profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/pieterlexis/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Pieter Lexis pieterlexis @PowerDNS The Netherlands https://blog.lieter.nl

pieterlexis/ansible-json_file 11

An Ansible library module that allows modifying json files without the use of copy, templates or assemble

pieterlexis/ansible-role-mattermost 3

Ansible role for Mattermost

pieterlexis/ansible-prometheus 2

An Ansible role that installs Prometheus, in the format for Ansible Galaxy.

pieterlexis/ansible-role-mattermost-github 2

Ansible role to install and configure mattermost-github-integration

pieterlexis/atomiadns 1

Atomia DNS

NLnetLabs/draft-toorop-dnsop-dns-zone-provisioning-yang 0

Draft for YANG model for configuring Domain Name System (DNS) Zone Provisioning on Authoritative Nameservers

pieterlexis/angular-bootstrap-toasts 0

Simple library for toast notifications

pieterlexis/ansible 0

Ansible is a radically simple IT orchestration engine that makes your applications and systems easier to deploy. Avoid writing scripts or custom code to deploy and update your applications— automate in a language that approaches plain English, using SSH, with no agents to install on remote systems.

pull request commentPowerDNS/pdns

Handle waiting for a descriptor to become readable OR writable

OpenIndiana:

PASS: testrunner
============================================================================
Testsuite summary for dnsdist 0.0.21878.0.mplexerreadwrite.g2ee30ed745
============================================================================
# TOTAL: 1
# PASS:  1
# SKIP:  0
# XFAIL: 0
# FAIL:  0
# XPASS: 0
# ERROR: 0
============================================================================
rgacogne

comment created time in a day

pull request commentPowerDNS/pdns

Handle waiting for a descriptor to become readable OR writable

this PR does not compile on openindiana:

configure: Configuration summary
configure: =====================
configure:
configure: dnsdist configured with:  '--enable-unit-tests'
configure:
configure: CC: gcc
configure: CXX: g++ -std=c++17
configure: LD: /usr/bin/ld -64
configure: CFLAGS:  -fPIE -DPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 --param ssp-buffer-size=4 -fstack-protector -g -O3 -Wall -Wextra -Wshadow -Wno-unused-parameter -g -O2
configure: CPPFLAGS:
configure: CXXFLAGS:  -fPIE -DPIE -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 --param ssp-buffer-size=4 -fstack-protector -D_REENTRANT -g -O3 -Wall -Wextra -Wshadow -Wno-unused-parameter -Wmissing-declarations -Wredundant-decls -g -O2
configure: LDFLAGS:   -rdynamic
configure: LIBS: -lsocket -lnsl -lposix4 -lpthread
configure: BOOST_CPPFLAGS: -I/usr/include
configure:
configure: Features enabled
configure: ----------------
configure: Lua: luajit
configure: Protobuf: yes
configure: systemd: no
configure: ipcipher: yes
configure: libsodium: no
configure: DNSCrypt: no
configure: dnstap: no
configure: re2: no
configure: SNMP: yes
configure: DNS over TLS: no
configure: DNS over HTTPS (DoH): no
configure: cdb: no
configure: lmdb: no
configure:

warnings

iputils.cc: In function 'size_t sendMsgWithOptions(int, const char*, size_t, const ComboAddress*, const ComboAddress*, unsigned int, int)':
iputils.cc:392:8: warning: variable 'firstTry' set but not used [-Wunused-but-set-variable]
  392 |   bool firstTry = true;
      |        ^~~~~~~~
devpollmplexer.cc: In function 'int convertEventKind(FDMultiplexer::EventKind)':
devpollmplexer.cc:96:1: warning: control reaches end of non-void function [-Wreturn-type]
   96 | }
      | ^
portsmplexer.cc: In function 'int convertEventKind(FDMultiplexer::EventKind)':
portsmplexer.cc:78:1: warning: control reaches end of non-void function [-Wreturn-type]
   78 | }
      | ^

