granicus.if.org Git

]> granicus.if.org Git - pdns/log

Bert Hubert [Mon, 14 Feb 2011 15:34:32 +0000 (15:34 +0000)]

fix up 4.4 billion query statistics wraparound. And congratulations to the people that ran into this problem! Closes ticket 327.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2019 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 14 Feb 2011 14:57:11 +0000 (14:57 +0000)]

fix up printing of %eth0 scope in ComboAddress::toStringWithPort

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2018 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 14 Feb 2011 14:20:04 +0000 (14:20 +0000)]

teach generic SQL backends about the ALSO-NOTIFY domain metadata in the domainmetadata table!

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2017 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 14 Feb 2011 14:10:07 +0000 (14:10 +0000)]

make master notification sender do its utmost to gather IPv6 addresses too. We sorta didn't try.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2016 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 14 Feb 2011 12:50:05 +0000 (12:50 +0000)]

make sure we don't trip over disconnects on the controlsocket

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2014 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 14 Feb 2011 12:22:44 +0000 (12:22 +0000)]

silence some debugging

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2013 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 14 Feb 2011 10:56:27 +0000 (10:56 +0000)]

this giant commit adds full IPv6 master/slaving/notification support which appeared.. not to have been there ;-(
In addition, the complete AXFR & outgoing resolver apparatus of the auth server has been revamped, removing some of the oldest code in PowerDNS.
This is a giant change, but it adds functionality while decreasing the size of the code.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2012 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 14 Feb 2011 10:53:26 +0000 (10:53 +0000)]

remove some dead code, add silly special cased 'waitFor2Data' to wait on 2 fds simult for ipv6

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2011 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 14 Feb 2011 09:58:10 +0000 (09:58 +0000)]

phase out sockAddrToString function (ComboAddress has a better one)
teach ComboAddress to accept 1.2.3.4:53 as well as [::]:53

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2010 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 13 Feb 2011 22:17:56 +0000 (22:17 +0000)]

widen allow-axfr-ips to IPv6, plus add query-local-address6 for inbound AXFR & outbound notifications over IPv6

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2009 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 10 Feb 2011 20:09:52 +0000 (20:09 +0000)]

freebsd might need '-1' for timeout instead of 'a negative value'

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2008 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 10 Feb 2011 19:55:38 +0000 (19:55 +0000)]

make slave engine use RRSIG information to determine the re-retrieval of presigned zones, independent of SOA serial

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2007 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 10 Feb 2011 19:52:46 +0000 (19:52 +0000)]

teach SOA freshness retriever about DNSSEC & do=1, and have it examine returned RRSIGs

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2006 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 10 Feb 2011 19:48:58 +0000 (19:48 +0000)]

silence harmless warning in botansigners

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2005 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 10 Feb 2011 19:48:21 +0000 (19:48 +0000)]

implement sqlite3 busy handler, should remove 'database is locked' errors

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2004 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 10 Feb 2011 14:35:54 +0000 (14:35 +0000)]

add Ragel based DNS Label parser next to the DNS TXT parser

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2003 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 10 Feb 2011 14:04:52 +0000 (14:04 +0000)]

fix up our tar.gz so you can actually build from it

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2002 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 10 Feb 2011 13:14:31 +0000 (13:14 +0000)]

this is not going to win any prizes.. copy the dnslabeltext.cc file here

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2001 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 10 Feb 2011 13:01:24 +0000 (13:01 +0000)]

add a 'Ragel' based DNS TXT parser & hook it up. With this change we can finally serve the whole 'zone from hell' from @jp_mens ;-)
Ragel is now a 'build-from-svn' dependency, but not 'build-from-tarball'.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2000 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 10 Feb 2011 12:10:27 +0000 (12:10 +0000)]

perhaps this helps the signingpipe on freebsd..

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1999 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 8 Feb 2011 21:32:31 +0000 (21:32 +0000)]

prevent zone2sql and zone2ldap from importing the 'hints' zone into powerdns, which would give unexpected results.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1998 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 8 Feb 2011 16:28:06 +0000 (16:28 +0000)]

fix up pdns_recursor compilation, improve reporting of signing errors in AXFR

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1997 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 8 Feb 2011 16:26:03 +0000 (16:26 +0000)]

fix up 'wingsuitnews.com' - they don't deserve to resolve though..

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1996 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 8 Feb 2011 08:11:35 +0000 (08:11 +0000)]

fix up previous commit, thanks Christof

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1995 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 8 Feb 2011 07:48:48 +0000 (07:48 +0000)]

bring our outgoing DNSSEC AXFR in line with the EDNS words in RFC 5936. This will hopefully placate the Microsoft DNS server. Issue discovered by Christof Meerwald.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1994 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 19:36:54 +0000 (19:36 +0000)]

Thanks to Jan-Piet Mens' "zone from hell", we can now serve unknown record types ('TYPE65534').

