]>
git.ipfire.org Git - thirdparty/pdns.git/log
Remi Gacogne [Mon, 6 Oct 2025 13:58:22 +0000 (15:58 +0200)]
dnsdist: Fix parameter names in `dnsdist_ffi_dnsquestion_set_alternate_name`
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
a30f694137d9b443efc6ae49b9016ced735a37d1 )
Remi Gacogne [Mon, 6 Oct 2025 12:28:46 +0000 (14:28 +0200)]
dnsdist: Remove empty trailing line
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
d396b26772ac6b8a5835c81b5f665632c4c2b3cb )
Remi Gacogne [Mon, 6 Oct 2025 12:26:47 +0000 (14:26 +0200)]
dnsdist: Fix clang-tidy warnings, test more cases
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
e6cf554574d6875c4e233f6b0dcbe844fd58a850 )
Remi Gacogne [Mon, 6 Oct 2025 10:56:01 +0000 (12:56 +0200)]
dnsdist: Refactor the FFI "alternate name" interface
So we can use it without making the query asynchronous when we
don't have to.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
8ccff7a4f1475e873d400f5fb908edb482ea1850 )
Remi Gacogne [Tue, 21 Oct 2025 12:35:05 +0000 (14:35 +0200)]
Merge pull request #16309 from rgacogne/ddist20-backport-16292
Remi Gacogne [Tue, 21 Oct 2025 12:34:44 +0000 (14:34 +0200)]
Merge pull request #16310 from rgacogne/ddist20-backport-16155
Remi Gacogne [Tue, 21 Oct 2025 12:27:50 +0000 (14:27 +0200)]
Merge pull request #16315 from rgacogne/ddist20-backport-16285
Remi Gacogne [Tue, 21 Oct 2025 12:27:38 +0000 (14:27 +0200)]
Merge pull request #16316 from rgacogne/ddist20-backport-16256
Remi Gacogne [Tue, 21 Oct 2025 12:27:26 +0000 (14:27 +0200)]
Merge pull request #16317 from rgacogne/ddist20-backport-16254
Remi Gacogne [Tue, 21 Oct 2025 12:27:13 +0000 (14:27 +0200)]
Merge pull request #16318 from rgacogne/ddist20-backport-16244
Remi Gacogne [Tue, 21 Oct 2025 12:26:59 +0000 (14:26 +0200)]
Merge pull request #16319 from rgacogne/ddist20-backport-16242
Remi Gacogne [Fri, 17 Oct 2025 14:35:34 +0000 (16:35 +0200)]
dnsdist: Fix query rules bypass after tagging from a dynblock
In 2.0.0 we introduced the ability to set a tag when a dynamic
block matches, making it possible to combine dynamic blocks with
existing rules. Unfortunately the implementation turned out to
bypass query rules after setting a tag, so the mechanism could
only be used with the remaining rules chains (cache hit, cache-miss,
cache inserted, self-answered and regular response rules).
This commit fixes that to ensure that we can use tags with query
rules as well.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
b2afaadbd8e3403a68a93fa82b7a25be9f89e385 )
Remi Gacogne [Mon, 22 Sep 2025 15:02:24 +0000 (17:02 +0200)]
dnsdist: Error out in meson-sdist-script.sh when BUILDER_VERSION is unset
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
ed2ce8b3b7e103f8dc9953a55a1e814ceeb1bb64 )
Remi Gacogne [Mon, 22 Sep 2025 15:01:28 +0000 (17:01 +0200)]
dnsdist: Add comment about the Rust library version being automatically updated
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
97124012429f6d088575b350e7cf134c24538f3c )
Remi Gacogne [Fri, 17 Oct 2025 10:33:21 +0000 (12:33 +0200)]
dnsdist: Make inserting to the in-memory rings a bit faster
This commit moves the allocation and copy of the DNS name before
taking the lock, reducing contention. In completely unrealistic
benchmarks this makes the insertion ~10% faster.
