git.ipfire.org Git - thirdparty/pdns.git/log

Merge pull request #15198 from rgacogne/ddist-coverity-20250221

dnsdist: Fix a few warnings from Coverity

Merge pull request #15196 from rgacogne/rec-fix-secpoll-tsan

rec: Fix a race reported by TSAN around the secpoll status

dnsdist: Fix a few warnings from Coverity

Mostly missed optimizations in places where the performance does not
matter much (configuration parsing) and a few false positives
(places where a copy is actually what we want, and Coverity is not
smart enough to understand it).

rec: Fix clang-tidy's warning

Merge pull request #15194 from omoerbeek/rec-zf-file-syntax

rec: document file extension of zone forward file and do not accept empty list of forwards

Merge pull request #15193 from omoerbeek/rec-top-million

rec: update umbrella top million URLs

Merge pull request #15192 from omoerbeek/include-fixes

Add two missing includes

rec: Fix a race reported by TSAN around the secpoll status

We used to store the security polling status in a regular integer,
and the status can be updated from the `rec/web+stat` thread while
being read from a Rust-based web-server thread, which is correctly
reported by TSAN as a data race:
```
  WARNING: ThreadSanitizer: data race (pid=2006)
    Write of size 4 at 0x55f19579db54 by thread T5:
      #0 doSecPoll(long*, std::shared_ptr<Logr::Logger> const&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/secpoll-recursor.cc:84:23 (pdns_recursor+0x814e3c)
      #1 SyncRes::doResolveAt(std::unordered_map<DNSName, std::pair<std::vector<ComboAddress, std::allocator<ComboAddress> >, bool>, std::hash<DNSName>, std::equal_to<DNSName>, std::allocator<std::pair<DNSName const, std::pair<std::vector<ComboAddress, std::allocator<ComboAddress> >, bool> > > >&, DNSName, bool, DNSName const&, QType, std::vector<DNSRecord, std::allocator<DNSRecord> >&, unsigned int, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::set<SyncRes::GetBestNSAnswer, std::less<SyncRes::GetBestNSAnswer>, std::allocator<SyncRes::GetBestNSAnswer> >&, SyncRes::Context&, SyncRes::StopAtDelegation*, std::map<DNSName, std::vector<ComboAddress, std::allocator<ComboAddress> >, std::less<DNSName>, std::allocator<std::pair<DNSName const, std::vector<ComboAddress, std::allocator<ComboAddress> > > > >*) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/syncres.cc:6040:25 (pdns_recursor+0x84be60)
      #2 SyncRes::doResolveNoQNameMinimization(DNSName const&, QType, std::vector<DNSRecord, std::allocator<DNSRecord> >&, unsigned int, std::set<SyncRes::GetBestNSAnswer, std::less<SyncRes::GetBestNSAnswer>, std::allocator<SyncRes::GetBestNSAnswer> >&, SyncRes::Context&, bool*, SyncRes::StopAtDelegation*) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/syncres.cc:2099:11 (pdns_recursor+0x838903)
      #3 SyncRes::doResolve(DNSName const&, QType, std::vector<DNSRecord, std::allocator<DNSRecord> >&, unsigned int, std::set<SyncRes::GetBestNSAnswer, std::less<SyncRes::GetBestNSAnswer>, std::allocator<SyncRes::GetBestNSAnswer> >&, SyncRes::Context&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/syncres.cc:1835:13 (pdns_recursor+0x825337)
      #4 SyncRes::beginResolve(DNSName const&, QType, QClass, std::vector<DNSRecord, std::allocator<DNSRecord> >&, unsigned int) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/syncres.cc:797:13 (pdns_recursor+0x828974)
      #5 doSecPoll(long*, std::shared_ptr<Logr::Logger> const&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/secpoll-recursor.cc:55:22 (pdns_recursor+0x814039)
      #6 houseKeepingWork(std::shared_ptr<Logr::Logger> const&)::$_18::operator()() const /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2651:9 (pdns_recursor+0x68abb3)
      #7 void std::__invoke_impl<void, houseKeepingWork(std::shared_ptr<Logr::Logger> const&)::$_18&>(std::__invoke_other, houseKeepingWork(std::shared_ptr<Logr::Logger> const&)::$_18&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61:14 (pdns_recursor+0x68abb3)
      #8 std::enable_if<is_invocable_r_v<void, houseKeepingWork(std::shared_ptr<Logr::Logger> const&)::$_18&>, void>::type std::__invoke_r<void, houseKeepingWork(std::shared_ptr<Logr::Logger> const&)::$_18&>(houseKeepingWork(std::shared_ptr<Logr::Logger> const&)::$_18&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:111:2 (pdns_recursor+0x68abb3)
      #9 std::_Function_handler<void (), houseKeepingWork(std::shared_ptr<Logr::Logger> const&)::$_18>::_M_invoke(std::_Any_data const&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:290:9 (pdns_recursor+0x68abb3)
      #10 std::function<void ()>::operator()() const /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:591:9 (pdns_recursor+0x688561)
      #11 PeriodicTask::runIfDue(timeval&, std::function<void ()> const&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2490:7 (pdns_recursor+0x688561)
      #12 houseKeepingWork(std::shared_ptr<Logr::Logger> const&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2649:17 (pdns_recursor+0x688561)
      #13 houseKeeping(void*) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2715:5 (pdns_recursor+0x688561)
      #14 MTasker<std::shared_ptr<PacketID>, std::vector<unsigned char, noinit_adaptor<std::allocator<unsigned char> > >, PacketIDCompare>::makeThread(void (*)(void*), void*)::'lambda'()::operator()() const /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/./mtasker.hh:397:5 (pdns_recursor+0x5f04b5)
