]>
git.ipfire.org Git - thirdparty/pdns.git/log
Otto Moerbeek [Wed, 12 Jun 2019 09:25:07 +0000 (11:25 +0200)]
Merge pull request #7912 from omoerbeek/backport-7589
Aki Tuomi [Fri, 15 Mar 2019 19:12:46 +0000 (21:12 +0200)]
lua-recursor4: Add missing getregisteredname Lua function
It was drooped in
4b9a4e966257eb08d4803633f5726b5a144a8e99 and
forgotten in
a3e7b73528a96a3642adb42dc1e729ea2e8765f4
(cherry picked from commit
c2d0a26fecf13a40fa5a74a4cc13d9faef8b1669 )
Otto Moerbeek [Tue, 11 Jun 2019 15:03:41 +0000 (17:03 +0200)]
Merge pull request #7906 from omoerbeek/backport-7298
Otto Moerbeek [Tue, 11 Jun 2019 14:38:38 +0000 (14:38 +0000)]
Mention correct "version added" for the two new counters.
Remi Gacogne [Mon, 24 Dec 2018 09:54:17 +0000 (10:54 +0100)]
rec: Add counters for incoming AD and CD queries
(cherry picked from commit
88c33dca92f68d3c4a0a9dc8cb3c9838f034b94b )
Remi Gacogne [Tue, 14 May 2019 14:18:16 +0000 (16:18 +0200)]
Merge pull request #7816 from rgacogne/rec41-backport-7714
Remi Gacogne [Thu, 11 Apr 2019 13:25:10 +0000 (15:25 +0200)]
rec: Fix DNSSEC validation of wildcards expanded onto themselves
(cherry picked from commit
78cdf5200924d327911345e1053e6e7de26dc34b )
Remi Gacogne [Thu, 25 Apr 2019 08:15:02 +0000 (10:15 +0200)]
rec: Add a 'query for a wildcard-like expanded from a wildcard' test
(cherry picked from commit
3f675ceb96804190951f2bfda1e67b9dfdaab10e )
Remi Gacogne [Thu, 11 Apr 2019 13:24:37 +0000 (15:24 +0200)]
rec: Add a DNSSEC validation unit test for non-expanded wildcards
(cherry picked from commit
eb7a2b0bb57a99eabaad99f1814505b766060e6e )
Otto Moerbeek [Fri, 5 Apr 2019 13:44:08 +0000 (15:44 +0200)]
Merge pull request #7675 from omoerbeek/disable-smap-switch
Otto Moerbeek [Fri, 5 Apr 2019 13:38:34 +0000 (15:38 +0200)]
Fix versionadded line
Otto Moerbeek [Fri, 5 Apr 2019 13:28:41 +0000 (15:28 +0200)]
Merge pull request #7673 from omoerbeek/disable-smap-switch
Otto Moerbeek [Fri, 5 Apr 2019 10:24:32 +0000 (12:24 +0200)]
Add versionadded
Otto Moerbeek [Fri, 5 Apr 2019 10:01:54 +0000 (12:01 +0200)]
Document disable-real-memory-usage.
Otto Moerbeek [Fri, 5 Apr 2019 09:50:20 +0000 (11:50 +0200)]
Add a switch to disable the expense smap based mem stat.
Otto Moerbeek [Tue, 2 Apr 2019 08:37:43 +0000 (10:37 +0200)]
Merge pull request #7651 from omoerbeek/backport-7631
Otto Moerbeek [Tue, 2 Apr 2019 08:08:53 +0000 (08:08 +0000)]
Move the setQuerySource() method to a wrapper in the syncres test code.
Otto Moerbeek [Mon, 1 Apr 2019 19:07:35 +0000 (19:07 +0000)]
Fix do not cache condition (merge error spotted by rcagogne)
Otto Moerbeek [Mon, 1 Apr 2019 15:36:23 +0000 (15:36 +0000)]
Make unit test work.
Otto Moerbeek [Mon, 1 Apr 2019 14:50:34 +0000 (14:50 +0000)]
Resolve merge errors
Otto Moerbeek [Mon, 1 Apr 2019 12:27:27 +0000 (14:27 +0200)]
Reformulate condition and comment to make it more clear.
(cherry picked from commit
73d9bf3ad13de7031a71700d00fb4efbab8ca938 )
Otto Moerbeek [Mon, 1 Apr 2019 09:30:06 +0000 (11:30 +0200)]
Only apply "do not cache" if both limits are set and satisfied. Doc tweaks.
(cherry picked from commit
42f418044c137ae2835f7f6550da093cb8b6ce7c )
Otto Moerbeek [Fri, 29 Mar 2019 10:40:05 +0000 (11:40 +0100)]
New approach. I spelled out the logic to make it more clear.
Points to keep in mind: > vs >=
What do we do if s_ecscachelimitttl is not set? I chose to let the scope determine
cacheability.
(cherry picked from commit
e7861cc408a4984d7c3e2a430825beb22ecf2a6d )
Otto Moerbeek [Wed, 27 Mar 2019 12:17:06 +0000 (13:17 +0100)]
Add tests for ecs-cache-limit-ttl
(cherry picked from commit
2cbe6a45ec0699f5ced3eb45945ce77b3a7fa343 )
Otto Moerbeek [Wed, 27 Mar 2019 11:37:19 +0000 (12:37 +0100)]
Initial code for ecs-cache-limit-ttl.
(cherry picked from commit
ed9019c97a4f81c42c2e45ab4353022540afdf08 )
Remi Gacogne [Tue, 12 Mar 2019 12:22:30 +0000 (13:22 +0100)]
rec: Set ecs-ipv4-cache-bits and ecs-ipv6-cache-bits in the tests
(cherry picked from commit
0cd27a313133139947e6e1b97fe7f1c0164ad40f )
(cherry picked from commit
30974eccedbe5fc90a24762f17b588750926ca2b )
Remi Gacogne [Tue, 12 Mar 2019 11:27:06 +0000 (12:27 +0100)]
rec: Document 'ecs-ipv4-cache-bits' and 'ecs-ipv6-cache-bits'
(cherry picked from commit
4d8c05df7a8fd6045061325693dcf8b17dbd364d )
(cherry picked from commit
216dc60aab0a7ea1a2385d85706bd41721e6ed16 )
Remi Gacogne [Tue, 12 Mar 2019 11:19:13 +0000 (12:19 +0100)]
rec: Add unit tests for the ECS cache limit feature
(cherry picked from commit
a87929c0fdb1675661a9f2fbea46e79530e4157e )
Remi Gacogne [Tue, 12 Mar 2019 11:05:56 +0000 (12:05 +0100)]
rec: Move the ECS cache limit check to the SyncRes
(cherry picked from commit
bdceeb7e8c0e25dfe86f0300fb83d1cdaee3422c )
bert hubert [Tue, 12 Mar 2019 10:27:53 +0000 (11:27 +0100)]
implement a configurable ECS cache limit, defaulting to /24 and /56 of IPv6. So a /25 response will not get cached.
(cherry picked from commit
1dab554571edc88ae625c3997294dbcfb1c3507e )
(cherry picked from commit
fd8898fbb51d8068127ff2fffd6a5f2e9f60be33 )
Remi Gacogne [Mon, 1 Apr 2019 13:57:10 +0000 (15:57 +0200)]
Merge pull request #7634 from rgacogne/rec41-bounded-load-balancing
bert hubert [Mon, 1 Apr 2019 13:56:22 +0000 (15:56 +0200)]
Merge pull request #7647 from ahupowerdns/per-thread-stats
bert hubert [Mon, 1 Apr 2019 13:48:55 +0000 (15:48 +0200)]
add comments
bert hubert [Mon, 1 Apr 2019 12:47:59 +0000 (14:47 +0200)]
This provides CPU usage statistics per thread (worker & distributor).
Remi Gacogne [Fri, 29 Mar 2019 16:20:52 +0000 (17:20 +0100)]
rec: Clarify that the server load should be >= to the pondered avg
Remi Gacogne [Fri, 29 Mar 2019 12:32:46 +0000 (13:32 +0100)]
rec: Keep track of the number of MTasks in a dedicated variable
Remi Gacogne [Thu, 28 Mar 2019 17:30:12 +0000 (18:30 +0100)]
rec: Make sure that distribution-load-factor is >= 1.0 if set
(cherry picked from commit
078be17f3c150abed2ae87dfe771ef479f3137ef )
Remi Gacogne [Wed, 27 Mar 2019 11:10:37 +0000 (12:10 +0100)]
rec: Add a 'rebalanced-queries' metric
(cherry picked from commit
596bf48219cb82379bf872e746dd7f626b582342 )
Remi Gacogne [Wed, 20 Feb 2019 16:47:30 +0000 (17:47 +0100)]
rec: Use a bounded load-balancing algo to distribute queries
(cherry picked from commit
144040bef0b1f65abfb4634f65b1445a84393a1b )
Remi Gacogne [Thu, 21 Feb 2019 09:15:06 +0000 (10:15 +0100)]
Merge pull request #7495 from rgacogne/rec41-ixfr-empty-axfr
Remi Gacogne [Mon, 18 Feb 2019 12:22:07 +0000 (13:22 +0100)]
Correctly interpret an empty AXFR response to an IXFR query
Remi Gacogne [Wed, 30 Jan 2019 14:55:31 +0000 (15:55 +0100)]
Merge pull request #7434 from rgacogne/rec41-protobuf-responses-only
Remi Gacogne [Wed, 30 Jan 2019 10:38:23 +0000 (11:38 +0100)]
rec: Add an option to export only responses over protobuf
bert hubert [Wed, 30 Jan 2019 08:11:57 +0000 (09:11 +0100)]
Merge pull request #7430 from rgacogne/rec41-redo-remotelogger
Remi Gacogne [Tue, 29 Jan 2019 16:10:55 +0000 (17:10 +0100)]
rec-4.1.x: Backport some protobuf regression tests
bert hubert [Tue, 29 Jan 2019 11:15:21 +0000 (12:15 +0100)]
Reduce systemcall usage in protobuf logging
Remi Gacogne [Thu, 24 Jan 2019 17:12:40 +0000 (18:12 +0100)]
Merge pull request #7415 from zeha/backport-7327
Chris Hofstaedtler [Thu, 24 Jan 2019 16:23:31 +0000 (17:23 +0100)]
Backport #7327: rec: Fix a possible timing issue w/ RRSIGs in the SyncRes unit tests
Remi Gacogne [Tue, 22 Jan 2019 08:59:51 +0000 (09:59 +0100)]
Merge pull request #7403 from rgacogne/rec41-dh-no-protobuf
Remi Gacogne [Mon, 21 Jan 2019 15:07:29 +0000 (16:07 +0100)]
rec: Fix compilation in handleRunningTCPQuestion without protobuf support
Remi Gacogne [Mon, 21 Jan 2019 08:50:24 +0000 (09:50 +0100)]
Merge pull request #7397 from rgacogne/rec41-sec-
20190121
rec-4.1.x: Load the Lua script in the distributor thread, check signature for AA=0 answers
Remi Gacogne [Fri, 18 Jan 2019 14:46:36 +0000 (15:46 +0100)]
Merge pull request #7377 from rgacogne/rec41-retry-on-full-pipe
Remi Gacogne [Wed, 16 Jan 2019 14:19:17 +0000 (15:19 +0100)]
rec: Try another worker before failing if the first pipe was full
Remi Gacogne [Wed, 9 Jan 2019 16:08:38 +0000 (17:08 +0100)]
rec: Always check signature for records in ANSWER, even with AA=0
Remi Gacogne [Wed, 9 Jan 2019 08:56:04 +0000 (09:56 +0100)]
rec: Add missing cookiesoption.py for the python regression tests
Remi Gacogne [Tue, 8 Jan 2019 15:05:28 +0000 (16:05 +0100)]
rec: Call the ipfilter hook if any over TCP as well
Remi Gacogne [Tue, 8 Jan 2019 15:00:01 +0000 (16:00 +0100)]
rec: Test our Lua hooks
Remi Gacogne [Tue, 8 Jan 2019 14:09:43 +0000 (15:09 +0100)]
rec: Load the Lua script in the distributor threads, for TCP
Pieter Lexis [Thu, 3 Jan 2019 12:31:09 +0000 (13:31 +0100)]
Merge pull request #7303 from rgacogne/rec41-ghost
Remi Gacogne [Mon, 9 Apr 2018 12:36:31 +0000 (14:36 +0200)]
rec: Enable the ghost tests again, add a corresponding unit test
(cherry picked from commit
97ab616efd0c8387978360a9eebb3a83f23fffe5 )
Remi Gacogne [Wed, 5 Dec 2018 09:13:19 +0000 (10:13 +0100)]
Merge pull request #7240 from rgacogne/rec41-syncres-test-negcache-rrsig
Remi Gacogne [Wed, 28 Nov 2018 10:36:24 +0000 (11:36 +0100)]
rec: Use the SyncRes time when computing the RRSIG validity time
Otherwise we get random test failures when the RRSIG is generated
after the number of seconds since epoch increased.
