]>
git.ipfire.org Git - thirdparty/pdns.git/log
Peter van Dijk [Thu, 14 Mar 2024 17:53:41 +0000 (18:53 +0100)]
Merge pull request #13918 from Habbie/backport-13916-to-auth-4.9.x
auth-4.9 .dockerignore: adjust for https://github.com/docker/buildx/issues/850
Peter van Dijk [Thu, 14 Mar 2024 14:01:44 +0000 (15:01 +0100)]
.dockerignore: adjust for https://github.com/docker/buildx/issues/850
(cherry picked from commit
d710d00c6928ae550a377abbb3a9e7a27fb30f39 )
Peter van Dijk [Thu, 14 Mar 2024 14:23:21 +0000 (15:23 +0100)]
Merge pull request #13901 from Habbie/backport-13867-to-auth-4.9.x
auth 4.9: on OpenBSD, try harder to send on a non-blocking socket
Peter van Dijk [Thu, 14 Mar 2024 14:22:17 +0000 (15:22 +0100)]
Merge pull request #13900 from Habbie/backport-13860-to-auth-4.9.x
auth 4.9 LUA dblookup: switch qtype argument to int
Peter van Dijk [Thu, 14 Mar 2024 14:22:08 +0000 (15:22 +0100)]
Merge pull request #13899 from Habbie/backport-13855-to-auth-4.9.x
auth 4.9: revive remotebackend tests and fix failures
Peter van Dijk [Thu, 14 Mar 2024 14:21:16 +0000 (15:21 +0100)]
Merge pull request #13898 from Habbie/backport-13849-to-auth-4.9.x
auth 4.9 Docker: Only print config if debug flag is set
Peter van Dijk [Thu, 14 Mar 2024 13:09:26 +0000 (14:09 +0100)]
Merge pull request #13897 from Habbie/backport-13841-to-auth-4.9.x
auth 4.9: do not disable ns records at apex in consumer zones
Peter van Dijk [Thu, 14 Mar 2024 13:09:16 +0000 (14:09 +0100)]
Merge pull request #13896 from Habbie/backport-13205-to-auth-4.9.x
auth 4.9: catalog, include groups in hash calculation
Peter van Dijk [Thu, 14 Mar 2024 13:09:04 +0000 (14:09 +0100)]
Merge pull request #13895 from Habbie/backport-13879-to-auth-4.9.x
auth 4.9 LUA: support returning empty set in filterForward #13879
Peter van Dijk [Thu, 14 Mar 2024 10:03:00 +0000 (11:03 +0100)]
Merge pull request #13839 from Habbie/auth-4.9.x-ci-specialise
remove unneeded jobs for rel/auth-4.9.x branch
Peter van Dijk [Mon, 11 Mar 2024 10:25:06 +0000 (11:25 +0100)]
auth-4.9.x: specialise workflows
Peter van Dijk [Wed, 13 Mar 2024 09:34:41 +0000 (10:34 +0100)]
Merge pull request #13908 from Habbie/backport-13907-to-auth-4.9.x
auth 4.9: gh actions: wo issue 9491 - actions/runner-images
romeroalx [Tue, 12 Mar 2024 16:24:31 +0000 (17:24 +0100)]
gh actions: wo issue 9491 - actions/runner-images
(cherry picked from commit
e0bf314e472d0c1d4bc1ff82d97cabf87be1e929 )
Otto Moerbeek [Wed, 6 Mar 2024 14:19:22 +0000 (15:19 +0100)]
auth: on OpenBSD, try harder to send on a non-blocking socket
Should fix #13857 in many cases, though you can still argue this
is a OpenBSD bug (or at least an undesirable difference between other
systems and OpenBSD).
