]> granicus.if.org Git - pdns/log
pdns
8 years agoMerge pull request #3765 from pieterlexis/update-yahttp
Pieter Lexis [Thu, 28 Apr 2016 08:29:48 +0000 (10:29 +0200)]
Merge pull request #3765 from pieterlexis/update-yahttp

Update yahttp

8 years agoMerge pull request #3766 from rgacogne/packetparser-min-offset
Pieter Lexis [Thu, 28 Apr 2016 08:29:37 +0000 (10:29 +0200)]
Merge pull request #3766 from rgacogne/packetparser-min-offset

Add a minimum offset parameter to DNSName

8 years agoMerge pull request #3768 from rgacogne/afl-crash-fixes
bert hubert [Thu, 28 Apr 2016 05:56:50 +0000 (07:56 +0200)]
Merge pull request #3768 from rgacogne/afl-crash-fixes

Fix various crashes

8 years agoMerge pull request #3773 from rgacogne/dnsdist-web-req-resp
bert hubert [Thu, 28 Apr 2016 05:56:28 +0000 (07:56 +0200)]
Merge pull request #3773 from rgacogne/dnsdist-web-req-resp

dnsdist: Stop copying the request headers to the response

8 years agoMerge pull request #3786 from pieterlexis/recursor-dnssec-part-2
bert hubert [Thu, 28 Apr 2016 05:56:07 +0000 (07:56 +0200)]
Merge pull request #3786 from pieterlexis/recursor-dnssec-part-2

More DNSSEC tests

8 years agoAdd basic NSEC and NSEC3 tests
Pieter Lexis [Wed, 27 Apr 2016 12:08:29 +0000 (14:08 +0200)]
Add basic NSEC and NSEC3 tests

Add a zone with NSEC3-optout for the NSEC3 tests

8 years agoAdd timing based DNSSEC tests
Pieter Lexis [Wed, 27 Apr 2016 07:23:10 +0000 (09:23 +0200)]
Add timing based DNSSEC tests

Note: the `faketime` program does not clean up its childprocesses
properly (possibly in combination with authbind), hence we LD_PRELOAD it
and supply the faketime through the environment.

8 years agonon opt-out nsec3
bert hubert [Wed, 27 Apr 2016 17:20:30 +0000 (19:20 +0200)]
non opt-out nsec3

8 years agoMerge pull request #3767 from ahupowerdns/dnsdist-yaks
bert hubert [Wed, 27 Apr 2016 14:13:28 +0000 (16:13 +0200)]
Merge pull request #3767 from ahupowerdns/dnsdist-yaks

Please ponder: nodelay, console newlines, print out json, silence some trivia, move to 'return' for Lua statements

8 years agoMerge pull request #3783 from rgacogne/type-conversion-fixes
bert hubert [Wed, 27 Apr 2016 14:13:07 +0000 (16:13 +0200)]
Merge pull request #3783 from rgacogne/type-conversion-fixes

Fix type conversions, add some checks

8 years agoMerge pull request #3779 from rgacogne/dnsname-afl-crash-unsigned
bert hubert [Wed, 27 Apr 2016 14:02:22 +0000 (16:02 +0200)]
Merge pull request #3779 from rgacogne/dnsname-afl-crash-unsigned

Use unsigned char* in getRawLabels() and countLabels()

8 years agoMerge pull request #3785 from ahupowerdns/nsec3fix
bert hubert [Wed, 27 Apr 2016 14:01:48 +0000 (16:01 +0200)]
Merge pull request #3785 from ahupowerdns/nsec3fix

process nsec3 insecure delegation

8 years agoprocess NSEC3 insecure delegation, closes #3675
bert hubert [Wed, 27 Apr 2016 13:10:49 +0000 (15:10 +0200)]
process NSEC3 insecure delegation, closes #3675

8 years agoenable function to hash qnames w/o having the NSEC3PARAM ready
bert hubert [Wed, 27 Apr 2016 13:10:17 +0000 (15:10 +0200)]
enable function to hash qnames w/o having the NSEC3PARAM ready

8 years agoFix type conversions, add some checks
Remi Gacogne [Wed, 27 Apr 2016 08:26:20 +0000 (10:26 +0200)]
Fix type conversions, add some checks

There is no known bug involved, only hardening.

