]>
granicus.if.org Git - pdns/log
Remi Gacogne [Fri, 27 Oct 2017 07:56:41 +0000 (09:56 +0200)]
Merge pull request #5863 from zeha/getShowBind
dnsdist: showBind, getBind console improvements
Remi Gacogne [Fri, 27 Oct 2017 07:54:26 +0000 (09:54 +0200)]
Merge pull request #5864 from zeha/noresponse
dnsdist: Fix log message in no-downstream-server case
Chris Hofstaedtler [Thu, 26 Oct 2017 21:43:37 +0000 (23:43 +0200)]
dnsdist: avoid crash when printing nullptr retvals
Chris Hofstaedtler [Thu, 26 Oct 2017 21:13:04 +0000 (23:13 +0200)]
dnsdist: make getBind() retval printable
Chris Hofstaedtler [Thu, 26 Oct 2017 21:24:23 +0000 (23:24 +0200)]
dnsdist: Fix log message in no-downstream-server case
Chris Hofstaedtler [Thu, 26 Oct 2017 21:13:25 +0000 (23:13 +0200)]
dnsdist: print WrongTypeException details in local console, too
Chris Hofstaedtler [Thu, 26 Oct 2017 21:01:03 +0000 (23:01 +0200)]
dnsdist: Add showBinds, getBind to completion/help
Pieter Lexis [Thu, 26 Oct 2017 12:36:04 +0000 (14:36 +0200)]
Merge pull request #5837 from jpmens/patch-3
fix markup for warning
Pieter Lexis [Thu, 26 Oct 2017 12:35:50 +0000 (14:35 +0200)]
Merge pull request #5846 from RvdE/patch-1
Update compiling.rst
Pieter Lexis [Thu, 26 Oct 2017 12:35:40 +0000 (14:35 +0200)]
Merge pull request #5848 from ffledgling/api-server-doc-fix
Add missing config option in HTTP API docs
Pieter Lexis [Thu, 26 Oct 2017 12:35:26 +0000 (14:35 +0200)]
Merge pull request #5851 from jpmens/patch-4
Attempt to clarify use of TSIG key and ALLOW-DNSUPDATE-FROM
Pieter Lexis [Thu, 26 Oct 2017 12:35:12 +0000 (14:35 +0200)]
Merge pull request #5852 from jpmens/patch-5
Show use of pdnsutil generate-tsig-key
Pieter Lexis [Thu, 26 Oct 2017 12:34:57 +0000 (14:34 +0200)]
Merge pull request #5856 from jpmens/patch-6
dnsupdate default for allow-dnsupdate-from
Pieter Lexis [Thu, 26 Oct 2017 12:34:49 +0000 (14:34 +0200)]
Merge pull request #5857 from jpmens/patch-7
docs: clarify settings for allow-dnsupdate-from
aerique [Thu, 26 Oct 2017 11:42:40 +0000 (13:42 +0200)]
Merge pull request #5842 from pieterlexis/log-timestamps
4.1 polish: Add log-timestamp option
JP Mens [Thu, 26 Oct 2017 09:13:26 +0000 (11:13 +0200)]
Update dnsupdate.rst
JP Mens [Thu, 26 Oct 2017 08:40:10 +0000 (10:40 +0200)]
Update settings.rst
JP Mens [Thu, 26 Oct 2017 08:22:12 +0000 (10:22 +0200)]
docs: clarify settings for allow-dnsupdate-from
JP Mens [Thu, 26 Oct 2017 08:11:54 +0000 (10:11 +0200)]
dnsupdate default for allow-dnsupdate-from
JP Mens [Thu, 26 Oct 2017 05:42:38 +0000 (07:42 +0200)]
Show use of pdnsutil generate-tsig-key
JP Mens [Thu, 26 Oct 2017 05:26:53 +0000 (07:26 +0200)]
Attempt to clarify use of TSIG key and ALLOW-DNSUPDATE-FROM
Clarify association between use of TSIG key and ALLOW-DNSUPDATE-FROM. Previous description sounded like AND
Anhad Jai Singh [Wed, 25 Oct 2017 17:28:32 +0000 (22:58 +0530)]
Add missing config option in API docs
- Add `api=yes` required to enable API
- Change ports in examples from 8082 to 8081 to reflect default port in
configs for Authoritative DNS
RvdE [Wed, 25 Oct 2017 15:23:32 +0000 (17:23 +0200)]
Update compiling.rst
fix libdecaf configure option (was probably copied from the libsodium paragraph)
bert hubert [Wed, 25 Oct 2017 13:41:28 +0000 (15:41 +0200)]
Merge pull request #5835 from rgacogne/rec-disable-validation-for-infra
rec: Disable validation for infra queries, validate entries from the negcache
