]>
granicus.if.org Git - pdns/log
Remi Gacogne [Thu, 12 Oct 2017 15:54:48 +0000 (17:54 +0200)]
Merge pull request #5816 from rgacogne/auth34-travis-encrypt-channel
Backport #5802: Encrypt the IRC channel name so notifications are not sent for forks
Remi Gacogne [Mon, 9 Oct 2017 08:46:59 +0000 (10:46 +0200)]
Encrypt the IRC channel name so notifications are not sent for forks
(cherry picked from commit
f4614876f16ac3223786b26b18a4386045102f09)
Peter van Dijk [Mon, 21 Aug 2017 15:11:03 +0000 (17:11 +0200)]
travis: use precise image
Pieter Lexis [Fri, 13 Jan 2017 08:10:58 +0000 (09:10 +0100)]
Merge pull request #4884 from rgacogne/auth34-spurious-rrs
Backport #4882: Don't parse spurious RRs in queries when we don't need them
Pieter Lexis [Fri, 13 Jan 2017 08:10:52 +0000 (09:10 +0100)]
Merge pull request #4888 from rgacogne/auth34-webserver-exit
Backport #4887: auth: Don't exit if the webserver can't accept a connection
Pieter Lexis [Fri, 13 Jan 2017 08:10:42 +0000 (09:10 +0100)]
Merge pull request #4894 from rgacogne/auth34-tsig-ixfr
Backport #4893: auth: Fix TSIG computation
Remi Gacogne [Tue, 11 Oct 2016 14:03:39 +0000 (16:03 +0200)]
Don't parse spurious RRs in queries when we don't need them
Pieter Lexis [Thu, 12 Jan 2017 13:15:00 +0000 (14:15 +0100)]
Merge pull request #4890 from rgacogne/auth34-unknown-record-content-size
Backport #4889: auth: Correctly check unknown record content size
Remi Gacogne [Thu, 15 Sep 2016 14:41:32 +0000 (16:41 +0200)]
auth: Don't exit if the webserver can't accept a connection
This could lead to a Denial Of Service, before we even got a chance
to check that the remote client is allowed by the ACL.
Reported by mongo (thanks!).
(cherry picked from commit
a84b0d994dfc39d4379050ff9249891ed3e82f56)
Pieter Lexis [Tue, 10 Jan 2017 17:48:52 +0000 (18:48 +0100)]
Merge pull request #4455 from klaus3000/auth-3.4.x-serial0
backport: handle SOAs with serial 0 correctly in incoming AXFR
Remi Gacogne [Fri, 9 Dec 2016 09:11:38 +0000 (10:11 +0100)]
auth: Fix TSIG computation
Peter van Dijk [Mon, 5 Dec 2016 10:17:55 +0000 (11:17 +0100)]
Merge pull request #4731 from Habbie/auth-3.4.x-travis-only-auth
do not build/test recursor, docs
Peter van Dijk [Fri, 2 Dec 2016 19:40:24 +0000 (20:40 +0100)]
do not build/test recursor, docs
Peter van Dijk [Fri, 11 Nov 2016 19:35:12 +0000 (20:35 +0100)]
Merge pull request #4630 from rgacogne/auth-34-web-rings-leak
Backport #4550: auth: Fix a possible memory leak in the webserver
Peter van Dijk [Fri, 11 Nov 2016 19:35:00 +0000 (20:35 +0100)]
Merge pull request #4631 from rgacogne/auth-34-off-by-one-http-remote
Backport #4544: auth: Fix a stack-based off-by-one write in the HTTP remote backend
Remi Gacogne [Fri, 7 Oct 2016 13:04:12 +0000 (15:04 +0200)]
auth: Fix a possible memory leak in the webserver
Reported by mongo (thanks!).
(cherry picked from commit
bea69e320e7f3ec4b9e607f6492a58f01b4fe9bf)
Remi Gacogne [Tue, 25 Oct 2016 15:40:09 +0000 (17:40 +0200)]
auth: Correctly check unknown record content size
Pieter Lexis [Mon, 24 Oct 2016 22:24:34 +0000 (00:24 +0200)]
Merge pull request #4590 from rgacogne/auth-34-lower-notify
auth: Lowercase the qname in getDomainInfo() and isMaster()
Remi Gacogne [Wed, 19 Oct 2016 16:25:42 +0000 (18:25 +0200)]
auth: Lowercase the qname in getDomainInfo() and isMaster()
The generic SQL and bind backends were not properly lowercasing the
qname in `getDomainInfo()` and `isMaster()`.