8 years agoUse unsigned char* in getRawLabels() and countLabels()
Remi Gacogne [Tue, 26 Apr 2016 15:20:07 +0000 (17:20 +0200)]
Use unsigned char* in getRawLabels() and countLabels()

Otherwise we treat values larger than INT8_MAX as negatives
in pointer arithmetic.
Found with American Fuzzy Lop and Address Sanitizer.

8 years agoMerge pull request #3707 from brynjare/patch-1
Pieter Lexis [Tue, 26 Apr 2016 13:44:52 +0000 (15:44 +0200)]
Merge pull request #3707 from brynjare/patch-1

Increase MySQL client timeouts from 10 seconds

8 years agodnsdist: Stop copying the request headers to the response
Remi Gacogne [Tue, 26 Apr 2016 13:44:16 +0000 (15:44 +0200)]
dnsdist: Stop copying the request headers to the response

8 years agofix up newlines in console mode, move to 'return *line*' and if that is a syntax...
bert hubert [Tue, 26 Apr 2016 12:05:33 +0000 (14:05 +0200)]
fix up newlines in console mode, move to 'return *line*' and if that is a syntax error, execute '*line*', also print out simple Lua tables as JSON

8 years agosilence where we read the config file from except in verbose mode
bert hubert [Tue, 26 Apr 2016 12:05:11 +0000 (14:05 +0200)]
silence where we read the config file from except in verbose mode

8 years agoAdd a minimum offset parameter to DNSName
Remi Gacogne [Tue, 26 Apr 2016 09:09:05 +0000 (11:09 +0200)]
Add a minimum offset parameter to DNSName

PacketReader does not copy the header part of the DNS message,
therefore DNSName needs to be aware of the minimum valid offset
in order not to follow a pointer to an offset < sizeof(dnsheader),
as other callers expect every non-negative offset to be valid.
Found with American Fuzzy Lop and Address Sanitizer.

8 years agoUpdate yahttp, closes #3723
Pieter Lexis [Tue, 26 Apr 2016 12:00:59 +0000 (14:00 +0200)]
Update yahttp, closes #3723

8 years agohook up nodelay, silence output 'connecting to..' unless --verbose
bert hubert [Tue, 26 Apr 2016 11:40:06 +0000 (13:40 +0200)]
hook up nodelay, silence output 'connecting to..' unless --verbose

8 years agosetTCPNoDelay() for dnsdist console. Yak.
bert hubert [Tue, 26 Apr 2016 11:39:08 +0000 (13:39 +0200)]
setTCPNoDelay() for dnsdist console. Yak.

8 years agogetAction(n) for n >= number of rules now properly returns nil instead of crashing
bert hubert [Tue, 26 Apr 2016 11:35:06 +0000 (13:35 +0200)]
getAction(n) for n >= number of rules now properly returns nil instead of crashing

8 years agorecursor: Add DNSSEC testing infrastructure and tests (#3741)
Pieter Lexis [Tue, 26 Apr 2016 11:16:10 +0000 (13:16 +0200)]
recursor: Add DNSSEC testing infrastructure and tests (#3741)

* Add rec dnssec test infra and initial tests

* Allow running an auth server

during the recursor regression tests.

Also add some boilerplate code so we can add DS records and root hints

* wip

* Add more infra to secure zones etc. wellKnown test passes, simple needs work

* Add own assertions, fix tests (all pass!)

* Hookup recursor DNSSEC tests to travis

* Add separate teardown classes

* Add a bogus zone

* Add tests for flag handling of the recursor

In preparation for #3682

And some new assertions

* Add flags test for bogus domains

* Lower startup delay

* refactor zones and keys

* Make pylint happy

* fix travis

* Disable WellKnown tests, they fail on travis

* WIP

* Add flag tests for insecure zone

* Change domain names to documentation names

8 years agorec: Drop non-IN records from auths, check for invalid record content
Remi Gacogne [Mon, 25 Apr 2016 15:27:44 +0000 (17:27 +0200)]
rec: Drop non-IN records from auths, check for invalid record content

Fix a crash in case of a bogus response from an authoritative
server.

