]>
granicus.if.org Git - pdns/log
bert hubert [Thu, 25 Feb 2016 21:23:19 +0000 (22:23 +0100)]
Merge pull request #3458 from rgacogne/dnsdist-cache-tests
dnsdist: Fix cache tests. Clean tests backends.
bert hubert [Thu, 25 Feb 2016 18:52:56 +0000 (19:52 +0100)]
Merge pull request #3451 from rgacogne/rec-replace-to-back
recursor: Move replaced cached entries to the back
bert hubert [Thu, 25 Feb 2016 17:34:39 +0000 (18:34 +0100)]
Merge pull request #3449 from rgacogne/dnsdist-pool-terminal
dnsdist: Make PoolAction() stop the rule processing again
bert hubert [Thu, 25 Feb 2016 17:34:24 +0000 (18:34 +0100)]
Merge pull request #3455 from ahupowerdns/comfun
DNSName escaped parsing speedups, comfun bulk zone/ns analysis tool, tiny dnsdist fixup
Remi Gacogne [Thu, 25 Feb 2016 16:51:24 +0000 (17:51 +0100)]
dnsdist: Fix cache tests. Clean tests backends.
Several issues:
- the cache tests used a vey small cache, not large enough for the
number of responses we expected to cache during the test suite
- this was hidden by the default response from the backends
matching what the test expected
- and by the backends not counting properly what looked like a
health check but wasn't.
Pieter Lexis [Thu, 25 Feb 2016 16:16:29 +0000 (17:16 +0100)]
Be a little more explicit on the addition of the SEP on CSKs
Pieter Lexis [Thu, 25 Feb 2016 14:50:02 +0000 (15:50 +0100)]
Merge pull request #3454 from pieterlexis/auth-4.0.0-alpha2-docs
Documentation updates for the upcoming alpha2 releases
Pieter Lexis [Thu, 25 Feb 2016 13:46:28 +0000 (14:46 +0100)]
Merge pull request #3453 from pieterlexis/silence-biowrite-warning
Silence a BIO_write warning
Pieter Lexis [Thu, 25 Feb 2016 12:26:04 +0000 (13:26 +0100)]
Recursor 4.0.0-alpha2 changelog
Pieter Lexis [Thu, 25 Feb 2016 11:30:57 +0000 (12:30 +0100)]
Documentation on Auth 4.0.0 alpha2
Pieter Lexis [Thu, 25 Feb 2016 11:48:48 +0000 (12:48 +0100)]
Silence a BIO_write warning
Pieter Lexis [Thu, 25 Feb 2016 12:27:52 +0000 (13:27 +0100)]
Merge pull request #3452 from pieterlexis/detect-network-libs
Detect several network libraries properly
bert hubert [Thu, 25 Feb 2016 12:03:29 +0000 (13:03 +0100)]
this commit uglifies DNSName escaped representation parsing for tremendous speedup (2x) during bulk zone loading from disk or database.
Part of the uglification is that we now special case unescaped names, which are the vast majority of cases.
Simultaneously, this moves us back to DNSName boost::container::string on non-Apple platforms, which delivered another 15% speedup on general operations
Finally, an additional unit test is added.
Pieter Lexis [Wed, 17 Feb 2016 19:25:57 +0000 (20:25 +0100)]
Detect several network libraries properly
Closes #3369
bert hubert [Wed, 24 Feb 2016 11:54:38 +0000 (12:54 +0100)]
set RD=1 in calidns for now, more right than what we do now..
