- slave communicator more robust against misconfiguration (empty
master field)
- postgresql backend gains error checking support
+// - soa serial autocalculation now also honours soa-serial-offset (Steve Sobol)
+ - we now shuffle answers
changes since 2.9.10:
- pdns_recursor now cleans its cache
#!/bin/sh
-./configure --with-modules="mysql gmysql gpgsql pipe pdns xdb" --with-dynmodules="" \
- --enable-static-binaries --enable-mysql --enable-pgsql \
- --with-pgsql-lib=/opt/postgresql-with-3.2/lib/ --prefix=/usr \
+LIBS="-lkrb5 -lkrb -lcrypto -lroken -lcom_err -lasn1 -lresolv" \./configure --with-modules="mysql gmysql gpgsql gsqlite pipe pdns xdb" \
+ --with-dynmodules="" \
+ --enable-static-binaries --enable-recursor \
+ --prefix=/usr \
--sysconfdir=/etc/powerdns \
&& make clean && make && \
sudo /bin/sh -c "rm -rf /tmp/pdns ; DESTDIR=/tmp/pdns make install-strip" &&
pdns (2.9.12-1) unstable; urgency=low
- * release
+
+ * New upstream release
+ * Fix dependency generation. Closes: Bug#210256
+
-- Wichert Akkerman <wakkerma@debian.org> Sun, 21 Sep 2003 14:59:46 +0200
pdns (2.9.11-2) unstable; urgency=low
EXTRA_DIST=OBJECTFILES OBJECTLIBS
libldapbackend_la_SOURCES=ldapbackend.cc ldapbackend.hh \
- powerldap.hh powerldap.cc
+ powerldap.hh powerldap.cc utils.hh
libldapbackend_la_LIBADD=-lldap
bool LdapBackend::list( const string &target, int domain_id )
{
- string filter, dn;
- char* attributes[] = { "associatedDomain", NULL };
+ string filter;
try
{
- // search for DN of SOA record which is SOA for target zone
-
- filter = "(&(associatedDomain=" + target + ")(SOARecord=*))";
- m_msgid = m_pldap->search( getArg("basedn"), LDAP_SCOPE_SUBTREE, filter, (const char**) attributes );
-
- if( m_pldap->getSearchEntry( m_msgid, m_result, true ) == false )
- {
- L << Logger::Error << backendname << " Unable to get SOA record for " << target << endl;
- return false;
- }
-
- if( m_result.empty() || !m_result.count( "dn" ) || m_result["dn"].empty() )
- {
- L << Logger::Error << backendname << " No SOA record for " << target << endl;
- return false;
- }
-
- dn = m_result["dn"].front();
- m_result.clear();
-
- // list all records one level below but not entries containing SOA records (these are seperate zones)
-
- DLOG( L << Logger::Debug << backendname << " List = target: " << target << ", basedn: = " << dn << endl );
-
- m_qname = "";
+ m_qname = target;
+ m_axfrqlen = target.length();
m_adomain = m_adomains.end(); // skip loops in get() first time
- filter = "(&(associatedDomain=*" + target + ")(!(SOARecord=*)))";
- m_msgid = m_pldap->search( dn, LDAP_SCOPE_ONELEVEL, filter, (const char**) attrany );
+
+ DLOG( L << Logger::Debug << backendname << " List = target: " << target << endl );
+ filter = "(|(associatedDomain=" + target + ")(associatedDomain=*." + target + "))";
+ m_msgid = m_pldap->search( getArg("basedn"), LDAP_SCOPE_SUBTREE, filter, (const char**) attrany );
}
catch( LDAPTimeout < )
{
try
{
+ m_axfrqlen = 0;
m_qtype = qtype;
m_qname = qname;
qesc = toLower( m_pldap->escape( qname ) );
- if( mustDo( "disable-ptrrecord" ) ) // PTRRecords will be derived from ARecords
+ if( mustDo( "disable-ptrrecord" ) ) // PTRRecords will be derived from aRecords or aAAARecords
{
stringtok( parts, qesc, "." );
len = qesc.length();
if( parts.size() == 6 && len > 13 && qesc.substr( len - 13, 13 ) == ".in-addr.arpa" ) // IPv4 reverse lookups
{
- filter = name2filter( parts, "aRecord", "." );