8 years agoFix null pointer dereference on parsing error in ZoneParserTNG
Remi Gacogne [Fri, 22 Apr 2016 14:56:46 +0000 (16:56 +0200)]
Fix null pointer dereference on parsing error in ZoneParserTNG

For example when parsing an unmatched '('

8 years agoFix off-by-one read in `latlon2ul()`
Remi Gacogne [Fri, 22 Apr 2016 14:55:59 +0000 (16:55 +0200)]
Fix off-by-one read in `latlon2ul()`

8 years agoMerge pull request #3762 from ahupowerdns/teeaction
bert hubert [Tue, 26 Apr 2016 08:53:48 +0000 (10:53 +0200)]
Merge pull request #3762 from ahupowerdns/teeaction

 Teeaction: send copy of query to second nameserver, sponge responses

8 years agohook up action-stats to JSON output
bert hubert [Mon, 25 Apr 2016 18:10:13 +0000 (20:10 +0200)]
hook up action-stats to JSON output

8 years agoedit in changes suggested by @rgacogne for TeeAction, thanks
bert hubert [Mon, 25 Apr 2016 18:02:15 +0000 (20:02 +0200)]
edit in changes suggested by @rgacogne for TeeAction, thanks

8 years agodocument TeeAction & new getAction()
bert hubert [Mon, 25 Apr 2016 11:14:47 +0000 (13:14 +0200)]
document TeeAction & new getAction()

8 years agomake TeeAction() quit properly, add getAction() so you can get access to an action...
bert hubert [Mon, 25 Apr 2016 10:58:07 +0000 (12:58 +0200)]
make TeeAction() quit properly, add getAction() so you can get access to an action, add getStats() to give you raw stats

8 years agoclean up our error reporting on the console a bit, may need to happen for the remotel...
bert hubert [Mon, 25 Apr 2016 10:57:23 +0000 (12:57 +0200)]
clean up our error reporting on the console a bit, may need to happen for the remotely connected console too

8 years agoinitial work on TeeAction, still has some missing bits, like not blocking the whole...
bert hubert [Mon, 25 Apr 2016 08:02:01 +0000 (10:02 +0200)]
initial work on TeeAction, still has some missing bits, like not blocking the whole daemon when you delete a rule

8 years agogrepq() has no sideeffects in dnsdist.
bert hubert [Mon, 25 Apr 2016 07:58:27 +0000 (09:58 +0200)]
grepq() has no sideeffects in dnsdist.

8 years agoMerge pull request #3755 from rgacogne/dnsdist-fix-regex-sample
Remi Gacogne [Mon, 25 Apr 2016 07:51:37 +0000 (09:51 +0200)]
Merge pull request #3755 from rgacogne/dnsdist-fix-regex-sample

dnsdist: Fix RegexRule example in dnsdistconf.lua

8 years agoMerge pull request #3714 from rubenk/dnsdist-service
Remi Gacogne [Fri, 22 Apr 2016 19:14:04 +0000 (21:14 +0200)]
Merge pull request #3714 from rubenk/dnsdist-service

dnsdist: add documentation links to dnsdist.service

8 years agoMerge pull request #3751 from medea61/master
Pieter Lexis [Fri, 22 Apr 2016 14:08:45 +0000 (16:08 +0200)]
Merge pull request #3751 from medea61/master

fixing systemd capability issues #3748 & #3749

8 years agofixing #3749
Roman Hochuli [Fri, 22 Apr 2016 09:21:40 +0000 (11:21 +0200)]
fixing #3749

8 years agofixing #3748
Roman Hochuli [Fri, 22 Apr 2016 09:19:41 +0000 (11:19 +0200)]
fixing #3748

8 years agodnsdist: Fix RegexRule example in dnsdistconf.lua
Remi Gacogne [Thu, 21 Apr 2016 19:42:21 +0000 (21:42 +0200)]
dnsdist: Fix RegexRule example in dnsdistconf.lua

