]>
granicus.if.org Git - pdns/log
Remi Gacogne [Tue, 7 Aug 2018 15:00:41 +0000 (17:00 +0200)]
Merge pull request #6830 from Habbie/rec-test-upgrade-pip
recursor testing: upgrade pip
Peter van Dijk [Tue, 7 Aug 2018 10:48:09 +0000 (12:48 +0200)]
upgrade pip
Remi Gacogne [Mon, 6 Aug 2018 07:31:44 +0000 (09:31 +0200)]
Merge pull request #6824 from klaus3000/improve-slavecheck-logging
Add the serials when logging the final result of a slave-check
Remi Gacogne [Mon, 6 Aug 2018 07:27:18 +0000 (09:27 +0200)]
Merge pull request #6768 from rgacogne/rec-several-distributors
rec: Add support for several distributor threads
Remi Gacogne [Mon, 6 Aug 2018 07:25:29 +0000 (09:25 +0200)]
Merge pull request #6698 from rgacogne/rec-pb-options
rec: Refactor Protobuf options, add query/response selection
Remi Gacogne [Mon, 30 Jul 2018 07:42:44 +0000 (09:42 +0200)]
rec: Add a few more words about setProtobufMasks() in the documentation
Remi Gacogne [Thu, 12 Jul 2018 14:28:13 +0000 (16:28 +0200)]
rec: Make 'only log if a tag is present' conditions easier to read
Remi Gacogne [Thu, 31 May 2018 13:32:14 +0000 (15:32 +0200)]
rec: Refactor Protobuf options, add query/response selection
- Turn the protobuf options into a table because there are already
too many of them
- Split the masks applied to the initiator to a separate
`setProtobufMasks` directive
- Add the possibility to log only queries, or only responses
- Add the possibility to select queries (FFI only) and responses
for export from the Lua hooks
- Add regression tests for the protobuf features
Remi Gacogne [Fri, 3 Aug 2018 15:22:03 +0000 (17:22 +0200)]
Merge pull request #6792 from rgacogne/rec-delay-lua-conf-threads
rec: Delay the creation of RPZ threads until we have dropped privileges
Remi Gacogne [Fri, 3 Aug 2018 07:31:26 +0000 (09:31 +0200)]
Merge pull request #6826 from phonedph1/getoutstanding
Make getOutstanding be usable from both lua and console
Remi Gacogne [Fri, 3 Aug 2018 07:30:58 +0000 (09:30 +0200)]
Merge pull request #6813 from phonedph1/dstportrule
dnsdist: DSTPortRule
phonedph1 [Thu, 2 Aug 2018 14:52:11 +0000 (14:52 +0000)]
Actually remove it ;)
phonedph1 [Thu, 2 Aug 2018 14:23:44 +0000 (14:23 +0000)]
Fix type
Remi Gacogne [Thu, 2 Aug 2018 12:53:06 +0000 (14:53 +0200)]
Merge pull request #6827 from SvenMW/fix_docstring
Update index.rst
Sven Kieske [Thu, 2 Aug 2018 12:48:52 +0000 (14:48 +0200)]
Update index.rst
[DOC] fixed duplicate words
phonedph1 [Wed, 1 Aug 2018 20:01:03 +0000 (20:01 +0000)]
Make getOutstanding be usable from both lua and console
Klaus Darilion [Wed, 1 Aug 2018 10:03:07 +0000 (10:03 +0000)]
fix typo: "ourserial is" -> "our serial is"
Remi Gacogne [Wed, 1 Aug 2018 07:40:34 +0000 (09:40 +0200)]
Merge pull request #6820 from phonedph1/patch-5
Update config.rst
Remi Gacogne [Wed, 1 Aug 2018 07:36:13 +0000 (09:36 +0200)]
Merge pull request #6816 from rgacogne/auth-api-strict-ordering
auth: Make sure that we use strict weak records ordering in the API
Klaus Darilion [Tue, 31 Jul 2018 21:36:03 +0000 (21:36 +0000)]
When the final result of the slave-check get logged, always add the respective serials to the log line. This is very useful when debugging slave-check issues
phonedph1 [Tue, 31 Jul 2018 18:51:40 +0000 (12:51 -0600)]
Update config.rst
Try to clarify what staleTTL means in terms of the packet cache option.
This hopefully aligns more with the text on https://dnsdist.org/guides/cache.html and real-world observations.
