]>
granicus.if.org Git - pdns/log
Pieter Lexis [Thu, 7 Apr 2016 08:17:24 +0000 (10:17 +0200)]
Merge pull request #3657 from rgacogne/dnsdist-qps-doc
dnsdist: Clarify the doc for QPS-related rules and actions
Pieter Lexis [Thu, 7 Apr 2016 08:17:15 +0000 (10:17 +0200)]
Merge pull request #3659 from rgacogne/static-analysis-fixes
Various fixes from clang static analyzer, coverity and cppcheck
Pieter Lexis [Thu, 7 Apr 2016 08:16:59 +0000 (10:16 +0200)]
Merge pull request #3664 from pieterlexis/secpoll4a2
Secpoll additions for 4.0.0 alpha2
Pieter Lexis [Thu, 7 Apr 2016 08:16:54 +0000 (10:16 +0200)]
Merge pull request #3670 from Habbie/sedperl
replace non-portable sed usage with more portable perl usage
Pieter Lexis [Thu, 7 Apr 2016 08:16:43 +0000 (10:16 +0200)]
Merge pull request #3674 from mmckinst/tinydns_wildcards
remove experimental status of tinydns and add note about wildcards
Mark McKinstry [Wed, 6 Apr 2016 18:51:13 +0000 (14:51 -0400)]
tinydns no longer experimental
Mark McKinstry [Wed, 6 Apr 2016 18:49:25 +0000 (14:49 -0400)]
document differences in handling wildcards
Pieter Lexis [Wed, 6 Apr 2016 18:20:35 +0000 (20:20 +0200)]
Fix HTML output tinydns backend
Peter van Dijk [Wed, 6 Apr 2016 18:17:35 +0000 (20:17 +0200)]
Merge pull request #3661 from mmckinst/locations
make documentation align with code
Peter van Dijk [Tue, 5 Apr 2016 17:26:32 +0000 (19:26 +0200)]
replace non-portable sed usage with more portable perl usage
Peter van Dijk [Tue, 5 Apr 2016 15:03:02 +0000 (17:03 +0200)]
Merge pull request #3668 from gryphius/tll-typo
typo: TLL -> TTL (dnssec documentation)
Oli [Tue, 5 Apr 2016 15:00:16 +0000 (17:00 +0200)]
typo: TLL -> TTL
Pieter Lexis [Tue, 5 Apr 2016 08:03:21 +0000 (10:03 +0200)]
Add auth+rec 4 alpha2 secpoll data for pdns pkgs
Pieter Lexis [Tue, 5 Apr 2016 07:51:40 +0000 (09:51 +0200)]
Add / move existing alpha2 releases
Mark McKinstry [Mon, 4 Apr 2016 18:36:55 +0000 (14:36 -0400)]
make documentation align with code
The documentation says 'locations' is disabled by default but the [code enables it by default](https://github.com/PowerDNS/pdns/blob/
bb310f41bef9bbbfab2337c15e5ea280322acbae /modules/tinydnsbackend/tinydnsbackend.cc#L314)
The 'locations' option in tinydns does split horizon. If someone has location
records, they probably want them to be used by default and not have all records
returned.
Peter van Dijk [Mon, 4 Apr 2016 18:34:38 +0000 (20:34 +0200)]
Merge pull request #3660 from mmckinst/typo
typo/grammar
Mark McKinstry [Mon, 4 Apr 2016 18:23:43 +0000 (14:23 -0400)]
typo/grammar
bert hubert [Mon, 4 Apr 2016 18:13:21 +0000 (20:13 +0200)]
Merge pull request #3653 from ahupowerdns/tab-are-ws-too
tabs are whitespace too!
Remi Gacogne [Mon, 4 Apr 2016 12:35:07 +0000 (14:35 +0200)]
Various fixes from clang static analyzer, coverity and cppcheck
Most of them are simply about making sure that members are
properly initialized by all constructors, especially if there is a
default one. The initialization cost should be fairly small, and I
expect that turning a random failure into a deterministic one is
worth it.