8 years agoMerge pull request #3745 from pieterlexis/dnsdist-not-remote-logo
Pieter Lexis [Thu, 21 Apr 2016 10:37:06 +0000 (12:37 +0200)]
Merge pull request #3745 from pieterlexis/dnsdist-not-remote-logo

dnsdist website, use a local logo

8 years agoMerge pull request #3744 from rgacogne/dnsdist-100final-changelog
Remi Gacogne [Thu, 21 Apr 2016 10:31:31 +0000 (12:31 +0200)]
Merge pull request #3744 from rgacogne/dnsdist-100final-changelog

dnsdist: Update ChangeLog for 1.0.0

8 years agodnsdist website, use a local logo
Pieter Lexis [Thu, 21 Apr 2016 10:28:50 +0000 (12:28 +0200)]
dnsdist website, use a local logo

8 years agodnsdist: add documentation links to dnsdist.service
Ruben Kerkhof [Fri, 15 Apr 2016 13:59:14 +0000 (15:59 +0200)]
dnsdist: add documentation links to dnsdist.service

8 years agoMerge pull request #3740 from ahupowerdns/bind-nsec-fix
Pieter Lexis [Wed, 20 Apr 2016 15:54:07 +0000 (17:54 +0200)]
Merge pull request #3740 from ahupowerdns/bind-nsec-fix

fixes a crash in BIND backend NSEC code - but needs more work

8 years agodnsdist: Update ChangeLog for 1.0.0
Remi Gacogne [Wed, 20 Apr 2016 14:14:19 +0000 (16:14 +0200)]
dnsdist: Update ChangeLog for 1.0.0

8 years agoMerge pull request #3739 from rgacogne/dnsdist-drop-after-daemonize dnsdist-1.0.0
Remi Gacogne [Wed, 20 Apr 2016 12:12:54 +0000 (14:12 +0200)]
Merge pull request #3739 from rgacogne/dnsdist-drop-after-daemonize

dnsdist: Drop privileges after daemonizing and writing our pid

8 years agothis fix prevents a crash in bind backend in dnssec mode but unsure if it does the...
bert hubert [Wed, 20 Apr 2016 10:42:02 +0000 (12:42 +0200)]
this fix prevents a crash in bind backend in dnssec mode but unsure if it does the right thing

8 years agodnsdist: Drop privileges after daemonizing and writing our pid
Remi Gacogne [Wed, 20 Apr 2016 09:05:12 +0000 (11:05 +0200)]
dnsdist: Drop privileges after daemonizing and writing our pid

8 years agoMerge pull request #3713 from rubenk/remove-contrib-dnsdist-service
Remi Gacogne [Tue, 19 Apr 2016 15:09:58 +0000 (17:09 +0200)]
Merge pull request #3713 from rubenk/remove-contrib-dnsdist-service

dnsdist: remove contrib/dnsdist.service

8 years agoMerge pull request #3730 from rgacogne/dnsdist-top-bandwidth
Remi Gacogne [Tue, 19 Apr 2016 15:09:33 +0000 (17:09 +0200)]
Merge pull request #3730 from rgacogne/dnsdist-top-bandwidth

dnsdist: Make `topBandwidth()` behave like other top* functions

8 years agoMerge pull request #3700 from pieterlexis/rpm-dnsdist-user
Remi Gacogne [Tue, 19 Apr 2016 15:08:55 +0000 (17:08 +0200)]
Merge pull request #3700 from pieterlexis/rpm-dnsdist-user

dnsdist: create user from the RPM package to drop privs

8 years agotypo
Peter van Dijk [Tue, 19 Apr 2016 12:46:36 +0000 (14:46 +0200)]
typo

8 years agoMerge pull request #3736 from rgacogne/dnsdist-nmg-rule
Remi Gacogne [Tue, 19 Apr 2016 12:37:11 +0000 (14:37 +0200)]
Merge pull request #3736 from rgacogne/dnsdist-nmg-rule

dnsdist: Add missing Lua binding for NetmaskGroupRule()

8 years agoMerge pull request #3737 from Habbie/escapestar
Peter van Dijk [Tue, 19 Apr 2016 11:46:09 +0000 (13:46 +0200)]
Merge pull request #3737 from Habbie/escapestar

nit

8 years agonit
Peter van Dijk [Tue, 19 Apr 2016 11:07:04 +0000 (13:07 +0200)]
nit

