]>
granicus.if.org Git - pdns/log
Remi Gacogne [Mon, 28 Dec 2015 17:13:46 +0000 (18:13 +0100)]
dnsdist: Fix truncateTC, it wasn't updating the response len anymore
It was broken (still setting TC and fixing ancount, nscount and arcount
but not the response length) since the addition of ECS in
ca404e94c054df56d3f32abf66c643a1dec3b1b2 , shame on me.
Peter van Dijk [Sat, 26 Dec 2015 16:57:53 +0000 (17:57 +0100)]
Merge pull request #3116 from rgacogne/polarssl-compat
Fix building against old PolarSSL versions
Remi Gacogne [Fri, 25 Dec 2015 15:29:26 +0000 (16:29 +0100)]
Fix build against old PolarSSL versions
ctr_drbg_free() did not exist before PolarSSL 1.3.8
Peter van Dijk [Thu, 24 Dec 2015 15:14:57 +0000 (16:14 +0100)]
Merge pull request #2936 from pieterlexis/pipe-backend-no-crash
pipe: don't crash on exceptions
Peter van Dijk [Thu, 24 Dec 2015 14:50:10 +0000 (15:50 +0100)]
Merge pull request #3108 from Habbie/ecdsa-default
switch (single) ZSK default to ecdsa256
Peter van Dijk [Thu, 24 Dec 2015 14:37:51 +0000 (15:37 +0100)]
avoid random bindbackend slave related failure
Peter van Dijk [Thu, 24 Dec 2015 12:31:42 +0000 (13:31 +0100)]
skip pkcs11 test as it does not like ecdsa
Peter van Dijk [Wed, 23 Dec 2015 13:16:14 +0000 (14:16 +0100)]
disable testing tools that do not support ECDSA; revert this later
Peter van Dijk [Wed, 23 Dec 2015 14:53:34 +0000 (15:53 +0100)]
switch ZSK default to ecdsa256
Remi Gacogne [Thu, 24 Dec 2015 11:18:33 +0000 (12:18 +0100)]
Merge pull request #3092 from kempniu/testCrypto-without-libsodium
dnsdist: change message returned by testCrypto() if compiled without libsodium
Peter van Dijk [Thu, 24 Dec 2015 09:37:28 +0000 (10:37 +0100)]
Merge pull request #3107 from mind04/cryptopp
Fix "random" ECDSA signature failures when using cryptopp
Michał Kępień [Wed, 23 Dec 2015 12:36:23 +0000 (13:36 +0100)]
dnsdist: change message returned by testCrypto() if compiled without libsodium
Remi Gacogne [Thu, 24 Dec 2015 08:45:33 +0000 (09:45 +0100)]
Merge pull request #3102 from rgacogne/dnsdist-lua-actions
Add `delay` action to dnsdist Lua. Fix None action mapped to Pool.
Remi Gacogne [Thu, 24 Dec 2015 08:45:24 +0000 (09:45 +0100)]
Merge pull request #3100 from rgacogne/dnsdist-no-qr-on-modify
Don't automatically set the QR flag in case of HeaderModify
Remi Gacogne [Thu, 24 Dec 2015 08:45:02 +0000 (09:45 +0100)]
Merge pull request #3105 from rgacogne/dnsdist-completion
Update dnsdist completion rules, fixes completion dying on us
Kees Monshouwer [Wed, 23 Dec 2015 23:58:49 +0000 (00:58 +0100)]
Fix "random" ECDSA signature failures when using cryptopp
Peter van Dijk [Wed, 23 Dec 2015 23:09:48 +0000 (00:09 +0100)]
Merge pull request #3106 from rgacogne/mbedtls-ecdsa-polarssl
Fix mbedTLS/ECDSA issues (polarssl compatibility and random signature failures)
Peter van Dijk [Wed, 23 Dec 2015 22:29:51 +0000 (23:29 +0100)]
Merge pull request #3085 from pieterlexis/i-am-chroot
Fix chroot() issues
Peter van Dijk [Wed, 23 Dec 2015 22:23:51 +0000 (23:23 +0100)]
Merge pull request #3103 from Habbie/rec4changelog
improve rec 4.0.0/alpha changelog
Peter van Dijk [Wed, 23 Dec 2015 22:23:30 +0000 (23:23 +0100)]
Merge pull request #3104 from pieterlexis/auth-400-docs
Update auth release notes
Remi Gacogne [Wed, 23 Dec 2015 21:36:32 +0000 (22:36 +0100)]
Fix "random" ECDSA signature failures when using mbedTLS
It turns out that mbedtls_mpi_size() does no always return what
I expected for the r and s values of ECDSA signatures.
