]>
granicus.if.org Git - pdns/log
Peter van Dijk [Thu, 8 Aug 2019 07:47:01 +0000 (09:47 +0200)]
Merge pull request #8174 from Habbie/4.1.x-ship-schemas
4.1.x packages: ship all mysql/postgres/sqlite schemas
Peter van Dijk [Wed, 7 Aug 2019 15:09:06 +0000 (17:09 +0200)]
4.1.x packages: ship all mysql/postgres/sqlite schemas
Peter van Dijk [Wed, 7 Aug 2019 09:05:22 +0000 (11:05 +0200)]
Merge pull request #8162 from Habbie/backport-8149-to-auth-4.1.x
auth 4.1.x: stop using select() in places where FDs can be >1023
Peter van Dijk [Wed, 7 Aug 2019 09:05:06 +0000 (11:05 +0200)]
Merge pull request #8157 from tcely/patch-4
gpgsqlbackend: add missing schema file to Makefile
Peter van Dijk [Wed, 31 Jul 2019 14:57:03 +0000 (16:57 +0200)]
remotebackend pipeconnector: stop using select()
(cherry picked from commit
24cc241457124f986e6ab35f2530c8b633408c9c )
Peter van Dijk [Wed, 31 Jul 2019 13:59:54 +0000 (15:59 +0200)]
pipebackend coprocess: stop using select()
(cherry picked from commit
445ec75038e068e5bb1afc8ebe43f7ea1e104a54 )
tcely [Sun, 4 Aug 2019 09:12:30 +0000 (05:12 -0400)]
gpgsqlbackend: add missing schema file to Makefile
Peter van Dijk [Tue, 30 Jul 2019 14:42:03 +0000 (16:42 +0200)]
Merge pull request #8144 from Habbie/auth-4.1.x-pg32bit
auth 4.1.x: adjust gpgsql schema for advisory 2019-06
Peter van Dijk [Tue, 30 Jul 2019 13:40:09 +0000 (15:40 +0200)]
adjust gpgsql schema for advisory 2019-06
Peter van Dijk [Thu, 20 Jun 2019 20:02:00 +0000 (22:02 +0200)]
Merge pull request #7964 from Habbie/auth-4.1.x-7662-redux
catch name & IP parse errors during outgoing notify preparations
Peter van Dijk [Thu, 20 Jun 2019 11:04:30 +0000 (13:04 +0200)]
catch name & IP parse errors during outgoing notify preparations
Peter van Dijk [Thu, 20 Jun 2019 11:03:11 +0000 (13:03 +0200)]
Revert "Fix fatal exception on unparseable slave addresses."
This reverts commit
2c75693e72abe792e0bf9b55c5f8f443fa220160 .
Peter van Dijk [Mon, 17 Jun 2019 09:35:50 +0000 (11:35 +0200)]
Merge pull request #7922 from Habbie/auth-4.1.x-backport-superslave
backport superslave setting to 4.1.x, but default to yes
Peter van Dijk [Wed, 12 Jun 2019 20:25:26 +0000 (22:25 +0200)]
Merge pull request #7921 from Habbie/backport-7706
backport: No longer filter DNSSEC metadata when DNSSEC is enabled in gsql
Peter van Dijk [Wed, 12 Jun 2019 19:28:37 +0000 (21:28 +0200)]
Merge pull request #7913 from Habbie/backport-7899
backport #7899: switch circleci mssql image
Peter van Dijk [Wed, 12 Jun 2019 18:10:37 +0000 (20:10 +0200)]
backport superslave setting to 4.1.x, but default to yes
bert hubert [Wed, 10 Apr 2019 16:59:23 +0000 (18:59 +0200)]
No longer filter DNSSEC metadata when DNSSEC is enabled in gsql
As noted in #7705, gsql getAllDomainMetadata() did not return all domain
metadata. This function would always filter DNSSEC related metadata, even
if a backend was configured to support DNSSEC.
