]>
granicus.if.org Git - pdns/log
Pieter Lexis [Wed, 29 Mar 2017 08:15:48 +0000 (10:15 +0200)]
Merge pull request #5112 from pieterlexis/issue-4655
Stubresolver: Use only `resolver` setting if given
Pieter Lexis [Wed, 29 Mar 2017 08:14:29 +0000 (10:14 +0200)]
Merge pull request #5206 from rgacogne/rec-packetcache-tag-unit-tests
rec: Add unit tests for the packet cache tags handling
Pieter Lexis [Wed, 29 Mar 2017 08:14:11 +0000 (10:14 +0200)]
Merge pull request #5205 from rgacogne/rec-coverity
rec: Use `cend()` instead of `end()` when comparing with a const iterator
Pieter Lexis [Wed, 29 Mar 2017 08:13:58 +0000 (10:13 +0200)]
Merge pull request #5196 from Habbie/docs-nits
Docs nits
Remi Gacogne [Sun, 26 Mar 2017 07:55:27 +0000 (09:55 +0200)]
Merge pull request #5194 from rgacogne/dnsdist-fix-dest-port-when-harvesting
dnsdist: Fix destination port reporting on "any" binds
Remi Gacogne [Sat, 25 Mar 2017 15:46:24 +0000 (16:46 +0100)]
rec: Add unit tests for the packet cache tags handling
Remi Gacogne [Sat, 25 Mar 2017 09:12:36 +0000 (10:12 +0100)]
rec: Use `cend()` instead of `end()` when comparing with a const iterator
Reported by Coverity.
Peter van Dijk [Fri, 24 Mar 2017 14:55:55 +0000 (15:55 +0100)]
Merge pull request #5198 from rgacogne/rec-gettag-edns-options
rec: Allow access to EDNS options from the `gettag()` hook
Peter van Dijk [Fri, 24 Mar 2017 10:23:31 +0000 (11:23 +0100)]
Merge pull request #5197 from nivex/zone-count-verbose
pdnsutil: Only print zonecount if invoked verbose
Remi Gacogne [Thu, 23 Mar 2017 16:27:21 +0000 (17:27 +0100)]
rec: Allow access to EDNS options from the `gettag()` hook
If `gettag-needs-edns-options` is set, the EDNS options are extracted
and passed to the `gettag()` hook as a table whose keys are the
EDNS option code and the values are `EDNSOptionView` object.
`EDNSOptionView` has two members, `content` and `size`, with `content`
holding the raw, undecoded option value.
Pieter Lexis [Fri, 24 Mar 2017 09:23:54 +0000 (10:23 +0100)]
Merge pull request #5192 from 0xf3f/master
Fix wrong launch/module name in PostgreSQL 4.x auth docs
Kevin Otte [Thu, 23 Mar 2017 15:19:51 +0000 (11:19 -0400)]
Only print zonecount if invoked verbose
Peter van Dijk [Thu, 23 Mar 2017 13:12:24 +0000 (14:12 +0100)]
move getDH methods so we get correct list formatting
Peter van Dijk [Thu, 23 Mar 2017 13:12:13 +0000 (14:12 +0100)]
correct Docker instructions
Remi Gacogne [Thu, 23 Mar 2017 09:38:16 +0000 (10:38 +0100)]
dnsdist: Add regression tests for local port detection
Remi Gacogne [Wed, 22 Mar 2017 22:50:38 +0000 (23:50 +0100)]
dnsdist: Fix destination port reporting on "any" binds
Over UDP we call `HarvestDestinationAddress()` to get the real
destination address via `IP_PKTINFO`., but this only sets the destination
address, not the destination port. Therefore since
7cea4e39a78ef981ee461b49bbc193fa9903f56dit the destination port was always
0 when bound to an "any" address.
Philipp [Wed, 22 Mar 2017 10:20:39 +0000 (11:20 +0100)]
Fix wrong launch/module name PostgreSQL 4.x auth docs
Pieter Lexis [Mon, 6 Mar 2017 14:06:26 +0000 (15:06 +0100)]
Stubresolver: Use only `resolver` setting if given
Use resolv.conf otherwise. Also, do not use 127.0.0.1:53 as fallback,
as this could be ourselves.