8 years agodnsdist: Add missing Lua binding for NetmaskGroupRule()
Remi Gacogne [Tue, 19 Apr 2016 10:06:36 +0000 (12:06 +0200)]
dnsdist: Add missing Lua binding for NetmaskGroupRule()

8 years agoMerge pull request #3731 from rgacogne/dnsdist-policies-doc
Remi Gacogne [Tue, 19 Apr 2016 07:33:44 +0000 (09:33 +0200)]
Merge pull request #3731 from rgacogne/dnsdist-policies-doc

dnsdist: Clarify a bit the documentation of load-balancing policies

8 years agoMerge pull request #3722 from rubenk/dnsdist-disable-static
Remi Gacogne [Tue, 19 Apr 2016 07:32:27 +0000 (09:32 +0200)]
Merge pull request #3722 from rubenk/dnsdist-disable-static

dnsdist: use LT_INIT and disable static objects

8 years agoMerge pull request #3720 from edmonds/branches/edmonds-dnswasher-fixes
bert hubert [Tue, 19 Apr 2016 05:45:55 +0000 (07:45 +0200)]
Merge pull request #3720 from edmonds/branches/edmonds-dnswasher-fixes

Fixes for dnswasher from Robert Edmonds of Farsight - thanks!

8 years agoMerge pull request #3735 from setharnold/patch-2
bert hubert [Tue, 19 Apr 2016 05:42:18 +0000 (07:42 +0200)]
Merge pull request #3735 from setharnold/patch-2

Mention dnsdist in main repo README.md

8 years agoMention dnsdist in main repo README.md
setharnold [Mon, 18 Apr 2016 19:53:39 +0000 (12:53 -0700)]
Mention dnsdist in main repo README.md

8 years agodnsdist: use LT_INIT and disable static objects
Ruben Kerkhof [Sat, 16 Apr 2016 14:37:29 +0000 (16:37 +0200)]
dnsdist: use LT_INIT and disable static objects

Do the same thing pdns does.

8 years agodnsdist: Clarify a bit the documentation of load-balancing policies
Remi Gacogne [Mon, 18 Apr 2016 14:41:34 +0000 (16:41 +0200)]
dnsdist: Clarify a bit the documentation of load-balancing policies

8 years agodnsdist: Make `topBandwidth()` behave like other top* functions
Remi Gacogne [Mon, 18 Apr 2016 14:13:51 +0000 (16:13 +0200)]
dnsdist: Make `topBandwidth()` behave like other top* functions

Fixes #3521.

8 years agoMerge pull request #3728 from rgacogne/dnsdist-libedit-history
Remi Gacogne [Mon, 18 Apr 2016 13:54:29 +0000 (15:54 +0200)]
Merge pull request #3728 from rgacogne/dnsdist-libedit-history

dnsdist: Document libedit Ctrl-R workaround for CentOS 6

8 years agoMerge pull request #3710 from pieterlexis/always-validate
Peter van Dijk [Mon, 18 Apr 2016 12:37:49 +0000 (14:37 +0200)]
Merge pull request #3710 from pieterlexis/always-validate

Always validate on 'validate' and 'log-fail'

8 years agoMerge pull request #3726 from ahupowerdns/getca-netmasks
bert hubert [Mon, 18 Apr 2016 11:22:21 +0000 (13:22 +0200)]
Merge pull request #3726 from ahupowerdns/getca-netmasks

implement getCA() for faster & native IP address extraction in Lua sc…

8 years agoMerge branch 'master' of github.com:PowerDNS/pdns
bert hubert [Mon, 18 Apr 2016 11:05:45 +0000 (13:05 +0200)]
Merge branch 'master' of github.com:PowerDNS/pdns

8 years agoimplement an official pretty ordering for DNSRecords and use it
bert hubert [Mon, 18 Apr 2016 11:05:25 +0000 (13:05 +0200)]
implement an official pretty ordering for DNSRecords and use it

8 years agoMerge pull request #3655 from zeha/setptr-soaeditapi
Peter van Dijk [Mon, 18 Apr 2016 11:02:56 +0000 (13:02 +0200)]
Merge pull request #3655 from zeha/setptr-soaeditapi

