]>
granicus.if.org Git - pdns/log
Pieter Lexis [Sat, 30 Apr 2016 11:44:41 +0000 (13:44 +0200)]
Add --help and --version to sdig
Pieter Lexis [Sat, 30 Apr 2016 11:38:23 +0000 (13:38 +0200)]
Add ixplore manpage to docs website
Pieter Lexis [Sat, 30 Apr 2016 11:35:18 +0000 (13:35 +0200)]
Add --version to zone2sql
Pieter Lexis [Sat, 30 Apr 2016 11:32:53 +0000 (13:32 +0200)]
Add --version to zone2ldap
Pieter Lexis [Sat, 30 Apr 2016 11:30:24 +0000 (13:30 +0200)]
Add --version to zone2json
Pieter Lexis [Sat, 30 Apr 2016 11:25:43 +0000 (13:25 +0200)]
pdns_recursor: Exit friendly on --version
Pieter Lexis [Sat, 30 Apr 2016 11:19:10 +0000 (13:19 +0200)]
Add --help and --version to nsec3dig
Pieter Lexis [Sat, 30 Apr 2016 11:13:03 +0000 (13:13 +0200)]
Add nproxy manpage, ship nproxy in pdns-tools deb
Pieter Lexis [Fri, 29 Apr 2016 17:50:49 +0000 (19:50 +0200)]
Add --version to nproxy
Pieter Lexis [Fri, 29 Apr 2016 17:38:43 +0000 (19:38 +0200)]
Add --help and --version to ixplore
Pieter Lexis [Fri, 29 Apr 2016 17:31:18 +0000 (19:31 +0200)]
Add notify manpage
Pieter Lexis [Fri, 29 Apr 2016 17:26:52 +0000 (19:26 +0200)]
Add --help and --version to notify
Pieter Lexis [Fri, 29 Apr 2016 15:38:09 +0000 (17:38 +0200)]
Add dumresp manpages and add dumresp to pdns-tools
Pieter Lexis [Fri, 29 Apr 2016 15:36:39 +0000 (17:36 +0200)]
Add --help and --version to dumresp
Pieter Lexis [Fri, 29 Apr 2016 15:14:25 +0000 (17:14 +0200)]
Add --help and --version to dnswasher
Pieter Lexis [Fri, 29 Apr 2016 15:07:31 +0000 (17:07 +0200)]
Add --version to dnstcpbench
Pieter Lexis [Fri, 29 Apr 2016 15:04:23 +0000 (17:04 +0200)]
Add --version to dnsscope
Pieter Lexis [Fri, 29 Apr 2016 15:00:47 +0000 (17:00 +0200)]
Add --help and --version to dnsscan
Pieter Lexis [Fri, 29 Apr 2016 14:57:42 +0000 (16:57 +0200)]
Add --version to dnsreplay
Pieter Lexis [Fri, 29 Apr 2016 14:52:34 +0000 (16:52 +0200)]
Add --version and --help to dnsgram
Pieter Lexis [Fri, 29 Apr 2016 14:52:20 +0000 (16:52 +0200)]
make dnspcap spit out the filename on error
Pieter Lexis [Fri, 29 Apr 2016 14:41:15 +0000 (16:41 +0200)]
Add --help and --version to dnsbulktest
Pieter Lexis [Fri, 29 Apr 2016 14:32:05 +0000 (16:32 +0200)]
Add calidns manpage and add to pdns-tools
Pieter Lexis [Fri, 29 Apr 2016 14:31:49 +0000 (16:31 +0200)]
Add --help and --version to calidns
Pieter Lexis [Fri, 29 Apr 2016 12:48:27 +0000 (14:48 +0200)]
Add --version to pdnsutil
Pieter Lexis [Fri, 1 May 2015 12:25:45 +0000 (14:25 +0200)]
Add --version to rec_control
bert hubert [Fri, 29 Apr 2016 11:28:48 +0000 (13:28 +0200)]
Merge pull request #3752 from pieterlexis/issue-3682-DNSSEC-processing
recursor: DNSSEC related query flag processing
bert hubert [Fri, 29 Apr 2016 11:28:27 +0000 (13:28 +0200)]
Merge pull request #3662 from klaus3000/soa_serial_0
handle SOAs with serial 0 correctly in incoming AXFR
bert hubert [Fri, 29 Apr 2016 11:13:17 +0000 (13:13 +0200)]
Merge pull request #3754 from rgacogne/dnsdist-custom-headers
dnsdist: Allow the use of custom headers in the web server
bert hubert [Fri, 29 Apr 2016 11:12:44 +0000 (13:12 +0200)]