errors

portsmplexer.cc: In member function 'virtual void PortsFDMultiplexer::getAvailableFDs(std::vector<int>&, int)':
portsmplexer.cc:128:78: error: 'POLLER' was not declared in this scope; did you mean 'POLLET'?
  128 |     if ((d_pevents[n].portev_events & POLLIN || d_pevents[n].portev_events & POLLER || d_pevents[n].portev_events & POLLHUP)) {
      |                                                                              ^~~~~~
      |                                                                              POLLET
portsmplexer.cc: In member function 'virtual int PortsFDMultiplexer::run(timeval*, int)':
portsmplexer.cc:186:77: error: 'POLLER' was not declared in this scope; did you mean 'POLLET'?
  186 |     if (d_pevents[n].portev_events & POLLIN || d_pevents[n].portev_events & POLLER || d_pevents[n].portev_events & POLLHUP) {
      |                                                                             ^~~~~~
      |                                                                             POLLET
portsmplexer.cc:195:78: error: 'POLLER' was not declared in this scope; did you mean 'POLLET'?
  195 |     if (d_pevents[n].portev_events & POLLOUT || d_pevents[n].portev_events & POLLER) {
      |                                                                              ^~~~~~
      |                                                                              POLLET

rgacogne

comment created time in 2 days

delete branch pieterlexis/pdns

delete branch : dockerignore

delete time in 7 days

PullRequestReviewEvent
PullRequestReviewEvent
PullRequestReviewEvent

issue commentCESNET/libyang

Feature request: C++ bindings for libyang2

Development seems to be happening here

pieterlexis

comment created time in 14 days

startedCESNET/libyang-cpp

started time in 15 days

delete branch pieterlexis/pdns

delete branch : 44-backport-10555

delete time in 16 days

issue commentPowerDNS/pdns

Corrupted NSEC3 RRs in AXFR responses

DNSKEYs are in the zone (we don't need the private keys, as we use the existing RRSIGs in the pre-signed case)

monodhs

comment created time in 21 days

issue commentPowerDNS/pdns

Corrupted NSEC3 RRs in AXFR responses

can you provide your pdns.conf? I am very interested in the direct-dnskey setting (but also the rest)

monodhs

comment created time in 21 days

issue closedPowerDNS/pdns

GEOIP backend: "bad file"

<!-- Tell us what is issue is about -->

  • Program: Authoritative
  • Issue type: Bug report

Short description

I can't get geoip backend to launch, sqlite3 launches just fine.

Environment

<!-- Tell us about the environment -->

  • Operating system: debian 10
  • Software version: 4.1.6-3+deb10u1
  • Software source: apt

Steps to reproduce

I'm trying to install geoip and it just doesn't work

Actual behaviour

Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: Reading random entropy from '/dev/urandom' Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: Loading '/usr/lib/x86_64-linux-gnu/pdns/libgeoipbackend.so' Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: This is a standalone pdns Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: Listening on controlsocket in '/var/run/pdns.controlsocket' Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: UDP server bound to 0.0.0.0:53 Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: UDPv6 server bound to [::]:53 Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: TCP server bound to 0.0.0.0:53 Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: TCPv6 server bound to [::]:53 Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: PowerDNS Authoritative Server 4.1.6 (C) 2001-2018 Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: Using 64-bits mode. Built using gcc 8.3.0. Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: PowerDNS comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: Creating backend connection for TCP Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: Caught an exception instantiating a backend, cleaning up Jul 16 07:34:41 Debian-109-buster-64-minimal pdns_server[8512]: Exiting because of STL error: bad file Jul 16 07:34:41 Debian-109-buster-64-minimal systemd[1]: pdns.service: Main process exited, code=exited, status=1/FAILURE

Other information

#launch=gsqlite3 #gsqlite3-database=/var/lib/powerdns/pdns.sqlite3 launch=geoip #geoip-dnssec-keydir= geoip-database-files=/usr/share/GeoIP/GeoIP.dat /usr/share/GeoIP/GeoIPv6.dat geoip-zones-file=/etc/powerdns/zones.yaml #geoip-dnssec-keydir=/etc/powerdns/keys

closed time in 21 days

BOT-Neil

issue commentPowerDNS/pdns

GEOIP backend: "bad file"

I am closing this issue at it appears a support question and not a bug or issue. If you require further support, please post your issue with all configuration information and logs to the pdns-users mailinglist, or join us on IRC.

