Hello community, here is the log from the commit of package pdns for openSUSE:Factory checked in at 2015-09-03 18:04:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pdns (Old) and /work/SRC/openSUSE:Factory/.pdns.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pdns" Changes: -------- --- /work/SRC/openSUSE:Factory/pdns/pdns.changes 2015-06-11 08:23:33.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.pdns.new/pdns.changes 2015-09-03 18:12:20.000000000 +0200 @@ -1,0 +2,17 @@ +Wed Sep 2 12:13:31 UTC 2015 - [email protected] + +- update to 3.4.6 [boo#943078] CVE-2015-5230 + +Bug fixes: +* Avoid superfluous backend recycling +* Removal of dnsdist from the authoritative server distribution +* Add EDNS unknown version handling and tests EDNS unknown version +handling + +Improvements: +* Update YaHTTP to v0.1.7 +* Make trailing/leading spaces stand out in pdnssec check_zone +* GCC 5.2 support and sync boost.m4 macro with upstream +* Log answer packets only if log-dns-details is enabled + +------------------------------------------------------------------- Old: ---- pdns-3.4.5.tar.bz2 New: ---- pdns-3.4.6.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pdns.spec ++++++ --- /var/tmp/diff_new_pack.oxdf1f/_old 2015-09-03 18:12:26.000000000 +0200 +++ /var/tmp/diff_new_pack.oxdf1f/_new 2015-09-03 18:12:26.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package pdns # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,11 +17,11 @@ Name: pdns -Version: 3.4.5 +Version: 3.4.6 Release: 0 # %define pkg_name pdns -%define pkg_version 3.4.5 +%define pkg_version 3.4.6 %define polarssl_version 1.3.2 # %define home %{_var}/lib/pdns @@ -438,8 +438,8 @@ rm -rfv %{buildroot}%{_libdir}/pdns/*.la # install -m 0644 AUTHORS NEWS NOTICE COPYING README* %{buildroot}%{_datadir}/doc/packages/%{name}/ -# no longer ship dnsdist here -> separate package now -rm -v %{buildroot}%{_bindir}/dnsdist %{buildroot}%{_mandir}/man1/dnsdist.1* +# no longer ship dnsdist here -> separate upstream source and package now +#rm -v %{buildroot}%{_bindir}/dnsdist %{buildroot}%{_mandir}/man1/dnsdist.1* %pre /usr/sbin/groupadd -r pdns >/dev/null 2>&1 || : ++++++ pdns-3.4.5.tar.bz2 -> pdns-3.4.6.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/Makefile.am new/pdns-3.4.6/Makefile.am --- old/pdns-3.4.5/Makefile.am 2015-06-09 14:28:55.000000000 +0200 +++ new/pdns-3.4.6/Makefile.am 2015-08-24 19:02:50.000000000 +0200 @@ -4,7 +4,6 @@ codedocs/doxygen.conf contrib/powerdns.solaris.init.d \ contrib/systemd-pdns.service contrib/systemd-pdns-recursor.service \ bootstrap build-scripts/semistaticg++ pdns/docs/dnstcpbench.1 \ -pdns/docs/dnsdist.1 \ build-scripts/redhat/pdns-server-test.spec \ pdns/named.conf.parsertest regression-tests/zones/unit.test @@ -15,7 +14,7 @@ if TOOLS man1_MANS += pdns/docs/dnsreplay.1 pdns/docs/dnsscope.1 pdns/docs/dnswasher.1 - man1_MANS += pdns/docs/dnstcpbench.1 pdns/docs/dnsdist.1 + man1_MANS += pdns/docs/dnstcpbench.1 endif pdns/docs/dnstcpbench.1: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/Makefile.in new/pdns-3.4.6/Makefile.in --- old/pdns-3.4.5/Makefile.in 2015-06-09 14:29:40.000000000 +0200 +++ new/pdns-3.4.6/Makefile.in 2015-08-27 