]> granicus.if.org Git - pdns/log
pdns
5 years agouse named constant instead of magic number
Peter van Dijk [Wed, 23 Oct 2019 14:17:55 +0000 (16:17 +0200)]
use named constant instead of magic number

5 years agoMerge pull request #8416 from rgacogne/ddist-dohunit-refcount
Remi Gacogne [Wed, 23 Oct 2019 10:02:26 +0000 (12:02 +0200)]
Merge pull request #8416 from rgacogne/ddist-dohunit-refcount

dnsdist: Implement ref counting for the DOHUnit object

5 years agoMerge pull request #8447 from rgacogne/ddist-tls-error-counters
Remi Gacogne [Wed, 23 Oct 2019 10:01:54 +0000 (12:01 +0200)]
Merge pull request #8447 from rgacogne/ddist-tls-error-counters

dnsdist: Add metrics about TLS handshake failures for DoH and DoT

5 years agoMerge pull request #8451 from omoerbeek/auth-zonfile-generate
Otto Moerbeek [Wed, 23 Oct 2019 09:50:38 +0000 (11:50 +0200)]
Merge pull request #8451 from omoerbeek/auth-zonfile-generate

Basic validation of $GENERATE parameters

5 years agoMerge pull request #8391 from omoerbeek/rec-out-of-order
Otto Moerbeek [Wed, 23 Oct 2019 09:44:10 +0000 (11:44 +0200)]
Merge pull request #8391 from omoerbeek/rec-out-of-order

rec: Allow multiple simultaneous incoming TCP queries over a connection

5 years agoBasic validation of $GENERATE parameters
Otto Moerbeek [Wed, 23 Oct 2019 08:50:33 +0000 (10:50 +0200)]
Basic validation of $GENERATE parameters

5 years agoUse two auths to avoid serialization problems, as suggested by Habbie
Otto Moerbeek [Wed, 23 Oct 2019 08:32:51 +0000 (08:32 +0000)]
Use two auths to avoid serialization problems, as suggested by Habbie

5 years agoTeask: more auth threads and prime the delay.example NS
Otto Moerbeek [Wed, 23 Oct 2019 07:53:03 +0000 (09:53 +0200)]
Teask: more auth threads and prime the delay.example NS

5 years agoMerge pull request #8434 from mind04/pdns-remove-mydns
Peter van Dijk [Tue, 22 Oct 2019 16:56:13 +0000 (18:56 +0200)]
Merge pull request #8434 from mind04/pdns-remove-mydns

auth: remove mydns backend

5 years agodnsdist: Fix missing 'thread' key on some prometheus labels
Remi Gacogne [Tue, 22 Oct 2019 15:24:26 +0000 (17:24 +0200)]
dnsdist: Fix missing 'thread' key on some prometheus labels

5 years agodnsdist: Add metrics about TLS handshake failures for DoH and DoT
Remi Gacogne [Tue, 22 Oct 2019 15:16:53 +0000 (17:16 +0200)]
dnsdist: Add metrics about TLS handshake failures for DoH and DoT

5 years agoTests, docs and validation of OOO setting.
Otto Moerbeek [Fri, 11 Oct 2019 11:38:50 +0000 (11:38 +0000)]
Tests, docs and validation of OOO setting.

Test required some framework work to allow for auths having
more than 1 thread.

5 years agoMerge pull request #8367 from pieterlexis/rfc8020
Otto Moerbeek [Tue, 22 Oct 2019 14:42:00 +0000 (16:42 +0200)]
Merge pull request #8367 from pieterlexis/rfc8020

Implement RFC 8020 "NXDOMAIN: There Really Is Nothing Underneath"

5 years agoMerge pull request #8445 from Habbie/skip-useless-unbound-call
Otto Moerbeek [Tue, 22 Oct 2019 05:51:01 +0000 (07:51 +0200)]
Merge pull request #8445 from Habbie/skip-useless-unbound-call

auth ds-at-apex-noerror test: do not run unbound-host

5 years agoauth ds-at-apex-noerror test: do not run unbound-host
Peter van Dijk [Mon, 21 Oct 2019 22:41:31 +0000 (00:41 +0200)]
auth ds-at-apex-noerror test: do not run unbound-host

5 years agoImplement RFC 8020
Pieter Lexis [Tue, 1 Oct 2019 10:25:58 +0000 (12:25 +0200)]
Implement RFC 8020

This commit implements the "NXDOMAIN: There Really Is Nothing Underneath".
When enabled (the default), the SyncRes will check the negative cache if
there exists a higher denied name and uses that data to send an NXDOMAIN
to the client. In essence, it is a more aggressive version of
root-nx-trust (which could be removed in the future).

