]>
git.ipfire.org Git - thirdparty/pdns.git/log
Remi Gacogne [Fri, 9 Dec 2016 09:11:38 +0000 (10:11 +0100)] 
auth: Fix TSIG computation
Peter van Dijk [Fri, 2 Sep 2016 09:06:01 +0000 (11:06 +0200)] 
Merge pull request #4400 from mind04/3.4.x
packet cache and TSIG-enabled queries
Remi Gacogne [Tue, 23 Aug 2016 13:51:11 +0000 (15:51 +0200)]
auth: Don't look up the packet cache for TSIG-enabled queries
We are rightfully careful about not caching responses for TSIG-enabled
queries, but we would nevertheless happily serve cached entries for those.
Peter van Dijk [Thu, 1 Sep 2016 09:02:38 +0000 (11:02 +0200)]
Merge pull request #4347 from mind04/anytotcp3
change default for any-to-tcp to yes
Kees Monshouwer [Mon, 22 Aug 2016 19:21:07 +0000 (21:21 +0200)] 
change default for any-to-tcp to yes
Pieter Lexis [Mon, 22 Aug 2016 08:26:00 +0000 (10:26 +0200)] 
Merge pull request #4333 from mind04/3.4.x
3.4.x
Kees Monshouwer [Thu, 18 Aug 2016 22:01:47 +0000 (00:01 +0200)]
enable mbedtls threading abstraction layer
Kees Monshouwer [Thu, 18 Aug 2016 20:41:37 +0000 (22:41 +0200)]
fix travis
Kees Monshouwer [Thu, 18 Aug 2016 20:37:31 +0000 (22:37 +0200)]
update copyright
Kees Monshouwer [Thu, 18 Aug 2016 20:31:54 +0000 (22:31 +0200)]
update polarssl 1.3.9 to mbedtls 1.3.17
Kees Monshouwer [Tue, 2 Aug 2016 19:09:46 +0000 (21:09 +0200)]
report DHCID type
Kees Monshouwer [Sun, 7 Aug 2016 23:02:48 +0000 (01:02 +0200)]
fix TSIG for single thread distributor
Peter van Dijk [Fri, 29 Jul 2016 10:14:10 +0000 (12:14 +0200)]
Merge pull request #4248 from mind04/3.4.x
direct nsec nxdomain
Kees Monshouwer [Thu, 28 Jul 2016 14:03:21 +0000 (16:03 +0200)]
test response for non existent direct nsec queries
Kees Monshouwer [Thu, 28 Jul 2016 13:17:39 +0000 (15:17 +0200)]
don't send covering nsec records for direct nsec queries
Pieter Lexis [Thu, 28 Jul 2016 07:50:15 +0000 (09:50 +0200)]
Merge pull request #4235 from rgacogne/auth-3.4.x-stricter-parse
Reject qname's wirelength > 255, `chopOff()` handle dot inside labels
Pieter Lexis [Thu, 28 Jul 2016 07:49:58 +0000 (09:49 +0200)]
Merge pull request #4229 from mind04/signer
ignore tailing dot in signer name
Kees Monshouwer [Sat, 23 Jul 2016 11:42:32 +0000 (13:42 +0200)]
ignore tailing dot in signer name
Peter van Dijk [Thu, 21 Jul 2016 09:41:36 +0000 (11:41 +0200)]
Merge pull request #4134 from rgacogne/auth-3.4-issue-4128
Add limits to the size of received AXFR, in megabytes
Remi Gacogne [Thu, 7 Jul 2016 14:17:22 +0000 (16:17 +0200)]
Add limits to the size of received AXFR, in megabytes
This prevents resource exhaustion in case the master is sending a
very large amount of data in an update.