Merge pull request #3772 from pieterlexis/issue-3738-cap-servfail-ttl
Cap packetcache-servfail-ttl to packetcache-ttl
bert hubert [Fri, 29 Apr 2016 05:41:51 +0000 (07:41 +0200)]
Merge pull request #3789 from rgacogne/dnsname-negative-labellen-ispartof
Add consistency checks to segmentDNSNameRaw()
bert hubert [Fri, 29 Apr 2016 05:41:25 +0000 (07:41 +0200)]
Merge pull request #3792 from pieterlexis/dnssec-regression-part-3
More DNSSEC tests and a RRSIG validation fix for wildcards
Pieter Lexis [Thu, 28 Apr 2016 15:40:11 +0000 (17:40 +0200)]
Add DNSSEC tests for cnames to/from (in)secure
Pieter Lexis [Thu, 28 Apr 2016 14:57:53 +0000 (16:57 +0200)]
Add simple NODATA tests
Pieter Lexis [Thu, 28 Apr 2016 13:34:59 +0000 (15:34 +0200)]
Add 2 wildcard CNAME tests
Pieter Lexis [Thu, 28 Apr 2016 12:33:16 +0000 (14:33 +0200)]
recursor: Correctly validate wildcard RRSIGs
Pieter Lexis [Thu, 28 Apr 2016 12:33:12 +0000 (14:33 +0200)]
Add DNSSEC wilcard test
Pieter Lexis [Thu, 28 Apr 2016 12:30:32 +0000 (14:30 +0200)]
Add 2 tests with subtrees inside a secure zone
To test if the recursor actually validates RRSIGs with a signer name
that is not directly a parent of the name to validate. i.e. validates
signer name = 'domain.example' and record owner name =
'some.sub.domain.example'
Pieter Lexis [Thu, 28 Apr 2016 10:32:17 +0000 (12:32 +0200)]
Merge pull request #3784 from mind04/soa-cache-master
fix SOA caching with multiple backends
Pieter Lexis [Thu, 28 Apr 2016 10:32:07 +0000 (12:32 +0200)]
Merge pull request #3788 from mind04/mysql-timeout
make mysql timeout configurable
Remi Gacogne [Thu, 28 Apr 2016 09:59:01 +0000 (11:59 +0200)]
Add consistency checks to segmentDNSNameRaw()
This fixes most issues found by fuzzing loadRPZFromFile() with
American Fuzzy Lop.
Remi Gacogne [Thu, 28 Apr 2016 08:59:27 +0000 (10:59 +0200)]
Throw on negative label length in `DNSName::isPartOf()`
Found with American Fuzzy Lop and Address Sanitizer.
Pieter Lexis [Thu, 28 Apr 2016 08:29:48 +0000 (10:29 +0200)]
Merge pull request #3765 from pieterlexis/update-yahttp
Update yahttp
Pieter Lexis [Thu, 28 Apr 2016 08:29:37 +0000 (10:29 +0200)]
Merge pull request #3766 from rgacogne/packetparser-min-offset
Add a minimum offset parameter to DNSName
bert hubert [Thu, 28 Apr 2016 05:56:50 +0000 (07:56 +0200)]
Merge pull request #3768 from rgacogne/afl-crash-fixes
Fix various crashes
bert hubert [Thu, 28 Apr 2016 05:56:28 +0000 (07:56 +0200)]
Merge pull request #3773 from rgacogne/dnsdist-web-req-resp
dnsdist: Stop copying the request headers to the response
bert hubert [Thu, 28 Apr 2016 05:56:07 +0000 (07:56 +0200)]
Merge pull request #3786 from pieterlexis/recursor-dnssec-part-2
More DNSSEC tests
Pieter Lexis [Wed, 27 Apr 2016 12:08:29 +0000 (14:08 +0200)]
Add basic NSEC and NSEC3 tests
Add a zone with NSEC3-optout for the NSEC3 tests
Pieter Lexis [Wed, 27 Apr 2016 07:23:10 +0000 (09:23 +0200)]
Add timing based DNSSEC tests
Note: the `faketime` program does not clean up its childprocesses
properly (possibly in combination with authbind), hence we LD_PRELOAD it
and supply the faketime through the environment.