      #15 void std::__invoke_impl<void, MTasker<std::shared_ptr<PacketID>, std::vector<unsigned char, noinit_adaptor<std::allocator<unsigned char> > >, PacketIDCompare>::makeThread(void (*)(void*), void*)::'lambda'()&>(std::__invoke_other, MTasker<std::shared_ptr<PacketID>, std::vector<unsigned char, noinit_adaptor<std::allocator<unsigned char> > >, PacketIDCompare>::makeThread(void (*)(void*), void*)::'lambda'()&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61:14 (pdns_recursor+0x5f0191)
      #16 std::enable_if<is_invocable_r_v<void, MTasker<std::shared_ptr<PacketID>, std::vector<unsigned char, noinit_adaptor<std::allocator<unsigned char> > >, PacketIDCompare>::makeThread(void (*)(void*), void*)::'lambda'()&>, void>::type std::__invoke_r<void, MTasker<std::shared_ptr<PacketID>, std::vector<unsigned char, noinit_adaptor<std::allocator<unsigned char> > >, PacketIDCompare>::makeThread(void (*)(void*), void*)::'lambda'()&>(MTasker<std::shared_ptr<PacketID>, std::vector<unsigned char, noinit_adaptor<std::allocator<unsigned char> > >, PacketIDCompare>::makeThread(void (*)(void*), void*)::'lambda'()&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:111:2 (pdns_recursor+0x5f0191)
      #17 std::_Function_handler<void (), MTasker<std::shared_ptr<PacketID>, std::vector<unsigned char, noinit_adaptor<std::allocator<unsigned char> > >, PacketIDCompare>::makeThread(void (*)(void*), void*)::'lambda'()>::_M_invoke(std::_Any_data const&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:290:9 (pdns_recursor+0x5f0191)
      #18 std::function<void ()>::operator()() const /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:591:9 (pdns_recursor+0x591fdf)
      #19 threadWrapper(boost::context::detail::transfer_t) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/mtasker_context.cc:163:7 (pdns_recursor+0x591fdf)
      #20 MTasker<std::shared_ptr<PacketID>, std::vector<unsigned char, noinit_adaptor<std::allocator<unsigned char> > >, PacketIDCompare>::schedule(timeval const&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/./mtasker.hh:426:7 (pdns_recursor+0x6ade0b)
      #21 recLoop() /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2764:29 (pdns_recursor+0x666577)
      #22 recursorThread() /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2959:5 (pdns_recursor+0x666577)
      #23 recLoop() /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2773:24 (pdns_recursor+0x66664d)
      #24 recursorThread() /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2959:5 (pdns_recursor+0x66664d)
      #25 recLoop() /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2806:26 (pdns_recursor+0x668385)
      #26 recursorThread() /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2959:5 (pdns_recursor+0x668385)
      #27 RecThreadInfo::start(unsigned int, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::map<unsigned int, std::set<int, std::less<int>, std::allocator<int> >, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, std::set<int, std::less<int>, std::allocator<int> > > > > const&, std::shared_ptr<Logr::Logger> const&)::$_0::operator()() const /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:241:5 (pdns_recursor+0x69caf7)
      #28 void std::__invoke_impl<void, RecThreadInfo::start(unsigned int, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::map<unsigned int, std::set<int, std::less<int>, std::allocator<int> >, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, std::set<int, std::less<int>, std::allocator<int> > > > > const&, std::shared_ptr<Logr::Logger> const&)::$_0>(std::__invoke_other, RecThreadInfo::start(unsigned int, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::map<unsigned int, std::set<int, std::less<int>, std::allocator<int> >, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, std::set<int, std::less<int>, std::allocator<int> > > > > const&, std::shared_ptr<Logr::Logger> const&)::$_0&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61:14 (pdns_recursor+0x69caf7)
      #29 std::__invoke_result<RecThreadInfo::start(unsigned int, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::map<unsigned int, std::set<int, std::less<int>, std::allocator<int> >, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, std::set<int, std::less<int>, std::allocator<int> > > > > const&, std::shared_ptr<Logr::Logger> const&)::$_0>::type std::__invoke<RecThreadInfo::start(unsigned int, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::map<unsigned int, std::set<int, std::less<int>, std::allocator<int> >, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, std::set<int, std::less<int>, std::allocator<int> > > > > const&, std::shared_ptr<Logr::Logger> const&)::$_0>(RecThreadInfo::start(unsigned int, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::map<unsigned int, std::set<int, std::less<int>, std::allocator<int> >, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, std::set<int, std::less<int>, std::allocator<int> > > > > const&, std::shared_ptr<Logr::Logger> const&)::$_0&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:96:14 (pdns_recursor+0x69caf7)
      #30 void std::thread::_Invoker<std::tuple<RecThreadInfo::start(unsigned int, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::map<unsigned int, std::set<int, std::less<int>, std::allocator<int> >, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, std::set<int, std::less<int>, std::allocator<int> > > > > const&, std::shared_ptr<Logr::Logger> const&)::$_0> >::_M_invoke<0ul>(std::_Index_tuple<0ul>) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:252:13 (pdns_recursor+0x69caf7)
