Apr 2019 13:57:42 +0000 (15:57 +0200)]
Merge pull request #7507 from rgacogne/rec-bounded-load-balancing
rec: Use a bounded load-balancing algo to distribute queries
Pieter Lexis [Mon, 1 Apr 2019 12:43:49 +0000 (14:43 +0200)]
Merge pull request #5932 from pieterlexis/webserver-logging
Improve logging in the webserver
Otto Moerbeek [Mon, 1 Apr 2019 12:27:27 +0000 (14:27 +0200)]
Reformulate condition and comment to make it more clear.
Otto Moerbeek [Mon, 1 Apr 2019 09:30:06 +0000 (11:30 +0200)]
Only apply "do not cache" if both limits are set and satisfied. Doc tweaks.
Kees Monshouwer [Sun, 31 Mar 2019 11:37:36 +0000 (13:37 +0200)]
auth: use the api in the lmdb regression tests
Kees Monshouwer [Sat, 30 Mar 2019 21:21:59 +0000 (22:21 +0100)]
auth: lmdbbackend, fix getAllDomains()
Remi Gacogne [Fri, 29 Mar 2019 16:20:52 +0000 (17:20 +0100)]
rec: Clarify that the server load should be >= to the pondered avg
(cherry picked from commit
b476baebdc5a2ab4170476167aef94b7cdb677ab )
Remi Gacogne [Fri, 29 Mar 2019 12:32:46 +0000 (13:32 +0100)]
rec: Keep track of the number of MTasks in a dedicated variable
(cherry picked from commit
03a5d29ea3456fd3798ca71ed4f0f7ec7980ee2c )
Otto Moerbeek [Fri, 29 Mar 2019 10:40:05 +0000 (11:40 +0100)]
New approach. I spelled out the logic to make it more clear.
Points to keep in mind: > vs >=
What do we do if s_ecscachelimitttl is not set? I chose to let the scope determine
cacheability.
Remi Gacogne [Thu, 28 Mar 2019 17:30:12 +0000 (18:30 +0100)]
rec: Make sure that distribution-load-factor is >= 1.0 if set
Otto Moerbeek [Wed, 27 Mar 2019 12:17:06 +0000 (13:17 +0100)]
Add tests for ecs-cache-limit-ttl
Remi Gacogne [Wed, 27 Mar 2019 11:10:37 +0000 (12:10 +0100)]
rec: Add a 'rebalanced-queries' metric
Remi Gacogne [Wed, 20 Feb 2019 16:47:30 +0000 (17:47 +0100)]
rec: Use a bounded load-balancing algo to distribute queries
Otto Moerbeek [Wed, 27 Mar 2019 11:37:19 +0000 (12:37 +0100)]
Initial code for ecs-cache-limit-ttl.
Otto Moerbeek [Wed, 27 Mar 2019 10:34:24 +0000 (11:34 +0100)]
Merge remote-tracking branch 'origin/pr/7572' into rec-ecs-cache-limit-with-ttl
Josh Soref [Wed, 27 Mar 2019 08:53:28 +0000 (04:53 -0400)]
grammar: reword complicated sentence
Remi Gacogne [Wed, 27 Mar 2019 08:45:54 +0000 (09:45 +0100)]
Merge pull request #7628 from tcely/patch-3
Lua QClass global does not exist
Josh Soref [Wed, 27 Mar 2019 08:44:18 +0000 (04:44 -0400)]
grammar: remove unnecessary comma in compound predicate
Josh Soref [Wed, 27 Mar 2019 08:43:22 +0000 (04:43 -0400)]
spelling: SQLite
Josh Soref [Wed, 27 Mar 2019 08:42:23 +0000 (04:42 -0400)]
grammar: rewrite sentence
Josh Soref [Wed, 27 Mar 2019 08:26:30 +0000 (04:26 -0400)]
grammar: avoid using having
Josh Soref [Wed, 27 Mar 2019 08:25:20 +0000 (04:25 -0400)]
grammar: remove unnecessary comma in compound predicate
Josh Soref [Wed, 27 Mar 2019 08:24:33 +0000 (04:24 -0400)]
separate overly complicated sentence
Josh Soref [Wed, 27 Mar 2019 08:19:40 +0000 (04:19 -0400)]
spelling: spell out day of week abbreviations
Josh Soref [Wed, 27 Mar 2019 08:18:06 +0000 (04:18 -0400)]
grammar: help parsers understand that denial-of-existence is a thing
Josh Soref [Wed, 27 Mar 2019 08:11:05 +0000 (04:11 -0400)]
grammar: comma for introductory phrase
Josh Soref [Wed, 27 Mar 2019 08:08:10 +0000 (04:08 -0400)]
grammar: comma for introductory phrase
Josh Soref [Wed, 27 Mar 2019 08:01:46 +0000 (04:01 -0400)]
grammar: oxford comma
Josh Soref [Wed, 27 Mar 2019 08:01:29 +0000 (04:01 -0400)]
grammar: oxford comma
Josh Soref [Wed, 27 Mar 2019 07:57:58 +0000 (03:57 -0400)]
grammar: comma-however
Josh Soref [Tue, 26 Mar 2019 21:24:52 +0000 (17:24 -0400)]
grammar ...
