]>
git.ipfire.org Git - thirdparty/pdns.git/log
Remi Gacogne [Thu, 16 Mar 2023 12:43:00 +0000 (13:43 +0100)]
auth: Prevent a race during the processing of SVC auto-hints
When `svc-autohints` is enabled, the content of SVCB and HTTPS records
is modified in `PacketHandler::doAdditionalProcessing()` to expand
the IPv4 and IPv6 with their actual values.
This causes an issue because the content of these records might be
shared between threads, via the record cache, and one thread could
be trying to read from the internal `std::set` while a second thread
is altering it, leading to a data race and possibly to memory corruption
and a crash.
This is correctly detected by TSAN:
```
WARNING: ThreadSanitizer: data race (pid=102795)
Write of size 8 at 0x7b3400010350 by thread T33:
#0 operator delete(void*) <null> (pdns_server+0x211b7c) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#1 std::__new_allocator<std::_Rb_tree_node<SvcParam>>::deallocate(std::_Rb_tree_node<SvcParam>*, unsigned long) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/new_allocator.h:158:2 (pdns_server+0x33fc78) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#2 std::allocator_traits<std::allocator<std::_Rb_tree_node<SvcParam>>>::deallocate(std::allocator<std::_Rb_tree_node<SvcParam>>&, std::_Rb_tree_node<SvcParam>*, unsigned long) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/alloc_traits.h:496:13 (pdns_server+0x33fc78)
#3 std::_Rb_tree<SvcParam, SvcParam, std::_Identity<SvcParam>, std::less<SvcParam>, std::allocator<SvcParam>>::_M_put_node(std::_Rb_tree_node<SvcParam>*) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/stl_tree.h:565:9 (pdns_server+0x33fc78)
#4 std::_Rb_tree<SvcParam, SvcParam, std::_Identity<SvcParam>, std::less<SvcParam>, std::allocator<SvcParam>>::_M_drop_node(std::_Rb_tree_node<SvcParam>*) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/stl_tree.h:632:2 (pdns_server+0x33fc78)
#5 std::_Rb_tree<SvcParam, SvcParam, std::_Identity<SvcParam>, std::less<SvcParam>, std::allocator<SvcParam>>::_M_erase_aux(std::_Rb_tree_const_iterator<SvcParam>) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/stl_tree.h:2495:7 (pdns_server+0x33fc78)
#6 std::_Rb_tree<SvcParam, SvcParam, std::_Identity<SvcParam>, std::less<SvcParam>, std::allocator<SvcParam>>::erase[abi:cxx11](std::_Rb_tree_const_iterator<SvcParam>) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/stl_tree.h:1197:2 (pdns_server+0x33fc78)
#7 std::set<SvcParam, std::less<SvcParam>, std::allocator<SvcParam>>::erase[abi:cxx11](std::_Rb_tree_const_iterator<SvcParam>) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/stl_set.h:655:21 (pdns_server+0x33fc78)
#8 SVCBBaseRecordContent::setHints(SvcParam::SvcParamKey const&, std::vector<ComboAddress, std::allocator<ComboAddress>> const&) /work/pdns/pdns/dnsrecords.cc:768:14 (pdns_server+0x33fc78)
#9 PacketHandler::doAdditionalProcessing(DNSPacket&, std::unique_ptr<DNSPacket, std::default_delete<DNSPacket>>&) /work/pdns/pdns/packethandler.cc:565:16 (pdns_server+0x4ed330) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#10 PacketHandler::doQuestion(DNSPacket&) /work/pdns/pdns/packethandler.cc:1794:5 (pdns_server+0x4f79b4) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#11 PacketHandler::question(DNSPacket&) /work/pdns/pdns/packethandler.cc:1175:10 (pdns_server+0x4f649a) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#12 MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::distribute(int) /work/pdns/pdns/./distributor.hh:220:14 (pdns_server+0x260f70) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#13 MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()::operator()() const /work/pdns/pdns/./distributor.hh:179:25 (pdns_server+0x260b31) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#14 void std::__invoke_impl<void, MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>(std::__invoke_other, MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()&&) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/invoke.h:61:14 (pdns_server+0x260b31)
#15 std::__invoke_result<MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>::type std::__invoke<MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>(MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()&&) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/invoke.h:96:14 (pdns_server+0x260b31)
#16 void std::thread::_Invoker<std::tuple<MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>>::_M_invoke<0ul>(std::_Index_tuple<0ul>) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:258:13 (pdns_server+0x260b31)