(cherry picked from commit
24aba96710c666bac69298422106821d51a24ecb )
Peter van Dijk [Tue, 5 Mar 2024 11:34:50 +0000 (12:34 +0100)]
auth LUA dblookup: switch qtype argument to int
(cherry picked from commit
2ef0893002c6d4e655935ba0a0cde11f9754ef55 )
Peter van Dijk [Mon, 4 Mar 2024 12:47:53 +0000 (13:47 +0100)]
remotebackend tests: use unsigned domain_id (thanks ubsan)
(cherry picked from commit
c68956befb51dcd3fdc40cdf7c945348b0082f51 )
Peter van Dijk [Mon, 4 Mar 2024 12:28:21 +0000 (13:28 +0100)]
remotebackend tests: do pass empty array
(cherry picked from commit
faffc88b53df908121b4cb0c1f009b24503aa84e )
Peter van Dijk [Mon, 4 Mar 2024 11:48:41 +0000 (12:48 +0100)]
don't log from destructors, g_log might be gone already (thanks asan)
(cherry picked from commit
f9adcdb943811d44fa19451dfc8611af94c781c5 )
Peter van Dijk [Mon, 4 Mar 2024 11:48:28 +0000 (12:48 +0100)]
remotebackend tests: report exit value correctly
(cherry picked from commit
7bf9d192dde88938a3f7f132c5e56602e01c240e )
Peter van Dijk [Tue, 5 Mar 2024 13:53:46 +0000 (14:53 +0100)]
Carolin Dohmen [Fri, 1 Mar 2024 15:19:04 +0000 (16:19 +0100)]
Only print config if debug flag is set
Signed-off-by: Carolin Dohmen <carodohmen@gmail.com>
(cherry picked from commit
d773b7bb99418026c3907ebd4b4e994a61fccecd )
Kees Monshouwer [Fri, 23 Feb 2024 15:22:05 +0000 (16:22 +0100)]
auth: do not disable ns records at apex in consumer zones
(cherry picked from commit
4057f3d0af4e0b6c23cb7a85838c2d3c4e667dca )
Peter van Dijk [Fri, 8 Mar 2024 15:59:34 +0000 (16:59 +0100)]
fix NUL string literal
(cherry picked from commit
48fc1a0d7dcd8939e0196f6b92f721daabf6f936 )
Kees Monshouwer [Sat, 2 Sep 2023 13:21:53 +0000 (15:21 +0200)]
auth: catalog, include groups in hash calculation
(cherry picked from commit
b099d811a88948ff53389895cf27e85bcdf1ba70 )
Peter van Dijk [Mon, 11 Mar 2024 11:39:36 +0000 (12:39 +0100)]
simplify return type usage
(cherry picked from commit
863fa7f60d889126e8df57e3a62f1a0ef6e7108a )
Peter van Dijk [Fri, 8 Mar 2024 13:51:55 +0000 (14:51 +0100)]
auth LUA: support returning empty set in filterForward
fixes #12436
(cherry picked from commit
98301eb09c283550951e061fbee047361cb5351c )
Peter van Dijk [Thu, 15 Feb 2024 15:13:58 +0000 (16:13 +0100)]
Merge pull request #13803 from Habbie/lmdb-sync-mode
lmdb: remove mapasync mode, it was always a lie
Peter van Dijk [Thu, 15 Feb 2024 14:20:47 +0000 (15:20 +0100)]
Merge pull request #13802 from chbruyand/ixfrdist-coverity-
1534483
ixfrist: fix coverity report
1534483
Peter van Dijk [Thu, 15 Feb 2024 14:16:50 +0000 (15:16 +0100)]
lmdb: remove mapasync mode, it was always a lie
fixes #12888
Peter van Dijk [Thu, 15 Feb 2024 13:59:25 +0000 (14:59 +0100)]
Merge pull request #11431 from jroessler-ox/docs-kskzskroll-update
updated KSK and ZSK Rollover procedures, small fixes in Algorithm Rol…
Charles-Henri Bruyand [Thu, 15 Feb 2024 13:00:08 +0000 (14:00 +0100)]
ixfrist: fix coverity report
1534483
Peter van Dijk [Thu, 15 Feb 2024 12:00:01 +0000 (13:00 +0100)]
Merge pull request #13801 from chbruyand/ixfrdist-fix-centos-build
ixfrdist: fix centos build
Charles-Henri Bruyand [Thu, 15 Feb 2024 10:49:10 +0000 (11:49 +0100)]
ixfrdist: fix centos build
Peter van Dijk [Wed, 14 Feb 2024 19:10:27 +0000 (20:10 +0100)]
Merge pull request #13753 from chbruyand/ixfrdist-notify-out
ixfrdist: add support for outgoing notify
Peter van Dijk [Wed, 14 Feb 2024 19:07:46 +0000 (20:07 +0100)]
Merge pull request #13752 from chbruyand/auth-lua-pickchashed
auth: lua records, pickchashed function
Otto Moerbeek [Wed, 14 Feb 2024 12:11:27 +0000 (13:11 +0100)]
Merge pull request #13788 from omoerbeek/rec-ztc-regression
rec: fix the zoneToCache regression introduced by SA 2024-01
Otto Moerbeek [Wed, 14 Feb 2024 11:39:57 +0000 (12:39 +0100)]
Test ZTC with root zone
1. If code changes make the validation fail we want to know.
2. If root zone changes break something we want to know as well, this might even be more important than 1.
So I think we just have to accept the occasional network issues on GH.
