]>
granicus.if.org Git - pdns/log
Remi Gacogne [Mon, 30 Sep 2019 14:54:57 +0000 (16:54 +0200)]
dnsdist: Fix the creation order of rules when inserted via SetRules()
Remi Gacogne [Mon, 30 Sep 2019 02:03:55 +0000 (04:03 +0200)]
Merge pull request #8318 from rgacogne/ddist-prometheus-labels
dnsdist: Better use of labels in our DoH prometheus export
Remi Gacogne [Sun, 29 Sep 2019 21:00:34 +0000 (23:00 +0200)]
Merge pull request #8349 from rgacogne/ddist-doh-tickets
dnsdist: Implement TLS Session Ticket Keys management for DoH
Remi Gacogne [Fri, 27 Sep 2019 14:15:40 +0000 (16:15 +0200)]
dnsdist: Remove references to GnuTLS for DoH
Remi Gacogne [Fri, 27 Sep 2019 14:11:23 +0000 (16:11 +0200)]
dnsdist: Exclude TLS session resumption tests from Travis (no DoH, old libssl)
Remi Gacogne [Fri, 27 Sep 2019 14:10:36 +0000 (16:10 +0200)]
dnsdist: Document DoH TLS Session Ticket keys management. Add tests.
Otto Moerbeek [Fri, 27 Sep 2019 14:00:08 +0000 (16:00 +0200)]
Merge pull request #8343 from omoerbeek/lgtm-low-hanging-fruit
Lgtm low hanging fruit
Otto Moerbeek [Fri, 27 Sep 2019 13:57:39 +0000 (15:57 +0200)]
Merge pull request #8350 from omoerbeek/fix-bind-mutex-leak
bind backend: pthread_mutex_t should be inited and destroyed and not be copied
Otto Moerbeek [Fri, 27 Sep 2019 12:40:24 +0000 (14:40 +0200)]
bind backend: pthread_mutex_t should be inited and destroyed and not be copied
To make our live easier, use a native C++ mutex.
Fixes #8161
Remi Gacogne [Thu, 26 Sep 2019 15:02:48 +0000 (17:02 +0200)]
dnsdist: Skip TCP metrics for UDP frontends over prometheus
Remi Gacogne [Thu, 26 Sep 2019 14:19:28 +0000 (16:19 +0200)]
dnsdist: Implement TLS Session Ticket Keys management for DoH
Remi Gacogne [Thu, 26 Sep 2019 12:36:51 +0000 (14:36 +0200)]
Merge pull request #8348 from rgacogne/auth-unit-hardening
auth: Add NoNewPrivileges, PrivateDevices and PrivateTmp back
Remi Gacogne [Thu, 26 Sep 2019 11:35:12 +0000 (13:35 +0200)]
auth: Add NoNewPrivileges, PrivateDevices and PrivateTmp back
Remi Gacogne [Thu, 26 Sep 2019 07:58:05 +0000 (09:58 +0200)]
Merge pull request #8208 from rgacogne/no-naked-pointers
auth: Get rid of most remaining naked pointers
Remi Gacogne [Wed, 25 Sep 2019 15:04:26 +0000 (17:04 +0200)]
auth: Mark getFreshAXFRPacket() as static
Remi Gacogne [Wed, 25 Sep 2019 15:03:43 +0000 (17:03 +0200)]
auth: Use shared pointers for the DNSPacket Lua bindings
Otto Moerbeek [Wed, 25 Sep 2019 11:33:05 +0000 (13:33 +0200)]
Merge pull request #8339 from omoerbeek/clang-format-file
clang-format file proposal
Otto Moerbeek [Wed, 25 Sep 2019 10:25:51 +0000 (12:25 +0200)]
Merge pull request #8340 from omoerbeek/rec-rpz-load-zz
Fix #8338: Issue with "zz" abbreviation for IPv6 RPZ triggers
Remi Gacogne [Sun, 4 Aug 2019 19:28:48 +0000 (21:28 +0200)]
auth: Get rid of most remaining naked pointers
Otto Moerbeek [Wed, 25 Sep 2019 08:00:47 +0000 (10:00 +0200)]
Add lgtm annotations and #error directives if we're configured wrongly.