#17 std::thread::_Invoker<std::tuple<MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>>::operator()() /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:265:11 (pdns_server+0x260b31)
#18 std::thread::_State_impl<std::thread::_Invoker<std::tuple<MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>>>::_M_run() /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:210:13 (pdns_server+0x260b31)
#19 execute_native_thread_routine /usr/src/debug/gcc/gcc/libstdc++-v3/src/c++11/thread.cc:82:18 (libstdc++.so.6+0xd72c2) (BuildId:
6fe66a2d539a78c993bd2d377e00fad389220963 )
Previous read of size 2 at 0x7b3400010350 by thread T39:
#0 SvcParam::getKey() const /work/pdns/pdns/./svc-records.hh:80:12 (pdns_server+0x3721f3) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#1 GenericDNSPacketWriter<std::vector<unsigned char, std::allocator<unsigned char>>>::xfrSvcParamKeyVals(std::set<SvcParam, std::less<SvcParam>, std::allocator<SvcParam>> const&) /work/pdns/pdns/dnswriter.cc:404:23 (pdns_server+0x3721f3)
#2 void HTTPSRecordContent::xfrPacket<GenericDNSPacketWriter<std::vector<unsigned char, std::allocator<unsigned char>>>>(GenericDNSPacketWriter<std::vector<unsigned char, std::allocator<unsigned char>>>&, bool) /work/pdns/pdns/dnsrecords.cc:348:1 (pdns_server+0x3349bd) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#3 HTTPSRecordContent::toPacket(GenericDNSPacketWriter<std::vector<unsigned char, std::allocator<unsigned char>>>&) /work/pdns/pdns/dnsrecords.cc:348:1 (pdns_server+0x3349bd)
#4 DNSRecordContent::serialize[abi:cxx11](DNSName const&, bool, bool) /work/pdns/pdns/./dnsparser.hh:215:11 (pdns_server+0x311140) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#5 DNSPacket::addRecord(DNSZoneRecord&&) /work/pdns/pdns/dnspacket.cc:177:68 (pdns_server+0x2fa894) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#6 PacketHandler::doAdditionalProcessing(DNSPacket&, std::unique_ptr<DNSPacket, std::default_delete<DNSPacket>>&) /work/pdns/pdns/packethandler.cc:542:8 (pdns_server+0x4eccf2) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#7 PacketHandler::doQuestion(DNSPacket&) /work/pdns/pdns/packethandler.cc:1794:5 (pdns_server+0x4f79b4) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#8 PacketHandler::question(DNSPacket&) /work/pdns/pdns/packethandler.cc:1175:10 (pdns_server+0x4f649a) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#9 MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::distribute(int) /work/pdns/pdns/./distributor.hh:220:14 (pdns_server+0x260f70) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#10 MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()::operator()() const /work/pdns/pdns/./distributor.hh:179:25 (pdns_server+0x260b31) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#11 void std::__invoke_impl<void, MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>(std::__invoke_other, MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()&&) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/invoke.h:61:14 (pdns_server+0x260b31)
#12 std::__invoke_result<MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>::type std::__invoke<MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>(MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()&&) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/invoke.h:96:14 (pdns_server+0x260b31)
#13 void std::thread::_Invoker<std::tuple<MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>>::_M_invoke<0ul>(std::_Index_tuple<0ul>) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:258:13 (pdns_server+0x260b31)
#14 std::thread::_Invoker<std::tuple<MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>>::operator()() /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:265:11 (pdns_server+0x260b31)
#15 std::thread::_State_impl<std::thread::_Invoker<std::tuple<MultiThreadDistributor<DNSPacket, DNSPacket, PacketHandler>::MultiThreadDistributor(int)::'lambda'()>>>::_M_run() /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:210:13 (pdns_server+0x260b31)
#16 execute_native_thread_routine /usr/src/debug/gcc/gcc/libstdc++-v3/src/c++11/thread.cc:82:18 (libstdc++.so.6+0xd72c2) (BuildId:
6fe66a2d539a78c993bd2d377e00fad389220963 )
Thread T33 'pdns/distributo' (tid=102833, running) created by thread T17 at:
#0 pthread_create <null> (pdns_server+0x1904e6) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#1 __gthread_create /usr/src/debug/gcc/gcc-build/x86_64-pc-linux-gnu/libstdc++-v3/include/x86_64-pc-linux-gnu/bits/gthr-default.h:663:35 (libstdc++.so.6+0xd73a9) (BuildId:
6fe66a2d539a78c993bd2d377e00fad389220963 )
#2 std::thread::_M_start_thread(std::unique_ptr<std::thread::_State, std::default_delete<std::thread::_State>>, void (*)()) /usr/src/debug/gcc/gcc/libstdc++-v3/src/c++11/thread.cc:147:37 (libstdc++.so.6+0xd73a9)
#3 Distributor<DNSPacket, DNSPacket, PacketHandler>::Create(int) /work/pdns/pdns/./distributor.hh:134:18 (pdns_server+0x256d23) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#4 qthread(unsigned int) /work/pdns/pdns/auth-main.cc:536:25 (pdns_server+0x256d23)
#5 void std::__invoke_impl<void, void (*)(unsigned int), unsigned int>(std::__invoke_other, void (*&&)(unsigned int), unsigned int&&) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/invoke.h:61:14 (pdns_server+0x2635f0) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#6 std::__invoke_result<void (*)(unsigned int), unsigned int>::type std::__invoke<void (*)(unsigned int), unsigned int>(void (*&&)(unsigned int), unsigned int&&) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/invoke.h:96:14 (pdns_server+0x2635f0)
#7 void std::thread::_Invoker<std::tuple<void (*)(unsigned int), unsigned int>>::_M_invoke<0ul, 1ul>(std::_Index_tuple<0ul, 1ul>) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:258:13 (pdns_server+0x2635f0)
#8 std::thread::_Invoker<std::tuple<void (*)(unsigned int), unsigned int>>::operator()() /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:265:11 (pdns_server+0x2635f0)
#9 std::thread::_State_impl<std::thread::_Invoker<std::tuple<void (*)(unsigned int), unsigned int>>>::_M_run() /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:210:13 (pdns_server+0x2635f0)
#10 execute_native_thread_routine /usr/src/debug/gcc/gcc/libstdc++-v3/src/c++11/thread.cc:82:18 (libstdc++.so.6+0xd72c2) (BuildId:
6fe66a2d539a78c993bd2d377e00fad389220963 )
Thread T39 'pdns/distributo' (tid=102837, running) created by thread T19 at:
#0 pthread_create <null> (pdns_server+0x1904e6) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#1 __gthread_create /usr/src/debug/gcc/gcc-build/x86_64-pc-linux-gnu/libstdc++-v3/include/x86_64-pc-linux-gnu/bits/gthr-default.h:663:35 (libstdc++.so.6+0xd73a9) (BuildId:
6fe66a2d539a78c993bd2d377e00fad389220963 )
#2 std::thread::_M_start_thread(std::unique_ptr<std::thread::_State, std::default_delete<std::thread::_State>>, void (*)()) /usr/src/debug/gcc/gcc/libstdc++-v3/src/c++11/thread.cc:147:37 (libstdc++.so.6+0xd73a9)
#3 Distributor<DNSPacket, DNSPacket, PacketHandler>::Create(int) /work/pdns/pdns/./distributor.hh:134:18 (pdns_server+0x256d23) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#4 qthread(unsigned int) /work/pdns/pdns/auth-main.cc:536:25 (pdns_server+0x256d23)
#5 void std::__invoke_impl<void, void (*)(unsigned int), unsigned int>(std::__invoke_other, void (*&&)(unsigned int), unsigned int&&) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/invoke.h:61:14 (pdns_server+0x2635f0) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 )
#6 std::__invoke_result<void (*)(unsigned int), unsigned int>::type std::__invoke<void (*)(unsigned int), unsigned int>(void (*&&)(unsigned int), unsigned int&&) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/invoke.h:96:14 (pdns_server+0x2635f0)
#7 void std::thread::_Invoker<std::tuple<void (*)(unsigned int), unsigned int>>::_M_invoke<0ul, 1ul>(std::_Index_tuple<0ul, 1ul>) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:258:13 (pdns_server+0x2635f0)
#8 std::thread::_Invoker<std::tuple<void (*)(unsigned int), unsigned int>>::operator()() /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:265:11 (pdns_server+0x2635f0)
#9 std::thread::_State_impl<std::thread::_Invoker<std::tuple<void (*)(unsigned int), unsigned int>>>::_M_run() /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/12.2.1/../../../../include/c++/12.2.1/bits/std_thread.h:210:13 (pdns_server+0x2635f0)
#10 execute_native_thread_routine /usr/src/debug/gcc/gcc/libstdc++-v3/src/c++11/thread.cc:82:18 (libstdc++.so.6+0xd72c2) (BuildId:
6fe66a2d539a78c993bd2d377e00fad389220963 )
SUMMARY: ThreadSanitizer: data race (/work/pdns-rgacogne/pdns/pdns_server+0x211b7c) (BuildId:
384adc19a67695435bd5e89d0a77f562561f4593 ) in operator delete(void*)
```
To prevent this issue, this commit wraps the internal `std::set` in a
mutex. In theory this will cause a performance impact, but in practice
I did not find it to be noticeable.