Klaus Darilion [Tue, 5 Apr 2016 07:09:21 +0000 (07:09 +0000)]
handle SOAs with serial 0 correctly in incoming AXFR
(cherry picked from commit
d3c9e1df6ce74dee576f81f383f4aa5decea8c62)
Peter van Dijk [Fri, 2 Sep 2016 09:06:01 +0000 (11:06 +0200)]
Merge pull request #4400 from mind04/3.4.x
packet cache and TSIG-enabled queries
Remi Gacogne [Tue, 23 Aug 2016 13:51:11 +0000 (15:51 +0200)]
auth: Don't look up the packet cache for TSIG-enabled queries
We are rightfully careful about not caching responses for TSIG-enabled
queries, but we would nevertheless happily serve cached entries for those.
Peter van Dijk [Thu, 1 Sep 2016 09:02:38 +0000 (11:02 +0200)]
Merge pull request #4347 from mind04/anytotcp3
change default for any-to-tcp to yes
Remi Gacogne [Mon, 29 Aug 2016 15:10:09 +0000 (17:10 +0200)]
auth: Fix a stack-based off-by-one write in the HTTP remote backend
Reported by mongo (thanks!).
Kees Monshouwer [Mon, 22 Aug 2016 19:21:07 +0000 (21:21 +0200)]
change default for any-to-tcp to yes
Pieter Lexis [Mon, 22 Aug 2016 08:26:00 +0000 (10:26 +0200)]
Merge pull request #4333 from mind04/3.4.x
3.4.x
Kees Monshouwer [Thu, 18 Aug 2016 22:01:47 +0000 (00:01 +0200)]
enable mbedtls threading abstraction layer
Kees Monshouwer [Thu, 18 Aug 2016 20:41:37 +0000 (22:41 +0200)]
fix travis
Kees Monshouwer [Thu, 18 Aug 2016 20:37:31 +0000 (22:37 +0200)]
update copyright
Kees Monshouwer [Thu, 18 Aug 2016 20:31:54 +0000 (22:31 +0200)]
update polarssl 1.3.9 to mbedtls 1.3.17
Kees Monshouwer [Tue, 2 Aug 2016 19:09:46 +0000 (21:09 +0200)]
report DHCID type
Kees Monshouwer [Sun, 7 Aug 2016 23:02:48 +0000 (01:02 +0200)]
fix TSIG for single thread distributor
Peter van Dijk [Fri, 29 Jul 2016 10:14:10 +0000 (12:14 +0200)]
Merge pull request #4248 from mind04/3.4.x
direct nsec nxdomain
Kees Monshouwer [Thu, 28 Jul 2016 14:03:21 +0000 (16:03 +0200)]
test response for non existent direct nsec queries
Kees Monshouwer [Thu, 28 Jul 2016 13:17:39 +0000 (15:17 +0200)]
don't send covering nsec records for direct nsec queries
Pieter Lexis [Thu, 28 Jul 2016 07:50:15 +0000 (09:50 +0200)]
Merge pull request #4235 from rgacogne/auth-3.4.x-stricter-parse
Reject qname's wirelength > 255, `chopOff()` handle dot inside labels
Pieter Lexis [Thu, 28 Jul 2016 07:49:58 +0000 (09:49 +0200)]
Merge pull request #4229 from mind04/signer
ignore tailing dot in signer name
Kees Monshouwer [Sat, 23 Jul 2016 11:42:32 +0000 (13:42 +0200)]
ignore tailing dot in signer name
Peter van Dijk [Thu, 21 Jul 2016 09:41:36 +0000 (11:41 +0200)]
Merge pull request #4134 from rgacogne/auth-3.4-issue-4128
Add limits to the size of received AXFR, in megabytes
Remi Gacogne [Thu, 7 Jul 2016 14:17:22 +0000 (16:17 +0200)]
Add limits to the size of received AXFR, in megabytes
This prevents resource exhaustion in case the master is sending a
very large amount of data in an update.
Remi Gacogne [Fri, 1 Jul 2016 13:30:20 +0000 (15:30 +0200)]
Reject qname's wirelength > 255, `chopOff()` handle dot inside labels
Pieter Lexis [Tue, 28 Jun 2016 15:27:03 +0000 (17:27 +0200)]
Merge pull request #4060 from mind04/auth-3.4.x
some small changes and a huge mysql dnssec performance improvement
Kees Monshouwer [Tue, 21 Jun 2016 16:23:10 +0000 (18:23 +0200)]
gmysql get-order-after-query was ^%0@^* slow
Kees Monshouwer [Mon, 20 Jun 2016 09:34:53 +0000 (11:34 +0200)]
sync boost.m4 with upstream
the parts where we differ are filed upstream as:
https://github.com/tsuna/boost.m4/pull/83
Kees Monshouwer [Sat, 18 Jun 2016 13:16:03 +0000 (15:16 +0200)]
fix shorter best matching names in getAuth()
Pieter Lexis [Wed, 18 May 2016 10:32:08 +0000 (12:32 +0200)]
Merge pull request #3864 from Habbie/3.4.x-noppa
stop using the boost ppa
Peter van Dijk [Tue, 17 May 2016 12:16:33 +0000 (14:16 +0200)]
stop using the boost ppa
Peter van Dijk [Fri, 13 May 2016 11:20:53 +0000 (13:20 +0200)]
Merge pull request #3850 from pieterlexis/issue-3652-disable-syslog-3.4
Add disable syslog setting for 3.4
Peter van Dijk [Fri, 13 May 2016 11:14:58 +0000 (13:14 +0200)]
Merge pull request #3848 from mind04/auth-3.4.9
check for OpenSSL ecdsa support
Kees Monshouwer [Wed, 11 May 2016 14:47:06 +0000 (16:47 +0200)]
check for OpenSSL ecdsa support
Pieter Lexis [Tue, 15 Mar 2016 10:51:43 +0000 (11:51 +0100)]
Add a disable-syslog setting
This allows the use of e.g. the `Type=simple` in systemd and prevents
the double logging issue.