* oxford comma is pretty easy to explain
* like ... and -- probably the easiest explanation is that
https://www.quickanddirtytips.com/education/grammar/like-versus-such-as
uses `and` not `or`...
Josh Soref [Tue, 26 Mar 2019 21:20:28 +0000 (17:20 -0400)]
clarify sentence
Josh Soref [Tue, 26 Mar 2019 21:19:56 +0000 (17:19 -0400)]
doc: described is a simple enough word...
Josh Soref [Tue, 26 Mar 2019 21:03:56 +0000 (17:03 -0400)]
spelling: deactivated
tcely [Tue, 26 Mar 2019 18:04:53 +0000 (14:04 -0400)]
Lua QClass global does not exist
The C code uses `QClass`, but the Lua variable was added as `DNSClass` for whatever reason.
Remi Gacogne [Tue, 12 Mar 2019 12:22:30 +0000 (13:22 +0100)]
rec: Set ecs-ipv4-cache-bits and ecs-ipv6-cache-bits in the tests
(cherry picked from commit
0cd27a313133139947e6e1b97fe7f1c0164ad40f )
Remi Gacogne [Tue, 12 Mar 2019 11:27:06 +0000 (12:27 +0100)]
rec: Document 'ecs-ipv4-cache-bits' and 'ecs-ipv6-cache-bits'
(cherry picked from commit
4d8c05df7a8fd6045061325693dcf8b17dbd364d )
Remi Gacogne [Tue, 12 Mar 2019 11:19:13 +0000 (12:19 +0100)]
rec: Add unit tests for the ECS cache limit feature
Remi Gacogne [Tue, 12 Mar 2019 11:05:56 +0000 (12:05 +0100)]
rec: Move the ECS cache limit check to the SyncRes
bert hubert [Tue, 12 Mar 2019 10:27:53 +0000 (11:27 +0100)]
implement a configurable ECS cache limit, defaulting to /24 and /56 of IPv6. So a /25 response will not get cached.
(cherry picked from commit
1dab554571edc88ae625c3997294dbcfb1c3507e )
Remi Gacogne [Tue, 12 Feb 2019 16:06:33 +0000 (17:06 +0100)]
dnsdist: Add regression tests for protobuf pseudonymization
Remi Gacogne [Tue, 12 Feb 2019 15:14:29 +0000 (16:14 +0100)]
Build ipcrypt as a separate (static) library since it's written in C
Otherwise we could compile it as C++ code, leading to this warning
from the compiler:
```
cc1: warning: command line option ‘-std=c++11’ is valid for C++/ObjC++ but not for C
```
Remi Gacogne [Thu, 31 Jan 2019 13:59:29 +0000 (14:59 +0100)]
Remove trailing whitespaces
Remi Gacogne [Wed, 30 Jan 2019 15:58:04 +0000 (16:58 +0100)]
dnsdist: Add IP 'encryption' options to RemoteLog{,Response}Action
Remi Gacogne [Wed, 30 Jan 2019 15:01:39 +0000 (16:01 +0100)]
dnsdist: Don't link OpenSSL's libssl or GnuTLS unless DoT is enabled
bert hubert [Mon, 19 Feb 2018 09:21:19 +0000 (10:21 +0100)]
make pdnsutil support base64 encoded keys for ipcipher
bert hubert [Fri, 16 Feb 2018 21:34:51 +0000 (22:34 +0100)]
fix testrunner
bert hubert [Fri, 16 Feb 2018 21:01:02 +0000 (22:01 +0100)]
update docs to key derivation & proper link
bert hubert [Fri, 16 Feb 2018 09:12:43 +0000 (10:12 +0100)]
document dnswasher flags
bert hubert [Fri, 16 Feb 2018 09:03:39 +0000 (10:03 +0100)]
made dnswasher support ipcipher
bert hubert [Thu, 15 Feb 2018 12:58:27 +0000 (13:58 +0100)]
dnswasher comment
bert hubert [Thu, 15 Feb 2018 13:03:58 +0000 (14:03 +0100)]
hook up makeIPCipherKey in dnsdist
bert hubert [Wed, 7 Feb 2018 12:18:09 +0000 (13:18 +0100)]
salt was confusing, should be ipcipheripcipher
bert hubert [Wed, 7 Feb 2018 09:05:33 +0000 (10:05 +0100)]
fix up salt for pbkdf2
bert hubert [Thu, 15 Feb 2018 12:51:24 +0000 (13:51 +0100)]
rename ipcrypt/ipcipher
bert hubert [Tue, 6 Feb 2018 12:11:32 +0000 (13:11 +0100)]
add key derivatin from password, add ipencrypt/ipdecrypt to pdnsutil & document it
bert hubert [Fri, 2 Feb 2018 12:39:28 +0000 (13:39 +0100)]
add documentation to dnsdist
bert hubert [Fri, 2 Feb 2018 11:39:57 +0000 (12:39 +0100)]
fix ipcrypt.h in testrunner Makefile
bert hubert [Fri, 2 Feb 2018 10:51:28 +0000 (11:51 +0100)]
replace links
bert hubert [Fri, 2 Feb 2018 10:48:15 +0000 (11:48 +0100)]
add in symlinks for dnsdist
bert hubert [Fri, 2 Feb 2018 10:43:20 +0000 (11:43 +0100)]
Add support for encrypting IP addresses #gdpr
With this change, PowerDNS core gains ability to encrypt & decrypt IP addresses as described in https://medium.com/@bert.hubert/on-ip-address-encryption-security-analysis-with-respect-for-privacy-
dabe1201b476
For IPv4 this uses ipcrypt, for IPv6 it uses a 128-bit AES ECB operation.