15:17:57.000000000 +0200 @@ -51,8 +51,7 @@ build_triplet = @build@ host_triplet = @host@ @TOOLS_TRUE@am__append_1 = pdns/docs/dnsreplay.1 pdns/docs/dnsscope.1 \ -@TOOLS_TRUE@ pdns/docs/dnswasher.1 pdns/docs/dnstcpbench.1 \ -@TOOLS_TRUE@ pdns/docs/dnsdist.1 +@TOOLS_TRUE@ pdns/docs/dnswasher.1 pdns/docs/dnstcpbench.1 subdir = . DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in $(srcdir)/config.h.in \ @@ -391,7 +390,6 @@ codedocs/doxygen.conf contrib/powerdns.solaris.init.d \ contrib/systemd-pdns.service contrib/systemd-pdns-recursor.service \ bootstrap build-scripts/semistaticg++ pdns/docs/dnstcpbench.1 \ -pdns/docs/dnsdist.1 \ build-scripts/redhat/pdns-server-test.spec \ pdns/named.conf.parsertest regression-tests/zones/unit.test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/build-scripts/redhat/pdns-server-test.spec new/pdns-3.4.6/build-scripts/redhat/pdns-server-test.spec --- old/pdns-3.4.5/build-scripts/redhat/pdns-server-test.spec 2015-06-09 14:29:23.000000000 +0200 +++ new/pdns-3.4.6/build-scripts/redhat/pdns-server-test.spec 2015-08-27 15:17:34.000000000 +0200 @@ -9,7 +9,7 @@ Epoch: 0 License: GPL Group: System/Servers -Source: http://downloads.powerdns.com/releases/pdns-3.4.5.tar.bz2 +Source: http://downloads.powerdns.com/releases/pdns-3.4.6.tar.bz2 BuildRequires: autoconf automake BuildRequires: gcc gcc-c++ @@ -30,7 +30,7 @@ PowerDNS testbuild %prep -%setup -q -n pdns-3.4.5 +%setup -q -n pdns-3.4.6 %build %configure \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/configure new/pdns-3.4.6/configure --- old/pdns-3.4.5/configure 2015-06-09 14:29:34.000000000 +0200 +++ new/pdns-3.4.6/configure 2015-08-27 15:17:47.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for pdns 3.4.5. +# Generated by GNU Autoconf 2.69 for pdns 3.4.6. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -587,8 +587,8 @@ # Identity of this package. PACKAGE_NAME='pdns' PACKAGE_TARNAME='pdns' -PACKAGE_VERSION='3.4.5' -PACKAGE_STRING='pdns 3.4.5' +PACKAGE_VERSION='3.4.6' +PACKAGE_STRING='pdns 3.4.6' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1470,7 +1470,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures pdns 3.4.5 to adapt to many kinds of systems. +\`configure' configures pdns 3.4.6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1540,7 +1540,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of pdns 3.4.5:";; + short | recursive ) echo "Configuration of pdns 3.4.6:";; esac cat <<\_ACEOF @@ -1740,7 +1740,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -pdns configure 3.4.5 +pdns configure 3.4.6 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2347,7 +2347,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by pdns $as_me 3.4.5, which was +It was created by pdns $as_me 3.4.6, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3170,7 +3170,7 @@ # Define the identity of the package. PACKAGE='pdns' - VERSION='3.4.5' + VERSION='3.4.6' cat >>confdefs.h <<_ACEOF @@ -16708,7 +16708,7 @@ fi -echo "$as_me: this is boost.m4 serial 25" >&5 +echo "$as_me: this is boost.m4 serial 24" >&5 boost_save_IFS=$IFS boost_version_req=1.35 IFS=. @@ -16945,6 +16945,10 @@ # I'm not sure about my test for `il' (be careful: Intel's