Pieter Lexis [Tue, 10 May 2016 16:54:43 +0000 (18:54 +0200)]
Merge pull request #3770 from mind04/soa-cache
fix SOA caching with multiple backends (3.4.9)
Pieter Lexis [Tue, 10 May 2016 16:54:35 +0000 (18:54 +0200)]
Merge pull request #3771 from mind04/csk
allow common signing key
Pieter Lexis [Tue, 10 May 2016 16:54:01 +0000 (18:54 +0200)]
Merge pull request #3777 from mind04/ecdsa
add openssl ecdsa signer
Pieter Lexis [Fri, 6 May 2016 13:12:33 +0000 (15:12 +0200)]
Merge pull request #3822 from mind04/gcc61-auth-3.4.9
add gcc 6.1 support to boost.m4
Kees Monshouwer [Thu, 5 May 2016 12:52:20 +0000 (14:52 +0200)]
add gcc 6.1 support to boost.m4
Pieter Lexis [Thu, 28 Apr 2016 08:29:28 +0000 (10:29 +0200)]
Merge pull request #3769 from mind04/parser
backport parser fixes
Kees Monshouwer [Tue, 26 Apr 2016 12:12:11 +0000 (14:12 +0200)]
move logging to DLOG()
Kees Monshouwer [Tue, 26 Apr 2016 12:03:27 +0000 (14:03 +0200)]
fix SOA caching with multiple backends
Kees Monshouwer [Mon, 4 Apr 2016 08:51:16 +0000 (10:51 +0200)]
add openssl ecdsa signer
Kees Monshouwer [Mon, 4 Apr 2016 08:39:17 +0000 (10:39 +0200)]
allow common signing key
bert hubert [Sat, 2 Apr 2016 13:16:45 +0000 (15:16 +0200)]
tabs are whitespace too!
Peter van Dijk [Mon, 14 Mar 2016 15:01:24 +0000 (16:01 +0100)]
strip all types of whitespace from around content while parsing zones, fixes #3568
Peter van Dijk [Thu, 17 Mar 2016 10:20:18 +0000 (11:20 +0100)]
Merge pull request #3581 from mind04/auth-3.4.9
bindbackend: fix, set domain in list()
Kees Monshouwer [Tue, 15 Mar 2016 15:54:15 +0000 (16:54 +0100)]
bindbackend: fix, set domain in list()
Peter van Dijk [Tue, 2 Feb 2016 20:22:35 +0000 (21:22 +0100)]
Merge pull request #3325 from mind04/auth-3.4.8
Auth 3.4.8
Kees Monshouwer [Tue, 2 Feb 2016 18:25:28 +0000 (19:25 +0100)]
silence g++ 6.0 warnings and error
Kees Monshouwer [Tue, 2 Feb 2016 17:46:56 +0000 (18:46 +0100)]
pdnssec: check all records (including disabled ones) in verbose mode
Kees Monshouwer [Tue, 2 Feb 2016 17:45:03 +0000 (18:45 +0100)]
add gcc 5.3 and 6.0 support to boost.m4
Peter van Dijk [Tue, 2 Feb 2016 14:40:16 +0000 (15:40 +0100)]
Merge pull request #3272 from pieterlexis/3.4-zone2sql-crash-on-broken-soa
ZoneParser: Throw PDNSException on too many SOA data elements
Pieter Lexis [Wed, 20 Jan 2016 14:28:32 +0000 (15:28 +0100)]
ZoneParser: Throw PDNSException on too many SOA data elements
Closes #3270
Pieter Lexis [Wed, 20 Jan 2016 09:55:29 +0000 (10:55 +0100)]
Merge pull request #3263 from pieterlexis/3.4-musl-fixes
3.4 musl fixes
Pieter Lexis [Tue, 19 Jan 2016 20:25:28 +0000 (21:25 +0100)]
Enable IPv6 in Travis
Ruben Kerkhof [Fri, 2 Jan 2015 19:05:39 +0000 (20:05 +0100)]
Use AC_SEARCH_LIBS
Ruben Kerkhof [Fri, 2 Jan 2015 18:54:28 +0000 (19:54 +0100)]
Indent
Ruben Kerkhof [Fri, 2 Jan 2015 18:53:46 +0000 (19:53 +0100)]
Check for inet_aton in libresolv
Ruben Kerkhof [Wed, 24 Dec 2014 19:22:04 +0000 (20:22 +0100)]
Remove hardcoded -lresolv, -lnsl and -lsocket
We already check for the functions we need in libnsl
and libsocket, and I assume we don't need libresolv
Pieter Lexis [Tue, 12 Jan 2016 08:46:36 +0000 (09:46 +0100)]
Merge pull request #3208 from pieterlexis/3.4-pdnssec-disabled-records
pdnssec: don't check disabled records
Pieter Lexis [Mon, 11 Jan 2016 09:09:21 +0000 (10:09 +0100)]
pdnssec: don't check disabled records
Closes #3184
Peter van Dijk [Fri, 11 Dec 2015 13:29:53 +0000 (14:29 +0100)]
Merge pull request #3021 from mind04/auth-3.4.8
traling dot in DNAME content
Kees Monshouwer [Fri, 11 Dec 2015 00:30:44 +0000 (01:30 +0100)]
traling dot in DNAME content
Pieter Lexis [Thu, 5 Nov 2015 08:24:06 +0000 (09:24 +0100)]
Merge pull request #2859 from pieterlexis/3.4.8-freebsd-i386
Fix luabackend compilation on FreeBSD i386
RvdE [Sat, 1 Feb 2014 12:33:07 +0000 (13:33 +0100)]
Fix luabackend compilation on FreeBSD i386
Pieter Lexis [Tue, 3 Nov 2015 13:25:45 +0000 (14:25 +0100)]
Merge pull request #2850 from cmouse/yahttp-coverity-fix
Initialize minbody
Pieter Lexis [Tue, 3 Nov 2015 12:57:34 +0000 (13:57 +0100)]
Merge pull request #2848 from cmouse/httpbackend-timeout
Do not divide timeout twice
Aki Tuomi [Tue, 3 Nov 2015 12:29:37 +0000 (14:29 +0200)]
Initialize minbody
Pieter Lexis [Tue, 3 Nov 2015 12:26:08 +0000 (13:26 +0100)]
Merge pull request #2844 from pieterlexis/issue-2843
Correctly sort records with a priority.
Aki Tuomi [Tue, 3 Nov 2015 11:55:15 +0000 (13:55 +0200)]
Do not divide timeout twice
Pieter Lexis [Mon, 2 Nov 2015 16:29:36 +0000 (17:29 +0100)]
Add regression-test for #2843
Pieter Lexis [Mon, 2 Nov 2015 17:16:12 +0000 (18:16 +0100)]
Remove TTL from dedup path, thanks @mind04
Pieter Lexis [Mon, 2 Nov 2015 16:06:50 +0000 (17:06 +0100)]
Correctly sort records with a priority. Closes #2843
Peter van Dijk [Mon, 2 Nov 2015 12:43:20 +0000 (13:43 +0100)]
Merge pull request #2797 from mind04/auth-3.4.7-1
add global soa-edit settings (auth-3.4.7)
Pieter Lexis [Mon, 2 Nov 2015 12:32:24 +0000 (13:32 +0100)]
Merge pull request #2840 from abenea/backport-pkcs11-labels
Backport "Use token label in PKCS#11 instead of slot ID"
Pieter Lexis [Mon, 2 Nov 2015 12:32:10 +0000 (13:32 +0100)]
Merge pull request #2790 from mind04/auth-3.4.7
auth-3.4.7
Aki Tuomi [Tue, 20 Oct 2015 05:24:46 +0000 (08:24 +0300)]
Use new slot syntax in test
Aki Tuomi [Mon, 19 Oct 2015 13:26:27 +0000 (16:26 +0300)]
Serialize slot correctly
Andrei Benea [Thu, 29 Oct 2015 13:57:56 +0000 (15:57 +0200)]
Allow token name instead of slot ID for PKCS#11
Christian Hofstaedtler [Mon, 12 Oct 2015 10:44:33 +0000 (12:44 +0200)]
Ignore invalid/empty TKEY and TSIG records
Christian Hofstaedtler [Mon, 12 Oct 2015 10:14:21 +0000 (12:14 +0200)]
Don't reply to truncated queries
Kees Monshouwer [Sat, 10 Oct 2015 21:20:59 +0000 (23:20 +0200)]
OPENPGPKEY fix
(cherry picked from commit
e7917c0664824e50ce28a43fd0a5d7a2140f812e)