]> granicus.if.org Git - pdns/log
pdns
6 years agoinstall lua-posix
Peter van Dijk [Thu, 4 Jan 2018 14:13:01 +0000 (15:13 +0100)]
install lua-posix

7 years agoMerge pull request #6082 from rgacogne/rec40-skip-cache-not-in rec-4.0.8
aerique [Mon, 11 Dec 2017 10:13:50 +0000 (11:13 +0100)]
Merge pull request #6082 from rgacogne/rec40-skip-cache-not-in

rec: Don't add non-IN records to the cache

7 years agorec: Don't process records for another class than IN
Remi Gacogne [Wed, 29 Nov 2017 14:26:12 +0000 (15:26 +0100)]
rec: Don't process records for another class than IN

7 years agorec: Use getRR<T>() instead of directly using a dynamic cast
Remi Gacogne [Wed, 29 Nov 2017 14:20:02 +0000 (15:20 +0100)]
rec: Use getRR<T>() instead of directly using a dynamic cast

7 years agoMerge pull request #6014 from aerique/backport/5930-secpoll-order-agnostic
Peter van Dijk [Thu, 30 Nov 2017 16:08:21 +0000 (17:08 +0100)]
Merge pull request #6014 from aerique/backport/5930-secpoll-order-agnostic

Backport #5930: secpoll order agnostic

7 years agocatch all exceptions coming from secpoll, this was a regression of this PR
bert hubert [Wed, 8 Nov 2017 14:57:05 +0000 (15:57 +0100)]
catch all exceptions coming from secpoll, this was a regression of this PR

(cherry picked from commit 47e9b74f9ee097b9bdc029c21c9edfb2f7532102)

7 years agoin the recursor secpoll code, we ASSumed the TXT record would be the first record...
bert hubert [Wed, 8 Nov 2017 14:33:45 +0000 (15:33 +0100)]
in the recursor secpoll code, we ASSumed the TXT record would be the first record we received. Sometimes it was the RRSIG, leading to a silent error, and no secpoll check. Fixed the assumption, added an error.

(cherry picked from commit 581d4ea357effe5b7d61da8cd46cec6ed9cb132e)

7 years agoMerge pull request #5995 from rgacogne/rec-4.0.x-201711 rec-4.0.7
aerique [Mon, 27 Nov 2017 08:38:53 +0000 (09:38 +0100)]
Merge pull request #5995 from rgacogne/rec-4.0.x-201711

rec-4.0.x: Backports for 4.0.7

7 years agoFix a memory leak when loading an RSA key with an invalid modulus
Remi Gacogne [Wed, 11 Oct 2017 13:28:04 +0000 (15:28 +0200)]
Fix a memory leak when loading an RSA key with an invalid modulus

(cherry picked from commit 5917fffa4864cb3256a40aa03f63d69513e379f3)

7 years agoDon't leak when the loading a public ECDSA key fails
Remi Gacogne [Thu, 13 Jul 2017 14:22:30 +0000 (16:22 +0200)]
Don't leak when the loading a public ECDSA key fails

(cherry picked from commit 5a23b49d6faf7d0d844be0c7bb0ec422733a131f)

7 years agorec: Sanitize values received from the API before writing them to the conf
Remi Gacogne [Mon, 17 Jul 2017 17:21:01 +0000 (19:21 +0200)]
rec: Sanitize values received from the API before writing them to the conf

(cherry picked from commit 4aabe3c257ecb6d66099b07a7f639dd825b6bd04)

7 years agorec: Fix XSS in the web interface
Remi Gacogne [Fri, 11 Aug 2017 14:51:10 +0000 (16:51 +0200)]
rec: Fix XSS in the web interface

(cherry picked from commit 2d801e832ed07dbbcbe9aa9bb6cca99c077916bf)

7 years agorec: Guard against out-of-bailiwick signatures
Remi Gacogne [Fri, 18 Aug 2017 10:32:51 +0000 (12:32 +0200)]
rec: Guard against out-of-bailiwick signatures

