]>
granicus.if.org Git - pdns/log
bert hubert [Wed, 24 Feb 2016 20:41:34 +0000 (21:41 +0100)]
Merge pull request #3443 from ahupowerdns/speedups
Speedups! Closes some big impediments for performance & even correctness
bert hubert [Wed, 24 Feb 2016 20:40:41 +0000 (21:40 +0100)]
Merge pull request #3442 from pieterlexis/recursor-ixfr-catch-exception
recursor: catch exception during IXFR of RPZ
bert hubert [Wed, 24 Feb 2016 20:40:25 +0000 (21:40 +0100)]
Merge pull request #3444 from pieterlexis/recursor-ixfr-tsig-algo-names
recursor: set the TSIG algoname on IXFR correctly
bert hubert [Wed, 24 Feb 2016 20:39:50 +0000 (21:39 +0100)]
Merge pull request #3445 from pieterlexis/recursor-rpz-docs
Document recursor RPZ options
Pieter Lexis [Wed, 24 Feb 2016 17:48:43 +0000 (18:48 +0100)]
Document recursor RPZ options
Pieter Lexis [Wed, 24 Feb 2016 17:14:31 +0000 (18:14 +0100)]
recursor: set the TSIG algoname on IXFR correctly
Pieter Lexis [Wed, 24 Feb 2016 16:35:22 +0000 (17:35 +0100)]
recursor: catch exception during IXFR of RPZ
This would lead to a SIGABRT before when the IXFR failed.
bert hubert [Wed, 24 Feb 2016 15:36:44 +0000 (16:36 +0100)]
we were inconsistent in comparing ComboAddresses with sin_family==0. Removed possibility for inconsistency, plus surrounded this bug with unit tests. Added similar test for DNSName.
Remi Gacogne [Wed, 24 Feb 2016 15:01:55 +0000 (16:01 +0100)]
Merge pull request #3432 from rgacogne/dnsdist-split-tests
dnsdist: Split Caching, Routing and Spoofing from "Advanced" tests
Pieter Lexis [Wed, 24 Feb 2016 14:49:05 +0000 (15:49 +0100)]
Merge pull request #3429 from mind04/failed
make sure we don't forget passing test marked as failing
bert hubert [Wed, 24 Feb 2016 13:59:30 +0000 (14:59 +0100)]
Merge pull request #3435 from Habbie/lua-dnsname
add two methods to DNSName for recursor Lua scripting
bert hubert [Wed, 24 Feb 2016 13:59:07 +0000 (14:59 +0100)]
Merge pull request #3433 from rgacogne/dnsdist-check-response
dnsdist: Check that the answer matches the initial query over UDP
bert hubert [Wed, 24 Feb 2016 13:58:22 +0000 (14:58 +0100)]
Merge pull request #3437 from Habbie/lua-pdnsunixtime
add pdns.now timeval struct to recursor lua
bert hubert [Wed, 24 Feb 2016 13:58:10 +0000 (14:58 +0100)]
Merge pull request #3439 from Habbie/lua15minutes
link to learn lua in 15 minutes
bert hubert [Wed, 24 Feb 2016 10:55:36 +0000 (11:55 +0100)]
lots of speedups local to zoneparser-tng, mostly reducing malloc load and locale use
bert hubert [Wed, 24 Feb 2016 11:55:38 +0000 (12:55 +0100)]
add "reuseport" to recursor as a switch, off by default
bert hubert [Mon, 22 Feb 2016 14:26:55 +0000 (15:26 +0100)]