ICC pre-defines # the same defines as GCC's). for i in \ + "defined __GNUC__ && __GNUC__ == 5 && __GNUC_MINOR__ == 2 && !defined __ICC && \ + (defined WIN32 || defined WINNT || defined _WIN32 || defined __WIN32 \ + || defined __WIN32__ || defined __WINNT || defined __WINNT__) @ mgw52" \ + "defined __GNUC__ && __GNUC__ == 5 && __GNUC_MINOR__ == 2 && !defined __ICC @ gcc52" \ "defined __GNUC__ && __GNUC__ == 5 && __GNUC_MINOR__ == 1 && !defined __ICC && \ (defined WIN32 || defined WINNT || defined _WIN32 || defined __WIN32 \ || defined __WIN32__ || defined __WINNT || defined __WINNT__) @ mgw51" \ @@ -21188,7 +21192,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by pdns $as_me 3.4.5, which was +This file was extended by pdns $as_me 3.4.6, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21254,7 +21258,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -pdns config.status 3.4.5 +pdns config.status 3.4.6 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/configure.ac new/pdns-3.4.6/configure.ac --- old/pdns-3.4.5/configure.ac 2015-06-09 14:29:23.000000000 +0200 +++ new/pdns-3.4.6/configure.ac 2015-08-27 15:17:34.000000000 +0200 @@ -1,7 +1,7 @@ AC_PREREQ([2.61]) dnl The following lines may be patched by set-version-auth. -AC_INIT([pdns], [3.4.5]) +AC_INIT([pdns], [3.4.6]) AC_SUBST([DIST_HOST], [[email protected]]) dnl End patch area. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/debian-pdns/changelog new/pdns-3.4.6/debian-pdns/changelog --- old/pdns-3.4.5/debian-pdns/changelog 2015-06-09 14:29:23.000000000 +0200 +++ new/pdns-3.4.6/debian-pdns/changelog 2015-08-27 15:17:34.000000000 +0200 @@ -1,4 +1,4 @@ -pdns (3.4.5-1) unstable; urgency=medium +pdns (3.4.6-1) unstable; urgency=medium * fill in the blanks diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/debian-pdns/rules new/pdns-3.4.6/debian-pdns/rules --- old/pdns-3.4.5/debian-pdns/rules 2015-06-09 14:28:56.000000000 +0200 +++ new/pdns-3.4.6/debian-pdns/rules 2015-08-24 18:32:13.000000000 +0200 @@ -137,7 +137,7 @@ #FIXME: shell loops hide errors for prog in dnsbulktest dnsreplay dnsscan dnsscope dnstcpbench dnswasher \ - nproxy dnsdist nsec3dig saxfr ; do \ + nproxy nsec3dig saxfr ; do \ mv "$(tmpdir)"/usr/bin/$$prog "$(tools_tmpdir)"/usr/bin ; \ [ -e "$(tmpdir)"/usr/share/man/man8/"$$prog".8 ] && \ mv "$(tmpdir)"/usr/share/man/man8/"$$prog".8 "$(tools_tmpdir)"/usr/share/man/man8/ ; \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/m4/boost.m4 new/pdns-3.4.6/m4/boost.m4 --- old/pdns-3.4.5/m4/boost.m4 2015-06-09 14:28:56.000000000 +0200 +++ new/pdns-3.4.6/m4/boost.m4 2015-08-24 17:50:02.000000000 +0200 @@ -22,7 +22,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. m4_define([_BOOST_SERIAL], [m4_translit([ -# serial 25 +# serial 24 ], [# ], [])]) @@ -574,7 +574,7 @@ [boost/chrono.hpp], [boost::chrono::thread_clock d;]) if test $enable_static_boost = yes && test $boost_major_version -ge 135; then - BOOST_FILESYSTEM_LIBS="$BOOST_FILESYSTEM_LIBS $BOOST_SYSTEM_LIBS" + BOOST_CHRONO_LIBS="$BOOST_CHRONO_LIBS $BOOST_SYSTEM_LIBS" fi LIBS=$boost_filesystem_save_LIBS LDFLAGS=$boost_filesystem_save_LDFLAGS @@ -1296,6 +1296,8 @@ # I'm not sure about my test for `il' (be