Remi Gacogne [Mon, 4 Apr 2016 10:01:21 +0000 (12:01 +0200)]
dnsdist: Clarify the doc for QPS-related rules and actions
bert hubert [Sat, 2 Apr 2016 13:16:45 +0000 (15:16 +0200)]
tabs are whitespace too!
Remi Gacogne [Fri, 1 Apr 2016 14:37:18 +0000 (16:37 +0200)]
Merge pull request #3634 from rgacogne/dnsdist-dangling-tcp-fd
dnsdist: Prevent dangling TCP fd in case setupTCPDownstream() fails
Remi Gacogne [Fri, 1 Apr 2016 14:36:55 +0000 (16:36 +0200)]
Merge pull request #3641 from rgacogne/dnsdist-qps-none
dnsdist: Under threshold, QPS action should return None, not Allow
Pieter Lexis [Thu, 31 Mar 2016 14:20:59 +0000 (16:20 +0200)]
Update link in docs
Remi Gacogne [Wed, 30 Mar 2016 21:48:25 +0000 (23:48 +0200)]
dnsdist: Under threshold, QPS action should return None, not Allow
Closes #3638.
bert hubert [Wed, 30 Mar 2016 15:14:14 +0000 (16:14 +0100)]
Merge pull request #3639 from rgacogne/rec-protobuf
rec: Add protobuf support, add RPZ policy name
Remi Gacogne [Wed, 30 Mar 2016 14:59:51 +0000 (16:59 +0200)]
rec: Remove protobuf debug output
Remi Gacogne [Wed, 30 Mar 2016 14:48:30 +0000 (16:48 +0200)]
protobuf: add an "originalRequestorSubnet" field
Remi Gacogne [Wed, 30 Mar 2016 14:30:13 +0000 (16:30 +0200)]
rec: Add a name to DNSFilterEngine policy
Remi Gacogne [Wed, 30 Mar 2016 11:24:35 +0000 (13:24 +0200)]
rec: Add protobuf support
bert hubert [Wed, 30 Mar 2016 14:17:08 +0000 (16:17 +0200)]
this liberates the rapid ednssubnet parser in pdns_recursor for use for the protobuf emitter
bert hubert [Wed, 30 Mar 2016 13:10:05 +0000 (15:10 +0200)]
slightly improve RPZ documentation
Remi Gacogne [Tue, 29 Mar 2016 12:49:50 +0000 (14:49 +0200)]
dnsdist: Prevent dangling TCP fd in case setupTCPDownstream() fails
Remove the closed socket descriptor from the sockets map.
Otherwise, if an exception occurs in setupTCPDownstream(), we might
try to use it and close it again later, not knowing it has been
reassigned to another socket or, worse, to a TCP acceptor pipe.
bert hubert [Sun, 27 Mar 2016 14:32:36 +0000 (16:32 +0200)]
fix typo, sorry for that - broke dnspcap2protobuf
bert hubert [Sat, 26 Mar 2016 22:57:10 +0000 (23:57 +0100)]
adjust to new dnsmessage protobuf semantics: from/to is not requestor/responder. Plus, we ignore rd=0 queries for now.