      #31 std::thread::_Invoker<std::tuple<RecThreadInfo::start(unsigned int, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::map<unsigned int, std::set<int, std::less<int>, std::allocator<int> >, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, std::set<int, std::less<int>, std::allocator<int> > > > > const&, std::shared_ptr<Logr::Logger> const&)::$_0> >::operator()() /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:259:11 (pdns_recursor+0x69caf7)
      #32 std::thread::_State_impl<std::thread::_Invoker<std::tuple<RecThreadInfo::start(unsigned int, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::map<unsigned int, std::set<int, std::less<int>, std::allocator<int> >, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, std::set<int, std::less<int>, std::allocator<int> > > > > const&, std::shared_ptr<Logr::Logger> const&)::$_0> > >::_M_run() /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:210:13 (pdns_recursor+0x69caf7)
      #33 <null> <null> (libstdc++.so.6+0xd44a2)

    Previous read of size 4 at 0x55f19579db54 by thread T6:
      #0 getAllStatsMap[abi:cxx11](StatComponent) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec_channel_rec.cc:231:101 (pdns_recursor+0x760f2e)
      #1 productServerStatisticsFetch(std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > >&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/ws-recursor.cc:55:16 (pdns_recursor+0x8fcd70)
      #2 apiServerStatistics(HttpRequest*, HttpResponse*) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/ws-api.cc:189:3 (pdns_recursor+0x8f5f71)
      #3 void std::__invoke_impl<void, void (*&)(HttpRequest*, HttpResponse*), HttpRequest*, HttpResponse*>(std::__invoke_other, void (*&)(HttpRequest*, HttpResponse*), HttpRequest*&&, HttpResponse*&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61:14 (pdns_recursor+0x918cc8)
      #4 std::enable_if<is_invocable_r_v<void, void (*&)(HttpRequest*, HttpResponse*), HttpRequest*, HttpResponse*>, void>::type std::__invoke_r<void, void (*&)(HttpRequest*, HttpResponse*), HttpRequest*, HttpResponse*>(void (*&)(HttpRequest*, HttpResponse*), HttpRequest*&&, HttpResponse*&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:111:2 (pdns_recursor+0x918cc8)
      #5 std::_Function_handler<void (HttpRequest*, HttpResponse*), void (*)(HttpRequest*, HttpResponse*)>::_M_invoke(std::_Any_data const&, HttpRequest*&&, HttpResponse*&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:290:9 (pdns_recursor+0x918cc8)
      #6 std::function<void (HttpRequest*, HttpResponse*)>::operator()(HttpRequest*, HttpResponse*) const /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:591:9 (pdns_recursor+0x8ff173)
      #7 rustWrapper(std::function<void (HttpRequest*, HttpResponse*)> const&, pdns::rust::web::rec::Request const&, pdns::rust::web::rec::Response&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/ws-recursor.cc:1067:5 (pdns_recursor+0x8ff173)
      #8 pdns::rust::web::rec::apiServerStatistics(pdns::rust::web::rec::Request const&, pdns::rust::web::rec::Response&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/ws-recursor.cc:1102:1 (pdns_recursor+0x907b80)
      #9 pdns$rust$web$rec$cxxbridge1$apiServerStatistics <null> (pdns_recursor+0x9984b2)

    Location is global 'g_security_status' of size 4 at 0x55f19579db54 (pdns_recursor+0x000004479b54)

    Thread T5 'rec/web+stat' (tid=2012, running) created by main thread at:
      #0 pthread_create <null> (pdns_recursor+0x1fe42d)
      #1 std::thread::_M_start_thread(std::unique_ptr<std::thread::_State, std::default_delete<std::thread::_State> >, void (*)()) <null> (libstdc++.so.6+0xd4578)
      #2 RecThreadInfo::runThreads(std::shared_ptr<Logr::Logger> const&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:355:10 (pdns_recursor+0x663382)
      #3 serviceMain(std::shared_ptr<Logr::Logger> const&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2402:9 (pdns_recursor+0x67fdaf)
      #4 main /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:3316:11 (pdns_recursor+0x678755)

    Thread T6 (tid=2013, running) created by main thread at:
      #0 pthread_create <null> (pdns_recursor+0x1fe42d)
      #1 std::sys::pal::unix::thread::Thread::new::he1793c71df66b318 /rustc/e71f9a9a98b0faf423844bf0ba7438f29dc27d58/library/std/src/sys/pal/unix/thread.rs:84:19 (pdns_recursor+0xc1ef11)
      #2 RecThreadInfo::runThreads(std::shared_ptr<Logr::Logger> const&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:358:7 (pdns_recursor+0x663417)
      #3 serviceMain(std::shared_ptr<Logr::Logger> const&) /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:2402:9 (pdns_recursor+0x67fdaf)
      #4 main /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/rec-main.cc:3316:11 (pdns_recursor+0x678755)

  SUMMARY: ThreadSanitizer: data race /__w/pdns/pdns/pdns/recursordist/pdns-recursor-0.0.0-git1/secpoll-recursor.cc:84:23 in doSecPoll(long*, std::shared_ptr<Logr::Logger> const&)
```
This commit switches to an atomic type to store the security polling
status and clarify that the security polling message is not actually
shared outside of the security polling function.
It appears that the security polling status was the last metric stored
in a `uint32_t` type so we can get rid of some now unused code in the
process.