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1993 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 16:07:48 +0000 (16:07 +0000)]

signingpipe is a bit scary.. appears to work well now

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1992 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 10:47:02 +0000 (10:47 +0000)]

fix up std::exception for LDAP backend

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1991 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 10:26:08 +0000 (10:26 +0000)]

remove debugging to catch request for unsupported DNSCryptoKeyEngine, plus improve request for unsupported DS digest type. Spotted by 'at0r'

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1990 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 10:19:20 +0000 (10:19 +0000)]

removing using namespace std; from yacc too

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1989 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 09:53:01 +0000 (09:53 +0000)]

opendbx std fixes

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1988 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 09:51:01 +0000 (09:51 +0000)]

fix up geobackend compilation after using namespace std fixes

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1987 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 09:42:22 +0000 (09:42 +0000)]

fix up MyDNS compatible backend compilation - this might eventually offer MyDNS users an easy DNSSEC migration path

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1986 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 09:39:22 +0000 (09:39 +0000)]

namespaces.hh includes

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1985 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 09:33:20 +0000 (09:33 +0000)]

improve secure-zone output when no dnssec capable backend was loaded
fix verify-crypto so it actually does that again
add dead code to implement a remote signing-server

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1984 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 09:32:05 +0000 (09:32 +0000)]

add loads of statistics about signign speed to the tcpreceiver, plus adjust to new signing pipe interface

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1983 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 09:31:12 +0000 (09:31 +0000)]

make sure that addKey lets us know if it worked, allowing us to spot non-working configurations
un__thread the keycache, reintroducing the 'shared key' problem, but plugging a massive memory leak

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1982 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 09:29:03 +0000 (09:29 +0000)]

signingpipe was revamped 12 times, but is again simple.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1981 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 7 Feb 2011 08:50:00 +0000 (08:50 +0000)]

fix up svn compilation with the 'mysqlcbackend'. Spotted by Stefan Schmidt

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1980 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 6 Feb 2011 11:15:37 +0000 (11:15 +0000)]

make sure ueberbackend returns negative if it failed to find a backend willing to host dnssec material

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1979 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 6 Feb 2011 11:14:49 +0000 (11:14 +0000)]

further round of std::changes

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1978 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 6 Feb 2011 11:13:46 +0000 (11:13 +0000)]

further std::

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1977 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 6 Feb 2011 11:11:34 +0000 (11:11 +0000)]

big batch of 'using namespace std;' removal

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1976 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sat, 5 Feb 2011 17:40:50 +0000 (17:40 +0000)]

turns out that for each signature, we consulted the database because we ignored the cache. Amazing what numbers we got anyhow!

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1975 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sat, 5 Feb 2011 17:39:43 +0000 (17:39 +0000)]

beginning of the removal of 'using namespace std'. Goal is to swap out string.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1974 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sat, 5 Feb 2011 11:26:53 +0000 (11:26 +0000)]

Google Protocol Buffers coming to PowerDNSSEC for transporting records & signatures

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1973 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 3 Feb 2011 20:46:30 +0000 (20:46 +0000)]

signingpipe is all zero-copy and hyperefficient now. but not any faster ;-(

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1972 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 3 Feb 2011 16:23:10 +0000 (16:23 +0000)]

make test-algorithms do a bit more signatures to get a better estimate of performance

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1971 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 3 Feb 2011 15:08:50 +0000 (15:08 +0000)]

add 'test-speed' to pdnssec, plus make sure test-algorithms can be run w/o loading all BIND zones

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1970 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 3 Feb 2011 15:07:11 +0000 (15:07 +0000)]

make our keyenginecache per-thread, so we don't get two threads trying to use the same engine at the same time
compile the signingpipe into pdnssec as well

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1969 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 3 Feb 2011 14:54:06 +0000 (14:54 +0000)]

add udiffNoReset for running time measurements

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1968 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 3 Feb 2011 14:53:34 +0000 (14:53 +0000)]

fix up Botan (de)initialization, plus give all DNSCryptoEngines a virtual destructor

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1967 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 3 Feb 2011 12:52:50 +0000 (12:52 +0000)]

linker gets confused by multiple global objects with same class & instance name, even when in namespace{}. Give them different names.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1966 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Wed, 2 Feb 2011 19:35:47 +0000 (19:35 +0000)]

and add signingpipe.hh to the tarball

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1965 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Wed, 2 Feb 2011 14:11:02 +0000 (14:11 +0000)]

make sure we wait for all signatures to come in from workers at the end of a zonetransfer
speed up NSEC generation