Similar issue to the one fixed in Knot Resolver 1.3.3:

https://gitlab.labs.nic.cz/knot/knot-resolver/commit/d7d7cae5a339ec4b0a280184af3a46d89c08bc09

7 years agoMerge pull request #5989 from Habbie/4.0.x-5955
Remi Gacogne [Sat, 25 Nov 2017 23:14:52 +0000 (00:14 +0100)]
Merge pull request #5989 from Habbie/4.0.x-5955

Backport #5955: recent Apple Xcode headers need this

7 years agoBackport #5955: recent Apple Xcode headers need this
Peter van Dijk [Tue, 14 Nov 2017 09:17:58 +0000 (10:17 +0100)]
Backport #5955: recent Apple Xcode headers need this

reference: https://github.com/arvidn/libtorrent/issues/2364#issuecomment-336175406
(cherry picked from commit e201675a3aa63712f8d08c27f2cedc10873b8f4c)

7 years agoMerge pull request #5952 from rgacogne/rec407-backports
aerique [Thu, 23 Nov 2017 11:23:29 +0000 (12:23 +0100)]
Merge pull request #5952 from rgacogne/rec407-backports

Recursor 4.0.7 backports

7 years agoBackport #5498
Remi Gacogne [Tue, 21 Nov 2017 10:41:46 +0000 (11:41 +0100)]
Backport #5498

7 years agoBackport #5961
Remi Gacogne [Tue, 21 Nov 2017 10:41:11 +0000 (11:41 +0100)]
Backport #5961

7 years agoEdit configname to include the 'config-name' argument
Jake Reynolds [Wed, 15 Nov 2017 14:59:43 +0000 (14:59 +0000)]
Edit configname to include the 'config-name' argument

(cherry picked from commit 3e63da83fde2d98ed0739578f7171aa4e70a6f32)

7 years agoreplace depricated botan.h include
Kees Monshouwer [Wed, 25 Oct 2017 23:06:54 +0000 (01:06 +0200)]
replace depricated botan.h include

(cherry picked from commit 00f1924bb1900e8c6eab1bd0fe03ff21d41f38eb)

7 years agodrop botan 1.x support
Kees Monshouwer [Wed, 25 Oct 2017 20:43:35 +0000 (22:43 +0200)]
drop botan 1.x support

(cherry picked from commit e11963ce69059d1fa47e92927ed48bd744b95348)

7 years agotravis: Build the rec with Botan and libsodium
Remi Gacogne [Wed, 5 Jul 2017 10:02:17 +0000 (12:02 +0200)]
travis: Build the rec with Botan and libsodium

(cherry picked from commit 18a93d3812bfbf2e2dbc9b6353e3619d626283fd)

7 years agoAdd support for Botan 2.x
Remi Gacogne [Tue, 4 Jul 2017 19:59:00 +0000 (21:59 +0200)]
Add support for Botan 2.x

Initial testing indicates that both 2.0.1 and 2.1.0 work fine,
but signature is 10 times slower with 2.1.0, apparently due to
blinding (callgrind reports a lot of CPU spent in the `RNG`).

(cherry picked from commit 13f34f2e0ccff514cbd5f9ec076c220473da347a)

7 years agoBackport #5921
Remi Gacogne [Mon, 13 Nov 2017 17:06:04 +0000 (18:06 +0100)]
Backport #5921

7 years agoBackport #5762
Remi Gacogne [Mon, 13 Nov 2017 17:05:57 +0000 (18:05 +0100)]
Backport #5762

7 years agoBackport #5739
Remi Gacogne [Mon, 13 Nov 2017 17:05:53 +0000 (18:05 +0100)]
Backport #5739

7 years agoBackport #5599
Remi Gacogne [Mon, 13 Nov 2017 17:05:44 +0000 (18:05 +0100)]
Backport #5599

7 years agoBackport #5598
Remi Gacogne [Mon, 13 Nov 2017 17:05:40 +0000 (18:05 +0100)]
Backport #5598

7 years agoBackport #5525
Remi Gacogne [Mon, 13 Nov 2017 17:05:34 +0000 (18:05 +0100)]
Backport #5525

7 years agoBackport #5523
Remi Gacogne [Mon, 13 Nov 2017 17:05:30 +0000 (18:05 +0100)]
Backport #5523

7 years agoBackport #5488
Remi Gacogne [Mon, 13 Nov 2017 17:05:25 +0000 (18:05 +0100)]
Backport #5488

7 years agoBackport #5406
Remi Gacogne [Mon, 13 Nov 2017 17:05:21 +0000 (18:05 +0100)]
Backport #5406

7 years agoBackport #5320
Remi Gacogne [Mon, 13 Nov 2017 17:05:16 +0000 (18:05 +0100)]
Backport #5320

7 years agoBackport #5261
Remi Gacogne [Mon, 13 Nov 2017 17:05:12 +0000 (18:05 +0100)]
Backport #5261

7 years agoBackport #5078
Remi Gacogne [Mon, 13 Nov 2017 17:05:08 +0000 (18:05 +0100)]
Backport #5078

7 years agoBackport #4960
Remi Gacogne [Mon, 13 Nov 2017 17:05:03 +0000 (18:05 +0100)]
Backport #4960

7 years agoBackport #4824
Remi Gacogne [Mon, 13 Nov 2017 17:04:59 +0000 (18:04 +0100)]
Backport #4824

7 years agoBackport #4646
Remi Gacogne [Mon, 13 Nov 2017 17:04:55 +0000 (18:04 +0100)]
Backport #4646

7 years agoBackport #4561
Remi Gacogne [Mon, 13 Nov 2017 17:04:47 +0000 (18:04 +0100)]
Backport #4561

7 years agorec: Fix validation at the exact RRSIG inception or expiration time
Remi Gacogne [Mon, 17 Jul 2017 08:29:45 +0000 (10:29 +0200)]
rec: Fix validation at the exact RRSIG inception or expiration time

Reported by Petr Špaček of cz.nic (thanks!).

(cherry picked from commit 179b340d522e36a65e799b048dcdae85c0237fdc)

7 years agorec: Don't retry security polling too often when it fails
Remi Gacogne [Tue, 7 Nov 2017 10:40:30 +0000 (11:40 +0100)]
rec: Don't retry security polling too often when it fails

(cherry picked from commit 491d5d97c907be9619910ee22646c8da911d0256)

7 years agoRec: create socket-dir from init-script
Pieter Lexis [Thu, 22 Jun 2017 09:51:08 +0000 (11:51 +0200)]
Rec: create socket-dir from init-script

Closes #5439

(cherry picked from commit a64a65ba698044926c1bdf9d9fad4a4130c82012)

7 years agorec: Remove pdns.PASS and pdns.TRUNCATE
Remi Gacogne [Wed, 27 Sep 2017 14:24:39 +0000 (16:24 +0200)]
rec: Remove pdns.PASS and pdns.TRUNCATE

Those values are not documented in a recursor context, and does not
work as expected since `pdns.PASS` resulted in an immediate `ServFail`
and `pdns.TRUNCATE` in a strange status code being sent (showing
up as `RESERVED13` in `dig`).

(cherry picked from commit 9cdfab64ac1750ac234a5b5efa4eba6cabc30257)

7 years agoFix libatomic detection on ppc64
Pieter Lexis [Fri, 11 Aug 2017 12:37:01 +0000 (14:37 +0200)]
Fix libatomic detection on ppc64

Thanks @tjikkun!

