]>
granicus.if.org Git - pdns/log
bert hubert [Sat, 2 Jan 2016 13:15:02 +0000 (14:15 +0100)]
document Advanced DNS Protection features for dnsdist
bert hubert [Sat, 2 Jan 2016 13:14:28 +0000 (14:14 +0100)]
add missing documentation for topBandwidth() and delta() in dnsdist README
bert hubert [Fri, 1 Jan 2016 11:03:06 +0000 (12:03 +0100)]
Merge pull request #3136 from tfarina/patch-2
update the output of 'pdns monitor'
bert hubert [Fri, 1 Jan 2016 10:46:10 +0000 (11:46 +0100)]
Merge pull request #3141 from mind04/openssl
oops, some debug code slipped into master
bert hubert [Thu, 31 Dec 2015 14:55:09 +0000 (15:55 +0100)]
Merge pull request #3126 from rgacogne/dnsdist-more-tests
dnsdist: Fix truncateTC, add some lua fns and more regression tests
Kees Monshouwer [Thu, 31 Dec 2015 14:32:00 +0000 (15:32 +0100)]
oops, some debug code slipped into master
Peter van Dijk [Wed, 30 Dec 2015 21:07:21 +0000 (22:07 +0100)]
Merge pull request #3139 from mind04/openssl
improve openssl m4 file and some cleanup
Kees Monshouwer [Wed, 30 Dec 2015 19:41:39 +0000 (20:41 +0100)]
improve openssl m4 file and some cleanup
Peter van Dijk [Tue, 29 Dec 2015 23:20:22 +0000 (00:20 +0100)]
respect OPENSSL_LDFLAGS
bert hubert [Wed, 30 Dec 2015 14:43:54 +0000 (15:43 +0100)]
Merge pull request #3134 from ahupowerdns/lua-fixups
Lua fixups (documentation, bugs) plus dynamic metrics
Thiago Farina [Wed, 30 Dec 2015 13:49:34 +0000 (11:49 -0200)]
update the output of 'pdns monitor'
The current output is pretty out-of-date, it is back from 2002!
This patch updates the output to the version of 3.3.
Remi Gacogne [Wed, 30 Dec 2015 09:35:06 +0000 (10:35 +0100)]
Merge pull request #3073 from janeczku/dnsdist-logging-refactor
Dnsdist: Show INFO logs in default verbosity mode
Remi Gacogne [Wed, 30 Dec 2015 09:33:18 +0000 (10:33 +0100)]
Merge pull request #3129 from rgacogne/dnsdist-coverity
dnsdist: Fix coverity/clang static analyzer warnings
Remi Gacogne [Wed, 30 Dec 2015 08:42:20 +0000 (09:42 +0100)]
Merge pull request #3109 from mind04/dnsdist-mbed
merry christmas
bert hubert [Wed, 30 Dec 2015 07:11:48 +0000 (07:11 +0000)]
Merge remote-tracking branch 'origin' into lua-fixups
Peter van Dijk [Wed, 30 Dec 2015 00:55:57 +0000 (01:55 +0100)]
Merge pull request #3132 from zeha/rpzdoc
Nits to RPZ doc
Christian Hofstaedtler [Tue, 29 Dec 2015 23:23:28 +0000 (00:23 +0100)]
Nits to RPZ doc
Peter van Dijk [Tue, 29 Dec 2015 22:27:46 +0000 (23:27 +0100)]
Merge pull request #3128 from mind04/openssl
add ECDSA support to DNSSEC infra via OpenSSL
Kees Monshouwer [Tue, 29 Dec 2015 10:36:26 +0000 (11:36 +0100)]
change ECDSA signer priority
bert hubert [Tue, 29 Dec 2015 21:54:57 +0000 (21:54 +0000)]
document RPZ
Kees Monshouwer [Mon, 28 Dec 2015 11:10:17 +0000 (12:10 +0100)]
add ECDSA support to DNSSEC infra via OpenSSL
Remi Gacogne [Tue, 29 Dec 2015 09:53:45 +0000 (10:53 +0100)]
dnsdist: Fix coverity/clang static analyzer warnings.
Fix building the unit tests with sanitizers enabled.