Remi Gacogne [Fri, 1 Jul 2016 13:30:20 +0000 (15:30 +0200)]
Reject qname's wirelength > 255, `chopOff()` handle dot inside labels
Pieter Lexis [Tue, 28 Jun 2016 15:27:03 +0000 (17:27 +0200)]
Merge pull request #4060 from mind04/auth-3.4.x
some small changes and a huge mysql dnssec performance improvement
Kees Monshouwer [Tue, 21 Jun 2016 16:23:10 +0000 (18:23 +0200)]
gmysql get-order-after-query was ^%0@^* slow
Kees Monshouwer [Mon, 20 Jun 2016 09:34:53 +0000 (11:34 +0200)]
sync boost.m4 with upstream
the parts where we differ are filed upstream as:
https://github.com/tsuna/boost.m4/pull/83
Kees Monshouwer [Sat, 18 Jun 2016 13:16:03 +0000 (15:16 +0200)]
fix shorter best matching names in getAuth()
Pieter Lexis [Wed, 18 May 2016 10:32:08 +0000 (12:32 +0200)]
Merge pull request #3864 from Habbie/3.4.x-noppa
stop using the boost ppa
Peter van Dijk [Tue, 17 May 2016 12:16:33 +0000 (14:16 +0200)]
stop using the boost ppa
Peter van Dijk [Fri, 13 May 2016 11:20:53 +0000 (13:20 +0200)]
Merge pull request #3850 from pieterlexis/issue-3652-disable-syslog-3.4
Add disable syslog setting for 3.4
Peter van Dijk [Fri, 13 May 2016 11:14:58 +0000 (13:14 +0200)]
Merge pull request #3848 from mind04/auth-3.4.9
check for OpenSSL ecdsa support
Kees Monshouwer [Wed, 11 May 2016 14:47:06 +0000 (16:47 +0200)]
check for OpenSSL ecdsa support
Pieter Lexis [Tue, 15 Mar 2016 10:51:43 +0000 (11:51 +0100)] 
Add a disable-syslog setting
This allows the use of e.g. the `Type=simple` in systemd and prevents
the double logging issue.
Pieter Lexis [Tue, 10 May 2016 16:54:43 +0000 (18:54 +0200)]
Merge pull request #3770 from mind04/soa-cache
fix SOA caching with multiple backends (3.4.9)
Pieter Lexis [Tue, 10 May 2016 16:54:35 +0000 (18:54 +0200)]
Merge pull request #3771 from mind04/csk
allow common signing key
Pieter Lexis [Tue, 10 May 2016 16:54:01 +0000 (18:54 +0200)]
Merge pull request #3777 from mind04/ecdsa
add openssl ecdsa signer
Pieter Lexis [Fri, 6 May 2016 13:12:33 +0000 (15:12 +0200)]
Merge pull request #3822 from mind04/gcc61-auth-3.4.9
add gcc 6.1 support to boost.m4
Kees Monshouwer [Thu, 5 May 2016 12:52:20 +0000 (14:52 +0200)]
add gcc 6.1 support to boost.m4
Pieter Lexis [Thu, 28 Apr 2016 08:29:28 +0000 (10:29 +0200)]
Merge pull request #3769 from mind04/parser
backport parser fixes
Kees Monshouwer [Tue, 26 Apr 2016 12:12:11 +0000 (14:12 +0200)]
move logging to DLOG()
Kees Monshouwer [Tue, 26 Apr 2016 12:03:27 +0000 (14:03 +0200)]
fix SOA caching with multiple backends
Kees Monshouwer [Mon, 4 Apr 2016 08:51:16 +0000 (10:51 +0200)]
add openssl ecdsa signer
Kees Monshouwer [Mon, 4 Apr 2016 08:39:17 +0000 (10:39 +0200)]
allow common signing key
bert hubert [Sat, 2 Apr 2016 13:16:45 +0000 (15:16 +0200)] 
tabs are whitespace too!
Peter van Dijk [Mon, 14 Mar 2016 15:01:24 +0000 (16:01 +0100)]
strip all types of whitespace from around content while parsing zones, fixes #3568
Peter van Dijk [Thu, 17 Mar 2016 10:20:18 +0000 (11:20 +0100)]
Merge pull request #3581 from mind04/auth-3.4.9
bindbackend: fix, set domain in list()
Kees Monshouwer [Tue, 15 Mar 2016 15:54:15 +0000 (16:54 +0100)]
bindbackend: fix, set domain in list()
Peter van Dijk [Tue, 2 Feb 2016 20:22:35 +0000 (21:22 +0100)]
Merge pull request #3325 from mind04/auth-3.4.8
Auth 3.4.8
Kees Monshouwer [Tue, 2 Feb 2016 18:25:28 +0000 (19:25 +0100)]
silence g++ 6.0 warnings and error
Kees Monshouwer [Tue, 2 Feb 2016 17:46:56 +0000 (18:46 +0100)]
pdnssec: check all records (including disabled ones) in verbose mode
Kees Monshouwer [Tue, 2 Feb 2016 17:45:03 +0000 (18:45 +0100)]
add gcc 5.3 and 6.0 support to boost.m4
Peter van Dijk [Tue, 2 Feb 2016 14:40:16 +0000 (15:40 +0100)]
Merge pull request #3272 from pieterlexis/3.4-zone2sql-crash-on-broken-soa
