]> granicus.if.org Git - pdns/log
pdns
8 years agoDNSSEC: Implement keysearch based on zone-cuts
Pieter Lexis [Wed, 31 Aug 2016 12:11:27 +0000 (14:11 +0200)]
DNSSEC: Implement keysearch based on zone-cuts

This prevents us sending out useless queries for DS records and doesn't
confuse us anymore when the delegation jumps over several labels.

8 years agoAdd getZoneCuts() function
Pieter Lexis [Wed, 31 Aug 2016 12:11:15 +0000 (14:11 +0200)]
Add getZoneCuts() function

8 years agoMerge pull request #4550 from rgacogne/auth-web-rings-leak
Peter van Dijk [Tue, 11 Oct 2016 20:30:03 +0000 (22:30 +0200)]
Merge pull request #4550 from rgacogne/auth-web-rings-leak

auth: Fix a possible memory leak in the webserver

8 years agoMerge pull request #4559 from mind04/warning
Peter van Dijk [Tue, 11 Oct 2016 20:28:33 +0000 (22:28 +0200)]
Merge pull request #4559 from mind04/warning

Fix a few warnings on rawhide

8 years agoMerge pull request #4538 from pieterlexis/secpoll-v3-docs
Peter van Dijk [Tue, 11 Oct 2016 19:53:56 +0000 (21:53 +0200)]
Merge pull request #4538 from pieterlexis/secpoll-v3-docs

Send secpoll users of 3.X to the 3.X docs

8 years agoMerge pull request #4542 from zeha/api-search-no-ents
Peter van Dijk [Tue, 11 Oct 2016 19:52:58 +0000 (21:52 +0200)]
Merge pull request #4542 from zeha/api-search-no-ents

API: search should not return ENTs

8 years agoMerge pull request #4554 from rgacogne/protobuf-comments
Peter van Dijk [Tue, 11 Oct 2016 19:51:55 +0000 (21:51 +0200)]
Merge pull request #4554 from rgacogne/protobuf-comments

Add requestorId and some comments to the protobuf definition file

8 years agoMerge pull request #4557 from Habbie/safesearch
Peter van Dijk [Tue, 11 Oct 2016 19:51:02 +0000 (21:51 +0200)]
Merge pull request #4557 from Habbie/safesearch

encrypted.google.com is supported as SNI on the forcesafesearch VIP; …

8 years agoencrypted.google.com is supported as SNI on the forcesafesearch VIP; so is ipv6.googl...
Peter van Dijk [Tue, 11 Oct 2016 11:23:10 +0000 (13:23 +0200)]
encrypted.google.com is supported as SNI on the forcesafesearch VIP; so is ipv6.google.com

8 years agoAdd requestorId and some comments to the protobuf definition file
Remi Gacogne [Mon, 10 Oct 2016 13:08:24 +0000 (15:08 +0200)]
Add requestorId and some comments to the protobuf definition file

8 years agoMerge pull request #4553 from rgacogne/dnsdist-client-redirection
Remi Gacogne [Mon, 10 Oct 2016 12:05:46 +0000 (14:05 +0200)]
Merge pull request #4553 from rgacogne/dnsdist-client-redirection

dnsdist: Flush output in single command client mode

8 years agodnsdist: Flush output in single command client mode
Remi Gacogne [Mon, 10 Oct 2016 11:12:21 +0000 (13:12 +0200)]
dnsdist: Flush output in single command client mode

Otherwise redirection to a pipe or a file doesn't work, as
reported on IRC  by tmus (thanks!).

8 years agoauth: Fix a possible memory leak in the webserver
Remi Gacogne [Fri, 7 Oct 2016 13:04:12 +0000 (15:04 +0200)]
auth: Fix a possible memory leak in the webserver

Also state clearly that we advise against running the webserver
without password protection.

Reported by mongo (thanks!).

8 years agoAPI: search should not return ENTs
Christian Hofstaedtler [Thu, 6 Oct 2016 14:18:09 +0000 (16:18 +0200)]
API: search should not return ENTs

This should also fix #4534, when backported.