Coverity complained about d_fp in LogAction not being initialized
when constructed from a string, and about negative values from
socket() not being handled.
Clang static analyzer complained about the count var in
addDynBlocks not being initialized in some cases.
Remi Gacogne [Mon, 28 Dec 2015 17:20:07 +0000 (18:20 +0100)]
dnsdist: Add more regression tests
Tests for:
Actions:
* DelayAction
* RCodeAction
Rules:
* AllRule
* AndRule
* addAnyTCRule
* addDisableValidationRule
* addNoRecurseRule
* addPoolRule
* QTypeRule
* RegexRule
* SuffixMatchNodeRule
Misc:
* ACL
* truncateTC
* fixupCase
* addDomainSpoof
* Round Robin balancing
Remi Gacogne [Mon, 28 Dec 2015 17:18:03 +0000 (18:18 +0100)]
dnsdist: Add SuffixMatchNodeRule() and RCodeAction()
I needed them for the regression tests, and unless there is a
cleaner way to do the same thing that I missed, they will be
useful.
Remi Gacogne [Mon, 28 Dec 2015 17:13:46 +0000 (18:13 +0100)]
dnsdist: Fix truncateTC, it wasn't updating the response len anymore
It was broken (still setting TC and fixing ancount, nscount and arcount
but not the response length) since the addition of ECS in
ca404e94c054df56d3f32abf66c643a1dec3b1b2 , shame on me.
bert hubert [Mon, 28 Dec 2015 10:12:22 +0000 (10:12 +0000)]
make ipfilter get passed the dnsheader, make dnsheader useful for lua
bert hubert [Mon, 28 Dec 2015 10:11:54 +0000 (10:11 +0000)]
fix up ipfilter docs, document metrics, document dnsname, document comboaddress, add links to various parts of documentation
bert hubert [Mon, 28 Dec 2015 10:01:26 +0000 (10:01 +0000)]
we were passing the wrong dnsheader to the ipfilter lua hook
bert hubert [Sun, 27 Dec 2015 22:36:32 +0000 (22:36 +0000)]
fix up compilation of testrunner and tsig tests
bert hubert [Sun, 27 Dec 2015 21:21:55 +0000 (21:21 +0000)]
implement dynamic metric creation from Lua & code to rapidly update these metrics securely. Plus some changes to example code to use metrics & comboaddress equal metric.
bert hubert [Sun, 27 Dec 2015 21:19:24 +0000 (21:19 +0000)]
implement ComboAddress:equal for lua
Jan Broer [Mon, 21 Dec 2015 23:08:51 +0000 (00:08 +0100)]
* Log infolog() messages in default verbosity mode (without -v flag)
* Change some verbose logging calls from infolog to vinfolog
Peter van Dijk [Sat, 26 Dec 2015 16:57:53 +0000 (17:57 +0100)]
Merge pull request #3116 from rgacogne/polarssl-compat
Fix building against old PolarSSL versions
Remi Gacogne [Fri, 25 Dec 2015 15:29:26 +0000 (16:29 +0100)]
Fix build against old PolarSSL versions
ctr_drbg_free() did not exist before PolarSSL 1.3.8
Kees Monshouwer [Thu, 24 Dec 2015 21:20:13 +0000 (22:20 +0100)]
remove mbed leftovers from dnsdist
Peter van Dijk [Thu, 24 Dec 2015 15:14:57 +0000 (16:14 +0100)]
Merge pull request #2936 from pieterlexis/pipe-backend-no-crash
pipe: don't crash on exceptions
Peter van Dijk [Thu, 24 Dec 2015 14:50:10 +0000 (15:50 +0100)]
Merge pull request #3108 from Habbie/ecdsa-default
switch (single) ZSK default to ecdsa256
Peter van Dijk [Thu, 24 Dec 2015 14:37:51 +0000 (15:37 +0100)]
avoid random bindbackend slave related failure
Peter van Dijk [Thu, 24 Dec 2015 12:31:42 +0000 (13:31 +0100)]
skip pkcs11 test as it does not like ecdsa
Peter van Dijk [Wed, 23 Dec 2015 13:16:14 +0000 (14:16 +0100)]
disable testing tools that do not support ECDSA; revert this later
Peter van Dijk [Wed, 23 Dec 2015 14:53:34 +0000 (15:53 +0100)]
switch ZSK default to ecdsa256
Remi Gacogne [Thu, 24 Dec 2015 11:18:33 +0000 (12:18 +0100)]
Merge pull request #3092 from kempniu/testCrypto-without-libsodium
dnsdist: change message returned by testCrypto() if compiled without libsodium
Peter van Dijk [Thu, 24 Dec 2015 09:37:28 +0000 (10:37 +0100)]
Merge pull request #3107 from mind04/cryptopp
Fix "random" ECDSA signature failures when using cryptopp
Michał Kępień [Wed, 23 Dec 2015 12:36:23 +0000 (13:36 +0100)]
dnsdist: change message returned by testCrypto() if compiled without libsodium
Remi Gacogne [Thu, 24 Dec 2015 08:45:33 +0000 (09:45 +0100)]
Merge pull request #3102 from rgacogne/dnsdist-lua-actions
Add `delay` action to dnsdist Lua. Fix None action mapped to Pool.