If we ever do, a different solution would be to duplicate the content
of the SVCB/HTTPS records before modifying them.
(cherry picked from commit
18d5647a6fcaa254632eaed334637b3e58156e49 )
Peter van Dijk [Wed, 8 Mar 2023 13:05:18 +0000 (14:05 +0100)]
Merge pull request #12616 from romeroalx/update-gh-actions-auth-to-4.7
dependabot[bot] [Wed, 19 Oct 2022 14:28:07 +0000 (14:28 +0000)]
build(deps): bump actions/setup-python from 2 to 4Signed-off-by: dependabot[bot] <support@github.com>
Peter van Dijk [Mon, 6 Feb 2023 10:41:18 +0000 (11:41 +0100)]
codeql workflow: set ubuntu mirror
Peter van Dijk [Fri, 13 Jan 2023 10:06:14 +0000 (11:06 +0100)]
build-and-test-all: add functionality to quickly switch ubuntu mirrors
Josh Soref [Tue, 6 Dec 2022 17:39:08 +0000 (12:39 -0500)]
Switch from set-output tot GITHUB_OUTPUTSigned-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
dependabot[bot] [Wed, 19 Oct 2022 14:28:01 +0000 (14:28 +0000)]
build(deps): bump actions/upload-artifact from 1 to 3Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Wed, 19 Oct 2022 14:27:58 +0000 (14:27 +0000)]
build(deps): bump actions/download-artifact from 2 to 3Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Wed, 19 Oct 2022 14:44:55 +0000 (14:44 +0000)]
build(deps): bump actions/checkout from 2.3.4 to 3.1.0Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] [Wed, 19 Oct 2022 14:28:05 +0000 (14:28 +0000)]
build(deps): bump actions/cache from 2 to 3.0.11Signed-off-by: dependabot[bot] <support@github.com>
Alexis Romero [Thu, 23 Feb 2023 10:03:30 +0000 (11:03 +0100)]
Avoid Microsoft repo for ODBC. Step 1: codeql allow apt downgrades
Alexis Romero [Wed, 22 Feb 2023 10:48:28 +0000 (11:48 +0100)]
Avoid Microsoft repo for ODBC. Step 1: allow apt downgrades
Alexis Romero [Thu, 16 Feb 2023 05:55:48 +0000 (06:55 +0100)]
removed ldap and geoip-mmdb tests from circleci
Alexis Romero [Thu, 16 Feb 2023 05:54:23 +0000 (06:54 +0100)]
gh actions: simplified collector job in build-and-test-all.yml
Alexis Romero [Thu, 16 Feb 2023 05:52:49 +0000 (06:52 +0100)]
gh actions: added ldap and geoip-mmdb tests
Alexis Romero [Thu, 9 Feb 2023 11:16:04 +0000 (12:16 +0100)]
GH actions: added auth odbc{sqlitle3, mssql} tests. Removed from CircleCI
Remi Gacogne [Thu, 1 Dec 2022 13:34:19 +0000 (14:34 +0100)]
Restrict permissions for GITHUB_TOKEN in our workflows
Added using https://github.com/step-security/secure-workflows
For more information see:
- https://github.com/ossf/scorecard/blob/
d8fefc9b246db3600c777e9d60d441d7c386ce1d /docs/checks.md#token-permissions
- https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/
Peter van Dijk [Tue, 21 Feb 2023 15:11:28 +0000 (16:11 +0100)]
Merge pull request #12429 from Habbie/auth47-no-leak-hostlist
Peter van Dijk [Thu, 9 Feb 2023 15:46:22 +0000 (16:46 +0100)]
Merge pull request #12521 from Habbie/auth-4.7-ixfrdist-backports
Remi Gacogne [Mon, 6 Feb 2023 09:07:04 +0000 (10:07 +0100)]
ixfrdist: Make sure that our metrics are properly initialized
Before C++20 std::atomic variables are not guaranteed to be initialized,
even though it looks like compilers are actually doing the initialization
even in C++17.
Reported by Coverity as CID
1504405 .
