]>
granicus.if.org Git - pdns/log
Josh Soref [Thu, 2 Feb 2017 09:29:47 +0000 (09:29 +0000)]
spelling: although
Josh Soref [Thu, 2 Feb 2017 09:29:00 +0000 (09:29 +0000)]
spelling: aligns
Josh Soref [Thu, 2 Feb 2017 09:28:21 +0000 (09:28 +0000)]
spelling: algorithm
Josh Soref [Thu, 2 Feb 2017 09:25:40 +0000 (09:25 +0000)]
spelling: against
Josh Soref [Thu, 2 Feb 2017 09:25:17 +0000 (09:25 +0000)]
spelling: adjusted
Josh Soref [Thu, 2 Feb 2017 09:25:30 +0000 (09:25 +0000)]
spelling: addresses
Josh Soref [Thu, 2 Feb 2017 09:24:58 +0000 (09:24 +0000)]
spelling: additionally
Josh Soref [Thu, 2 Feb 2017 09:24:17 +0000 (09:24 +0000)]
spelling: accept
Pieter Lexis [Tue, 31 Jan 2017 16:32:48 +0000 (17:32 +0100)]
Merge pull request #4951 from Habbie/netmaskgroup-negative
support exclusions in NetmaskGroup
Peter van Dijk [Mon, 30 Jan 2017 18:56:03 +0000 (19:56 +0100)]
Merge pull request #4861 from klaus3000/master-optimize-only-notify
optimize only-notify logic v2
Pieter Lexis [Mon, 30 Jan 2017 15:59:01 +0000 (16:59 +0100)]
Merge pull request #4940 from rgacogne/backport-json11-fixes
Backport json11 fixes from upstream
Pieter Lexis [Mon, 30 Jan 2017 15:58:30 +0000 (16:58 +0100)]
Merge pull request #4859 from RobinGeuze/changeTruncateTCToDefaultToOff
Change truncateTC to defaulting to off
Pieter Lexis [Mon, 30 Jan 2017 15:58:18 +0000 (16:58 +0100)]
Merge pull request #4817 from rgacogne/dnsdist-tcp-single-pipe
dnsdist: Add `setTCPUseSinglePipe()` to use a single TCP waiting queue
Pieter Lexis [Mon, 30 Jan 2017 15:57:58 +0000 (16:57 +0100)]
Merge pull request #4788 from rgacogne/dnsdist-cache-hit-rules
dnsdist: Add cache hit response rules
Pieter Lexis [Mon, 30 Jan 2017 15:57:14 +0000 (16:57 +0100)]
Merge pull request #4952 from Habbie/drop-broken-test
::2 is not ::2 on every OS, because of RFC4291
Peter van Dijk [Fri, 27 Jan 2017 13:38:47 +0000 (14:38 +0100)]
document mask negation
Peter van Dijk [Fri, 27 Jan 2017 13:33:04 +0000 (14:33 +0100)]
support exclusions in NetmaskGroup
Peter van Dijk [Fri, 27 Jan 2017 16:57:51 +0000 (17:57 +0100)]
::2 is not ::2 on every OS, because of RFC4291
Peter van Dijk [Fri, 27 Jan 2017 11:36:57 +0000 (12:36 +0100)]
test NetmaskGroup::toString()
Peter van Dijk [Thu, 26 Jan 2017 08:14:03 +0000 (09:14 +0100)]
Merge pull request #4711 from thusoy/pgsql-extra-connection-args
Enable setting custom pgsql connection parameters
Pieter Lexis [Wed, 25 Jan 2017 16:10:40 +0000 (17:10 +0100)]
Merge branch 'hlindqvist-validate-hostname'
Pieter Lexis [Wed, 25 Jan 2017 16:10:25 +0000 (17:10 +0100)]
Change hostname validation check output to Info
Pieter Lexis [Wed, 25 Jan 2017 16:08:58 +0000 (17:08 +0100)]
Merge branch 'validate-hostname' of https://github.com/hlindqvist/pdns into hlindqvist-validate-hostname
bert hubert [Wed, 25 Jan 2017 14:15:14 +0000 (15:15 +0100)]
Merge pull request #4925 from rgacogne/rec-asan-stack-switch
rec: Let ASAN know that we are switching stacks, which one is in use
bert hubert [Wed, 25 Jan 2017 14:14:42 +0000 (15:14 +0100)]
Merge pull request #4924 from ahupowerdns/ednstune
Make EDNS Client Subnet masks tunable, improve logging, improve subnet oddity
Remi Gacogne [Wed, 25 Jan 2017 09:26:08 +0000 (10:26 +0100)]
Backport json11 fixes from upstream
Remi Gacogne [Wed, 18 Jan 2017 16:04:28 +0000 (17:04 +0100)]
rec: Let ASAN know that we are switching stacks, which one is in use
Enabled via the --enable-asan configure switch if the
`__sanitizer_start_switch_fiber` function is present in
`sanitizer/common_interface_defs.h` .