API: Fix set-ptr to honor SOA-EDIT-API

8 years agomake pdnsutil edit-zone operate on a 'prettysorted' zone in canonical order, except...
bert hubert [Mon, 18 Apr 2016 10:10:44 +0000 (12:10 +0200)]
make pdnsutil edit-zone operate on a 'prettysorted' zone in canonical order, except that SOA always comes on top

8 years agodnsdist: Document libedit Ctrl-R workaround for CentOS 6
Remi Gacogne [Mon, 18 Apr 2016 09:30:34 +0000 (11:30 +0200)]
dnsdist: Document libedit Ctrl-R workaround for CentOS 6

Fixes #3227.

8 years agoAdd a paragraph on dropping privs
Pieter Lexis [Wed, 13 Apr 2016 08:37:22 +0000 (10:37 +0200)]
Add a paragraph on dropping privs

8 years agoAdd dnsdist user when installing RPMs
Pieter Lexis [Wed, 13 Apr 2016 08:04:01 +0000 (10:04 +0200)]
Add dnsdist user when installing RPMs

8 years agoMerge pull request #3711 from rubenk/dnsdist-require-systemd-devel-for-rpm
Remi Gacogne [Mon, 18 Apr 2016 07:46:27 +0000 (09:46 +0200)]
Merge pull request #3711 from rubenk/dnsdist-require-systemd-devel-for-rpm

dnsdist: building rpm needs systemd headers

8 years agoMerge pull request #3712 from rgacogne/dnsdist-make-check
Remi Gacogne [Mon, 18 Apr 2016 07:45:51 +0000 (09:45 +0200)]
Merge pull request #3712 from rgacogne/dnsdist-make-check

dnsdist: Make check should run testrunner

8 years agoMerge pull request #3724 from zeha/mips-atomic
Remi Gacogne [Mon, 18 Apr 2016 07:45:18 +0000 (09:45 +0200)]
Merge pull request #3724 from zeha/mips-atomic

dnsdist: include PDNS_CHECK_OS in configure

8 years agoprettyfi the pdnsutil edit-zone diff output by grouping changed names together
bert hubert [Sun, 17 Apr 2016 17:44:31 +0000 (19:44 +0200)]
prettyfi the pdnsutil edit-zone diff output by grouping changed names together

8 years agodnsdist: include PDNS_CHECK_OS in configure
Christian Hofstaedtler [Sun, 17 Apr 2016 09:55:15 +0000 (11:55 +0200)]
dnsdist: include PDNS_CHECK_OS in configure

Follow up fix to #3593 which added -latomic on mips(el), but
dnsdist did not use the macro where this got added.

8 years agodnswasher: Write obfuscated IPv6 prefixes in network byte order
Robert Edmonds [Sat, 16 Apr 2016 00:54:22 +0000 (20:54 -0400)]
dnswasher: Write obfuscated IPv6 prefixes in network byte order

Make the IPv6 code path follow the IPv4 code path by writing out the
IPObfuscator counter in network byte order.

This makes the obfuscated IPv6 addresses easier to read and avoids
making the output of the tool vary based on the host byte order.

8 years agodnswasher: Remove offsets from IPv6 src/dst pointers
Robert Edmonds [Sat, 16 Apr 2016 00:48:52 +0000 (20:48 -0400)]
dnswasher: Remove offsets from IPv6 src/dst pointers

I'm not entirely sure why this code was offsetting the IPv6
source/destination header fields, but this commit removes those offsets.

This results in the obfuscation of the first 64 bits of the IPv6
source/destination addresses. (Arguably the whole address should be
obfuscated, though.)

8 years agodnswasher: Only zero the IP header checksum for IPv4
Robert Edmonds [Sat, 16 Apr 2016 00:43:34 +0000 (20:43 -0400)]
dnswasher: Only zero the IP header checksum for IPv4

IPv6 doesn't have a checksum field. This code previously zeroed the
space in the header where the IPv4 header checksum would be, regardless
of IP header version.