This CR also hooks up ipencrypt() and ipdecrypt() methods for dnsdist use, specifically to pseudonomyse logging.
Remi Gacogne [Mon, 25 Mar 2019 09:19:58 +0000 (10:19 +0100)]
Merge pull request #7574 from rgacogne/rec-min-ecs-ttl
rec: Add a new ecs-minimum-ttl-override setting
Remi Gacogne [Mon, 25 Mar 2019 08:51:44 +0000 (09:51 +0100)]
Merge pull request #7621 from shane-kerr/lua-required-for-recursor
Note that Lua is now required for the recursor
bert hubert [Sun, 24 Mar 2019 21:35:51 +0000 (22:35 +0100)]
Merge pull request #7623 from genofire/patch-1
typo in docs - thanks!
genofire [Sun, 24 Mar 2019 21:32:09 +0000 (22:32 +0100)]
typo in docs
Shane Kerr [Sat, 23 Mar 2019 10:28:45 +0000 (11:28 +0100)]
Note that Lua is now required for the recursor
Shane Kerr [Sat, 23 Mar 2019 09:49:11 +0000 (10:49 +0100)]
Correct dnsdist & recursor information in README
aerique [Fri, 22 Mar 2019 14:38:29 +0000 (15:38 +0100)]
Merge pull request #7616 from aerique/feature/changelog-and-secpoll-for-auth-4.1.8
Update changelog and secpoll for auth-4.1.8.
Peter van Dijk [Wed, 20 Mar 2019 09:35:12 +0000 (10:35 +0100)]
fix versionadded for gmysql-thread-closer
Remi Gacogne [Wed, 20 Mar 2019 08:55:34 +0000 (09:55 +0100)]
Merge pull request #7503 from ahupowerdns/auth-ringbugs
Auth ringbuffer simmaries were case sensitive & accounted delegations incorrectly
Remi Gacogne [Wed, 20 Mar 2019 08:55:09 +0000 (09:55 +0100)]
Merge pull request #7517 from Habbie/mysqlthreadcloser
plug mysql_thread_init memory leak
Remi Gacogne [Wed, 20 Mar 2019 08:54:39 +0000 (09:54 +0100)]
Merge pull request #7529 from rgacogne/auth-clear-metadata-on-delete
auth: Clear caches (meta-data, keys) on domain deletion
Remi Gacogne [Wed, 20 Mar 2019 08:52:32 +0000 (09:52 +0100)]
Merge pull request #7587 from rgacogne/auth-qsizeq
auth: Ensure we increase the number of queued queries before decreasing it
Remi Gacogne [Wed, 20 Mar 2019 08:52:03 +0000 (09:52 +0100)]
Merge pull request #7595 from rgacogne/auth-packetcache-tests-contention
auth: Avoid contention issues in the packet cache's unit tests
Matt Nordhoff [Tue, 19 Mar 2019 17:43:21 +0000 (17:43 +0000)]
pdnsutil: Fix "is is" typo in help
Josh Soref [Tue, 19 Mar 2019 17:13:04 +0000 (13:13 -0400)]
spelling: version
Josh Soref [Tue, 19 Mar 2019 17:12:58 +0000 (13:12 -0400)]
spelling: syscall
Josh Soref [Tue, 19 Mar 2019 17:12:33 +0000 (13:12 -0400)]
spelling: successful
Josh Soref [Tue, 19 Mar 2019 20:15:42 +0000 (16:15 -0400)]
spelling: iterator
Remi Gacogne [Tue, 19 Mar 2019 15:42:25 +0000 (16:42 +0100)]
rec: Handle invalid numeric values from the control channel