+ filter = "(aRecord=" + ptr2ip4( parts ) + ")";
attronly[0] = "associatedDomain";
attributes = attronly;
}
- else if( parts.size() == 10 && len > 9 && ( qesc.substr( len - 8, 8 ) == ".ip6.int" ) ) // IPv6 reverse lookups
+ else if( parts.size() == 34 && len > 9 && ( qesc.substr( len - 9, 9 ) == ".ip6.arpa" ) ) // IPv6 reverse lookups
{
- filter = name2filter( parts, "aAAARecord", ":" );
+ filter = "(aAAARecord=" + ptr2ip6( parts ) + ")";
attronly[0] = "associatedDomain";
attributes = attronly;
}
}
-inline string LdapBackend::name2filter( vector<string>& parts, string record, string separator )
-{
- string filter;
- parts.pop_back();
- parts.pop_back();
-
- filter = "(" + record + "=" + parts.back();
- parts.pop_back();
- while( !parts.empty() )
- {
- filter += separator + parts.back();
- parts.pop_back();
- }
- filter += ")";
-
- return filter;
-}
-
-
inline bool LdapBackend::prepareEntry()
{
m_adomains.clear();
m_result.erase( "dNSTTL" );
}
- if( !m_qname.empty() ) // request was a normal lookup()
+ if( !m_axfrqlen ) // request was a normal lookup()
{
m_adomains.push_back( m_qname );
if( m_result.count( "associatedDomain" ) )
{
if( m_result.count( "associatedDomain" ) )
{
- m_adomains = m_result["associatedDomain"];
+ vector<string>::iterator i;
+ for( i = m_result["associatedDomain"].begin(); i != m_result["associatedDomain"].end(); i++ ) {
+ if( i->substr( i->length() - m_axfrqlen, m_axfrqlen ) == m_qname ) {
+ m_adomains.push_back( *i );
+ }
+ }
m_result.erase( "associatedDomain" );
}
}
#include <sstream>
#include <utility>
#include <string>
-#include <ldap.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <unistd.h>
+#include <cstdlib>
+#include <cctype>
#include <pdns/dns.hh>
#include <pdns/utility.hh>
#include <pdns/dnspacket.hh>
#include <pdns/arguments.hh>
#include <pdns/logger.hh>
#include "powerldap.hh"
+#include "utils.hh"
#ifndef LDAPBACKEND_HH
#define LDAPBACKEND_HH
-using namespace std;
+using std::string;
+using std::vector;
private:
int m_msgid;
+ int m_axfrqlen;
u_int32_t m_ttl;
u_int32_t m_default_ttl;
string m_qname;
vector<string> m_adomains;
bool prepareEntry();
- string name2filter( vector<string>& parts, string record, string separator );
public:
--- /dev/null
+#include <string>
+#include <vector>
+#include <pdns/misc.hh>
+
+
+#ifndef LDAPBACKEND_UTILS_HH
+#define LDAPBACKEND_UTILS_HH
+
+using std::string;
+using std::vector;
+
+
+inline string ptr2ip4( vector<string>& parts )
+{
+ string ip;
+ parts.pop_back();
+ parts.pop_back();
+
+
+ ip = parts.back();
+ parts.pop_back();
+
+ while( !parts.empty() )
+ {
+ ip += "." + parts.back();
+ parts.pop_back();
+ }
+
+ return ip;
+}
+
+
+inline string ptr2ip6( vector<string>& parts )
+{
+ int i = 0;
+ string ip;
+
+
+ parts.pop_back();
+ parts.pop_back();
+
+ while( i < 3 && parts.size() > 1 )
+ {
+ if( parts.back() != "0" ) { ip += parts.back(); }
+ parts.pop_back();
+ i++;
+ }
+ ip += parts.back();
+ parts.pop_back();
+
+ while( !parts.empty() )
+ {
+ i = 0;
+ ip += ":";
+
+ while( i < 3 && parts.size() > 1 )
+ {
+ if( parts.back() != "0" ) { ip += parts.back(); }
+ parts.pop_back();
+ i++;
+ }
+ ip += parts.back();
+ parts.pop_back();
+ }
+
+ return ip;
+}
+
+
+inline string ip2ptr4( string ip )
+{
+ string ptr;
+ vector<string> parts;
+
+ stringtok( parts, ip, "." );
+ while( !parts.empty() )
+ {
+ ptr += parts.back() + ".";
+ parts.pop_back();
+ }