8 years agodnswasher: Don't spam stdout in IPObfuscator::obf6()
Robert Edmonds [Sat, 16 Apr 2016 00:42:21 +0000 (20:42 -0400)]
dnswasher: Don't spam stdout in IPObfuscator::obf6()

8 years agodnspcap: Decode IPv6 packets in DLT_RAW captures correctly
Robert Edmonds [Sat, 16 Apr 2016 00:36:19 +0000 (20:36 -0400)]
dnspcap: Decode IPv6 packets in DLT_RAW captures correctly

DLT_RAW captures (linktype 101) were not handling IPv6 packets
correctly.

For DLT_RAW, PcapPacketReader::getUDPPacket() synthesizes a fake
ethertype value (the "contentCode" variable), but for IPv6 it was
incorrectly set to 0x0806 (ARP) instead of 0x86dd (IPv6). This caused
IPv6 packets to silently be discarded.

8 years agodnswasher: Fix comment at top of file (RD -> QR)
Robert Edmonds [Sat, 16 Apr 2016 00:34:02 +0000 (20:34 -0400)]
dnswasher: Fix comment at top of file (RD -> QR)

Only the QR bit (not the RD bit) is consulted when determining which IP
address to obfuscate.

8 years agoMerge pull request #3715 from mzealey/readme-patch
Peter van Dijk [Fri, 15 Apr 2016 16:12:16 +0000 (18:12 +0200)]
Merge pull request #3715 from mzealey/readme-patch

Add in tools required for recursor ubuntu build

8 years agoAdd in tools required for recursor ubuntu build
Mark Zealey [Fri, 15 Apr 2016 16:10:30 +0000 (19:10 +0300)]
Add in tools required for recursor ubuntu build

8 years agodnsdist: remove contrib/dnsdist.service
Ruben Kerkhof [Fri, 15 Apr 2016 13:56:41 +0000 (15:56 +0200)]
dnsdist: remove contrib/dnsdist.service

One service file is more than enough

8 years agodnsdist: Make check should run testrunner
Remi Gacogne [Fri, 15 Apr 2016 13:51:38 +0000 (15:51 +0200)]
dnsdist: Make check should run testrunner

Thanks @rubenk !

8 years agodnsdist: building rpm needs systemd headers
Ruben Kerkhof [Fri, 15 Apr 2016 12:58:05 +0000 (14:58 +0200)]
dnsdist: building rpm needs systemd headers

We check for the systemd headers, which are in systemd-devel

checking systemd/sd-daemon.h usability... no
checking systemd/sd-daemon.h presence... no
checking for systemd/sd-daemon.h... no

8 years agoAlways validate on 'validate' and 'log-fail'
Pieter Lexis [Fri, 15 Apr 2016 09:55:40 +0000 (11:55 +0200)]
Always validate on 'validate' and 'log-fail'

Closes #3709

Also add a comment in the code regarding another DNSSEC ticket

8 years agoimplement getCA() for faster & native IP address extraction in Lua scripts plus docum...
bert hubert [Fri, 15 Apr 2016 08:23:49 +0000 (10:23 +0200)]
implement getCA() for faster & native IP address extraction in Lua scripts plus document and implement faster way of loading large amounts of netmasks from file.

8 years agoIncrease MySQL client timeouts from 10 seconds
Brynjar Eide [Thu, 14 Apr 2016 17:56:10 +0000 (19:56 +0200)]
Increase MySQL client timeouts from 10 seconds

If a query runs for 10 seconds or more, the connection is killed from the client side.

Bumping this timeout value to three minutes should hopefully be good enough for most situations, until a configurable option can be added.

8 years agoMerge pull request #3704 from rgacogne/dnsdist-beta1-changelog
Remi Gacogne [Thu, 14 Apr 2016 13:04:25 +0000 (15:04 +0200)]
Merge pull request #3704 from rgacogne/dnsdist-beta1-changelog

dnsdist: beta1 ChangeLog

8 years agodnsdist: beta1 ChangeLog
Remi Gacogne [Thu, 14 Apr 2016 13:02:37 +0000 (15:02 +0200)]
dnsdist: beta1 ChangeLog

8 years agotypo dnsdist-1.0.0-beta1
Peter van Dijk [Thu, 14 Apr 2016 07:29:41 +0000 (09:29 +0200)]
typo