Remi Gacogne [Mon, 30 Jul 2018 12:40:10 +0000 (14:40 +0200)]
auth: Make sure that we use strict weak records ordering in the API
phonedph1 [Mon, 30 Jul 2018 13:45:13 +0000 (13:45 +0000)]
Add autocompletion data
phonedph1 [Mon, 30 Jul 2018 13:45:05 +0000 (13:45 +0000)]
Don't use a seperate hton variable
Remi Gacogne [Mon, 30 Jul 2018 13:24:07 +0000 (15:24 +0200)]
rec: Fix 'worker' conflict with #6812
Remi Gacogne [Mon, 30 Jul 2018 09:36:52 +0000 (11:36 +0200)]
rec: Move the "launching <n> workers" message to the right place
Remi Gacogne [Tue, 3 Jul 2018 07:33:46 +0000 (09:33 +0200)]
rec: Add support for several distributor threads
Remi Gacogne [Mon, 30 Jul 2018 07:56:57 +0000 (09:56 +0200)]
Merge pull request #6804 from Habbie/rec-buildbot-no-snmp
skip recursor SNMP testing in buildbot
Remi Gacogne [Mon, 30 Jul 2018 07:54:36 +0000 (09:54 +0200)]
Merge pull request #6812 from Habbie/rec-thread-fixes
rec: load Lua scripts only in worker threads
phonedph1 [Thu, 26 Jul 2018 16:35:42 +0000 (16:35 +0000)]
Test that DSTPortRule captures queries
phonedph1 [Thu, 26 Jul 2018 15:41:27 +0000 (15:41 +0000)]
Allow matching based on destination port.
Peter van Dijk [Thu, 26 Jul 2018 15:05:14 +0000 (17:05 +0200)]
do not load Lua in the distributor thread
Peter van Dijk [Thu, 26 Jul 2018 14:24:06 +0000 (16:24 +0200)]
only load the Lua script in worker threads
Peter van Dijk [Thu, 26 Jul 2018 14:20:26 +0000 (16:20 +0200)]
correct type for getRecursorThreadId
Peter van Dijk [Wed, 25 Jul 2018 16:23:52 +0000 (18:23 +0200)]
Merge pull request #6796 from cmouse/mmdb
geoipbackend: Document that MMDB support has been added in v4.2
Peter van Dijk [Wed, 25 Jul 2018 16:13:04 +0000 (18:13 +0200)]
skip recursor SNMP testing in buildbot
Peter van Dijk [Tue, 24 Jul 2018 15:12:48 +0000 (17:12 +0200)]
Merge pull request #6802 from neilcook/boostfs
Make NOD and Boost FS conditional for compilation based on configure flag
Neil Cook [Tue, 24 Jul 2018 14:07:31 +0000 (16:07 +0200)]
Fix incorrect tests for NOD in configure
Neil Cook [Tue, 24 Jul 2018 12:16:00 +0000 (14:16 +0200)]
Make NOD and Boost FS conditional for compilation based on configure flag
Remi Gacogne [Fri, 20 Jul 2018 08:43:31 +0000 (10:43 +0200)]
Merge pull request #6728 from neilcook/nod
Newly Observed Domain Support
Neil Cook [Tue, 29 May 2018 17:51:35 +0000 (18:51 +0100)]
Newly observed domain support using a stable bloom filter to record previously seen domains.
- Not enabled by default, must be enabled via configure
- Enables new domains to be logged or sent via DNS lookup
- New settings documented
Aki Tuomi [Mon, 16 Jul 2018 14:44:16 +0000 (17:44 +0300)]
geoipbackend: Document that MMDB support has been added in v4.2
Remi Gacogne [Fri, 13 Jul 2018 09:19:04 +0000 (11:19 +0200)]
rec: Delay the creation of RPZ threads until we have dropped privileges
On Linux/glibc, calling `set*id()` from a thread results in the other
threads being sent the `SIGRT_1` signal so they are aware that they
should switch credentials too, because `POSIX` requires that all threads
use the same credentials but Linux actually handles it per thread.
The reception of the signal interrupts the current `syscall` with
`EINTR`, causing the loading of the `RPZ` zone to fail.