(cherry picked from commit
de9fbd402dc05263e8ddb2e6ffc09b5cf01bef1e )
Peter van Dijk [Thu, 2 Feb 2023 09:17:20 +0000 (10:17 +0100)]
use counters for things that count up over time
(cherry picked from commit
b0069a9b63157e05e36f3fbf788b22a1c43e65df )
Peter van Dijk [Tue, 31 Jan 2023 12:40:10 +0000 (13:40 +0100)]
ixfrdist /metrics: add CPU and memory stats, note unit for uptime
(cherry picked from commit
4be206f56769495b1090f7e39d111560b77494fc )
Peter van Dijk [Tue, 31 Jan 2023 12:13:53 +0000 (13:13 +0100)]
ixfrdist /metrics: add FD usage
(cherry picked from commit
7bba0dae6d97b248e206e7dbda3813432a77b06d )
Remi Gacogne [Thu, 2 Feb 2023 08:56:27 +0000 (09:56 +0100)]
ixfrdist: Remove unused counters, simplify prometheus types handling
(cherry picked from commit
54f93cb8542aa46a9a9669fa623f5a6d8a6a5857 )
Peter van Dijk [Tue, 31 Jan 2023 09:48:27 +0000 (10:48 +0100)]
ixfrdist /metrics: add unknown domain in-query counter
(cherry picked from commit
ca0831d9a14c409c631b0ee49d6fdba6b2239b6f )
Peter van Dijk [Mon, 30 Jan 2023 17:42:46 +0000 (18:42 +0100)]
ixfrdist /metrics: quote label values; suffix counters with _total; remove full totals; add promtool test
(cherry picked from commit
7c05901b1d22693a29cced84f9c3b24f5dc4a0ec )
Peter van Dijk [Wed, 25 Jan 2023 12:03:00 +0000 (13:03 +0100)]
Merge pull request #12458 from Habbie/backport-12453-to-auth-4.7.x
Peter van Dijk [Mon, 23 Jan 2023 13:54:09 +0000 (14:54 +0100)]
lock.hh: include <stdexcept>
(cherry picked from commit
d8b4ea24dc5dbe7c53c24bfffba24bcae7f58e02 )
Peter van Dijk [Tue, 17 Jan 2023 18:10:04 +0000 (19:10 +0100)]
minicurl: stop leaking hostlist memory
Peter van Dijk [Thu, 8 Dec 2022 13:11:56 +0000 (14:11 +0100)]
Merge pull request #12299 from Habbie/backport-12282-to-auth-4.7.x
Peter van Dijk [Tue, 6 Dec 2022 17:56:58 +0000 (18:56 +0100)]
lmdb tests: actually use lmdb config
(cherry picked from commit
f7d7e059f69b1330248ecd904c215630a77f038b )
Peter van Dijk [Tue, 6 Dec 2022 16:42:27 +0000 (17:42 +0100)]
auth lmdb: make outgoing notifications work
(cherry picked from commit
bbd6102241d18d8bce551b5e19d0c315368913b9 )
Peter van Dijk [Thu, 8 Dec 2022 08:04:55 +0000 (09:04 +0100)]
Merge pull request #12291 from Habbie/backport-12285-to-auth-4.7.x
Peter van Dijk [Thu, 8 Dec 2022 08:04:11 +0000 (09:04 +0100)]
Merge pull request #12296 from Habbie/backport-12257-to-auth-4.7.x
Peter van Dijk [Thu, 8 Dec 2022 08:03:44 +0000 (09:03 +0100)]
Merge pull request #12294 from Habbie/backport-12132-to-auth-4.7.x
Peter van Dijk [Thu, 1 Dec 2022 18:51:40 +0000 (19:51 +0100)]
auth API: slightly clearer message when a backend cannot create domains
(cherry picked from commit
b53ab9d6ef126f3be04160e36cbc381e27d85e79 )
Otto Moerbeek [Tue, 25 Oct 2022 13:36:31 +0000 (15:36 +0200)]
This test assumes the health check timeout is 1 second, while it is 2 seconds by default.
Adapt tests to take that into account, which resolves the occasional failure as tested locally.