Closes #4655
Peter van Dijk [Tue, 21 Mar 2017 13:13:08 +0000 (14:13 +0100)]
Merge pull request #5163 from rgacogne/dnsdist-cleanup-tcp-downstreams
dnsdist: Cleanup closed TCP downstream connections
Peter van Dijk [Tue, 21 Mar 2017 13:10:25 +0000 (14:10 +0100)]
Merge pull request #5182 from pieterlexis/issue-5119-disable-ALIAS
ALIAS: disable expansion by default
Peter van Dijk [Tue, 21 Mar 2017 12:42:50 +0000 (13:42 +0100)]
Merge pull request #5141 from Habbie/dq-data
stop (de)serializing dq.data
Peter van Dijk [Mon, 20 Mar 2017 14:24:01 +0000 (15:24 +0100)]
update dq.data docs
Peter van Dijk [Mon, 13 Mar 2017 17:57:24 +0000 (18:57 +0100)]
stop (de)serializing dq.data
Remi Gacogne [Mon, 20 Mar 2017 21:08:45 +0000 (22:08 +0100)]
Merge pull request #5183 from Habbie/whitespace-nits
whitespace nits
Peter van Dijk [Mon, 20 Mar 2017 19:22:02 +0000 (20:22 +0100)]
Merge pull request #5172 from rgacogne/rec-doc-prerpz
Doc: `dq.wantsRPZ` is mostly useful in `prerpz`, not `preresolve`
Peter van Dijk [Mon, 20 Mar 2017 19:19:35 +0000 (20:19 +0100)]
Merge pull request #5137 from rgacogne/auth-fast-open
auth: Add TCP Fast Open support
Pieter Lexis [Tue, 7 Mar 2017 12:48:44 +0000 (13:48 +0100)]
ALIAS: disable expansion by default
Closes #5119
Peter van Dijk [Mon, 20 Mar 2017 13:17:19 +0000 (14:17 +0100)]
whitespace nits
Peter van Dijk [Mon, 20 Mar 2017 13:13:22 +0000 (14:13 +0100)]
Merge pull request #5121 from pieterlexis/issue-2358-pkg-config-libpq
Use pkg-config first to find libpq
Peter van Dijk [Mon, 20 Mar 2017 13:09:41 +0000 (14:09 +0100)]
Merge pull request #5138 from rgacogne/rec-fast-open
rec: Add server-side TCP Fast Open support
Peter van Dijk [Mon, 20 Mar 2017 12:56:11 +0000 (13:56 +0100)]
Merge pull request #5177 from rgacogne/outgoing-axfr-leak
auth: Don't leak on signing errors during outgoing AXFR
Peter van Dijk [Mon, 20 Mar 2017 11:27:02 +0000 (12:27 +0100)]
Merge pull request #5156 from pieterlexis/enable-eddsa
Enable EDDSA (
ED25519 ) in auth and recursor builds
Pieter Lexis [Wed, 15 Mar 2017 12:26:45 +0000 (13:26 +0100)]
Add EDDSA support to configure summary
Remi Gacogne [Sun, 12 Mar 2017 15:48:38 +0000 (16:48 +0100)]
auth: Add TCP Fast Open support
Remi Gacogne [Fri, 17 Mar 2017 14:48:10 +0000 (15:48 +0100)]
Doc: Fix our `prerpz` hook example, it must return a boolean
Remi Gacogne [Fri, 17 Mar 2017 14:42:38 +0000 (15:42 +0100)]
rec: Add server-side TCP Fast Open support
Pieter Lexis [Fri, 17 Mar 2017 14:10:09 +0000 (15:10 +0100)]
Merge pull request #5067 from cynthia/master
FreeBSD build notes and compile fixes.