Remi Gacogne [Wed, 25 Oct 2017 12:53:13 +0000 (14:53 +0200)]
rec: Place CacheEntry and CacheKey into a unique namespace
aerique [Wed, 25 Oct 2017 11:54:29 +0000 (13:54 +0200)]
Merge pull request #5774 from ahupowerdns/our-latency-metric
Implement experimental metric tracking time spent within PowerDNS per query
bert hubert [Wed, 25 Oct 2017 10:46:41 +0000 (12:46 +0200)]
also account for network latency when talking to hardcoded servers
bert hubert [Wed, 25 Oct 2017 10:40:20 +0000 (12:40 +0200)]
remove whitespace
Remi Gacogne [Fri, 20 Oct 2017 13:42:07 +0000 (15:42 +0200)]
rec: Validate entries retrieved from the negcache if needed
This happens if validation was not requested during the first query
but is requested when we retrieve a negatively cached entry.
This is useful when running with dnssec=process, and also especially
so now that we don't validate infra queries anymore.
Remi Gacogne [Thu, 19 Oct 2017 15:34:22 +0000 (17:34 +0200)]
rec: Don't validate infrastructure queries
Also require authoritative answer when looking for a cut, since we
use `DS` queries and not `NS` queries anymore.
Pieter Lexis [Wed, 25 Oct 2017 09:17:58 +0000 (11:17 +0200)]
Add log-timestamp option
This option can be used to disable printing timestamps to stdout, this
is useful when using systemd-journald or another supervisor that
timestamps stdout by itself. As the logs will not have 2 timestamps.
aerique [Tue, 24 Oct 2017 11:28:36 +0000 (13:28 +0200)]
Merge pull request #5834 from rgacogne/rec-dont-cache-nsec3
rec: Don't directly store NSEC3 records in the positive cache
aerique [Mon, 23 Oct 2017 15:03:48 +0000 (17:03 +0200)]
Merge pull request #5822 from mind04/ldap-timeout
auth: ldapbackend, use the timeout setting in the PowerLDAP class
bert hubert [Mon, 23 Oct 2017 11:01:14 +0000 (13:01 +0200)]
add annotation to documentation, fix unrelated RST-warning
bert hubert [Mon, 23 Oct 2017 10:30:42 +0000 (12:30 +0200)]
Merge pull request #5832 from rgacogne/travis-list-repos
Remove all custom repositories
Peter van Dijk [Mon, 23 Oct 2017 09:42:43 +0000 (11:42 +0200)]
Merge pull request #5833 from rgacogne/auth-add-key
auth: Fix Coverity warnings in apiZoneCryptokeysPOST and BindDomainInfo
Remi Gacogne [Mon, 23 Oct 2017 08:47:17 +0000 (10:47 +0200)]
Merge pull request #5625 from rgacogne/dnsdist-set-status-on-auto
dnsdist: Add an optional `status` parameter to `setAuto()`
Remi Gacogne [Mon, 23 Oct 2017 08:45:48 +0000 (10:45 +0200)]
Merge pull request #5686 from rgacogne/dnsdist-qps-action
dnsdist: Add missing QPSAction
aerique [Mon, 23 Oct 2017 08:25:14 +0000 (10:25 +0200)]
Merge pull request #5836 from mind04/axfr-dnsname
auth: more DNSName in doAXFR()
aerique [Mon, 23 Oct 2017 07:20:48 +0000 (09:20 +0200)]
Merge pull request #5777 from rgacogne/auth-signing-pipe-std-thread
auth: Handle a signing pipe worker dying with work still pending
JP Mens [Mon, 23 Oct 2017 07:20:05 +0000 (09:20 +0200)]
fix markup for warning
Kees Monshouwer [Fri, 20 Oct 2017 22:38:45 +0000 (00:38 +0200)]
auth: more DNSName in doAXFR()
Remi Gacogne [Thu, 19 Oct 2017 09:57:32 +0000 (11:57 +0200)]
rec: Don't directly store NSEC3 records in the positive cache
Remi Gacogne [Thu, 19 Oct 2017 09:14:00 +0000 (11:14 +0200)]
auth: Make sure hadFileDirective is initialized in BindDomainInfo
It should be initialized after BindParser::commit() has been called,
but let's make sure it still is if this function is not called.
