]>
granicus.if.org Git - pdns/log
Kees Monshouwer [Tue, 27 Jan 2015 08:56:53 +0000 (09:56 +0100)]
json-api: remove priority from json
Kees Monshouwer [Sun, 17 Aug 2014 18:20:03 +0000 (20:20 +0200)]
remove priority from api tests
(cherry picked from commit
05cf6a71fc0434a307149163db6e99c1fc9e37e9 )
Peter van Dijk [Mon, 26 Jan 2015 20:39:34 +0000 (21:39 +0100)]
Merge pull request #2139 from zeha/replace-jsonstat-3.4.x
JSON API: provide flush-cache, notify, axfr-receive
Christian Hofstaedtler [Sun, 25 Jan 2015 21:16:08 +0000 (22:16 +0100)]
JSON API: provide flush-cache, notify, axfr-receive
pdnscontrol used to send pdns/rec-control commands for those through
the jsonstat command tunnel, but jsonstat (on Auth at least) doesn't
do X-API-Key, so that functionality was broken.
Also removes jsonstat from Auth completely.
Cherry-pick conflicts:
pdns/ws-recursor.cc (kept jsonstat as is)
Peter van Dijk [Mon, 26 Jan 2015 14:21:30 +0000 (15:21 +0100)]
Merge pull request #2111 from mind04/label-3.4.2
check label and name length in xfrLabel()
Peter van Dijk [Fri, 23 Jan 2015 14:43:59 +0000 (15:43 +0100)]
Merge pull request #2114 from rubenk/make-executables-position-independent-for-3.4.2
Don't create PIE executables for semistatic builds
Ruben Kerkhof [Tue, 6 Jan 2015 14:50:11 +0000 (15:50 +0100)]
Don't create PIE executables for semistatic builds
Otherwise this happens:
/bin/bash ../libtool --tag=CXX --mode=link /var/lib/jenkins/jobs/auth-git-semistatic-rpm-amd64/workspace/pdns-git-
20150106 -5355-
20d9693 /build-scripts/semistaticg++ -DSYSCONFDIR=\"/etc/powerdns\" -DPKGLIBDIR=\"/usr/lib/pdns\" -DLOCALSTATEDIR=\"/var/run\" -fPIE -DPIE -D_FORTIFY_SOURCE=2 --param ssp-buffer-size=4 -fstack-protector -Wall -g -O2 -pthread -pie -Wl,-z -Wl,relro -Wl,-z -Wl,now -L/opt/postgresql/lib -Wl,-rpath,/opt/postgresql/lib -lpq -all-static -o pdns_control arguments.o dynloader.o dynmessenger.o logger.o misc.o qtype.o statbag.o unix_utility.o -lcrypt
libtool: link: /var/lib/jenkins/jobs/auth-git-semistatic-rpm-amd64/workspace/pdns-git-
20150106 -5355-
20d9693 /build-scripts/semistaticg++ -DSYSCONFDIR=\"/etc/powerdns\" -DPKGLIBDIR=\"/usr/lib/pdns\" -DLOCALSTATEDIR=\"/var/run\" -fPIE -DPIE -D_FORTIFY_SOURCE=2 --param ssp-buffer-size=4 -fstack-protector -Wall -g -O2 -pthread -pie -Wl,-z -Wl,relro -Wl,-z -Wl,now -Wl,-rpath -Wl,/opt/postgresql/lib -static -o pdns_control arguments.o dynloader.o dynmessenger.o logger.o misc.o qtype.o statbag.o unix_utility.o -L/opt/postgresql/lib -lpq -lcrypt -pthread
/usr/bin/ld: /usr/lib/gcc/x86_64-linux-gnu/4.7/libstdc++.a(compatibility.o): relocation R_X86_64_32 against `_ZTIN10__cxxabiv115__forced_unwindE' can not be used when making a shared object; recompile with -fPIC
/usr/lib/gcc/x86_64-linux-gnu/4.7/libstdc++.a: could not read symbols: Bad value
collect2: error: ld returned 1 exit status
(cherry picked from commit
62e6530a76a2accd997a287172e087ed46d03cf8 )
Conflicts:
configure.ac
Peter van Dijk [Fri, 23 Jan 2015 13:53:58 +0000 (14:53 +0100)]
Merge pull request #2106 from rubenk/make-executables-position-independent-for-3.4.2
Make executables position independent for 3.4.2
Peter van Dijk [Thu, 22 Jan 2015 15:37:31 +0000 (16:37 +0100)]
Merge pull request #2108 from cmouse/yahttp-for-3.4.2
Upgrade to 0.1.5
Kees Monshouwer [Wed, 21 Jan 2015 10:26:45 +0000 (11:26 +0100)]
tests for label and name length check in xfrLabel()
Kees Monshouwer [Wed, 21 Jan 2015 10:26:33 +0000 (11:26 +0100)]
check label and name length in xfrLabel()
Peter van Dijk [Thu, 22 Jan 2015 14:01:52 +0000 (15:01 +0100)]
Merge pull request #2107 from rubenk/remotebackend-fixes-for-3.4.2
Remotebackend fixes for 3.4.2
Aki Tuomi [Wed, 21 Jan 2015 11:18:39 +0000 (13:18 +0200)]
Update to v0.1.5
Aki Tuomi [Wed, 5 Nov 2014 10:05:29 +0000 (12:05 +0200)]
Allow changing the Sockaddr in ComboAddress
(cherry picked from commit
a7360cd9e1daeb99e0d0632b807e90fc34bedb65 )
Aki Tuomi [Thu, 15 Jan 2015 06:40:24 +0000 (08:40 +0200)]
Properly handle read errors (EOF and errors)
(cherry picked from commit
974427fd0afc3bf858f7b0a38f626bc3fd17ae61 )
Aki Tuomi [Wed, 14 Jan 2015 09:57:45 +0000 (11:57 +0200)]
Use NetworkError, remove redundant code
(cherry picked from commit
7731f6fff580fb5b2ac4863bb3ffb20112f5dbe8 )
Aki Tuomi [Tue, 13 Jan 2015 10:30:11 +0000 (12:30 +0200)]
Check timeout since it seems that readWithTimeout not always works
(cherry picked from commit
24f62b51e277f996c5cbdcbff820580b7a424a68 )
Aki Tuomi [Wed, 5 Nov 2014 10:05:45 +0000 (12:05 +0200)]
Reuse existing connection when possible
(cherry picked from commit
660dd268f667ea6ef7452a33fd0631cc687255a6 )
Aki Tuomi [Sat, 1 Nov 2014 08:56:34 +0000 (10:56 +0200)]
Reconnect on read error, also fix whitespace
(cherry picked from commit
74d13635b99021efbccf8056ff1e56a9f03b7fe1 )
Aki Tuomi [Tue, 22 Jul 2014 19:59:10 +0000 (22:59 +0300)]
Use zeromq library C API, based on work by @wtfuzz and @hexwave. Fixes #1760.
(cherry picked from commit
49e4360a664e68a62eda2101e9e6af9b18d6005f )
Conflicts:
.travis.yml
Aki Tuomi [Tue, 14 Oct 2014 17:27:45 +0000 (20:27 +0300)]
Use correct syntax for escapes
(cherry picked from commit
a7424ff6089109e4f0089c212e733c4e30c25098 )
Ruben Kerkhof [Sun, 5 Oct 2014 15:34:12 +0000 (17:34 +0200)]
Add json to the Gem bundle
This fixes the unit tests on Fedora Rawhide
unittest_pipe.rb:5:in `require': cannot load such file -- json
(LoadError)
(cherry picked from commit
fd78ac1a5120ba12507d75658d3f6f761aecf9a3 )
Peter van Dijk [Tue, 20 Jan 2015 19:10:17 +0000 (20:10 +0100)]
oops
Peter van Dijk [Tue, 20 Jan 2015 15:51:51 +0000 (16:51 +0100)]
move manpages to section 1
Ruben Kerkhof [Tue, 13 Jan 2015 12:31:01 +0000 (13:31 +0100)]
Append to PKG_CONFIG only after calling PKG_PROG_PKG_CONFIG
Otherwise PKG_CONFIG is not set yet.
(cherry picked from commit
27fe16bdc147c7010d40d4aed53143edd3fc9de2 )
Ruben Kerkhof [Tue, 13 Jan 2015 12:09:49 +0000 (13:09 +0100)]
Override PKG_CONFIG sooner
We need to override PKG_CONFIG before any calls to PKG_PROG_PKG_CONFIG
(cherry picked from commit
a49b335616721afc4b3ff250c2dad8bb8a0bac10 )
Conflicts:
configure.ac
Ruben Kerkhof [Fri, 2 Jan 2015 18:28:14 +0000 (19:28 +0100)]
Make executables position-independent
Pass -pie to the linker
before:
ruben@yourmomma: pdns (master %=)$ checksec --file pdns/pdns_server
RELRO STACK CANARY NX PIE RPATH RUNPATH FILE
Full RELRO Canary found NX enabled No PIE No RPATH No RUNPATH pdns/pdns_server
ruben@yourmomma: pdns (master %=)$ checksec --file pdns/pdns_control
RELRO STACK CANARY NX PIE RPATH RUNPATH FILE
Full RELRO Canary found NX enabled No PIE No RPATH No RUNPATH pdns/pdns_control
after:
ruben@yourmomma: pdns (master *%=)$ checksec --file pdns/pdns_control
RELRO STACK CANARY NX PIE RPATH RUNPATH FILE
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH pdns/pdns_control
ruben@yourmomma: pdns (master *%=)$ checksec --file pdns/pdns_server
RELRO STACK CANARY NX PIE RPATH RUNPATH FILE
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH pdns/pdns_server
(cherry picked from commit
c116f5d4a4e0d7a0cc22844cbd2a3cf267fb1a8e )
Conflicts:
configure.ac
Peter van Dijk [Mon, 19 Jan 2015 13:06:38 +0000 (14:06 +0100)]
adjust specfile manpath
Peter van Dijk [Mon, 19 Jan 2015 12:12:36 +0000 (13:12 +0100)]
Merge pull request #2054 from mind04/auth-3.4.2-1
Auth 3.4.2 1
Aki Tuomi [Tue, 13 Jan 2015 10:15:01 +0000 (12:15 +0200)]
Report correct chosen lua
Kees Monshouwer [Mon, 19 Jan 2015 09:18:53 +0000 (10:18 +0100)]
use luaL_checkinteger for Lua 5.3
Kees Monshouwer [Mon, 19 Jan 2015 08:42:34 +0000 (09:42 +0100)]
Lua 5.3 in recursor testbuild spec
Kees Monshouwer [Tue, 13 Jan 2015 12:12:54 +0000 (13:12 +0100)]
auth: limit long version strings to 63 characters and catch exceptions in secpoll
Kees Monshouwer [Mon, 5 Jan 2015 10:26:08 +0000 (11:26 +0100)]
support single-type ZSK signing
Kees Monshouwer [Tue, 30 Dec 2014 11:30:11 +0000 (12:30 +0100)]
pdns_control make it posible to notify all zones at once
Kees Monshouwer [Tue, 6 Jan 2015 21:46:23 +0000 (22:46 +0100)]
pdnssec: fix ttl ceck for RRSIG records
Peter van Dijk [Tue, 6 Jan 2015 09:53:22 +0000 (10:53 +0100)]
Merge pull request #1977 from mind04/auth-3.4.2
Auth 3.4.2
Kees Monshouwer [Wed, 31 Dec 2014 23:57:08 +0000 (00:57 +0100)]
happy new year :)
Kees Monshouwer [Sat, 8 Nov 2014 13:08:25 +0000 (14:08 +0100)]
better key for packetcache
bert hubert [Thu, 11 Dec 2014 20:40:20 +0000 (21:40 +0100)]
fix up latency reporting for sub-millisecond latencies (would clip to 0)
bert hubert [Thu, 11 Dec 2014 14:11:45 +0000 (15:11 +0100)]
make sure we don't throw an exception on "pdns_control show" of an unknown variable
bert hubert [Thu, 11 Dec 2014 12:57:35 +0000 (13:57 +0100)]
fix startup race condition with carbon thread already trying to broadcast uninitialized data
bert hubert [Thu, 11 Dec 2014 11:18:13 +0000 (12:18 +0100)]
add 'bench-db' to do very simple database backend performance benchmark
bert hubert [Thu, 11 Dec 2014 08:41:58 +0000 (09:41 +0100)]
make qsize-q more robust
bert hubert [Wed, 10 Dec 2014 15:43:26 +0000 (16:43 +0100)]
add signatures metric to auth, so we can plot signatures/second
bert hubert [Wed, 10 Dec 2014 14:41:23 +0000 (15:41 +0100)]
don't do time(0) under signature cache lock
bert hubert [Wed, 10 Dec 2014 10:11:22 +0000 (11:11 +0100)]
mind04 discovered we count corrupt packets and EAGAIN situations as validly received packets, skewing the udp questions/answers graphs on auth.
bert hubert [Wed, 10 Dec 2014 08:24:28 +0000 (09:24 +0100)]
make latency & qsize reporting 'live'. Plus fix that we only reported the qsize of the first distributor.
bert hubert [Tue, 9 Dec 2014 20:42:04 +0000 (21:42 +0100)]
fix up statbag for carbon protocol and function pointers
bert hubert [Tue, 9 Dec 2014 20:34:50 +0000 (21:34 +0100)]
enable callback based metrics to statbas, and add 5 such metrics: uptime, sys-msec, user-msec, key-cache-size, meta-cache-size, signature-cache-size
bert hubert [Sun, 7 Dec 2014 21:40:40 +0000 (22:40 +0100)]
fix up our packet cache unit tests plus add bunch more tests
bert hubert [Sun, 7 Dec 2014 21:11:24 +0000 (22:11 +0100)]
add a bunch of packet based regression tests to the packetcache
bert hubert [Sun, 7 Dec 2014 20:30:22 +0000 (21:30 +0100)]
make sure we lock the cache shards while we clean them, closing #1910. Plus add regression test that pretty reliably
detects us not locking.
bert hubert [Fri, 5 Dec 2014 11:08:52 +0000 (12:08 +0100)]
add unit tests for new sharded packet cache
bert hubert [Fri, 5 Dec 2014 11:04:01 +0000 (12:04 +0100)]
speed up the testbag test a bit (by doing smaller tests)
bert hubert [Thu, 4 Sep 2014 13:18:19 +0000 (15:18 +0200)]
split up the packet & query cache into 1024 shards so our locks no longer collide
Conflicts:
pdns/packetcache.cc
bert hubert [Sat, 29 Nov 2014 07:55:21 +0000 (08:55 +0100)]
disabling test if test environment does not define things we need to know..
bert hubert [Sat, 29 Nov 2014 07:34:25 +0000 (08:34 +0100)]
this should fix our unit tests
bert hubert [Fri, 28 Nov 2014 22:42:53 +0000 (23:42 +0100)]
a 32 bit regression test failure we don't understand..
bert hubert [Fri, 28 Nov 2014 21:29:13 +0000 (22:29 +0100)]
actually writing some unit tests for the new 64 bit capable AtomicCounter found a pile of bugs!
bert hubert [Fri, 28 Nov 2014 15:14:18 +0000 (16:14 +0100)]
Our "StatBag" statistics class was 1) 32 bit 2) heavily locked 3) still allowed for lock-free operations for high speed counters.
This commit 1) makes the StatBag 64 bit on 64 bit systems, 2) removes all locks and 3) has gone AtomicCounter 'native'
The upshot of this is that 64 bit users will suddenly get 64 bit counters. A second upshot is that multicore systems should now see consistent statistics again.
One important thing that changed is that the StatBag class used to be completely thread safe, and now it no longer is. You can't declare new counters while the StatBag is in use. This should not be happening, but you never know.
Finally, there is now a StatBag unit test.
bert hubert [Fri, 28 Nov 2014 14:17:16 +0000 (15:17 +0100)]
make our AtomicCounter 64 bit on 64 bit machines
bert hubert [Tue, 16 Dec 2014 11:52:22 +0000 (12:52 +0100)]
silence timeout error from webserver
bert hubert [Sat, 6 Dec 2014 19:34:01 +0000 (20:34 +0100)]
Potential fix for #1907, we now try to trigger libgcc_s.so.1 to load before we chroot. I can't reproduce the bug on my local system,
but this "should" help. Seriously.
Kees Monshouwer [Mon, 22 Dec 2014 18:51:20 +0000 (19:51 +0100)]
get priority from table in Lua axfrfilter
fixes #1857
bert hubert [Sat, 13 Dec 2014 14:43:12 +0000 (15:43 +0100)]
with thanks to Jack Lloyd, this works around the default Botan allocator slowing down for us during production use.
Kees Monshouwer [Sun, 14 Dec 2014 23:07:35 +0000 (00:07 +0100)]
oraclebackend: fix records pointing at root
Kees Monshouwer [Wed, 10 Dec 2014 20:50:46 +0000 (21:50 +0100)]
lmdbbackend: fix types pointing at root
Kees Monshouwer [Mon, 22 Dec 2014 16:57:05 +0000 (17:57 +0100)]
mydnsbackend: fix types pointing at root
Kees Monshouwer [Wed, 10 Dec 2014 13:35:56 +0000 (14:35 +0100)]
no fancy-records in tinydns generate-data.sh
Kees Monshouwer [Wed, 10 Dec 2014 12:29:33 +0000 (13:29 +0100)]
test NS and CNAME pointing at the root
Kees Monshouwer [Wed, 10 Dec 2014 11:27:08 +0000 (12:27 +0100)]
root MX test
bert hubert [Wed, 10 Dec 2014 11:11:26 +0000 (12:11 +0100)]
remove additional layer of trailing . stripping, which broke MX records to the root in the BIND backend. Should close #1243.