Ideally I would rather move the existing `DNSName` instead of allocating
a new one, as we are usually done with it by the point we insert
into the rings, but this involves a lot of changes so let's start
with this.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
868ec90eacc2fc10f923bbfc333cb5b802fc9fbb )
Remi Gacogne [Mon, 13 Oct 2025 14:54:07 +0000 (16:54 +0200)]
dnsdist: Allow selecting a specific version of Lua with meson
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
e85ba9b1a7e7d5fc38d295e1538173893c79eaaf )
Remi Gacogne [Mon, 13 Oct 2025 15:21:07 +0000 (17:21 +0200)]
test-iputils_hh.cc: Appease clang-tidy
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
27ef73a521cf551bdc3b488df53727ec0c46057a )
Remi Gacogne [Mon, 13 Oct 2025 14:44:15 +0000 (16:44 +0200)]
iputils: Make static addresses static in `ComboAddress::isUnspecified`
Prevent having to instantiate them again and again, as suggested by
Otto.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
a4301807428dd4389d9bb43bffea171f5ca3c2ae )
Remi Gacogne [Mon, 13 Oct 2025 14:13:03 +0000 (16:13 +0200)]
ComboAddress: Fix "unspecified address" test when the port is set
This fixes the QUIC issue reported on FreeBSD: the frontend
was not considered to be bound to an `ANY`/unspecified address
because the port was set, causing the address selection address
to fail.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
940d35a6237ba997bce1e1ef80ad836ad11da4ae )
Remi Gacogne [Fri, 10 Oct 2025 14:40:25 +0000 (16:40 +0200)]
dnsdist: Don't choke on invalid DNS payload when generating protobuf messages
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
ba78a38a7a2349ec73fa2a66b552eb2234b42007 )
Remi Gacogne [Fri, 10 Oct 2025 14:39:56 +0000 (16:39 +0200)]
dnsdist: Properly zero-initialize the "fake" DNS header
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
153a1bf296f58c38cfd4fb96de29e2677ac42e04 )
Remi Gacogne [Fri, 10 Oct 2025 09:45:25 +0000 (11:45 +0200)]
dnsdist: Set up the dns header for timeout response rules
Response actions expect that there is a DNS payload containing at
least a DNS header, as an incoming packet smaller than a DNS header
would have been discarded early in the processing path.
Unfortunately this is not true for timeout response rules, where we
no longer have the DNS payload from the query and obviously don't
have a response either. This commit restores a DNS header from the
information we have (query ID, flags) so that most actions can
proceed normally.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
0cc4805b11afde171880d8f8ee84716de0ce5335 )
Remi Gacogne [Tue, 7 Oct 2025 11:34:49 +0000 (13:34 +0200)]
dnsdist: Fix handling of large XSK frames
There was a bug in the way we were computing the remaining capacity
of a XSK frame, because we forgot to account for the network headers.
This caused some XSK responses to be discarded by the kernel (`tx_invalid_descs`)
because there was not enough space left in the frame (less than
`XDP_PACKET_HEADROOM`).