(cherry picked from commit
d97e1ae1430a1e66893e8156bdf1c7232d3d0331 )
Peter van Dijk [Wed, 12 Jun 2019 09:46:27 +0000 (11:46 +0200)]
backport #7899: switch circleci mssql image
Peter van Dijk [Tue, 11 Jun 2019 08:17:49 +0000 (10:17 +0200)]
Merge pull request #7663 from omoerbeek/backport-7662
auth 4.1.x: backport 7662 Do not exit on exception resolving addresses to notify
Otto Moerbeek [Tue, 28 May 2019 14:39:08 +0000 (16:39 +0200)]
Merge pull request #7829 from omoerbeek/backport-7790
auth backport 7790 to 4.1.x: Minimal fix to avoid busy looping on lots of notifies.
Otto Moerbeek [Wed, 3 Apr 2019 12:10:22 +0000 (14:10 +0200)]
Fix fatal exception on unparseable slave addresses.
Backport of https://github.com/PowerDNS/pdns/pull/7662
Otto Moerbeek [Fri, 10 May 2019 11:45:00 +0000 (13:45 +0200)]
Minimal fix to avoid busy looping. The condition_variable varant showed
spurious failures on travis so go for the minimial fix.
aerique [Fri, 22 Mar 2019 08:43:15 +0000 (09:43 +0100)]
Merge pull request #7613 from Habbie/circleci-auth-4.1.x
auth-4.1.x: set up circleCI testing for auth+godbc+mssql
Peter van Dijk [Fri, 15 Mar 2019 13:24:58 +0000 (14:24 +0100)]
set up circleCI testing for auth+godbc+mssql
(cherry picked from commit
fbd89850013536ecad8da2368d136f092d355388 )
Pieter Lexis [Thu, 21 Mar 2019 16:14:52 +0000 (17:14 +0100)]
Merge pull request #7604 from rgacogne/auth41-backport-7494
[backport to auth-4.1.x] Correctly interpret an empty AXFR response to an IXFR query
aerique [Thu, 21 Mar 2019 14:02:46 +0000 (15:02 +0100)]
Merge pull request #7610 from aerique/backport/7341-ipv4-any-check
[backport to auth-4.1.x] Fix replying from ANY address for non-standard port
Remi Gacogne [Thu, 21 Mar 2019 13:28:55 +0000 (14:28 +0100)]
Merge pull request #7609 from aerique/backport/7580-narrow-rectify
[backport to auth-4.1.x] Rectify for ent records in narrow zones was slightly wrong
Remi Gacogne [Thu, 21 Mar 2019 12:54:41 +0000 (13:54 +0100)]
Merge pull request #7607 from aerique/backport/7472-do-not-compress-root
[backport to auth-4.1.x] Do not compress the root
Remi Gacogne [Thu, 21 Mar 2019 12:54:32 +0000 (13:54 +0100)]
Merge pull request #7608 from aerique/backport/7459-fix-dot-strip-setcontent
[backport to auth-4.1.x] fix dot stripping in setContent()
bert hubert [Mon, 7 Jan 2019 14:28:37 +0000 (15:28 +0100)]
Fix replying from ANY address for non-standard port
Previously, we would not recognize 0.0.0.0:5300 or even 0.0.0.0:53 as the 'any' address, leading us to answer from the wrong address.
(cherry picked from commit
36025a51ed16e31e5d186b2c126ef1178a39a569 )
Kees Monshouwer [Fri, 15 Mar 2019 11:14:57 +0000 (12:14 +0100)]
auth: small optimization in the rectify code for optout narrow zones
(cherry picked from commit
2885750af64e945ba475fd02f7f3cd5194052202 )
Kees Monshouwer [Thu, 14 Mar 2019 22:51:23 +0000 (23:51 +0100)]
auth: Rectify for ent records in narrow zones was slightly wrong.
