]>
granicus.if.org Git - pdns/log
Christian Hofstaedtler [Sun, 15 Feb 2015 14:01:28 +0000 (15:01 +0100)]
Replace PacketHandler with UeberBackend where possible
Makes reasoning about PacketHandler usage easier.
Christian Hofstaedtler [Sun, 15 Feb 2015 13:36:45 +0000 (14:36 +0100)]
Remove emitNSEC3 from header file
I broke it's signature during the last cleanup, but nobody outside
packethandler.cc uses it.
Christian Hofstaedtler [Sun, 15 Feb 2015 13:35:27 +0000 (14:35 +0100)]
PacketHandler: Remove signatures for missing functions
Christian Hofstaedtler [Sun, 15 Feb 2015 13:08:32 +0000 (14:08 +0100)]
PacketHandler: Share UeberBackend with DNSSECKeeper
Reduces number of backend instances by 50%, very relevant for setups
that have backends with huge startup/runtime cost.
bert hubert [Sat, 14 Feb 2015 18:26:17 +0000 (19:26 +0100)]
dnsdist is c++2011 now which means jenkins can't build it anymore for us. Remove it from RPM.
Peter van Dijk [Sat, 14 Feb 2015 14:54:54 +0000 (15:54 +0100)]
Merge pull request #2233 from rubenk/handle-missing-so_reuseport
Older kernels don't have SO_REUSEPORT
Ruben Kerkhof [Sat, 14 Feb 2015 14:42:07 +0000 (15:42 +0100)]
Older kernels don't have SO_REUSEPORT
bert hubert [Sat, 14 Feb 2015 12:10:03 +0000 (13:10 +0100)]
only do c++-2011 is luawrapper works (breaks c+2011 for non-lua builds, but want to get the tests running again)
bert hubert [Sat, 14 Feb 2015 09:41:21 +0000 (10:41 +0100)]
turns out travis and jenkins don't know about the sendmmsg system call (eh?)
bert hubert [Sat, 14 Feb 2015 08:50:29 +0000 (09:50 +0100)]
didn't work
bert hubert [Sat, 14 Feb 2015 08:48:58 +0000 (09:48 +0100)]
Merge branch 'master' into dnsdist11
Peter van Dijk [Sat, 14 Feb 2015 07:31:32 +0000 (08:31 +0100)]
Merge pull request #2231 from rubenk/testrunner-needs-libdl
The testrunner needs -ldl now
Ruben Kerkhof [Fri, 13 Feb 2015 23:03:36 +0000 (00:03 +0100)]
The testrunner needs -ldl now
Peter van Dijk [Fri, 13 Feb 2015 22:36:23 +0000 (23:36 +0100)]
Merge pull request #2142 from zeha/untangle-dnsbackend-ueberbackend
Stop pretending UeberBackend is a normal DNSBackend
Peter van Dijk [Fri, 13 Feb 2015 22:04:29 +0000 (23:04 +0100)]
Merge pull request #2167 from Habbie/html-tar-bz2
html.tar.bz2 target, partial resolution for #2165
Peter van Dijk [Fri, 13 Feb 2015 22:04:08 +0000 (23:04 +0100)]
Merge pull request #2176 from rubenk/recursor-systemd
Start pdns-recursor before nss-lookup.target
Peter van Dijk [Fri, 13 Feb 2015 22:03:33 +0000 (23:03 +0100)]
Merge pull request #2185 from rubenk/systemd-improvements
Systemd improvements
Peter van Dijk [Fri, 13 Feb 2015 22:02:28 +0000 (23:02 +0100)]
Merge pull request #2182 from AdamMajer/master
Memory leak cleanup in unit tests thanks to valgrind
Peter van Dijk [Fri, 13 Feb 2015 22:01:27 +0000 (23:01 +0100)]
Merge pull request #2213 from James-TR/patch-1
Welcome to 2015
Peter van Dijk [Fri, 13 Feb 2015 21:15:30 +0000 (22:15 +0100)]
Merge pull request #2229 from rubenk/make-rule-explicit
Use an explit rule to turn ragel into C++
Peter van Dijk [Fri, 13 Feb 2015 16:27:08 +0000 (17:27 +0100)]
re-allow building without lua
Peter van Dijk [Fri, 13 Feb 2015 14:49:19 +0000 (15:49 +0100)]
Merge pull request #1471 from Habbie/luapolicy
initial implementation of Lua policy engine
Peter van Dijk [Fri, 6 Jun 2014 10:43:27 +0000 (12:43 +0200)]
Merge work-in-progress Lua policy engine.