BOT-Neil

comment created time in 21 days

push eventpieterlexis/octodns

Pieter Lexis

commit sha 971aa2aba218b239db969757b5b4dc699d0b92af

Add PowerDNS TSIG key providers

view details

Pieter Lexis

commit sha 343dcc56c308a6ba8001eb1e2a32de8361a1a9f2

Add TSIG key info to zones when creating(!)

view details

push time in 22 days

PR opened PowerDNS/pdns

Reviewers
rec: backport #10555 to 4.4.x

Short description

Checklist

<!-- please indicate if any of these things are done/included with this Pull Request. Not all boxes need to be checked for the Pull Request to be accepted --> I have:

  • [x] read the CONTRIBUTING.md document
  • [x] compiled this code
  • [x] tested this code
  • [ ] included documentation (including possible behaviour changes)
  • [ ] documented the code
  • [ ] added or modified regression test(s)
  • [ ] added or modified unit test(s)
  • [ ] <!-- remove this line if your PR is against master --> checked that this code was merged to master
+125 -5

0 comment

4 changed files

pr created time in 25 days

push eventpieterlexis/pdns

Pieter Lexis

commit sha 4b3aa4d8b301538ae102b4f816c03a1f6a7307ea

backport 10555 to 4.4

view details

push time in a month

push eventpieterlexis/pdns

Remi Gacogne

commit sha 445eeffb88a7df9653064128bee09986d708125c

rec: Work around clueless servers sending AA=0 answers (cherry picked from commit 7b98cc14e66493599c7bac1bee26c3d116a660a6)

view details

Remi Gacogne

commit sha bee3a30e4d11d14bd8ef496cb1d8a5faec63c0bb

rec: Add a unit test checking that DNSSEC validation is done for AA=0 answers (cherry picked from commit 3f3b008644f81e6500eb031c2aab2be962b5aed8)

view details

push time in a month

create barnchpieterlexis/pdns

branch : 44-backport-10555

created branch time in a month

push eventpieterlexis/pdns

Pieter Lexis

commit sha 3464f7e14bac7db6c85bca63fd009eb0676f0175

cookies: move consts to class instead of defines

view details

push time in a month

push eventpieterlexis/pdns

Pieter Lexis

commit sha ff5e2f12d3be298f23e5e095919c5dfc58db0974

cookies: move consts to class instead of defines

view details

push time in a month

push eventpieterlexis/pdns

Pieter Lexis

commit sha 1d2d69dd7ff828f6557f4a4e9857e3f1407115d6

Apply suggestions from code review Co-authored-by: Remi Gacogne <github@coredump.fr>

view details

push time in a month

PullRequestReviewEvent

push eventPowerDNS/pdns

cranberry

commit sha fc63af1b2e2a220d1f640ebc26053572203f244d

Added reference to pdnsutil manpage

view details

cranberry

commit sha 67e9cc23e061ae690ef4f568029c029ca1b988a6

Updated reference to pdnsutil manpage

view details

cranberry

commit sha eb422b4dfff626245036740867f1a928666b717b

Updating underline in "Backend manipulation"

view details

Pieter Lexis

commit sha 61a344842e600f9c6082402a5052eceae60725e5

Merge pull request #10496 from tacerus/master Reference pdnsutil in "Running and Operating"

view details

push time in a month

PR merged PowerDNS/pdns

Reference pdnsutil in "Running and Operating" auth docs enhancement

Short description

<!-- Write a small description of what this Pull Request fixes or provides, including the issue #s --> A new user might be confused as to how to manipulate zone data in PowerDNS upon looking at the documentation about "Running and Operating". I added a section about pdnsutil to that page.

Checklist

<!-- please indicate if any of these things are done/included with this Pull Request. Not all boxes need to be checked for the Pull Request to be accepted --> I have:

  • [ x] read the CONTRIBUTING.md document
  • [ docs] compiled this code
  • [ docs] tested this code
  • [ docs] included documentation (including possible behaviour changes)
  • [ docs] documented the code
  • [ docs] added or modified regression test(s)
  • [ docs] added or modified unit test(s)
+8 -0

0 comment

1 changed file

tacerus

pr closed time in a month

pull request commentPowerDNS/pdns

Implement EDNS cookies in the auth

Just a question. If all servers use the same edns-cookie-secret, will a cookie generated by one Pdns-auth be accepted by another PDNS-auth (anycast scenario)?

