]>
granicus.if.org Git - pdns/log
Remi Gacogne [Thu, 3 Oct 2019 09:53:48 +0000 (11:53 +0200)]
Implement python's to_text() for Cookies and Client Subnet options
Otto Moerbeek [Wed, 2 Oct 2019 13:46:46 +0000 (15:46 +0200)]
Merge pull request #8371 from omoerbeek/rec-fix-debian-pkg-build
Fix chmod paths in rules files
Otto Moerbeek [Wed, 2 Oct 2019 13:18:51 +0000 (15:18 +0200)]
Fix chmod paths in rules files
Otto Moerbeek [Wed, 2 Oct 2019 12:23:41 +0000 (14:23 +0200)]
Merge pull request #8369 from omoerbeek/auth-pthread_t-isnotanint
Printing a pthread_t on platforms having a non-int pthread_id requires a cast to uintptr_t.
Remi Gacogne [Wed, 2 Oct 2019 12:16:45 +0000 (14:16 +0200)]
Merge pull request #8368 from rgacogne/ddist-prometheus-third
dnsdist: More prometheus fixes
Remi Gacogne [Wed, 2 Oct 2019 12:15:01 +0000 (14:15 +0200)]
Merge pull request #8365 from rgacogne/ddist-lowercase-custom-header-names
dnsdist: Lowercase custom DoH header names
Otto Moerbeek [Wed, 2 Oct 2019 11:38:33 +0000 (13:38 +0200)]
Merge pull request #8344 from franklouwers/rec-signalhandling
Add signal handling for SIGTERM and SIGINT in pdns_recursor, if we are PID1
Otto Moerbeek [Wed, 2 Oct 2019 11:01:57 +0000 (13:01 +0200)]
Merge pull request #8366 from omoerbeek/rec-enable-nod
rec: Build Newly Observerd Domain (NOD) support by default.
Otto Moerbeek [Wed, 2 Oct 2019 09:17:48 +0000 (11:17 +0200)]
Printing a pthread_t on platforms having a non-int pthread_id
requires a cast to uintptr_t.
Remi Gacogne [Wed, 2 Oct 2019 09:14:50 +0000 (11:14 +0200)]
dnsdist: Also lowercase custom DoH header names for early responses
Remi Gacogne [Wed, 2 Oct 2019 08:49:12 +0000 (10:49 +0200)]
dnsdist: Deduplicate DoH frontend names in prometheus
Remi Gacogne [Wed, 2 Oct 2019 08:47:47 +0000 (10:47 +0200)]
dnsdist: Add missing prometheus descriptions for dnsdist_pool_servers and dnsdist_pool_active_servers
Remi Gacogne [Wed, 2 Oct 2019 08:45:07 +0000 (10:45 +0200)]
dnsdist: Fix a typo in 'tcpdownstreamtimeouts' prometheus description
Remi Gacogne [Wed, 2 Oct 2019 08:44:44 +0000 (10:44 +0200)]
dnsdist: Fix handling of latency-sum and latency-count in prometheus
Remi Gacogne [Wed, 2 Oct 2019 08:38:53 +0000 (10:38 +0200)]
dnsdist: Add per-frontend and per-server response counters
Frank Louwers [Tue, 1 Oct 2019 15:44:38 +0000 (17:44 +0200)]
Typo. Thanks @phonedph1
Otto Moerbeek [Tue, 1 Oct 2019 12:42:17 +0000 (14:42 +0200)]
Auto, conditional on availability of boot-filesystem lib
Remi Gacogne [Tue, 1 Oct 2019 11:45:16 +0000 (13:45 +0200)]
Merge pull request #8364 from rgacogne/ddist-webserver-checkconfig
dnsdist: Check the address supplied to 'webserver' in check-config
Remi Gacogne [Tue, 1 Oct 2019 11:44:58 +0000 (13:44 +0200)]
Merge pull request #8363 from omoerbeek/lgtm-coverity-1
LGTM/coverity spotted issues: copy constructors and = operators
Otto Moerbeek [Tue, 1 Oct 2019 09:57:57 +0000 (11:57 +0200)]
Build Newly Observerd Domain (NOD) support by default.
Still disabled by default config.