Closes #5456

(cherry picked from commit b16f46605d86a62e4f37bc1e2caab0c52fa9f75c)

7 years agoAdd help text on autodetecting systemd support
Pieter Lexis [Fri, 11 Aug 2017 11:54:21 +0000 (13:54 +0200)]
Add help text on autodetecting systemd support

Closes #5524

(cherry picked from commit 56d30a9c8a1c1754b478de79e823e015e103b5b0)

7 years agoFix typo in two log messages
Ruben Kerkhof [Fri, 14 Jul 2017 17:55:53 +0000 (19:55 +0200)]
Fix typo in two log messages

(cherry picked from commit 59d26fc8d63fd2ff924be2fa5b3bda3699081914)

7 years agorec: Only increase `no-packet-error` on the first read
Remi Gacogne [Mon, 3 Jul 2017 11:04:58 +0000 (13:04 +0200)]
rec: Only increase `no-packet-error` on the first read

We try to read as many messages as possible after being woken up,
but only the first read can count as a no-packet error.

(cherry picked from commit 390f1dab05bbbb5d9ba2782e89600ca62c4bec14)

7 years agorec: Make more specific Netmask < to less specific ones
Remi Gacogne [Wed, 14 Jun 2017 16:16:26 +0000 (18:16 +0200)]
rec: Make more specific Netmask < to less specific ones

Having the most specific ones first, then the less specific ones
then the empty one makes it easier to match the most specific first.

(cherry picked from commit a009559d3bc4d648edc3b5fff062b622bbde2389)

7 years agoTogether with Mukund Sivaraman we found out PowerDNS sdig does not truncate
bert hubert [Fri, 12 May 2017 19:25:16 +0000 (21:25 +0200)]
Together with Mukund Sivaraman we found out PowerDNS sdig does not truncate
trailing bits of EDNS Client Subnet mask.  So if you'd truncate something as
a /9, we'd have to use 2 bytes anyhow, but we would not zero the last 7 bits.

We do now. Thanks Mukund & ISC!

(cherry picked from commit d7da15c560946cadaadfc173b8964dd6b40932ed)

7 years agoget-remote-ring's "other" report should only have two items.
Patrick Cloke [Sun, 23 Apr 2017 13:11:12 +0000 (09:11 -0400)]
get-remote-ring's "other" report should only have two items.

(cherry picked from commit d6dcfe36c0d2bb5563322ec90167b5bd4e9efb6b)

7 years agoThrow an error when lua-conf-file can't be loaded
Pieter Lexis [Thu, 23 Feb 2017 10:08:16 +0000 (11:08 +0100)]
Throw an error when lua-conf-file can't be loaded

This ensures we cannot start up if the file is unreadable.
Closes #4939

(cherry picked from commit 0f5785a6c441b043564f3ba26a39145aee74b1c2)

7 years agorecursor: use explicit yes for default-enabled settings
Christian Hofstaedtler [Tue, 31 Jan 2017 11:13:47 +0000 (12:13 +0100)]
recursor: use explicit yes for default-enabled settings

(cherry picked from commit e498dac1aa762f2ace690e1e7a1631f9611096b6)

7 years agoCheck in the detected OpenSSL/libcrypto for ECDSA
Pieter Lexis [Thu, 29 Dec 2016 17:01:30 +0000 (18:01 +0100)]
Check in the detected OpenSSL/libcrypto for ECDSA

We used to 'just' use the default includes for this detection.

Fixes #4680

(cherry picked from commit 2a4c374451d50e240872cc9907b69c2d2464f2cc)

7 years agoextract nested exception from Luawrapper
Peter van Dijk [Fri, 28 Oct 2016 13:31:53 +0000 (15:31 +0200)]
extract nested exception from Luawrapper

Before:
Oct 28 15:30:34 STL error (www.foobar.com/A from 127.0.0.1): Exception thrown by a callback function called by Lua

After:
Oct 28 15:30:34 STL error (www.foobar.com/A from 127.0.0.1): Exception thrown by a callback function called by Lua. Extra info: Found . in wrong position in DNSName www.foobar.com..internal

reported by @elad, thanks!

