]> granicus.if.org Git - pdns/log
pdns
7 years agoMerge pull request #5112 from pieterlexis/issue-4655
Pieter Lexis [Wed, 29 Mar 2017 08:15:48 +0000 (10:15 +0200)]
Merge pull request #5112 from pieterlexis/issue-4655

Stubresolver: Use only `resolver` setting if given

7 years agoMerge pull request #5206 from rgacogne/rec-packetcache-tag-unit-tests
Pieter Lexis [Wed, 29 Mar 2017 08:14:29 +0000 (10:14 +0200)]
Merge pull request #5206 from rgacogne/rec-packetcache-tag-unit-tests

rec: Add unit tests for the packet cache tags handling

7 years agoMerge pull request #5205 from rgacogne/rec-coverity
Pieter Lexis [Wed, 29 Mar 2017 08:14:11 +0000 (10:14 +0200)]
Merge pull request #5205 from rgacogne/rec-coverity

rec: Use `cend()` instead of `end()` when comparing with a const iterator

7 years agoMerge pull request #5196 from Habbie/docs-nits
Pieter Lexis [Wed, 29 Mar 2017 08:13:58 +0000 (10:13 +0200)]
Merge pull request #5196 from Habbie/docs-nits

Docs nits

7 years agoMerge pull request #5194 from rgacogne/dnsdist-fix-dest-port-when-harvesting
Remi Gacogne [Sun, 26 Mar 2017 07:55:27 +0000 (09:55 +0200)]
Merge pull request #5194 from rgacogne/dnsdist-fix-dest-port-when-harvesting

dnsdist: Fix destination port reporting on "any" binds

7 years agorec: Add unit tests for the packet cache tags handling
Remi Gacogne [Sat, 25 Mar 2017 15:46:24 +0000 (16:46 +0100)]
rec: Add unit tests for the packet cache tags handling

7 years agorec: Use `cend()` instead of `end()` when comparing with a const iterator
Remi Gacogne [Sat, 25 Mar 2017 09:12:36 +0000 (10:12 +0100)]
rec: Use `cend()` instead of `end()` when comparing with a const iterator

Reported by Coverity.

7 years agoMerge pull request #5198 from rgacogne/rec-gettag-edns-options
Peter van Dijk [Fri, 24 Mar 2017 14:55:55 +0000 (15:55 +0100)]
Merge pull request #5198 from rgacogne/rec-gettag-edns-options

rec: Allow access to EDNS options from the `gettag()` hook

7 years agoMerge pull request #5197 from nivex/zone-count-verbose
Peter van Dijk [Fri, 24 Mar 2017 10:23:31 +0000 (11:23 +0100)]
Merge pull request #5197 from nivex/zone-count-verbose

pdnsutil: Only print zonecount if invoked verbose

7 years agorec: Allow access to EDNS options from the `gettag()` hook
Remi Gacogne [Thu, 23 Mar 2017 16:27:21 +0000 (17:27 +0100)]
rec: Allow access to EDNS options from the `gettag()` hook

If `gettag-needs-edns-options` is set, the EDNS options are extracted
and passed to the `gettag()` hook as a table whose keys are the
EDNS option code and the values are `EDNSOptionView` object.
`EDNSOptionView` has two members, `content` and `size`, with `content`
holding the raw, undecoded option value.

7 years agoMerge pull request #5192 from 0xf3f/master
Pieter Lexis [Fri, 24 Mar 2017 09:23:54 +0000 (10:23 +0100)]
Merge pull request #5192 from 0xf3f/master

Fix wrong launch/module name in PostgreSQL 4.x auth docs

7 years agoOnly print zonecount if invoked verbose
Kevin Otte [Thu, 23 Mar 2017 15:19:51 +0000 (11:19 -0400)]
Only print zonecount if invoked verbose

7 years agomove getDH methods so we get correct list formatting
Peter van Dijk [Thu, 23 Mar 2017 13:12:24 +0000 (14:12 +0100)]
move getDH methods so we get correct list formatting

7 years agocorrect Docker instructions
Peter van Dijk [Thu, 23 Mar 2017 13:12:13 +0000 (14:12 +0100)]
correct Docker instructions