Yes, provided it is still valid (cookies are valid for an hour).

pieterlexis

comment created time in a month

push eventpieterlexis/pdns

Pieter Lexis

commit sha c0fbb465f9166d77f69c68d2b21890bacbb63a15

Cookies: use constant time comparison

view details

push time in a month

push eventpieterlexis/pdns

Pieter Lexis

commit sha b8c277c58727b466dbf076c616c8e4f0fe437d91

auth: Implement RFC 7872 and 9018 (COOKIES) This implements the siphash-based interoperable DNS COOKIES defined in RFC 9018 for the authoritative server. The EDNSCookieOpt struct has been expanded to accomodate this and can now has constructors and functions to check and generate a server cookie. Cookies will only be sent out if the client sent a cookie and the edns-cookie-secret setting is configures. The auth will respond with EDNS+FORMERR when the client cookie is malformed, BADCOOKIE when the client sent a server cookie we can't decode or is invalid and a normal response with a cookie (either new or sent by the client) when the cookie can be validated.

view details

Pieter Lexis

commit sha f5f63bd3e8d1ed9fc9286f4a5737b2ccc44ce0fd

auth: Add counter for EDNS Cookies

view details

Pieter Lexis

commit sha 46c08b5150e014375d2fed0a194f1355807ac157

Make some cookie sizes constant, fix nits

view details

Pieter Lexis

commit sha cae8ef4c4387f7638498509c1d1f65c3037b8031

Don't store validation state in cookie object

view details

Pieter Lexis

commit sha 0ead866732d3828ea318b4cb36b326f91d02a602

Move constantTimeStringEquals to its own file

view details

Pieter Lexis

commit sha 108bdac44c65ef11b010b91a7abb02610bf6feb7

Cookies: use constant time comparison

view details

push time in a month

push eventpieterlexis/pdns

Pieter Lexis

commit sha 306bf657c30d24c500a7a6617be7891c63abdac8

auth: Implement RFC 7872 and 9018 (COOKIES) This implements the siphash-based interoperable DNS COOKIES defined in RFC 9018 for the authoritative server. The EDNSCookieOpt struct has been expanded to accomodate this and can now has constructors and functions to check and generate a server cookie. Cookies will only be sent out if the client sent a cookie and the edns-cookie-secret setting is configures. The auth will respond with EDNS+FORMERR when the client cookie is malformed, BADCOOKIE when the client sent a server cookie we can't decode or is invalid and a normal response with a cookie (either new or sent by the client) when the cookie can be validated.

view details

Pieter Lexis

commit sha 20837d154d6ef2e9087b2062452a2dfdfccb84ef

auth: Add counter for EDNS Cookies

view details

Pieter Lexis

commit sha d7a178902707725a2b2a2319afd47299cbd4c952

Make some cookie sizes constant, fix nits

view details

Pieter Lexis

commit sha 05ef1205708a105c51d167bcb3a0a532ed9ed8f2

Don't store validation state in cookie object

view details

Pieter Lexis

commit sha 67092745af63292ca9d2b474ebe819d93174bca0

Move constantTimeStringEquals to its own file

view details

Pieter Lexis

commit sha a8af6b033e620016d84c7720837558c0ce092adf

Cookies: use constant time comparison

view details

push time in a month

push eventpieterlexis/pdns

Charles-Henri Bruyand

commit sha f3cba0342f4905c5d48d719e993394175a1f559f

rec: structured-logging draft

view details

Otto

commit sha a523feebda04b7bcd8e979728eb2572bd2b7f504

A class having virtual methods should have a virtual destructor

view details

Otto

commit sha b3c8eddedc989e0d9f74ed7b672f3f8c6e4e933b

Add an error(int errno, msg) method

view details

Otto

commit sha 0acc65adb659cf10564e703a70e9983017a31d56

- Log all things as key-value pairs, inclusing err and msg - Use existing logger as backend, quote values - Fix a const issue - Level <-> Urgency mapping has to be done better