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1964 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Wed, 2 Feb 2011 08:47:56 +0000 (08:47 +0000)]

don't calculate NSEC/NSEC3 chain for insecure zones on outgoing AXFR

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1963 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Wed, 2 Feb 2011 08:46:46 +0000 (08:46 +0000)]

this is probably a speedup, but a cleanup in any case

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1962 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Wed, 2 Feb 2011 08:29:26 +0000 (08:29 +0000)]

make sure we ship md5.hh for the tarball

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1961 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 1 Feb 2011 23:12:40 +0000 (23:12 +0000)]

make the signingpipe multithreaded, achieving around 8000 RSASHA256/1024 signatures/s so far on an 8 core machine

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1960 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 1 Feb 2011 20:36:59 +0000 (20:36 +0000)]

divorce addRRSigs() from DNSPacket. Make sure addRRSigs() uses an RRSIG order that is easier on the eyes.
Massively clean up the outgoing AXFR code by moving it to the ChunkedSigningPipe. Note to self, teach it not to sign if so required ;-)

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1959 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 1 Feb 2011 20:34:39 +0000 (20:34 +0000)]

the confusing variable name of the year goes to: static bool mustShuffle =::arg().mustDo("no-shuffle");

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1958 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 1 Feb 2011 15:51:16 +0000 (15:51 +0000)]

speed up bindbackend to pre-DNSSEC speeds. We again hail the genius of boost::multi_index, it had just the feature we need.
Plus speedup the auth fixups. We can now load a 3 million zone in 20 seconds again, and start serving dnssec immediately.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1957 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 1 Feb 2011 15:00:33 +0000 (15:00 +0000)]

don't re-add base64 encoded algorithm

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1956 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 1 Feb 2011 14:18:00 +0000 (14:18 +0000)]

build our packages with embedded crypto++

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1955 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 1 Feb 2011 14:11:52 +0000 (14:11 +0000)]

and add the configure.ac update for CRYPTOPP

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1954 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 1 Feb 2011 14:09:51 +0000 (14:09 +0000)]

add support for Crypto++ ECDSA, refine & rename CryptoKeyEngine interface, add 'pdnssec test-algorithm' mutual testing between engines, which found a bunch of bugs (fixed)

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1953 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Tue, 1 Feb 2011 09:35:40 +0000 (09:35 +0000)]

big rename of DNSPrivateKey which wasn't, and is now called DNSCryptoKeyEngine, plus hook up our internal md5 for non-cryptohashes

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1952 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 31 Jan 2011 21:59:45 +0000 (21:59 +0000)]

- scary commit -
add a generic botan1.8/botan1.9 signer/verifier for RSA
refactor the signer/verifier API so the more code moves out of the per-engine interface
add the ability to have multiple enginers for a single algorithm, plus add the notion of a 'fallback' engine, in our case polarssl
update some copyright statements

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1951 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 31 Jan 2011 13:08:24 +0000 (13:08 +0000)]

implement slave-renotify for front-signing operation with renotification of the actual slaves

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1950 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 31 Jan 2011 12:28:10 +0000 (12:28 +0000)]

add --with-botan1.8 (not working yet), fix up missing BOOST LDADD

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1949 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 31 Jan 2011 11:36:25 +0000 (11:36 +0000)]

fix up modules for qtype change

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1948 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 31 Jan 2011 10:37:03 +0000 (10:37 +0000)]

mostly so people can see it - this file should be able to sign ECDSA & RSA at high speed soon enough, but not right now

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1947 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 31 Jan 2011 10:24:45 +0000 (10:24 +0000)]

document opt-out defaults

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1946 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 31 Jan 2011 10:14:53 +0000 (10:14 +0000)]

remove traces of BOOST_FILESYSTEM and BOOST_SYSTEM

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1945 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 31 Jan 2011 10:14:13 +0000 (10:14 +0000)]

remove qtype char* constructor

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1944 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 31 Jan 2011 09:23:10 +0000 (09:23 +0000)]

make sure we create separate controlsocket for each recursor process

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1943 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 31 Jan 2011 07:48:19 +0000 (07:48 +0000)]

disable the broken 'storing unknown records' code for now

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1942 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Mon, 31 Jan 2011 07:27:19 +0000 (07:27 +0000)]

actually report the DLV record type for production too, lack spotted by Jan-Piet 'I have a Dutch name, but don't let that fool you' Mens

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1941 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 30 Jan 2011 21:27:50 +0000 (21:27 +0000)]

even if we do opt-out, the NSEC3PARAM flags field should be 0

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1940 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 30 Jan 2011 21:19:03 +0000 (21:19 +0000)]

if I understand things correctly, powerdns does 'opt-out' NSEC3, but we did not say that in the NSEC3/NSEC3PARAM.
I hope I got it right ;-)