bert hubert [Mon, 22 Feb 2016 14:27:42 +0000 (15:27 +0100)]
don't add NSEC/NSEC3 unless the packet asked for DNSSEC records
bert hubert [Mon, 15 Feb 2016 22:01:56 +0000 (23:01 +0100)]
gitignore comfun
bert hubert [Mon, 15 Feb 2016 20:20:13 +0000 (21:20 +0100)]
scanning zonefiles & polling nameservers
Pieter Lexis [Thu, 25 Feb 2016 10:09:35 +0000 (11:09 +0100)]
Merge pull request #3037 from pieterlexis/issue-3024-ENT-cleanups
Remove superfluous gsql queries and stop relying on schema defaults
bert hubert [Thu, 25 Feb 2016 09:51:20 +0000 (10:51 +0100)]
Merge pull request #3448 from zeha/recuconfig
Remove edns-subnet-whitelist whitelist pointing to powerdns.com
Pieter Lexis [Thu, 25 Feb 2016 09:08:21 +0000 (10:08 +0100)]
Merge pull request #3230 from zeha/websec
Auth/Recursor: drop JSONP, add web security headers
Pieter Lexis [Thu, 25 Feb 2016 09:08:15 +0000 (10:08 +0100)]
Merge pull request #3279 from zeha/bio-api-correctness
Handle return codes from OpenSSL BIO_*
Christian Hofstaedtler [Wed, 24 Feb 2016 22:02:25 +0000 (23:02 +0100)]
Remove edns-subnet-whitelist whitelist pointing to powerdns.com
Christian Hofstaedtler [Wed, 24 Feb 2016 21:06:29 +0000 (22:06 +0100)]
Handle return codes from OpenSSL BIO_*
bert hubert [Wed, 24 Feb 2016 20:41:34 +0000 (21:41 +0100)]
Merge pull request #3443 from ahupowerdns/speedups
Speedups! Closes some big impediments for performance & even correctness
bert hubert [Wed, 24 Feb 2016 20:40:41 +0000 (21:40 +0100)]
Merge pull request #3442 from pieterlexis/recursor-ixfr-catch-exception
recursor: catch exception during IXFR of RPZ
bert hubert [Wed, 24 Feb 2016 20:40:25 +0000 (21:40 +0100)]
Merge pull request #3444 from pieterlexis/recursor-ixfr-tsig-algo-names
recursor: set the TSIG algoname on IXFR correctly
bert hubert [Wed, 24 Feb 2016 20:39:50 +0000 (21:39 +0100)]
Merge pull request #3445 from pieterlexis/recursor-rpz-docs
Document recursor RPZ options
Pieter Lexis [Wed, 24 Feb 2016 17:48:43 +0000 (18:48 +0100)]
Document recursor RPZ options
Pieter Lexis [Wed, 24 Feb 2016 17:14:31 +0000 (18:14 +0100)]
recursor: set the TSIG algoname on IXFR correctly
Pieter Lexis [Wed, 24 Feb 2016 16:35:22 +0000 (17:35 +0100)]
recursor: catch exception during IXFR of RPZ
This would lead to a SIGABRT before when the IXFR failed.
Remi Gacogne [Wed, 24 Feb 2016 16:13:14 +0000 (17:13 +0100)]
recursor: Move replaced cached entries to the back
When we replace an existing entry, it keeps its existing place in
the expunge queue, while new entries are inserted to the back and
hits are moved to the back.
Moving replaced entries to the back of the queue is more fair and
so probably more efficient, as it would increase the likelihood of
expunging unused expired entries from the cache.
Remi Gacogne [Wed, 24 Feb 2016 15:46:14 +0000 (16:46 +0100)]
dnsdist: Make PoolAction() stop the rule processing again
It could clearly be confusing, and can easily be done by
ordering rules correctly anyway.
Thanks @rygl for the very valuable feedback.
bert hubert [Wed, 24 Feb 2016 15:36:44 +0000 (16:36 +0100)]
we were inconsistent in comparing ComboAddresses with sin_family==0. Removed possibility for inconsistency, plus surrounded this bug with unit tests. Added similar test for DNSName.