8 years agoMerge pull request #4508 from Habbie/wrong
Peter van Dijk [Thu, 6 Oct 2016 13:38:13 +0000 (15:38 +0200)]
Merge pull request #4508 from Habbie/wrong

Revert "Merge pull request #947 from mind04/right"

8 years agoSend secpoll users of 3.X to the 3.X docs
Pieter Lexis [Wed, 5 Oct 2016 14:36:43 +0000 (16:36 +0200)]
Send secpoll users of 3.X to the 3.X docs

Closes #4521

8 years agoMerge pull request #4530 from paddg/patch-3
Remi Gacogne [Wed, 5 Oct 2016 13:28:00 +0000 (15:28 +0200)]
Merge pull request #4530 from paddg/patch-3

Update README-dnsdist.md

8 years agoUpdate README-dnsdist.md
Winfried Angele [Wed, 5 Oct 2016 06:57:29 +0000 (08:57 +0200)]
Update README-dnsdist.md

8 years agoMerge pull request #4519 from rgacogne/dnsdist-ecs-rule
bert hubert [Tue, 4 Oct 2016 07:05:34 +0000 (09:05 +0200)]
Merge pull request #4519 from rgacogne/dnsdist-ecs-rule

dnsdist: Allow altering the ECS behavior via rules and Lua

8 years agoadd gcc 6.2 to boost.m4
Kees Monshouwer [Fri, 30 Sep 2016 20:53:05 +0000 (22:53 +0200)]
add gcc 6.2 to boost.m4

8 years agofix a few 'types may not be defined in a for-range-declaration' warnings
Kees Monshouwer [Fri, 30 Sep 2016 20:50:57 +0000 (22:50 +0200)]
fix a few 'types may not be defined in a for-range-declaration' warnings

8 years agoignore a generated file
Pieter Lexis [Fri, 30 Sep 2016 11:15:53 +0000 (13:15 +0200)]
ignore a generated file

8 years agoMerge pull request #4485 from mind04/cache-soa
bert hubert [Thu, 29 Sep 2016 18:05:31 +0000 (20:05 +0200)]
Merge pull request #4485 from mind04/cache-soa

soa and caching

8 years agofix up packetcache not to use constexpr which upset clang (perhaps it is right)
bert hubert [Thu, 29 Sep 2016 17:51:34 +0000 (19:51 +0200)]
fix up packetcache not to use constexpr which upset clang (perhaps it is right)

8 years agodocument cache cleaning rate adjustment, plus switch to symbolic names for limits
bert hubert [Thu, 29 Sep 2016 15:23:42 +0000 (17:23 +0200)]
document cache cleaning rate adjustment, plus switch to symbolic names for limits

8 years agoMerge pull request #4504 from mind04/pcsize
bert hubert [Thu, 29 Sep 2016 14:45:45 +0000 (16:45 +0200)]
Merge pull request #4504 from mind04/pcsize

update packetcache size in insert(), remove unnecessary locking, change cache cleaning strategy

8 years agos/soa-minimum-default/soa-minimum-ttl/
Kees Monshouwer [Sat, 17 Sep 2016 21:04:01 +0000 (23:04 +0200)]
s/soa-minimum-default/soa-minimum-ttl/

8 years agoMerge pull request #4432 from rgacogne/dnsdist-protobuf-regression-tests
Remi Gacogne [Thu, 29 Sep 2016 09:21:47 +0000 (11:21 +0200)]
Merge pull request #4432 from rgacogne/dnsdist-protobuf-regression-tests

dnsdist: Add regression tests for protobuf export and DNSResponse bindings

8 years agodnsdist: Allow altering the ECS behavior via rules and Lua
Remi Gacogne [Thu, 29 Sep 2016 08:48:04 +0000 (10:48 +0200)]
dnsdist: Allow altering the ECS behavior via rules and Lua

8 years agoremove debug output and correct iterator increase
Kees Monshouwer [Wed, 28 Sep 2016 13:21:45 +0000 (15:21 +0200)]
remove debug output and correct iterator increase

8 years agoadaptive packetcache cleaning interval
Kees Monshouwer [Tue, 27 Sep 2016 08:55:47 +0000 (10:55 +0200)]
adaptive packetcache cleaning interval