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1939 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 30 Jan 2011 21:17:40 +0000 (21:17 +0000)]

fix everyone's favorite 'succesful' typo

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1938 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 30 Jan 2011 20:43:58 +0000 (20:43 +0000)]

when operating in front-signing mode, make sure we set the auth & hash fields correctly on the first load too.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1937 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 30 Jan 2011 19:52:05 +0000 (19:52 +0000)]

the wonderful #powerdns channel on irc.oftc.net discovered that powerdns could not deal with record types > 2^15
Fixed that. Plus fixed what caused the issue, the DLV record type, which is now supported too (at least for storage). Closes ticket 337.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1936 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 30 Jan 2011 13:12:36 +0000 (13:12 +0000)]

make sure we don't try to print digest type 3 if we don't have GOST on board

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1935 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 30 Jan 2011 12:59:00 +0000 (12:59 +0000)]

make sure we sign our DNSKEYs when serving an AXFR. Plus remove some whitespace.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1934 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 30 Jan 2011 12:58:06 +0000 (12:58 +0000)]

don't try to store an AXFRd OPT record - would ignore it anyhow, but this is better

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1933 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sun, 30 Jan 2011 12:49:13 +0000 (12:49 +0000)]

silence a lot of debugging output at loglevel 9 (you did not see it, but it did slow things down)
fix up pre-signed zones in hybrid installations (bind + generic). Because the BIND Backend needs the DBDnssecKeeper,
while the dbdnsseckeeper needs the bindbackend to function, getting presignatures from the dbdnsseckeeper failed.
We now pass an explicit database connection for this purpose. Spotted by Christof Meerwaald.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1932 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sat, 29 Jan 2011 12:34:21 +0000 (12:34 +0000)]

if no dnssec schema is loaded, auth==1 - Leen Besselink discovered oddities

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1931 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Sat, 29 Jan 2011 12:33:21 +0000 (12:33 +0000)]

Christoph Meerwald discovered we would sign out-of-zone additional data, fixed.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1930 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Fri, 28 Jan 2011 21:44:52 +0000 (21:44 +0000)]

make sure we can insert huuuuge records

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1929 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Fri, 28 Jan 2011 20:57:35 +0000 (20:57 +0000)]

reinstate 'recursor' handoff in auth server, issue spotted by Detlef Peeters

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1928 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Fri, 28 Jan 2011 20:40:46 +0000 (20:40 +0000)]

update pdnssec error message & documentation based on feedback by Leen Besselink.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1927 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Fri, 28 Jan 2011 11:09:22 +0000 (11:09 +0000)]

Jan-Piet Mens discovered that we did not correctly fill out the 'auth' field on incoming zonetransfers for non-secured zones, even though
this is necessary for *all* zones.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1926 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Fri, 28 Jan 2011 07:58:58 +0000 (07:58 +0000)]

silence zone2sql debugging output, fix up sqlite3 typo

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1925 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Fri, 28 Jan 2011 07:50:01 +0000 (07:50 +0000)]

fix up 'too-big-for-udp' testcase. Protipp: increase the percentage of succeeding regression tests by adding extra tests that DO succeed!

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1924 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Fri, 28 Jan 2011 07:45:07 +0000 (07:45 +0000)]

this is a directory rename, and it does not look good

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1923 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 27 Jan 2011 23:19:51 +0000 (23:19 +0000)]

the all new non-generic Oracle Backend, with full DNSSEC support!
Contributed by Maik Zumstrull <maik@zumstrull.net>, then at the Steinbuch
Centre for Computing <http://www.scc.kit.edu/> at the Karlsruhe Institute of
Technology <http://www.kit.edu/>.

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1922 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 27 Jan 2011 22:20:36 +0000 (22:20 +0000)]

release notes for 3.0

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1921 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 27 Jan 2011 15:37:11 +0000 (15:37 +0000)]

with this patch, PowerDNS works around a bug in the Botan GOST code. Post Botan 1.9.12,
the bugfix will automatically disable itself, so let's hope they have it fixed by then ;-) See http://bit.ly/gTytUf

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1920 d19b8d6e-7fed-0310-83ef-9ca221ded41b

commit | commitdiff | tree

Bert Hubert [Thu, 27 Jan 2011 12:59:01 +0000 (12:59 +0000)]

further spiff up verify-crypto, now correctly processes samples from draft-ietf-dnsext-ecdsa

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1919 d19b8d6e-7fed-0310-83ef-9ca221ded41b

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom