From: Otto Moerbeek Date: Tue, 24 Jun 2025 10:53:06 +0000 (+0200) Subject: Rec: prep for rec-5.3.0-alpha1 X-Git-Tag: dnsdist-2.1.0-alpha0~10^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F15721%2Fhead;p=thirdparty%2Fpdns.git Rec: prep for rec-5.3.0-alpha1 Signed-off-by: Otto Moerbeek --- diff --git a/.github/actions/spell-check/expect.txt b/.github/actions/spell-check/expect.txt index 1391874a9b..1deac3beba 100644 --- a/.github/actions/spell-check/expect.txt +++ b/.github/actions/spell-check/expect.txt @@ -1444,6 +1444,7 @@ traceid Travaille treemacs tribool +trixie trustanchor trustanchorfile trusteer diff --git a/docs/secpoll.zone b/docs/secpoll.zone index 3bb0503db9..37fde88ea0 100644 --- a/docs/secpoll.zone +++ b/docs/secpoll.zone @@ -1,4 +1,4 @@ -@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2025062000 10800 3600 604800 10800 +@ 86400 IN SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2025062501 10800 3600 604800 10800 @ 3600 IN NS pdns-public-ns1.powerdns.com. @ 3600 IN NS pdns-public-ns2.powerdns.com. @@ -397,7 +397,7 @@ recursor-5.0.6.security-status 60 IN TXT "3 Upgrade now recursor-5.0.7.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-04.html" recursor-5.0.8.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-04.html" recursor-5.0.9.security-status 60 IN TXT "1 OK" -recursor-5.0.10.security-status 60 IN TXT "1 OK" +recursor-5.0.10.security-status 60 IN TXT "1 OK" recursor-5.1.0-alpha1.security-status 60 IN TXT "3 Superseded pre-release (known vulnerabilities)" recursor-5.1.0-beta1.security-status 60 IN TXT "3 Superseded pre-release (known vulnerabilities)" recursor-5.1.0-rc1.security-status 60 IN TXT "3 Superseded pre-release (known vulnerabilities)" @@ -412,6 +412,7 @@ recursor-5.2.0-rc1.security-status 60 IN TXT "3 Superseded recursor-5.2.0.security-status 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-01.html" recursor-5.2.1.security-status 60 IN TXT "1 OK" recursor-5.2.2.security-status 60 IN TXT "1 OK" +recursor-5.3.0-alpha1.security-status 60 IN TXT "1 OK" ; Recursor Debian recursor-3.6.2-2.debian.security-status 60 IN TXT "3 Upgrade now, see https://docs.powerdns.com/recursor/appendices/EOL.html" diff --git a/pdns/recursordist/docs/changelog/5.3.rst b/pdns/recursordist/docs/changelog/5.3.rst new file mode 100644 index 0000000000..630c4c488e --- /dev/null +++ b/pdns/recursordist/docs/changelog/5.3.rst @@ -0,0 +1,302 @@ +Changelogs for 5.3.X +==================== + +Before upgrading, it is advised to read the :doc:`../upgrade`. + +.. changelog:: + :version: 5.3.0-alpha1 + :released: 25th of June 2025 + + .. change:: + :tags: Improvements + :pullreq: 15668 + + Add facility to generate trace data in OpenTelemetry format. + + .. change:: + :tags: Improvements + :pullreq: 15686 + :tickets: 15674 + + Implement stop command as alias for quit(-nicely). + + .. change:: + :tags: Improvements + :pullreq: 15715 + + Avoid implicit truncating cast of inception skew. + + .. change:: + :tags: Improvements + :pullreq: 15700 + + Two Coverity issues, the truncation is meant to be. + + .. change:: + :tags: Improvements + :pullreq: 15692 + :tickets: 15059 + + Introduce aliases for camelCase field names in config file. + + .. change:: + :tags: Bug Fixes + :pullreq: 15652 + :tickets: 15651 + + When using ZoneToCache, do not store non-auth data if the name is subject to recursive forwarding. + + .. change:: + :tags: Improvements + :pullreq: 15661 + :tickets: 15660 + + Fix negativetrustanchor.server CH TXT query processing (disabled by default). + + .. change:: + :tags: Improvements + :pullreq: 15626 + + Build el-9 package with luajit on arm64. + + .. change:: + :tags: Improvements + :pullreq: 15592 15628 15636 + + Rec: build packages using meson. + + .. change:: + :tags: Improvements + :pullreq: 15596 + + Start building packages for trixie. + + .. change:: + :tags: Improvements + :pullreq: 15584 + + Use Rust 1.87.0 when building our packages. + + .. change:: + :tags: Bug Fixes + :pullreq: 15546 + + Force some files to be regenerated when table.py changes. + + .. change:: + :tags: Improvements + :pullreq: 15525 + + Upgrade to protozero 1.8.0. + + .. change:: + :tags: Improvements + :pullreq: 15435 + + Add a Lua function to get the config dir and name. + + .. change:: + :tags: Bug Fixes + :pullreq: 15437 + + Strip quotes meson adds from SYSCONFDIR (and two other config