we used toString() to compare incoming packets - showed up in profile at 3% or so
bert hubert [Wed, 24 Feb 2016 10:54:22 +0000 (11:54 +0100)]
we don't need set close on exec in pdns_recursor since it won't (can't) exec anything
bert hubert [Wed, 24 Feb 2016 11:41:08 +0000 (12:41 +0100)]
because unset/empty netmasks did not compare as equal, we would fill the cache with tens of thousands of duplicate entries per name
Peter van Dijk [Tue, 23 Feb 2016 16:18:52 +0000 (17:18 +0100)]
add pdns.now timeval struct to recursor lua
Peter van Dijk [Wed, 24 Feb 2016 11:32:41 +0000 (12:32 +0100)]
link to learn lua in 15 minutes
bert hubert [Wed, 24 Feb 2016 10:24:59 +0000 (11:24 +0100)]
Merge pull request #3434 from Habbie/remove-old-lua-recursor
remove v3 lua recursor files (dead code)
Peter van Dijk [Wed, 24 Feb 2016 09:46:16 +0000 (10:46 +0100)]
Merge pull request #3428 from zeha/apirrsets
API: Fix zone/records design mistake
Peter van Dijk [Tue, 23 Feb 2016 15:31:29 +0000 (16:31 +0100)]
add two methods to DNSName for recursor Lua scripting
Peter van Dijk [Tue, 23 Feb 2016 15:03:14 +0000 (16:03 +0100)]
remove v3 lua recursor files (dead code)
Remi Gacogne [Tue, 23 Feb 2016 08:02:50 +0000 (09:02 +0100)]
dnsdist: Split Caching, Routing and Spoofing from "Advanced" tests
bert hubert [Mon, 22 Feb 2016 18:51:49 +0000 (19:51 +0100)]
Merge pull request #3423 from Habbie/tinydns-yak
tinydns testing yaks
bert hubert [Mon, 22 Feb 2016 18:31:58 +0000 (19:31 +0100)]
Merge pull request #3422 from ahupowerdns/multispoof
Multispoof: make the dnsdist spoofing actions accept multiple IPv4 and IPv6 addresses, retaining old syntax + updated regression tests
Remi Gacogne [Mon, 22 Feb 2016 18:22:55 +0000 (19:22 +0100)]
dnsdist: Check that the answer matches the initial query over UDP
If we wrap around our maxOutstanding counter too fast, we need
to check that the answer we get is for the right query.
In order to do that, we now parse the question section in the
response and compare it to the one we expect (type, class and
name).
Peter van Dijk [Mon, 22 Feb 2016 11:05:58 +0000 (12:05 +0100)]
update incbin to upstream 3d4aa9, fixing osx builds
Kees Monshouwer [Mon, 22 Feb 2016 08:11:53 +0000 (09:11 +0100)]
s/failing/fail
Kees Monshouwer [Sun, 21 Feb 2016 23:14:57 +0000 (00:14 +0100)]
remove 'failing' flag for passing oracle tests
Kees Monshouwer [Sun, 21 Feb 2016 22:32:49 +0000 (23:32 +0100)]
remove 'failing' flag for passing bind tests
Kees Monshouwer [Sun, 21 Feb 2016 22:30:49 +0000 (23:30 +0100)]
remove 'failing' flag for passing ldap tests
Kees Monshouwer [Sun, 21 Feb 2016 09:46:58 +0000 (10:46 +0100)]
add 'fail.*' option to the regression-test
A failing test must be brokem.