Kees Monshouwer [Sat, 13 Dec 2014 23:59:59 +0000 (00:59 +0100)]
update polarssl to 1.3.9
Ruben Kerkhof [Mon, 13 Oct 2014 17:56:52 +0000 (19:56 +0200)]
Polarssl: disable padlock
Kees Monshouwer [Mon, 13 Oct 2014 14:24:34 +0000 (16:24 +0200)]
cleanup polar update
Ruben Kerkhof [Sat, 11 Oct 2014 12:25:13 +0000 (14:25 +0200)]
Disable aesni for now
Ruben Kerkhof [Sat, 11 Oct 2014 12:24:13 +0000 (14:24 +0200)]
Upgrade to polarssl 1.3.8
Upstream commit
1910aa78a367
Ruben Kerkhof [Sat, 11 Oct 2014 11:16:27 +0000 (13:16 +0200)]
Rename polarssl-1.3.2 to polarssl
Makes upgrading in the future much easier
since we don't hardcode the version number everywhere.
Christian Hofstaedtler [Mon, 24 Nov 2014 13:40:31 +0000 (14:40 +0100)]
secpoll: Replace ~ with _, too
Debian backports versions use '~' in the version number.
Kees Monshouwer [Tue, 25 Nov 2014 15:15:01 +0000 (16:15 +0100)]
only zones with an active ksk are secure
Kees Monshouwer [Tue, 25 Nov 2014 15:11:27 +0000 (16:11 +0100)]
api: show keys for zones without active ksk
Kees Monshouwer [Tue, 25 Nov 2014 15:09:26 +0000 (16:09 +0100)]
api: use uncached results for getKeys()
Kees Monshouwer [Sat, 1 Nov 2014 22:15:04 +0000 (23:15 +0100)]
read ALLOW-AXFR-FROM from the backend with the metadata
Peter van Dijk [Tue, 28 Oct 2014 15:12:37 +0000 (16:12 +0100)]
Merge pull request #1847 from mind04/ldns2
update test output for verify-zone version 1.6.17
Kees Monshouwer [Sun, 26 Oct 2014 19:47:35 +0000 (20:47 +0100)]
update test output for verify-zone version 1.6.17
bert hubert [Thu, 23 Oct 2014 17:28:36 +0000 (19:28 +0200)]
make very sure we don't keel over if something goes wrong polling security status in auth
Peter van Dijk [Tue, 28 Oct 2014 10:37:40 +0000 (10:37 +0000)]
update pdns.conf-dist
bert hubert [Tue, 28 Oct 2014 09:45:12 +0000 (10:45 +0100)]
actually hook up the security polling
bert hubert [Tue, 28 Oct 2014 09:37:41 +0000 (10:37 +0100)]
add secpoll to auth compilation & linking
Christian Hofstaedtler [Mon, 6 Oct 2014 21:51:01 +0000 (23:51 +0200)]
API: Replace HTTP Basic auth with static key in custom header
Given that the key is sent in a custom header, this should prevent
any possible CSRF attacks.
Fixes #1769.
Aki Tuomi [Tue, 14 Oct 2014 07:27:06 +0000 (10:27 +0300)]
Use transaction when updating serial
Aki Tuomi [Tue, 14 Oct 2014 06:42:33 +0000 (09:42 +0300)]
Fix ordername for SOA record after update
Peter van Dijk [Tue, 21 Oct 2014 11:28:20 +0000 (11:28 +0000)]
honor SOA-EDIT while considering "empty IXFR" fallback, fixes #1835
Peter van Dijk [Tue, 30 Sep 2014 07:27:46 +0000 (09:27 +0200)]
Merge pull request #1752 from mind04/dynamic
dynamic modules regression tests
Peter van Dijk [Tue, 30 Sep 2014 07:17:24 +0000 (09:17 +0200)]
expand thanks
Peter van Dijk [Tue, 30 Sep 2014 07:12:54 +0000 (09:12 +0200)]
preliminary(?) auth 3.4.0-final changelog
Peter van Dijk [Fri, 26 Sep 2014 14:29:39 +0000 (14:29 +0000)]
Make sure geoipbackend pulls in the yaml and geoip libs when loaded dynamically.
Kees Monshouwer [Mon, 29 Sep 2014 20:22:01 +0000 (22:22 +0200)]
dynamic modules regression tests
Peter van Dijk [Tue, 30 Sep 2014 06:19:05 +0000 (08:19 +0200)]
Merge pull request #1751 from rubenk/fix-person-blurb-warning
Fix warning while building dnsdist.1