Remi Gacogne [Thu, 24 Dec 2015 08:45:24 +0000 (09:45 +0100)]
Merge pull request #3100 from rgacogne/dnsdist-no-qr-on-modify
Don't automatically set the QR flag in case of HeaderModify
Remi Gacogne [Thu, 24 Dec 2015 08:45:02 +0000 (09:45 +0100)]
Merge pull request #3105 from rgacogne/dnsdist-completion
Update dnsdist completion rules, fixes completion dying on us
Kees Monshouwer [Wed, 23 Dec 2015 23:58:49 +0000 (00:58 +0100)]
Fix "random" ECDSA signature failures when using cryptopp
Peter van Dijk [Wed, 23 Dec 2015 23:09:48 +0000 (00:09 +0100)]
Merge pull request #3106 from rgacogne/mbedtls-ecdsa-polarssl
Fix mbedTLS/ECDSA issues (polarssl compatibility and random signature failures)
Peter van Dijk [Wed, 23 Dec 2015 22:29:51 +0000 (23:29 +0100)]
Merge pull request #3085 from pieterlexis/i-am-chroot
Fix chroot() issues
Peter van Dijk [Wed, 23 Dec 2015 22:23:51 +0000 (23:23 +0100)]
Merge pull request #3103 from Habbie/rec4changelog
improve rec 4.0.0/alpha changelog
Peter van Dijk [Wed, 23 Dec 2015 22:23:30 +0000 (23:23 +0100)]
Merge pull request #3104 from pieterlexis/auth-400-docs
Update auth release notes
Remi Gacogne [Wed, 23 Dec 2015 21:36:32 +0000 (22:36 +0100)]
Fix "random" ECDSA signature failures when using mbedTLS
It turns out that mbedtls_mpi_size() does no always return what
I expected for the r and s values of ECDSA signatures.
We now rely on mbedtls_mpi_size(&d_ctx.grp.P), as P is fixed for
the group anyway, so we shouldn't have any suprise here.
Remi Gacogne [Wed, 23 Dec 2015 20:34:17 +0000 (21:34 +0100)]
Add missing mbedTLS ecdsa compatibility fixes
Peter van Dijk [Wed, 23 Dec 2015 18:11:02 +0000 (19:11 +0100)]
Merge pull request #3101 from rgacogne/dnsdist-doc
Keep the doc up to date with all these new dnsdist features
Peter van Dijk [Wed, 23 Dec 2015 18:10:51 +0000 (19:10 +0100)]
Merge pull request #3099 from Habbie/fixrectest
stop the auths in the recursor regression test from listening on ipv6 ::
Peter van Dijk [Wed, 23 Dec 2015 18:10:01 +0000 (19:10 +0100)]
Merge pull request #3096 from Habbie/showzone-v
make show-zone pretend -v was passed always; revert this later
Remi Gacogne [Wed, 23 Dec 2015 16:58:55 +0000 (17:58 +0100)]
Don't completely disable completion when nothing matches
This should fix #2901.