(cherry picked from commit
2abc153929e22c4abad73f1eba9395e00f18febd )
Kees Monshouwer [Tue, 6 Dec 2022 17:34:09 +0000 (18:34 +0100)]
auth: api, add create/delete consumer zone test
(cherry picked from commit
2f27a15fb72cdbef5c4f5af8f0d089722ee2253a )
Kees Monshouwer [Tue, 6 Dec 2022 17:29:16 +0000 (18:29 +0100)]
auth: api, do not create SOA and NS records for consumer zones
(cherry picked from commit
1f1674ed5ed14af10a6ce38b9956ffdbef6fcee8 )
Peter van Dijk [Tue, 6 Dec 2022 13:32:36 +0000 (14:32 +0100)]
Merge pull request #12273 from Habbie/backport-12087-to-auth-4.7.x
Peter van Dijk [Tue, 6 Dec 2022 10:53:37 +0000 (11:53 +0100)]
Merge pull request #12272 from Habbie/backport-12269-to-auth-4.7.x
Chris Hofstaedtler [Wed, 12 Oct 2022 13:45:50 +0000 (15:45 +0200)]
API: Auth: honor rectify settings on create zone
(cherry picked from commit
168a76b38bf99c7661e72914c1e634e7fa9d0d0f )
Chris Hofstaedtler [Wed, 12 Oct 2022 13:47:12 +0000 (15:47 +0200)]
API: Auth: updateDomainSettingsFromDocument: remove always disabled argument
(cherry picked from commit
002de4d7711955188c68726cc9584988b0c89a31 )
Chris Hofstaedtler [Wed, 12 Oct 2022 14:13:22 +0000 (16:13 +0200)]
API: tests: have sdig helper return sdig output
(cherry picked from commit
68fe406a32ec14c8dfc197f3aa60681aa8d7905f )
Manuel Frei [Tue, 6 Dec 2022 00:34:37 +0000 (01:34 +0100)]
auth: fix invalid catalog zone sql query for gpgsqlbackend
(cherry picked from commit
5982663f592ece56441ba135ef3003efb2e1ffbe )
Peter van Dijk [Mon, 5 Dec 2022 14:13:33 +0000 (15:13 +0100)]
Merge pull request #12266 from Habbie/backport-12264-to-auth-4.7.x
Peter van Dijk [Mon, 5 Dec 2022 12:26:36 +0000 (13:26 +0100)]
auth lmdb: implement alsoNotifies, fixes #12256
(cherry picked from commit
b0e178a7fae71dca241f08b4faa861130a150a76 )
Peter van Dijk [Mon, 14 Nov 2022 10:21:23 +0000 (11:21 +0100)]
Merge pull request #12181 from Habbie/backport-12157-to-auth-4.7.x
Kees Monshouwer [Wed, 2 Nov 2022 20:35:25 +0000 (21:35 +0100)]
auth: fix pdns_control list-zones
(cherry picked from commit
0928e129fbd21c17a2f2e6e6066a58dad8102943 )
Peter van Dijk [Tue, 1 Nov 2022 08:25:30 +0000 (09:25 +0100)]
Merge pull request #12143 from Habbie/backport-12130-to-auth-4.7.x
Otto Moerbeek [Tue, 25 Oct 2022 13:33:45 +0000 (15:33 +0200)]
Use > for frehsness test, to be consistent with the lmdb backend
(cherry picked from commit
76b236133aa2f3cb7d3fe43d755e73927a45b61a )
Otto Moerbeek [Tue, 25 Oct 2022 11:49:40 +0000 (13:49 +0200)]
Remove (now) unneeded debug prints
(cherry picked from commit
204e3669b25b57b251f06aa1da12691ecff81227 )
Otto Moerbeek [Tue, 25 Oct 2022 11:48:58 +0000 (13:48 +0200)]
Fix freshness check for finding unfresh clients
(cherry picked from commit
496d8ebe583acd33ea5acb9538a2e3cd15a0c6d3 )
Peter van Dijk [Tue, 25 Oct 2022 07:15:52 +0000 (09:15 +0200)]
Merge pull request #12124 from mind04/bp-pdns-no-reset
Kees Monshouwer [Mon, 24 Oct 2022 10:38:47 +0000 (12:38 +0200)]
auth: catalog zone, stop wasting options update queries
Kees Monshouwer [Mon, 24 Oct 2022 08:24:06 +0000 (10:24 +0200)]
auth: catalog zones, avoid bulk zone reset while migrating to a catalog
Peter van Dijk [Thu, 20 Oct 2022 15:11:02 +0000 (17:11 +0200)]
Merge pull request #12110 from Habbie/backport-12109-to-auth-4.7.x
Peter van Dijk [Thu, 20 Oct 2022 12:57:46 +0000 (14:57 +0200)]
include auth 4.7 schema upgrade files in tarballs and packages
(cherry picked from commit
20ad642888a52d9b0633f0143cd00b7af688f5d1 )
Peter van Dijk [Tue, 18 Oct 2022 22:40:06 +0000 (00:40 +0200)]
Merge pull request #12098 from mind04/auth-4.7.x-axfr
Kees Monshouwer [Tue, 18 Oct 2022 18:35:01 +0000 (20:35 +0200)]
auth: fix axfr for tinydns and pipe backend
Peter van Dijk [Fri, 14 Oct 2022 07:56:58 +0000 (09:56 +0200)]
Merge pull request #12085 from mind04/auth-4.7.x-metadata
Kees Monshouwer [Fri, 7 Oct 2022 14:41:03 +0000 (16:41 +0200)]
auth: pdnsutil check-zone, skip metadata check for backends without getAllDomainMetadata()
Peter van Dijk [Fri, 7 Oct 2022 14:03:47 +0000 (16:03 +0200)]
Merge pull request #12069 from Habbie/backport-12046-to-auth-4.7.x
Remi Gacogne [Fri, 30 Sep 2022 08:55:19 +0000 (10:55 +0200)]
Fix compilation of the event ports multiplexer
Thanks to Jonathan Perkin for the patch!