Pieter Lexis [Fri, 17 Mar 2017 14:09:35 +0000 (15:09 +0100)]
Merge pull request #5062 from pieterlexis/issue-512-pdnsutil-validate-NS-MX
Check for valid hostnames in SRV, NS and MX records
Pieter Lexis [Fri, 17 Mar 2017 14:09:08 +0000 (15:09 +0100)]
Merge pull request #5057 from rgacogne/rpz-ttl
rec: Use the RPZ zone's TTL and add a new `maxTTL` setting
Pieter Lexis [Fri, 17 Mar 2017 13:58:32 +0000 (14:58 +0100)]
Merge pull request #5152 from pieterlexis/dns64-docs
Properly include dns64.lua in the docs
Pieter Lexis [Fri, 17 Mar 2017 13:58:21 +0000 (14:58 +0100)]
Merge pull request #5151 from pieterlexis/issue-5149-bind-native-version
Docs: version since native is supported in BIND
Pieter Lexis [Fri, 17 Mar 2017 13:58:08 +0000 (14:58 +0100)]
Merge pull request #5143 from baloo/baloo/doc/backend-ent
doc: Document empty non-terminal in backends
Remi Gacogne [Fri, 17 Mar 2017 13:48:47 +0000 (14:48 +0100)]
Merge pull request #5157 from rgacogne/dns-random-gcc-5-plus
Fix dns_random unit tests with gcc > 4
Remi Gacogne [Fri, 17 Mar 2017 13:45:54 +0000 (14:45 +0100)]
Merge pull request #5159 from RobinGeuze/addExpungeBySuffix
dnsdist: Add expungeBySuffix function
Remi Gacogne [Fri, 17 Mar 2017 13:44:35 +0000 (14:44 +0100)]
Merge pull request #5171 from RobinGeuze/unbreakCaseInsensitiveFilesystems
Unbreak regression tests on case insensitive filesystems
Remi Gacogne [Fri, 17 Mar 2017 13:34:14 +0000 (14:34 +0100)]
Doc: `dq.wantsRPZ` is mostly useful in `prerpz`, not `preresolve`
Robin Geuze [Fri, 17 Mar 2017 11:58:46 +0000 (12:58 +0100)]
Add suffixmatch option to expungeByName
Robin Geuze [Fri, 17 Mar 2017 10:14:33 +0000 (11:14 +0100)]
Unbreak regression tests on case insensitive filesystems
Peter van Dijk [Fri, 17 Mar 2017 10:13:52 +0000 (11:13 +0100)]
Merge pull request #5169 from mind04/axfr-serial
Add an option to allow AXFR of zones with a different (higher/lower) serial.
Kees Monshouwer [Thu, 16 Mar 2017 20:26:02 +0000 (21:26 +0100)]
Add an option to allow AXFR of zones with a different serial.
Remi Gacogne [Thu, 16 Mar 2017 17:05:59 +0000 (18:05 +0100)]
dnsdist: Cleanup closed TCP downstream connections
Regularly walk the TCP downstream connections to properly close
whose that have been shutdown by the other end. It occurs only
after a TCP client connection has been closed and at most every
`setTCPDownstreamCleanupInterval()` seconds, defaulting to 60s.
Until now we only detected that the other end closed the connection
when we tried to reuse it. While this is not an issue with a small
number of backends because the connection are reused pretty quickly,
with a large number of backends dnsdist might end up with thousands
of idle TCP connections to downstream servers in `CLOSE_WAIT` state,
wasting open file descriptors.
Remi Gacogne [Wed, 15 Mar 2017 14:42:02 +0000 (15:42 +0100)]
Fix dns_random unit tests with gcc > 4
Pieter Lexis [Wed, 15 Mar 2017 12:10:49 +0000 (13:10 +0100)]
Enable
ED25519 in recursor builds
Pieter Lexis [Wed, 15 Mar 2017 11:55:12 +0000 (12:55 +0100)]
Enable
ED25519 in auth builds
Remi Gacogne [Wed, 15 Mar 2017 08:36:30 +0000 (09:36 +0100)]
Merge pull request #5147 from Habbie/lua-string-nul
LuaWrapper: Allow embedded NULs in strings received from Lua
Remi Gacogne [Wed, 15 Mar 2017 08:33:21 +0000 (09:33 +0100)]
Merge pull request #5150 from RobinGeuze/sortIncludeDirectory
dnsdist: Make includeDirectory work sorted #5053
Pieter Lexis [Wed, 15 Mar 2017 08:29:44 +0000 (09:29 +0100)]
Properly include dns64.lua in the docs
Also move it to contrib so it is shipped in the recursor tarball.
Pieter Lexis [Tue, 7 Mar 2017 10:28:08 +0000 (11:28 +0100)]
Use pkg-config first to find libpq
Unless a path to pg_config was supplied. If pkg-config does not produce
a result attempt to find pg_config and use that.
This commit also removes support for supplying a path to the postgresql
libs and includes. Use --with-pg-config to use non-default installation
paths.