8 years agoMerge pull request #4431 from pieterlexis/issue-4430-bogus-on-no-DS
Pieter Lexis [Wed, 28 Sep 2016 11:43:20 +0000 (13:43 +0200)]
Merge pull request #4431 from pieterlexis/issue-4430-bogus-on-no-DS

Rec: don't go bogus on zero configured DSs

8 years agoMerge pull request #4473 from rgacogne/coverity-fixes-20160915
Pieter Lexis [Wed, 28 Sep 2016 11:40:44 +0000 (13:40 +0200)]
Merge pull request #4473 from rgacogne/coverity-fixes-20160915

auth: Fix returned id from `Bind2Backend::addDomainKey()`, use a unique_ptr for AuthLua4 object

8 years agoMerge pull request #4513 from martinkouba/patch-1
Pieter Lexis [Wed, 28 Sep 2016 11:39:36 +0000 (13:39 +0200)]
Merge pull request #4513 from martinkouba/patch-1

Updated description of allow-unsigned-notify

8 years agodisable negative getSOA caching if the negcache_ttl is 0
Kees Monshouwer [Sat, 17 Sep 2016 22:28:41 +0000 (00:28 +0200)]
disable negative getSOA caching if the negcache_ttl is 0

8 years agoUpdated description of allow-unsigned-notify
Martin Kouba [Tue, 27 Sep 2016 17:49:21 +0000 (19:49 +0200)]
Updated description of allow-unsigned-notify

Changed default of allow-unsigned-notify according to https://doc.powerdns.com/md/authoritative/settings/

8 years agocleanup packetcache cleanup()
Kees Monshouwer [Mon, 26 Sep 2016 19:04:24 +0000 (21:04 +0200)]
cleanup packetcache cleanup()

8 years agomake sure we clean based on sequence index and not on hash index. This bug potentiall...
bert hubert [Mon, 26 Sep 2016 10:12:59 +0000 (12:12 +0200)]
make sure we clean based on sequence index and not on hash index. This bug potentially repeats for all users of PruneCollection.

8 years agoremove some outdated comments in packetcache.cc
Kees Monshouwer [Mon, 26 Sep 2016 18:31:22 +0000 (20:31 +0200)]
remove some outdated comments in packetcache.cc

8 years agoremove unnecessary locking in packetcache
Kees Monshouwer [Mon, 26 Sep 2016 18:30:20 +0000 (20:30 +0200)]
remove unnecessary locking in packetcache

8 years agoupdate packetcache size in insert()
Kees Monshouwer [Mon, 26 Sep 2016 18:28:27 +0000 (20:28 +0200)]
update packetcache size in insert()

8 years agoRevert "Merge pull request #947 from mind04/right"
Peter van Dijk [Mon, 26 Sep 2016 12:52:10 +0000 (14:52 +0200)]
Revert "Merge pull request #947 from mind04/right"

This code only served to fix a combination of system misconfiguration and a
bug in glibc. Meanwhile it turns out this code is incorrect. Removing it.

8 years agomake sure we log the [id] as well for DNSSEC trace
bert hubert [Mon, 26 Sep 2016 09:40:02 +0000 (11:40 +0200)]
make sure we log the [id] as well for DNSSEC trace

8 years agoMerge pull request #4506 from HLFH/patch-1
Pieter Lexis [Sun, 25 Sep 2016 19:49:15 +0000 (21:49 +0200)]
Merge pull request #4506 from HLFH/patch-1

Removal of pipebackend-abi-version setting

8 years agoMerge pull request #4507 from HLFH/patch-2
Pieter Lexis [Sun, 25 Sep 2016 19:48:51 +0000 (21:48 +0200)]
Merge pull request #4507 from HLFH/patch-2

Give tarball link

8 years agoMerge pull request #4499 from rgacogne/rec-boost-context-1.61
Peter van Dijk [Sun, 25 Sep 2016 19:06:06 +0000 (21:06 +0200)]
Merge pull request #4499 from rgacogne/rec-boost-context-1.61

rec: Add support for boost::context >= 1.61

8 years agoGive tarball link
HLFH [Sun, 25 Sep 2016 16:59:46 +0000 (18:59 +0200)]
Give tarball link

8 years agoRemoval of pipebackend-abi-version setting
HLFH [Sun, 25 Sep 2016 16:51:58 +0000 (18:51 +0200)]
Removal of pipebackend-abi-version setting

pipebackend-abi-version has been removed in 4.0.0.
We no longer need this setting explained in the master doc.