Pieter Lexis [Tue, 24 Jan 2017 12:29:27 +0000 (13:29 +0100)]
Merge pull request #4877 from skolot/issue-4579
issue #4579
Pieter Lexis [Tue, 24 Jan 2017 10:58:12 +0000 (11:58 +0100)]
Merge pull request #4879 from pieterlexis/rm-relative-include
Remove a relative import in yahttp-config.h
Pieter Lexis [Tue, 24 Jan 2017 10:57:58 +0000 (11:57 +0100)]
Merge pull request #4917 from rgacogne/rec-shadow-cleanup
rec: Clean up, fix compiler warnings
Pieter Lexis [Tue, 24 Jan 2017 10:57:44 +0000 (11:57 +0100)]
Merge pull request #4916 from rgacogne/valgrind-stack-changes
rec: Let valgrind know that we are switching stacks
Pieter Lexis [Tue, 24 Jan 2017 10:57:33 +0000 (11:57 +0100)]
Merge pull request #4911 from rgacogne/invalid-v6-port-master
Fix negative port detection for IPv6 addresses on 32-bit
Pieter Lexis [Tue, 24 Jan 2017 10:57:19 +0000 (11:57 +0100)]
Merge pull request #4901 from rgacogne/atomic-counter-32
Fix AtomicCounter unit tests on 32-bit
Pieter Lexis [Tue, 24 Jan 2017 10:56:19 +0000 (11:56 +0100)]
Merge pull request #4871 from pieterlexis/docs-fixes
Documentation improvements
Tarjei Husøy [Sat, 26 Nov 2016 01:07:43 +0000 (17:07 -0800)]
Enable setting custom psql connection parameters
This makes it possible to ensure we're connecting over TLS and validate
the connection against a known CA. And everything else that be
configured as connection parameters, like TCP keepalive behavior,
timeouts, etc. Full spec:
https://www.postgresql.org/docs/current/static/libpq-connect.html#LIBPQ-PARAMKEYWORDS
Closes #2138.
Peter van Dijk [Mon, 23 Jan 2017 20:05:11 +0000 (21:05 +0100)]
Merge pull request #4908 from zeha/ubercleanup
Tidy up UeberBackend a bit
Remi Gacogne [Fri, 20 Jan 2017 12:24:25 +0000 (13:24 +0100)]
Merge pull request #4926 from rgacogne/dnscrypt-no-afternm
dnsdist: Fix DNSCrypt support when building with libsodium < 1.0.3
Remi Gacogne [Mon, 2 Jan 2017 11:01:44 +0000 (12:01 +0100)]
dnsdist: Clean the `TCPClientCollection` constructor
Remi Gacogne [Fri, 23 Dec 2016 14:56:17 +0000 (15:56 +0100)]
dnsdist: Add `setTCPUseSinglePipe()` to use a single TCP waiting queue
By default, every TCP worker thread has its own queue, and incoming TCP
connections are dispatched to TCP workers on a round-robin basis. This might
cause issues if some connections are taking a very long time, since incoming
ones will be waiting until the TCP worker they have been assigned to has finished
handling its current query, while other TCP workers might be available.
This experimental `setTCPUseSinglePipe(true)` directive can be used so that all the
incoming TCP connections are put into a single queue and handled by the
first TCP worker available.
Remi Gacogne [Fri, 20 Jan 2017 10:14:22 +0000 (11:14 +0100)]
Merge pull request #4818 from rgacogne/dnsdist-connect-timeout
dnsdist: Add `tcpConnectTimeout` to `newServer()`
Remi Gacogne [Fri, 20 Jan 2017 10:13:34 +0000 (11:13 +0100)]
Merge pull request #4897 from rgacogne/dnsdist-hash-perturb
dnsdist: Add `setWHashedPertubation()` for consistent `whashed` results
Remi Gacogne [Fri, 20 Jan 2017 09:43:30 +0000 (10:43 +0100)]
dnsdist: Fix DNSCrypt support when building with libsodium < 1.0.3
The precomputed interface was added in 1.0.3, fall back to computing
the key twice with earlier versions.
Remi Gacogne [Wed, 11 Jan 2017 12:24:58 +0000 (13:24 +0100)]
dnsdist: Add `setWHashedPertubation()` for consistent `whashed` results
Remi Gacogne [Mon, 19 Dec 2016 12:02:31 +0000 (13:02 +0100)]
dnsdist: Add cache hit response rules
It allows applying actions on a response coming from the cache,
for example to be able to send a protobuf message.
Remi Gacogne [Thu, 19 Jan 2017 19:44:27 +0000 (20:44 +0100)]
Merge pull request #4837 from rgacogne/dnsdist-rdrule
dnsdist: Add `RDRule()` to match queries with the `RD` flag set
Remi Gacogne [Thu, 19 Jan 2017 19:42:37 +0000 (20:42 +0100)]
Merge pull request #4787 from rgacogne/dnsdist-edit-ttls
dnsdist: Allow TTL alteration via Lua
Remi Gacogne [Thu, 19 Jan 2017 19:42:19 +0000 (20:42 +0100)]
Merge pull request #4776 from rgacogne/dnsdist-protobuf-cname
dnsdist: Add an option to export CNAME records over protobuf
Remi Gacogne [Thu, 19 Jan 2017 14:28:20 +0000 (15:28 +0100)]
Merge pull request #4813 from rgacogne/dnscrypt-after-nm
DNSCrypt: Store the computed shared key and reuse it for the response
Remi Gacogne [Fri, 23 Dec 2016 17:11:19 +0000 (18:11 +0100)]
dnsdist: Add `tcpConnectTimeout` to `newServer()`
While we already timeouts when writing to or reading from TCP backends,
the initial connection attempt was blocking. In addition to that, if the
connection to the backend failed we didn't retry and simply closed the
corresponding connection to the client. We now retry up to `retries` times,
as we did for I/O errors.
Remi Gacogne [Wed, 28 Dec 2016 15:21:43 +0000 (16:21 +0100)]
dnsdist: Add `RDRule()` to match queries with the `RD` flag set
Remi Gacogne [Thu, 19 Jan 2017 14:08:09 +0000 (15:08 +0100)]
Merge pull request #4910 from Habbie/dnsdist-lua-version
report more specific lua version; report luajit
Remi Gacogne [Thu, 19 Jan 2017 14:07:29 +0000 (15:07 +0100)]
Merge pull request #4780 from rgacogne/dnsdist-optional-time-statnoderespring
dnsdist: Add an optional `seconds` parameter to `statNodeRespRing()`
Remi Gacogne [Thu, 19 Jan 2017 14:06:18 +0000 (15:06 +0100)]
Merge pull request #4785 from rgacogne/dnsdist-down-latency
dnsdist: Send a latency of 0 over carbon, null over API for down servers
Remi Gacogne [Thu, 19 Jan 2017 14:05:50 +0000 (15:05 +0100)]
Merge pull request #4786 from rgacogne/dnsdist-bind-address-no-port
dnsdist: Use `IP_BIND_ADDRESS_NO_PORT` when available
Remi Gacogne [Thu, 19 Jan 2017 14:04:47 +0000 (15:04 +0100)]
Merge pull request #4815 from rgacogne/dnsdist-console-no-replay
dnsdist: Merge the client and server nonces to prevent replay attacks
Remi Gacogne [Thu, 19 Jan 2017 14:03:51 +0000 (15:03 +0100)]
Merge pull request #4898 from rgacogne/dnsdist-ringbuffers-size
dnsdist: Add the `setRingBuffersSize()` directive
bert hubert [Wed, 18 Jan 2017 17:49:51 +0000 (18:49 +0100)]
add iputils.cc to remotebackend tests
bert hubert [Wed, 18 Jan 2017 17:18:00 +0000 (18:18 +0100)]
link in iputils.o in places that need it now for truncation of netmask
bert hubert [Wed, 18 Jan 2017 15:18:46 +0000 (16:18 +0100)]
add ecs-ipv4-bits and ecs-ipv6-bits tunables for EDNS Client Subnet & document them. Split out ECS code from pdns_recursor.cc.
bert hubert [Wed, 18 Jan 2017 15:18:23 +0000 (16:18 +0100)]
make EDNS client subnet do some better logging on --trace
bert hubert [Wed, 18 Jan 2017 15:17:06 +0000 (16:17 +0100)]
ComboAddress truncate() is assumed to never throw. Enforce this.
bert hubert [Wed, 18 Jan 2017 15:16:19 +0000 (16:16 +0100)]
EDNS Client Subnet parser delivered 'over precise' netmasks, like 1.2.3.4/16. This might have caused problems, but at the very least looks odd. We truncate now.
Pieter Lexis [Tue, 17 Jan 2017 10:57:09 +0000 (11:57 +0100)]
Merge pull request #4918 from pieterlexis/auth-403-changelog
Add Authoritative Server 4.0.3 changelog
Pieter Lexis [Tue, 17 Jan 2017 10:10:32 +0000 (11:10 +0100)]
Add Authoritative Server 4.0.3 changelog
Remi Gacogne [Mon, 16 Jan 2017 17:17:04 +0000 (18:17 +0100)]
rec: Let valgrind know that we are switching stacks
Enabled via the `--enable-valgrind` configure switch.
Remi Gacogne [Mon, 16 Jan 2017 17:05:34 +0000 (18:05 +0100)]
Explicitely use const iterators in `validateWithKeySet` and `getKeysFor`
Remi Gacogne [Mon, 16 Jan 2017 16:53:06 +0000 (17:53 +0100)]
Make sure `labelsToAdd` is not empty in `getZoneCuts()`
Remi Gacogne [Mon, 16 Jan 2017 16:51:49 +0000 (17:51 +0100)]
Remove `g_rootDS` leftover
Remi Gacogne [Mon, 16 Jan 2017 16:48:49 +0000 (17:48 +0100)]
Fix `DSRecordContent::operator==` hiding virtual `DNSRecordContent::operator==`
Hopefully we should be able to enable `-Woverloaded-virtual` soon.
Remi Gacogne [Mon, 16 Jan 2017 16:46:59 +0000 (17:46 +0100)]
Remove unused `RemoteLogger::sendData()` leftover
Remi Gacogne [Mon, 16 Jan 2017 16:45:34 +0000 (17:45 +0100)]
rec: Fix shadowed variables
No real issue here, but I'd like to be able `-Wshadow` to prevent
future mishaps at some point.
Pieter Lexis [Mon, 16 Jan 2017 14:38:06 +0000 (15:38 +0100)]
Merge pull request #4905 from rgacogne/revert-4638
Revert "auth: In `Bind2Backend::lookup()`, use the `zoneId` when we have it"
Peter van Dijk [Sun, 15 Jan 2017 20:54:34 +0000 (21:54 +0100)]
report more specific lua version; report luajit
Remi Gacogne [Sun, 15 Jan 2017 20:45:27 +0000 (21:45 +0100)]
Fix negative port detection for IPv6 addresses on 32-bit
On a 32-bit Arch, our `test_ComboAddress` unit test fails because
`ComboAddress("[::1]:-6")` is considered valid. This is caused by
`stoul()` not throwing for a negative value and returning an `unsigned
long` value using unsigned integer wraparound rules. Since we used to
store the result value in a `signed int` and treat negative values
as if the port was not set, the test failed.
Christian Hofstaedtler [Sat, 14 Jan 2017 12:02:20 +0000 (13:02 +0100)]
Remove spurious ueberbackend.hh includes from backends
Christian Hofstaedtler [Sat, 14 Jan 2017 12:02:09 +0000 (13:02 +0100)]
UeberBackend: prefix suspiciouos member var names with d_
Remi Gacogne [Fri, 13 Jan 2017 16:40:02 +0000 (17:40 +0100)]
Revert "auth: In `Bind2Backend::lookup()`, use the `zoneId` when we have it"
This reverts commit
937a66255ff05f2e754ef113833e54cc4cf2004b .
It doesn't work with multiple backends since the `zoneId` is passed to
every available backend on `lookup()`.
Pieter Lexis [Fri, 13 Jan 2017 15:33:59 +0000 (16:33 +0100)]
Merge pull request #4903 from pieterlexis/centos-6-rpm-bind-backend
Build the bind backend for CentOS 6 differently
Pieter Lexis [Fri, 13 Jan 2017 15:03:48 +0000 (16:03 +0100)]
Build the bind backend for CentOS 6 differently
Closes #4669
Closes #4902
Remi Gacogne [Fri, 16 Dec 2016 15:51:12 +0000 (16:51 +0100)]
dnsdist: Add an optional `seconds` parameter to `statNodeRespRing()`
By default `statNodeRespRing()` applies the visitor function to every
entry in the response rings. When passed a non-zero `seconds` parameter,
it will only apply it to entries added in the last `seconds` seconds.
Pieter Lexis [Fri, 13 Jan 2017 14:36:24 +0000 (15:36 +0100)]
Merge pull request #4478 from peterthomassen/master
docs enhancements; clarify error message when set-presigned fails with DNSSEC disabled
Pieter Lexis [Fri, 13 Jan 2017 14:36:05 +0000 (15:36 +0100)]
Merge branch 'master' into master
Remi Gacogne [Thu, 15 Dec 2016 09:11:38 +0000 (10:11 +0100)]
dnsdist: Add an option to export CNAME records over protobuf
Pieter Lexis [Fri, 13 Jan 2017 13:29:44 +0000 (14:29 +0100)]
Merge pull request #4779 from pieterlexis/dnsdist-history-to-home
dnsdist: Save history to home-dir
Pieter Lexis [Fri, 13 Jan 2017 13:29:16 +0000 (14:29 +0100)]
Merge pull request #4775 from rgacogne/luawrapper-func-index
LuaWrapper: Use the correct index when storing a function
Pieter Lexis [Fri, 13 Jan 2017 13:28:53 +0000 (14:28 +0100)]
Merge pull request #4611 from rgacogne/dnsdist-tcp-rfc7766-section10
dnsdist: Add TCP management options from rfc7766 section 10
Pieter Lexis [Fri, 13 Jan 2017 13:28:41 +0000 (14:28 +0100)]
Merge pull request #4536 from rgacogne/dnsdist-mute
dnsdist: Add an option to 'mute' UDP responses per bind
Pieter Lexis [Fri, 13 Jan 2017 13:28:20 +0000 (14:28 +0100)]
Merge pull request #4474 from rgacogne/dnsdist-catch-wrond-addresses
dnsdist: Gracefully handle invalid addresses in `newServer()`
Pieter Lexis [Fri, 13 Jan 2017 13:28:07 +0000 (14:28 +0100)]
Merge pull request #4285 from rgacogne/dnsdist-unreachable-server
dnsdist: Handle unreachable servers at startup, reconnect stale sockets
Remi Gacogne [Fri, 13 Jan 2017 13:02:19 +0000 (14:02 +0100)]
Fix AtomicCounter unit tests on 32-bit
Pieter Lexis [Fri, 13 Jan 2017 12:00:02 +0000 (13:00 +0100)]
Fix date typo in auth 4.0.2 release date
Pieter Lexis [Fri, 13 Jan 2017 11:57:19 +0000 (12:57 +0100)]
Forgot to make a MD list
Pieter Lexis [Fri, 13 Jan 2017 11:51:55 +0000 (12:51 +0100)]
Merge pull request #4899 from pieterlexis/jan-2017-changelog
January 2017 changelogs
Pieter Lexis [Thu, 8 Dec 2016 15:44:59 +0000 (16:44 +0100)]
Add recursor 4.0.4 changelog
Pieter Lexis [Thu, 8 Dec 2016 15:39:14 +0000 (16:39 +0100)]
Add Auth 4.0.2 changelog
Pieter Lexis [Thu, 8 Dec 2016 14:56:03 +0000 (15:56 +0100)]
Update secpoll for January 2017 security releases
Pieter Lexis [Thu, 8 Dec 2016 13:02:58 +0000 (14:02 +0100)]
Add security advisories
Pieter Lexis [Fri, 13 Jan 2017 08:10:46 +0000 (09:10 +0100)]
Merge pull request #4893 from rgacogne/tsig-ixfr
Check TSIG signature on IXFR
Remi Gacogne [Thu, 12 Jan 2017 17:23:35 +0000 (18:23 +0100)]
dnsdist: Add the `setRingBuffersSize()` directive
The default ringbuffers size might be too small for large deployments,
this new directive allows changing it without recompiling.
Pieter Lexis [Thu, 12 Jan 2017 13:43:25 +0000 (14:43 +0100)]
Merge pull request #4889 from rgacogne/auth-unknown-record-content-size
auth: Correctly check unknown record content size