Closes #2358
Pieter Lexis [Wed, 15 Mar 2017 07:37:45 +0000 (08:37 +0100)]
Docs: version since native is supported in BIND
Closes #5149
Robin Geuze [Tue, 14 Mar 2017 21:09:25 +0000 (22:09 +0100)]
Add documentation on the sorting to includeDirectory
Robin Geuze [Tue, 14 Mar 2017 20:53:05 +0000 (21:53 +0100)]
Make includeDirectory work sorted
Pieter Lexis [Tue, 14 Mar 2017 11:51:33 +0000 (12:51 +0100)]
Merge pull request #5103 from rgacogne/rec-listening-socket-per-thread
rec: Use one listening socket per thread when reuseport is enabled
Pieter Lexis [Tue, 14 Mar 2017 11:51:11 +0000 (12:51 +0100)]
Merge pull request #5139 from rgacogne/rec-unit-tests
rec: Run unit tests, split recursor-specific unit tests from the auth
Pieter Lexis [Tue, 14 Mar 2017 11:50:02 +0000 (12:50 +0100)]
Merge pull request #5130 from rgacogne/dnsreplay-source
dnsreplay: Add `--source-ip` and `--source-port` options
Peter van Dijk [Tue, 14 Mar 2017 11:48:23 +0000 (12:48 +0100)]
Merge pull request #5145 from pieterlexis/debian-vers
Update secpoll entries
Pieter Lexis [Tue, 14 Mar 2017 11:44:46 +0000 (12:44 +0100)]
Merge pull request #5146 from Habbie/rec-mandatory-lua
make Lua mandatory for recursor builds
Pieter Lexis [Tue, 14 Mar 2017 11:44:19 +0000 (12:44 +0100)]
Merge pull request #5118 from Habbie/pdnsutil-add-active
fix add-zone-key help output
Peter van Dijk [Fri, 10 Mar 2017 09:48:46 +0000 (10:48 +0100)]
LuaWrapper: Allow embedded NULs in strings received from Lua
Peter van Dijk [Tue, 14 Mar 2017 10:30:29 +0000 (11:30 +0100)]
make Lua mandatory for recursor builds
Pieter Lexis [Tue, 14 Mar 2017 10:14:45 +0000 (11:14 +0100)]
secpoll: Use the correct URL for 4.X
Pieter Lexis [Tue, 14 Mar 2017 10:14:24 +0000 (11:14 +0100)]
secpoll: Add a bunch of debian versions
Arthur Gautier [Mon, 13 Mar 2017 22:49:23 +0000 (22:49 +0000)]
doc: Document empty non-terminal in backends
Signed-off-by: Arthur Gautier <baloo@gandi.net>
Remi Gacogne [Mon, 13 Mar 2017 12:52:51 +0000 (13:52 +0100)]
rec: Run unit tests, split recursor-specific unit tests from the auth
Some unit tests are common and will be run twice, once in the auth
build and once in the rec one. This ensures that they will be run on
rec-4.0.x and auth-4.0.x branches as well.
Remi Gacogne [Fri, 10 Mar 2017 10:41:26 +0000 (11:41 +0100)]
Merge pull request #5133 from Habbie/dnsdist-docs-udp
clarify that UDP is always there
Peter van Dijk [Fri, 10 Mar 2017 08:59:34 +0000 (09:59 +0100)]
clarify that UDP is always there
Pieter Lexis [Fri, 10 Mar 2017 08:35:14 +0000 (09:35 +0100)]
Merge pull request #4929 from zeha/postgres-stmt-name-collision
gpgsql: make statement names actually unique
Christian Hofstaedtler [Thu, 9 Mar 2017 23:38:38 +0000 (00:38 +0100)]
Merge branch 'master' into postgres-stmt-name-collision
Peter van Dijk [Thu, 9 Mar 2017 15:08:45 +0000 (16:08 +0100)]
Merge pull request #5115 from pieterlexis/issue-1284
BIND backend: support "native" zones
Remi Gacogne [Thu, 9 Mar 2017 14:59:44 +0000 (15:59 +0100)]
dnsreplay: Add `--source-ip` and `--source-port` options
Remi Gacogne [Wed, 8 Mar 2017 19:03:16 +0000 (20:03 +0100)]
Merge pull request #5127 from rgacogne/rec-init-qhash-coverity
Fix minor issues reported by coverity
Remi Gacogne [Wed, 8 Mar 2017 09:01:47 +0000 (10:01 +0100)]
auth: Remove leftover `PacketHandler::doRecursion` member
Reported by Coverity.
Remi Gacogne [Tue, 7 Mar 2017 08:33:06 +0000 (09:33 +0100)]
rec: Initialize `qhash` to 0 to make coverity happy
Coverity reports that `qhash` might be used initialized if the packet
cache is disabled. It's indeed used to initialize `dc->d_qhash`, which
will not be used if the packet cache is disabled so there is no real
issue. Still, let's just initialize `qhash` since other tools like Valgrind
are very likely to complain about this too.