Remi Gacogne [Wed, 23 Dec 2015 16:58:21 +0000 (17:58 +0100)]
Update dnsdist completion rules
Pieter Lexis [Wed, 23 Dec 2015 16:28:56 +0000 (17:28 +0100)]
Update auth release notes
Peter van Dijk [Wed, 23 Dec 2015 15:53:20 +0000 (16:53 +0100)]
improve rec 4.0.0 changelog
Pieter Lexis [Wed, 23 Dec 2015 15:27:24 +0000 (16:27 +0100)]
Merge pull request #3095 from pieterlexis/alpha-test
Build release packages properly
Remi Gacogne [Wed, 23 Dec 2015 15:03:39 +0000 (16:03 +0100)]
Add `delay` action to dnsdist Lua. Fix None action mapped to Pool.
Remi Gacogne [Wed, 23 Dec 2015 15:00:21 +0000 (16:00 +0100)]
Keep the doc up to date with all these new dnsdist features
Remi Gacogne [Wed, 23 Dec 2015 14:45:46 +0000 (15:45 +0100)]
Don't automatically set the QR flag in case of HeaderModify
Some actions are actually altering the query and not turning it
into an answer (NoRecurse, DisableValidation).
All the actions that do turn it into an answer are already setting
the QR flag themselves.
Peter van Dijk [Wed, 23 Dec 2015 14:18:35 +0000 (15:18 +0100)]
stop the auths in the recursor regression test from listening on ipv6 ::
Peter van Dijk [Wed, 23 Dec 2015 14:05:24 +0000 (15:05 +0100)]
Merge pull request #3093 from Habbie/fixdocs
drop 3.x rec scripting docs
Pieter Lexis [Tue, 22 Dec 2015 11:39:53 +0000 (12:39 +0100)]
Fix chroot() issues
We now create the sockets and pid-files inside the chroot. The *_control
tools also know about the chroot and act accordingly.
Closes #191
Closes #148
Peter van Dijk [Wed, 23 Dec 2015 13:43:32 +0000 (14:43 +0100)]
make show-zone pretend -v was passed always; revert this later
Peter van Dijk [Wed, 23 Dec 2015 13:39:34 +0000 (14:39 +0100)]
Merge pull request #2966 from pieterlexis/bind-syntax-err-no-crash
bindbackend: don't crash on syntax errors in bind-config
Peter van Dijk [Wed, 23 Dec 2015 13:34:05 +0000 (14:34 +0100)]
Merge pull request #2982 from cmouse/zero-serial-bug
Properly handle domains with zero serial
Peter van Dijk [Wed, 23 Dec 2015 13:30:33 +0000 (14:30 +0100)]
Merge pull request #3077 from mind04/catch
avoid crashes caused by bad DNSnames in gsql backends
Peter van Dijk [Wed, 23 Dec 2015 13:25:18 +0000 (14:25 +0100)]
Merge pull request #3091 from kempniu/dnsdist-incbin-mips
Update incbin.h to upstream's latest master
Pieter Lexis [Wed, 23 Dec 2015 08:23:36 +0000 (09:23 +0100)]
Build release packages properly
Peter van Dijk [Wed, 23 Dec 2015 13:06:55 +0000 (14:06 +0100)]
Merge pull request #3074 from rgacogne/mbedtls-ecdsa
Add ECDSA support to DNSSEC infra via mbedTLS
Peter van Dijk [Wed, 23 Dec 2015 12:59:06 +0000 (13:59 +0100)]
drop 3.x rec scripting docs
Remi Gacogne [Wed, 23 Dec 2015 11:45:40 +0000 (12:45 +0100)]
Add ECDSA support to DNSSEC infra via mbedTLS
bert hubert [Wed, 23 Dec 2015 10:06:17 +0000 (11:06 +0100)]
Merge branch 'master' of github.com:PowerDNS/pdns
bert hubert [Wed, 23 Dec 2015 10:05:48 +0000 (11:05 +0100)]
move docs over
bert hubert [Wed, 23 Dec 2015 10:03:14 +0000 (10:03 +0000)]
hook up localaddr and remoteaddr for lua API and use them in example script
bert hubert [Wed, 23 Dec 2015 10:00:43 +0000 (11:00 +0100)]
add 4.x recursor api docs, but they aren't hooked up yet
Pieter Lexis [Mon, 23 Nov 2015 14:21:07 +0000 (15:21 +0100)]
pipe: don't crash on exceptions
This commit cleans up the PipeBackend code so it handles all exceptions
itself. Be it initialization errors (i.e. "file not found", "command not
executable"), or error during runtime ("data not returned in pipe
format"). When these errors occur, we now recycle the coprocess so the
rest of the nameserver keeps running. This behaviour is similar to e.g.
an unavailable database server.