bert hubert [Sat, 26 Mar 2016 08:07:25 +0000 (09:07 +0100)]
hopefully fix build without protobuf on travis
bert hubert [Fri, 25 Mar 2016 20:33:24 +0000 (21:33 +0100)]
fix up dnspcap2protobuf htons plus catch exception
Remi Gacogne [Thu, 24 Mar 2016 15:32:38 +0000 (16:32 +0100)]
Add unique IDs to match query w/ response in dnspcap2protobuf
Remi Gacogne [Thu, 24 Mar 2016 15:14:00 +0000 (16:14 +0100)]
Check the packet size in dnspcap2protobuf
Remi Gacogne [Thu, 24 Mar 2016 15:09:56 +0000 (16:09 +0100)]
Add a dnspcap2protobuf tool
bert hubert [Fri, 25 Mar 2016 18:47:12 +0000 (19:47 +0100)]
Merge pull request #3627 from rgacogne/dnsdist-ecs-remove
dnsdist: Remove ECS option from response's OPT RR when necessary
Remi Gacogne [Fri, 25 Mar 2016 14:35:37 +0000 (15:35 +0100)]
Merge pull request #3626 from rgacogne/dnsdist-fix-boost-uuid
dnsdist: Don't include boost/uuid headers without protobuf support
Remi Gacogne [Fri, 25 Mar 2016 13:09:30 +0000 (14:09 +0100)]
dnsdist: Don't include boost/uuid headers without protobuf support
Pieter Lexis [Fri, 25 Mar 2016 11:39:39 +0000 (12:39 +0100)]
Merge pull request #3611 from pieterlexis/issue-3392-no-rectify-on-nondnssec
pdnsutil: Don't try to rectify non-DNSSEC zones
Pieter Lexis [Fri, 25 Mar 2016 11:39:27 +0000 (12:39 +0100)]
Merge pull request #3620 from pieterlexis/rec-control-manpage-test
Add test for rec_control manpage
Pieter Lexis [Fri, 25 Mar 2016 11:39:19 +0000 (12:39 +0100)]
Merge pull request #3621 from pieterlexis/lowercase-in-db
Lowercase names when inserting in the database
Pieter Lexis [Fri, 25 Mar 2016 11:39:13 +0000 (12:39 +0100)]
Merge pull request #3623 from zeha/typo
geoip: Fix typo in messages
Remi Gacogne [Thu, 10 Mar 2016 08:31:33 +0000 (09:31 +0100)]
dnsdist: Remove ECS option from response's OPT RR when necessary
If we added an ECS option to a query already having EDNS,
we need to remove the ECS option sent back by the server if any,
otherwise this might confuse the original client.
Christian Hofstaedtler [Thu, 24 Mar 2016 20:53:00 +0000 (21:53 +0100)]
geoip: Fix typo in messages
bert hubert [Thu, 24 Mar 2016 15:39:23 +0000 (16:39 +0100)]
Merge pull request #3622 from ahupowerdns/remi-protobuf
Merge dnsdist protobuf based query logging
bert hubert [Thu, 24 Mar 2016 13:20:03 +0000 (14:20 +0100)]
fix up protobuf for make dist
bert hubert [Thu, 24 Mar 2016 10:52:03 +0000 (11:52 +0100)]
autobuild dnsmessage.pb.cc & h
bert hubert [Thu, 24 Mar 2016 09:15:56 +0000 (10:15 +0100)]
Merge remote-tracking branch 'rgacogne/dnsdist-protobuf' into remi-protobuf
Remi Gacogne [Thu, 24 Mar 2016 09:12:19 +0000 (10:12 +0100)]
dnsdist: In remote logger, payload size should be 16 bits, not 32
bert hubert [Thu, 24 Mar 2016 08:34:01 +0000 (09:34 +0100)]
Merge remote-tracking branch 'rgacogne/dnsdist-protobuf'
Pieter Lexis [Thu, 24 Mar 2016 08:17:28 +0000 (09:17 +0100)]
Lowercase names when inserting in the database
Closes #3583
Pieter Lexis [Tue, 9 Feb 2016 09:51:26 +0000 (10:51 +0100)]
Add test for rec_control manpage
Closes #601
bert hubert [Wed, 23 Mar 2016 15:40:17 +0000 (16:40 +0100)]
Merge pull request #3610 from pieterlexis/dnsupdate-docs
Fix dnsupdate docs.
bert hubert [Wed, 23 Mar 2016 15:39:47 +0000 (16:39 +0100)]
Merge pull request #3616 from ahupowerdns/insecure-fix
For for incorrect 'Bogus' on Insecure on provable insecure delegation, plus better dnssec trace logging
bert hubert [Wed, 23 Mar 2016 14:46:27 +0000 (15:46 +0100)]
some further additional trace logging for dnssec validation
bert hubert [Wed, 23 Mar 2016 12:00:35 +0000 (13:00 +0100)]
Closes #3390 by fixing validation of provably insecure delegation for NSEC records, plus improving our DNSSEC validation logging with --trace output on
bert hubert [Tue, 22 Mar 2016 22:40:50 +0000 (23:40 +0100)]
Merge pull request #3608 from rgacogne/dnsdist-cache-stats
dnsdist: Export cache stats to carbon
Peter van Dijk [Tue, 22 Mar 2016 15:43:20 +0000 (16:43 +0100)]
Merge pull request #3613 from pieterlexis/ignore-pdns_recursor-pidfile
Ignore pdns_recursor.pid
Pieter Lexis [Tue, 22 Mar 2016 15:38:09 +0000 (16:38 +0100)]
Ignore pdns_recursor.pid
Remi Gacogne [Tue, 22 Mar 2016 15:24:55 +0000 (16:24 +0100)]
dnsdist: Use a separate thread and a queue for remote logging
bert hubert [Tue, 22 Mar 2016 15:09:54 +0000 (16:09 +0100)]
Merge pull request #3609 from rgacogne/dnsdist-display-acl
dnsdist: Display the ACL content on startup
Pieter Lexis [Tue, 22 Mar 2016 15:00:06 +0000 (16:00 +0100)]
pdnsutil: Fix rectify message for non-DNSSEC zones
Closes: #3392
bert hubert [Tue, 22 Mar 2016 13:44:08 +0000 (14:44 +0100)]
Merge pull request #3605 from pieterlexis/recursor-forward-multiple
Recursor: Fix the forwarding to multiple servers
bert hubert [Tue, 22 Mar 2016 13:36:37 +0000 (14:36 +0100)]
Merge pull request #3606 from ahupowerdns/dnssec-ok-fix
Fix a few DNSSEC issues. this closes #3261, closes #3532, closes #3446.
bert hubert [Tue, 22 Mar 2016 13:35:48 +0000 (14:35 +0100)]
Merge pull request #3607 from ahupowerdns/recuregres-fixes
Improve recursor regression tests
bert hubert [Tue, 22 Mar 2016 12:48:32 +0000 (13:48 +0100)]
turns out that you also need to strip trailing , to be impervious to JSON order changes.
bert hubert [Tue, 22 Mar 2016 11:38:19 +0000 (12:38 +0100)]
for now, skip the 'ghost' tests so we can reenable recursor testing on travis
bert hubert [Tue, 22 Mar 2016 11:36:59 +0000 (12:36 +0100)]
make this test independent of ordering of json
Pieter Lexis [Tue, 22 Mar 2016 09:52:26 +0000 (10:52 +0100)]
Fix dnsupdate docs. closes #3525
Remi Gacogne [Tue, 22 Mar 2016 09:16:35 +0000 (10:16 +0100)]
dnsdist: Display the ACL content on startup
Closes #3588.
bert hubert [Tue, 22 Mar 2016 08:32:51 +0000 (09:32 +0100)]
actually fail if the recursor tests fail
bert hubert [Tue, 22 Mar 2016 07:55:43 +0000 (08:55 +0100)]
this test relies on the ordering within json which is not wise, but I verified we got it right and set the ordering to what pdns emits now
bert hubert [Tue, 22 Mar 2016 07:54:43 +0000 (08:54 +0100)]
warn if recursor or pdns can't be found in regression tests (but continue anyhow), improve documentation, remove "you can safely ignore this error"-error which still confused me, document lua-posix dependency, document how authbind works
bert hubert [Tue, 22 Mar 2016 06:56:49 +0000 (07:56 +0100)]
another place where we looked for the recursor in the wrong place
bert hubert [Mon, 21 Mar 2016 22:03:40 +0000 (23:03 +0100)]
another place that looked for pdns_recursor in the old place
bert hubert [Mon, 21 Mar 2016 20:45:11 +0000 (21:45 +0100)]
make regression tests look in sane default place for pdns_recursor, make travis put pdns_recursor in that sane place
bert hubert [Mon, 21 Mar 2016 19:11:00 +0000 (20:11 +0100)]
fix --dnssec help output about defaults
bert hubert [Mon, 21 Mar 2016 16:40:56 +0000 (17:40 +0100)]
this fixes #3261 and likely #3532 and #3446. In the new model, SyncRes has one flag: do DNSSEC or not. If the user did not want DNSSEC, pdns_recursor.cc will strip it out for you.
But the processing is mostly done anyhow (except for optimization). This also fixes everyone's favorite warning about State being unset, and it restores 'dnssec=process' as default
Pieter Lexis [Mon, 21 Mar 2016 16:45:46 +0000 (17:45 +0100)]
Improve trace messages for auth and forward zones
Pieter Lexis [Mon, 21 Mar 2016 16:45:20 +0000 (17:45 +0100)]
Add remote IP to a logmessage
Pieter Lexis [Mon, 21 Mar 2016 16:23:43 +0000 (17:23 +0100)]
Fix forward-zone with multiple IPs
Fixes #3523
Remi Gacogne [Mon, 21 Mar 2016 17:42:22 +0000 (18:42 +0100)]
dnsdist: Split query/response actions
Pieter Lexis [Mon, 21 Mar 2016 16:19:22 +0000 (17:19 +0100)]
Merge pull request #3569 from Habbie/name-in-error
log name/qtype when sending out servfail
Remi Gacogne [Thu, 17 Mar 2016 17:54:38 +0000 (18:54 +0100)]
WIP: dnsdist: Add a hackish protobuf over TCP log exporter
Remi Gacogne [Mon, 21 Mar 2016 14:37:26 +0000 (15:37 +0100)]
dnsdist: Export cache stats to carbon.
Peter van Dijk [Mon, 21 Mar 2016 10:53:46 +0000 (11:53 +0100)]
Merge pull request #3592 from pieterlexis/issue-3591-secure-delegated-test-broken
Add a ZSK to secure-delegated test zone properly
Peter van Dijk [Mon, 21 Mar 2016 10:01:39 +0000 (11:01 +0100)]
Merge pull request #3596 from mind04/botan
remove unnecessary botan signers (rsa and ecdsa)
bert hubert [Mon, 21 Mar 2016 06:46:21 +0000 (07:46 +0100)]
Merge pull request #3582 from rgacogne/dnsdist-unify
dnsdist: Refactor query/response handling code (UDP/TCP)
bert hubert [Mon, 21 Mar 2016 06:45:56 +0000 (07:45 +0100)]
Merge pull request #3587 from pieterlexis/l-root
Move the root server addresses to a header
bert hubert [Mon, 21 Mar 2016 06:44:55 +0000 (07:44 +0100)]
Merge pull request #3595 from pieterlexis/trailing-dot-in-create-zone
pdnsutil: add NS record without trailing dot with create-zone
bert hubert [Mon, 21 Mar 2016 06:44:40 +0000 (07:44 +0100)]
Merge pull request #3578 from pieterlexis/disable-syslog
Add a `disable-syslog` option
bert hubert [Mon, 21 Mar 2016 06:43:09 +0000 (07:43 +0100)]
Merge pull request #3593 from pieterlexis/atomic-on-mipsel
Add -latomic to LDFLAGS on mips(el)
bert hubert [Sun, 20 Mar 2016 18:08:36 +0000 (19:08 +0100)]
Merge pull request #3594 from rgacogne/dnsdist-single-console-command
dnsdist: Prevent EOF error for empty console response w/o sodium
bert hubert [Sun, 20 Mar 2016 18:08:02 +0000 (19:08 +0100)]
Merge pull request #3598 from ahupowerdns/pdnsutil-help
make pdnsutil help output to stdout, document create-slave-zone in "help" output
bert hubert [Sun, 20 Mar 2016 17:59:21 +0000 (18:59 +0100)]
Merge pull request #3599 from ahupowerdns/pdnsutil-fail-fix
alternate to #3579 as fix for #3387. lot shorter.