view details

Charles-Henri Bruyand

commit sha 6c01a00972dc062c2e8ee369cf5f036328f995ee

do not dynamically allocate entries. backend currently doesn't do anything other than printing the entry for now

view details

Charles-Henri Bruyand

commit sha 0e0d339989a4b4025f40cb2d6a19963b7a5a75f4

make sure we override the correct signatures

view details

Charles-Henri Bruyand

commit sha dd74c405032d9082b9ebcc452667710bee564273

mark logging methods as const

view details

Charles-Henri Bruyand

commit sha f0787f02a98d323ff7c9dc84276f93a9795edbe8

more constness on the reference children keep on their parents

view details

Greg MacLellan

commit sha 513e82340102a0162cd0d602cbb3f231f3a38743

Fix documentation around get*DomainMetadata * `GetDomainMetadata` and `GetAllDomainMetadata` state `false` can be returned, but doing this results in an error. * Somewhere between PowerDNS 4.2 and 4.4, `GetAllDomainMetadata` became mandatory: a backend returning 404 will result in PowerDNS responding with `SERVFAIL`.

view details

Charles-Henri Bruyand

commit sha fecf182368fb83d64589d0615a5c025eaf11e877

allow calling log methods with arbitrary number of key/value pairs

view details

Otto

commit sha 9ba003feeae856c87cb5419b5ed055be9d80daa5

Add a high precision timestamp to log entry

view details

Josh Soref

commit sha 2ec4df6f901369b9d8ebf4fb00b18083256ca00f

Correct faq entry to talk about zones

view details

Wim

commit sha 937f58338e849b407448deb16c23cd3a439ad0e5

Support multiple ip addresses for dnsdist-resolver lua script

view details

Otto

commit sha 49f30160855e3bc569fb073c2563e4c061dd90bc

Introduce "Priority", which maps to the Urgency of the existing logger. If Priority is set, pass the Entry to the backend for now. (to be revisited). In the rpzloader example, pass a logger object to functions, so that they can add their data to an existing logger, showing how a structured log object could be used.

view details

Peter van Dijk

commit sha 96feaaa269bfd115e4930a029ac7a1e9b3e61d8d

auth ldap: note that master mode -is- supported

view details

Remi Gacogne

commit sha a093b261aae431777482a58bdcae8ebe33203084

dnsdist: Skip some memory allocations in client mode dnsdist does not use most of the configuration in client mode, mostly caring about the settings needed to access the console, but we still need to parse all directives and create objects due to the way our Lua parsing works. We don't, however, need to allocate the whole storage needed for packet caches, for backend states or for the in-memory ring buffers. This reduces the memory consumption of a console client to roughly 1 MB from hundreds of them in some cases.

view details

Remi Gacogne

commit sha db2cda1e6c7d04333301f3d8b32ca92ce1487e2a

dnsdist: Proof of concept of how to detect serials in XFR messages

view details

Otto

commit sha 51b5346adc5157089de39882361773a1259227c7

Switch OpenBSD to kqueue mplexer; untested

view details

Remi Gacogne

commit sha 3c6d977e3310ef9036d685e804a3b3923c803eed

dnsdist: Proof of concept of how to detect serials in XFR messages

view details

slowr

commit sha 078c474d31cf5e13a1278ff9cef7909592fd723e

poc for making dnsdist ixfr-axfr aware

view details

push time in a month

PR opened PowerDNS/pdns

docker: ignore compiled files

Short description

No need to upload this to the docker daemon.

Checklist

<!-- please indicate if any of these things are done/included with this Pull Request. Not all boxes need to be checked for the Pull Request to be accepted --> I have:

  • [x] read the CONTRIBUTING.md document
  • [ ] compiled this code
  • [ ] tested this code
  • [ ] included documentation (including possible behaviour changes)
  • [ ] documented the code
  • [ ] added or modified regression test(s)
  • [ ] added or modified unit test(s)
+3 -0

0 comment

1 changed file

pr created time in a month