rec: document file extension of zone forward file and do not accept empty list of forwards

The YAML code already disallows an empty forwarders list. The added
case mainly covers the case when an old-style forward file is parsed
as if it's YAML. This now generated an error:

Feb 21 09:57:39 msg="Fatal error" error="empty list of forwarders for domain '- zone: example.com\"on line 1 of tmp/f.conf" subsystem="config" level="0" prio="Critical" tid="0" ts="1740128259.137" exception="PDNSException"

This hopefully makes admins realize rec is trying to parse YAML
content, but is expecting old-style as the file does not end in
in .yml.

rec: update umbrella top million URLs

After suggestion by @mnordhoff in IRC

Add two missing includes

Fixes #15179

Merge pull request #15190 from jsoref/dnssec-migration

docs: DNSSEC migration

Merge pull request #15191 from jsoref/doc-pdnsutil

docs: link to doc:pdnsutil

Merge pull request #15189 from jsoref/lua-if-first-run

docs: lua warn about first run checks

Merge pull request #15188 from jsoref/lua-link-to-ifurlup-options

docs: lua link to ifurlup-options

docs: link to doc:pdnsutil

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

docs: dnssec migration use rst mark up

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

docs: dnssec migration use rst mark up and change wording

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

docs: lua warn about first run checks

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

docs: lua link to ifurlup-options

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

docs: reinstate artifact generation for PRs

docs: Update to primary/secondary

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

ci: use fail-fast: false for more jobs

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

Merge pull request #15180 from miodvallat/consistent_logs

Consistent spelling of "Lua record" in logs

More LUA -> Lua when applicable.