8 years agoMerge pull request #4497 from phonedph1/root-hint
bert hubert [Sun, 25 Sep 2016 09:53:17 +0000 (11:53 +0200)]
Merge pull request #4497 from phonedph1/root-hint

e.root-servers.net has IPv6 now

8 years agorec: Always test if BOOST_VERSION is < 1.61, not >, for readability
Remi Gacogne [Fri, 23 Sep 2016 14:58:05 +0000 (16:58 +0200)]
rec: Always test if BOOST_VERSION is < 1.61, not >, for readability

8 years agoMerge pull request #4492 from pieterlexis/post-deresource-version-bind
Peter van Dijk [Fri, 23 Sep 2016 14:54:44 +0000 (16:54 +0200)]
Merge pull request #4492 from pieterlexis/post-deresource-version-bind

Don't ServFail on version.bind post-deresource

8 years agoMerge pull request #4486 from cmouse/yahttp-update
Pieter Lexis [Fri, 23 Sep 2016 14:51:53 +0000 (16:51 +0200)]
Merge pull request #4486 from cmouse/yahttp-update

yahttp: Update to v0.2.0

8 years agoMerge pull request #4487 from mzealey/wipe-domain-doc-update
Pieter Lexis [Fri, 23 Sep 2016 14:51:37 +0000 (16:51 +0200)]
Merge pull request #4487 from mzealey/wipe-domain-doc-update

Add doc about the $ feature of wipe-domain

8 years agoMerge pull request #4494 from zeha/warnings
Peter van Dijk [Fri, 23 Sep 2016 14:50:55 +0000 (16:50 +0200)]
Merge pull request #4494 from zeha/warnings

Fix struct/class mismatch warning reported by apple clang 800.0.38

8 years agorec: Add support for boost::context >= 1.61
Remi Gacogne [Fri, 23 Sep 2016 14:08:15 +0000 (16:08 +0200)]
rec: Add support for boost::context >= 1.61

8 years agowhen encountering bad zone data in backend, make sure we finish the get() so we leave...
bert hubert [Fri, 23 Sep 2016 08:26:06 +0000 (10:26 +0200)]
when encountering bad zone data in backend, make sure we finish the get() so we leave the backend in a consistent state.

8 years agoe.root-servers.net has IPv6 now
phonedph1 [Fri, 23 Sep 2016 00:41:58 +0000 (18:41 -0600)]
e.root-servers.net has IPv6 now

8 years agoFix struct/class mismatch warning reported by apple clang 800.0.38
Christian Hofstaedtler [Thu, 22 Sep 2016 16:35:02 +0000 (18:35 +0200)]
Fix struct/class mismatch warning reported by apple clang 800.0.38

8 years agoDon't ServFail on version.bind post-deresource
Pieter Lexis [Thu, 22 Sep 2016 09:20:02 +0000 (11:20 +0200)]
Don't ServFail on version.bind post-deresource

8 years agoAdd doc about the $ feature of wipe-domain
Mark Zealey [Mon, 19 Sep 2016 15:01:00 +0000 (18:01 +0300)]
Add doc about the $ feature of wipe-domain

8 years agoyahttp: Update to v0.2.0
Aki Tuomi [Sun, 18 Sep 2016 12:06:12 +0000 (15:06 +0300)]
yahttp: Update to v0.2.0

8 years agoauth: `id` variable shadows reference in `Bind2Backend::addDomainKey()`
Remi Gacogne [Thu, 15 Sep 2016 09:28:20 +0000 (11:28 +0200)]
auth: `id` variable shadows reference in `Bind2Backend::addDomainKey()`

8 years agoauth: Use unique_ptr for `AuthLua` and `AuthLua4` objects
Remi Gacogne [Thu, 15 Sep 2016 09:12:58 +0000 (11:12 +0200)]
auth: Use unique_ptr for `AuthLua` and `AuthLua4` objects

Fix a leak reported by coverity when we cycle a backend.