careful: Intel's ICC pre-defines # the same defines as GCC's). for i in \ + _BOOST_mingw_test(5, 2) \ + _BOOST_gcc_test(5, 2) \ _BOOST_mingw_test(5, 1) \ _BOOST_gcc_test(5, 1) \ _BOOST_mingw_test(5, 0) \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/Makefile.am new/pdns-3.4.6/pdns/Makefile.am --- old/pdns-3.4.5/pdns/Makefile.am 2015-06-09 14:29:01.000000000 +0200 +++ new/pdns-3.4.6/pdns/Makefile.am 2015-08-24 14:32:10.000000000 +0200 @@ -35,7 +35,7 @@ bin_PROGRAMS = pdns_control pdnssec zone2sql zone2ldap zone2json if TOOLS - bin_PROGRAMS += dnsbulktest dnsreplay dnsscan dnsscope dnstcpbench dnswasher nproxy dnsdist nsec3dig saxfr + bin_PROGRAMS += dnsbulktest dnsreplay dnsscan dnsscope dnstcpbench dnswasher nproxy nsec3dig saxfr endif EXTRA_PROGRAMS=pdns_recursor sdig saxfr dnstcpbench dnsdist tsig-tests speedtest dnsscope dnsgram rec_control \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/Makefile.in new/pdns-3.4.6/pdns/Makefile.in --- old/pdns-3.4.5/pdns/Makefile.in 2015-06-09 14:29:40.000000000 +0200 +++ new/pdns-3.4.6/pdns/Makefile.in 2015-08-27 15:17:56.000000000 +0200 @@ -60,7 +60,7 @@ bin_PROGRAMS = pdns_control$(EXEEXT) pdnssec$(EXEEXT) \ zone2sql$(EXEEXT) zone2ldap$(EXEEXT) zone2json$(EXEEXT) \ $(am__EXEEXT_1) $(am__EXEEXT_2) -@TOOLS_TRUE@am__append_4 = dnsbulktest dnsreplay dnsscan dnsscope dnstcpbench dnswasher nproxy dnsdist nsec3dig saxfr +@TOOLS_TRUE@am__append_4 = dnsbulktest dnsreplay dnsscan dnsscope dnstcpbench dnswasher nproxy nsec3dig saxfr EXTRA_PROGRAMS = pdns_recursor$(EXEEXT) sdig$(EXEEXT) saxfr$(EXEEXT) \ dnstcpbench$(EXEEXT) dnsdist$(EXEEXT) tsig-tests$(EXEEXT) \ speedtest$(EXEEXT) dnsscope$(EXEEXT) dnsgram$(EXEEXT) \ @@ -139,8 +139,7 @@ @TOOLS_TRUE@am__EXEEXT_1 = dnsbulktest$(EXEEXT) dnsreplay$(EXEEXT) \ @TOOLS_TRUE@ dnsscan$(EXEEXT) dnsscope$(EXEEXT) \ @TOOLS_TRUE@ dnstcpbench$(EXEEXT) dnswasher$(EXEEXT) \ -@TOOLS_TRUE@ nproxy$(EXEEXT) dnsdist$(EXEEXT) nsec3dig$(EXEEXT) \ -@TOOLS_TRUE@ saxfr$(EXEEXT) +@TOOLS_TRUE@ nproxy$(EXEEXT) nsec3dig$(EXEEXT) saxfr$(EXEEXT) @LMDB_TRUE@am__EXEEXT_2 = zone2lmdb$(EXEEXT) am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(sbindir)" \ "$(DESTDIR)$(sysconfdir)" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/distributor.hh new/pdns-3.4.6/pdns/distributor.hh --- old/pdns-3.4.5/pdns/distributor.hh 2015-06-09 14:29:04.000000000 +0200 +++ new/pdns-3.4.6/pdns/distributor.hh 2015-08-24 17:01:05.000000000 +0200 @@ -259,7 +259,18 @@ AnswerData<Answer> AD; AD.A=a; - QD.callback(AD); + try { + QD.callback(AD); + } + catch(std::exception& e) + { + L<<Logger::Error<<"Error in callback (while sending reply): "<<e.what()<<endl; + delete AD.A; + } + catch(...) { + L<<Logger::Error<<"Unknown callback (sending reply) error"<<endl; + delete AD.A; + } } delete b; @@ -299,7 +310,18 @@ } AnswerData<Answer> AD; AD.A=a; - callback(AD); + try { + callback(AD); + } + catch(std::exception& e) + { + L<<Logger::Error<<"Error in callback (while sending reply): "<<e.what()<<endl; + delete AD.A; + } + catch(...) { + L<<Logger::Error<<"Unknown callback (sending reply) error"<<endl; + delete AD.A; + } return 0; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/dnspacket.cc