Also, make the error-message for ArgMap::asNum display the value of the
setting.
Closes #2619
Michał Kępień [Wed, 23 Dec 2015 09:36:14 +0000 (10:36 +0100)]
Update incbin.h to upstream's latest master (
72f0e0e )
Peter van Dijk [Wed, 23 Dec 2015 07:15:25 +0000 (08:15 +0100)]
Merge pull request #3088 from Habbie/onekey
Switch to a combined signing key
Peter van Dijk [Tue, 22 Dec 2015 22:59:34 +0000 (23:59 +0100)]
Merge pull request #3048 from pieterlexis/issue-2420-rm-effective-tlds
Download the effective TLD list when needed
Peter van Dijk [Tue, 22 Dec 2015 22:58:50 +0000 (23:58 +0100)]
Merge pull request #3036 from pieterlexis/issue-2793-negcache-improvements
negcache improvements
Peter van Dijk [Tue, 22 Dec 2015 22:54:30 +0000 (23:54 +0100)]
Merge pull request #3071 from job/improve_show_zone
Improve readability of show-zone, changed "Active: 0" to "Inactive"
Peter van Dijk [Tue, 22 Dec 2015 22:54:00 +0000 (23:54 +0100)]
Merge pull request #3070 from job/issue_3069_inactive
Change {add,import}-zone-key passive argument to inactive
Peter van Dijk [Tue, 22 Dec 2015 22:52:22 +0000 (23:52 +0100)]
Merge pull request #3081 from pieterlexis/recursor-daemon
Run pdns_recursor on the foreground by default
Peter van Dijk [Tue, 22 Dec 2015 22:51:14 +0000 (23:51 +0100)]
Merge pull request #3084 from pieterlexis/issue-3067-zone2sql-logic-error
Fix logic error in zone2sql
Peter van Dijk [Tue, 22 Dec 2015 22:50:29 +0000 (23:50 +0100)]
Merge pull request #3082 from magicbear/lua-backend-edns-subnet
luabackend: edns-subnet support
Peter van Dijk [Tue, 22 Dec 2015 22:46:00 +0000 (23:46 +0100)]
Merge pull request #3087 from pieterlexis/cleanups
Various documentation cleanups
Remi Gacogne [Tue, 22 Dec 2015 19:12:40 +0000 (20:12 +0100)]
Merge pull request #3076 from kempniu/dnsdist-v-in-help
Document verbose mode in dnsdist's --help
Kees Monshouwer [Tue, 22 Dec 2015 18:08:47 +0000 (19:08 +0100)]
avoid crashes caused by bad DNSnames in gsql backends
Job Snijders [Mon, 21 Dec 2015 15:19:03 +0000 (16:19 +0100)]
Change {add,import}-zone-key passive argument to inactive
Align the *-zone-key keyword when you don't want to sign, with the
output from show-zone.
This fixes #3069
Peter van Dijk [Tue, 22 Dec 2015 15:17:20 +0000 (16:17 +0100)]
expect only ZSK
Peter van Dijk [Tue, 22 Dec 2015 14:37:26 +0000 (15:37 +0100)]
force show-zone to output DS for ZSK
Peter van Dijk [Tue, 22 Dec 2015 13:49:12 +0000 (14:49 +0100)]
switch pkcs11 testing to ZSK-only
Peter van Dijk [Tue, 22 Dec 2015 10:29:50 +0000 (11:29 +0100)]
allow combined signing key; drop default KSK
Peter van Dijk [Tue, 22 Dec 2015 10:26:13 +0000 (11:26 +0100)]
refactor