(cherry picked from commit 068c763422b5830dc15598089f7760e79f5bdf81)

7 years agoUpdate rec_control.1.md
Winfried Angele [Wed, 12 Oct 2016 12:08:02 +0000 (14:08 +0200)]
Update rec_control.1.md

(cherry picked from commit 2c04bf0c18f5e32ff498529162e71982bd3333bf)

7 years agoMerge pull request #5843 from Habbie/b-root-4.0.x
Pieter Lexis [Wed, 25 Oct 2017 13:45:34 +0000 (15:45 +0200)]
Merge pull request #5843 from Habbie/b-root-4.0.x

b.root renumbering, effective 2017-10-24

7 years agob.root renumbering, effective 2017-10-24
Peter van Dijk [Wed, 25 Oct 2017 11:11:10 +0000 (13:11 +0200)]
b.root renumbering, effective 2017-10-24

7 years agoMerge pull request #5765 from pieterlexis/rec-40-lowercase-outgoing-all-the-things
Pieter Lexis [Mon, 16 Oct 2017 15:56:15 +0000 (17:56 +0200)]
Merge pull request #5765 from pieterlexis/rec-40-lowercase-outgoing-all-the-things

Backport #5740: Lowercase all outgoing qnames when lowercase-outgoing is set

7 years agoMerge pull request #5726 from pieterlexis/auth-406-per-cut-validation
Pieter Lexis [Mon, 16 Oct 2017 11:04:43 +0000 (13:04 +0200)]
Merge pull request #5726 from pieterlexis/auth-406-per-cut-validation

Rec 4.0.x: be more resilient with broken auths

7 years agoMerge pull request #5812 from rgacogne/rec40-travis-encrypt-channel
Remi Gacogne [Wed, 11 Oct 2017 16:11:53 +0000 (18:11 +0200)]
Merge pull request #5812 from rgacogne/rec40-travis-encrypt-channel

Backport #5802: Encrypt the IRC channel name so notifications are not sent for forks

7 years agoEncrypt the IRC channel name so notifications are not sent for forks
Remi Gacogne [Mon, 9 Oct 2017 08:46:59 +0000 (10:46 +0200)]
Encrypt the IRC channel name so notifications are not sent for forks

(cherry picked from commit f4614876f16ac3223786b26b18a4386045102f09)

7 years agoMerge pull request #5813 from rgacogne/rec40-backport-5755
Remi Gacogne [Wed, 11 Oct 2017 15:23:10 +0000 (17:23 +0200)]
Merge pull request #5813 from rgacogne/rec40-backport-5755

Backport #5755: Improve dnsbulktest experience in travis for more robustness

7 years agowe actually resolve 98% by new definition, so can affort upping threshold from 90...
bert hubert [Mon, 2 Oct 2017 07:27:03 +0000 (09:27 +0200)]
we actually resolve 98% by new definition, so can affort upping threshold from 90 to 95%.

(cherry picked from commit 9fb6940f8b1c96c735af3856976ea7a7bc92d3d8)

7 years agoImprove dnsbulktest experience in travis for more robustness
bert hubert [Fri, 29 Sep 2017 20:40:53 +0000 (22:40 +0200)]
Improve dnsbulktest experience in travis for more robustness

This commit changes our dnsbulktest source from Alexa to Cisco Umbrella, but this turned out not to be as important as we thought.
In addition, it turns out we had been installing pdns-tools incorrectly because of wrong apt-settings. We now install pdns-tools from the master repo at repo.powerdns.com
This commit also tunes pdns_recursor to use less simultaneous outbound connections during testing, which appears to make Travis NAT happier, leading to less errors.
Finally, we use new features of dnsbulktest to extract more statistics for how well we are doing. Success is now dependent on errors and timeouts, and less on NXDOMAIN.