Otto Moerbeek [Tue, 1 Oct 2019 09:35:03 +0000 (11:35 +0200)]
Merge pull request #8360 from omoerbeek/rec-systemd-config-perms
rec: chmod/own recursor.conf for the systemd case
Remi Gacogne [Tue, 1 Oct 2019 09:10:07 +0000 (11:10 +0200)]
dnsdist: Lowercase custom DoH header names
Remi Gacogne [Tue, 1 Oct 2019 08:36:02 +0000 (10:36 +0200)]
Merge pull request #8361 from rgacogne/ddist-doh-prometheus-bis
dnsdist: Refactor DoH prometheus metrics again
Remi Gacogne [Tue, 1 Oct 2019 08:35:04 +0000 (10:35 +0200)]
Merge pull request #8359 from rgacogne/dnsdist-setrules-creationorder
dnsdist: Fix the creation order of rules when inserted via SetRules()
Remi Gacogne [Tue, 1 Oct 2019 08:02:14 +0000 (10:02 +0200)]
dnsdist: Check the address supplied to 'webserver' in check-config
Otto Moerbeek [Mon, 30 Sep 2019 09:46:13 +0000 (11:46 +0200)]
Cleanup copy constructor/assignment op "rule-of-2" violations.
Remi Gacogne [Mon, 30 Sep 2019 15:44:51 +0000 (17:44 +0200)]
dnsdist: Refactor DoH prometheus metrics again
Otto Moerbeek [Mon, 30 Sep 2019 15:40:15 +0000 (17:40 +0200)]
chmod/own recursor.conf for the systemd case
Remi Gacogne [Mon, 30 Sep 2019 14:54:57 +0000 (16:54 +0200)]
dnsdist: Fix the creation order of rules when inserted via SetRules()
Remi Gacogne [Mon, 30 Sep 2019 13:03:25 +0000 (15:03 +0200)]
Merge pull request #8356 from rgacogne/ddist-140-rc3-changelog-secpoll
dnsdist: ChangeLog and secpoll update for 1.4.0-rc3
Remi Gacogne [Mon, 30 Sep 2019 08:40:26 +0000 (10:40 +0200)]
dnsdist: add DNS over HTTPS and DNS over TLS tags to the conf
Remi Gacogne [Mon, 30 Sep 2019 08:28:35 +0000 (10:28 +0200)]
dnsdist: ChangeLog and secpoll update for 1.4.0-rc3
Remi Gacogne [Mon, 30 Sep 2019 02:03:55 +0000 (04:03 +0200)]
Merge pull request #8318 from rgacogne/ddist-prometheus-labels
dnsdist: Better use of labels in our DoH prometheus export
Remi Gacogne [Sun, 29 Sep 2019 21:00:34 +0000 (23:00 +0200)]
Merge pull request #8349 from rgacogne/ddist-doh-tickets
dnsdist: Implement TLS Session Ticket Keys management for DoH
Otto Moerbeek [Fri, 27 Sep 2019 14:28:44 +0000 (16:28 +0200)]
Problem found by coverity.
Remi Gacogne [Fri, 27 Sep 2019 14:15:40 +0000 (16:15 +0200)]
dnsdist: Remove references to GnuTLS for DoH
Remi Gacogne [Fri, 27 Sep 2019 14:11:23 +0000 (16:11 +0200)]
dnsdist: Exclude TLS session resumption tests from Travis (no DoH, old libssl)
Remi Gacogne [Fri, 27 Sep 2019 14:10:36 +0000 (16:10 +0200)]
dnsdist: Document DoH TLS Session Ticket keys management. Add tests.
Otto Moerbeek [Fri, 27 Sep 2019 14:00:08 +0000 (16:00 +0200)]
Merge pull request #8343 from omoerbeek/lgtm-low-hanging-fruit
Lgtm low hanging fruit
Otto Moerbeek [Fri, 27 Sep 2019 13:57:39 +0000 (15:57 +0200)]
Merge pull request #8350 from omoerbeek/fix-bind-mutex-leak
bind backend: pthread_mutex_t should be inited and destroyed and not be copied
Otto Moerbeek [Fri, 27 Sep 2019 12:40:24 +0000 (14:40 +0200)]
bind backend: pthread_mutex_t should be inited and destroyed and not be copied
To make our live easier, use a native C++ mutex.
Fixes #8161
Remi Gacogne [Thu, 26 Sep 2019 15:02:48 +0000 (17:02 +0200)]
dnsdist: Skip TCP metrics for UDP frontends over prometheus
Remi Gacogne [Thu, 26 Sep 2019 14:19:28 +0000 (16:19 +0200)]
dnsdist: Implement TLS Session Ticket Keys management for DoH
Remi Gacogne [Thu, 26 Sep 2019 12:36:51 +0000 (14:36 +0200)]
Merge pull request #8348 from rgacogne/auth-unit-hardening
auth: Add NoNewPrivileges, PrivateDevices and PrivateTmp back
Remi Gacogne [Thu, 26 Sep 2019 11:35:12 +0000 (13:35 +0200)]
auth: Add NoNewPrivileges, PrivateDevices and PrivateTmp back
Frank Louwers [Thu, 26 Sep 2019 09:42:27 +0000 (11:42 +0200)]
Add comments on why we need this
Frank Louwers [Thu, 26 Sep 2019 09:22:55 +0000 (11:22 +0200)]
Only register our handler when we're pid 1, and change to doExit()
Remi Gacogne [Thu, 26 Sep 2019 07:58:05 +0000 (09:58 +0200)]
Merge pull request #8208 from rgacogne/no-naked-pointers
auth: Get rid of most remaining naked pointers
Remi Gacogne [Wed, 25 Sep 2019 15:04:26 +0000 (17:04 +0200)]
auth: Mark getFreshAXFRPacket() as static
Remi Gacogne [Wed, 25 Sep 2019 15:03:43 +0000 (17:03 +0200)]
auth: Use shared pointers for the DNSPacket Lua bindings
Frank Louwers [Wed, 25 Sep 2019 10:07:14 +0000 (12:07 +0200)]
Add signal handling for SIGTERM and SIGINT in pdns_recursor
The Linux kernel handles signals for PID 1 processes differently. It
doesn't implement a default handler for some signals such as
SIGTERM/SIGINT.
When running pdns_recursor as a container, this causes a few annoyances.
You can work around those by running your containers with --init or by
installing `tini` inside the container. Or you can handle the signals in
the application itself.
This commit adds signal() handlers for SIGTERM and SIGINT for
pdns_recursor.
Otto Moerbeek [Wed, 25 Sep 2019 11:33:05 +0000 (13:33 +0200)]
Merge pull request #8339 from omoerbeek/clang-format-file
clang-format file proposal
Otto Moerbeek [Wed, 25 Sep 2019 10:25:51 +0000 (12:25 +0200)]
Merge pull request #8340 from omoerbeek/rec-rpz-load-zz
Fix #8338: Issue with "zz" abbreviation for IPv6 RPZ triggers
Remi Gacogne [Sun, 4 Aug 2019 19:28:48 +0000 (21:28 +0200)]
auth: Get rid of most remaining naked pointers
Otto Moerbeek [Wed, 25 Sep 2019 08:00:47 +0000 (10:00 +0200)]
Add lgtm annotations and #error directives if we're configured wrongly.
Already showing its worth: a few ac checks were missing.
Otto Moerbeek [Tue, 24 Sep 2019 14:51:57 +0000 (16:51 +0200)]
Missed one case of localtime()
Otto Moerbeek [Tue, 24 Sep 2019 14:30:18 +0000 (16:30 +0200)]
Some low-hanging LGTM fruit
Otto Moerbeek [Tue, 24 Sep 2019 11:27:45 +0000 (13:27 +0200)]
Incorporate suggestions from rgacogne
Peter van Dijk [Tue, 24 Sep 2019 08:20:48 +0000 (10:20 +0200)]
Merge pull request #8328 from mind04/pdns-mysql-ssl
auth: gmysql backend, add an option to send the SSL capability flag t…
Remi Gacogne [Tue, 24 Sep 2019 07:56:34 +0000 (09:56 +0200)]
Merge pull request #8326 from rgacogne/security-policy
Add a security policy in our repo, remove outdated statement about versions
Remi Gacogne [Tue, 24 Sep 2019 07:54:00 +0000 (09:54 +0200)]
Merge pull request #8336 from Habbie/auth-no-version-in-manpage
auth: remove version number from man page footers
Remi Gacogne [Mon, 23 Sep 2019 15:04:10 +0000 (17:04 +0200)]
dnsdist: Update metrics based on the non-encrypted rcode over DNSCrypt
Remi Gacogne [Mon, 23 Sep 2019 14:34:38 +0000 (16:34 +0200)]
dnsdist: Update frontend* stats over TCP as well
Remi Gacogne [Mon, 23 Sep 2019 14:34:21 +0000 (16:34 +0200)]
dnsdist: Better use of labels in our DoH prometheus export
Also add stats about TLS session resumption.