Thanks to `ednaq` for reporting this via ou YesWeHack program.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
e0eb6a798c02ccd0d613fff53b0e51560e0a9fba )
Remi Gacogne [Mon, 22 Sep 2025 10:15:03 +0000 (12:15 +0200)]
update-rust-library-version: Not DNSdist-specific
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
27ee747f17b7887e7514ec9b4f87cf7c7ecd8f77 )
Remi Gacogne [Mon, 22 Sep 2025 09:43:11 +0000 (11:43 +0200)]
dnsdist: Update the Rust library version when generating a tarball
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
1ec5492f189b694ed3b62db94aeee68f714a6244 )
Remi Gacogne [Thu, 16 Oct 2025 08:48:35 +0000 (10:48 +0200)]
Merge pull request #16276 from rgacogne/dnsdist-2.0.x-backport-16169
Remi Gacogne [Thu, 16 Oct 2025 08:30:51 +0000 (10:30 +0200)]
Merge pull request #16270 from rgacogne/dnsdist-2.0.x-backport-15267
Remi Gacogne [Tue, 23 Sep 2025 14:15:13 +0000 (16:15 +0200)]
build-docker-images-tags: Grant enough permissions to sign imagesSigned-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
romeroalx [Fri, 7 Mar 2025 07:00:19 +0000 (08:00 +0100)]
dnsdist-2.0.x: Fix the build-packages workflow
(cherry picked from commit
0424014ebdcac41efc882559d6d5ea0d30bd444b )
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
Remi Gacogne [Wed, 10 Sep 2025 07:54:30 +0000 (09:54 +0200)]
Merge pull request #16102 from rgacogne/ddist20-backport-16065
Remi Gacogne [Mon, 1 Sep 2025 10:22:55 +0000 (12:22 +0200)]
dnsdist: Test that the configuration is correctly reloaded
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
a139d6ddef76cabc203d0e9786110a6f3d3b3f2f )
Remi Gacogne [Mon, 1 Sep 2025 10:22:06 +0000 (12:22 +0200)]
dnsdist: Refresh configuration after `recv` which may have blocked for a long time
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
4f70dcdd60826448b4bcad5a44335de0c45dbeea )
Remi Gacogne [Mon, 8 Sep 2025 14:53:30 +0000 (16:53 +0200)]
Merge pull request #16096 from rgacogne/ddist20-backport-16082
Remi Gacogne [Fri, 5 Sep 2025 07:35:44 +0000 (09:35 +0200)]
dnsdist: Fix the IO reentry guard in outgoing DoH
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
81f0706bdf91c01ee26f8bb18315206af7a70b31 )
Remi Gacogne [Mon, 8 Sep 2025 13:47:18 +0000 (15:47 +0200)]
Merge pull request #16095 from rgacogne/ddist20-backport-16090
Remi Gacogne [Fri, 5 Sep 2025 14:38:49 +0000 (16:38 +0200)]
dnsdist: Fix access to frontends while in client mode
Since 2.0 we return `nil` instead of an object containing a `NULL`
pointer when the requested object does not exist, to make it possible
to check the validity of the returned object from `Lua`. It makes
sense in all contexts except when we are in client mode, because
then accessing the object in the remaining parts of the configuration
will trigger an error. Our DNS over HTTPS documentation itself contains
such a Lua configuration snippet, which is now broken.
This commit reverts back to sending an object containg a `NULL`
pointer when accessing the frontends in the client mode case.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
e6b9a30bbe1e198702308d9904d067eb89b646f1 )
Remi Gacogne [Mon, 8 Sep 2025 09:50:39 +0000 (11:50 +0200)]
Merge pull request #16093 from rgacogne/ddist20-backport-15737
Remi Gacogne [Fri, 27 Jun 2025 14:09:18 +0000 (16:09 +0200)]
dnsdist-resolver: Fix a bug when we get new IPs for a server
The `dnsdist-resolver` script regularly checks the IPs corresponding
to a backend `hostname`, and updates our backend accordingly:
- if an IP we previously received vanishes, it removes the backend
corresponding to that IP
- if a new IP shows up, it adds a new backend
The existing code tries to avoid some work by keeping track of the
number of IPs associated to a given server, skipping the comparisons
of recently received IPs to existing ones if the number did not change.
This unfortunately does not work well if we get the same number of IPs
but with different IPs in the set.