Already showing its worth: a few ac checks were missing.
Otto Moerbeek [Tue, 24 Sep 2019 14:51:57 +0000 (16:51 +0200)]
Missed one case of localtime()
Otto Moerbeek [Tue, 24 Sep 2019 14:30:18 +0000 (16:30 +0200)]
Some low-hanging LGTM fruit
Otto Moerbeek [Tue, 24 Sep 2019 11:27:45 +0000 (13:27 +0200)]
Incorporate suggestions from rgacogne
Peter van Dijk [Tue, 24 Sep 2019 08:20:48 +0000 (10:20 +0200)]
Merge pull request #8328 from mind04/pdns-mysql-ssl
auth: gmysql backend, add an option to send the SSL capability flag t…
Remi Gacogne [Tue, 24 Sep 2019 07:56:34 +0000 (09:56 +0200)]
Merge pull request #8326 from rgacogne/security-policy
Add a security policy in our repo, remove outdated statement about versions
Remi Gacogne [Tue, 24 Sep 2019 07:54:00 +0000 (09:54 +0200)]
Merge pull request #8336 from Habbie/auth-no-version-in-manpage
auth: remove version number from man page footers
Remi Gacogne [Mon, 23 Sep 2019 15:04:10 +0000 (17:04 +0200)]
dnsdist: Update metrics based on the non-encrypted rcode over DNSCrypt
Remi Gacogne [Mon, 23 Sep 2019 14:34:38 +0000 (16:34 +0200)]
dnsdist: Update frontend* stats over TCP as well
Remi Gacogne [Mon, 23 Sep 2019 14:34:21 +0000 (16:34 +0200)]
dnsdist: Better use of labels in our DoH prometheus export
Also add stats about TLS session resumption.
Kees Monshouwer [Wed, 28 Aug 2019 10:07:02 +0000 (12:07 +0200)]
auth: gmysql backend, add an option to send the SSL capability flag to the server
Otto Moerbeek [Mon, 23 Sep 2019 12:59:38 +0000 (14:59 +0200)]
Fix #8338: Issue with "zz" abbreviation for IPv6 RPZ triggers
While there, add unittest for translating rpz names into netmasks
Otto Moerbeek [Mon, 23 Sep 2019 09:43:42 +0000 (11:43 +0200)]
clang-format file proposal
Run with clang-format [-i] -style=file in the tree.
-i does an in-place edit, without it result is written to stdout.
Peter van Dijk [Mon, 23 Sep 2019 08:38:39 +0000 (10:38 +0200)]
auth: remove version number from man page footers
Peter van Dijk [Mon, 23 Sep 2019 08:29:25 +0000 (10:29 +0200)]
Merge pull request #8332 from omoerbeek/rec-no-version-in-manpage
Remove version number in man page footer
Remi Gacogne [Mon, 23 Sep 2019 07:46:51 +0000 (09:46 +0200)]
Be more than explicit about the fact that dnsdist is also covered
Otto Moerbeek [Sat, 21 Sep 2019 08:09:38 +0000 (10:09 +0200)]
Remove version number
Peter van Dijk [Fri, 20 Sep 2019 15:35:43 +0000 (17:35 +0200)]
Merge pull request #8050 from mind04/nochop
Improved version of #8031 and some other fixes and optimizations.