Some text from the Pull Request at the time of merge:
Should not break anything when not used; should not break anything when used
(assuming the loaded script is free of bugs). Example script may not be
entirely correct. Needs tests (dnsperf QPS is a fine KPI).
Run `git show <thiscommit> | grep FIXME` to see known issues.
Todo/evolution ideas:
Copy reload/unload behaviour from recursor (allow reloading different script,
don't replace running instance when loading fails due to syntax errors etc).
Related, make sure we do PASS when the police() call fails.
Add pdns-side metrics (drops/passes/truncates/lua errors) (probably some
actual breakage in the metrics area right now). Log (sample of) lua errors.
Call metrics() periodically (every second) and merge those into our own,
including carbon submission? Perhaps with incremental (number since last read)
vs. absolute flag (number since startup). If absolute, consider
'checkpointing' on script reload.
Call statsline() periodically (every X minutes) for a summary we can log?
Write wrapper (in Lua?) to allow loading policy scripts into recursor using
the hooks already present there (pre/postresolve).
Expose header/extra flags (RD, DO, etc.).
Ruben Kerkhof [Fri, 13 Feb 2015 13:30:55 +0000 (14:30 +0100)]
Use an explit rule to turn ragel into C++
The implicit rule causes Make to search for a .rl
file for each .cc file
Peter van Dijk [Fri, 13 Feb 2015 12:56:23 +0000 (13:56 +0100)]
Merge pull request #2219 from mind04/mixed
evaluate KSK ZSK pairs per algorithm
Peter van Dijk [Fri, 13 Feb 2015 12:54:30 +0000 (13:54 +0100)]
Merge pull request #2222 from James-TR/pdnssec-doc-fix
Bring pdnssec algs inline with pdnssec source
Peter van Dijk [Fri, 13 Feb 2015 12:53:43 +0000 (13:53 +0100)]
Merge pull request #2226 from rubenk/silence-scary-warning-in-configure-recursor
Silence warnings that always occur on FreeBSD
Peter van Dijk [Fri, 13 Feb 2015 11:28:47 +0000 (12:28 +0100)]
Merge pull request #2228 from Habbie/fixsendmsg
make sure we never call sendmsg with msg_control!=NULL && msg_controllen>0
Peter van Dijk [Fri, 13 Feb 2015 08:49:13 +0000 (09:49 +0100)]
add recursor-test-freebsd script
Peter van Dijk [Fri, 13 Feb 2015 08:29:00 +0000 (09:29 +0100)]
make sure we never call sendmsg with msg_control!=NULL && msg_controllen>0. Fixes #2227
James Taylor [Thu, 12 Feb 2015 22:03:16 +0000 (22:03 +0000)]
Bring pdnssec algs inline with pdnssec source
* Changed the algorithms to be inline with shorthand2algorithm()
from pdns/pdnssec.c
* Might need to clarify what the other algorithms are, too
Ruben Kerkhof [Thu, 12 Feb 2015 16:58:42 +0000 (17:58 +0100)]
Silence warnings that always occur on FreeBSD
Peter van Dijk [Thu, 12 Feb 2015 13:14:36 +0000 (14:14 +0100)]
fix mailman link, thanks @justinclift
Peter van Dijk [Thu, 12 Feb 2015 12:33:27 +0000 (13:33 +0100)]
Merge pull request #2224 from arjenz/master
Fix typo
arjenz [Thu, 12 Feb 2015 12:31:32 +0000 (13:31 +0100)]
Fix typo
Fix a typo as noticed on http://blog.powerdns.com/2015/02/12/powerdns-recursor-3-7-1-released/