Reported by Coverity.
Remi Gacogne [Thu, 19 Oct 2017 09:13:24 +0000 (11:13 +0200)]
auth: Handle addKey() returning false in apiZoneCryptokeysPOST
Reported by Coverity.
Remi Gacogne [Thu, 19 Oct 2017 08:45:23 +0000 (10:45 +0200)]
auth: Fix Bind2Backend::addDomainKey return value without SQLite3
Since
82cc07611d23c5e815d8673ae070cf0e421351ad changed the return value
from an `int` to a `bool`, it would return `true` instead of `false`
when SQLite3 support was not available.
Remi Gacogne [Wed, 18 Oct 2017 16:06:53 +0000 (18:06 +0200)]
Remove all custom repositories
Pieter Lexis [Wed, 18 Oct 2017 10:56:17 +0000 (12:56 +0200)]
Merge pull request #5825 from pieterlexis/default-zsk-algorithm-empty-is-ok
Auth: Don't warn on empty default-{k,z}sk-algorithm
Pieter Lexis [Wed, 18 Oct 2017 10:55:30 +0000 (12:55 +0200)]
Merge pull request #5826 from pieterlexis/jpmens-issues-edition-2017
Fix some of the issues found by @jpmens
Pieter Lexis [Wed, 18 Oct 2017 10:55:15 +0000 (12:55 +0200)]
Merge pull request #5828 from pieterlexis/document-nits
Fix a bunch of documentation nits
aerique [Wed, 18 Oct 2017 10:02:18 +0000 (12:02 +0200)]
Merge pull request #5779 from pieterlexis/api-rectify-version-2
Rectify zones via the API
Pieter Lexis [Wed, 18 Oct 2017 08:29:06 +0000 (10:29 +0200)]
API docs: "name" of a zone is read-only
Pieter Lexis [Tue, 17 Oct 2017 13:53:33 +0000 (15:53 +0200)]
docs: fix underline warning
Pieter Lexis [Tue, 17 Oct 2017 13:51:31 +0000 (15:51 +0200)]
doc: Document support named.conf statements
Closes #5790
Pieter Lexis [Tue, 17 Oct 2017 13:20:12 +0000 (15:20 +0200)]
docs: Document PGP keys used to sign tarballs
Closes #5635
Pieter Lexis [Tue, 17 Oct 2017 13:01:02 +0000 (15:01 +0200)]
docs: Describe RRSIG validity period a bit better
Closes #5714
Pieter Lexis [Mon, 16 Oct 2017 10:40:48 +0000 (12:40 +0200)]
Deduplicate and shorten API exception message
Pieter Lexis [Mon, 16 Oct 2017 10:32:39 +0000 (12:32 +0200)]
Add doRectify bool to DNSSECKeeper::rectifyZone()
This is added so the API can wrap an update to a zone's records *and*
DNSSEC info into a single transaction.
Pieter Lexis [Mon, 16 Oct 2017 10:31:38 +0000 (12:31 +0200)]
Reuse UeberBackend in DNSSECKeeper::rectifyZone()
But use a full UeberBackend when needed.