Peter van Dijk [Fri, 20 Sep 2019 15:34:25 +0000 (17:34 +0200)]
Merge pull request #8317 from rgacogne/getrandom-eintr
Retry getrandom() on EINTR
Remi Gacogne [Fri, 20 Sep 2019 13:34:48 +0000 (15:34 +0200)]
Add a security policy in our repo, remove outdated statement about versions
Kees Monshouwer [Fri, 20 Sep 2019 13:13:26 +0000 (15:13 +0200)]
auth: cleanup slave-renotify code
Kees Monshouwer [Mon, 15 Jul 2019 08:55:28 +0000 (10:55 +0200)]
auth: improve the handling of duplicate id's in bindbackend
duplicate id's are not allowed in powerdns and will still result in undefined behavior
Kees Monshouwer [Mon, 16 Jan 2017 09:19:47 +0000 (10:19 +0100)]
auth: bind-backend, improve the domain_id check in lookup()
zone_id was not checked for a root zone and finding the right zone for a specific zone_id was super slow
With this commit, the uncached output of bind backen will increase by approximately 10%
Kees Monshouwer [Wed, 10 Jul 2019 10:16:31 +0000 (12:16 +0200)]
auth: silence 'mastercommunicator.cc:223:104 warning: ‘id’ may be used uninitialized in this function' warning
id was set in getOne()
Kees Monshouwer [Tue, 9 Jul 2019 20:28:45 +0000 (22:28 +0200)]
auth: pdnsutil show zone, make sure the DNSKEY is from the right zone
Kees Monshouwer [Fri, 20 Sep 2019 12:44:01 +0000 (14:44 +0200)]
auth: prevent new database connections while sending notifies
Kees Monshouwer [Tue, 9 Jul 2019 18:36:48 +0000 (20:36 +0200)]
auth: send notifies only to the nameservers in the zone
Kees Monshouwer [Tue, 9 Jul 2019 16:07:25 +0000 (18:07 +0200)]
auth: make sure the RRSIG freshness check is using the right zone
Kees Monshouwer [Tue, 9 Jul 2019 14:59:42 +0000 (16:59 +0200)]
auth: api, look for pre-existing RRsets in the right zone
Kees Monshouwer [Tue, 9 Jul 2019 20:43:19 +0000 (22:43 +0200)]
auth: remove the default default from the zone_id argument in lookup()
lookup calls without a zone_id:
modules/lmdbbackend/lmdbbackend.cc: lookup(QType(QType::SOA), domain, -1);
pdns/communicator.hh: b->lookup(QType(QType::ANY),name, -1);
pdns/pdnsutil.cc: B.lookup(QType(QType::NS), domain, -1);
pdns/pdnsutil.cc: B.lookup(QType(QType::A), DNSName(std::to_string(random()))+domain, -1);
pdns/pdnsutil.cc: B.lookup(QType(QType::DNSKEY), zone, -1 );
pdns/dnsbackend.cc: this->lookup(QType(QType::SOA),domain,-1);
pdns/mastercommunicator.cc: B->lookup(QType(QType::NS), di.zone, -1);
pdns/ws-auth.cc: di.backend->lookup(QType(QType::ANY), qname, -1);
pdns/slavecommunicator.cc: B->lookup(QType(QType::RRSIG), di.zone, -1);
Kees Monshouwer [Sat, 6 Jul 2019 20:58:41 +0000 (22:58 +0200)]
auth: prevent the chopOff() loop in lookup(), for SOA queries
without an id, in bind and lmdb backend.
Peter van Dijk [Fri, 20 Sep 2019 12:05:28 +0000 (14:05 +0200)]
Merge pull request #8324 from Habbie/coprocess-init-pid
pipebackend coprocess: initialise d_pid
Pieter Lexis [Fri, 20 Sep 2019 10:55:56 +0000 (12:55 +0200)]
Merge pull request #7956 from pieterlexis/auth-dont-start-as-root
Auth: Don't start as root on systemd
Remi Gacogne [Fri, 20 Sep 2019 08:34:53 +0000 (10:34 +0200)]
Merge pull request #8320 from phonedph1/patch-16
dnsdist: Make KVS lookup text read better
Peter van Dijk [Fri, 20 Sep 2019 08:03:30 +0000 (10:03 +0200)]
pipebackend coprocess: initialise d_pid
Peter van Dijk [Thu, 19 Sep 2019 16:09:47 +0000 (18:09 +0200)]
Merge pull request #8322 from omoerbeek/coverity-fix-cwd-for-upload
circleci coverity target: fix cwd for dnsdist and rec when uploading tarballs
Otto Moerbeek [Thu, 19 Sep 2019 16:04:45 +0000 (18:04 +0200)]
Fix cwd for dnsdist and rec when uploading tarballs so ./builder-support
is accessible.