Christian Hofstaedtler [Sun, 21 Feb 2016 21:11:16 +0000 (22:11 +0100)]
API: Fix zone/records design mistake
Christian Hofstaedtler [Sun, 21 Feb 2016 22:15:17 +0000 (23:15 +0100)]
Turn Comment.qname into a DNSName
Christian Hofstaedtler [Sun, 21 Feb 2016 22:14:32 +0000 (23:14 +0100)]
gsql: Remove stripDot where not needed
Peter van Dijk [Sun, 21 Feb 2016 18:30:06 +0000 (19:30 +0100)]
detect (g)md5sum to support osx brew usage
Peter van Dijk [Sun, 21 Feb 2016 18:27:46 +0000 (19:27 +0100)]
update tinydns data with cdnskey-cds-test.com domain
Peter van Dijk [Sun, 21 Feb 2016 18:27:12 +0000 (19:27 +0100)]
support dynamic loading of bindbackend
Peter van Dijk [Sun, 21 Feb 2016 18:27:00 +0000 (19:27 +0100)]
drop args, use vars like other scripts do, default to assuming they are on PATH
Peter van Dijk [Sun, 21 Feb 2016 18:25:14 +0000 (19:25 +0100)]
switch to bash; add -u (abort on use of unset var) to flags
bert hubert [Sun, 21 Feb 2016 10:27:56 +0000 (11:27 +0100)]
Merge pull request #3412 from pieterlexis/dnsdist-check-config
Dnsdist check config
bert hubert [Sun, 21 Feb 2016 09:00:49 +0000 (10:00 +0100)]
Merge pull request #3419 from Habbie/ldap-skipless
we skip too many ldap tests - unskip those that appear to actually work
bert hubert [Sun, 21 Feb 2016 09:00:38 +0000 (10:00 +0100)]
Merge pull request #3418 from Habbie/ldap-strict
add ldap strict mode testing
bert hubert [Sun, 21 Feb 2016 08:58:34 +0000 (09:58 +0100)]
document the new powers of domainspoof/spoofaction in dnsdist
Peter van Dijk [Sat, 20 Feb 2016 21:47:55 +0000 (22:47 +0100)]
Merge pull request #3420 from Habbie/no-verbose-wildcard-crash
don't servfail on unset wildcard in addNSEC when verbose logging is enabled
bert hubert [Sat, 20 Feb 2016 21:07:45 +0000 (22:07 +0100)]
Merge pull request #3399 from mind04/rsabits
report OpenSSL RSA keysize in bits
bert hubert [Sat, 20 Feb 2016 21:07:17 +0000 (22:07 +0100)]
Merge pull request #3413 from rgacogne/dnsdist-healthcheck-messages
dnsdist: log health check error messages even when verbose is off
bert hubert [Sat, 20 Feb 2016 21:06:36 +0000 (22:06 +0100)]
Merge pull request #3411 from rgacogne/dnsdist-nopacketcache-tcp
dnsdist: Do not share the packet cache entries between TCP and UDP
bert hubert [Sat, 20 Feb 2016 21:03:21 +0000 (22:03 +0100)]
Merge pull request #3356 from rgacogne/dnsdist-parse-failures-log
dnsdist: Display the query ID and remote IP when parsing fails
bert hubert [Sat, 20 Feb 2016 20:58:41 +0000 (21:58 +0100)]
make dnsdist spoofing actions support multiple A and AAAA records which we'll shuffle and include, plus regression tests for same
Peter van Dijk [Sat, 20 Feb 2016 20:57:38 +0000 (21:57 +0100)]
don't servfail on unset wildcard in addNSEC when verbose logging is enabled
bert hubert [Sat, 20 Feb 2016 20:56:03 +0000 (21:56 +0100)]
document dnsdist regression tests, make it possible to run only part of the regression tests (& document that too)
Peter van Dijk [Sat, 20 Feb 2016 19:18:45 +0000 (20:18 +0100)]
we skip too many ldap tests - unskip those that appear to actually work
Peter van Dijk [Sat, 20 Feb 2016 19:23:05 +0000 (20:23 +0100)]
add ldap strict mode testing
Peter van Dijk [Sat, 20 Feb 2016 18:00:27 +0000 (19:00 +0100)]
Merge pull request #3407 from cmouse/permit-star-entry
Permit star entry
Aki Tuomi [Sat, 20 Feb 2016 14:31:10 +0000 (16:31 +0200)]
test that API accepts wildcard name
Remi Gacogne [Fri, 19 Feb 2016 17:37:16 +0000 (18:37 +0100)]
dnsdist: log health check error messages even when verbose is off
This still requires setVerboseHealthChecks(true), but not global
verbose anymore, as the later logs every queries and thus is not
usable on a large deployment.
bert hubert [Sat, 20 Feb 2016 11:44:26 +0000 (12:44 +0100)]
report an error when we die when .. dnsdist sends us an unexpected answer?!