Merge pull request #15177 from jsoref/lua-records-mark-up

Mark up www and ip addresses

Consistent spelling of "Lua record" in logs.

Merge pull request #15178 from jsoref/tsig-mark-up

Mark up tsig tables/algorithms/lengths

Mark up www and ip addresses

Mark up tsig tables/algorithms/lengths

Merge pull request #15165 from rgacogne/update-quiche

dnsdist: Update Quiche to 0.23.2 in our packages

Merge pull request #15164 from rgacogne/update-rust

Update Rust to 1.84.1 for our packages

Merge pull request #15175 from miodvallat/lmdb_abort_with_style

Improve LMDBBackend reliability

lmdb: be sure to abort pending transactions in the correct order.

If the LMDBBackend destructor is invoked while there are still pending
transactions, these need to be aborted, but in the reverse order of
their creation (i.e. abort the innermost transaction first).

The default destructor would abort them in a class field
declaration-dependent order, which may not match the actual cinematic.

We now remember which transaction is the innermost one, so that we can
abort them in the expected order.

This gets rid of "double free or corruption (top)" aborts with glibc,
and Address Sanitizer errors.

Update .github/actions/spell-check/excludes.txt

Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

Ignore docs/depfile.py for spell checking

Fix dependencies for docs, using a Sphinx extension to generate a dep file, as suggested by @eli-schwart in https://github.com/PowerDNS/pdns/pull/15169#discussion_r1959138532

Actually, the depfile (sphinx.d) is removed by ninja after generating
it as shown by a trace. I do not know why, but touching an .rst
file has the correct behaviour. So I suspect it is an optimization.

remove publish.js

don't wait for invalidation to finish before continuing

only add and update files, never delete

Merge pull request #15156 from rgacogne/ddist-handle-dnstap-msg-order

dnsdist: Handle response dnstap messages arriving before the query ones

Add all '*.rst' files in docs as a dependency.

The Meson docs are not a fan of this method, but maintaining that
list by hand is too much work and error prone. This does mean that
adding existing .rst file to the docs will not be picked up by the
dependency checking until you re-setup your build dir.

Only run python if found

And also do html-docs, tarball and pdf for auth

dnsdist docs (html-docs, tarball and pdf)

Generate tarball and pdf and introduce all-docs target

rec: generate html-docs using meson compile html-docs

dnsdist: Put the dnstap messages back to the queue in the correct order

As noticed by Miod, the previous solution was not removing all messages
from the queue, possibly putting back old messages behind newer ones.

Merge pull request #15168 from omoerbeek/rec-coverity-20250217

rec: coverity 20250217

Merge pull request #15163 from rgacogne/dnsdist-meson-dist

dnsdist: Generate tarballs via `meson dist`

Fix typos found by Miod in gen-version

This should eliminate a dozen or so Coverity warnigs

For example:

1591605 Data race condition

5. missing_lock: Accessing g_lowercaseOutgoing without holding lock LockGuarded<std::shared_ptr<std::unordered_map<DNSName, SyncRes::AuthDomain, std::hash<DNSName>, std::equal_to<DNSName>, std::allocator<std::pair<DNSName const, SyncRes::AuthDomain> > > > >.d_mutex. Elsewhere, g_lowercaseOutgoing is written to with LockGuarded.d_mutex held 1 out of 1 times.