phonedph1 [Thu, 19 Sep 2019 15:59:10 +0000 (09:59 -0600)]
Update dnsdist-kvs.hh
Remi Gacogne [Thu, 19 Sep 2019 12:48:26 +0000 (14:48 +0200)]
Merge pull request #8159 from rgacogne/auth-faster-pipebackend
auth: Emulate a buffered read in the pipe backend, ~3x faster
Remi Gacogne [Thu, 19 Sep 2019 12:02:29 +0000 (14:02 +0200)]
Merge pull request #8316 from rgacogne/dnsdist-healthcheck-tests-timing
dnsdist: Add more leeway in the health checks tests
Remi Gacogne [Thu, 19 Sep 2019 08:10:07 +0000 (10:10 +0200)]
Retry getrandom() on EINTR
Otto Moerbeek [Wed, 18 Sep 2019 16:53:49 +0000 (18:53 +0200)]
Merge pull request #8044 from Habbie/pdnsutil-test-algos-create-time
add key make time to pdnsutil test-all-algorithms, cleanup return type
Pieter Lexis [Wed, 18 Sep 2019 16:53:33 +0000 (18:53 +0200)]
Merge pull request #8304 from rgacogne/dnsdist-remotelog-client
dnsdist: Don't connect to remote logger in client/command mode
Otto Moerbeek [Wed, 18 Sep 2019 16:52:46 +0000 (18:52 +0200)]
Merge pull request #7973 from yantarou/do_pdsn_control_current_config
docs: Add missing words in pdns_control man page
Pieter Lexis [Wed, 18 Sep 2019 16:51:47 +0000 (18:51 +0200)]
Merge pull request #8305 from Habbie/circleci-local
makefile + one line doc for `circleci local execute`
Otto Moerbeek [Wed, 18 Sep 2019 16:51:12 +0000 (18:51 +0200)]
Merge pull request #8245 from Habbie/dns_random_testing
dns_random: verify upper bound; fix boundary condition for QID generation
Pieter Lexis [Wed, 18 Sep 2019 16:48:33 +0000 (18:48 +0200)]
Merge pull request #8287 from ton31337/feature/docs_pipe_backend_add_distributed_threads_section
docs: Add small description for pipe backend about distributor-threads
Pieter Lexis [Wed, 18 Sep 2019 16:47:19 +0000 (18:47 +0200)]
Merge pull request #8277 from blackbit42/master
docs/dnsupdate.rst: Fix typo in getZoneName()
Pieter Lexis [Wed, 18 Sep 2019 16:45:42 +0000 (18:45 +0200)]
Merge pull request #8290 from pieterlexis/arg-parser-improvement
Improve commandline error reporting for non-opts
Peter van Dijk [Wed, 18 Sep 2019 16:32:26 +0000 (18:32 +0200)]
Merge pull request #8313 from RobinGeuze/removeOracleDocs
Remove the oracle backends documentation
Robin Geuze [Wed, 18 Sep 2019 16:25:42 +0000 (18:25 +0200)]
Remove the oracle backends documentation
Remi Gacogne [Wed, 18 Sep 2019 16:14:41 +0000 (18:14 +0200)]
Merge pull request #8303 from rgacogne/dnsdist-fix-invalid-secpoll-answer-msg
dnsdist: Fix warning message on invalid secpoll answer
Remi Gacogne [Wed, 18 Sep 2019 16:14:22 +0000 (18:14 +0200)]
Merge pull request #8267 from rgacogne/dnsdist-doh-over-http
dnsdist: Allow accepting DoH queries over HTTP instead of HTTPS
Pieter Lexis [Wed, 19 Jun 2019 09:53:08 +0000 (11:53 +0200)]
auth: Ensure pdns.conf is readable by pdns
Pieter Lexis [Tue, 18 Jun 2019 15:09:35 +0000 (17:09 +0200)]
auth: ensure control socket can be created when running in systemd
Pieter Lexis [Tue, 18 Jun 2019 14:37:18 +0000 (16:37 +0200)]
auth: create service file with User/Group
Otto Moerbeek [Wed, 18 Sep 2019 16:07:52 +0000 (18:07 +0200)]
Merge pull request #7758 from gregcockroft/dev-metrics
recursor webhandler for prometheus metrics
Otto Moerbeek [Wed, 18 Sep 2019 15:35:01 +0000 (17:35 +0200)]
Merge pull request #8241 from omoerbeek/rec-authdomain-test-wildcard-ent
rec AuthDomain unit test for a wildcard in combinaton with an ent
Otto Moerbeek [Wed, 18 Sep 2019 15:31:00 +0000 (17:31 +0200)]
Move CHECKs to WARNs so the test succeeds and refer to issue #8321.
