]>
granicus.if.org Git - pdns/log
Remi Gacogne [Mon, 9 May 2016 15:35:17 +0000 (17:35 +0200)]
dnsdist: Log the content of webserver's exceptions
bert hubert [Fri, 6 May 2016 12:03:08 +0000 (14:03 +0200)]
Merge pull request #3823 from mind04/gcc61-master
add gcc 6.1 support to boost.m4
bert hubert [Fri, 6 May 2016 11:38:18 +0000 (13:38 +0200)]
Merge pull request #3826 from ahupowerdns/quietsmn
implement a 'quiet' mode for SuffixMatchNodeRule() which prevents Sho…
bert hubert [Fri, 6 May 2016 07:43:11 +0000 (09:43 +0200)]
implement a 'quiet' mode for SuffixMatchNodeRule() which prevents ShowRules() from listing a million domain names.
bert hubert [Fri, 6 May 2016 05:00:08 +0000 (07:00 +0200)]
include 1.0.0 announcement and announcement-video on website of dnsdist
Kees Monshouwer [Thu, 5 May 2016 12:52:20 +0000 (14:52 +0200)]
add gcc 6.1 support to boost.m4
bert hubert [Thu, 5 May 2016 12:22:29 +0000 (14:22 +0200)]
Merge pull request #3813 from ahupowerdns/multi-wash
Multi wash: make dnswash process multiple files at once & anonymize IPv6 fully now (128 bits)
bert hubert [Wed, 4 May 2016 18:16:56 +0000 (20:16 +0200)]
Merge pull request #3812 from zeha/docs-rrsets
APi docs: Fix typo rrset -> rrsets
Christian Hofstaedtler [Wed, 4 May 2016 17:21:42 +0000 (19:21 +0200)]
APi docs: Fix typo rrset -> rrsets
bert hubert [Wed, 4 May 2016 17:10:47 +0000 (19:10 +0200)]
make sure we zero out the anonymized IPv6 address.
bert hubert [Wed, 4 May 2016 14:29:57 +0000 (16:29 +0200)]
days since fixing last part where we got IPv6 wrong: 0
bert hubert [Wed, 4 May 2016 13:49:00 +0000 (15:49 +0200)]
make dnswasher be able to wash multiple files, retaining consistent IP address mapping
Peter van Dijk [Wed, 4 May 2016 08:04:07 +0000 (10:04 +0200)]
Merge pull request #3807 from rgacogne/auth-caches-ttl-settings
auth: Add TTL settings for DNSSECKeeper's caches (key, medatada)
Remi Gacogne [Tue, 3 May 2016 19:26:03 +0000 (21:26 +0200)]
Update DNSSECKeeper's caches settings in pdns.conf-dist
Remi Gacogne [Tue, 3 May 2016 15:39:42 +0000 (17:39 +0200)]
Better description for DNSSECKeeper's cache, 0 disables caching
* Fix the description of the new settings
* Setting a 0-TTL disables caching
* Only get the value once, as it's done for `max-nsec3-iterations`
Remi Gacogne [Tue, 3 May 2016 14:31:37 +0000 (16:31 +0200)]
Merge pull request #3806 from rgacogne/fromiscmap-nocheck
auth: Move key validity check out of `fromISCMap()`
Peter van Dijk [Tue, 3 May 2016 14:23:30 +0000 (16:23 +0200)]
Merge pull request #3802 from Habbie/robust-doresolve
refactor doResolve out of secpoll
Peter van Dijk [Tue, 3 May 2016 13:38:07 +0000 (15:38 +0200)]
Merge pull request #3663 from klaus3000/pdnscontrol_notify
fix: also slaves may send NOTIFYs if slave-renotify is enabled
Peter van Dijk [Tue, 3 May 2016 13:35:01 +0000 (15:35 +0200)]
Merge pull request #3743 from hlindqvist/policy-rrl-mask
Implement address masking in RRL script (#3286)
Remi Gacogne [Tue, 3 May 2016 12:41:23 +0000 (14:41 +0200)]
Add key check on `pdnsutils hsm assign`
Remi Gacogne [Tue, 3 May 2016 12:40:32 +0000 (14:40 +0200)]
Rename `DNSCryptoKeyEngine` `checkKeys()` method to `checkKey()`
Remi Gacogne [Tue, 3 May 2016 08:39:53 +0000 (10:39 +0200)]
auth: Move key validity check out of `fromISCMap()`
It doesn't make a lot of sense to check the key validity at every
call of `fromISCMap()`, and it hurts performance a lot when keys
are not cached.