We now rely on mbedtls_mpi_size(&d_ctx.grp.P), as P is fixed for
the group anyway, so we shouldn't have any suprise here.
Remi Gacogne [Wed, 23 Dec 2015 20:34:17 +0000 (21:34 +0100)]
Add missing mbedTLS ecdsa compatibility fixes
Peter van Dijk [Wed, 23 Dec 2015 18:11:02 +0000 (19:11 +0100)]
Merge pull request #3101 from rgacogne/dnsdist-doc
Keep the doc up to date with all these new dnsdist features
Peter van Dijk [Wed, 23 Dec 2015 18:10:51 +0000 (19:10 +0100)]
Merge pull request #3099 from Habbie/fixrectest
stop the auths in the recursor regression test from listening on ipv6 ::
Peter van Dijk [Wed, 23 Dec 2015 18:10:01 +0000 (19:10 +0100)]
Merge pull request #3096 from Habbie/showzone-v
make show-zone pretend -v was passed always; revert this later
Remi Gacogne [Wed, 23 Dec 2015 16:58:55 +0000 (17:58 +0100)]
Don't completely disable completion when nothing matches
This should fix #2901.
Remi Gacogne [Wed, 23 Dec 2015 16:58:21 +0000 (17:58 +0100)]
Update dnsdist completion rules
Pieter Lexis [Wed, 23 Dec 2015 16:28:56 +0000 (17:28 +0100)]
Update auth release notes
Peter van Dijk [Wed, 23 Dec 2015 15:53:20 +0000 (16:53 +0100)]
improve rec 4.0.0 changelog
Pieter Lexis [Wed, 23 Dec 2015 15:27:24 +0000 (16:27 +0100)]
Merge pull request #3095 from pieterlexis/alpha-test
Build release packages properly
Remi Gacogne [Wed, 23 Dec 2015 15:03:39 +0000 (16:03 +0100)]
Add `delay` action to dnsdist Lua. Fix None action mapped to Pool.
Remi Gacogne [Wed, 23 Dec 2015 15:00:21 +0000 (16:00 +0100)]
Keep the doc up to date with all these new dnsdist features
Remi Gacogne [Wed, 23 Dec 2015 14:45:46 +0000 (15:45 +0100)]
Don't automatically set the QR flag in case of HeaderModify
Some actions are actually altering the query and not turning it
into an answer (NoRecurse, DisableValidation).
All the actions that do turn it into an answer are already setting
the QR flag themselves.
Peter van Dijk [Wed, 23 Dec 2015 14:18:35 +0000 (15:18 +0100)]
stop the auths in the recursor regression test from listening on ipv6 ::
Peter van Dijk [Wed, 23 Dec 2015 14:05:24 +0000 (15:05 +0100)]
Merge pull request #3093 from Habbie/fixdocs
drop 3.x rec scripting docs
Pieter Lexis [Tue, 22 Dec 2015 11:39:53 +0000 (12:39 +0100)]
Fix chroot() issues
We now create the sockets and pid-files inside the chroot. The *_control
tools also know about the chroot and act accordingly.
Closes #191
Closes #148
Peter van Dijk [Wed, 23 Dec 2015 13:43:32 +0000 (14:43 +0100)]
make show-zone pretend -v was passed always; revert this later
Peter van Dijk [Wed, 23 Dec 2015 13:39:34 +0000 (14:39 +0100)]
Merge pull request #2966 from pieterlexis/bind-syntax-err-no-crash
bindbackend: don't crash on syntax errors in bind-config
Peter van Dijk [Wed, 23 Dec 2015 13:34:05 +0000 (14:34 +0100)]
Merge pull request #2982 from cmouse/zero-serial-bug
Properly handle domains with zero serial
Peter van Dijk [Wed, 23 Dec 2015 13:30:33 +0000 (14:30 +0100)]
Merge pull request #3077 from mind04/catch
avoid crashes caused by bad DNSnames in gsql backends
Peter van Dijk [Wed, 23 Dec 2015 13:25:18 +0000 (14:25 +0100)]
Merge pull request #3091 from kempniu/dnsdist-incbin-mips
Update incbin.h to upstream's latest master
Pieter Lexis [Wed, 23 Dec 2015 08:23:36 +0000 (09:23 +0100)]
Build release packages properly
Peter van Dijk [Wed, 23 Dec 2015 13:06:55 +0000 (14:06 +0100)]
Merge pull request #3074 from rgacogne/mbedtls-ecdsa
Add ECDSA support to DNSSEC infra via mbedTLS
Peter van Dijk [Wed, 23 Dec 2015 12:59:06 +0000 (13:59 +0100)]
drop 3.x rec scripting docs
Remi Gacogne [Wed, 23 Dec 2015 11:45:40 +0000 (12:45 +0100)]
Add ECDSA support to DNSSEC infra via mbedTLS
bert hubert [Wed, 23 Dec 2015 10:06:17 +0000 (11:06 +0100)]
Merge branch 'master' of github.com:PowerDNS/pdns
bert hubert [Wed, 23 Dec 2015 10:05:48 +0000 (11:05 +0100)]
move docs over
bert hubert [Wed, 23 Dec 2015 10:03:14 +0000 (10:03 +0000)]
hook up localaddr and remoteaddr for lua API and use them in example script
bert hubert [Wed, 23 Dec 2015 10:00:43 +0000 (11:00 +0100)]
add 4.x recursor api docs, but they aren't hooked up yet
Pieter Lexis [Mon, 23 Nov 2015 14:21:07 +0000 (15:21 +0100)]
pipe: don't crash on exceptions
This commit cleans up the PipeBackend code so it handles all exceptions
itself. Be it initialization errors (i.e. "file not found", "command not
executable"), or error during runtime ("data not returned in pipe
format"). When these errors occur, we now recycle the coprocess so the
rest of the nameserver keeps running. This behaviour is similar to e.g.
an unavailable database server.
Also, make the error-message for ArgMap::asNum display the value of the
setting.
Closes #2619
Michał Kępień [Wed, 23 Dec 2015 09:36:14 +0000 (10:36 +0100)]
Update incbin.h to upstream's latest master (
72f0e0e )
Peter van Dijk [Wed, 23 Dec 2015 07:15:25 +0000 (08:15 +0100)]
Merge pull request #3088 from Habbie/onekey
Switch to a combined signing key
Peter van Dijk [Tue, 22 Dec 2015 22:59:34 +0000 (23:59 +0100)]
Merge pull request #3048 from pieterlexis/issue-2420-rm-effective-tlds
Download the effective TLD list when needed
Peter van Dijk [Tue, 22 Dec 2015 22:58:50 +0000 (23:58 +0100)]
Merge pull request #3036 from pieterlexis/issue-2793-negcache-improvements
negcache improvements
Peter van Dijk [Tue, 22 Dec 2015 22:54:30 +0000 (23:54 +0100)]
Merge pull request #3071 from job/improve_show_zone
Improve readability of show-zone, changed "Active: 0" to "Inactive"
Peter van Dijk [Tue, 22 Dec 2015 22:54:00 +0000 (23:54 +0100)]
Merge pull request #3070 from job/issue_3069_inactive
Change {add,import}-zone-key passive argument to inactive
Peter van Dijk [Tue, 22 Dec 2015 22:52:22 +0000 (23:52 +0100)]
Merge pull request #3081 from pieterlexis/recursor-daemon
Run pdns_recursor on the foreground by default
Peter van Dijk [Tue, 22 Dec 2015 22:51:14 +0000 (23:51 +0100)]
Merge pull request #3084 from pieterlexis/issue-3067-zone2sql-logic-error
Fix logic error in zone2sql
Peter van Dijk [Tue, 22 Dec 2015 22:50:29 +0000 (23:50 +0100)]
Merge pull request #3082 from magicbear/lua-backend-edns-subnet
luabackend: edns-subnet support
Peter van Dijk [Tue, 22 Dec 2015 22:46:00 +0000 (23:46 +0100)]
Merge pull request #3087 from pieterlexis/cleanups
Various documentation cleanups
Remi Gacogne [Tue, 22 Dec 2015 19:12:40 +0000 (20:12 +0100)]
Merge pull request #3076 from kempniu/dnsdist-v-in-help
Document verbose mode in dnsdist's --help
Kees Monshouwer [Tue, 22 Dec 2015 18:08:47 +0000 (19:08 +0100)]
avoid crashes caused by bad DNSnames in gsql backends
Job Snijders [Mon, 21 Dec 2015 15:19:03 +0000 (16:19 +0100)]
Change {add,import}-zone-key passive argument to inactive
Align the *-zone-key keyword when you don't want to sign, with the
output from show-zone.
This fixes #3069
Peter van Dijk [Tue, 22 Dec 2015 15:17:20 +0000 (16:17 +0100)]
expect only ZSK
Peter van Dijk [Tue, 22 Dec 2015 14:37:26 +0000 (15:37 +0100)]
force show-zone to output DS for ZSK
Peter van Dijk [Tue, 22 Dec 2015 13:49:12 +0000 (14:49 +0100)]
switch pkcs11 testing to ZSK-only
Peter van Dijk [Tue, 22 Dec 2015 10:29:50 +0000 (11:29 +0100)]
allow combined signing key; drop default KSK
Peter van Dijk [Tue, 22 Dec 2015 10:26:13 +0000 (11:26 +0100)]
refactor
Peter van Dijk [Tue, 22 Dec 2015 10:21:20 +0000 (11:21 +0100)]
remove unused method
Peter van Dijk [Tue, 22 Dec 2015 09:23:40 +0000 (10:23 +0100)]
remove indirection in secureZone
Pieter Lexis [Tue, 22 Dec 2015 16:55:54 +0000 (17:55 +0100)]
Various documentation cleanups
Pieter Lexis [Wed, 16 Dec 2015 12:03:19 +0000 (13:03 +0100)]
Download the effective TLD list when needed
For in-tree builds, we grab this file during make. When
build-scripts/dist-recursor is run, we always grab a fresh copy.
Closes #2420
Aki Tuomi [Tue, 8 Dec 2015 11:35:16 +0000 (13:35 +0200)]
Update tests for serial change
Aki Tuomi [Wed, 2 Dec 2015 09:23:38 +0000 (11:23 +0200)]
Use large serial in example.com
This way we get to exercise our serial code paths alot
Aki Tuomi [Wed, 2 Dec 2015 09:20:24 +0000 (11:20 +0200)]
When serial is 0, assume zone not present
Previously, if our serial was 0, and new serial was
bigger than 2^31, then we assumed that the old serial
was larger than new serial, preventing zone from
being transferred. After this change, 0 is treated
specially in the comparison.
Pieter Lexis [Tue, 22 Dec 2015 14:47:43 +0000 (15:47 +0100)]
Run pdns_recursor on the foreground by default
Closes #3079
Pieter Lexis [Tue, 22 Dec 2015 15:41:32 +0000 (16:41 +0100)]
Fix logic error in zone2sql
Introduced in #3019.
Closes #3067
Peter van Dijk [Tue, 22 Dec 2015 15:44:04 +0000 (16:44 +0100)]
compile fixes
MagicBear [Tue, 22 Dec 2015 15:10:33 +0000 (23:10 +0800)]
luabackend: edns-subnet support
Peter van Dijk [Tue, 22 Dec 2015 14:50:13 +0000 (15:50 +0100)]
Merge pull request #2554 from pieterlexis/comments-in-forward-zones-file
Allow comments in the forward-zones-file
Peter van Dijk [Tue, 22 Dec 2015 12:57:41 +0000 (13:57 +0100)]
Merge pull request #3029 from cmouse/cpp11-integer-conversions
Some quality improvements
Remi Gacogne [Tue, 22 Dec 2015 12:44:13 +0000 (13:44 +0100)]
Merge pull request #3055 from rgacogne/dnscrypt-clean
Add DNSCrypt support for dnsdist
bert hubert [Tue, 22 Dec 2015 10:24:33 +0000 (10:24 +0000)]
fixed stray debugging output
Michał Kępień [Tue, 22 Dec 2015 10:23:07 +0000 (11:23 +0100)]
Document verbose mode in dnsdist's --help
Peter van Dijk [Tue, 22 Dec 2015 09:50:04 +0000 (10:50 +0100)]
Merge pull request #3016 from pieterlexis/no-defaults-file-for-dnsdist
Remove defaults for dnsdist packages
Peter van Dijk [Tue, 22 Dec 2015 09:47:45 +0000 (10:47 +0100)]
Merge pull request #3041 from pieterlexis/release-versioning
Set version numbers correctly on releases
Peter van Dijk [Tue, 22 Dec 2015 09:46:30 +0000 (10:46 +0100)]
Merge pull request #3053 from pieterlexis/issue-2622
Remove --dnssec from zone2sql
Peter van Dijk [Tue, 22 Dec 2015 09:45:38 +0000 (10:45 +0100)]
Merge pull request #3058 from pieterlexis/issue-1723-udp-query-climb
Correctly count udp-queries
Remi Gacogne [Mon, 21 Dec 2015 08:35:21 +0000 (09:35 +0100)]
Add DNSCrypt support for dnsdist
The support is disabled by default and can be enabled
with --enable-dnscrypt.
Creating certificates and keys is supported, as well
as basic unit tests.
Remi Gacogne [Tue, 22 Dec 2015 09:34:27 +0000 (10:34 +0100)]
Merge pull request #3030 from rgacogne/dnsdist-send-return
Use ssize_t for the result of send() to DS in dnsdist UDP thread
Remi Gacogne [Tue, 22 Dec 2015 09:31:44 +0000 (10:31 +0100)]
Merge pull request #3014 from rgacogne/uidgidparsing
Fix missing cast, LLONG_MIN->LONG_MIN in strToUID() and strToGID()
Peter van Dijk [Tue, 22 Dec 2015 09:12:27 +0000 (10:12 +0100)]
Merge pull request #3072 from pieterlexis/docs-4X-warning
Add a warning about this being the docs for 4.X
bert hubert [Mon, 21 Dec 2015 22:06:41 +0000 (22:06 +0000)]
make sure lua-pdns.hh gets shipped
bert hubert [Mon, 21 Dec 2015 21:21:21 +0000 (21:21 +0000)]
Merge pull request #3060 from ahupowerdns/lua4
Lua4: clean up recursor lua api and reimplement it in LuaWrapper
bert hubert [Mon, 21 Dec 2015 19:45:01 +0000 (19:45 +0000)]
it turns out, we could not simply compare DNSNames in Lua. Now we can, but it is ugly.
Aki Tuomi [Mon, 21 Dec 2015 18:34:44 +0000 (20:34 +0200)]
nit for gsql
Pieter Lexis [Mon, 21 Dec 2015 17:47:57 +0000 (18:47 +0100)]
Add a warning about this being the docs for 4.X
Job Snijders [Mon, 21 Dec 2015 15:32:11 +0000 (16:32 +0100)]
Improve readability of show-zone, changed "Active: 0" to "Inactive"
Peter van Dijk [Mon, 21 Dec 2015 13:27:09 +0000 (14:27 +0100)]
Merge pull request #3046 from kempniu/b64-tests-dnsdist
Hook up Base64 test suite to dnsdist's testrunner
Peter van Dijk [Mon, 21 Dec 2015 13:03:23 +0000 (14:03 +0100)]
Merge pull request #3054 from pieterlexis/issue-1258-default-v6-bind
auth: listen on v6 by default