new/pdns-3.4.6/pdns/dnspacket.cc --- old/pdns-3.4.5/pdns/dnspacket.cc 2015-06-09 14:29:04.000000000 +0200 +++ new/pdns-3.4.6/pdns/dnspacket.cc 2015-08-25 19:58:41.000000000 +0200 @@ -56,6 +56,8 @@ d_wantsnsid=false; d_haveednssubnet = false; d_dnssecOk=false; + d_ednsversion=0; + d_ednsrcode=0; } const string& DNSPacket::getString() @@ -95,6 +97,8 @@ d_eso = orig.d_eso; d_haveednssubnet = orig.d_haveednssubnet; d_haveednssection = orig.d_haveednssection; + d_ednsversion = orig.d_ednsversion; + d_ednsrcode = orig.d_ednsrcode; d_dnssecOk = orig.d_dnssecOk; d_rrs=orig.d_rrs; @@ -340,7 +344,7 @@ if(!opts.empty() || d_haveednssection || d_dnssecOk) { - pw.addOpt(s_udpTruncationThreshold, 0, d_dnssecOk ? EDNSOpts::DNSSECOK : 0, opts); + pw.addOpt(s_udpTruncationThreshold, d_ednsrcode, d_dnssecOk ? EDNSOpts::DNSSECOK : 0, opts); pw.commit(); } } @@ -396,6 +400,8 @@ r->d_eso = d_eso; r->d_haveednssubnet = d_haveednssubnet; r->d_haveednssection = d_haveednssection; + r->d_ednsversion = 0; + r->d_ednsrcode = 0; if(!d_tsigkeyname.empty()) { r->d_tsigkeyname = d_tsigkeyname; @@ -549,6 +555,8 @@ // cerr<<"Have an option #"<<iter->first<<": "<<makeHexDump(iter->second)<<endl; } } + d_ednsversion = edo.d_version; + d_ednsrcode = edo.d_extRCode; } else { d_maxreplylen=512; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/dnspacket.hh new/pdns-3.4.6/pdns/dnspacket.hh --- old/pdns-3.4.5/pdns/dnspacket.hh 2015-06-09 14:29:04.000000000 +0200 +++ new/pdns-3.4.6/pdns/dnspacket.hh 2015-08-25 19:58:41.000000000 +0200 @@ -134,6 +134,13 @@ bool couldBeCached(); //!< returns 0 if this query should bypass the packet cache bool hasEDNSSubnet(); bool hasEDNS(); + uint8_t getEDNSVersion() const { return d_ednsversion; }; + void setEDNSRcode(uint16_t extRCode) + { + // WARNING: this is really 12 bits + d_ednsrcode=extRCode; + }; + uint8_t getEDNSRCode() const { return d_ednsrcode; }; //////// DATA ! ComboAddress d_remote; @@ -167,6 +174,8 @@ string d_rawpacket; // this is where everything lives 4 int d_maxreplylen; string d_ednsping; + uint8_t d_ednsversion; + uint16_t d_ednsrcode; // WARNING: this is really 12 bits bool d_wantsnsid; bool d_haveednssubnet; bool d_haveednssection; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/docs/dnsdist.1 new/pdns-3.4.6/pdns/docs/dnsdist.1 --- old/pdns-3.4.5/pdns/docs/dnsdist.1 2015-06-09 14:30:46.000000000 +0200 +++ new/pdns-3.4.6/pdns/docs/dnsdist.1 1970-01-01 01:00:00.000000000 +0100 @@ -1,93 +0,0 @@ -'\" t -.\" Title: dnsdist -.\" Author: [see the "AUTHOR" section] -.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 06/09/2015 -.\" Manual: \ \& -.\" Source: \ \& -.\" Language: English -.\" -.TH "DNSDIST" "1" "06/09/2015" "\ \&" "\ \&" -.\" ----------------------------------------------------------------- -.\" * Define some portability stuff -.\" ----------------------------------------------------------------- -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.\" http://bugs.debian.org/507673 -.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" ----------------------------------------------------------------- -.\" * set default formatting -.\" ----------------------------------------------------------------- -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.