+
+ return ptr + "in-addr.arpa";
+}
+
+
+inline string ip2ptr6( string ip )
+{
+ string ptr, part, defstr;
+ vector<string> parts;
+
+ stringtok( parts, ip, ":" );
+ while( !parts.empty() )
+ {
+ defstr = "0.0.0.0.";
+ part = parts.back();
+
+ while( part.length() < 4 )
+ {
+ part = "0" + part;
+ }
+
+ defstr[0] = part[3];
+ defstr[2] = part[2];
+ defstr[4] = part[1];
+ defstr[6] = part[0];
+ ptr += defstr;
+ parts.pop_back();
+ }
+
+ return ptr + "ip6.arpa";
+}
+
+#endif
Buildroot: /tmp/pdns
Name: pdns-static
-Version: 2.9.11
+Version: 2.9.12
Release: 1
Summary: extremely powerful and versatile nameserver
Copyright: see /usr/doc/pdns/copyright
newest=i.last_modified;
}
- sd.serial=newest;
+ sd.serial=newest; // +arg().asNum("soa-serial-offset");
DLOG(L<<"autocalculated soa serialnumber for "<<rr.qname<<" is "<<newest<<endl);
}
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-// $Id: dnspacket.cc,v 1.21 2003/10/04 14:15:45 ahu Exp $
+// $Id: dnspacket.cc,v 1.22 2003/10/27 14:58:22 ahu Exp $
#include "utility.hh"
#include <cstdio>
stable_sort(rrs.begin(),rrs.end(),rrcomp);
+ // now shuffle! start out with the ANSWER records
+ vector<DNSResourceRecord>::iterator first, second;
+ for(first=rrs.begin();first!=rrs.end();++first)
+ if(first->d_place==DNSResourceRecord::ANSWER && first->qtype.getCode() != QType::CNAME) // CNAME must come first
+ break;
+ for(second=first;second!=rrs.end();++second)
+ if(second->d_place!=DNSResourceRecord::ANSWER)
+ break;
+
+ if(second-first>1)
+ random_shuffle(first,second);
+
+ // now shuffle the additional records
+ for(first=second;first!=rrs.end();++first)
+ if(first->d_place==DNSResourceRecord::ADDITIONAL && first->qtype.getCode() != QType::CNAME) // CNAME must come first
+ break;
+ for(second=first;second!=rrs.end();++second)
+ if(second->d_place!=DNSResourceRecord::ADDITIONAL)
+ break;
+
+ if(second-first>1)
+ random_shuffle(first,second);
+
d_wrapped=true;
</affiliation>
</author>
- <PubDate>v2.1 $Date: 2003/09/21 16:06:45 $</PubDate>
+ <PubDate>v2.1 $Date: 2003/10/27 14:58:22 $</PubDate>
<Abstract>
<para>
Recursor now actually purges its cache, saving memory.
</para>
</listitem>
+ <listitem>
+ <para>
+ Slave configuration now no longer falls over when presented with a NULL master
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Bindbackend2 now has supermaster support (Mark Bergsma, untested)
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Answers are now shuffled! It turns out a few recursors don't do shuffling (pdns_recursor, djbdns), so we do it now. Requested by Jorn of ISP-Services.
+ </para>
+ </listitem>
</itemizedlist>
</para>
<para>
An AXFR from a zone hosted on the LDAP backend no longer transmits all the reverse entries too (Norbert Sendetzky)
</para>
</listitem>
+ <listitem>
+ <para>
+ PostgreSQL backend now does error checking. It would be a bit too trusting before.
+ </para>
+ </listitem>
</itemizedlist>
</para>
<para>
if(!endsOn(k->content,subdomain) || getCache(k->content,QType(QType::A),&aset) > 5) {
bestns.insert(*k);
LOG<<prefix<<qname<<": NS (with ip, or non-glue) in cache for '"<<subdomain<<"' -> '"<<k->content<<"'"<<endl;
- LOG<<prefix<<qname<<": endson: "<<endsOn(k->content,subdomain)<<endl;
+ LOG<<prefix<<qname<<": endson: "<<endsOn(k->content,subdomain);
if(!aset.empty())
LOG<<", in cache, ttl="<<((time_t)aset.begin()->ttl-time(0))<<endl;
else
projects / pdns / commitdiff