(cherry picked from commit
666c721173d00d55953b86941099874867bae2c3 )
Remi Gacogne [Thu, 21 Mar 2019 11:39:58 +0000 (12:39 +0100)]
Merge pull request #7605 from rgacogne/auth41-backport-7496
[backport to auth-4.1.x] Catch exception when parsing a zone's SOA in getUnfreshSlaveInfos()
Kees Monshouwer [Thu, 7 Feb 2019 13:25:14 +0000 (14:25 +0100)]
auth: fix dot stripping in setContent()
(cherry picked from commit
0583946ff70d73b5da579db1d81c9c374adf2cc3 )
Kees Monshouwer [Sun, 10 Feb 2019 22:25:49 +0000 (23:25 +0100)]
Do not compress the root
(cherry picked from commit
2d6c4fcb18ec7ae1ef689656ce6d52b399cc26a9 )
Remi Gacogne [Wed, 20 Mar 2019 14:34:22 +0000 (15:34 +0100)]
Merge pull request #7603 from aerique/backport/7294-patch-tcp-close-fd
[backport to auth-4.1.x] prevent leak of file descriptor if running out of ports for incoming AXFR
Remi Gacogne [Wed, 20 Mar 2019 14:34:14 +0000 (15:34 +0100)]
Merge pull request #7602 from aerique/backport/7546-fix-search-query
[backport to auth-4.1.x] gsqlbackend: Reset correct query in searchComments
Remi Gacogne [Mon, 18 Feb 2019 15:16:04 +0000 (16:16 +0100)]
auth: Catch exception when parsing a zone's SOA in getUnfreshSlaveInfos()
(cherry picked from commit
a6037f784da39d9cd784226fcc1a278383eb99a1 )
Remi Gacogne [Mon, 18 Feb 2019 12:07:14 +0000 (13:07 +0100)]
Correctly interpret an empty AXFR response to an IXFR query
(cherry picked from commit
98b3317609b2783d1bfd5da99edc81af28f4e1d6 )
bert hubert [Wed, 19 Dec 2018 09:08:39 +0000 (10:08 +0100)]
prevent leak of file descriptor if running out of ports for incoming AXFR
(cherry picked from commit
f852aff670c19b7dac9a0cef2c3912ebd8946201 )
Aki Tuomi [Thu, 7 Mar 2019 11:19:04 +0000 (13:19 +0200)]
gsqlbackend: Reset correct query in searchComments
(cherry picked from commit
b7309408d65edc2365392bb4c24f7a39696a880b )
Pieter Lexis [Tue, 19 Mar 2019 12:09:13 +0000 (13:09 +0100)]
Merge pull request #7509 from Habbie/4.1.x-mysqlthreadcloser
plug mysql_thread_init memory leak, fixes #6231
Pieter Lexis [Tue, 19 Mar 2019 12:07:44 +0000 (13:07 +0100)]
Merge pull request #7567 from pieterlexis/41-el6-compiler-optimizations
EL6: fix CXXFLAGS to build with compiler optimizations
Remi Gacogne [Mon, 18 Mar 2019 08:21:15 +0000 (09:21 +0100)]
Merge pull request #7577 from rgacogne/auth41-remotebackend
auth-4.1.x: remotebackend: http connector - Properly escape parameters
Remi Gacogne [Wed, 13 Mar 2019 16:46:27 +0000 (17:46 +0100)]
auth: Parse the HTTP URL when the remote backend is initialized
(cherry picked from commit
a11a87c8eacb146b2c4a036f9a0817d704c8e925 )
Aki Tuomi [Wed, 13 Mar 2019 18:06:09 +0000 (20:06 +0200)]
remotebackend: http connector - Properly escape parameters
(cherry picked from commit
6de3be832cbab7805ab5215dce503d11d8769414 )
Pieter Lexis [Mon, 11 Mar 2019 16:30:31 +0000 (17:30 +0100)]
EL6: fix CXXFLAGS to build with compiler optimizations
Peter van Dijk [Fri, 1 Mar 2019 12:03:02 +0000 (13:03 +0100)]
plug mysql_thread_init memory leak
Remi Gacogne [Fri, 4 Jan 2019 08:42:54 +0000 (09:42 +0100)]
Merge pull request #7325 from rgacogne/auth41-travis-rubygems-issue
auth-4.1.x: Update rubygems in travis (for bundler)
Pieter Lexis [Thu, 3 Jan 2019 10:08:32 +0000 (11:08 +0100)]
Update rubygems in travis (for bundler)
(cherry picked from commit
2a5c0b379f0bc256cb92920e3be56139f5bcdc29 )
Remi Gacogne [Thu, 13 Dec 2018 16:21:37 +0000 (17:21 +0100)]
Merge pull request #7279 from rgacogne/auth41-multiple-cnames-rrset
auth-4.1.x: Prevent more than one CNAME/SOA record in the same RRset
Remi Gacogne [Thu, 13 Dec 2018 14:36:42 +0000 (15:36 +0100)]
Merge pull request #7280 from rgacogne/auth41-fix-rsa-key-size-api-test
auth-4.1.x: Use a realistic RSA key size for testing rsasha256 via the API
Remi Gacogne [Thu, 13 Dec 2018 10:00:25 +0000 (11:00 +0100)]
auth: Use a realistic RSA key size for testing rsasha256 via the API
We used to request the creation of a 256-bit RSA key, which OpenSSL
refuses from 1.1.1 onward. 1.1.0 used to accept everything larger
than 16 bits (!) but in 1.1.1 512 (RSA_MIN_MODULUS_BITS) is the
minimum.
Remi Gacogne [Wed, 12 Dec 2018 15:33:21 +0000 (16:33 +0100)]
auth: Add a whitespace before the last type and '}'
(cherry picked from commit
5089d622acf70da9ca6f8877d400f05b40cc23c1 )
Remi Gacogne [Wed, 12 Dec 2018 13:38:07 +0000 (14:38 +0100)]
auth: Prevent more than one CNAME/SOA record in the same RRset
(cherry picked from commit
7f20132510ca9088304004504d34a2f9db5e0336 )
Remi Gacogne [Wed, 12 Dec 2018 13:35:32 +0000 (14:35 +0100)]
auth: Add an API test for multiple CNAME records in the same RRset
(cherry picked from commit
8b1fa85de2f5cd33ce84f78de3a700bc5d2fb512 )
Remi Gacogne [Tue, 20 Nov 2018 09:15:44 +0000 (10:15 +0100)]
Merge pull request #7213 from Habbie/backport-7212
upgrade to jdnssec-tools 0.14
Peter van Dijk [Fri, 16 Nov 2018 16:07:42 +0000 (17:07 +0100)]
upgrade to jdnssec-tools 0.14
(cherry picked from commit
20445e6958184a6ca1e1eb7339434f6e77a8bb45 )
aerique [Tue, 6 Nov 2018 15:20:14 +0000 (16:20 +0100)]
Merge pull request #7149 from aerique/auth41-sec-201810
PowerDNS Authoritative Server 4.1.5
Peter van Dijk [Mon, 5 Nov 2018 10:08:27 +0000 (11:08 +0100)]
Merge pull request #7121 from rgacogne/auth415-backports
Authoritative 4.1.5 backports
Pieter Lexis [Wed, 31 Oct 2018 22:16:17 +0000 (23:16 +0100)]
Merge pull request #7118 from pieterlexis/auth-41-el6-fix
auth 4.1 build: Switch to devtoolset 7 for el6
Remi Gacogne [Wed, 31 Oct 2018 15:15:20 +0000 (16:15 +0100)]
Backport #6913
Remi Gacogne [Wed, 31 Oct 2018 15:15:15 +0000 (16:15 +0100)]
Backport #6948
Remi Gacogne [Wed, 31 Oct 2018 15:15:09 +0000 (16:15 +0100)]
Backport #6917
Peter van Dijk [Fri, 31 Aug 2018 20:41:21 +0000 (22:41 +0200)]
actually truncate truncated responses; fixes #6912
(cherry picked from commit
cdc8ccd71098ee679de85bf0a8e0ada017ed45a4 )
Remi Gacogne [Sat, 8 Sep 2018 15:15:14 +0000 (17:15 +0200)]
Fix compilation with LibreSSL 2.7.0+
(cherry picked from commit
1648b8ff39c705fdee526cd73bf2652982b80087 )
Remi Gacogne [Mon, 3 Sep 2018 07:43:45 +0000 (09:43 +0200)]
Release memory in case of error in the OpenSSL ECDSA constructor
The current code will only fail to release the allocated memory if
called with an invalid algorithm, which won't happen, or if a
memory allocation fails in which case this might not matter much.
Still, it's cleaner to release the memory properly and might avoid
mistakes later if we look at this code while implementing a new
crypto backend.