(cherry picked from commit
1e2e06f1fd4a29702eaa297456dca72714ac1fe0 )
aerique [Mon, 26 Nov 2018 12:36:39 +0000 (13:36 +0100)]
Merge pull request #7221 from aerique/rec41-canhash-oob
Peter van Dijk [Fri, 9 Nov 2018 10:57:58 +0000 (11:57 +0100)]
Merge pull request #7172 from rgacogne/rec41-revert-formerr-with-edns
Peter van Dijk [Fri, 9 Nov 2018 10:57:29 +0000 (11:57 +0100)]
Merge pull request #7174 from rgacogne/rec41-ban-more-types
Remi Gacogne [Fri, 9 Nov 2018 10:53:24 +0000 (11:53 +0100)]
rec: Refuse queries for all meta-types
(cherry picked from commit
25e654f7f9725c474d96c7eca57cb34fe41c4669 )
Remi Gacogne [Fri, 9 Nov 2018 10:36:09 +0000 (11:36 +0100)]
rec: Revert 'Keep the EDNS status of a server on FormErr with EDNS'
Remi Gacogne [Wed, 7 Nov 2018 17:48:13 +0000 (18:48 +0100)]
rec: Fix an out-of-bounds read in the packet cache
Pieter Lexis [Wed, 7 Nov 2018 11:30:37 +0000 (12:30 +0100)]
Merge pull request #7159 from rgacogne/rec41-revert-6980
Remi Gacogne [Wed, 7 Nov 2018 10:49:24 +0000 (11:49 +0100)]
Revert "rec: Authority records in AA=1 CNAME answer are authoritative"
This reverts commit
4caae205f06cb989c415a9c1e0f4c5ec667236a2 .
It turns out that authority records in AA=1 CNAME answer may, or may
not, be authoritative, and that in some cases considering them as
authoritative causes DNSSEC validation failures.
aerique [Tue, 6 Nov 2018 14:15:01 +0000 (15:15 +0100)]
Merge pull request #7151 from aerique/rec41-sec-201810
Peter van Dijk [Mon, 5 Nov 2018 10:08:20 +0000 (11:08 +0100)]
Merge pull request #7120 from rgacogne/rec415-backports
Peter van Dijk [Thu, 1 Nov 2018 15:36:40 +0000 (16:36 +0100)]
Merge pull request #7125 from mind04/inception-skew
Kees Monshouwer [Mon, 29 Oct 2018 10:30:25 +0000 (11:30 +0100)]
rec: allow the signture inception to be off by a number of seconds.
Pieter Lexis [Wed, 31 Oct 2018 22:16:38 +0000 (23:16 +0100)]
Merge pull request #7122 from pieterlexis/rec-41-el6-pkg-fix
Pieter Lexis [Wed, 31 Oct 2018 16:17:18 +0000 (17:17 +0100)]
rec 4.1 el6: switch to devtoolset-7
Remi Gacogne [Wed, 31 Oct 2018 15:11:46 +0000 (16:11 +0100)]
Backport #7004
Remi Gacogne [Wed, 31 Oct 2018 15:11:40 +0000 (16:11 +0100)]
Backport #6951
Remi Gacogne [Wed, 31 Oct 2018 15:11:36 +0000 (16:11 +0100)]
Backport #6945
Remi Gacogne [Wed, 31 Oct 2018 15:11:31 +0000 (16:11 +0100)]
Backport #6925
Remi Gacogne [Wed, 31 Oct 2018 15:11:27 +0000 (16:11 +0100)]
Backport #6917
Remi Gacogne [Wed, 31 Oct 2018 15:11:21 +0000 (16:11 +0100)]
Backport #6948
Remi Gacogne [Wed, 31 Oct 2018 15:10:43 +0000 (16:10 +0100)]
Backport #6741
Remi Gacogne [Fri, 28 Sep 2018 14:08:10 +0000 (16:08 +0200)]
ProtobufLogger: Add support for the ServerIdentity field
(cherry picked from commit
c5ffc56c587c792aa6f8aca69d7d45f0a67c0f60 )
Remi Gacogne [Fri, 28 Sep 2018 14:11:28 +0000 (16:11 +0200)]
rec: Export the server ID in protobuf messages
(cherry picked from commit
c165308b66fcaf6bd2517afa165a27027e5919ad )
Remi Gacogne [Thu, 27 Sep 2018 14:45:03 +0000 (16:45 +0200)]
rec: Export the outgoing ECS value if any in our protobuf messages
(cherry picked from commit
0ff13512cb8a48f668d841e5f33ba1b48fb99a2a )
phonedph1 [Mon, 10 Sep 2018 15:08:01 +0000 (15:08 +0000)]
Be consistent with reload-zones and clear all caches on (N)TA changes.