Otto Moerbeek [Tue, 13 Feb 2024 15:55:10 +0000 (16:55 +0100)]
rec: fix the zoneToCache regression introduced by SA 2024-01
Test will follow
Remi Gacogne [Tue, 13 Feb 2024 16:35:46 +0000 (17:35 +0100)]
Merge pull request #13787 from omoerbeek/rec-regr-test-skip
rec: skip a few tests that depend on sidnlab's public test setup that no longer works
Otto Moerbeek [Tue, 13 Feb 2024 15:31:35 +0000 (16:31 +0100)]
rec: skip a few test that depend on sidnlab's public test setup that no longer works
Otto Moerbeek [Tue, 13 Feb 2024 13:41:19 +0000 (14:41 +0100)]
Merge pull request #13785 from omoerbeek/rec-prep-2024-01
rec: Prep for 2024-01 release
Otto Moerbeek [Tue, 13 Feb 2024 12:49:02 +0000 (13:49 +0100)]
Merge pull request #13781 from omoerbeek/rec-keytrap-public
rec: CVE-2023-50387 and CVE-2023-50868
Otto Moerbeek [Mon, 12 Feb 2024 10:19:09 +0000 (11:19 +0100)]
Prep for 2024-01
Remi Gacogne [Tue, 13 Feb 2024 10:44:35 +0000 (11:44 +0100)]
Merge pull request #13760 from rgacogne/ddist-doc-rules-mgmt
dnsdist: Refactor the rules (selectors and actions) documentation
Remi Gacogne [Tue, 13 Feb 2024 10:44:27 +0000 (11:44 +0100)]
Merge pull request #13780 from rgacogne/ddist-better-wording-setSuffixMatchRule
dnsdist: Clarify that setSuffixMatchRule blocks per suffix, not labels
Remi Gacogne [Tue, 13 Feb 2024 09:04:08 +0000 (10:04 +0100)]
dnsdist: Clarify that setSuffixMatchRule blocks per suffix, not labels
Remi Gacogne [Mon, 12 Feb 2024 09:54:21 +0000 (10:54 +0100)]
Merge pull request #13779 from rgacogne/ddist-coverity-
20240212
dnsdist: Fix performance inefficiencies reported by Coverity
Remi Gacogne [Mon, 12 Feb 2024 09:08:56 +0000 (10:08 +0100)]
dnsdist: Fix performance inefficiencies reported by Coverity
Reported by Coverity as 414759 and 414760:
> Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
Otto Moerbeek [Sun, 11 Feb 2024 18:40:36 +0000 (19:40 +0100)]
Merge pull request #13778 from M0NsTeRRR/master
fix(doc): incorrect setting `query_local_address`
Ludovic Ortega [Sun, 11 Feb 2024 18:38:48 +0000 (19:38 +0100)]
fix: replace missing query_local_address
Ludovic Ortega [Sun, 11 Feb 2024 18:29:57 +0000 (19:29 +0100)]
fix(doc): incorrect setting `query_local_address`
Remi Gacogne [Fri, 9 Feb 2024 15:09:29 +0000 (16:09 +0100)]
Merge pull request #13774 from rgacogne/ddist-quiche-config-atomic-load
dnsdist: Fix a missing explicit atomic load of the Quiche configuration
Remi Gacogne [Fri, 9 Feb 2024 15:00:56 +0000 (16:00 +0100)]
Merge pull request #13771 from omoerbeek/dnsdist-lua-align
dnsdist: do not allocate 16-byte aligned objects through lua(jit)
Remi Gacogne [Fri, 9 Feb 2024 14:28:57 +0000 (15:28 +0100)]
dnsdist: Fix a missing explicit atomic load of the Quiche configuration
Reported by TSAN.