7 years agodnsdist: Add regression tests for local port detection
Remi Gacogne [Thu, 23 Mar 2017 09:38:16 +0000 (10:38 +0100)]
dnsdist: Add regression tests for local port detection

7 years agodnsdist: Fix destination port reporting on "any" binds
Remi Gacogne [Wed, 22 Mar 2017 22:50:38 +0000 (23:50 +0100)]
dnsdist: Fix destination port reporting on "any" binds

Over UDP we call `HarvestDestinationAddress()` to get the real
destination address via `IP_PKTINFO`., but this only sets the destination
address, not the destination port. Therefore since
7cea4e39a78ef981ee461b49bbc193fa9903f56dit the destination port was always
0 when bound to an "any" address.

7 years agoFix wrong launch/module name PostgreSQL 4.x auth docs
Philipp [Wed, 22 Mar 2017 10:20:39 +0000 (11:20 +0100)]
Fix wrong launch/module name PostgreSQL 4.x auth docs

7 years agoStubresolver: Use only `resolver` setting if given
Pieter Lexis [Mon, 6 Mar 2017 14:06:26 +0000 (15:06 +0100)]
Stubresolver: Use only `resolver` setting if given

Use resolv.conf otherwise. Also, do not use 127.0.0.1:53 as fallback,
as this could be ourselves.

Closes #4655

7 years agoMerge pull request #5163 from rgacogne/dnsdist-cleanup-tcp-downstreams
Peter van Dijk [Tue, 21 Mar 2017 13:13:08 +0000 (14:13 +0100)]
Merge pull request #5163 from rgacogne/dnsdist-cleanup-tcp-downstreams

dnsdist: Cleanup closed TCP downstream connections

7 years agoMerge pull request #5182 from pieterlexis/issue-5119-disable-ALIAS
Peter van Dijk [Tue, 21 Mar 2017 13:10:25 +0000 (14:10 +0100)]
Merge pull request #5182 from pieterlexis/issue-5119-disable-ALIAS

ALIAS: disable expansion by default

7 years agoMerge pull request #5141 from Habbie/dq-data
Peter van Dijk [Tue, 21 Mar 2017 12:42:50 +0000 (13:42 +0100)]
Merge pull request #5141 from Habbie/dq-data

stop (de)serializing dq.data

7 years agoupdate dq.data docs
Peter van Dijk [Mon, 20 Mar 2017 14:24:01 +0000 (15:24 +0100)]
update dq.data docs

7 years agostop (de)serializing dq.data
Peter van Dijk [Mon, 13 Mar 2017 17:57:24 +0000 (18:57 +0100)]
stop (de)serializing dq.data

7 years agoMerge pull request #5183 from Habbie/whitespace-nits
Remi Gacogne [Mon, 20 Mar 2017 21:08:45 +0000 (22:08 +0100)]
Merge pull request #5183 from Habbie/whitespace-nits

whitespace nits

7 years agoMerge pull request #5172 from rgacogne/rec-doc-prerpz
Peter van Dijk [Mon, 20 Mar 2017 19:22:02 +0000 (20:22 +0100)]
Merge pull request #5172 from rgacogne/rec-doc-prerpz

Doc: `dq.wantsRPZ` is mostly useful in `prerpz`, not `preresolve`

7 years agoMerge pull request #5137 from rgacogne/auth-fast-open
Peter van Dijk [Mon, 20 Mar 2017 19:19:35 +0000 (20:19 +0100)]
Merge pull request #5137 from rgacogne/auth-fast-open

auth: Add TCP Fast Open support

7 years agoALIAS: disable expansion by default
Pieter Lexis [Tue, 7 Mar 2017 12:48:44 +0000 (13:48 +0100)]
ALIAS: disable expansion by default

Closes #5119

7 years agowhitespace nits
Peter van Dijk [Mon, 20 Mar 2017 13:17:19 +0000 (14:17 +0100)]
whitespace nits

7 years agoMerge pull request #5121 from pieterlexis/issue-2358-pkg-config-libpq
Peter van Dijk [Mon, 20 Mar 2017 13:13:22 +0000 (14:13 +0100)]
Merge pull request #5121 from pieterlexis/issue-2358-pkg-config-libpq