(cherry picked from commit 8a27076c38e2d399204d41928374e1bb9c45969c)

7 years agoAllow no-EDNS fallback when DNSSEC is needed
Pieter Lexis [Tue, 12 Sep 2017 10:28:33 +0000 (12:28 +0200)]
Allow no-EDNS fallback when DNSSEC is needed

7 years agoStop DNSSEC processing at Insecure
Pieter Lexis [Tue, 12 Sep 2017 10:28:19 +0000 (12:28 +0200)]
Stop DNSSEC processing at Insecure

7 years agoLowercase all outgoing qnames when lowercase-outgoing is set
Pieter Lexis [Thu, 28 Sep 2017 11:13:13 +0000 (13:13 +0200)]
Lowercase all outgoing qnames when lowercase-outgoing is set

This is a backport of #5740

7 years agoMerge pull request #5676 from aerique/feature/update-copryright-year-rec-4.0.x
aerique [Thu, 7 Sep 2017 12:52:56 +0000 (14:52 +0200)]
Merge pull request #5676 from aerique/feature/update-copryright-year-rec-4.0.x

Update copyright year in publicly visible output and files

7 years agoUpdate copyright year in publicly visible output and files
Pieter Lexis [Thu, 16 Feb 2017 13:08:40 +0000 (14:08 +0100)]
Update copyright year in publicly visible output and files

(cherry picked from commit ff8f70b800e8b81a6d97c2d2568483d03228df2a)

7 years agoMerge pull request #5627 from rgacogne/rec40-remove-syncres-unit-tests
Remi Gacogne [Tue, 22 Aug 2017 08:41:39 +0000 (10:41 +0200)]
Merge pull request #5627 from rgacogne/rec40-remove-syncres-unit-tests

rec: Remove the SyncRes unit tests from the 4.0 branch

7 years agoMerge pull request #5629 from rgacogne/rec40-travis-build-dir
Remi Gacogne [Mon, 21 Aug 2017 08:02:57 +0000 (10:02 +0200)]
Merge pull request #5629 from rgacogne/rec40-travis-build-dir

Backport #4986: Use `${TRAVIS_BUILD_DIR}` instead of assuming the repo is in `pdns`

7 years agoUse `${TRAVIS_BUILD_DIR}` instead of assuming the repo is in `pdns`
Remi Gacogne [Wed, 8 Feb 2017 14:33:57 +0000 (15:33 +0100)]
Use `${TRAVIS_BUILD_DIR}` instead of assuming the repo is in `pdns`

Thus avoiding issues when/if the repository is cloned with a different
name.

(cherry picked from commit 1e0253cad96199647f92ef4fa8230f614637e80c)

7 years agorec: Remove the SyncRes unit tests from the 4.0 branch
Remi Gacogne [Fri, 18 Aug 2017 10:37:26 +0000 (12:37 +0200)]
rec: Remove the SyncRes unit tests from the 4.0 branch

test-syncres_cc.cc is not used and was added by mistake in a commit
backporting IXFR tests: c8f3468f102a4ab17ea1b5a9f408ce2bad3ddeab

7 years agoMerge pull request #5608 from rgacogne/rec40-cache-inttypes
Remi Gacogne [Mon, 14 Aug 2017 12:43:59 +0000 (14:43 +0200)]
Merge pull request #5608 from rgacogne/rec40-cache-inttypes

rec: Add missing cinttypes include for PRId64

7 years agorec: Add missing cinttypes include for PRId64
Remi Gacogne [Mon, 14 Aug 2017 10:37:58 +0000 (12:37 +0200)]
rec: Add missing cinttypes include for PRId64

7 years agoMerge pull request #5596 from pieterlexis/rec-dump-rrsigs-from-cache
Remi Gacogne [Mon, 14 Aug 2017 08:14:11 +0000 (10:14 +0200)]
Merge pull request #5596 from pieterlexis/rec-dump-rrsigs-from-cache

Backport #5511: Dump RRSIGs on `dump-cache`

7 years agorec: Show auth state recursor cache dump
Pieter Lexis [Mon, 17 Jul 2017 12:14:29 +0000 (14:14 +0200)]
rec: Show auth state recursor cache dump

cherry-picked from commit ea9831c08f4c54514006efc1c61990963b10080f

7 years agorec: Dump RRSIGs from record cache
Pieter Lexis [Mon, 10 Jul 2017 11:29:49 +0000 (13:29 +0200)]
rec: Dump RRSIGs from record cache