Pieter Lexis [Mon, 16 Oct 2017 09:37:26 +0000 (11:37 +0200)]
API: Fully boolify api_rectify
Pieter Lexis [Fri, 6 Oct 2017 15:04:23 +0000 (17:04 +0200)]
API: add rectify endpoint
Pieter Lexis [Fri, 6 Oct 2017 14:13:22 +0000 (16:13 +0200)]
API: Implement conditional rectification
This commit takes a lot of ideas and code from #3417 and subsequent
development and implements the following things:
- Generate DNSSEC keys for a zone when "dnssec" is true in an API
POST/PATCH for zones
- Rectify DNSSEC zones after POST/PATCH when API-RECTIFY metadata is 1
- Allow setting this metadata via the "api-rectify" param in a Zone
object
- Shows "nsec3param" and "nsec3narrow" in Zone API responses
- Adds an "rrsets" request parameter for a zone to skip sending RRSets
in the response (Closes #5712)
Closes #3417
Many thanks to Nils Wisiol (@nils-wisiol) for the initial
implementation.
Pieter Lexis [Fri, 6 Oct 2017 12:24:45 +0000 (14:24 +0200)]
Add checkNSEC3PARAM function
Pieter Lexis [Wed, 4 Oct 2017 14:20:07 +0000 (16:20 +0200)]
Move rectifyZone from pdnsutil to DNSSECKeeper
Pieter Lexis [Tue, 17 Oct 2017 12:30:28 +0000 (14:30 +0200)]
docs: document gpgsql default settings
Closes #5688
Pieter Lexis [Tue, 17 Oct 2017 12:20:57 +0000 (14:20 +0200)]
docs: Fix wrong description of webserver-address
Closes #5728
Pieter Lexis [Tue, 17 Oct 2017 12:18:48 +0000 (14:18 +0200)]
Fix a bunch of doc nits
Closes #5724
Pieter Lexis [Tue, 17 Oct 2017 12:28:16 +0000 (14:28 +0200)]
Merge pull request #5757 from mstathers/master
Update docs to reflect actual default database name.
Pieter Lexis [Mon, 16 Oct 2017 15:56:06 +0000 (17:56 +0200)]
Merge pull request #5740 from pieterlexis/lowercase-outgoing-all-the-things
rec: Lowercase all outgoing qnames when lowercase-outgoing is set
Pieter Lexis [Mon, 16 Oct 2017 15:54:21 +0000 (17:54 +0200)]
doc: Document that the bind-dnssec-db is not the normal gsqlite3 db
Closes #5785
Pieter Lexis [Mon, 16 Oct 2017 15:20:38 +0000 (17:20 +0200)]
BIND: reject zones without 'file' stanza
Closes #5786
Peter van Dijk [Mon, 16 Oct 2017 15:10:39 +0000 (17:10 +0200)]
Merge pull request #5824 from mind04/b-root
b.root renumbering, effective 2017-10-24
Remi Gacogne [Mon, 16 Oct 2017 14:16:37 +0000 (16:16 +0200)]
Merge pull request #5808 from rgacogne/rec-nsec-ent
rec: Check that the NSEC covers an ENT when looking for NODATA
Pieter Lexis [Mon, 16 Oct 2017 13:05:33 +0000 (15:05 +0200)]
docs: document 2 missing functions in pdnsutil.1
Closes #5784
Pieter Lexis [Mon, 16 Oct 2017 13:00:35 +0000 (15:00 +0200)]
pdnsutil: Check for domain before setting metadata
Closes #5787
Pieter Lexis [Thu, 28 Sep 2017 11:04:28 +0000 (13:04 +0200)]
Add test for lowercase-outgoing
Pieter Lexis [Mon, 16 Oct 2017 11:20:12 +0000 (13:20 +0200)]
Auth: Don't warn on empty default-{k,z}sk-algorithm
Closes #5809
Pieter Lexis [Thu, 28 Sep 2017 10:15:00 +0000 (12:15 +0200)]
Make lowercase-outgoing actually lowercase all q's
Before, we would only lowercase the original qname before handing it to
SyncRes. Now the asyncresolveWrapper lowercases if it has to behor
handing the qname to asyncresolve.