\" ----------------------------------------------------------------- -.\" * MAIN CONTENT STARTS HERE * -.\" ----------------------------------------------------------------- -.SH "NAME" -dnsdist \- tool to balance DNS queries over downstream servers -.SH "SYNOPSIS" -.sp -\fIdnsdist\fR [\-\-help] [\-\-verbose] [\-\-local address] downstream\-address downstream\-address -.SH "DESCRIPTION" -.sp -dnsdist receives DNS queries and relays them to one or more downstream servers\&. It subsequently sends back responses to the original requestor\&. -.sp -dnsdist operates over TCP and UDP, and strives to deliver very high performance over both\&. -.sp -Currently, queries are sent to the downstream server with the least outstanding queries\&. This effectively implies load balancing, making sure that slower servers get less queries\&. -.sp -If a reply has not come in after a few seconds, it is removed from the queue, but in the short term, timeouts do cause a server to get less traffic\&. -.sp -IPv4 and IPv6 operation can be mixed and matched, in other words, queries coming in over IPv6 could be forwarded to IPv4 and vice versa\&. -.SH "SCOPE" -.sp -dnsdist does not \fIthink\fR about DNS, and does not perform any kind of caching, nor is it aware of the quality of the answers it is relaying\&. -.sp -dnsdist assumes that each query leads to exactly one response, which is true for all DNS except for AXFR, which is therefore not supported\&. -.sp -The goal for dnsdist is to remain simple\&. If more powerful loadbalancing is required, dedicated hardware or software is recommended\&. Linux Virtual Server for example is often mentioned\&. -.SH "OPTIONS" -.PP -\-\-verbose -.RS 4 -Be wordy on what the program is doing -.RE -.PP -\-\-local -.RS 4 -Supply as many addresses to listen on as required\&. Specify IPv4 as 0\&.0\&.0\&.0:53 and IPv6 as [::]:53\&. -.RE -.PP -\-\-daemon -.RS 4 -Daemonize and run in the background -.RE -.PP -\-\-help -.RS 4 -Provide a helpful message -.RE -.sp -Finally, supply as many downstream addresses as required\&. Remote port defaults to 53\&. -.SH "BUGS" -.sp -Right now, the TCP support has some rather arbitrary limits\&. -.SH "AUTHOR" -.sp -Written by PowerDNS\&.COM BV, \m[blue]\fBpowerdns\&.documentation@powerdns\&.com\fR\m[]\&\s-2\u[1]\d\s+2 -.SH "RESOURCES" -.sp -Website: \m[blue]\fBhttp://www\&.powerdns\&.com\fR\m[] -.SH "COPYING" -.sp -Copyright \(co 2013 PowerDNS\&.COM BV\&. Free use of this software is granted under the terms of the GNU General Public License (GPL) version 2\&. -.SH "NOTES" -.IP " 1." 4 [email protected] -.RS 4 -\%mailto:[email protected] -.RE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/docs/dnstcpbench.1 new/pdns-3.4.6/pdns/docs/dnstcpbench.1 --- old/pdns-3.4.5/pdns/docs/dnstcpbench.1 2015-06-09 14:30:45.000000000 +0200 +++ new/pdns-3.4.6/pdns/docs/dnstcpbench.1 2015-08-27 15:18:35.000000000 +0200 @@ -2,12 +2,12 @@ .\" Title: dnstcpbench .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/> -.\" Date: 06/09/2015 +.\" Date: 08/27/2015 .\" Manual: \ \& .\" Source: \ \& .\" Language: English .