(cherry picked from commit
7ea87a63ab48e938bdb8b73ebfde1ac6bc71704f )
Peter van Dijk [Thu, 29 Sep 2022 13:12:52 +0000 (15:12 +0200)]
Merge pull request #12043 from Habbie/backport-11954-to-auth-4.7.x
Peter van Dijk [Wed, 14 Sep 2022 12:52:40 +0000 (14:52 +0200)]
auth AXFR server: abort on chunk with TC set
(cherry picked from commit
1f07a63f72cd410250b1208c56bda1d33f7d636e )
Peter van Dijk [Thu, 29 Sep 2022 12:24:04 +0000 (14:24 +0200)]
Merge pull request #12042 from Habbie/backport-11983-to-auth-4.7.x
Peter van Dijk [Thu, 29 Sep 2022 11:17:37 +0000 (13:17 +0200)]
Merge pull request #12040 from mind04/auth-4.7.x-edit-zone
Charles-Henri Bruyand [Wed, 28 Sep 2022 08:41:20 +0000 (10:41 +0200)]
Update pdns/keyroller/pdnsapi/api.py
Co-authored-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit
b959c1638a30625ea85be859bb50381645cedc7d )
Charles-Henri Bruyand [Tue, 20 Sep 2022 12:56:34 +0000 (14:56 +0200)]
keyroller first import
(cherry picked from commit
30150eab3853a999d99f498129c86f23fd548045 )
Kees Monshouwer [Tue, 27 Sep 2022 11:05:54 +0000 (13:05 +0200)]
auth: pdnsutil edit-zone, detect capitalization changes in LUA, TXT and SPF records
Peter van Dijk [Tue, 27 Sep 2022 14:28:30 +0000 (16:28 +0200)]
Merge pull request #12030 from Habbie/backport-11953-to-auth-4.7.x
Peter van Dijk [Tue, 27 Sep 2022 12:05:37 +0000 (14:05 +0200)]
Merge pull request #12029 from Habbie/backport-11971-to-auth-4.7.x
Peter van Dijk [Wed, 14 Sep 2022 11:22:09 +0000 (13:22 +0200)]
axfr-retriever: abort on chunk with TC set
(cherry picked from commit
0923e5df06e10e7afb19dc5ce534b07450792ab1 )
Otto Moerbeek [Mon, 19 Sep 2022 09:25:57 +0000 (11:25 +0200)]
clang14 has reached MacOS
Also upstreamed: https://github.com/tsuna/boost.m4/pull/129
(cherry picked from commit
c46730d9de5cb409c260e4d94cb4be3c75a643e5 )
Peter van Dijk [Mon, 19 Sep 2022 17:57:20 +0000 (19:57 +0200)]
Merge pull request #11972 from Habbie/backport-11961-to-auth-4.7.x
Peter van Dijk [Thu, 15 Sep 2022 13:14:34 +0000 (15:14 +0200)]
docker: upgrade to bullseye
(cherry picked from commit
a0d3acff25a92627186ee43bead110aef416f59a )
Peter van Dijk [Mon, 12 Sep 2022 12:24:32 +0000 (14:24 +0200)]
Merge pull request #11934 from Habbie/auth47-compiler-warnings
Peter van Dijk [Mon, 12 Sep 2022 07:36:56 +0000 (09:36 +0200)]
auth LUA: fix "braces around scalar initializer" warning
inspired by #6188
(cherry picked from commit
d27a2d307e4a0dcf0671046910994a2bf3ba945e )
Kees Monshouwer [Mon, 12 Sep 2022 07:22:21 +0000 (09:22 +0200)]
auth: fix gcc warning, no prevous declaration for ‘void carbonDumpThread()’
(cherry picked from commit
9edbd73fc06c2f784619402e26cd9a67bc7cf114 )
Peter van Dijk [Sun, 11 Sep 2022 20:38:53 +0000 (22:38 +0200)]
Merge pull request #11930 from Habbie/backport-11929-to-auth-4.7.x
Peter van Dijk [Sun, 11 Sep 2022 11:31:02 +0000 (13:31 +0200)]
auth LUA records: we only need one IsUpOracle checker thread
(cherry picked from commit
37f625b0af0b5e818de97b83dd96709df118ad6b )
Peter van Dijk [Sun, 11 Sep 2022 12:47:17 +0000 (14:47 +0200)]
Merge pull request #11928 from Habbie/backport-11826-to-auth-4.7.x