values). + + .. change:: + :tags: Improvements + :pullreq: 15396 + + Fix a difference between record-cache hit and miss in some ServFail results. + + .. change:: + :tags: Improvements + :pullreq: 15373 + + Rec: [meson] make nod a feature instead of a boolean + + .. change:: + :tags: Improvements + :pullreq: 15369 + + When CARGO_TARGET_DIR is set the generated C++ files end up in a different location. + + .. change:: + :tags: Improvements + :pullreq: 15368 + :tickets: 15367 + + Fix generation of recursor config if PDNS_RECURSOR_API_KEY is set. + + .. change:: + :tags: Improvements + :pullreq: 15309 + + Meson systemd cleanup. + + .. change:: + :tags: Improvements + :pullreq: 15293 + + Ddd libcap feature and sync build-and-test-all options with autotools variants. + + .. change:: + :tags: Improvements + :pullreq: 15292 15307 + + Export ffi symbols so they become available to Lua. + + .. change:: + :tags: Improvements + :pullreq: 15272 + + Fix libsnmp define. + + .. change:: + :tags: Improvements + :pullreq: 15273 + + More consistency in logging statements generated in web server code. + + .. change:: + :tags: Improvements + :pullreq: 15261 + + Make sure t_tcpClientCounts is always initialized. + + .. change:: + :tags: Improvements + :pullreq: 15260 + + Fix a few gcc warnings on trixie. + + .. change:: + :tags: Improvements + :pullreq: 15217 + + Tidy of structured logging related files. + + .. change:: + :tags: Improvements + :pullreq: 15169 + + Use meson to generate docs (html + pdf) + + .. change:: + :tags: Improvements + :pullreq: 15167 + :tickets: 14096 + + Reload proxy settings on rec_control reload-acls. + + .. change:: + :tags: Improvements + :pullreq: 15216 + + Store thread id in info object, makes a few methods less error prone. + + .. change:: + :tags: Improvements + :pullreq: 15203 + :tickets: 15202 + + Switch back to serde_yaml. + + .. change:: + :tags: Improvements + :pullreq: 15192 + :tickets: 15179 + + Add two missing includes. + + .. change:: + :tags: Improvements + :pullreq: 15168 15157 + + Minor Coverity issues. + + .. change:: + :tags: Improvements + :pullreq: 15161 + + Add meson install target and fix meson dist issues after new way of generating man pages was merged. + + .. change:: + :tags: Improvements + :pullreq: 15154 + + Fix cxx include dir. + + .. change:: + :tags: Improvements + :pullreq: 15114 + + Move to embedded web service written in Rust supporting multiple listen addresses and TLS. + + .. change:: + :tags: Improvements + :pullreq: 14976 + + Make quit-nicely wait on actual quit and start using it for stopping by systemd. + + .. change:: + :tags: Improvements + :pullreq: 15139 + + Check bounds of rcode stats counter index (safe right now). + + .. change:: + :tags: Improvements + :pullreq: 14954 + + Clang-tidy: use std::min/max (Rosen Penev). + + .. change:: + :tags: Improvements + :pullreq: 15066 + + Tidy credentials.??. + + .. change:: + :tags: Improvements + :pullreq: 15050 15057 + + Rec: New Coverity Variable copied when it could be moved cases + + .. change:: + :tags: Improvements + :pullreq: 15040 + :tickets: 13704 + + EDNSSubnetOpts refactoring + + .. change:: + :tags: Improvements + :pullreq: 15038 + + Compute size *estimate* for record cache allocated size. + + .. change:: + :tags: Bug Fixes + :pullreq: 15033 + + Delete temp file on failure to dump RPZ file. + + .. change:: + :tags: Improvements + :pullreq: 14617 + :tickets: 14120 + + Dedup records. + + .. change:: + :tags: Improvements + :pullreq: 14985 15017 + + Store authority recs and signatures as shared pointers to const data. + + .. change:: + :tags: Improvements + :pullreq: 14973 + :tickets: 14918 + + If the full CNAME chain leading to the answer is cached, indicate that. + diff --git a/pdns/recursordist/docs/changelog/index.rst b/pdns/recursordist/docs/changelog/index.rst index 6278b9608a..579edbe5ea 100644 --- a/pdns/recursordist/docs/changelog/index.rst +++ b/pdns/recursordist/docs/changelog/index.rst @@ -8,6 +8,7 @@ Before upgrading, it is advised to read the :doc:`../upgrade`. .. toctree:: :maxdepth: 2 + 5.3 5.2 5.1 5.0 diff --git a/pdns/recursordist/docs/upgrade.rst b/pdns/recursordist/docs/upgrade.rst index 37eddb0ab3..09111ab90d 100644 --- a/pdns/recursordist/docs/upgrade.rst +++ b/pdns/recursordist/docs/upgrade.rst @@ -4,8 +4,31 @@ Upgrade Guide Before upgrading, it is advised to read the :doc:`changelog/index`. When