Pieter Lexis [Thu, 12 Jul 2018 07:54:19 +0000 (09:54 +0200)]
Merge pull request #6650 from pieterlexis/doc-nits
Fix some doc nits and re-do parts of the Geo IP docs
Pieter Lexis [Thu, 12 Jul 2018 07:45:58 +0000 (09:45 +0200)]
Merge pull request #6694 from zeha/cleanup20180530
Assorted tiny cleanups
Pieter Lexis [Thu, 12 Jul 2018 07:31:15 +0000 (09:31 +0200)]
Merge pull request #6719 from rgacogne/rec-mtasker-container-bounds
rec: Allocate one more stack byte to make _GLIBCXX_ASSERTIONS happy
Pieter Lexis [Thu, 12 Jul 2018 07:30:56 +0000 (09:30 +0200)]
Merge pull request #6738 from rgacogne/auth-tsig-6736
auth: Reset the TSIG state between queries
Pieter Lexis [Thu, 12 Jul 2018 07:29:44 +0000 (09:29 +0200)]
Merge pull request #6774 from wojas/calidns-accurate-target-qps
calidns: accurate qps targets
Pieter Lexis [Thu, 12 Jul 2018 07:29:27 +0000 (09:29 +0200)]
Merge pull request #6780 from Habbie/api-fillzone-merge
avoid concurrent records/comments iteration from running out of sync
Peter van Dijk [Thu, 12 Jul 2018 07:29:12 +0000 (09:29 +0200)]
Merge pull request #6788 from rgacogne/dnsdist-doc-maxnegttl-int
dnsdist: Fix the type of maxNegativeTTL (int, not bool) in the doc
Pieter Lexis [Thu, 12 Jul 2018 07:29:01 +0000 (09:29 +0200)]
Merge pull request #6789 from SvenMW/master
[DOC] fix botan lib link
Pieter Lexis [Thu, 12 Jul 2018 07:28:33 +0000 (09:28 +0200)]
Merge pull request #6783 from rgacogne/changelog-from-pr-auth
Add Basic Auth support to changelog-from-pr.py
SvenMW [Wed, 11 Jul 2018 15:39:26 +0000 (17:39 +0200)]
[DOC] fix botan lib link
also change powerdns Downloadlink from http to https
Remi Gacogne [Wed, 11 Jul 2018 07:43:02 +0000 (09:43 +0200)]
dnsdist: Fix the type of maxNegativeTTL (int, not bool) in the doc
Remi Gacogne [Tue, 10 Jul 2018 12:40:56 +0000 (14:40 +0200)]
Merge pull request #6787 from rgacogne/dnsdist-132-changelog
dnsdist: Add ChangeLog for dnsdist 1.3.2
Remi Gacogne [Tue, 10 Jul 2018 12:38:38 +0000 (14:38 +0200)]
Merge pull request #6785 from rgacogne/dnsdist-cache-dump-build-cinttypes
dnsdist: Add missing include for PRId64, fix build on CentOS 6 / SLES 12
Remi Gacogne [Tue, 10 Jul 2018 12:04:26 +0000 (14:04 +0200)]
dnsdist: Add ChangeLog for dnsdist 1.3.2
Remi Gacogne [Tue, 10 Jul 2018 11:23:46 +0000 (13:23 +0200)]
dnsdist: Add missing include for PRId64, fix build on CentOS 6 / SLES 12
Remi Gacogne [Tue, 10 Jul 2018 10:16:42 +0000 (12:16 +0200)]
Merge pull request #6784 from rgacogne/dnsdist-131-changelog
dnsdist: Add ChangeLog for dnsdist 1.3.1
Remi Gacogne [Tue, 10 Jul 2018 08:30:09 +0000 (10:30 +0200)]
dnsdist: Add ChangeLog for dnsdist 1.3.1
Remi Gacogne [Mon, 9 Jul 2018 19:24:32 +0000 (21:24 +0200)]
Merge pull request #6782 from rgacogne/dnsdist-soaseen-broken
dnsdist: Fix detection of NoData / NXDomain answers in the cache
Remi Gacogne [Mon, 9 Jul 2018 15:50:34 +0000 (17:50 +0200)]
Add Basic Auth support to changelog-from-pr.py
GitHub's API rate limiting is quite aggressive, but is more
permissive for authenticated users.
This PR allows authenticating via username and password, but you can
also submit a personal access tokens instead of a password if, for
example, you have 2-factors authentication enabled on your account.
Remi Gacogne [Mon, 9 Jul 2018 14:29:36 +0000 (16:29 +0200)]
dnsdist: Fix detection of NoData / NXDomain answers in the cache
Checking whether the SOA record is in the right section was broken
because of a misplaced parenthesis, and the unit test checking that
case turned out to be broken too (wrong class) :'(
The broken check was reported by cppcheck (thanks!):
```
Comparison of a boolean expression with an integer.
```
Remi Gacogne [Mon, 9 Jul 2018 13:37:11 +0000 (15:37 +0200)]
Merge pull request #6764 from rgacogne/dnsdist-rotate-certs
dnsdist: Add support for rotating certificates and keys
Remi Gacogne [Mon, 9 Jul 2018 12:42:28 +0000 (14:42 +0200)]
Merge pull request #6769 from rgacogne/luawrapper-maybe-uninitialized
LuaWrapper: Disable maybe uninitialized warnings with boost optional
Peter van Dijk [Fri, 6 Jul 2018 16:47:00 +0000 (18:47 +0200)]
avoid concurrent records/comments iteration from running out of sync
Remi Gacogne [Mon, 9 Jul 2018 10:15:54 +0000 (12:15 +0200)]
Merge pull request #6726 from rgacogne/dnsdist-clean-maxqpsiprule-lru
dnsdist: Use LRU to clean the MaxQPSIPRule's store
Remi Gacogne [Mon, 9 Jul 2018 09:35:54 +0000 (11:35 +0200)]
dnsdist: Rename disableTickets to sessionTickets
Remi Gacogne [Mon, 9 Jul 2018 09:18:53 +0000 (11:18 +0200)]
Merge pull request #6734 from rgacogne/dnsdist-set-ecs
dnsdist: Add SetECSAction to set an arbitrary outgoing ECS value
Remi Gacogne [Mon, 9 Jul 2018 08:54:47 +0000 (10:54 +0200)]
Merge pull request #6773 from rgacogne/dnsdist-reuse-race
dnsdist: Fix an outstanding counter race when reusing states
Remi Gacogne [Mon, 9 Jul 2018 07:29:50 +0000 (09:29 +0200)]
dnsdist: Pass const references to SetECSAction()
Remi Gacogne [Mon, 9 Jul 2018 07:21:14 +0000 (09:21 +0200)]
Merge pull request #6754 from rgacogne/dnsdist-subnet-collision
dnsdist: Detect ECS collisions in the packet cache
Remi Gacogne [Mon, 9 Jul 2018 07:20:06 +0000 (09:20 +0200)]
Merge pull request #6775 from rgacogne/dnsdist-none-action
dnsdist: Implement NoneAction()
Remi Gacogne [Mon, 9 Jul 2018 07:19:47 +0000 (09:19 +0200)]
Merge pull request #6776 from rgacogne/dnsdist-dynblock-noop
dnsdist: Add DNSAction.NoOp to debug Dynamic Blocks
Remi Gacogne [Fri, 6 Jul 2018 14:06:13 +0000 (16:06 +0200)]
dnsdist: Make sure that DynBlock tests do not pass when they shouldn't
Konrad Wojas [Fri, 6 Jul 2018 12:31:13 +0000 (20:31 +0800)]
calidns: accurate qps targets
Instead of a naive fixed sleep between batch sends, check the actual time
passed to determine how long to sleep. This allows calidns to actually
reach qps targets at higher rates.
Remi Gacogne [Fri, 6 Jul 2018 12:27:47 +0000 (14:27 +0200)]
dnsdist: Add DNSAction.NoOp to debug Dynamic Blocks
Setting the dynamic block action to NoOp allows the dynamic rule to
be inserted as usual and show up while looking at the rules,
while not blocking any query and not stopping subsequent rules from
being evaluated.
Remi Gacogne [Fri, 6 Jul 2018 12:26:36 +0000 (14:26 +0200)]
dnsdist: Implement NoneAction()
Remi Gacogne [Fri, 6 Jul 2018 08:18:06 +0000 (10:18 +0200)]
dnsdist: Fix a typo in the documentation of addTLSLocal()'s options
Remi Gacogne [Fri, 6 Jul 2018 08:14:33 +0000 (10:14 +0200)]
Merge pull request #6760 from rgacogne/dnsdist-dynblockrulesgroup-exclusions
dnsdist: Add netmask-based {ex,in}clusions to DynBlockRulesGroup
Remi Gacogne [Thu, 5 Jul 2018 14:26:33 +0000 (16:26 +0200)]
dnsdist: Fix an outstanding counter race when reusing states
Remi Gacogne [Wed, 4 Jul 2018 08:42:49 +0000 (10:42 +0200)]
Merge pull request #6720 from rgacogne/rec-snmp-broadcast
rec: Allow the SNMP thread to retrieve statistics
Remi Gacogne [Wed, 27 Jun 2018 13:21:09 +0000 (15:21 +0200)]
dnsdist: Remove an unused local variable in getEDNSOptionsStart()
Remi Gacogne [Mon, 25 Jun 2018 09:29:31 +0000 (11:29 +0200)]
dnsdist: Detect ECS collisions in the packet cache
We did not detect a collision involving two queries for the same qname,
qtype, qclass and flags but with different ECS values hashing to the same key.