bert hubert [Sat, 20 Feb 2016 11:43:55 +0000 (12:43 +0100)]
silence warning about our vinfolog macro (perhaps we should see if we can improve the macro)
bert hubert [Fri, 19 Feb 2016 20:56:33 +0000 (21:56 +0100)]
refuse to validate empty space - @zaphodb, this may be your crash
bert hubert [Fri, 19 Feb 2016 20:28:05 +0000 (21:28 +0100)]
turns out we were using libc tolower in performance sensitive places.. top in perf
bert hubert [Fri, 19 Feb 2016 20:09:53 +0000 (21:09 +0100)]
prevent us dying on emitting error message about unexpected packet
Pieter Lexis [Fri, 19 Feb 2016 15:30:47 +0000 (16:30 +0100)]
dnsdist: add --check-config commandline switch
This allows testing of the configuration before one will try to restart
dnsdist with a broken config. Additionally, add tests to confirm the
config check still works.
Pieter Lexis [Fri, 19 Feb 2016 15:28:38 +0000 (16:28 +0100)]
dnsdist: Explicitly use python2 for tests
Aki Tuomi [Fri, 19 Feb 2016 07:53:55 +0000 (09:53 +0200)]
Permit star, fixes #3406
bert hubert [Fri, 19 Feb 2016 14:02:14 +0000 (15:02 +0100)]
Merge pull request #3410 from ahupowerdns/recuweb
Merge Recuweb - built in live webpage for recursor
Remi Gacogne [Fri, 19 Feb 2016 11:58:05 +0000 (12:58 +0100)]
dnsdist: Do not share the packet cache entries between TCP and UDP
It would obviously cause issues, for example with truncated
responses. It is possible to disable the cache for all TCP queries
by using something like:
addAction(TCPRule(true), SkipCacheAction())
bert hubert [Fri, 19 Feb 2016 10:39:39 +0000 (11:39 +0100)]
Merge pull request #3408 from rgacogne/dnsdist-default-pool
dnsdist: Always create the default pool, clean related log messages
bert hubert [Wed, 17 Feb 2016 20:13:29 +0000 (21:13 +0100)]
missing symlink
bert hubert [Wed, 17 Feb 2016 18:59:30 +0000 (19:59 +0100)]
distribute the recuweb stuff to the tarball
bert hubert [Wed, 17 Feb 2016 16:15:45 +0000 (17:15 +0100)]
make / work too for recuweb
bert hubert [Wed, 17 Feb 2016 10:52:14 +0000 (11:52 +0100)]
reinstate recuweb, but now internally!
bert hubert [Tue, 16 Feb 2016 16:13:59 +0000 (17:13 +0100)]
recuweb in recursor 4.0 built in
Pieter Lexis [Fri, 19 Feb 2016 08:37:39 +0000 (09:37 +0100)]
Merge pull request #3404 from pieterlexis/sles12
Add SLES 12 support to the build-auth-rpm script
Aki Tuomi [Fri, 19 Feb 2016 07:53:44 +0000 (09:53 +0200)]
It's name, not label.
bert hubert [Thu, 18 Feb 2016 20:19:35 +0000 (21:19 +0100)]
Merge pull request #3405 from rgacogne/dnsdist-health-check-failures
dnsdist: Add health check logging, `maxCheckFailures` to backend
bert hubert [Thu, 18 Feb 2016 20:19:22 +0000 (21:19 +0100)]
Merge pull request #3403 from rgacogne/dnsdist-more-tests
dnsdist: Add missing QPSPoolAction & DNSSECRule. Add missing tests.
bert hubert [Thu, 18 Feb 2016 20:18:21 +0000 (21:18 +0100)]
Merge pull request #3398 from rgacogne/dnsdist-oustanding
dnsdist: Better handling of outstanding counter
Remi Gacogne [Thu, 18 Feb 2016 16:36:25 +0000 (17:36 +0100)]
dnsdist: Add health check logging, `maxCheckFailures` to backend
`maxCheckFailures` allows waiting for several health check failures
before marking a downstream server down.
Health check errors are logged only in verbose mode and if
`setVerboseHealthChecks()` is set to true.
Remi Gacogne [Thu, 18 Feb 2016 16:06:40 +0000 (17:06 +0100)]
dnsdist: Always create the default pool, clean related log messages
Remi Gacogne [Thu, 18 Feb 2016 14:01:23 +0000 (15:01 +0100)]
dnsdist: Add missing QPSPoolAction & DNSSECRule. Add missing tests.