Charles-Henri Bruyand [Thu, 8 Feb 2024 13:20:45 +0000 (14:20 +0100)]
auth: lua-records, support cleaning old hashed entries
Charles-Henri Bruyand [Fri, 9 Feb 2024 12:27:38 +0000 (13:27 +0100)]
ixfrdist: clang-tidy cleanup
Charles-Henri Bruyand [Fri, 9 Feb 2024 10:27:22 +0000 (11:27 +0100)]
ixfrdist: add a simple test for outgoing notify
Charles-Henri Bruyand [Thu, 8 Feb 2024 15:11:14 +0000 (16:11 +0100)]
ixfrdist: add examples of notify out configuration
Charles-Henri Bruyand [Thu, 8 Feb 2024 14:46:16 +0000 (15:46 +0100)]
ixfrdist: clang-tidy cleanup
Charles-Henri Bruyand [Wed, 31 Jan 2024 17:22:50 +0000 (18:22 +0100)]
ixfrdist: send out notify
Otto Moerbeek [Fri, 9 Feb 2024 12:28:00 +0000 (13:28 +0100)]
rec: CVE-2023-50387 and CVE-2023-50868
Remi Gacogne [Fri, 9 Feb 2024 10:59:07 +0000 (11:59 +0100)]
Merge pull request #13759 from rgacogne/ddist-doc-tls-certificates
dnsdist: Improve the documentation around TLS certificates and keys
Charles-Henri Bruyand [Wed, 31 Jan 2024 13:25:34 +0000 (14:25 +0100)]
auth: fix typo in tests
Charles-Henri Bruyand [Wed, 31 Jan 2024 12:19:08 +0000 (13:19 +0100)]
auth: clang-tidy fixes
Charles-Henri Bruyand [Tue, 30 Jan 2024 15:30:18 +0000 (16:30 +0100)]
auth: tell spell check about pickchashed
Charles-Henri Bruyand [Tue, 30 Jan 2024 15:15:20 +0000 (16:15 +0100)]
auth: lua-records, add support for pickchashed function
Remi Gacogne [Fri, 9 Feb 2024 10:28:12 +0000 (11:28 +0100)]
dnsdist: Prevent useless allocation+copy in `setPoolServerPolicy`
Remi Gacogne [Fri, 9 Feb 2024 10:16:12 +0000 (11:16 +0100)]
dnsdist: Fix newServerPolicy, add regression tests for custom policies
Peter van Dijk [Fri, 9 Feb 2024 10:15:33 +0000 (11:15 +0100)]
Merge pull request #13391 from devicenull/master
Add Lua function to pick records via name hash
Otto Moerbeek [Thu, 8 Feb 2024 15:36:09 +0000 (16:36 +0100)]
Experiment
Remi Gacogne [Thu, 8 Feb 2024 14:58:38 +0000 (15:58 +0100)]
dnsdist: Fix an issue spotted by TSAN: we need to use atomic_load_explicit along with atomic_store_explicit
Remi Gacogne [Thu, 8 Feb 2024 14:36:55 +0000 (15:36 +0100)]
Merge pull request #13756 from rgacogne/ddist-xsk-doc-typos
dnsdist: Fix typos in the AF_XDP documentation
Remi Gacogne [Thu, 8 Feb 2024 14:31:55 +0000 (15:31 +0100)]
Merge pull request #13768 from rgacogne/ddist-maintenance-hook
dnsdist: Add a Lua maintenance hook
Remi Gacogne [Thu, 8 Feb 2024 14:31:09 +0000 (15:31 +0100)]
Merge pull request #13757 from rgacogne/ddist-coverty-warning-
20240201
dnsdist: Fix a warning reported by Coverity
Otto Moerbeek [Thu, 8 Feb 2024 14:28:24 +0000 (15:28 +0100)]
dnsdist: make sure we do not allocate 16-byte aligned objects through lua(jit)
luajit aligns only to 8 bytes by default, and some objects require
16 byte alignment.
Fixes #13766
Note that the static assert in LuaContext.hpp is commented out in
one case. This trips on some platforms, but does not seem to be
harmful right now.
The fundamental solution remains the have luajit agree with C++ on
minimal alignment of its allocators.