(cherry picked from commit
b141d89b27e52c3a8e76ca79ec5201d001f4fce9 )
Pieter Lexis [Wed, 31 Oct 2018 13:51:50 +0000 (14:51 +0100)]
auth 4.1 build: Switch to devtoolset 7 for el6
Fixed on master by #7040
Remi Gacogne [Wed, 31 Oct 2018 13:26:47 +0000 (14:26 +0100)]
auth: Add missing ednscookies.hh dependency to the Makefile
(cherry picked from commit
edb705fbe5476617b524fe05e98ee8d41485c07c )
Remi Gacogne [Thu, 19 Jul 2018 13:52:40 +0000 (15:52 +0200)]
Do full packet comparison in the packet caches in addition to the hash
(cherry picked from commit
aab08a02344a66e14572cf63129d157d6e7ba8c9 )
(cherry picked from commit
b9062eae2599aee60802d90ef91afcb9fac49fe5 )
Remi Gacogne [Wed, 23 May 2018 08:35:17 +0000 (10:35 +0200)]
Allocate DNSRecord objects as smart pointers right away
(cherry picked from commit
1339125af5afe6d6ecfe0a500c5fdc76d790459d )
(cherry picked from commit
ab553ca2c28d72e1031fae1ebac88c7fbc74a6b1 )
Peter van Dijk [Mon, 17 Sep 2018 13:33:39 +0000 (15:33 +0200)]
Merge pull request #6976 from pieterlexis/backport-6811
apply ALIAS scopemask after chasing
Peter van Dijk [Thu, 26 Jul 2018 12:28:16 +0000 (14:28 +0200)]
apply ALIAS scopemask after chasing
(cherry picked from commit
0abea1ca19249f9028e85dec3cf7535d0598fede )
Remi Gacogne [Fri, 14 Sep 2018 12:18:39 +0000 (14:18 +0200)]
Merge pull request #6972 from rgacogne/auth41-unfck-sphinx
auth-4.1.x: Sphinx 1.8.0 seems broken, use any other version available instead
Remi Gacogne [Fri, 14 Sep 2018 07:48:38 +0000 (09:48 +0200)]
Sphinx 1.8.0 seems broken, use any other version available instead
(cherry picked from commit
424a5ee31cd82870da5e1df4b908735967e2912a )
Pieter Lexis [Wed, 29 Aug 2018 11:59:49 +0000 (13:59 +0200)]
Merge pull request #6866 from pieterlexis/auth-414-backports
Authoritative server 4.1.4 backports
Pieter Lexis [Wed, 22 Aug 2018 11:22:57 +0000 (13:22 +0200)]
Backport #6590
Remi Gacogne [Wed, 9 May 2018 15:06:40 +0000 (17:06 +0200)]
Fix warnings reported by GCC 8.1.0
- polymorphic exceptions caught by value
- ComboAddress objects manipulated via `memset()`
(cherry picked from commit
d38e2ba97a78aa9dfc894fc4e13a6f3a410dd31a )
Pieter Lexis [Tue, 21 Aug 2018 13:41:35 +0000 (15:41 +0200)]
Backport #6857
Pieter Lexis [Tue, 21 Aug 2018 12:01:29 +0000 (14:01 +0200)]
Backport #6858
Klaus Darilion [Thu, 16 Aug 2018 14:50:05 +0000 (14:50 +0000)]
Delete a zone from the list of failed slave-checks on incoming NOTIFY and fix d_lock handling
- If the master is not available, PDNS uses an incrmental backoff for SOA-checks to avoid
constant SOA checks on the failed master server. If the master server comes back to life
and sends a NOTIFY, the NOTIFY is ignored due to the backoff. This patch removes the zone
from the list of failed slave-checks to allow immediate checking.