7 years agoMerge pull request #5415 from rgacogne/rec40-ecs-fixes rec-4.0.6
Peter van Dijk [Tue, 4 Jul 2017 13:09:41 +0000 (15:09 +0200)]
Merge pull request #5415 from rgacogne/rec40-ecs-fixes

rec40: Backport ECS fixes

7 years agorec: Use the incoming ECS for cache lookup if `use-incoming-edns-subnet` is set
Remi Gacogne [Wed, 14 Jun 2017 11:31:18 +0000 (13:31 +0200)]
rec: Use the incoming ECS for cache lookup if `use-incoming-edns-subnet` is set

Otherwise we insert into the cache based on the incoming ECS but
later do the lookup based on the query's source IP.

(cherry picked from commit 5736e55e0d2d8cd9a064b8377e87d08a540cb1b1)

7 years agoAdd more tests to the Netmask unit tests
Remi Gacogne [Thu, 15 Jun 2017 14:36:52 +0000 (16:36 +0200)]
Add more tests to the Netmask unit tests

Additional tests:

 * getBits()
 * isIpv4()
 * isIPv6()
 * getNetwork()
 * getMaskedNetwork()
 * check that Netmasks constructed from ComboAddresses with different
ports match

(cherry picked from commit 7f3e6acd659a9fee8ed027e7abe99ea77b3ee691)

7 years agowhen making a netmask from a comboaddress, we neglected to zero the port. This could...
bert hubert [Thu, 15 Jun 2017 01:14:01 +0000 (03:14 +0200)]
when making a netmask from a comboaddress, we neglected to zero the port. This could lead to a proliferation of netmasks.

(cherry picked from commit 0bdabe94e6fd873455d34b88f8954d8cc6034a72)

7 years agorec: Don't take the initial ECS source for a scope one if EDNS is off
Remi Gacogne [Fri, 2 Jun 2017 11:52:00 +0000 (13:52 +0200)]
rec: Don't take the initial ECS source for a scope one if EDNS is off

(cherry picked from commit fe61f5d87871b56a17612c5a8334a84391f0d962)

7 years agowith this, EDNS Client Subnet becomes compatible with the packet cache, using the...
bert hubert [Wed, 14 Jun 2017 06:35:53 +0000 (08:35 +0200)]
with this, EDNS Client Subnet becomes compatible with the packet cache, using the existing variable answer facility.

(cherry picked from commit 8bec43b3a28df7d31a4bb464dd043d7ec9caeab0)

7 years agoalso set d_requestor without Lua: the ECS logic needs it
bert hubert [Tue, 13 Jun 2017 22:41:27 +0000 (00:41 +0200)]
also set d_requestor without Lua: the ECS logic needs it

(cherry picked from commit cd00142f8ba7a70a59095249b601eb64257e146c)

7 years agoMerge pull request #5479 from rgacogne/rec40-5476-ixfr-fix
Pieter Lexis [Mon, 3 Jul 2017 08:50:04 +0000 (10:50 +0200)]
Merge pull request #5479 from rgacogne/rec40-5476-ixfr-fix

rec: Backport #5476: Fix IXFR skipping the additions part of the last sequence

7 years agoMerge pull request #5480 from rgacogne/rec40-5416-cache-expired
Pieter Lexis [Mon, 3 Jul 2017 08:49:56 +0000 (10:49 +0200)]
Merge pull request #5480 from rgacogne/rec40-5416-cache-expired

rec: Backport #5416: Move expired cache entries to the front so they are expunged

7 years agoRemove just enough entries from the cache, not one more than asked
Remi Gacogne [Tue, 20 Jun 2017 15:09:56 +0000 (17:09 +0200)]
Remove just enough entries from the cache, not one more than asked

(cherry picked from commit f3cb7c78abe3ad639d4583880ae9302b3be99a9e)

7 years agorec: Move expired cache entries to the front so they are expunged
Remi Gacogne [Thu, 15 Jun 2017 16:17:23 +0000 (18:17 +0200)]
rec: Move expired cache entries to the front so they are expunged