This caused some backends to never get removed and stay along as ghosts,
as well as some new IPs to never be picked up.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
e306ec7a085282893b93214a75ba3aac4d9435b4 )
Remi Gacogne [Fri, 5 Sep 2025 07:55:29 +0000 (09:55 +0200)]
Merge pull request #16080 from rgacogne/ddist20-backport-16015
Remi Gacogne [Fri, 5 Sep 2025 07:55:21 +0000 (09:55 +0200)]
Merge pull request #16081 from rgacogne/ddist20-backport-16064
Remi Gacogne [Mon, 1 Sep 2025 12:00:09 +0000 (14:00 +0200)]
dnsdist: Properly handle truncation for UDP responses sent via `sendmmsg`
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
bf06a3d6b2f517b0cf365e218c752548029ea4a6 )
Remi Gacogne [Fri, 22 Aug 2025 12:38:35 +0000 (14:38 +0200)]
dnsdist: Fix a typo is an exception message spotted by Miod
Co-authored-by: Miod Vallat <miod.vallat@powerdns.com>
Signed-off-by: Remi Gacogne <github@coredump.fr>
(cherry picked from commit
28238ca3fb9fab245b90d912a30355567aa7266d )
Remi Gacogne [Fri, 22 Aug 2025 12:38:03 +0000 (14:38 +0200)]
dnsdist: Apply Miod's suggestion
Co-authored-by: Miod Vallat <miod.vallat@powerdns.com>
Signed-off-by: Remi Gacogne <github@coredump.fr>
(cherry picked from commit
0cf2668a8c625f72944f682010befbe3089b9dd0 )
Remi Gacogne [Fri, 22 Aug 2025 12:22:29 +0000 (14:22 +0200)]
dnsdist: Fix clang-tidy warnings
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
baad31c2b9db48acd1874db743a1764beaa05931 )
Remi Gacogne [Fri, 22 Aug 2025 08:33:14 +0000 (10:33 +0200)]
dnsdist: Don't call `nghttp2_session_send` from a callback
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
a917d158c3f8994e84b38cacbaec5668b1745460 )
Remi Gacogne [Fri, 22 Aug 2025 07:57:57 +0000 (09:57 +0200)]
dnsdist: Fix a memory access violation in the nghttp2 unit tests
Calling `nghttp2_session_send` from a callback does not work well
when ``nghttp2_session_send`` ends up closing the current stream,
triggering a use-after-free.
It's not clear from the API documentation, but it is mentioned in
the programmers' guide's remarks:
> Do not call `nghttp2_session_send()`, `nghttp2_session_mem_send2()`,
`nghttp2_session_recv()` or `nghttp2_session_mem_recv2()` from the
nghttp2 callback functions directly or indirectly. It will lead to the
crash. You can submit requests or frames in the callbacks then call
these functions outside the callbacks.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
346d37abe3beedcec8c856ea4421311de4df1d24 )
Remi Gacogne [Fri, 29 Aug 2025 11:29:32 +0000 (13:29 +0200)]
Merge pull request #16053 from rgacogne/ddist20-backport-15874
Remi Gacogne [Thu, 28 Aug 2025 12:10:18 +0000 (14:10 +0200)]
Merge pull request #16052 from rgacogne/ddist20-backport-16043
Remi Gacogne [Thu, 28 Aug 2025 12:10:01 +0000 (14:10 +0200)]
Merge pull request #16049 from rgacogne/ddist20-backport-16042
Remi Gacogne [Thu, 28 Aug 2025 09:38:49 +0000 (11:38 +0200)]
Merge pull request #16048 from rgacogne/ddist20-backport-16038
Remi Gacogne [Mon, 25 Aug 2025 13:22:39 +0000 (15:22 +0200)]
dnsdist: Expose `refreshRuntimeConfiguration` to Lua
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
6ac7c5514aa28d63e0d46e06c4c37df4213585d4 )
Remi Gacogne [Fri, 22 Aug 2025 13:20:04 +0000 (15:20 +0200)]
dnsdist: Also refresh the configuration when `recvmmsg` is used
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
8539d039f68d7e7c256d2575191a364664ae882b )
Remi Gacogne [Tue, 29 Jul 2025 08:34:48 +0000 (10:34 +0200)]
dnsdist: Better config refresh logic in the TCP/DoH threads
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
51d2c34c0e209120a4692697a56e3a8bcaeb9af0 )
Remi Gacogne [Fri, 25 Jul 2025 14:28:56 +0000 (16:28 +0200)]
dnsdist: Ensure the runtime configuration is updated in the SNMP thread
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
a7da19df49ebd0745449eb206ca035a18500d251 )
Remi Gacogne [Thu, 17 Jul 2025 15:10:04 +0000 (17:10 +0200)]
dnsdist: Explicitly update the configuration thread-local copy
This commits ensures that all DNSdist threads are regularly checking
if there is a new version of the runtime-modifiable configuration and
update their local copy if necessary. Regular accesses to the copy
are now fully read-only, meaning they do not invalidate the current copy.