This commit adds an option to the packet cache to parse and keep the ECS value
in order to detect this kind of collisions.
It's not enabled by default because parsing the ECS value has a cost.
Remi Gacogne [Wed, 4 Jul 2018 08:27:05 +0000 (10:27 +0200)]
Merge pull request #6767 from rgacogne/dnsdist-dynblocks-api-lower
dnsdist: Fix duration false positive in the dynblock regression tests
Remi Gacogne [Wed, 4 Jul 2018 08:26:50 +0000 (10:26 +0200)]
Merge pull request #6762 from rgacogne/dnsdist-unorderedmap-table
dnsdist: Fix iterating over the results of exceed*() functions
Remi Gacogne [Wed, 4 Jul 2018 08:26:12 +0000 (10:26 +0200)]
Merge pull request #6749 from rgacogne/dnsdist-cache-dump
dnsdist: Add the ability to dump a summary of the cache content
Remi Gacogne [Tue, 3 Jul 2018 09:59:53 +0000 (11:59 +0200)]
LuaWrapper: Disable maybe uninitialized warnings with boost optional
GCC enables `-Wmaybe-uninitialized` by default with `-Wall`, and it
reports what looks like false positives with boost::optional types
See:
- https://svn.boost.org/trac10/ticket/12513
- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78044
Remi Gacogne [Mon, 2 Jul 2018 14:16:40 +0000 (16:16 +0200)]
dnsdist: Fix duration false positive in the dynblock regression tests
The number of remaining seconds might also be equal to the minimum
value.
Remi Gacogne [Mon, 2 Jul 2018 06:58:47 +0000 (08:58 +0200)]
Merge pull request #6765 from PowerDNS/doc-bind-api-ro
Document that BIND backend hosted zones can't be altered from the API
bert hubert [Fri, 29 Jun 2018 21:05:40 +0000 (23:05 +0200)]
Document that BIND backend hosted zones can't be altered from the API
Remi Gacogne [Fri, 29 Jun 2018 13:13:25 +0000 (15:13 +0200)]
dnsdist: Fix compilation without DoT support
Remi Gacogne [Fri, 29 Jun 2018 09:02:00 +0000 (11:02 +0200)]
dnsdist: Add an option to disable TLS session resumption via tickets
Remi Gacogne [Thu, 28 Jun 2018 16:48:07 +0000 (18:48 +0200)]
dnsdist: Add support for rotating certificates and keys
Remi Gacogne [Thu, 28 Jun 2018 13:13:51 +0000 (15:13 +0200)]
Merge pull request #6747 from rgacogne/dnsdist-flags-collision
dnsdist: Check the flags to detect collisions in the packet cache
Remi Gacogne [Thu, 28 Jun 2018 13:11:40 +0000 (15:11 +0200)]
Merge pull request #6744 from rgacogne/rec-edns-options-multi-values
rec: Support multiple values for the same EDNS option in gettag
Remi Gacogne [Thu, 28 Jun 2018 10:29:51 +0000 (12:29 +0200)]
dnsdist: Test that we can iterate over the results of exceed*()
Remi Gacogne [Thu, 28 Jun 2018 09:04:49 +0000 (11:04 +0200)]
LuaWrapper: Add support for handling specialized unordered map as tables
Remi Gacogne [Wed, 27 Jun 2018 12:52:37 +0000 (14:52 +0200)]
dnsdist: Add netmask-based {ex,in}clusions to DynBlockRulesGroup
Remi Gacogne [Thu, 21 Jun 2018 10:38:50 +0000 (12:38 +0200)]
dnsdist: Check the flags to detect collisions in the packet cache
In the unlikely but quite real event two queries with the same qname,
qtype and qclass but different EDNS options or flags end up with
the same hash, the packet cache would return a answer that might
not be suitable for the query. Reduce the odds by checking the
flags present in the dns header in addition to the qname, qtype
and qclass.
For the same reason we might need to consider storing the ECS
subnet if any.