Use pkg-config first to find libpq

7 years agoMerge pull request #5138 from rgacogne/rec-fast-open
Peter van Dijk [Mon, 20 Mar 2017 13:09:41 +0000 (14:09 +0100)]
Merge pull request #5138 from rgacogne/rec-fast-open

rec: Add server-side TCP Fast Open support

7 years agoMerge pull request #5177 from rgacogne/outgoing-axfr-leak
Peter van Dijk [Mon, 20 Mar 2017 12:56:11 +0000 (13:56 +0100)]
Merge pull request #5177 from rgacogne/outgoing-axfr-leak

auth: Don't leak on signing errors during outgoing AXFR

7 years agoMerge pull request #5156 from pieterlexis/enable-eddsa
Peter van Dijk [Mon, 20 Mar 2017 11:27:02 +0000 (12:27 +0100)]
Merge pull request #5156 from pieterlexis/enable-eddsa

Enable EDDSA (ED25519) in auth and recursor builds

7 years agoAdd EDDSA support to configure summary
Pieter Lexis [Wed, 15 Mar 2017 12:26:45 +0000 (13:26 +0100)]
Add EDDSA support to configure summary

7 years agoauth: Add TCP Fast Open support
Remi Gacogne [Sun, 12 Mar 2017 15:48:38 +0000 (16:48 +0100)]
auth: Add TCP Fast Open support

7 years agoDoc: Fix our `prerpz` hook example, it must return a boolean
Remi Gacogne [Fri, 17 Mar 2017 14:48:10 +0000 (15:48 +0100)]
Doc: Fix our `prerpz` hook example, it must return a boolean

7 years agorec: Add server-side TCP Fast Open support
Remi Gacogne [Fri, 17 Mar 2017 14:42:38 +0000 (15:42 +0100)]
rec: Add server-side TCP Fast Open support

7 years agoMerge pull request #5067 from cynthia/master
Pieter Lexis [Fri, 17 Mar 2017 14:10:09 +0000 (15:10 +0100)]
Merge pull request #5067 from cynthia/master

FreeBSD build notes and compile fixes.

7 years agoMerge pull request #5062 from pieterlexis/issue-512-pdnsutil-validate-NS-MX
Pieter Lexis [Fri, 17 Mar 2017 14:09:35 +0000 (15:09 +0100)]
Merge pull request #5062 from pieterlexis/issue-512-pdnsutil-validate-NS-MX

Check for valid hostnames in SRV, NS and MX records

7 years agoMerge pull request #5057 from rgacogne/rpz-ttl
Pieter Lexis [Fri, 17 Mar 2017 14:09:08 +0000 (15:09 +0100)]
Merge pull request #5057 from rgacogne/rpz-ttl

rec: Use the RPZ zone's TTL and add a new `maxTTL` setting

7 years agoMerge pull request #5152 from pieterlexis/dns64-docs
Pieter Lexis [Fri, 17 Mar 2017 13:58:32 +0000 (14:58 +0100)]
Merge pull request #5152 from pieterlexis/dns64-docs

Properly include dns64.lua in the docs

7 years agoMerge pull request #5151 from pieterlexis/issue-5149-bind-native-version
Pieter Lexis [Fri, 17 Mar 2017 13:58:21 +0000 (14:58 +0100)]
Merge pull request #5151 from pieterlexis/issue-5149-bind-native-version

Docs: version since native is supported in BIND

7 years agoMerge pull request #5143 from baloo/baloo/doc/backend-ent
Pieter Lexis [Fri, 17 Mar 2017 13:58:08 +0000 (14:58 +0100)]
Merge pull request #5143 from baloo/baloo/doc/backend-ent

doc: Document empty non-terminal in backends

7 years agoMerge pull request #5157 from rgacogne/dns-random-gcc-5-plus
Remi Gacogne [Fri, 17 Mar 2017 13:48:47 +0000 (14:48 +0100)]
Merge pull request #5157 from rgacogne/dns-random-gcc-5-plus

Fix dns_random unit tests with gcc > 4

7 years agoMerge pull request #5159 from RobinGeuze/addExpungeBySuffix
Remi Gacogne [Fri, 17 Mar 2017 13:45:54 +0000 (14:45 +0100)]
Merge pull request #5159 from RobinGeuze/addExpungeBySuffix

dnsdist: Add expungeBySuffix function

7 years agoMerge pull request #5171 from RobinGeuze/unbreakCaseInsensitiveFilesystems
Remi Gacogne [Fri, 17 Mar 2017 13:44:35 +0000 (14:44 +0100)]
Merge pull request #5171 from RobinGeuze/unbreakCaseInsensitiveFilesystems