Kees Monshouwer [Wed, 28 Aug 2019 10:07:02 +0000 (12:07 +0200)]
auth: gmysql backend, add an option to send the SSL capability flag to the server
Otto Moerbeek [Mon, 23 Sep 2019 12:59:38 +0000 (14:59 +0200)]
Fix #8338: Issue with "zz" abbreviation for IPv6 RPZ triggers
While there, add unittest for translating rpz names into netmasks
Otto Moerbeek [Mon, 23 Sep 2019 09:43:42 +0000 (11:43 +0200)]
clang-format file proposal
Run with clang-format [-i] -style=file in the tree.
-i does an in-place edit, without it result is written to stdout.
Peter van Dijk [Mon, 23 Sep 2019 08:38:39 +0000 (10:38 +0200)]
auth: remove version number from man page footers
Peter van Dijk [Mon, 23 Sep 2019 08:29:25 +0000 (10:29 +0200)]
Merge pull request #8332 from omoerbeek/rec-no-version-in-manpage
Remove version number in man page footer
Remi Gacogne [Mon, 23 Sep 2019 07:46:51 +0000 (09:46 +0200)]
Be more than explicit about the fact that dnsdist is also covered
Otto Moerbeek [Sat, 21 Sep 2019 08:09:38 +0000 (10:09 +0200)]
Remove version number
Peter van Dijk [Fri, 20 Sep 2019 15:35:43 +0000 (17:35 +0200)]
Merge pull request #8050 from mind04/nochop
Improved version of #8031 and some other fixes and optimizations.
Peter van Dijk [Fri, 20 Sep 2019 15:34:25 +0000 (17:34 +0200)]
Merge pull request #8317 from rgacogne/getrandom-eintr
Retry getrandom() on EINTR
Remi Gacogne [Fri, 20 Sep 2019 13:34:48 +0000 (15:34 +0200)]
Add a security policy in our repo, remove outdated statement about versions
Kees Monshouwer [Fri, 20 Sep 2019 13:13:26 +0000 (15:13 +0200)]
auth: cleanup slave-renotify code
Kees Monshouwer [Mon, 15 Jul 2019 08:55:28 +0000 (10:55 +0200)]
auth: improve the handling of duplicate id's in bindbackend
duplicate id's are not allowed in powerdns and will still result in undefined behavior
Kees Monshouwer [Mon, 16 Jan 2017 09:19:47 +0000 (10:19 +0100)]
auth: bind-backend, improve the domain_id check in lookup()
zone_id was not checked for a root zone and finding the right zone for a specific zone_id was super slow
With this commit, the uncached output of bind backen will increase by approximately 10%
Kees Monshouwer [Wed, 10 Jul 2019 10:16:31 +0000 (12:16 +0200)]
auth: silence 'mastercommunicator.cc:223:104 warning: ‘id’ may be used uninitialized in this function' warning
id was set in getOne()
Kees Monshouwer [Tue, 9 Jul 2019 20:28:45 +0000 (22:28 +0200)]
auth: pdnsutil show zone, make sure the DNSKEY is from the right zone
Kees Monshouwer [Fri, 20 Sep 2019 12:44:01 +0000 (14:44 +0200)]
auth: prevent new database connections while sending notifies
Kees Monshouwer [Tue, 9 Jul 2019 18:36:48 +0000 (20:36 +0200)]
auth: send notifies only to the nameservers in the zone
Kees Monshouwer [Tue, 9 Jul 2019 16:07:25 +0000 (18:07 +0200)]
auth: make sure the RRSIG freshness check is using the right zone
Kees Monshouwer [Tue, 9 Jul 2019 14:59:42 +0000 (16:59 +0200)]
auth: api, look for pre-existing RRsets in the right zone
Kees Monshouwer [Tue, 9 Jul 2019 20:43:19 +0000 (22:43 +0200)]
auth: remove the default default from the zone_id argument in lookup()
lookup calls without a zone_id:
modules/lmdbbackend/lmdbbackend.cc: lookup(QType(QType::SOA), domain, -1);
pdns/communicator.hh: b->lookup(QType(QType::ANY),name, -1);
pdns/pdnsutil.cc: B.lookup(QType(QType::NS), domain, -1);
pdns/pdnsutil.cc: B.lookup(QType(QType::A), DNSName(std::to_string(random()))+domain, -1);
pdns/pdnsutil.cc: B.lookup(QType(QType::DNSKEY), zone, -1 );
pdns/dnsbackend.cc: this->lookup(QType(QType::SOA),domain,-1);
pdns/mastercommunicator.cc: B->lookup(QType(QType::NS), di.zone, -1);
pdns/ws-auth.cc: di.backend->lookup(QType(QType::ANY), qname, -1);
pdns/slavecommunicator.cc: B->lookup(QType(QType::RRSIG), di.zone, -1);
Kees Monshouwer [Sat, 6 Jul 2019 20:58:41 +0000 (22:58 +0200)]
auth: prevent the chopOff() loop in lookup(), for SOA queries
without an id, in bind and lmdb backend.