ZoneParser: Throw PDNSException on too many SOA data elements
Pieter Lexis [Wed, 20 Jan 2016 14:28:32 +0000 (15:28 +0100)]
ZoneParser: Throw PDNSException on too many SOA data elements
Closes #3270
Pieter Lexis [Wed, 20 Jan 2016 09:55:29 +0000 (10:55 +0100)]
Merge pull request #3263 from pieterlexis/3.4-musl-fixes
3.4 musl fixes
Pieter Lexis [Tue, 19 Jan 2016 20:25:28 +0000 (21:25 +0100)]
Enable IPv6 in Travis
Ruben Kerkhof [Fri, 2 Jan 2015 19:05:39 +0000 (20:05 +0100)] 
Use AC_SEARCH_LIBS
Ruben Kerkhof [Fri, 2 Jan 2015 18:54:28 +0000 (19:54 +0100)]
Indent
Ruben Kerkhof [Fri, 2 Jan 2015 18:53:46 +0000 (19:53 +0100)]
Check for inet_aton in libresolv
Ruben Kerkhof [Wed, 24 Dec 2014 19:22:04 +0000 (20:22 +0100)]
Remove hardcoded -lresolv, -lnsl and -lsocket
We already check for the functions we need in libnsl
and libsocket, and I assume we don't need libresolv
Pieter Lexis [Tue, 12 Jan 2016 08:46:36 +0000 (09:46 +0100)]
Merge pull request #3208 from pieterlexis/3.4-pdnssec-disabled-records
pdnssec: don't check disabled records
Pieter Lexis [Mon, 11 Jan 2016 09:09:21 +0000 (10:09 +0100)]
pdnssec: don't check disabled records
Closes #3184
Peter van Dijk [Fri, 11 Dec 2015 13:29:53 +0000 (14:29 +0100)]
Merge pull request #3021 from mind04/auth-3.4.8
traling dot in DNAME content
Kees Monshouwer [Fri, 11 Dec 2015 00:30:44 +0000 (01:30 +0100)]
traling dot in DNAME content
Pieter Lexis [Thu, 5 Nov 2015 08:24:06 +0000 (09:24 +0100)]
Merge pull request #2859 from pieterlexis/3.4.8-freebsd-i386
Fix luabackend compilation on FreeBSD i386
RvdE [Sat, 1 Feb 2014 12:33:07 +0000 (13:33 +0100)] 
Fix luabackend compilation on FreeBSD i386
Pieter Lexis [Tue, 3 Nov 2015 13:25:45 +0000 (14:25 +0100)]
Merge pull request #2850 from cmouse/yahttp-coverity-fix
Initialize minbody
Pieter Lexis [Tue, 3 Nov 2015 12:57:34 +0000 (13:57 +0100)]
Merge pull request #2848 from cmouse/httpbackend-timeout
Do not divide timeout twice
Aki Tuomi [Tue, 3 Nov 2015 12:29:37 +0000 (14:29 +0200)] 
Initialize minbody
Pieter Lexis [Tue, 3 Nov 2015 12:26:08 +0000 (13:26 +0100)]
Merge pull request #2844 from pieterlexis/issue-2843
Correctly sort records with a priority.
Aki Tuomi [Tue, 3 Nov 2015 11:55:15 +0000 (13:55 +0200)]
Do not divide timeout twice
Pieter Lexis [Mon, 2 Nov 2015 16:29:36 +0000 (17:29 +0100)]
Add regression-test for #2843
Pieter Lexis [Mon, 2 Nov 2015 17:16:12 +0000 (18:16 +0100)]
Remove TTL from dedup path, thanks @mind04
Pieter Lexis [Mon, 2 Nov 2015 16:06:50 +0000 (17:06 +0100)]
Correctly sort records with a priority. Closes #2843
Peter van Dijk [Mon, 2 Nov 2015 12:43:20 +0000 (13:43 +0100)] 
Merge pull request #2797 from mind04/auth-3.4.7-1
add global soa-edit settings (auth-3.4.7)
Pieter Lexis [Mon, 2 Nov 2015 12:32:24 +0000 (13:32 +0100)]
Merge pull request #2840 from abenea/backport-pkcs11-labels
Backport "Use token label in PKCS#11 instead of slot ID"
Pieter Lexis [Mon, 2 Nov 2015 12:32:10 +0000 (13:32 +0100)]
Merge pull request #2790 from mind04/auth-3.4.7
auth-3.4.7
Aki Tuomi [Tue, 20 Oct 2015 05:24:46 +0000 (08:24 +0300)] 
Use new slot syntax in test
Aki Tuomi [Mon, 19 Oct 2015 13:26:27 +0000 (16:26 +0300)]
Serialize slot correctly
Andrei Benea [Thu, 29 Oct 2015 13:57:56 +0000 (15:57 +0200)] 
Allow token name instead of slot ID for PKCS#11
Christian Hofstaedtler [Mon, 12 Oct 2015 10:44:33 +0000 (12:44 +0200)] 
Ignore invalid/empty TKEY and TSIG records
Christian Hofstaedtler [Mon, 12 Oct 2015 10:14:21 +0000 (12:14 +0200)] 
Don't reply to truncated queries
Kees Monshouwer [Sat, 10 Oct 2015 21:20:59 +0000 (23:20 +0200)]
OPENPGPKEY fix
(cherry picked from commit
e7917c0664824e50ce28a43fd0a5d7a2140f812e)
James Cloos [Tue, 17 Mar 2015 19:56:16 +0000 (15:56 -0400)] 
OPENPGPKEY RData presentaion is Base64.