Unbreak regression tests on case insensitive filesystems

7 years agoDoc: `dq.wantsRPZ` is mostly useful in `prerpz`, not `preresolve`
Remi Gacogne [Fri, 17 Mar 2017 13:34:14 +0000 (14:34 +0100)]
Doc: `dq.wantsRPZ` is mostly useful in `prerpz`, not `preresolve`

7 years agoAdd suffixmatch option to expungeByName
Robin Geuze [Fri, 17 Mar 2017 11:58:46 +0000 (12:58 +0100)]
Add suffixmatch option to expungeByName

7 years agoUnbreak regression tests on case insensitive filesystems
Robin Geuze [Fri, 17 Mar 2017 10:14:33 +0000 (11:14 +0100)]
Unbreak regression tests on case insensitive filesystems

7 years agoMerge pull request #5169 from mind04/axfr-serial
Peter van Dijk [Fri, 17 Mar 2017 10:13:52 +0000 (11:13 +0100)]
Merge pull request #5169 from mind04/axfr-serial

Add an option to allow AXFR of zones with a different (higher/lower) serial.

7 years agoAdd an option to allow AXFR of zones with a different serial.
Kees Monshouwer [Thu, 16 Mar 2017 20:26:02 +0000 (21:26 +0100)]
Add an option to allow AXFR of zones with a different serial.

7 years agodnsdist: Cleanup closed TCP downstream connections
Remi Gacogne [Thu, 16 Mar 2017 17:05:59 +0000 (18:05 +0100)]
dnsdist: Cleanup closed TCP downstream connections

Regularly walk the TCP downstream connections to properly close
whose that have been shutdown by the other end. It occurs only
after a TCP client connection has been closed and at most every
`setTCPDownstreamCleanupInterval()` seconds, defaulting to 60s.
Until now we only detected that the other end closed the connection
when we tried to reuse it. While this is not an issue with a small
number of backends because the connection are reused pretty quickly,
with a large number of backends dnsdist might end up with thousands
of idle TCP connections to downstream servers in `CLOSE_WAIT` state,
wasting open file descriptors.

7 years agoFix dns_random unit tests with gcc > 4
Remi Gacogne [Wed, 15 Mar 2017 14:42:02 +0000 (15:42 +0100)]
Fix dns_random unit tests with gcc > 4

7 years agoEnable ED25519 in recursor builds
Pieter Lexis [Wed, 15 Mar 2017 12:10:49 +0000 (13:10 +0100)]
Enable ED25519 in recursor builds

7 years agoEnable ED25519 in auth builds
Pieter Lexis [Wed, 15 Mar 2017 11:55:12 +0000 (12:55 +0100)]
Enable ED25519 in auth builds

7 years agoMerge pull request #5147 from Habbie/lua-string-nul
Remi Gacogne [Wed, 15 Mar 2017 08:36:30 +0000 (09:36 +0100)]
Merge pull request #5147 from Habbie/lua-string-nul

LuaWrapper: Allow embedded NULs in strings received from Lua

7 years agoMerge pull request #5150 from RobinGeuze/sortIncludeDirectory
Remi Gacogne [Wed, 15 Mar 2017 08:33:21 +0000 (09:33 +0100)]
Merge pull request #5150 from RobinGeuze/sortIncludeDirectory

dnsdist: Make includeDirectory work sorted #5053

7 years agoProperly include dns64.lua in the docs
Pieter Lexis [Wed, 15 Mar 2017 08:29:44 +0000 (09:29 +0100)]
Properly include dns64.lua in the docs

Also move it to contrib so it is shipped in the recursor tarball.

7 years agoUse pkg-config first to find libpq
Pieter Lexis [Tue, 7 Mar 2017 10:28:08 +0000 (11:28 +0100)]
Use pkg-config first to find libpq

Unless a path to pg_config was supplied. If pkg-config does not produce
a result attempt to find pg_config and use that.

This commit also removes support for supplying a path to the postgresql
libs and includes. Use --with-pg-config to use non-default installation
paths.