Peter van Dijk [Fri, 20 Sep 2019 12:05:28 +0000 (14:05 +0200)]
Merge pull request #8324 from Habbie/coprocess-init-pid
pipebackend coprocess: initialise d_pid
Pieter Lexis [Fri, 20 Sep 2019 10:55:56 +0000 (12:55 +0200)]
Merge pull request #7956 from pieterlexis/auth-dont-start-as-root
Auth: Don't start as root on systemd
Remi Gacogne [Fri, 20 Sep 2019 08:34:53 +0000 (10:34 +0200)]
Merge pull request #8320 from phonedph1/patch-16
dnsdist: Make KVS lookup text read better
Peter van Dijk [Fri, 20 Sep 2019 08:03:30 +0000 (10:03 +0200)]
pipebackend coprocess: initialise d_pid
Peter van Dijk [Thu, 19 Sep 2019 16:09:47 +0000 (18:09 +0200)]
Merge pull request #8322 from omoerbeek/coverity-fix-cwd-for-upload
circleci coverity target: fix cwd for dnsdist and rec when uploading tarballs
Otto Moerbeek [Thu, 19 Sep 2019 16:04:45 +0000 (18:04 +0200)]
Fix cwd for dnsdist and rec when uploading tarballs so ./builder-support
is accessible.
phonedph1 [Thu, 19 Sep 2019 15:59:10 +0000 (09:59 -0600)]
Update dnsdist-kvs.hh
Remi Gacogne [Thu, 19 Sep 2019 12:48:26 +0000 (14:48 +0200)]
Merge pull request #8159 from rgacogne/auth-faster-pipebackend
auth: Emulate a buffered read in the pipe backend, ~3x faster
Remi Gacogne [Thu, 19 Sep 2019 12:02:29 +0000 (14:02 +0200)]
Merge pull request #8316 from rgacogne/dnsdist-healthcheck-tests-timing
dnsdist: Add more leeway in the health checks tests
Remi Gacogne [Thu, 19 Sep 2019 08:10:07 +0000 (10:10 +0200)]
Retry getrandom() on EINTR
Otto Moerbeek [Wed, 18 Sep 2019 16:53:49 +0000 (18:53 +0200)]
Merge pull request #8044 from Habbie/pdnsutil-test-algos-create-time
add key make time to pdnsutil test-all-algorithms, cleanup return type
Pieter Lexis [Wed, 18 Sep 2019 16:53:33 +0000 (18:53 +0200)]
Merge pull request #8304 from rgacogne/dnsdist-remotelog-client
dnsdist: Don't connect to remote logger in client/command mode
Otto Moerbeek [Wed, 18 Sep 2019 16:52:46 +0000 (18:52 +0200)]
Merge pull request #7973 from yantarou/do_pdsn_control_current_config
docs: Add missing words in pdns_control man page
Pieter Lexis [Wed, 18 Sep 2019 16:51:47 +0000 (18:51 +0200)]
Merge pull request #8305 from Habbie/circleci-local
makefile + one line doc for `circleci local execute`
Otto Moerbeek [Wed, 18 Sep 2019 16:51:12 +0000 (18:51 +0200)]
Merge pull request #8245 from Habbie/dns_random_testing
dns_random: verify upper bound; fix boundary condition for QID generation