Kees Monshouwer [Sun, 15 Oct 2017 19:31:35 +0000 (21:31 +0200)]
b.root renumbering, effective 2017-10-24
Kees Monshouwer [Sat, 14 Oct 2017 22:13:02 +0000 (00:13 +0200)]
auth: ldapbackend, use the timeout setting in the PowerLDAP class
aerique [Fri, 13 Oct 2017 13:35:40 +0000 (15:35 +0200)]
Merge pull request #5820 from rgacogne/auth-mysql-trunc
auth: Display the needed size when a MySQL result was truncated
Remi Gacogne [Thu, 12 Oct 2017 15:55:41 +0000 (17:55 +0200)]
Merge pull request #5815 from Habbie/presigned-soa-edit
ignore SOA-EDIT for PRESIGNED zones. Fixes #5814
Remi Gacogne [Thu, 12 Oct 2017 15:32:52 +0000 (17:32 +0200)]
auth: Display the needed size when a MySQL result was truncated
Peter van Dijk [Thu, 12 Oct 2017 10:26:37 +0000 (12:26 +0200)]
ignore SOA-EDIT for PRESIGNED zones. Fixes #5814
Remi Gacogne [Wed, 11 Oct 2017 14:27:40 +0000 (16:27 +0200)]
Merge pull request #5800 from zeha/spelling
rec_control manpage: fix spelling error found by lintian
Remi Gacogne [Wed, 11 Oct 2017 14:26:40 +0000 (16:26 +0200)]
Merge pull request #5801 from rgacogne/auth-tinydns-indent-mismatch
auth: Fix missing else braces in TinyDNSBackend::get()
Remi Gacogne [Wed, 11 Oct 2017 12:30:27 +0000 (14:30 +0200)]
Merge pull request #5802 from rgacogne/travis-encrypt-channel
Encrypt the IRC channel name so notifications are not sent for forks
Remi Gacogne [Wed, 11 Oct 2017 10:20:42 +0000 (12:20 +0200)]
rec: The NSEC next name should be different to prove an ENT
While it's not an issue in the current code because we checked
earlier that the NSEC covered the name, it might prevent an issue
if we reuse nsecProvesENT() later.
Remi Gacogne [Wed, 11 Oct 2017 09:25:04 +0000 (11:25 +0200)]
rec: Check that the NSEC covers an ENT when looking for NODATA
Otherwise we might consider that a NSEC record covers a name when it
does not.
bert hubert [Tue, 10 Oct 2017 17:57:00 +0000 (19:57 +0200)]
Merge pull request #5803 from ahupowerdns/zero-exception
Fix throwing exceptions from MThreads, plus add unit tests
bert hubert [Tue, 10 Oct 2017 17:56:39 +0000 (19:56 +0200)]
Merge pull request #5805 from ahupowerdns/mthread-contain-except
improve logging of errors in carbon & web services thread
bert hubert [Tue, 10 Oct 2017 16:06:36 +0000 (18:06 +0200)]
It is 2017, also in README.md
bert hubert [Tue, 10 Oct 2017 16:03:24 +0000 (18:03 +0200)]
Tone down errors a bit, remove ominous ": "
aerique [Tue, 10 Oct 2017 14:25:09 +0000 (16:25 +0200)]
Merge pull request #5804 from Habbie/rec4.1a1-secpoll
add rec-4.1.0-alpha1 to secpoll
bert hubert [Tue, 10 Oct 2017 14:06:51 +0000 (16:06 +0200)]
use BOOST_CHECK_THROW, link in boost_context.cc
bert hubert [Tue, 10 Oct 2017 13:50:22 +0000 (15:50 +0200)]
improve logging of errors in carbon & web services thread
bert hubert [Tue, 10 Oct 2017 12:41:44 +0000 (14:41 +0200)]
add two tests for MTasker, including catching an exception
bert hubert [Tue, 10 Oct 2017 12:41:01 +0000 (14:41 +0200)]
if there was an mtasker waiter with no associated timeout, we would loop forever in MTasker::schedule()
bert hubert [Tue, 10 Oct 2017 10:48:55 +0000 (12:48 +0200)]
Fix crash on older boost when receiving an exception from an MThread
for older boost fcontext versions, we would return a boolean that said 'we
caught an exception for you and stored it in ctx', but we would not actually
retrieve the origin ctx, and then blindly attempt to rethrow the exception
(not) stored in the ctx we did have, leading to a crash. We now send back the
actual ctx, and check it for a stored exception.
Peter van Dijk [Tue, 10 Oct 2017 13:35:37 +0000 (15:35 +0200)]
add rec-4.1.0-alpha1 to secpoll