Peter van Dijk [Thu, 12 Feb 2015 12:24:43 +0000 (13:24 +0100)]
secpoll for rec 3.7.1
Peter van Dijk [Thu, 12 Feb 2015 11:36:59 +0000 (12:36 +0100)]
drop RC details
Peter van Dijk [Thu, 12 Feb 2015 11:07:30 +0000 (12:07 +0100)]
3.7.1 changelog
Kees Monshouwer [Wed, 11 Feb 2015 21:54:08 +0000 (22:54 +0100)]
evaluate KSK ZSK pairs per algorithm
bert hubert [Wed, 11 Feb 2015 16:00:21 +0000 (17:00 +0100)]
on Linux, SO_TIMESTAMP == SCM_TIMESTAMP, on at least FreeBSD, it is not, causing us to miss harvesting the timestamp, and dropping all packets as too old. With this change, we don't drop if we can't find the timestamp, plus harvest it properly
bert hubert [Wed, 11 Feb 2015 12:47:04 +0000 (13:47 +0100)]
update release notes and documentation for 3.7.0
bert hubert [Wed, 11 Feb 2015 12:14:16 +0000 (13:14 +0100)]
secpoll for 3.7.0
James Taylor [Tue, 10 Feb 2015 08:47:57 +0000 (08:47 +0000)]
Welcome to 2015
* It's February! :D
Ruben Kerkhof [Wed, 4 Feb 2015 10:16:33 +0000 (11:16 +0100)]
Restrict address families that can be used
To AF_UNIX AF_INET and AF_INET6.
Ruben Kerkhof [Wed, 4 Feb 2015 10:13:07 +0000 (11:13 +0100)]
Mount /home and /run/user read-only
Ruben Kerkhof [Wed, 4 Feb 2015 10:07:44 +0000 (11:07 +0100)]
Give recursor its own read-only mount namespace
/usr and /etc are mounted read-only
Ruben Kerkhof [Wed, 4 Feb 2015 10:06:23 +0000 (11:06 +0100)]
Ensure recursor can't elevate its privileges
Ruben Kerkhof [Wed, 4 Feb 2015 10:04:43 +0000 (11:04 +0100)]
Drop unneeded capabilities
The recursor only needs CAP_NET_BIND_SERVICE
to bind to port 53
Ruben Kerkhof [Wed, 4 Feb 2015 10:04:13 +0000 (11:04 +0100)]
Give recursor its own /dev namespace
Adam Majer [Tue, 3 Feb 2015 16:53:45 +0000 (10:53 -0600)]
Memory leak cleanup in unit tests, thanks to valgrind
Peter van Dijk [Mon, 9 Feb 2015 15:51:26 +0000 (16:51 +0100)]
Merge pull request #1997 from rubenk/fix-undef-warnings
Fix undef warnings
Ruben Kerkhof [Thu, 25 Dec 2014 13:24:47 +0000 (14:24 +0100)]
Fix a few warnings which show up with -Wundef
Also remove DARWIN, since OS X doesn't define that
Peter van Dijk [Mon, 9 Feb 2015 14:22:54 +0000 (15:22 +0100)]
Merge pull request #2090 from rubenk/remove-commented-out-zone2ldap-from-spec
Remove commented out zone2ldap
Peter van Dijk [Mon, 9 Feb 2015 14:14:26 +0000 (15:14 +0100)]
Merge pull request #2210 from shimmi2/master
Update migration.md
shimmi2 [Mon, 9 Feb 2015 13:06:55 +0000 (14:06 +0100)]
Update migration.md
Updated link to wiki for easy reach scripts for migrating from MyDNS
Peter van Dijk [Mon, 9 Feb 2015 12:22:22 +0000 (13:22 +0100)]
Merge pull request #2181 from mind04/api1
always set di.notified_serial in getAllDomains
Kees Monshouwer [Tue, 3 Feb 2015 22:21:18 +0000 (23:21 +0100)]
always set di.notified_serial in getAllDomains
Peter van Dijk [Mon, 9 Feb 2015 10:36:30 +0000 (11:36 +0100)]
Merge pull request #2170 from mind04/docker
update example in the Dockerfile for building the markdown docs
Peter van Dijk [Mon, 9 Feb 2015 10:35:59 +0000 (11:35 +0100)]