It prevents the case where a function is invalidating the copy that the
caller is holding, and makes accessing the configuration cheaper.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
c08ba9f1f2fe743c3e05313b2c329446e2e2d1b1 )
Otto Moerbeek [Thu, 28 Aug 2025 08:15:16 +0000 (10:15 +0200)]
dnsdist: allow building wth gcc8, which needs -lstdc++fs as link argument
Signed-off-by: Otto Moerbeek <otto.moerbeek@open-xchange.com>
(cherry picked from commit
d74d63d0963bdb2790a95cfc6ef1564c1f176745 )
Remi Gacogne [Thu, 28 Aug 2025 09:11:31 +0000 (11:11 +0200)]
Merge pull request #16045 from rgacogne/ddist20-backport-16007
Otto Moerbeek [Thu, 28 Aug 2025 07:53:53 +0000 (09:53 +0200)]
dnsdist: don't increment in a potential macro argument
Fixes g++ 8: ../dnsdist-crypto.cc:291:16: warning: operation on 'count' may be undefined [-Wsequence-point]
Signed-off-by: Otto Moerbeek <otto.moerbeek@open-xchange.com>
(cherry picked from commit
6a269e10520ffd5431830e8c1ee87e464d458663 )
Remi Gacogne [Tue, 26 Aug 2025 11:58:54 +0000 (13:58 +0200)]
dnsdist: Add missing generated files to the dist tarball
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
847331c4fe8b55a704889e0861f4f95b5e9e163e )
Remi Gacogne [Mon, 25 Aug 2025 11:08:41 +0000 (13:08 +0200)]
dnsdist: Fix invalid log formatters spotted by Otto
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
36aeac05daeffcbc41443b47660982f65d73b7da )
Remi Gacogne [Thu, 21 Aug 2025 13:43:01 +0000 (15:43 +0200)]
dnsdist: Apply Miod and clang-tidy's suggestions
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
f2bee342a4b53cd4ea4896e280ccafeb9f24db34 )
Remi Gacogne [Mon, 28 Jul 2025 14:33:46 +0000 (16:33 +0200)]
dnsdist: Stop reading on incoming DoH sockets if we are done
If the underlying library doesn't want to read, we have nothing
to send at the moment, but we are still waiting for responses,
there is no need to keep polling the socket.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
e0a5a6dc4ab9557442ddbba56d03f6e4fb132bf2 )
Remi Gacogne [Mon, 28 Jul 2025 14:31:36 +0000 (16:31 +0200)]
dnsdist: Fix the accounting of "killed" streams
The way the nghttp2 library works means that we can get notified
that a stream has been closed while we are still in the function
sending the actual response. This is not a "killed" stream, but
just a regular closure.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
b81ed956d2f0b6bc538b34ee7e7ad304be233e7a )
Remi Gacogne [Fri, 20 Jun 2025 11:44:33 +0000 (13:44 +0200)]
dnsdist: Define `dnsdist::doh::MAX_INCOMING_CONCURRENT_STREAMS`
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
866c8f3fff753d3b2a03c1da50e8d53056880a46 )
Remi Gacogne [Thu, 19 Jun 2025 10:39:11 +0000 (12:39 +0200)]
dnsdist: Tentative h2o fix for MadeYouReset
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
2406bc461dbac384b07ed7dbb73a87def6354bd6 )
Remi Gacogne [Thu, 19 Jun 2025 09:18:27 +0000 (11:18 +0200)]
dnsdist: Enforce concurrent streams count for pending queries
The gist of the `MadeYouRest` attack is that streams can be reset
by the client, and thus no longer count towards the maximum number
of a streams as far as the library is concerned, while the server
is still processing the query and doing actual work.