Closes #2358

7 years agoDocs: version since native is supported in BIND
Pieter Lexis [Wed, 15 Mar 2017 07:37:45 +0000 (08:37 +0100)]
Docs: version since native is supported in BIND

Closes #5149

7 years agoAdd documentation on the sorting to includeDirectory
Robin Geuze [Tue, 14 Mar 2017 21:09:25 +0000 (22:09 +0100)]
Add documentation on the sorting to includeDirectory

7 years agoMake includeDirectory work sorted
Robin Geuze [Tue, 14 Mar 2017 20:53:05 +0000 (21:53 +0100)]
Make includeDirectory work sorted

7 years agoMerge pull request #5103 from rgacogne/rec-listening-socket-per-thread
Pieter Lexis [Tue, 14 Mar 2017 11:51:33 +0000 (12:51 +0100)]
Merge pull request #5103 from rgacogne/rec-listening-socket-per-thread

rec: Use one listening socket per thread when reuseport is enabled

7 years agoMerge pull request #5139 from rgacogne/rec-unit-tests
Pieter Lexis [Tue, 14 Mar 2017 11:51:11 +0000 (12:51 +0100)]
Merge pull request #5139 from rgacogne/rec-unit-tests

rec: Run unit tests, split recursor-specific unit tests from the auth

7 years agoMerge pull request #5130 from rgacogne/dnsreplay-source
Pieter Lexis [Tue, 14 Mar 2017 11:50:02 +0000 (12:50 +0100)]
Merge pull request #5130 from rgacogne/dnsreplay-source

dnsreplay: Add `--source-ip` and `--source-port` options

7 years agoMerge pull request #5145 from pieterlexis/debian-vers
Peter van Dijk [Tue, 14 Mar 2017 11:48:23 +0000 (12:48 +0100)]
Merge pull request #5145 from pieterlexis/debian-vers

Update secpoll entries

7 years agoMerge pull request #5146 from Habbie/rec-mandatory-lua
Pieter Lexis [Tue, 14 Mar 2017 11:44:46 +0000 (12:44 +0100)]
Merge pull request #5146 from Habbie/rec-mandatory-lua

make Lua mandatory for recursor builds

7 years agoMerge pull request #5118 from Habbie/pdnsutil-add-active
Pieter Lexis [Tue, 14 Mar 2017 11:44:19 +0000 (12:44 +0100)]
Merge pull request #5118 from Habbie/pdnsutil-add-active

fix add-zone-key help output

7 years agoLuaWrapper: Allow embedded NULs in strings received from Lua
Peter van Dijk [Fri, 10 Mar 2017 09:48:46 +0000 (10:48 +0100)]
LuaWrapper: Allow embedded NULs in strings received from Lua

7 years agomake Lua mandatory for recursor builds
Peter van Dijk [Tue, 14 Mar 2017 10:30:29 +0000 (11:30 +0100)]
make Lua mandatory for recursor builds

7 years agosecpoll: Use the correct URL for 4.X
Pieter Lexis [Tue, 14 Mar 2017 10:14:45 +0000 (11:14 +0100)]
secpoll: Use the correct URL for 4.X

7 years agosecpoll: Add a bunch of debian versions
Pieter Lexis [Tue, 14 Mar 2017 10:14:24 +0000 (11:14 +0100)]
secpoll: Add a bunch of debian versions

7 years agodoc: Document empty non-terminal in backends
Arthur Gautier [Mon, 13 Mar 2017 22:49:23 +0000 (22:49 +0000)]
doc: Document empty non-terminal in backends

Signed-off-by: Arthur Gautier <baloo@gandi.net>
7 years agorec: Run unit tests, split recursor-specific unit tests from the auth
Remi Gacogne [Mon, 13 Mar 2017 12:52:51 +0000 (13:52 +0100)]
rec: Run unit tests, split recursor-specific unit tests from the auth

Some unit tests are common and will be run twice, once in the auth
build and once in the rec one. This ensures that they will be run on
rec-4.0.x and auth-4.0.x branches as well.