Remi Gacogne [Wed, 8 Mar 2017 08:56:21 +0000 (09:56 +0100)]
Merge pull request #5123 from RobinGeuze/fixFreeBSDBuildNetSNMP
dnsdist, rec: Replace net-snmp-includes.h with hand picked headers
bert hubert [Tue, 7 Mar 2017 23:30:37 +0000 (00:30 +0100)]
Merge pull request #5125 from ahupowerdns/create-slave-zone
for create-slave-zone, actually add all slaves, and not only first n times
bert hubert [Tue, 7 Mar 2017 22:44:28 +0000 (23:44 +0100)]
for create-slave-zone, actually look at subsequent arguments, and not keep on adding the first one. Closes #5124.
Robin Geuze [Tue, 7 Mar 2017 19:55:03 +0000 (20:55 +0100)]
Replace net-snmp-includes.h with hand picked headers so it no longer breaks compile on FreeBSD
Peter van Dijk [Tue, 7 Mar 2017 14:29:07 +0000 (15:29 +0100)]
Merge pull request #5101 from rgacogne/cppcheck-rec-auth
Fix minor issues reported by `cppcheck`
Peter van Dijk [Tue, 7 Mar 2017 14:26:18 +0000 (15:26 +0100)]
Merge pull request #5120 from rgacogne/auth-reuseport-setuid
auth: Create additional `reuseport` sockets before dropping privileges
Peter van Dijk [Tue, 7 Mar 2017 14:09:42 +0000 (15:09 +0100)]
Merge pull request #5105 from rgacogne/auth-tinydns-leak
auth: Don't leak a CDB object in case of bogus data
Peter van Dijk [Tue, 7 Mar 2017 11:42:05 +0000 (12:42 +0100)]
Merge pull request #5116 from ahupowerdns/web-auth-digits
Close #1844: we report 1200 qps as 1.2e3 qps in auth webserver.
bert hubert [Tue, 7 Mar 2017 11:02:04 +0000 (12:02 +0100)]
Merge pull request #5117 from ahupowerdns/qthread-error
Turn PDNSException in qthread into an error & exit instead of crash.
Remi Gacogne [Thu, 2 Mar 2017 16:36:01 +0000 (17:36 +0100)]
rec: Reorder the performance tips, clean up the markdown
Remi Gacogne [Thu, 2 Mar 2017 16:32:49 +0000 (17:32 +0100)]
rec: Document `pdns-distribute-queries` and `reuseport` in performance.md
Remi Gacogne [Wed, 1 Mar 2017 09:36:33 +0000 (10:36 +0100)]
rec: Use one listening socket per thread when reuseport is enabled
Except if `pdns-distributes-queries` is true, of course.
We used to shared the same listening socket between all threads
when `pdns-distributes-queries` is set to false, even with `reuseport`
set to true and `SO_REUSEPORT` support available. After this commit:
* if `pdns-distributes-queries` is true, the distributor thread
is still the only one listening to incoming queries
* if `pdns-distributes-queries` is false and either `reuseport` is
false or `SO_REUSEPORT` support is not available, all threads share
the same listening socket as it was before
* if `pdns-distributes-queries` is false, `SO_REUSEPORT` support is
available and `reuseport` is true, we open a separate listening
socket per thread to let the kernel distribute the incoming queries
for us, avoiding any thundering herd issue as well as the distributor
thread being a bottleneck.
Remi Gacogne [Tue, 7 Mar 2017 08:28:24 +0000 (09:28 +0100)]
Merge pull request #5113 from RobinGeuze/addPerPoolPolicy
dnsdist: Add support for setting the server selection policy on a per pool basis
bert hubert [Mon, 6 Mar 2017 22:14:49 +0000 (23:14 +0100)]
Merge pull request #5102 from rgacogne/rec-packetcache-perf
rec: Packet cache speedup / cleanup
bert hubert [Mon, 6 Mar 2017 22:14:21 +0000 (23:14 +0100)]
Merge pull request #5106 from rgacogne/rec-resolveat-split
rec: Split SyncRes::doResolveAt, add const and static whenever possible
Peter van Dijk [Mon, 6 Mar 2017 20:27:51 +0000 (21:27 +0100)]
fix add-zone-key help output
Remi Gacogne [Mon, 6 Mar 2017 17:26:27 +0000 (18:26 +0100)]
auth: Create additional `reuseport` sockets before dropping privileges
bert hubert [Mon, 6 Mar 2017 15:10:42 +0000 (16:10 +0100)]
with this change, a crash because of a PDNSException in qthread gets turned into an error message and an exit. Closes #3830.