(cherry picked from commit 197d755ea3972251352170261a9d7024ca95175c)

7 years agorec: Add IXFR unit tests
Remi Gacogne [Thu, 29 Jun 2017 13:29:40 +0000 (15:29 +0200)]
rec: Add IXFR unit tests

(cherry picked from commit e503653f7d4c7e28b594336b37bcf602c7f5119a)

7 years agorec: Fix IXFR skipping the additions part of the last sequence
Remi Gacogne [Wed, 28 Jun 2017 16:26:33 +0000 (18:26 +0200)]
rec: Fix IXFR skipping the additions part of the last sequence

Under certain conditions, we could have skipped the additions part
of the last `IXFR` sequence, because we stopped processing records
after seeing a `SOA` record with the new serial. However, as stated
in rfc1995's "Response format" section:

"the first RR of the added RRs is the newer SOA RR"

(cherry picked from commit d67ae3b477c9cf9d2a98f0edad9977dc34a2c8bf)

7 years agoMerge pull request #5471 from pieterlexis/rec-406-b-root
bert hubert [Thu, 29 Jun 2017 18:54:58 +0000 (20:54 +0200)]
Merge pull request #5471 from pieterlexis/rec-406-b-root

Backport #4497 and #5470: Add E and B root IPv6 addresses

7 years agorec: changed IPv6 addr of b.root-servers.net
Arsen Stasic [Tue, 27 Jun 2017 11:02:53 +0000 (13:02 +0200)]
rec: changed IPv6 addr of b.root-servers.net

http://www.internic.net/domain/db.cache
last update:    June 01, 2017
is effective since 2017-06-01

(cherry picked from commit 951ab1a12096a6cf8514282c5f5d4d7641bc87ae)

7 years agoe.root-servers.net has IPv6 now
phonedph1 [Fri, 23 Sep 2016 00:41:58 +0000 (18:41 -0600)]
e.root-servers.net has IPv6 now

(cherry picked from commit b815c62e1a4be01b4a2a7833855116b8781f86f6)

7 years agoMerge pull request #5462 from pieterlexis/rex-406-backport-5455
Pieter Lexis [Tue, 27 Jun 2017 10:05:31 +0000 (12:05 +0200)]
Merge pull request #5462 from pieterlexis/rex-406-backport-5455

Backport 5455: Travis: Use auth 4.0 for recursor tests

7 years agoTravis: Use auth 4.0 for recursor tests
Pieter Lexis [Fri, 23 Jun 2017 08:43:37 +0000 (10:43 +0200)]
Travis: Use auth 4.0 for recursor tests

(cherry picked from commit dad54543abf80aedefbe47f1d538542763794173)

7 years agoMerge pull request #5451 from rgacogne/rec40-requestor-payload-512
Peter van Dijk [Thu, 22 Jun 2017 14:07:25 +0000 (16:07 +0200)]
Merge pull request #5451 from rgacogne/rec40-requestor-payload-512

Backport #5446: rec: Treat requestor's payload size lower than 512 as equal to 512

7 years agorec: Treat requestor's payload size lower than 512 as equal to 512
Remi Gacogne [Thu, 22 Jun 2017 08:25:47 +0000 (10:25 +0200)]
rec: Treat requestor's payload size lower than 512 as equal to 512

(cherry picked from commit 320157487ec1cd0a9c4bcfd5309d9d651c26eb72)

7 years agoMerge pull request #5447 from Habbie/rec-4.0.x-uri
Pieter Lexis [Thu, 22 Jun 2017 12:22:51 +0000 (14:22 +0200)]
Merge pull request #5447 from Habbie/rec-4.0.x-uri

rec backport: make URI integers 16 bits, fixes #5443

7 years agoMerge pull request #5448 from mind04/rec-4.0.x
Pieter Lexis [Thu, 22 Jun 2017 12:22:42 +0000 (14:22 +0200)]
Merge pull request #5448 from mind04/rec-4.0.x

Rec 4.0.x: backport decaf signer