* Add separate `DNSSECKeeper::checkKeys()` and
`DNSCryptoKeyEngine::checkKeys()` methods
* Key validity is checked on import-zone-key, check-zone and
test-algorithm(s)
Remi Gacogne [Tue, 3 May 2016 08:10:04 +0000 (10:10 +0200)]
auth: Add TTL settings for DNSSECKeeper's caches (key, medatada)
bert hubert [Tue, 3 May 2016 06:55:14 +0000 (08:55 +0200)]
Merge pull request #3805 from ahupowerdns/depurl
remove purl.js: outdated & unused
Peter van Dijk [Mon, 2 May 2016 19:55:08 +0000 (21:55 +0200)]
Merge pull request #3797 from pieterlexis/issue-270-Version-for-tools
Add --version and --help to all the tools
bert hubert [Mon, 2 May 2016 19:29:44 +0000 (21:29 +0200)]
outdated & unused
bert hubert [Mon, 2 May 2016 19:14:47 +0000 (21:14 +0200)]
Merge pull request #3803 from ahupowerdns/logger-fixes
Logger fixes
bert hubert [Mon, 2 May 2016 18:40:11 +0000 (20:40 +0200)]
Merge pull request #3804 from rgacogne/rec-leak-validate
rec: Fix a memory leak in DNSSEC validation
Remi Gacogne [Mon, 2 May 2016 15:24:08 +0000 (17:24 +0200)]
rec: Fix a memory leak in DNSSEC validation
`DNSCryptoKeyEngine::makeFromPublicKeyString()` returns a naked
pointer to a new object.
Peter van Dijk [Mon, 2 May 2016 13:02:02 +0000 (15:02 +0200)]
Merge pull request #3801 from rgacogne/rec-lua-rcodes
rec: Add missing Lua rcodes bindings
bert hubert [Mon, 2 May 2016 11:46:13 +0000 (13:46 +0200)]
further logging silencing
bert hubert [Mon, 2 May 2016 11:01:35 +0000 (13:01 +0200)]
this wins no prizes - our protobuf logger is used both in dnsdist and recursor and sometimes needs to log. We previously did that to cerr since dnsdist and recursor have different logging promitives. This adds #ifdef based support for both. It works, is the best I can say about it.
Peter van Dijk [Mon, 2 May 2016 11:01:23 +0000 (13:01 +0200)]
rename a bunch of things
Peter van Dijk [Mon, 2 May 2016 10:39:29 +0000 (12:39 +0200)]
move stub code into stubresolver.cc/hh
Peter van Dijk [Tue, 26 Apr 2016 11:31:44 +0000 (13:31 +0200)]
honor qtype
Remi Gacogne [Mon, 2 May 2016 08:29:27 +0000 (10:29 +0200)]
rec: Add missing Lua rcodes bindings
Closes #3717.
Peter van Dijk [Mon, 2 May 2016 08:25:33 +0000 (10:25 +0200)]
Merge pull request #3798 from Habbie/requests-version
specify requests 2.9.2 to work around a bug in linkchecker
Peter van Dijk [Sun, 1 May 2016 20:11:36 +0000 (22:11 +0200)]
specify requests 2.9.2 to work around a bug in linkchecker
bert hubert [Sat, 30 Apr 2016 12:10:51 +0000 (14:10 +0200)]
Merge pull request #3794 from pieterlexis/rm-validDNSName
Remove the ancient validDNSName function
Pieter Lexis [Sat, 30 Apr 2016 11:46:15 +0000 (13:46 +0200)]
Add sdig manpage to pdns-tools deb
Pieter Lexis [Sat, 30 Apr 2016 11:44:41 +0000 (13:44 +0200)]
Add --help and --version to sdig
Pieter Lexis [Sat, 30 Apr 2016 11:38:23 +0000 (13:38 +0200)]
Add ixplore manpage to docs website
Pieter Lexis [Sat, 30 Apr 2016 11:35:18 +0000 (13:35 +0200)]
Add --version to zone2sql
Pieter Lexis [Sat, 30 Apr 2016 11:32:53 +0000 (13:32 +0200)]
Add --version to zone2ldap
Pieter Lexis [Sat, 30 Apr 2016 11:30:24 +0000 (13:30 +0200)]
Add --version to zone2json
Pieter Lexis [Sat, 30 Apr 2016 11:25:43 +0000 (13:25 +0200)]
pdns_recursor: Exit friendly on --version
Pieter Lexis [Sat, 30 Apr 2016 11:19:10 +0000 (13:19 +0200)]
Add --help and --version to nsec3dig
Pieter Lexis [Sat, 30 Apr 2016 11:13:03 +0000 (13:13 +0200)]
Add nproxy manpage, ship nproxy in pdns-tools deb
Pieter Lexis [Fri, 29 Apr 2016 17:50:49 +0000 (19:50 +0200)]
Add --version to nproxy
Pieter Lexis [Fri, 29 Apr 2016 17:38:43 +0000 (19:38 +0200)]
Add --help and --version to ixplore
Pieter Lexis [Fri, 29 Apr 2016 17:31:18 +0000 (19:31 +0200)]
Add notify manpage
Pieter Lexis [Fri, 29 Apr 2016 17:26:52 +0000 (19:26 +0200)]
Add --help and --version to notify
Pieter Lexis [Fri, 29 Apr 2016 15:38:09 +0000 (17:38 +0200)]
Add dumresp manpages and add dumresp to pdns-tools
Pieter Lexis [Fri, 29 Apr 2016 15:36:39 +0000 (17:36 +0200)]
Add --help and --version to dumresp
Pieter Lexis [Fri, 29 Apr 2016 15:14:25 +0000 (17:14 +0200)]
Add --help and --version to dnswasher
Pieter Lexis [Fri, 29 Apr 2016 15:07:31 +0000 (17:07 +0200)]
Add --version to dnstcpbench
Pieter Lexis [Fri, 29 Apr 2016 15:04:23 +0000 (17:04 +0200)]
Add --version to dnsscope
Pieter Lexis [Fri, 29 Apr 2016 15:00:47 +0000 (17:00 +0200)]
Add --help and --version to dnsscan
Pieter Lexis [Fri, 29 Apr 2016 14:57:42 +0000 (16:57 +0200)]
Add --version to dnsreplay
Pieter Lexis [Fri, 29 Apr 2016 14:52:34 +0000 (16:52 +0200)]
Add --version and --help to dnsgram
Pieter Lexis [Fri, 29 Apr 2016 14:52:20 +0000 (16:52 +0200)]
make dnspcap spit out the filename on error
Pieter Lexis [Fri, 29 Apr 2016 14:41:15 +0000 (16:41 +0200)]
Add --help and --version to dnsbulktest
Pieter Lexis [Fri, 29 Apr 2016 14:32:05 +0000 (16:32 +0200)]
Add calidns manpage and add to pdns-tools
Pieter Lexis [Fri, 29 Apr 2016 14:37:48 +0000 (16:37 +0200)]
Merge pull request #3795 from kaosdrachen/patch-1
Fixed a typo
Pieter Lexis [Fri, 29 Apr 2016 14:31:49 +0000 (16:31 +0200)]
Add --help and --version to calidns
kaosdrachen [Fri, 29 Apr 2016 14:30:21 +0000 (16:30 +0200)]
Fixed a typo
Line 284: unset-pushish-cds --> unset-publish-cds
Pieter Lexis [Fri, 29 Apr 2016 12:48:27 +0000 (14:48 +0200)]
Add --version to pdnsutil
Pieter Lexis [Fri, 1 May 2015 12:25:45 +0000 (14:25 +0200)]
Add --version to rec_control
bert hubert [Fri, 29 Apr 2016 11:28:48 +0000 (13:28 +0200)]
Merge pull request #3752 from pieterlexis/issue-3682-DNSSEC-processing
recursor: DNSSEC related query flag processing
bert hubert [Fri, 29 Apr 2016 11:28:27 +0000 (13:28 +0200)]
Merge pull request #3662 from klaus3000/soa_serial_0
handle SOAs with serial 0 correctly in incoming AXFR
bert hubert [Fri, 29 Apr 2016 11:13:17 +0000 (13:13 +0200)]
Merge pull request #3754 from rgacogne/dnsdist-custom-headers
dnsdist: Allow the use of custom headers in the web server
bert hubert [Fri, 29 Apr 2016 11:12:44 +0000 (13:12 +0200)]
Merge pull request #3772 from pieterlexis/issue-3738-cap-servfail-ttl
Cap packetcache-servfail-ttl to packetcache-ttl
Pieter Lexis [Fri, 29 Apr 2016 10:40:40 +0000 (12:40 +0200)]
Remove the ancient validDNSName function
It was unused anyway, closes #213.
bert hubert [Fri, 29 Apr 2016 05:41:51 +0000 (07:41 +0200)]
Merge pull request #3789 from rgacogne/dnsname-negative-labellen-ispartof
Add consistency checks to segmentDNSNameRaw()
bert hubert [Fri, 29 Apr 2016 05:41:25 +0000 (07:41 +0200)]
Merge pull request #3792 from pieterlexis/dnssec-regression-part-3
More DNSSEC tests and a RRSIG validation fix for wildcards
Pieter Lexis [Thu, 28 Apr 2016 15:40:11 +0000 (17:40 +0200)]
Add DNSSEC tests for cnames to/from (in)secure
Pieter Lexis [Thu, 28 Apr 2016 14:57:53 +0000 (16:57 +0200)]
Add simple NODATA tests
Pieter Lexis [Thu, 28 Apr 2016 13:34:59 +0000 (15:34 +0200)]
Add 2 wildcard CNAME tests
Pieter Lexis [Thu, 28 Apr 2016 12:33:16 +0000 (14:33 +0200)]
recursor: Correctly validate wildcard RRSIGs
Pieter Lexis [Thu, 28 Apr 2016 12:33:12 +0000 (14:33 +0200)]
Add DNSSEC wilcard test
Pieter Lexis [Thu, 28 Apr 2016 12:30:32 +0000 (14:30 +0200)]
Add 2 tests with subtrees inside a secure zone
To test if the recursor actually validates RRSIGs with a signer name
that is not directly a parent of the name to validate. i.e. validates
signer name = 'domain.example' and record owner name =
'some.sub.domain.example'
Pieter Lexis [Thu, 28 Apr 2016 10:32:17 +0000 (12:32 +0200)]
Merge pull request #3784 from mind04/soa-cache-master
fix SOA caching with multiple backends
Pieter Lexis [Thu, 28 Apr 2016 10:32:07 +0000 (12:32 +0200)]
Merge pull request #3788 from mind04/mysql-timeout
make mysql timeout configurable
Remi Gacogne [Thu, 28 Apr 2016 09:59:01 +0000 (11:59 +0200)]
Add consistency checks to segmentDNSNameRaw()
This fixes most issues found by fuzzing loadRPZFromFile() with
American Fuzzy Lop.
Remi Gacogne [Thu, 28 Apr 2016 08:59:27 +0000 (10:59 +0200)]
Throw on negative label length in `DNSName::isPartOf()`
Found with American Fuzzy Lop and Address Sanitizer.
Pieter Lexis [Thu, 28 Apr 2016 08:29:48 +0000 (10:29 +0200)]
Merge pull request #3765 from pieterlexis/update-yahttp
Update yahttp
Pieter Lexis [Thu, 28 Apr 2016 08:29:37 +0000 (10:29 +0200)]
Merge pull request #3766 from rgacogne/packetparser-min-offset
Add a minimum offset parameter to DNSName
bert hubert [Thu, 28 Apr 2016 05:56:50 +0000 (07:56 +0200)]
Merge pull request #3768 from rgacogne/afl-crash-fixes
Fix various crashes
bert hubert [Thu, 28 Apr 2016 05:56:28 +0000 (07:56 +0200)]
Merge pull request #3773 from rgacogne/dnsdist-web-req-resp
dnsdist: Stop copying the request headers to the response
bert hubert [Thu, 28 Apr 2016 05:56:07 +0000 (07:56 +0200)]
Merge pull request #3786 from pieterlexis/recursor-dnssec-part-2
More DNSSEC tests
Pieter Lexis [Wed, 27 Apr 2016 12:08:29 +0000 (14:08 +0200)]
Add basic NSEC and NSEC3 tests
Add a zone with NSEC3-optout for the NSEC3 tests
Pieter Lexis [Wed, 27 Apr 2016 07:23:10 +0000 (09:23 +0200)]
Add timing based DNSSEC tests
Note: the `faketime` program does not clean up its childprocesses
properly (possibly in combination with authbind), hence we LD_PRELOAD it
and supply the faketime through the environment.
bert hubert [Wed, 27 Apr 2016 17:20:30 +0000 (19:20 +0200)]
non opt-out nsec3
Kees Monshouwer [Wed, 27 Apr 2016 13:00:19 +0000 (15:00 +0200)]
make mysql timeout configurable
bert hubert [Wed, 27 Apr 2016 14:13:28 +0000 (16:13 +0200)]
Merge pull request #3767 from ahupowerdns/dnsdist-yaks
Please ponder: nodelay, console newlines, print out json, silence some trivia, move to 'return' for Lua statements
bert hubert [Wed, 27 Apr 2016 14:13:07 +0000 (16:13 +0200)]
Merge pull request #3783 from rgacogne/type-conversion-fixes
Fix type conversions, add some checks
bert hubert [Wed, 27 Apr 2016 14:02:22 +0000 (16:02 +0200)]
Merge pull request #3779 from rgacogne/dnsname-afl-crash-unsigned
Use unsigned char* in getRawLabels() and countLabels()
bert hubert [Wed, 27 Apr 2016 14:01:48 +0000 (16:01 +0200)]
Merge pull request #3785 from ahupowerdns/nsec3fix
process nsec3 insecure delegation
bert hubert [Wed, 27 Apr 2016 13:10:49 +0000 (15:10 +0200)]
process NSEC3 insecure delegation, closes #3675
bert hubert [Wed, 27 Apr 2016 13:10:17 +0000 (15:10 +0200)]
enable function to hash qnames w/o having the NSEC3PARAM ready