8 years agoauth: Fix 'Identical code for different branches' coverity defect
Remi Gacogne [Thu, 15 Sep 2016 09:12:41 +0000 (11:12 +0200)]
auth: Fix 'Identical code for different branches' coverity defect

8 years agoMerge pull request #4467 from ahupowerdns/deresource
bert hubert [Wed, 14 Sep 2016 08:02:00 +0000 (10:02 +0200)]
Merge pull request #4467 from ahupowerdns/deresource

Deresource & uphash: gigabit DNSSEC root-server performance

8 years agoreinstate shuffling in the new DNSZoneRecord world
bert hubert [Tue, 13 Sep 2016 13:56:44 +0000 (15:56 +0200)]
reinstate shuffling in the new DNSZoneRecord world

8 years agomake randombackend DNSZoneRecord native
bert hubert [Tue, 13 Sep 2016 13:56:31 +0000 (15:56 +0200)]
make randombackend DNSZoneRecord native

8 years agomake it possible to compare pointers/references to DNSRecordContent. There is a gener...
bert hubert [Mon, 12 Sep 2016 21:48:41 +0000 (23:48 +0200)]
make it possible to compare pointers/references to DNSRecordContent. There is a generic comparison function based on getZoneRepresentation(), and specializations for A, AAAA, MX and NS. Rest to follow.
Also make DNSPacket::addRecord() use this infrastructure

8 years agofix up lua-auth for new DNSZoneRecord world
bert hubert [Thu, 8 Sep 2016 03:40:38 +0000 (05:40 +0200)]
fix up lua-auth for new DNSZoneRecord world

8 years agorestore old ldap logging behaviour
bert hubert [Thu, 8 Sep 2016 03:40:23 +0000 (05:40 +0200)]
restore old ldap logging behaviour

8 years agoand it works for ldap-simple too!
bert hubert [Wed, 7 Sep 2016 20:42:39 +0000 (22:42 +0200)]
and it works for ldap-simple too!

8 years agowe now actually pass these tests
bert hubert [Wed, 7 Sep 2016 20:12:26 +0000 (22:12 +0200)]
we now actually pass these tests

8 years agofix zone2ldap in one other place
bert hubert [Wed, 7 Sep 2016 19:47:05 +0000 (21:47 +0200)]
fix zone2ldap in one other place

8 years agomake sure that zone2ldap encodes root as .
bert hubert [Wed, 7 Sep 2016 19:21:53 +0000 (21:21 +0200)]
make sure that zone2ldap encodes root as .

8 years agoenable a lot of LDAP logging to uncover what might be going on over at travis
bert hubert [Wed, 7 Sep 2016 17:55:50 +0000 (19:55 +0200)]
enable a lot of LDAP logging to uncover what might be going on over at travis

8 years agoreenable LDAP testing, plus fix up partial SOA records from backends. Hopefully this...
bert hubert [Wed, 7 Sep 2016 17:25:16 +0000 (19:25 +0200)]
reenable LDAP testing, plus fix up partial SOA records from backends. Hopefully this was the reason for the failing LDAP backend tests.

8 years agofix up mydns backend to properly return SOA records in ANY queries.
bert hubert [Wed, 7 Sep 2016 16:23:34 +0000 (18:23 +0200)]
fix up mydns backend to properly return SOA records in ANY queries.

8 years agoalso propagate scopeMask to emulated get()
bert hubert [Wed, 7 Sep 2016 14:25:55 +0000 (16:25 +0200)]
also propagate scopeMask to emulated get()

8 years agofix up TXT content matching when backend does not add "
bert hubert [Wed, 7 Sep 2016 14:15:10 +0000 (16:15 +0200)]
fix up TXT content matching when backend does not add "

8 years agofix presigned NSEC3s
bert hubert [Wed, 7 Sep 2016 13:46:16 +0000 (15:46 +0200)]
fix presigned NSEC3s

8 years agodisable ldap, which I can't debug locally. Perhaps other backends fail similarly.
bert hubert [Wed, 7 Sep 2016 12:57:40 +0000 (14:57 +0200)]
disable ldap, which I can't debug locally. Perhaps other backends fail similarly.