Remi Gacogne [Wed, 24 Feb 2016 15:01:55 +0000 (16:01 +0100)]
Merge pull request #3432 from rgacogne/dnsdist-split-tests
dnsdist: Split Caching, Routing and Spoofing from "Advanced" tests
Pieter Lexis [Wed, 17 Feb 2016 15:24:41 +0000 (16:24 +0100)]
Stop relying on SQL schema defaults
Pieter Lexis [Wed, 10 Feb 2016 14:35:10 +0000 (15:35 +0100)]
Deprecate the insert-slave-query
Pieter Lexis [Wed, 10 Feb 2016 11:20:56 +0000 (12:20 +0100)]
Deprecate the insert-record-order-query
Pieter Lexis [Mon, 14 Dec 2015 11:34:43 +0000 (12:34 +0100)]
Remove superfluous gsql query for ENTs
This fixes part of #3024
Pieter Lexis [Wed, 24 Feb 2016 14:49:05 +0000 (15:49 +0100)]
Merge pull request #3429 from mind04/failed
make sure we don't forget passing test marked as failing
bert hubert [Wed, 24 Feb 2016 13:59:30 +0000 (14:59 +0100)]
Merge pull request #3435 from Habbie/lua-dnsname
add two methods to DNSName for recursor Lua scripting
bert hubert [Wed, 24 Feb 2016 13:59:07 +0000 (14:59 +0100)]
Merge pull request #3433 from rgacogne/dnsdist-check-response
dnsdist: Check that the answer matches the initial query over UDP
bert hubert [Wed, 24 Feb 2016 13:58:22 +0000 (14:58 +0100)]
Merge pull request #3437 from Habbie/lua-pdnsunixtime
add pdns.now timeval struct to recursor lua
bert hubert [Wed, 24 Feb 2016 13:58:10 +0000 (14:58 +0100)]
Merge pull request #3439 from Habbie/lua15minutes
link to learn lua in 15 minutes
bert hubert [Wed, 24 Feb 2016 10:55:36 +0000 (11:55 +0100)]
lots of speedups local to zoneparser-tng, mostly reducing malloc load and locale use
bert hubert [Wed, 24 Feb 2016 11:55:38 +0000 (12:55 +0100)]
add "reuseport" to recursor as a switch, off by default
bert hubert [Mon, 22 Feb 2016 14:26:55 +0000 (15:26 +0100)]
we used toString() to compare incoming packets - showed up in profile at 3% or so
bert hubert [Wed, 24 Feb 2016 10:54:22 +0000 (11:54 +0100)]
we don't need set close on exec in pdns_recursor since it won't (can't) exec anything
bert hubert [Wed, 24 Feb 2016 11:41:08 +0000 (12:41 +0100)]
because unset/empty netmasks did not compare as equal, we would fill the cache with tens of thousands of duplicate entries per name
Peter van Dijk [Tue, 23 Feb 2016 16:18:52 +0000 (17:18 +0100)]
add pdns.now timeval struct to recursor lua
Peter van Dijk [Wed, 24 Feb 2016 11:32:41 +0000 (12:32 +0100)]
link to learn lua in 15 minutes
bert hubert [Wed, 24 Feb 2016 10:24:59 +0000 (11:24 +0100)]
Merge pull request #3434 from Habbie/remove-old-lua-recursor
remove v3 lua recursor files (dead code)
Peter van Dijk [Wed, 24 Feb 2016 09:46:16 +0000 (10:46 +0100)]
Merge pull request #3428 from zeha/apirrsets
API: Fix zone/records design mistake
Peter van Dijk [Tue, 23 Feb 2016 15:31:29 +0000 (16:31 +0100)]
add two methods to DNSName for recursor Lua scripting
Peter van Dijk [Tue, 23 Feb 2016 15:03:14 +0000 (16:03 +0100)]
remove v3 lua recursor files (dead code)
Remi Gacogne [Tue, 23 Feb 2016 08:02:50 +0000 (09:02 +0100)]
dnsdist: Split Caching, Routing and Spoofing from "Advanced" tests
bert hubert [Mon, 22 Feb 2016 18:51:49 +0000 (19:51 +0100)]
Merge pull request #3423 from Habbie/tinydns-yak
tinydns testing yaks
bert hubert [Mon, 22 Feb 2016 18:31:58 +0000 (19:31 +0100)]
Merge pull request #3422 from ahupowerdns/multispoof
Multispoof: make the dnsdist spoofing actions accept multiple IPv4 and IPv6 addresses, retaining old syntax + updated regression tests
Remi Gacogne [Mon, 22 Feb 2016 18:22:55 +0000 (19:22 +0100)]
dnsdist: Check that the answer matches the initial query over UDP
If we wrap around our maxOutstanding counter too fast, we need
to check that the answer we get is for the right query.
In order to do that, we now parse the question section in the
response and compare it to the one we expect (type, class and
name).
Peter van Dijk [Mon, 22 Feb 2016 11:05:58 +0000 (12:05 +0100)]
update incbin to upstream 3d4aa9, fixing osx builds
Kees Monshouwer [Mon, 22 Feb 2016 08:11:53 +0000 (09:11 +0100)]
s/failing/fail
Kees Monshouwer [Sun, 21 Feb 2016 23:14:57 +0000 (00:14 +0100)]
remove 'failing' flag for passing oracle tests
Kees Monshouwer [Sun, 21 Feb 2016 22:32:49 +0000 (23:32 +0100)]
remove 'failing' flag for passing bind tests
Kees Monshouwer [Sun, 21 Feb 2016 22:30:49 +0000 (23:30 +0100)]
remove 'failing' flag for passing ldap tests
Kees Monshouwer [Sun, 21 Feb 2016 09:46:58 +0000 (10:46 +0100)]
add 'fail.*' option to the regression-test
A failing test must be brokem.
Christian Hofstaedtler [Sun, 21 Feb 2016 21:11:16 +0000 (22:11 +0100)]
API: Fix zone/records design mistake
Christian Hofstaedtler [Sun, 21 Feb 2016 22:15:17 +0000 (23:15 +0100)]
Turn Comment.qname into a DNSName
Christian Hofstaedtler [Sun, 21 Feb 2016 22:14:32 +0000 (23:14 +0100)]
gsql: Remove stripDot where not needed
Peter van Dijk [Sun, 21 Feb 2016 18:30:06 +0000 (19:30 +0100)]
detect (g)md5sum to support osx brew usage
Peter van Dijk [Sun, 21 Feb 2016 18:27:46 +0000 (19:27 +0100)]
update tinydns data with cdnskey-cds-test.com domain
Peter van Dijk [Sun, 21 Feb 2016 18:27:12 +0000 (19:27 +0100)]
support dynamic loading of bindbackend
Peter van Dijk [Sun, 21 Feb 2016 18:27:00 +0000 (19:27 +0100)]
drop args, use vars like other scripts do, default to assuming they are on PATH
Peter van Dijk [Sun, 21 Feb 2016 18:25:14 +0000 (19:25 +0100)]
switch to bash; add -u (abort on use of unset var) to flags
bert hubert [Sun, 21 Feb 2016 10:27:56 +0000 (11:27 +0100)]
Merge pull request #3412 from pieterlexis/dnsdist-check-config
Dnsdist check config
bert hubert [Sun, 21 Feb 2016 09:00:49 +0000 (10:00 +0100)]
Merge pull request #3419 from Habbie/ldap-skipless
we skip too many ldap tests - unskip those that appear to actually work
bert hubert [Sun, 21 Feb 2016 09:00:38 +0000 (10:00 +0100)]
Merge pull request #3418 from Habbie/ldap-strict
add ldap strict mode testing
bert hubert [Sun, 21 Feb 2016 08:58:34 +0000 (09:58 +0100)]
document the new powers of domainspoof/spoofaction in dnsdist
Peter van Dijk [Sat, 20 Feb 2016 21:47:55 +0000 (22:47 +0100)]
Merge pull request #3420 from Habbie/no-verbose-wildcard-crash
don't servfail on unset wildcard in addNSEC when verbose logging is enabled
bert hubert [Sat, 20 Feb 2016 21:07:45 +0000 (22:07 +0100)]
Merge pull request #3399 from mind04/rsabits
report OpenSSL RSA keysize in bits
bert hubert [Sat, 20 Feb 2016 21:07:17 +0000 (22:07 +0100)]
Merge pull request #3413 from rgacogne/dnsdist-healthcheck-messages
dnsdist: log health check error messages even when verbose is off
bert hubert [Sat, 20 Feb 2016 21:06:36 +0000 (22:06 +0100)]
Merge pull request #3411 from rgacogne/dnsdist-nopacketcache-tcp
dnsdist: Do not share the packet cache entries between TCP and UDP
bert hubert [Sat, 20 Feb 2016 21:03:21 +0000 (22:03 +0100)]
Merge pull request #3356 from rgacogne/dnsdist-parse-failures-log
dnsdist: Display the query ID and remote IP when parsing fails
bert hubert [Sat, 20 Feb 2016 20:58:41 +0000 (21:58 +0100)]
make dnsdist spoofing actions support multiple A and AAAA records which we'll shuffle and include, plus regression tests for same
Peter van Dijk [Sat, 20 Feb 2016 20:57:38 +0000 (21:57 +0100)]
don't servfail on unset wildcard in addNSEC when verbose logging is enabled
bert hubert [Sat, 20 Feb 2016 20:56:03 +0000 (21:56 +0100)]
document dnsdist regression tests, make it possible to run only part of the regression tests (& document that too)
Peter van Dijk [Sat, 20 Feb 2016 19:18:45 +0000 (20:18 +0100)]
we skip too many ldap tests - unskip those that appear to actually work
Peter van Dijk [Sat, 20 Feb 2016 19:23:05 +0000 (20:23 +0100)]
add ldap strict mode testing
Peter van Dijk [Sat, 20 Feb 2016 18:00:27 +0000 (19:00 +0100)]
Merge pull request #3407 from cmouse/permit-star-entry
Permit star entry
Aki Tuomi [Sat, 20 Feb 2016 14:31:10 +0000 (16:31 +0200)]
test that API accepts wildcard name
Remi Gacogne [Fri, 19 Feb 2016 17:37:16 +0000 (18:37 +0100)]
dnsdist: log health check error messages even when verbose is off
This still requires setVerboseHealthChecks(true), but not global
verbose anymore, as the later logs every queries and thus is not
usable on a large deployment.
bert hubert [Sat, 20 Feb 2016 11:44:26 +0000 (12:44 +0100)]
report an error when we die when .. dnsdist sends us an unexpected answer?!
bert hubert [Sat, 20 Feb 2016 11:43:55 +0000 (12:43 +0100)]
silence warning about our vinfolog macro (perhaps we should see if we can improve the macro)
bert hubert [Fri, 19 Feb 2016 20:56:33 +0000 (21:56 +0100)]
refuse to validate empty space - @zaphodb, this may be your crash
bert hubert [Fri, 19 Feb 2016 20:28:05 +0000 (21:28 +0100)]
turns out we were using libc tolower in performance sensitive places.. top in perf
bert hubert [Fri, 19 Feb 2016 20:09:53 +0000 (21:09 +0100)]
prevent us dying on emitting error message about unexpected packet
Pieter Lexis [Fri, 19 Feb 2016 15:30:47 +0000 (16:30 +0100)]
dnsdist: add --check-config commandline switch
This allows testing of the configuration before one will try to restart
dnsdist with a broken config. Additionally, add tests to confirm the
config check still works.
Pieter Lexis [Fri, 19 Feb 2016 15:28:38 +0000 (16:28 +0100)]
dnsdist: Explicitly use python2 for tests
Aki Tuomi [Fri, 19 Feb 2016 07:53:55 +0000 (09:53 +0200)]
Permit star, fixes #3406
bert hubert [Fri, 19 Feb 2016 14:02:14 +0000 (15:02 +0100)]
Merge pull request #3410 from ahupowerdns/recuweb
Merge Recuweb - built in live webpage for recursor
Remi Gacogne [Fri, 19 Feb 2016 11:58:05 +0000 (12:58 +0100)]
dnsdist: Do not share the packet cache entries between TCP and UDP
It would obviously cause issues, for example with truncated
responses. It is possible to disable the cache for all TCP queries
by using something like:
addAction(TCPRule(true), SkipCacheAction())