\" -.TH "DNSTCPBENCH" "1" "06/09/2015" "\ \&" "\ \&" +.TH "DNSTCPBENCH" "1" "08/27/2015" "\ \&" "\ \&" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/ext/yahttp/yahttp/reqresp.cpp new/pdns-3.4.6/pdns/ext/yahttp/yahttp/reqresp.cpp --- old/pdns-3.4.5/pdns/ext/yahttp/yahttp/reqresp.cpp 2015-06-09 14:29:10.000000000 +0200 +++ new/pdns-3.4.6/pdns/ext/yahttp/yahttp/reqresp.cpp 2015-08-04 13:36:44.000000000 +0200 @@ -172,8 +172,10 @@ for(strstr_map_t::const_iterator i = getvars.begin(); i != getvars.end(); i++) { getparmbuf << Utility::encodeURL(i->first, false) << "=" << Utility::encodeURL(i->second, false) << "&"; } - if (getparmbuf.str().length() > 0) - getparms = "?" + std::string(getparmbuf.str().begin(), getparmbuf.str().end() - 1); + if (getparmbuf.str().length() > 0) { + std::string buf = getparmbuf.str(); + getparms = "?" + std::string(buf.begin(), buf.end() - 1); + } else getparms = ""; os << method << " " << url.path << getparms << " HTTP/" << versionStr(this->version); @@ -188,6 +190,7 @@ bool cookieSent = false; bool sendChunked = false; + bool hasBody = true; if (this->version > 10) { // 1.1 or better if (headers.find("content-length") == headers.end()) { @@ -198,16 +201,16 @@ } if ((headers.find("transfer-encoding") == headers.end() && kind == YAHTTP_TYPE_RESPONSE)) { sendChunked = true; - // write the header now - os << "Transfer-Encoding: chunked" << "\r\n"; + os << "Transfer-Encoding: chunked\r\n"; } } else { + hasBody = (headers.find("content-length")->second != "0"); if ((headers.find("transfer-encoding") == headers.end() && kind == YAHTTP_TYPE_RESPONSE)) { - sendChunked = true; - // write the header now - os << "Transfer-Encoding: chunked" << "\r\n"; + sendChunked = hasBody; + if (sendChunked) + os << "Transfer-Encoding: chunked\r\n"; } else if (headers.find("transfer-encoding") != headers.end() && headers.find("transfer-encoding")->second == "chunked") { - sendChunked = true; + sendChunked = hasBody; } } } @@ -216,6 +219,7 @@ strstr_map_t::const_iterator iter = headers.begin(); while(iter != headers.end()) { if (iter->first == "host" && kind != YAHTTP_TYPE_REQUEST) { iter++; continue; } + if (iter->first == "transfer-encoding" && sendChunked) { iter++; continue; } std::string header = Utility::camelizeHeader(iter->first); if (header == "Cookie" || header == "Set-Cookie") cookieSent = true; os << Utility::camelizeHeader(iter->first) << ": " << iter->second << "\r\n"; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/ext/yahttp/yahttp/reqresp.hpp new/pdns-3.4.6/pdns/ext/yahttp/yahttp/reqresp.hpp --- old/pdns-3.4.5/pdns/ext/yahttp/yahttp/reqresp.hpp 2015-06-09 14:29:10.000000000 +0200 +++ new/pdns-3.4.6/pdns/ext/yahttp/yahttp/reqresp.hpp 2015-06-19 11:40:21.000000000 +0200 @@ -206,6 +206,15 @@ HTTPBase::initialize(); this->kind = YAHTTP_TYPE_RESPONSE; } + void initialize(const HTTPBase& rhs) { + HTTPBase::initialize(); + this->kind = YAHTTP_TYPE_RESPONSE; + // copy SOME attributes + this->url = rhs.url; + this->method = rhs.method; + this->jar = rhs.jar; + this->version = rhs.version; + } friend std::ostream& operator<<(std::ostream& os, const Response &resp); friend std::istream& operator>>(std::istream& is, Response &resp); }; @@ -226,6 +235,15 @@ HTTPBase::initialize(); this->kind = YAHTTP_TYPE_REQUEST; } + void initialize(const HTTPBase& rhs) { + HTTPBase::initialize(); + this->kind = YAHTTP_TYPE_REQUEST; + // copy SOME attributes + this->url = rhs.url; + this->method = rhs.method; + this->jar = rhs.jar; + this->version = rhs.version; + } void setup(const std::string& method, const std::string& url) { this->url.parse(url); this->headers["host"] = this->url.host; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/ext/yahttp/yahttp/router.hpp new/pdns-3.4.6/pdns/ext/yahttp/yahttp/router.hpp --- old/pdns-3.4.5/pdns/ext/yahttp/yahttp/router.hpp 2015-06-09 14:29:10.000000000 +0200 +++ new/pdns-3.4.6/pdns/ext/yahttp/yahttp/router.hpp 2015-06-19 11:40:21.000000000 +0200 @@ -17,7 +17,7 @@ namespace funcptr = boost; #define HAVE_CPP_FUNC_PTR #else -#warn "You need to configure with boost or have C++11 capable compiler for router" +#warning "You need to configure with boost or have C++11 capable compiler for router" #endif #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/packethandler.cc new/pdns-3.4.6/pdns/packethandler.cc --- old/pdns-3.4.5/pdns/packethandler.cc 2015-06-09 14:29:11.000000000 +0200 +++ new/pdns-3.4.6/pdns/packethandler.cc 2015-08-26 11:29:42.000000000 +0200 @@ -989,12 +989,20 @@ bool noCache=false; if(p->d.qr) { // QR bit from dns packet (thanks RA from N) - L<<Logger::Error<<"Received an answer (non-query) packet from "<<p->getRemote()<<", dropping"<<endl; + if(d_logDNSDetails) + L<<Logger::Error<<"Received an answer (non-query) packet from "<<p->getRemote()<<", dropping"<<endl; S.inc("corrupt-packets"); S.ringAccount("remotes-corrupt", p->getRemote()); return 0; } + if (p->hasEDNS() && p->getEDNSVersion() > 0) { + r = p->replyPacket(); + r->setRcode(16 & 0xF); + r->setEDNSRcode((16 & 0xFFF0)>>4); // set rcode to BADVERS + return r; + } + if(p->d_havetsig) { string keyname, secret; TSIGRecordContent trc; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns/pdnssec.cc new/pdns-3.4.6/pdns/pdnssec.cc --- old/pdns-3.4.5/pdns/pdnssec.cc 2015-06-09 14:29:11.000000000 +0200 +++ new/pdns-3.4.6/pdns/pdnssec.cc 2015-08-24 14:32:10.000000000 +0200 @@ -489,7 +489,7 @@ } catch(std::exception& e) { - cout<<"[Error] Following record had a problem: "<<rr.qname<<" IN " <<rr.qtype.getName()<< " " << rr.content<<endl; + cout<<"[Error] Following record had a problem: '"<<rr.qname<<"' of type " <<rr.qtype.getName()<< " '" << rr.content<<"'"<<endl; cout<<"[Error] Error was: "<<e.what()<<endl; numerrors++; continue; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-3.4.5/pdns.spec new/pdns-3.4.6/pdns.spec --- old/pdns-3.4.5/pdns.spec 2015-06-09 14:29:23.000000000 +0200 +++ new/pdns-3.4.6/pdns.spec 2015-08-27 15:17:34.000000000 +0200 @@ -1,6 +1,6 @@ BuildRoot: /tmp/pdns Name: pdns-static -Version: 3.4.5 +Version: 3.4.6 Release: 1 Summary: extremely powerful and versatile nameserver License: GPL @@ -60,7 +60,6 @@ "/usr/bin/dnsreplay" "/usr/bin/dnsscan" "/usr/bin/dnsscope" -"/usr/bin/dnsdist" "/usr/bin/dnstcpbench" "/usr/bin/dnswasher" "/usr/bin/nproxy" @@ -70,4 +69,3 @@ "/usr/share/man/man1/dnsscope.1" "/usr/share/man/man1/dnswasher.1" "/usr/share/man/man1/dnstcpbench.1" -"/usr/share/man/man1/dnsdist.1"