There are several advantages:

 * We potentially send fewer queries to the internet
 * The record cache is not "polluted" with useless NXDOMAINs

5 years agoMerge pull request #8437 from Habbie/dnsdist-doc-nits-1.4.0
Remi Gacogne [Sat, 19 Oct 2019 11:38:41 +0000 (13:38 +0200)]
Merge pull request #8437 from Habbie/dnsdist-doc-nits-1.4.0

dnsdist docs: fix versionadded formatting

5 years agoMerge pull request #8433 from Habbie/dns64-ptr-cname
Peter van Dijk [Fri, 18 Oct 2019 14:19:45 +0000 (16:19 +0200)]
Merge pull request #8433 from Habbie/dns64-ptr-cname

dns64: stop hiding PTR indirection

5 years agofix versionadded formatting
Peter van Dijk [Fri, 18 Oct 2019 11:59:41 +0000 (13:59 +0200)]
fix versionadded formatting

5 years agodns64: stop hiding PTR indirection
Peter van Dijk [Fri, 18 Oct 2019 10:31:55 +0000 (12:31 +0200)]
dns64: stop hiding PTR indirection

5 years agoMerge pull request #8432 from mind04/pdns-oracle-leftovers
Peter van Dijk [Fri, 18 Oct 2019 10:23:32 +0000 (12:23 +0200)]
Merge pull request #8432 from mind04/pdns-oracle-leftovers

pdns: oracle leftovers

5 years agoMerge pull request #8420 from pieterlexis/pdnsutil-algo-7
Pieter Lexis [Fri, 18 Oct 2019 09:26:00 +0000 (11:26 +0200)]
Merge pull request #8420 from pieterlexis/pdnsutil-algo-7

pdnsutil: add algo 7 to add-zone-key help

5 years agopdns: oracle leftovers
Kees Monshouwer [Thu, 17 Oct 2019 21:00:03 +0000 (23:00 +0200)]
pdns: oracle leftovers

5 years agoauth: remove mydns backend
Kees Monshouwer [Thu, 17 Oct 2019 20:29:02 +0000 (22:29 +0200)]
auth: remove mydns backend

5 years agoMerge pull request #8429 from Habbie/ubuntu-eoan
Peter van Dijk [Thu, 17 Oct 2019 14:22:46 +0000 (16:22 +0200)]
Merge pull request #8429 from Habbie/ubuntu-eoan

add Ubuntu eoan builder target

5 years agoadd Ubuntu eoan builder target
Peter van Dijk [Thu, 17 Oct 2019 10:21:45 +0000 (12:21 +0200)]
add Ubuntu eoan builder target

5 years agoMerge pull request #8400 from pieterlexis/centos-8-pkgs
Pieter Lexis [Wed, 16 Oct 2019 11:32:31 +0000 (13:32 +0200)]
Merge pull request #8400 from pieterlexis/centos-8-pkgs

Add CentOS 8 as builder target

5 years agoMerge pull request #8325 from pieterlexis/disabled-in-api
Pieter Lexis [Wed, 16 Oct 2019 11:32:03 +0000 (13:32 +0200)]
Merge pull request #8325 from pieterlexis/disabled-in-api

auth API: make disabled optional for Record

5 years agoMerge pull request #8421 from rgacogne/ddist-fix-merge-rotation-delay
Remi Gacogne [Tue, 15 Oct 2019 20:52:16 +0000 (22:52 +0200)]
Merge pull request #8421 from rgacogne/ddist-fix-merge-rotation-delay

dnsdist: Fix merge issue (d_ticketsKeyRotationDelay)

5 years agopdnsutil: add algo 7 to add-zone-key help
Pieter Lexis [Tue, 15 Oct 2019 18:14:30 +0000 (20:14 +0200)]
pdnsutil: add algo 7 to add-zone-key help

5 years agodnsdist: Fix merge issue (d_ticketsKeyRotationDelay)
Remi Gacogne [Tue, 15 Oct 2019 18:14:11 +0000 (20:14 +0200)]
dnsdist: Fix merge issue (d_ticketsKeyRotationDelay)

d_ticketsKeyRotationDelay is now in the TLSConfig object.