upgrading several versions, please read **all** notes applying to the upgrade. -5.1.0 to 5.2.0 and master -------------------------- +5.2.0 to 5.3.0 +-------------- + +Changed behaviour +^^^^^^^^^^^^^^^^^ + +Reloading ACLs using ``rec_control reload-acls`` now also reloads the proxy-protocol related settings. + +New Settings +^^^^^^^^^^^^ +The embedded webserver implementation used to process REST calls and display the status page has been rewritten in Rust. +The ``webservice`` YAML section gained a new field: :ref:`setting-yaml-webservice.listen`, which has two fields: ``addresses`` and ``tls``, allowing multiple listen addresses and incoming TLS. +If the :ref:`setting-yaml-webservice.listen` field is set, the :ref:`setting-yaml-webservice.address` and :ref:`setting-yaml-webservice.port` fields will be ignored. +Existing configurations remain working as before. See :ref:`incoming-ws-config`. + +The fieldnames of YAML configuration items corresponding to the old-style Lua configuration items have gained aliases following the YAML naming conventions used elsewhere. +For example ``protobuf_servers.exportTypes`` now has an alias ``protobuf_servers.export_types``. + +Changed Settings +^^^^^^^^^^^^^^^^ + +The :ref:`setting-yaml-recursor.event_trace_enabled` setting has gained a value to allow openTelemetry Trace data to be included in the Protobuf log stream. + +5.1.0 to 5.2.0 +-------------- Changed behaviour ^^^^^^^^^^^^^^^^^ diff --git a/pdns/recursordist/rec-rust-lib/docs-new-preamble-in.rst b/pdns/recursordist/rec-rust-lib/docs-new-preamble-in.rst index 6e76f3ce83..b3b817fac3 100644 --- a/pdns/recursordist/rec-rust-lib/docs-new-preamble-in.rst +++ b/pdns/recursordist/rec-rust-lib/docs-new-preamble-in.rst @@ -562,6 +562,8 @@ For catalog zone members in a group, the forwarding parameters will be taken fro The forwarding definitions will be written into a file ``$api_dir/catzone.$zonename``. :ref:`setting-yaml-webservice.api_dir` must be defined, the directory must exist and be writable by the :program:`Recursor` process. +.. _incoming-ws-config: + IncomingWSConfig ^^^^^^^^^^^^^^^^ As of version 5.3.0, an incoming web server configuration is defined as diff --git a/pdns/recursordist/rec-rust-lib/table.py b/pdns/recursordist/rec-rust-lib/table.py index f5afff10bd..3dc1ee2730 100644 --- a/pdns/recursordist/rec-rust-lib/table.py +++ b/pdns/recursordist/rec-rust-lib/table.py @@ -94,7 +94,7 @@ Overrides the :ref:`setting-allow-from` setting. Example content of th specified .. code-block:: yaml - - 127.0.01 + - 127.0.0.1 - ::1 ''', @@ -998,10 +998,11 @@ This file can be used to serve data authoritatively using :ref:`setting-export-e 'help' : 'If set, event traces are collected and send out via protobuf logging (1), logfile (2), opentelemetry trace data (4) or a combination', 'doc' : ''' Enable the recording and logging of ref:`event traces`. This is an experimental feature and subject to change. -Possible values are 0: (disabled), 1 (add information to protobuf logging messages), 2 (write to log), 4 (output OpenTelemetry Trace data in protobuf logging messages). Values can be added to get multiple types of logging simultaneously. +Possible values are 0: (disabled), 1 (add information to protobuf logging messages), 2 (write to log), 4 (output OpenTelemetry Trace data in protobuf logging messages, since version 5.3.0). Values can be added to get multiple types of logging simultaneously. For example, 6 means: write to log and output OpenTelemetry Trace data in the protobuf stream. ''', 'versionadded': '4.6.0', + 'versionchanged': ('5.3.0', 'A value to generate OpenTelemetry Trace data was added'), 'runtime': 'set-event-trace-enabled', }, { @@ -3207,7 +3208,11 @@ Start the webserver (for REST API). 'help' : 'IP Address of webserver to listen on', 'doc' : ''' IP address for the webserver to listen on. - ''', +''', + 'doc-new' : ''' +IP address for the webserver to listen on. +This field is ignored if :ref:`setting-yaml-webservice.listen` is set. +''', }, { 'name' : 'listen', @@ -3291,6 +3296,10 @@ Password required to access the webserver. Since 4.6.0 the password can be hashe 'help' : 'Port of webserver to listen on', 'doc' : ''' TCP port where the webserver should listen on. + ''', + 'doc-new' : ''' +TCP port where the webserver should listen on. +This field is ignored if :ref:`setting-yaml-webservice.listen` is set. ''', }, {