7 years agoMerge pull request #5133 from Habbie/dnsdist-docs-udp
Remi Gacogne [Fri, 10 Mar 2017 10:41:26 +0000 (11:41 +0100)]
Merge pull request #5133 from Habbie/dnsdist-docs-udp

clarify that UDP is always there

7 years agoclarify that UDP is always there
Peter van Dijk [Fri, 10 Mar 2017 08:59:34 +0000 (09:59 +0100)]
clarify that UDP is always there

7 years agoMerge pull request #4929 from zeha/postgres-stmt-name-collision
Pieter Lexis [Fri, 10 Mar 2017 08:35:14 +0000 (09:35 +0100)]
Merge pull request #4929 from zeha/postgres-stmt-name-collision

gpgsql: make statement names actually unique

7 years agoMerge branch 'master' into postgres-stmt-name-collision
Christian Hofstaedtler [Thu, 9 Mar 2017 23:38:38 +0000 (00:38 +0100)]
Merge branch 'master' into postgres-stmt-name-collision

7 years agoMerge pull request #5115 from pieterlexis/issue-1284
Peter van Dijk [Thu, 9 Mar 2017 15:08:45 +0000 (16:08 +0100)]
Merge pull request #5115 from pieterlexis/issue-1284

BIND backend: support "native" zones

7 years agodnsreplay: Add `--source-ip` and `--source-port` options
Remi Gacogne [Thu, 9 Mar 2017 14:59:44 +0000 (15:59 +0100)]
dnsreplay: Add `--source-ip` and `--source-port` options

7 years agoMerge pull request #5127 from rgacogne/rec-init-qhash-coverity
Remi Gacogne [Wed, 8 Mar 2017 19:03:16 +0000 (20:03 +0100)]
Merge pull request #5127 from rgacogne/rec-init-qhash-coverity

Fix minor issues reported by coverity

7 years agoauth: Remove leftover `PacketHandler::doRecursion` member
Remi Gacogne [Wed, 8 Mar 2017 09:01:47 +0000 (10:01 +0100)]
auth: Remove leftover `PacketHandler::doRecursion` member

Reported by Coverity.

7 years agorec: Initialize `qhash` to 0 to make coverity happy
Remi Gacogne [Tue, 7 Mar 2017 08:33:06 +0000 (09:33 +0100)]
rec: Initialize `qhash` to 0 to make coverity happy

Coverity reports that `qhash` might be used initialized if the packet
cache is disabled. It's indeed used to initialize `dc->d_qhash`, which
will not be used if the packet cache is disabled so there is no real
issue. Still, let's just initialize `qhash` since other tools like Valgrind
are very likely to complain about this too.

7 years agoMerge pull request #5123 from RobinGeuze/fixFreeBSDBuildNetSNMP
Remi Gacogne [Wed, 8 Mar 2017 08:56:21 +0000 (09:56 +0100)]
Merge pull request #5123 from RobinGeuze/fixFreeBSDBuildNetSNMP

dnsdist, rec: Replace net-snmp-includes.h with hand picked headers

7 years agoMerge pull request #5125 from ahupowerdns/create-slave-zone
bert hubert [Tue, 7 Mar 2017 23:30:37 +0000 (00:30 +0100)]
Merge pull request #5125 from ahupowerdns/create-slave-zone

for create-slave-zone, actually add all slaves, and not only first n times

7 years agofor create-slave-zone, actually look at subsequent arguments, and not keep on adding...
bert hubert [Tue, 7 Mar 2017 22:44:28 +0000 (23:44 +0100)]
for create-slave-zone, actually look at subsequent arguments, and not keep on adding the first one. Closes #5124.

7 years agoReplace net-snmp-includes.h with hand picked headers so it no longer breaks compile...
Robin Geuze [Tue, 7 Mar 2017 19:55:03 +0000 (20:55 +0100)]
Replace net-snmp-includes.h with hand picked headers so it no longer breaks compile on FreeBSD

7 years agoMerge pull request #5101 from rgacogne/cppcheck-rec-auth
Peter van Dijk [Tue, 7 Mar 2017 14:29:07 +0000 (15:29 +0100)]
Merge pull request #5101 from rgacogne/cppcheck-rec-auth