Merge pull request #2184 from rubenk/fail-when-compiling-epollmplexer-fails
Fail when compiling epollmplexer fails
Peter van Dijk [Mon, 9 Feb 2015 10:35:53 +0000 (11:35 +0100)]
Merge pull request #2190 from rubenk/cp-dont-move-binaries
Copy the binaries during install, don't move them
Peter van Dijk [Mon, 9 Feb 2015 10:35:38 +0000 (11:35 +0100)]
Merge pull request #2199 from rubenk/fix-building-with-boost-1.57
fix building with GCC 5
Peter van Dijk [Mon, 9 Feb 2015 09:44:47 +0000 (10:44 +0100)]
Merge pull request #2200 from cmouse/add-newline-carbon-error
Add newline to carbon error message on recursor
Peter van Dijk [Mon, 9 Feb 2015 09:44:35 +0000 (10:44 +0100)]
Merge pull request #2201 from zeha/api-improvements
Zone API improvements
Peter van Dijk [Mon, 9 Feb 2015 09:44:23 +0000 (10:44 +0100)]
Merge pull request #2202 from zeha/docs
Documentation improvements
Peter van Dijk [Mon, 9 Feb 2015 09:43:59 +0000 (10:43 +0100)]
Merge pull request #2205 from zeha/api-account2
API: move shared DomainInfo reader into it's own function
Peter van Dijk [Mon, 9 Feb 2015 09:27:23 +0000 (10:27 +0100)]
Merge pull request #2208 from zeha/init-exec_prefix
Readd exec_prefix to pdns.init.in
Ruben Kerkhof [Fri, 6 Feb 2015 13:05:25 +0000 (14:05 +0100)]
fix building with GCC 5
Fix the following failure:
checking for Boost headers version >= 1.35.0... yes
checking for Boost's header version...
configure: error: invalid value: boost_major_version=
by updating boost.m4 to upstream commit
af50806d657
from https://github.com/tsuna/boost.m4
Fixes #2198
Peter van Dijk [Mon, 9 Feb 2015 08:18:55 +0000 (09:18 +0100)]
Merge pull request #2207 from zeha/api-account3
Fix goraclebackend after 2203 plus undo useless change
Christian Hofstaedtler [Sun, 8 Feb 2015 20:50:20 +0000 (21:50 +0100)]
Readd exec_prefix to pdns.init.in
automake doesn't completely expand variables like @bindir@, so we need
to keep ${exec_prefix} in there.
Christian Hofstaedtler [Sun, 8 Feb 2015 19:11:21 +0000 (20:11 +0100)]
insert-zone-query: Undo addition of account field
We don't actually need this, and we didn't bind any value to
:account.
Christian Hofstaedtler [Sun, 8 Feb 2015 19:09:26 +0000 (20:09 +0100)]
Add account changes to goraclebackend
Christian Hofstaedtler [Sun, 8 Feb 2015 12:36:24 +0000 (13:36 +0100)]
API: move shared DomainInfo reader into it's own function
And test that listing zones also returns account now.
bert hubert [Sun, 8 Feb 2015 08:54:38 +0000 (09:54 +0100)]
Merge pull request #2203 from zeha/api-account
API: expose domains.account
Aki Tuomi [Sat, 7 Feb 2015 20:03:13 +0000 (22:03 +0200)]
Add newline to carbon error message on auth
Christian Hofstaedtler [Sat, 7 Feb 2015 14:20:42 +0000 (15:20 +0100)]
API: allow writing to domains.account field
Christian Hofstaedtler [Sat, 7 Feb 2015 14:01:26 +0000 (15:01 +0100)]
API: read and expose domain account field
Christian Hofstaedtler [Sat, 7 Feb 2015 13:32:17 +0000 (14:32 +0100)]
docs: Remove remains of gsqlite(2)
It has been removed in 2012.