Otto Moerbeek [Wed, 18 Sep 2019 15:08:28 +0000 (17:08 +0200)]
Merge pull request #8234 from omoerbeek/rec-rpz-ent-wildcard-match
Add unit test for #8231.
Otto Moerbeek [Wed, 18 Sep 2019 15:04:45 +0000 (17:04 +0200)]
Make the test succeed but print warnings. Once issue #8231 is fixed
these BOOST_WARNs should be changed to BOOST_CHECK.
Peter van Dijk [Wed, 18 Sep 2019 13:19:56 +0000 (15:19 +0200)]
circleci docs: add rsync dep
Peter van Dijk [Wed, 18 Sep 2019 12:54:49 +0000 (14:54 +0200)]
Merge pull request #7455 from mind04/oracle
auth: remove the oracle backends
Peter van Dijk [Wed, 18 Sep 2019 12:48:03 +0000 (14:48 +0200)]
fix issue template chooser?
Peter van Dijk [Wed, 18 Sep 2019 12:35:42 +0000 (14:35 +0200)]
Merge pull request #8302 from Habbie/issue-templates
make separate bug/report templates
Otto Moerbeek [Wed, 18 Sep 2019 12:31:06 +0000 (14:31 +0200)]
Merge pull request #8288 from omoerbeek/rec-enable-dnstap
Move to buster on circlci and rec: install fstream-dev and enable libfstrm
Otto Moerbeek [Wed, 18 Sep 2019 12:19:52 +0000 (14:19 +0200)]
Merge pull request #8083 from omoerbeek/errno-review
Errno review
Kees Monshouwer [Wed, 18 Sep 2019 11:41:13 +0000 (13:41 +0200)]
auth: remove the oracle backends
Otto Moerbeek [Wed, 18 Sep 2019 11:24:35 +0000 (13:24 +0200)]
Merge remote-tracking branch 'origin' into errno-review
Pieter Lexis [Wed, 18 Sep 2019 09:30:03 +0000 (11:30 +0200)]
Merge pull request #8308 from tcely/patch-1
lua-logging-query -> lua-query-logging
Pieter Lexis [Wed, 18 Sep 2019 09:26:21 +0000 (11:26 +0200)]
Merge pull request #6496 from cyclops1982/3814
#3814 - Add question for to increase-soa after non SOA edit
tcely [Tue, 17 Sep 2019 17:33:16 +0000 (13:33 -0400)]
lua-logging-query -> lua-query-logging
Peter van Dijk [Tue, 17 Sep 2019 16:49:30 +0000 (18:49 +0200)]
Merge pull request #5572 from tcely/patch-1
Fixed up luabackend
Peter van Dijk [Tue, 17 Sep 2019 16:34:13 +0000 (18:34 +0200)]
Merge pull request #8307 from chbruyand/auth-lua-api-v2
auth: register lua functions only once
Charles-Henri Bruyand [Fri, 30 Aug 2019 09:14:53 +0000 (11:14 +0200)]
auth: register lua functions only once when shared context
Otto Moerbeek [Tue, 17 Sep 2019 15:06:28 +0000 (17:06 +0200)]
Enable dnstap and include libfstrm
Otto Moerbeek [Tue, 17 Sep 2019 15:05:31 +0000 (17:05 +0200)]
Fix out-of-bound access for zero length "serialized" string.
Otto Moerbeek [Tue, 17 Sep 2019 15:04:09 +0000 (17:04 +0200)]
Move to buster and make sure the env is the same for interactive and non-
interactive runs.
Also unpack tools in a safe location.
Peter van Dijk [Tue, 17 Sep 2019 13:19:40 +0000 (15:19 +0200)]
makefile + one line doc for `circleci local execute`
Peter van Dijk [Tue, 17 Sep 2019 13:11:37 +0000 (15:11 +0200)]
fix coverity auth; presumably fix coverity rec, dnsdist
Remi Gacogne [Tue, 17 Sep 2019 11:15:49 +0000 (13:15 +0200)]
dnsdist: Add more leeway in the health checks tests