Fix minor issues reported by `cppcheck`

7 years agoMerge pull request #5120 from rgacogne/auth-reuseport-setuid
Peter van Dijk [Tue, 7 Mar 2017 14:26:18 +0000 (15:26 +0100)]
Merge pull request #5120 from rgacogne/auth-reuseport-setuid

auth: Create additional `reuseport` sockets before dropping privileges

7 years agoMerge pull request #5105 from rgacogne/auth-tinydns-leak
Peter van Dijk [Tue, 7 Mar 2017 14:09:42 +0000 (15:09 +0100)]
Merge pull request #5105 from rgacogne/auth-tinydns-leak

auth: Don't leak a CDB object in case of bogus data

7 years agoMerge pull request #5116 from ahupowerdns/web-auth-digits
Peter van Dijk [Tue, 7 Mar 2017 11:42:05 +0000 (12:42 +0100)]
Merge pull request #5116 from ahupowerdns/web-auth-digits

Close #1844: we report 1200 qps as 1.2e3 qps in auth webserver.

7 years agoMerge pull request #5117 from ahupowerdns/qthread-error
bert hubert [Tue, 7 Mar 2017 11:02:04 +0000 (12:02 +0100)]
Merge pull request #5117 from ahupowerdns/qthread-error

Turn PDNSException in qthread into an error & exit instead of crash.

7 years agorec: Reorder the performance tips, clean up the markdown
Remi Gacogne [Thu, 2 Mar 2017 16:36:01 +0000 (17:36 +0100)]
rec: Reorder the performance tips, clean up the markdown

7 years agorec: Document `pdns-distribute-queries` and `reuseport` in performance.md
Remi Gacogne [Thu, 2 Mar 2017 16:32:49 +0000 (17:32 +0100)]
rec: Document `pdns-distribute-queries` and `reuseport` in performance.md

7 years agorec: Use one listening socket per thread when reuseport is enabled
Remi Gacogne [Wed, 1 Mar 2017 09:36:33 +0000 (10:36 +0100)]
rec: Use one listening socket per thread when reuseport is enabled

Except if `pdns-distributes-queries` is true, of course.
We used to shared the same listening socket between all threads
when `pdns-distributes-queries` is set to false, even with `reuseport`
set to true and `SO_REUSEPORT` support available. After this commit:
* if `pdns-distributes-queries` is true, the distributor thread
is still the only one listening to incoming queries
* if `pdns-distributes-queries` is false and either `reuseport` is
false or `SO_REUSEPORT` support is not available, all threads share
the same listening socket as it was before
* if `pdns-distributes-queries` is false, `SO_REUSEPORT` support is
available and `reuseport` is true, we open a separate listening
socket per thread to let the kernel distribute the incoming queries
for us, avoiding any thundering herd issue as well as the distributor
thread being a bottleneck.

7 years agoMerge pull request #5113 from RobinGeuze/addPerPoolPolicy
Remi Gacogne [Tue, 7 Mar 2017 08:28:24 +0000 (09:28 +0100)]
Merge pull request #5113 from RobinGeuze/addPerPoolPolicy

dnsdist: Add support for setting the server selection policy on a per pool basis

7 years agoMerge pull request #5102 from rgacogne/rec-packetcache-perf
bert hubert [Mon, 6 Mar 2017 22:14:49 +0000 (23:14 +0100)]
Merge pull request #5102 from rgacogne/rec-packetcache-perf

rec: Packet cache speedup / cleanup

7 years agoMerge pull request #5106 from rgacogne/rec-resolveat-split
bert hubert [Mon, 6 Mar 2017 22:14:21 +0000 (23:14 +0100)]
Merge pull request #5106 from rgacogne/rec-resolveat-split

rec: Split SyncRes::doResolveAt, add const and static whenever possible

7 years agofix add-zone-key help output
Peter van Dijk [Mon, 6 Mar 2017 20:27:51 +0000 (21:27 +0100)]
fix add-zone-key help output

7 years agoauth: Create additional `reuseport` sockets before dropping privileges
Remi Gacogne [Mon, 6 Mar 2017 17:26:27 +0000 (18:26 +0100)]
auth: Create additional `reuseport` sockets before dropping privileges

7 years agowith this change, a crash because of a PDNSException in qthread gets turned into...
bert hubert [Mon, 6 Mar 2017 15:10:42 +0000 (16:10 +0100)]
with this change, a crash because of a PDNSException in qthread gets turned into an error message and an exit. Closes #3830.