Christian Hofstaedtler [Sat, 7 Feb 2015 13:27:15 +0000 (14:27 +0100)]
docs: Improve third party names
LUA -> Lua
PostGreSQL -> PostgreSQL
PgSQL -> PostgreSQL
Fixes #2131.
Christian Hofstaedtler [Sat, 7 Feb 2015 12:58:08 +0000 (13:58 +0100)]
API: be more strict when parsing record contents
Fixes #2113.
Christian Hofstaedtler [Sat, 7 Feb 2015 12:38:33 +0000 (13:38 +0100)]
API: Reject unknown types (TYPE0)
Fixes #2130.
Aki Tuomi [Sat, 7 Feb 2015 11:40:49 +0000 (13:40 +0200)]
Add newline to carbon error message on recursor
Peter van Dijk [Fri, 6 Feb 2015 15:24:32 +0000 (10:24 -0500)]
add getregisteredname() function for recursor Lua scripts
bert hubert [Fri, 6 Feb 2015 08:10:35 +0000 (09:10 +0100)]
turn off root-nx-trust by default, cleanups
bert hubert [Thu, 5 Feb 2015 18:53:54 +0000 (19:53 +0100)]
trust root nxdomains
bert hubert [Thu, 5 Feb 2015 12:24:52 +0000 (13:24 +0100)]
throw AAAA records in the mix for resolution if we have them lying around, even if we already got a working A record
bert hubert [Wed, 4 Feb 2015 12:23:48 +0000 (13:23 +0100)]
dates. they matter.
bert hubert [Wed, 4 Feb 2015 12:03:05 +0000 (13:03 +0100)]
clarify booleans in our documentation, plus serve-rfc1918 correction.
bert hubert [Wed, 4 Feb 2015 11:04:21 +0000 (12:04 +0100)]
secpoll security status for 3.7.0-rc2
Ruben Kerkhof [Wed, 4 Feb 2015 09:56:55 +0000 (10:56 +0100)]
Copy the binaries during install, don't move them
bert hubert [Wed, 4 Feb 2015 09:48:01 +0000 (10:48 +0100)]
rc2 release notes
Ruben Kerkhof [Wed, 4 Feb 2015 09:47:51 +0000 (10:47 +0100)]
Fail when compiling epollmplexer fails
bert hubert [Wed, 4 Feb 2015 08:55:13 +0000 (09:55 +0100)]
fix up the wrong size of the 'remotes' ringbuffer with pdns-distributes-queries, fix up finally the wrong sizing of caches in case of pdns-distributes-queries and slightly adjust the number of available filedescriptors based on reality. Thanks AJ ;-)
bert hubert [Tue, 3 Feb 2015 22:05:18 +0000 (23:05 +0100)]
secpoll zone soa update
bert hubert [Tue, 3 Feb 2015 22:04:46 +0000 (23:04 +0100)]
scoped_array/scoped_ptr mistake, found by rubenk's address sanitizer check run
bert hubert [Tue, 3 Feb 2015 20:19:23 +0000 (21:19 +0100)]
Merge pull request #2175 from cmouse/set-ulimit-before-setuid
Try to raise open files before dropping privileges
Ruben Kerkhof [Tue, 3 Feb 2015 19:26:33 +0000 (20:26 +0100)]
Start pdns-recursor before nss-lookup.target
Aki Tuomi [Tue, 3 Feb 2015 19:08:31 +0000 (21:08 +0200)]
Try to raise open files before dropping privileges
bert hubert [Tue, 3 Feb 2015 09:40:16 +0000 (10:40 +0100)]
Merge branch 'master' of github.com:PowerDNS/pdns
bert hubert [Tue, 3 Feb 2015 09:39:40 +0000 (10:39 +0100)]
clear up local socket in rec_control in case recursor is down, close #2061
Peter van Dijk [Tue, 3 Feb 2015 09:21:12 +0000 (10:21 +0100)]
finalize auth 3.4.2 docs