bert hubert [Wed, 27 Apr 2016 17:20:30 +0000 (19:20 +0200)]
non opt-out nsec3
Kees Monshouwer [Wed, 27 Apr 2016 13:00:19 +0000 (15:00 +0200)]
make mysql timeout configurable
bert hubert [Wed, 27 Apr 2016 14:13:28 +0000 (16:13 +0200)]
Merge pull request #3767 from ahupowerdns/dnsdist-yaks
Please ponder: nodelay, console newlines, print out json, silence some trivia, move to 'return' for Lua statements
bert hubert [Wed, 27 Apr 2016 14:13:07 +0000 (16:13 +0200)]
Merge pull request #3783 from rgacogne/type-conversion-fixes
Fix type conversions, add some checks
bert hubert [Wed, 27 Apr 2016 14:02:22 +0000 (16:02 +0200)]
Merge pull request #3779 from rgacogne/dnsname-afl-crash-unsigned
Use unsigned char* in getRawLabels() and countLabels()
bert hubert [Wed, 27 Apr 2016 14:01:48 +0000 (16:01 +0200)]
Merge pull request #3785 from ahupowerdns/nsec3fix
process nsec3 insecure delegation
bert hubert [Wed, 27 Apr 2016 13:10:49 +0000 (15:10 +0200)]
process NSEC3 insecure delegation, closes #3675
bert hubert [Wed, 27 Apr 2016 13:10:17 +0000 (15:10 +0200)]
enable function to hash qnames w/o having the NSEC3PARAM ready
Kees Monshouwer [Wed, 27 Apr 2016 10:01:45 +0000 (12:01 +0200)]
fix SOA caching with multiple backends
Remi Gacogne [Wed, 27 Apr 2016 08:26:20 +0000 (10:26 +0200)]
Fix type conversions, add some checks
There is no known bug involved, only hardening.
Remi Gacogne [Tue, 26 Apr 2016 15:20:07 +0000 (17:20 +0200)]
Use unsigned char* in getRawLabels() and countLabels()
Otherwise we treat values larger than INT8_MAX as negatives
in pointer arithmetic.
Found with American Fuzzy Lop and Address Sanitizer.
Pieter Lexis [Tue, 26 Apr 2016 13:44:52 +0000 (15:44 +0200)]
Merge pull request #3707 from brynjare/patch-1
Increase MySQL client timeouts from 10 seconds
Remi Gacogne [Tue, 26 Apr 2016 13:44:16 +0000 (15:44 +0200)]
dnsdist: Stop copying the request headers to the response
Pieter Lexis [Tue, 26 Apr 2016 13:34:29 +0000 (15:34 +0200)]
cap packetcache-servfail-ttl to packetcache-ttl
This prevents surprises when packetcache-ttl is set to 0, but servfails
are still served from the cache. Closes #3738.
bert hubert [Tue, 26 Apr 2016 12:05:33 +0000 (14:05 +0200)]
fix up newlines in console mode, move to 'return *line*' and if that is a syntax error, execute '*line*', also print out simple Lua tables as JSON
bert hubert [Tue, 26 Apr 2016 12:05:11 +0000 (14:05 +0200)]
silence where we read the config file from except in verbose mode
Remi Gacogne [Tue, 26 Apr 2016 09:09:05 +0000 (11:09 +0200)]
Add a minimum offset parameter to DNSName
PacketReader does not copy the header part of the DNS message,
therefore DNSName needs to be aware of the minimum valid offset
in order not to follow a pointer to an offset < sizeof(dnsheader),
as other callers expect every non-negative offset to be valid.
Found with American Fuzzy Lop and Address Sanitizer.
Pieter Lexis [Tue, 26 Apr 2016 12:00:59 +0000 (14:00 +0200)]
Update yahttp, closes #3723
bert hubert [Tue, 26 Apr 2016 11:40:06 +0000 (13:40 +0200)]
hook up nodelay, silence output 'connecting to..' unless --verbose
bert hubert [Tue, 26 Apr 2016 11:39:08 +0000 (13:39 +0200)]
setTCPNoDelay() for dnsdist console. Yak.
bert hubert [Tue, 26 Apr 2016 11:35:06 +0000 (13:35 +0200)]
getAction(n) for n >= number of rules now properly returns nil instead of crashing
Pieter Lexis [Fri, 22 Apr 2016 11:07:47 +0000 (13:07 +0200)]
Add AD flag to queries in the simple tests
Pieter Lexis [Fri, 22 Apr 2016 10:14:34 +0000 (12:14 +0200)]
Only process CD flags in a dnssec mode
Pieter Lexis [Thu, 21 Apr 2016 15:27:38 +0000 (17:27 +0200)]
Treat AD bit in query header correctly
Pieter Lexis [Thu, 21 Apr 2016 14:32:25 +0000 (16:32 +0200)]
Stop skipping tests
Pieter Lexis [Fri, 22 Apr 2016 09:26:46 +0000 (11:26 +0200)]
correctly test for cd absense with dnssec=off
Pieter Lexis [Tue, 26 Apr 2016 11:16:10 +0000 (13:16 +0200)]
recursor: Add DNSSEC testing infrastructure and tests (#3741)
* Add rec dnssec test infra and initial tests
* Allow running an auth server
during the recursor regression tests.
Also add some boilerplate code so we can add DS records and root hints
* wip
* Add more infra to secure zones etc. wellKnown test passes, simple needs work
* Add own assertions, fix tests (all pass!)