Remi Gacogne [Thu, 8 Feb 2024 14:23:25 +0000 (15:23 +0100)]
dnsdist: Delint the 'reloadCertificates' methods
Remi Gacogne [Thu, 8 Feb 2024 13:43:18 +0000 (14:43 +0100)]
dnsdist: Add a regression test for DoQ certs/keys reloading
Remi Gacogne [Thu, 8 Feb 2024 13:42:47 +0000 (14:42 +0100)]
dnsdist: Document certs/keys reloading for DoQ and DoH3
Remi Gacogne [Thu, 8 Feb 2024 13:42:04 +0000 (14:42 +0100)]
dnsdist: Implementation reloading of TLS certs/keys for DoQ and DoH3
Remi Gacogne [Thu, 8 Feb 2024 09:43:56 +0000 (10:43 +0100)]
dnsdist: Apply suggestions from code review, delint
Remi Gacogne [Thu, 8 Feb 2024 08:01:06 +0000 (09:01 +0100)]
Merge pull request #13755 from rgacogne/ddist-quic-unsupported-version
dnsdist: Better handling of short, non-initial QUIC headers
Remi Gacogne [Tue, 6 Feb 2024 15:22:49 +0000 (16:22 +0100)]
dnsdist: Clear the Lua maintenance callbacks before exiting
Remi Gacogne [Tue, 6 Feb 2024 15:20:17 +0000 (16:20 +0100)]
Merge pull request #13761 from rgacogne/ddist-test-ebpf
dnsdist: Add regression tests for eBPF blocks (static / dynamic)
Peter van Dijk [Tue, 6 Feb 2024 15:15:40 +0000 (16:15 +0100)]
Merge pull request #12359 from Habbie/auth-lua-dblookup
auth LUA: add dblookup function
Remi Gacogne [Tue, 6 Feb 2024 14:44:35 +0000 (15:44 +0100)]
dnsdist: Add a Lua maintenance hook
Having a hook that can accept multiple callbacks makes it a lot easier
to manage the execution of several, independant tasks that needs to be
called regularly.
Peter van Dijk [Fri, 1 Dec 2023 15:29:22 +0000 (16:29 +0100)]
fix formatting
Brian Rak [Thu, 30 Nov 2023 16:30:26 +0000 (16:30 +0000)]
Update minor code/doc nits
Brian Rak [Thu, 19 Oct 2023 13:36:15 +0000 (13:36 +0000)]
Appease lint
Brian Rak [Wed, 18 Oct 2023 20:09:30 +0000 (20:09 +0000)]
Fix typo
Brian Rak [Wed, 18 Oct 2023 01:24:08 +0000 (01:24 +0000)]
Add Lua function to pick records via name hash
This adds a Lua function to return a record based on a weighted hash
of the DNS record name. One use case here is to consistently return
the same IP address for a particular cache server based on what
subdomain is requesting the data.
Peter van Dijk [Tue, 6 Feb 2024 11:08:30 +0000 (12:08 +0100)]
code review from otto, thanks
Peter van Dijk [Tue, 6 Feb 2024 10:24:43 +0000 (11:24 +0100)]
Merge pull request #13743 from Habbie/auth-api-priority-error
auth API: reject priority element in record, closes #12657
Remi Gacogne [Mon, 5 Feb 2024 08:41:18 +0000 (09:41 +0100)]
dnsdist: Preserve 'LLVM_PROFILE_FILE' in sudo-enabled regression tests
Remi Gacogne [Thu, 1 Feb 2024 13:46:11 +0000 (14:46 +0100)]
dnsdist: Reduce the timeout on Dynamic Block tests expected to fail
Remi Gacogne [Thu, 1 Feb 2024 13:45:40 +0000 (14:45 +0100)]
dnsdist: Enable eBPF regression tests in our CI
Remi Gacogne [Thu, 1 Feb 2024 13:44:45 +0000 (14:44 +0100)]
dnsdist: Add regression tests for eBPF blocks (static / dynamic)
romeroalx [Fri, 2 Feb 2024 10:43:18 +0000 (11:43 +0100)]
Merge pull request #13764 from romeroalx/fix-build-ubuntu-noble
GH Actions: fix builds for ubuntu noble. Remove pkg usrmerge
romeroalx [Thu, 1 Feb 2024 23:35:28 +0000 (00:35 +0100)]
fix builds ubuntu noble. remove pkg usrmerge
Remi Gacogne [Thu, 1 Feb 2024 14:33:37 +0000 (15:33 +0100)]
dnsdist: Refactor the rules (selectors and actions) documentation
Remi Gacogne [Thu, 1 Feb 2024 11:16:56 +0000 (12:16 +0100)]
dnsdist: Improve the documentation around TLS certificates and keys