8 years agowe got one labelReversal case wrong
bert hubert [Wed, 7 Sep 2016 10:12:35 +0000 (12:12 +0200)]
we got one labelReversal case wrong

8 years agosome further labelreverse improvements
bert hubert [Wed, 7 Sep 2016 09:05:00 +0000 (11:05 +0200)]
some further labelreverse improvements

8 years agoset of labelReverse incorrect migrations, two of which likely are still incorrect
bert hubert [Mon, 5 Sep 2016 09:02:32 +0000 (11:02 +0200)]
set of labelReverse incorrect migrations, two of which likely are still incorrect

8 years agofix case where we did not do duplicate record detection for additional processing
bert hubert [Mon, 5 Sep 2016 09:02:12 +0000 (11:02 +0200)]
fix case where we did not do duplicate record detection for additional processing

8 years agomake an ENTRecordType
bert hubert [Mon, 5 Sep 2016 09:01:57 +0000 (11:01 +0200)]
make an ENTRecordType

8 years agoreinstate duplicate record detection, slowing us down tremendously until we speed...
bert hubert [Mon, 5 Sep 2016 09:01:22 +0000 (11:01 +0200)]
reinstate duplicate record detection, slowing us down tremendously until we speed that up

8 years agofix up testcases
bert hubert [Sun, 4 Sep 2016 20:18:52 +0000 (22:18 +0200)]
fix up testcases

8 years agotwo compilation errors (one in an internal tool, one in luabackend)
bert hubert [Sun, 4 Sep 2016 19:32:35 +0000 (21:32 +0200)]
two compilation errors (one in an internal tool, one in luabackend)

8 years agomore speedups and cleanups for DNSZoneRecord world
bert hubert [Sun, 4 Sep 2016 19:04:28 +0000 (21:04 +0200)]
more speedups and cleanups for DNSZoneRecord world

8 years agoinit some DNSZoneRecord members
bert hubert [Sun, 4 Sep 2016 19:04:00 +0000 (21:04 +0200)]
init some DNSZoneRecord members

8 years agofix up zone2sql compilation after fixups
bert hubert [Sun, 4 Sep 2016 19:03:38 +0000 (21:03 +0200)]
fix up zone2sql compilation after fixups

8 years agopacketcache hashed
bert hubert [Sun, 4 Sep 2016 19:03:16 +0000 (21:03 +0200)]
packetcache hashed

8 years agobindbackend hashed
bert hubert [Sun, 4 Sep 2016 19:02:51 +0000 (21:02 +0200)]
bindbackend hashed

8 years agoyolo - big DNSResourceRecord removal
bert hubert [Sat, 3 Sep 2016 22:47:42 +0000 (00:47 +0200)]
yolo - big DNSResourceRecord removal

8 years agoMerge pull request #4463 from pieterlexis/centos-6-pkg-bind
bert hubert [Mon, 12 Sep 2016 15:11:52 +0000 (17:11 +0200)]
Merge pull request #4463 from pieterlexis/centos-6-pkg-bind

Auth: build Bind backend for CentOS 6

8 years agoAuth: build Bind backend for CentOS 6
Pieter Lexis [Mon, 12 Sep 2016 13:10:41 +0000 (15:10 +0200)]
Auth: build Bind backend for CentOS 6

8 years agoMerge pull request #4461 from pieterlexis/boost161-fallback-ucontext
Pieter Lexis [Mon, 12 Sep 2016 12:48:49 +0000 (14:48 +0200)]
Merge pull request #4461 from pieterlexis/boost161-fallback-ucontext

Fall back to SystemV ucontexts on boost >= 1.61

8 years agoMerge pull request #4459 from ahupowerdns/pqmemleak
bert hubert [Mon, 12 Sep 2016 12:05:43 +0000 (14:05 +0200)]
Merge pull request #4459 from ahupowerdns/pqmemleak

plugs memory leak in postgresql backend

8 years agoRec: Disable boost-fcontext on boost 1.61 and up
Pieter Lexis [Mon, 12 Sep 2016 11:51:27 +0000 (13:51 +0200)]
Rec: Disable boost-fcontext on boost 1.61 and up

Fall back to the slower system v ucontext.