* Hookup recursor DNSSEC tests to travis
* Add separate teardown classes
* Add a bogus zone
* Add tests for flag handling of the recursor
In preparation for #3682
And some new assertions
* Add flags test for bogus domains
* Lower startup delay
* refactor zones and keys
* Make pylint happy
* fix travis
* Disable WellKnown tests, they fail on travis
* WIP
* Add flag tests for insecure zone
* Change domain names to documentation names
Remi Gacogne [Mon, 25 Apr 2016 15:27:44 +0000 (17:27 +0200)]
rec: Drop non-IN records from auths, check for invalid record content
Fix a crash in case of a bogus response from an authoritative
server.
Remi Gacogne [Fri, 22 Apr 2016 14:56:46 +0000 (16:56 +0200)]
Fix null pointer dereference on parsing error in ZoneParserTNG
For example when parsing an unmatched '('
Remi Gacogne [Fri, 22 Apr 2016 14:55:59 +0000 (16:55 +0200)]
Fix off-by-one read in `latlon2ul()`
bert hubert [Tue, 26 Apr 2016 08:53:48 +0000 (10:53 +0200)]
Merge pull request #3762 from ahupowerdns/teeaction
Teeaction: send copy of query to second nameserver, sponge responses
bert hubert [Mon, 25 Apr 2016 18:10:13 +0000 (20:10 +0200)]
hook up action-stats to JSON output
bert hubert [Mon, 25 Apr 2016 18:02:15 +0000 (20:02 +0200)]
edit in changes suggested by @rgacogne for TeeAction, thanks
bert hubert [Mon, 25 Apr 2016 11:14:47 +0000 (13:14 +0200)]
document TeeAction & new getAction()
bert hubert [Mon, 25 Apr 2016 10:58:07 +0000 (12:58 +0200)]
make TeeAction() quit properly, add getAction() so you can get access to an action, add getStats() to give you raw stats
bert hubert [Mon, 25 Apr 2016 10:57:23 +0000 (12:57 +0200)]
clean up our error reporting on the console a bit, may need to happen for the remotely connected console too
bert hubert [Mon, 25 Apr 2016 08:02:01 +0000 (10:02 +0200)]
initial work on TeeAction, still has some missing bits, like not blocking the whole daemon when you delete a rule
bert hubert [Mon, 25 Apr 2016 07:58:27 +0000 (09:58 +0200)]
grepq() has no sideeffects in dnsdist.
Remi Gacogne [Mon, 25 Apr 2016 07:51:37 +0000 (09:51 +0200)]
Merge pull request #3755 from rgacogne/dnsdist-fix-regex-sample
dnsdist: Fix RegexRule example in dnsdistconf.lua
Remi Gacogne [Fri, 22 Apr 2016 19:14:04 +0000 (21:14 +0200)]
Merge pull request #3714 from rubenk/dnsdist-service
dnsdist: add documentation links to dnsdist.service
Remi Gacogne [Fri, 22 Apr 2016 14:42:36 +0000 (16:42 +0200)]
dnsdist: Allow the use of custom headers in the web server
Pieter Lexis [Fri, 22 Apr 2016 14:08:45 +0000 (16:08 +0200)]
Merge pull request #3751 from medea61/master
fixing systemd capability issues #3748 & #3749
Roman Hochuli [Fri, 22 Apr 2016 09:21:40 +0000 (11:21 +0200)]
fixing #3749
Roman Hochuli [Fri, 22 Apr 2016 09:19:41 +0000 (11:19 +0200)]
fixing #3748
Remi Gacogne [Thu, 21 Apr 2016 19:42:21 +0000 (21:42 +0200)]
dnsdist: Fix RegexRule example in dnsdistconf.lua
Pieter Lexis [Thu, 21 Apr 2016 10:37:06 +0000 (12:37 +0200)]
Merge pull request #3745 from pieterlexis/dnsdist-not-remote-logo
dnsdist website, use a local logo
Remi Gacogne [Thu, 21 Apr 2016 10:31:31 +0000 (12:31 +0200)]
Merge pull request #3744 from rgacogne/dnsdist-100final-changelog
dnsdist: Update ChangeLog for 1.0.0
Pieter Lexis [Thu, 21 Apr 2016 10:28:50 +0000 (12:28 +0200)]
dnsdist website, use a local logo
Ruben Kerkhof [Fri, 15 Apr 2016 13:59:14 +0000 (15:59 +0200)]
dnsdist: add documentation links to dnsdist.service
Pieter Lexis [Wed, 20 Apr 2016 15:54:07 +0000 (17:54 +0200)]
Merge pull request #3740 from ahupowerdns/bind-nsec-fix
fixes a crash in BIND backend NSEC code - but needs more work
Remi Gacogne [Wed, 20 Apr 2016 14:14:19 +0000 (16:14 +0200)]
dnsdist: Update ChangeLog for 1.0.0