Coverity 1591604 Use of auto that causes a copy

Merge pull request #15166 from rgacogne/ddist-unused-warnings

dnsdist: Fix several unused parameter warnings without DoH support

Rust moved to XZ compression

dnsdist: Fix several unused parameter warnings without DoH support

dnsdist: Update Quiche to 0.23.2 in our packages

Update Rust to 1.84.1 for our packages

Merge pull request #15160 from miodvallat/amnesia_got_me_in_trouble

[pdnsutil] Better error message when disk full

Merge pull request #14905 from klaus-nicat/improve_freshness-check_description

Try to improve freshness-check description

rec: reload proxy settings on rec_control reload-acls

Fixes #14096

Merge pull request #15161 from omoerbeek/rec-meson-install

rec: add meson install target and fix meson dist issues after new way of generating man pages was merged

dnsdist: Only generate man pages when needed w/ meson

Thanks, Otto!

dnsdist: Generate tarballs via `meson dist`

Apply suggestions from code review

Merge pull request #15162 from Habbie/revert-rclone

revert from rclone back to custom sync script

revert from rclone back to custom sync script

Merge pull request #15155 from milzi234/feature/rclone

Use rclone instead of custom sync script to publish documentation to AWS S3 bucket

Don't set --config-dir when generating dist config, no need to anymore

Merge pull request #15152 from miodvallat/strict_aliasing

Make the record representation of ALIAS match CNAME

Fix meson dist issues found after new way of generating man pages was merged.

Including a path fix to the cmp command, which wrongly assumes
MESON_SOURCE_ROOT was the toplevel dir.

Merge pull request #15157 from omoerbeek/rec-coverity-20250212

rec: coverity 20250212

Merge pull request #15159 from zeha/zeha-mesonstuff

recursor/meson: fix typo in comment

If deleteZone fails due to a backend exception, show it...

...rather than any further backend exception caused by
abortTransaction(), which will be much less helpful.

Using the sqlite backend on a full filesystem, pdnsutil delete-zone now
correctly reports "database or disk is full" instead of "cannot rollback
- no transaction is active" which no human can make sense of in this
situation.

recursor/meson: fix typo in comment

Add misssing declaration gcc likes while there

rec: add install target to meson

And always generate default config in YAML format

remove --progress

use ubuntu's rclone

Coverity 1591086 Uninitialized scalar field

Buch of Coverity "Variable copied when it could be moved" cases

Merge pull request #15154 from omoerbeek/rec-rust-cxx-include-dir

rec: fix cxx include dir

Use rclone instead of custom sync script to publish documentation to AWS S3 bucket

Merge pull request #15153 from omoerbeek/rec-fix-docs-gen

rec: fix docs generating, settings/ is now rec-rust-lib/

rec: fix cxx include dir

rec: fix docs generating, settings/ is now rec-rust-lib/

Merge pull request #15114 from omoerbeek/rec-rust-web

rec: move to embedded web service written in Rust

Merge pull request #14976 from omoerbeek/rec-quit-nicely-sync

rec: make quit-nicely wait on actual quit and start using it for stopping by systemd

Make the record representation of ALIAS match CNAME...

...but for the name compression. This will correctly remove non-root
trailing dots from ALIAS records.

Fixes #5500, #7827

Typo in comment

Co-authored-by: Miod Vallat <miod.vallat@open-xchange.com>

dnsdist: Handle response dnstap messages arriving before the query ones

Since we now use more than one TCP connection, it is entirely possible
for the response message to arrive before the query one, and our tests
should just deal with that.

dnsdist: Add a regression test for YAML/Lua mix

dnsdist: Disable Lua configuration directives in YAML mode

This commit restricts the Lua directives available to a Lua script
loaded alongside with a YAML configuration, disabling all Lua
configuration directives. This prevents a mess when settings are
set to different values in YAML and Lua, and make it clear that the
when a YAML configuration is used, any Lua file should only be used
to provide functions to the YAML configuration.
This behaviour can be reverted via the `enableLuaConfiguration`
directive if really needed.

dnsdist: docs, clarify addResponseAction behavior

dnsdist: protobuf, properly set the packetCacheHit field in logged messages

Merge pull request #15149 from rgacogne/ddist-meson-min-version

dnsdist: Bump the required version of `meson` to 1.3

Merge pull request #15148 from rgacogne/ddist-unbreak-console

dnsdist: Fix console ("client mode") on non-default address or port

dnsdist: Bump the required version of `meson` to 1.3

Since we now use the `follow_symlinks` option of `install_data()`.
We could probably make it work with older versions but a quick look
at what distributions provide suggests that 1.2.1 or 1.3.0 is
practically the same amount of pain.

dnsdist: Fix console ("client mode") on non-default address or port

The console address and port were not properly set in client mode,
so `dnsdist` tried to connect to the default console address and port.

dnsdist: add support for dnstap new http_protocol field