- Debug-Log if a slave-check was skipped due to incremental backoff feature
- Fix d_lock handling according to comments on https://github.com/PowerDNS/pdns/pull/6819
- Be more verbose about the consequences of a failed SOA check
(cherry picked from commit
f1a7ff7ab183fd6e92b21cff30ecddef22b666d2 )
Peter van Dijk [Mon, 20 Aug 2018 07:38:42 +0000 (09:38 +0200)]
change 0 to nullptr
(cherry picked from commit
3abd2f75e3af499f2c46d9af9b413196ae18a1a2 )
Peter van Dijk [Thu, 16 Aug 2018 17:55:45 +0000 (19:55 +0200)]
rfc2136: do lookups in the right zone
(cherry picked from commit
f1e5fdc732aca18205108e7a2d2e6c5200e3b896 )
Peter van Dijk [Thu, 16 Aug 2018 20:46:41 +0000 (22:46 +0200)]
add test for parent/child confusion
(cherry picked from commit
c9ff6ee5b6c8cb1263c4fc726cfc781e3b8e0064 )
Peter van Dijk [Thu, 16 Aug 2018 20:03:09 +0000 (22:03 +0200)]
add sub.test.dyndns zone, add occluded record to parent
(cherry picked from commit
ebca4e78fef89de4d32fa4cde01c69395c3e2de6 )
Peter van Dijk [Thu, 16 Aug 2018 19:23:04 +0000 (21:23 +0200)]
use gsort when available, because sort -V is a GNU extension
(cherry picked from commit
da25a468e4cc99af89da4730d32ea0ed3b8643a5 )
Peter van Dijk [Thu, 16 Aug 2018 19:15:59 +0000 (21:15 +0200)]
after a db lookup, always finish the get cycle
(cherry picked from commit
e2136c35b317c408434eaec8c0f9ee288d9b9f38 )
Pieter Lexis [Tue, 21 Aug 2018 10:25:22 +0000 (12:25 +0200)]
Backport #6738
Pieter Lexis [Tue, 21 Aug 2018 10:25:09 +0000 (12:25 +0200)]
Backport #6691
Pieter Lexis [Tue, 21 Aug 2018 10:24:57 +0000 (12:24 +0200)]
Backport #6686
Pieter Lexis [Tue, 21 Aug 2018 10:24:43 +0000 (12:24 +0200)]
Backport #6844
Pieter Lexis [Tue, 21 Aug 2018 10:24:37 +0000 (12:24 +0200)]
Backport #6648
Remi Gacogne [Thu, 14 Jun 2018 13:30:09 +0000 (15:30 +0200)]
auth: Reset the TSIG state between queries
(cherry picked from commit
b79927213eea1989a067711c61471428e092b4c6 )
Klaus Darilion [Tue, 24 May 2016 13:23:56 +0000 (13:23 +0000)]
pdns_control notify: make sure PDNS is either master, or slave with renotify
(cherry picked from commit
e64b1e21a4090316c06ef9b7112092db6bb4feff )
(cherry picked from commit
0c54189148e31230768b67f2338991e94927d49d )
Chris Hofstaedtler [Mon, 28 May 2018 14:51:03 +0000 (16:51 +0200)]
Initialize some missed qtypes
(cherry picked from commit
19abacc814311193e827905466658312471af412 )
Chris Hofstaedtler [Fri, 10 Aug 2018 12:46:05 +0000 (14:46 +0200)]
Workaround MariaDB pretending to be MySQL
(cherry picked from commit
7906a5d37203a8c3c4fb130d482442c3ba151e3b )
Chris Hofstaedtler [Tue, 22 May 2018 12:12:41 +0000 (14:12 +0200)]
gmysql: Use future-proof statement for transaction isolation
(cherry picked from commit
c11d8368ddc369ff8473dbcb619b17b6a1cf7e38 )
Remi Gacogne [Thu, 2 Aug 2018 16:02:43 +0000 (18:02 +0200)]
Merge pull request #6817 from rgacogne/auth41-api-strict-ordering
auth-4.1.x: Backport #6816: Make sure that we use strict weak records ordering in the API
Remi Gacogne [Mon, 30 Jul 2018 12:40:10 +0000 (14:40 +0200)]
auth: Make sure that we use strict weak records ordering in the API
(cherry picked from commit
f2d6dcc017a05fb5e4f9ba1349c568ff43ce9bb9 )
Pieter Lexis [Thu, 12 Jul 2018 13:41:56 +0000 (15:41 +0200)]
Merge pull request #6790 from Habbie/backport-6780
backport: avoid concurrent records/comments iteration from running out of sync