QPSPoolAction() and DNSSECRule() are mentioned in the README but
the Lua bindings were missing.
Add missing tests for some actions and rules.
Clean existing tests a bit in the process.
Pieter Lexis [Thu, 18 Feb 2016 10:35:28 +0000 (11:35 +0100)]
Add SLES support to the build-auth-rpm script
Kees Monshouwer [Wed, 17 Feb 2016 21:07:51 +0000 (22:07 +0100)]
report OpenSSL RSA keysize in bits
bert hubert [Wed, 17 Feb 2016 16:16:27 +0000 (17:16 +0100)]
Merge pull request #3397 from mind04/missing
[WIP] add missing files for tools and testrunner to auth tar.bz2
Kees Monshouwer [Wed, 17 Feb 2016 14:56:48 +0000 (15:56 +0100)]
add missing files for tools and testrunner to auth tar.bz2
bert hubert [Wed, 17 Feb 2016 12:34:48 +0000 (13:34 +0100)]
Merge pull request #3395 from Habbie/dist-dnsrecords-hh
re-dist dnsrecords.hh
Peter van Dijk [Wed, 17 Feb 2016 11:49:56 +0000 (12:49 +0100)]
re-dist dnsrecords.hh
Pieter Lexis [Wed, 17 Feb 2016 12:02:49 +0000 (13:02 +0100)]
Merge pull request #3368 from rubenk/link-internal-libs-directly
Link our internal libs directly
Pieter Lexis [Wed, 17 Feb 2016 12:02:31 +0000 (13:02 +0100)]
Merge pull request #3225 from pieterlexis/docs-400
[Needs review] Many additions and changes to the docs
Remi Gacogne [Wed, 17 Feb 2016 11:34:39 +0000 (12:34 +0100)]
dnsdist: Better handling of outstanding counter
The outstanding value is now displayed in `showServers()` and we
set the IDS age to 0 as soon as we get a response to prevent
the maintainer thread from cleaning it up during our processing.
Remi Gacogne [Wed, 17 Feb 2016 10:35:27 +0000 (11:35 +0100)]
Merge pull request #3394 from rgacogne/dnsdist-drop
dnsdist: Fix the Drop action over UDP
Pieter Lexis [Wed, 17 Feb 2016 10:18:11 +0000 (11:18 +0100)]
Merge pull request #3373 from Habbie/single-place-builds
Give each binary a single place for building
Remi Gacogne [Wed, 17 Feb 2016 09:37:13 +0000 (10:37 +0100)]
dnsdist: Fix the Drop action over UDP
I broke the Drop action over UDP in commit
1a2a4e68b6368361981cf525e0c5cad3b63c3788 and somehow we did not
have any regression tests actually testing it.
Peter van Dijk [Tue, 16 Feb 2016 12:46:16 +0000 (13:46 +0100)]
Merge pull request #3372 from Habbie/ldap-testing
make ldap testable, add travis testing
Peter van Dijk [Tue, 16 Feb 2016 12:28:29 +0000 (13:28 +0100)]
nit
bert hubert [Tue, 16 Feb 2016 09:06:58 +0000 (10:06 +0100)]
Merge pull request #3388 from rgacogne/dnsdist-lua-lock
dnsdist: Lock the Lua context before executing a LuaAction
Remi Gacogne [Tue, 16 Feb 2016 08:44:51 +0000 (09:44 +0100)]
dnsdist: Lock the Lua context before executing a LuaAction
Otherwise the stack of the Lua context might get corrupted
whenever another Lua function (blockfilter, policy, maintenance or
another LuaAction) is simultaneously called from another thread.
We might be able to use a separate execution stack via
createThread()/lua_newthread(), but if I understand correctly how
it works, we would need to be sure that the Lua function called
does not access the global state at all, which is probably too
restrictive.
This should fix #3374, #3375, #3376, #3377, #3378, #3379, #3383,
and hopefully the random travis failures in our regression tests.