5 years agoMerge pull request #8411 from rgacogne/dnsdist-better-log-action
Remi Gacogne [Tue, 15 Oct 2019 12:49:44 +0000 (14:49 +0200)]
Merge pull request #8411 from rgacogne/dnsdist-better-log-action

dnsdist: Add more options to LogAction (non-verbose mode, timestamps)

5 years agoMerge pull request #8383 from rgacogne/ddist-merge-doh-dot-contexts
Remi Gacogne [Tue, 15 Oct 2019 12:47:38 +0000 (14:47 +0200)]
Merge pull request #8383 from rgacogne/ddist-merge-doh-dot-contexts

dnsdist: Merge the setup of TLS contexts in Doh and DoT

5 years agoMerge pull request #8408 from rgacogne/ddist-buffer-size-cache
Remi Gacogne [Tue, 15 Oct 2019 12:42:29 +0000 (14:42 +0200)]
Merge pull request #8408 from rgacogne/ddist-buffer-size-cache

dnsdist: Fix the caching of large entries

5 years agoMerge pull request #8417 from rgacogne/auth-dist-unit2.test
Remi Gacogne [Tue, 15 Oct 2019 10:21:38 +0000 (12:21 +0200)]
Merge pull request #8417 from rgacogne/auth-dist-unit2.test

Add regression-tests/zones/unit2.test to EXTRA_DIST

5 years agoAdd regression-tests/zones/unit2.test to EXTRA_DIST
Remi Gacogne [Tue, 15 Oct 2019 08:13:37 +0000 (10:13 +0200)]
Add regression-tests/zones/unit2.test to EXTRA_DIST

Otherwise the unit tests fail.

5 years agodnsdist: Use std::max() to compute the size of the incoming buffer
Remi Gacogne [Fri, 11 Oct 2019 14:44:25 +0000 (16:44 +0200)]
dnsdist: Use std::max() to compute the size of the incoming buffer

5 years agodnsdist: Add regression tests for the caching of large answers
Remi Gacogne [Fri, 11 Oct 2019 12:57:45 +0000 (14:57 +0200)]
dnsdist: Add regression tests for the caching of large answers

5 years agodnsdist: Don't cache entries larger than 4096 bytes
Remi Gacogne [Fri, 11 Oct 2019 12:52:08 +0000 (14:52 +0200)]
dnsdist: Don't cache entries larger than 4096 bytes

We won't be able to use them anyway.

5 years agodnsdist: Always allocate at least 4096 bytes for the cached response
Remi Gacogne [Fri, 11 Oct 2019 12:51:11 +0000 (14:51 +0200)]
dnsdist: Always allocate at least 4096 bytes for the cached response

5 years agodnsdist: Advertise the size really available in the query buffer
Remi Gacogne [Thu, 10 Oct 2019 15:44:43 +0000 (17:44 +0200)]
dnsdist: Advertise the size really available in the query buffer

We use to advertise s_udpIncomingBufferSize (1500) but the buffer
is really 4096 bytes long. This allows much larger responses from
to be returned from the cache.

5 years agoMerge pull request #8415 from rgacogne/ddist-tcp-stats-format
Remi Gacogne [Tue, 15 Oct 2019 08:04:49 +0000 (10:04 +0200)]
Merge pull request #8415 from rgacogne/ddist-tcp-stats-format

dnsdist: Fix formatting in showTCPStats()

5 years agodnsdist: Implement ref counting for the DOHUnit object
Remi Gacogne [Mon, 14 Oct 2019 14:18:46 +0000 (16:18 +0200)]
dnsdist: Implement ref counting for the DOHUnit object

It turns out that, at least when testing with ASAN enabled, we
sometimes trigger use-after-free detection because we get the
response from the backend, send it to the client then delete the
object before the send() call to the backend even returned.

5 years agodnsdist: Fix formatting in showTCPStats()
Remi Gacogne [Mon, 14 Oct 2019 14:02:44 +0000 (16:02 +0200)]
dnsdist: Fix formatting in showTCPStats()

5 years agoMerge pull request #8413 from rgacogne/cmsg_space_osx
Remi Gacogne [Mon, 14 Oct 2019 13:39:59 +0000 (15:39 +0200)]
Merge pull request #8413 from rgacogne/cmsg_space_osx

Work around CMSG_SPACE somehow not being a constexpr on macOS

5 years agoMerge pull request #8414 from omoerbeek/test-zoneparse-more-modern
Otto Moerbeek [Mon, 14 Oct 2019 11:09:47 +0000 (13:09 +0200)]
Merge pull request #8414 from omoerbeek/test-zoneparse-more-modern

test-zoneparser_tng: more modern C++ idiom

5 years agoWork around CMSG_SPACE somehow not being a constexpr on macOS
Remi Gacogne [Mon, 14 Oct 2019 08:21:20 +0000 (10:21 +0200)]
Work around CMSG_SPACE somehow not being a constexpr on macOS

5 years agoMore modern C++ idiom
Otto Moerbeek [Mon, 14 Oct 2019 07:06:35 +0000 (09:06 +0200)]
More modern C++ idiom

5 years agoMerge pull request #8372 from rgacogne/ddist-vrf-itf
Remi Gacogne [Sat, 12 Oct 2019 13:25:17 +0000 (15:25 +0200)]
Merge pull request #8372 from rgacogne/ddist-vrf-itf

dnsdist: Use SO_BINDTODEVICE when available for newServer's source itf

5 years agoMerge pull request #8409 from rgacogne/ddist-prometheus-descriptions-pool
Remi Gacogne [Sat, 12 Oct 2019 13:23:47 +0000 (15:23 +0200)]
Merge pull request #8409 from rgacogne/ddist-prometheus-descriptions-pool

dnsdist: Add missing prometheus descriptions for cache-related metrics

5 years agodnsdist: Add more options to LogAction (non-verbose mode, timestamps)
Remi Gacogne [Fri, 11 Oct 2019 15:16:37 +0000 (17:16 +0200)]
dnsdist: Add more options to LogAction (non-verbose mode, timestamps)

5 years agoMerge pull request #8410 from franklouwers/doc/setQueryRate-fix
Remi Gacogne [Fri, 11 Oct 2019 14:38:51 +0000 (16:38 +0200)]
Merge pull request #8410 from franklouwers/doc/setQueryRate-fix

Fix typo in setQueryRate docs

5 years agodnsdist: Don't call SO_BINDTODEVICE with an empty interface name
Remi Gacogne [Fri, 11 Oct 2019 14:26:51 +0000 (16:26 +0200)]
dnsdist: Don't call SO_BINDTODEVICE with an empty interface name

5 years agodnsdist: Fix indentation in newServer()
Remi Gacogne [Fri, 11 Oct 2019 14:12:54 +0000 (16:12 +0200)]
dnsdist: Fix indentation in newServer()

5 years agoClarify comment
Frank Louwers [Fri, 11 Oct 2019 14:10:08 +0000 (16:10 +0200)]
Clarify comment

5 years agoFix typo in setQueryRate docs
Frank Louwers [Fri, 11 Oct 2019 14:00:31 +0000 (16:00 +0200)]
Fix typo in setQueryRate docs

5 years agodnsdist: Add missing prometheus descriptions for cache-related metrics
Remi Gacogne [Fri, 11 Oct 2019 13:24:55 +0000 (15:24 +0200)]
dnsdist: Add missing prometheus descriptions for cache-related metrics

5 years agoMerge pull request #8406 from rgacogne/ddist-tls-ticket-key-stats
Remi Gacogne [Fri, 11 Oct 2019 13:16:16 +0000 (15:16 +0200)]
Merge pull request #8406 from rgacogne/ddist-tls-ticket-key-stats

dnsdist: Add metrics about unknown/inactive TLS ticket keys

5 years agoMerge pull request #8407 from omoerbeek/auth-lua-records-shadowing
Otto Moerbeek [Fri, 11 Oct 2019 12:54:33 +0000 (14:54 +0200)]
Merge pull request #8407 from omoerbeek/auth-lua-records-shadowing

auth: A few shadowing cases.

5 years agoA few shadowing cases.
Otto Moerbeek [Fri, 11 Oct 2019 12:05:22 +0000 (14:05 +0200)]
A few shadowing cases.

5 years agoProper in-flight maintenance; settable setting with doc.
Otto Moerbeek [Fri, 11 Oct 2019 09:22:39 +0000 (11:22 +0200)]
Proper in-flight maintenance; settable setting with doc.

5 years agodnsdist: Add metrics about unknown/inactive TLS ticket keys
Remi Gacogne [Thu, 10 Oct 2019 14:57:29 +0000 (16:57 +0200)]
dnsdist: Add metrics about unknown/inactive TLS ticket keys

5 years agodnsdist: Merge the setup of TLS contexts in Doh and DoT
Remi Gacogne [Fri, 4 Oct 2019 15:57:04 +0000 (17:57 +0200)]
dnsdist: Merge the setup of TLS contexts in Doh and DoT

5 years agoMerge pull request #8398 from rgacogne/ddist-fix-session-resumption-tests
Remi Gacogne [Thu, 10 Oct 2019 14:44:41 +0000 (16:44 +0200)]
Merge pull request #8398 from rgacogne/ddist-fix-session-resumption-tests

dnsdist: Check that tickets have really been written in the tests, really disable tickets when asked

5 years agoMerge pull request #8387 from rgacogne/dnsdist-tls-versions
Remi Gacogne [Thu, 10 Oct 2019 14:44:23 +0000 (16:44 +0200)]
Merge pull request #8387 from rgacogne/dnsdist-tls-versions

dnsdist: Add metrics about TLS versions with DNS over TLS

5 years agoMerge pull request #8404 from rgacogne/ddist-typo-suffixmatchnode-doc
Remi Gacogne [Thu, 10 Oct 2019 14:34:45 +0000 (16:34 +0200)]
Merge pull request #8404 from rgacogne/ddist-typo-suffixmatchnode-doc

dnsdist: Add a missing line before SuffixMatchNode's 'versionadded'

5 years agoMerge pull request #8396 from omoerbeek/zoneparser-fixed-format
Otto Moerbeek [Thu, 10 Oct 2019 14:08:09 +0000 (16:08 +0200)]
Merge pull request #8396 from omoerbeek/zoneparser-fixed-format

Do not use variable printf format strings

5 years agodnsdist: Add a missing line before SuffixMatchNode's 'versionadded'
Remi Gacogne [Thu, 10 Oct 2019 12:56:14 +0000 (14:56 +0200)]
dnsdist: Add a missing line before SuffixMatchNode's 'versionadded'

5 years agoAdd CentOS 8 as builder target
Pieter Lexis [Thu, 10 Oct 2019 12:03:21 +0000 (14:03 +0200)]
Add CentOS 8 as builder target

5 years agoMerge pull request #8395 from rgacogne/ddist-doh-concurrent-connections
Remi Gacogne [Thu, 10 Oct 2019 09:07:21 +0000 (11:07 +0200)]
Merge pull request #8395 from rgacogne/ddist-doh-concurrent-connections

dnsdist: Count the number of concurrent connections for DoH as well

5 years agodnsdist: Add TLS version metrics to the API as well
Remi Gacogne [Thu, 10 Oct 2019 09:00:30 +0000 (11:00 +0200)]
dnsdist: Add TLS version metrics to the API as well

5 years agodnsdist: Check that tickets have been written when needed
Remi Gacogne [Tue, 8 Oct 2019 14:14:32 +0000 (16:14 +0200)]
dnsdist: Check that tickets have been written when needed

But they might not have been, especially when a session has been
resumed and it was encrypted with a Session Ticket Encryption Key
still active.

5 years agodnsdist: Really disable TLS tickets for TLS 1.3 when asked
Remi Gacogne [Tue, 8 Oct 2019 14:14:04 +0000 (16:14 +0200)]
dnsdist: Really disable TLS tickets for TLS 1.3 when asked

5 years agoMerge pull request #8388 from rgacogne/dnsdist-doh-rotation-key-clear
Remi Gacogne [Thu, 10 Oct 2019 08:04:00 +0000 (10:04 +0200)]
Merge pull request #8388 from rgacogne/dnsdist-doh-rotation-key-clear

dnsdist: Clear the DoH Session Ticket Encryption Key in the ctor

5 years agoAdd unit test for zone file with template
Otto Moerbeek [Wed, 9 Oct 2019 14:21:00 +0000 (16:21 +0200)]
Add unit test for zone file with template

5 years agodnsdist: Count the number of concurrent connections for DoH as well
Remi Gacogne [Wed, 9 Oct 2019 13:41:50 +0000 (15:41 +0200)]
dnsdist: Count the number of concurrent connections for DoH as well

5 years agoUsing a variable format string opens up all kinds of cans of worms.
Otto Moerbeek [Wed, 9 Oct 2019 12:39:29 +0000 (14:39 +0200)]
Using a variable format string opens up all kinds of cans of worms.

5 years agoOn read error we remove the fd from the set. If there are still queries in-flight
Otto Moerbeek [Wed, 9 Oct 2019 09:12:38 +0000 (11:12 +0200)]
On read error we remove the fd from the set. If there are still queries in-flight
we will add it back if the in-flight condition is true.
This is not a real problem as the next handleTCPClientReadable() will take care.
Add a comment to explain that.
Also, setting the TTD might throw so handle that.
We might need a forgiving variant of removeReadFD() and setReadTTD().

5 years ago- Fix multiplexer accounting in the write error case
Otto Moerbeek [Wed, 9 Oct 2019 08:35:00 +0000 (10:35 +0200)]
- Fix multiplexer accounting in the write error case
- Use proper type for in-flight accounting

5 years agoMerge pull request #7719 from Habbie/dnspython-assertequal
Peter van Dijk [Wed, 9 Oct 2019 07:29:17 +0000 (09:29 +0200)]
Merge pull request #7719 from Habbie/dnspython-assertequal

better assertEqual for dnspython

5 years agoAllow multiple simulaneous incoming TCP queries over a connection.
Otto Moerbeek [Wed, 18 Sep 2019 10:01:01 +0000 (12:01 +0200)]
Allow multiple simulaneous incoming TCP queries over a connection.
Answers are sent out the moment the become available, so not
necesarily in the same order as received. There's a limit on how
many queries per TCP induced connection we may have in flight.

5 years agorecursor-dnssec: use eqdnsmessage
Peter van Dijk [Thu, 3 Oct 2019 13:59:51 +0000 (15:59 +0200)]
recursor-dnssec: use eqdnsmessage

5 years agoixfrdist: eqdnsmessage
Peter van Dijk [Thu, 3 Oct 2019 13:35:43 +0000 (15:35 +0200)]
ixfrdist: eqdnsmessage

5 years ago(uselessly) add eqdnsmessage to auth testing
Peter van Dijk [Thu, 3 Oct 2019 13:26:23 +0000 (15:26 +0200)]
(uselessly) add eqdnsmessage to auth testing

5 years agomove assert helper out of dnsdist tests
Peter van Dijk [Thu, 3 Oct 2019 13:18:31 +0000 (15:18 +0200)]
move assert helper out of dnsdist tests

5 years agobetter assertEqual for dnspython
Peter van Dijk [Thu, 11 Apr 2019 15:40:20 +0000 (17:40 +0200)]
better assertEqual for dnspython

before:
AssertionError: <DNS message, ID 38993> != <DNS message, ID 38993>

after:
AssertionError: <DNS message, ID 46818> != <DNS message, ID 46818>:
--- first
+++ second
@@ -1,10 +1,10 @@
 id 46818
-opcode 6
-rcode NOTAUTH
-flags AD CD
+opcode QUERY
+rcode NOERROR
+flags RD
 ;QUESTION
 xpf.tests.powerdns.com. IN A
 ;ANSWER
 ;AUTHORITY
 ;ADDITIONAL
-. 0 IN TYPE65422 \# 14 04117f0000017f000001f8bc14dc
+xpf.tests.powerdns.com. 60 IN TYPE65422 \# 14 04117f0000017f00000100000000

5 years agoMerge pull request #8351 from Habbie/no-move-mutex
Otto Moerbeek [Tue, 8 Oct 2019 08:23:49 +0000 (10:23 +0200)]
Merge pull request #8351 from Habbie/no-move-mutex

auth statbag: move to std::mutex, avoid copies

5 years agoMerge pull request #8382 from rgacogne/ddist-ciphers-order
Remi Gacogne [Mon, 7 Oct 2019 15:27:37 +0000 (17:27 +0200)]
Merge pull request #8382 from rgacogne/ddist-ciphers-order

dnsdist: Add a 'preferServerCiphers' option for DoH and DoT

5 years agoMerge pull request #8381 from rgacogne/ddist-prometheus-thread-number
Remi Gacogne [Mon, 7 Oct 2019 15:27:20 +0000 (17:27 +0200)]
Merge pull request #8381 from rgacogne/ddist-prometheus-thread-number

dnsdist: Add a prometheus 'thread' label to distinguish identical frontends

5 years agoMerge pull request #8375 from rgacogne/ddist-python-dns-options-print
Remi Gacogne [Mon, 7 Oct 2019 15:26:55 +0000 (17:26 +0200)]
Merge pull request #8375 from rgacogne/ddist-python-dns-options-print

Implement python's to_text() for Cookies and Client Subnet options

5 years agodnsdist: Clear the DoH Session Ticket Encryption Key in the ctor
Remi Gacogne [Mon, 7 Oct 2019 14:32:13 +0000 (16:32 +0200)]
dnsdist: Clear the DoH Session Ticket Encryption Key in the ctor

5 years agodnsdist: Add metrics about TLS versions with DNS over TLS
Remi Gacogne [Mon, 7 Oct 2019 14:00:59 +0000 (16:00 +0200)]
dnsdist: Add metrics about TLS versions with DNS over TLS

5 years agoAnd declare assignment operator deleted
Otto Moerbeek [Mon, 7 Oct 2019 12:17:36 +0000 (14:17 +0200)]
And declare assignment operator deleted

5 years agoMerge pull request #8385 from omoerbeek/more-strict-flags
Otto Moerbeek [Mon, 7 Oct 2019 11:44:59 +0000 (13:44 +0200)]
Merge pull request #8385 from omoerbeek/more-strict-flags

More strict flags

5 years agoWhile there is no shadowing going on for global functions, improve
Otto Moerbeek [Mon, 7 Oct 2019 09:27:13 +0000 (11:27 +0200)]
While there is no shadowing going on for global functions, improve
consistency by calling a lua_state lua_state.

5 years agoAdd copy-ct, gcc C++ lib <= 4.8 seems to need it.
Otto Moerbeek [Mon, 7 Oct 2019 08:43:41 +0000 (10:43 +0200)]
Add copy-ct, gcc C++ lib <= 4.8 seems to need it.

5 years agoSome more shadowing going on
Otto Moerbeek [Fri, 4 Oct 2019 15:13:19 +0000 (17:13 +0200)]
Some more shadowing going on

5 years agoUse -Wextra -Wshadow.
Otto Moerbeek [Fri, 4 Oct 2019 14:40:00 +0000 (16:40 +0200)]
Use -Wextra -Wshadow.

This cause plenty of signed-compare warnings from clang in the unit-tests. So
fix those plus a few cases of -Wshadow.

5 years agodnsdist: Add a 'preferServerCiphers' option for DoH and DoT
Remi Gacogne [Fri, 4 Oct 2019 10:28:56 +0000 (12:28 +0200)]
dnsdist: Add a 'preferServerCiphers' option for DoH and DoT

It used to be that the servers had a much better configuration than
the clients, but nowadays we better rely on the clients, as they
know whether they have hardware support for a specific algorithm
which might save battery life or improve latency by a large margin.

5 years agodnsdist: Add a prometheus 'thread' label to distinguish identical frontends
Remi Gacogne [Fri, 4 Oct 2019 09:13:42 +0000 (11:13 +0200)]
dnsdist: Add a prometheus 'thread' label to distinguish identical frontends