This pull request introduces a counter for "killed but still being
processed streams" to prevent it.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
0214032c5f09fcfb440e5c5120f1491cb4f0fda4 )
Remi Gacogne [Mon, 25 Aug 2025 11:07:38 +0000 (13:07 +0200)]
Merge pull request #16032 from rgacogne/ddist20-backport-15881
Remi Gacogne [Mon, 25 Aug 2025 09:44:39 +0000 (11:44 +0200)]
Merge pull request #16031 from rgacogne/ddist20-backport-15817
Remi Gacogne [Mon, 25 Aug 2025 09:44:29 +0000 (11:44 +0200)]
Merge pull request #16030 from rgacogne/ddist20-backport-15915
Remi Gacogne [Thu, 24 Jul 2025 09:11:24 +0000 (11:11 +0200)]
dns: Get rid of the ugly special case for OpCode 3
As suggested by Miod.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
b6898b5f3787e2528225fd5e22927f2e5ba3cc2b )
Remi Gacogne [Mon, 21 Jul 2025 09:56:47 +0000 (11:56 +0200)]
dnsdist: Support mnemonics for the Opcode selector
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
1a37caf4bcef0ad8362ce5b2bf8f01e90c81986d )
Remi Gacogne [Mon, 25 Aug 2025 09:18:59 +0000 (11:18 +0200)]
Merge pull request #16029 from rgacogne/ddist20-backport-15959
Peter van Dijk [Thu, 10 Jul 2025 12:05:41 +0000 (14:05 +0200)]
switch Docker images to Debian Trixie
(cherry picked from commit
4a92c4bbda9c5a0d0b9b30865dff71d70226cfcf )
Otto Moerbeek [Thu, 24 Jul 2025 13:41:50 +0000 (15:41 +0200)]
rec and dnsdist: properly set up env vars
env.append() appends to an existing value
Should fix the error in #15896, but the reported location of cargo
still might be wrong.
Signed-off-by: Otto Moerbeek <otto.moerbeek@open-xchange.com>
(cherry picked from commit
6d3c2334aa84258eaee409eb7e545eb67121a4a5 )
Peter van Dijk [Mon, 4 Aug 2025 11:56:05 +0000 (13:56 +0200)]
dnsdist --version: report yaml support
(cherry picked from commit
8ac38640efa2c90f1db59fddcd32cdb6c29d41db )
Remi Gacogne [Mon, 25 Aug 2025 07:35:29 +0000 (09:35 +0200)]
Merge pull request #16020 from rgacogne/ddist20-backport-15931
Remi Gacogne [Fri, 22 Aug 2025 13:46:57 +0000 (15:46 +0200)]
Merge pull request #16019 from rgacogne/ddist20-backport-15935
Remi Gacogne [Fri, 22 Aug 2025 13:26:39 +0000 (15:26 +0200)]
Merge pull request #16018 from rgacogne/ddist20-backport-15904
Remi Gacogne [Fri, 22 Aug 2025 13:16:01 +0000 (15:16 +0200)]
Merge pull request #16017 from rgacogne/ddist20-backport-15902
Remi Gacogne [Thu, 21 Aug 2025 14:40:29 +0000 (16:40 +0200)]
Refactor `DNSName::matches` around `pdns_ilexicographical_compare_three_way`
And rename it to hopefully prevent any confusion regarding when it can be used.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
f78521d7f73d1f176602e33d03fae6e40fa86602 )
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
Remi Gacogne [Tue, 29 Jul 2025 07:45:33 +0000 (09:45 +0200)]
dnsdist: Yet another clang-tidy warning
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
aa5ca15a59efa4602efc5d78e17514dfe4edab16 )
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
Remi Gacogne [Mon, 28 Jul 2025 15:12:14 +0000 (17:12 +0200)]
dnsname: Fix clang-tidy warnings
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
afbae807a3dbb00b9ac8e20daa8b5bef353a1764 )
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
Remi Gacogne [Mon, 28 Jul 2025 09:29:40 +0000 (11:29 +0200)]
dnsname: Add a comment about what `DNSName::matches` accepts
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
7394dd09afce13c1cd287c2b63f8d129e8be22af )
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
Remi Gacogne [Fri, 25 Jul 2025 14:55:18 +0000 (16:55 +0200)]
dnsdist: Fix clang-tidy warnings
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
93e1cbbc014526ce4f39b54dd084cfa040980dbe )
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
Remi Gacogne [Fri, 25 Jul 2025 14:12:39 +0000 (16:12 +0200)]
dnsdist: Speed up response content matching
This commit introduces a new method to compare a `DNSName`
against a view of raw, wire-format bytes, skipping the
allocation and copy that is usually required to get a
second `DNSName` object to compare against.