(cherry picked from commit
8302d4cb1db346198ae9698f489b956abf0f0d32 )
Peter van Dijk [Sat, 8 Sep 2018 16:31:58 +0000 (18:31 +0200)]
realign ucontext stack after #6719
(cherry picked from commit
43c3c21ed15b52b43d69972985e8cc7f8240c1f5 )
phonedph1 [Tue, 4 Sep 2018 22:05:56 +0000 (22:05 +0000)]
Print possibly empty dnsnames safer
(cherry picked from commit
d3ca14b2ee0d1cfd66a64424dcfb9d03884c0ef0 )
Remi Gacogne [Mon, 3 Sep 2018 07:43:45 +0000 (09:43 +0200)]
Release memory in case of error in the OpenSSL ECDSA constructor
The current code will only fail to release the allocated memory if
called with an invalid algorithm, which won't happen, or if a
memory allocation fails in which case this might not matter much.
Still, it's cleaner to release the memory properly and might avoid
mistakes later if we look at this code while implementing a new
crypto backend.
(cherry picked from commit
b141d89b27e52c3a8e76ca79ec5201d001f4fce9 )
Remi Gacogne [Sat, 8 Sep 2018 15:15:14 +0000 (17:15 +0200)]
Fix compilation with LibreSSL 2.7.0+
(cherry picked from commit
1648b8ff39c705fdee526cd73bf2652982b80087 )
Remi Gacogne [Fri, 15 Jun 2018 15:01:07 +0000 (17:01 +0200)]
rec: Don't require authoritative answers for forward-recurse zones
(cherry picked from commit
ad797d945527040202105b6a775ab6df94b103c6 )
Remi Gacogne [Wed, 17 Oct 2018 14:00:29 +0000 (16:00 +0200)]
Merge pull request #7073 from rgacogne/rec41-backport-7070
Rafael Buchbinder [Tue, 16 Oct 2018 12:39:20 +0000 (15:39 +0300)]
pdns-recursor: avoid a memory leak in catch-all exception handler
This commit prevents a leak of DNSComboWriter in the catch-all exception
handler.
(cherry picked from commit
cbb097d8581dbb27d81be3a3022a96b8ad08e295 )
Remi Gacogne [Thu, 20 Sep 2018 12:46:11 +0000 (14:46 +0200)]
rec: Keep the EDNS status of a server on FormErr with EDNS
Note that the choice of DNAME in the unit test is an arbitrary
choice, we could even have used A here.
(cherry picked from commit
6fb756b6cd49d61eacf7865ce48d0edb62730710 )
(cherry picked from commit
d8b9d57103f1e1496767d9fac3955b1973e04302 )
Remi Gacogne [Wed, 12 Sep 2018 14:12:46 +0000 (16:12 +0200)]
rec: Refuse queries for rfc6895 section 3.1 meta types
(cherry picked from commit
ab1b5574d15a62e67a133828fc98502de830842c )
(cherry picked from commit
6bf06d65b9c9b9c2c41351ca4b56d54e7619d925 )
Remi Gacogne [Thu, 19 Jul 2018 13:52:40 +0000 (15:52 +0200)]
Do full packet comparison in the packet caches in addition to the hash
(cherry picked from commit
aab08a02344a66e14572cf63129d157d6e7ba8c9 )
(cherry picked from commit
f48315332c4542d09b58a14dafadc90d04f54abd )
Remi Gacogne [Wed, 23 May 2018 08:35:17 +0000 (10:35 +0200)]
Allocate DNSRecord objects as smart pointers right away
(cherry picked from commit
1339125af5afe6d6ecfe0a500c5fdc76d790459d )
(cherry picked from commit
7c87cee4b257a68cabf789b2f003fee969c812b7 )
Remi Gacogne [Mon, 8 Oct 2018 12:17:04 +0000 (14:17 +0200)]
Merge pull request #6980 from rgacogne/rec41-cname-authority
Remi Gacogne [Tue, 25 Sep 2018 13:10:40 +0000 (15:10 +0200)]
Merge pull request #6984 from Habbie/backport-6792
projects / thirdparty / pdns.git / log