Also add a test which has whitespace within the tested presentation.
Signed-off-by: James Cloos <cloos@jhcloos.com>
(cherry picked from commit
ad24586a379b54340647d582a93171c3218cc74f)
James Cloos [Tue, 17 Mar 2015 17:26:58 +0000 (13:26 -0400)]
Add regression test for OPENPGPKEY.
Signed-off-by: James Cloos <cloos@jhcloos.com>
(cherry picked from commit
003c18d2f82f4fc36ff7b35b6560dfdf477ec878)
James Cloos [Mon, 16 Mar 2015 17:53:44 +0000 (13:53 -0400)]
Use the variable name d_keyring for the OPENPGPKEY RDATA.
Signed-off-by: James Cloos <cloos@jhcloos.com>
(cherry picked from commit
3fd06ce5b9f6aa684788584d1d8cdd36eb24d7df)
James Cloos [Fri, 13 Mar 2015 22:45:58 +0000 (18:45 -0400)]
Add support for OPENPGPKEY RRTYPE.
OPENPGPKEY is defined in draft-ietf-dane-openpgpkey.
The IANA has assigned RRTYPE 61.
Its content is a single binary blob, its presentation is a single hex blob.
Thanks to Aki Tuomi, JP Mens and Peter van Dijk for bug reports and insights.
Signed-off-by: James Cloos <cloos@jhcloos.com>
Kees Monshouwer [Tue, 13 Oct 2015 20:14:15 +0000 (22:14 +0200)]
don't log out-of-zone ents during AXFR in
Kees Monshouwer [Tue, 13 Oct 2015 19:17:33 +0000 (21:17 +0200)]
add global soa-edit settings
Pieter Lexis [Tue, 13 Oct 2015 08:37:11 +0000 (10:37 +0200)]
Merge pull request #2770 from mind04/negcache-347
improve negative caching
Kees Monshouwer [Mon, 12 Oct 2015 15:08:17 +0000 (17:08 +0200)]
Merge pull request #1 from arjenz/patch-1
Fix typo
Arjen Zonneveld [Mon, 12 Oct 2015 15:04:06 +0000 (17:04 +0200)] 
Fix typo
Kees Monshouwer [Sat, 5 Sep 2015 10:16:10 +0000 (12:16 +0200)]
limit NSEC3 iterations in bindbackend
Kees Monshouwer [Tue, 22 Sep 2015 15:17:48 +0000 (17:17 +0200)]
use d_negcache_ttl for negative caching
Kees Monshouwer [Fri, 18 Sep 2015 12:13:49 +0000 (14:13 +0200)]
update cache del count in bind-add-zone test
Kees Monshouwer [Fri, 18 Sep 2015 11:52:44 +0000 (13:52 +0200)]
improve SOA caching for DS queries
Kees Monshouwer [Fri, 18 Sep 2015 08:12:15 +0000 (10:12 +0200)]
improve negative caching for SOA lookups
Pieter Lexis [Wed, 30 Sep 2015 11:07:18 +0000 (13:07 +0200)]
Merge pull request #2767 from pieterlexis/3.4.7-html-escape
Prevent XSS by escaping user input
Pieter Lexis [Wed, 2 Sep 2015 12:14:02 +0000 (14:14 +0200)]
Prevent XSS by escaping user input
Additionally, escape "'s so no attributes can be inserted into webpages.
Thanks to Pierre Jaury and Damien Cauquil at Sysdream for pointing this
out.
Pieter Lexis [Tue, 29 Sep 2015 14:49:54 +0000 (16:49 +0200)]
Merge pull request #2753 from cmouse/geoip-patches-3.4.7
Geoip patches 3.4.7
Aki Tuomi [Wed, 16 Sep 2015 13:09:56 +0000 (16:09 +0300)]
Update boost and libgeoip-dev
Aki Tuomi [Wed, 16 Sep 2015 13:00:18 +0000 (16:00 +0300)]
Use BOOST_FOREACH instead of C++11
Aki Tuomi [Wed, 16 Sep 2015 09:16:30 +0000 (12:16 +0300)]
Fix geoip test suite
projects / thirdparty / pdns.git / log