This signifitcantly reduces the amount of time matching
a DNS response received from a backend against the content
we expect to find.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
67eb73850f3141c44963d95ef815fe6a0586d2a8 )
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
Remi Gacogne [Fri, 22 Aug 2025 13:11:40 +0000 (15:11 +0200)]
dnsdist-2.0.x: Backport pdns_ilexicographical_compare_three_waySigned-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
Remi Gacogne [Thu, 21 Aug 2025 13:49:43 +0000 (15:49 +0200)]
dnsdist: Fix error in comment spotted by Otto (seconds -> minutes)
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
e5a0cc4475cb668824d7d5a45086665f038f3b16 )
Remi Gacogne [Tue, 29 Jul 2025 07:55:38 +0000 (09:55 +0200)]
dnsdist: Fix clang-tidy warnings
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
d80362d7d2f1d50d0cd449b62ef7fdea4354eed3 )
Remi Gacogne [Mon, 28 Jul 2025 14:50:12 +0000 (16:50 +0200)]
dnsdist: Clean up incoming TCP connections counters once per minute
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
df406c37e23974d4fa1575dcf54ef53ef8276fa6 )
Remi Gacogne [Thu, 24 Jul 2025 09:42:03 +0000 (11:42 +0200)]
dnsdist: Fix restricted network families when building with meson
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
84da8caf2bb5e0c74f706b7248d9abf379485180 )
Remi Gacogne [Thu, 24 Jul 2025 09:41:38 +0000 (11:41 +0200)]
dnsdist: Fix systemd template unit when building with meson
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
b8b86d5644f46b2f07cd7f633cbfd98395ec8ec6 )
Remi Gacogne [Thu, 21 Aug 2025 11:20:21 +0000 (13:20 +0200)]
Merge pull request #16003 from rgacogne/ddist20-quiche-0.24.5
Remi Gacogne [Thu, 21 Aug 2025 08:12:11 +0000 (10:12 +0200)]
dnsdist: Update Cloudflare's Quiche to 0.24.5 in our packages
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
e9af7f9c2f9e2b8969fc6be7bc35d0de2decdb77 )
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
Remi Gacogne [Mon, 28 Jul 2025 07:34:23 +0000 (09:34 +0200)]
Merge pull request #15925 from rgacogne/ddist20-backport-15916
Remi Gacogne [Mon, 28 Jul 2025 07:33:34 +0000 (09:33 +0200)]
Merge pull request #15926 from rgacogne/ddist20-backport-15917
Remi Gacogne [Mon, 28 Jul 2025 07:33:25 +0000 (09:33 +0200)]
Merge pull request #15927 from rgacogne/ddist20-backport-15918
Remi Gacogne [Mon, 28 Jul 2025 07:32:22 +0000 (09:32 +0200)]
Merge pull request #15920 from rgacogne/ddist20-upgrade-quiche
Remi Gacogne [Tue, 22 Jul 2025 09:18:38 +0000 (11:18 +0200)]
dnsdist: Update rings' atomic counter without holding the lock
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
f30e5ca0993defc6bacd5584d5ce19d32900d71d )
Remi Gacogne [Thu, 24 Jul 2025 14:02:39 +0000 (16:02 +0200)]
dnsdist: Update a cache's atomic counter without holding the lock
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
e579d8f2977f17efcf5f7f158500a9df53c2370d )
Remi Gacogne [Tue, 22 Jul 2025 09:19:19 +0000 (11:19 +0200)]
dnsdist: Return early when a rule chain is empty
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
1ae16e707a6cb1c80d611b72e9e4599707332645 )
projects / thirdparty / pdns.git / log