Chris Hofstaedtler [Wed, 10 Aug 2022 12:54:33 +0000 (14:54 +0200)]
Rename g_distributors to s_distributors
(cherry picked from commit
346872ff95155be9fa20764e709418393881a2dd )
Chris Hofstaedtler [Wed, 10 Aug 2022 12:54:18 +0000 (14:54 +0200)]
Rename g_udpReceivers to s_udpReceivers
(cherry picked from commit
fcab180dad765004e403f59c350ec002e1168351 )
Chris Hofstaedtler [Wed, 10 Aug 2022 12:53:02 +0000 (14:53 +0200)]
Rename g_DynListener to s_dynListener
(cherry picked from commit
a270fbcb50335aaf1dd48e8754d513268633d1a8 )
Chris Hofstaedtler [Wed, 10 Aug 2022 12:51:21 +0000 (14:51 +0200)]
Rename s_starttime, s_programname
(cherry picked from commit
c509c9fad48a04a9b23ebb783c01a5c7ec648147 )
Chris Hofstaedtler [Wed, 3 Aug 2022 19:52:58 +0000 (21:52 +0200)]
auth: rename dl to g_DynListener
(cherry picked from commit
aa6051682015d107eabef8d0c7ba1ea2e264b7b8 )
Chris Hofstaedtler [Wed, 3 Aug 2022 19:49:52 +0000 (21:49 +0200)]
auth: rename TN to s_tcpNameserver and make static
(cherry picked from commit
6738003ecb7313fda1672a71c283f7c4f652d5af )
Chris Hofstaedtler [Wed, 3 Aug 2022 19:44:52 +0000 (21:44 +0200)]
auth: rename N to s_udpNameserver and make static
(cherry picked from commit
dd81fb3bc4e45a63eb0e230e4a1004e988db4fc0 )
Chris Hofstaedtler [Wed, 3 Aug 2022 19:39:52 +0000 (21:39 +0200)]
auth: remove unnecessary, duplicate extern defines
(cherry picked from commit
5d8d903eb6553f911f4484919dcf28929fd19f1c )
Chris Hofstaedtler [Wed, 3 Aug 2022 19:34:31 +0000 (21:34 +0200)]
auth: make most startup functions static
(cherry picked from commit
8de023151800de71b262e1806addc9166530fc4b )
Chris Hofstaedtler [Wed, 3 Aug 2022 19:34:06 +0000 (21:34 +0200)]
auth: make g_udpReceivers static
(cherry picked from commit
bee7d177b2b6463b2f9348b2357dca08d52e28c2 )
Chris Hofstaedtler [Wed, 3 Aug 2022 19:32:07 +0000 (21:32 +0200)]
auth: make dl (DynListener) static
(cherry picked from commit
5c7bf657d95dbd286e0d82baf8038e35af1e9aed )
Chris Hofstaedtler [Wed, 3 Aug 2022 18:56:06 +0000 (20:56 +0200)]
dns.hh: move SOAData, DNSBackend to auth-only dnsbackend.hh
(cherry picked from commit
ef20739c3fab77920d1c68280321425432b43ba7 )
Chris Hofstaedtler [Wed, 3 Aug 2022 18:53:16 +0000 (20:53 +0200)]
auth: make {avg,receive,cache,backend,send}_latency static
(cherry picked from commit
7163e40090c12263ae2e9e2550a5a5fab779aa03 )
Chris Hofstaedtler [Wed, 3 Aug 2022 18:52:11 +0000 (20:52 +0200)]
auth: move s_starttime from dns.hh to auth-main.hh
Variable storage is in auth-main.cc, and dns.hh is used by all products.
(cherry picked from commit
2733dbf7f1ce5743e6e727ee6b55bda4e3e6585e )
Peter van Dijk [Fri, 9 Sep 2022 22:37:30 +0000 (00:37 +0200)]
Merge pull request #11922 from Habbie/backport-11919-to-auth-4.7.x
Peter van Dijk [Fri, 9 Sep 2022 13:13:32 +0000 (15:13 +0200)]
Merge pull request #11923 from Habbie/backport-11918-to-auth-4.7.x
Peter van Dijk [Fri, 9 Sep 2022 08:15:39 +0000 (10:15 +0200)]
Merge pull request #11921 from Habbie/backport-11920-to-auth-4.7.x
auth-4.7.x: Fix CID
1497843 : Execution cannot reach this statement
projects / thirdparty / pdns.git / log
