Timeline
02/06/11:
- 12:15 Changeset [1979] by
- make sure ueberbackend returns negative if it failed to find a backend …
- 12:14 Changeset [1978] by
- further round of std::changes
- 12:13 Changeset [1977] by
- further std::
- 12:11 Changeset [1976] by
- big batch of 'using namespace std;' removal
02/05/11:
- 18:40 Changeset [1975] by
- turns out that for each signature, we consulted the database because we …
- 18:39 Changeset [1974] by
- beginning of the removal of 'using namespace std'. Goal is to swap out …
- 12:26 Changeset [1973] by
- Google Protocol Buffers coming to PowerDNSSEC for transporting records & …
02/03/11:
- 21:46 Changeset [1972] by
- signingpipe is all zero-copy and hyperefficient now. but not any faster …
- 17:23 Changeset [1971] by
- make test-algorithms do a bit more signatures to get a better estimate of …
- 16:08 Changeset [1970] by
- add 'test-speed' to pdnssec, plus make sure test-algorithms can be run w/o …
- 16:07 Changeset [1969] by
- make our keyenginecache per-thread, so we don't get two threads trying to …
- 15:54 Changeset [1968] by
- add udiffNoReset for running time measurements
- 15:53 Changeset [1967] by
- fix up Botan (de)initialization, plus give all DNSCryptoEngines a virtual …
- 13:52 Changeset [1966] by
- linker gets confused by multiple global objects with same class & instance …
- 00:36 Ticket #339 (Private RR types correctly stored but not served) created by
- (I realize private types are not on the list of types supported by …
02/02/11:
- 20:35 Changeset [1965] by
- and add signingpipe.hh to the tarball
- 15:11 Changeset [1964] by
- make sure we wait for all signatures to come in from workers at the end of …
- 09:47 Changeset [1963] by
- don't calculate NSEC/NSEC3 chain for insecure zones on outgoing AXFR
- 09:46 Changeset [1962] by
- this is probably a speedup, but a cleanup in any case
- 09:29 Changeset [1961] by
- make sure we ship md5.hh for the tarball
- 00:12 Changeset [1960] by
- make the signingpipe multithreaded, achieving around 8000 RSASHA256/1024 …
02/01/11:
- 21:36 Changeset [1959] by
- divorce addRRSigs() from DNSPacket. Make sure addRRSigs() uses an RRSIG …
- 21:34 Changeset [1958] by
- the confusing variable name of the year goes to: static bool mustShuffle …
- 16:51 Changeset [1957] by
- speed up bindbackend to pre-DNSSEC speeds. We again hail the genius of …
- 16:00 Changeset [1956] by
- don't re-add base64 encoded algorithm
- 15:18 Changeset [1955] by
- build our packages with embedded crypto++
- 15:11 Changeset [1954] by
- and add the configure.ac update for CRYPTOPP
- 15:09 Changeset [1953] by
- add support for Crypto++ ECDSA, refine & rename CryptoKeyEngine? interface, …
- 10:35 Changeset [1952] by
- big rename of DNSPrivateKey which wasn't, and is now called …
01/31/11:
- 22:59 Changeset [1951] by
- - scary commit - add a generic botan1.8/botan1.9 signer/verifier for RSA …
- 14:50 Ticket #338 (Notification of slave (or "other") servers for SLAVE zones) closed by
- fixed: Tested in r1950 with […] and it works. Thank you very much, indeed. …
- 14:08 Changeset [1950] by
- implement slave-renotify for front-signing operation with renotification …
- 13:28 Changeset [1949] by
- add --with-botan1.8 (not working yet), fix up missing BOOST LDADD
- 12:36 Changeset [1948] by
- fix up modules for qtype change
- 11:37 Ticket #338 (Notification of slave (or "other") servers for SLAVE zones) created by
- We are having some amount of success in using PowerDNS …
- 11:37 Changeset [1947] by
- mostly so people can see it - this file should be able to sign ECDSA & RSA …
- 11:24 Changeset [1946] by
- document opt-out defaults
- 11:14 Changeset [1945] by
- remove traces of BOOST_FILESYSTEM and BOOST_SYSTEM
- 11:14 Changeset [1944] by
- remove qtype char* constructor
- 10:23 Changeset [1943] by
- make sure we create separate controlsocket for each recursor process
- 08:54 Ticket #337 (DNS Qtype storage overflow) closed by
- fixed: Confirm resolved in rev 1942
- 08:48 Changeset [1942] by
- disable the broken 'storing unknown records' code for now
- 08:27 Changeset [1941] by
- actually report the DLV record type for production too, lack spotted by …
- 08:22 Ticket #337 (DNS Qtype storage overflow) reopened by
- Tested with rpm rev 1940: incoming AXFR logs: […] The record is NOT …
01/30/11:
- 22:27 Changeset [1940] by
- even if we do opt-out, the NSEC3PARAM flags field should be 0
- 22:21 PDNSSEC edited by
- (diff)
- 22:19 Changeset [1939] by
- if I understand things correctly, powerdns does 'opt-out' NSEC3, but we …
- 22:17 Changeset [1938] by
- fix everyone's favorite 'succesful' typo
- 21:43 Changeset [1937] by
- when operating in front-signing mode, make sure we set the auth & hash …
- 20:52 Ticket #337 (DNS Qtype storage overflow) closed by
- fixed: Fixed in commit 1936.
- 20:52 Changeset [1936] by
- the wonderful #powerdns channel on irc.oftc.net discovered that powerdns …
- 16:11 Ticket #337 (DNS Qtype storage overflow) created by
- PowerDNS (3.0pre.20110128.1929) incorrectly stores DLV records. Server …
- 14:12 Changeset [1935] by
- make sure we don't try to print digest type 3 if we don't have GOST on …
- 13:59 Changeset [1934] by
- make sure we sign our DNSKEYs when serving an AXFR. Plus remove some …
- 13:58 Changeset [1933] by
- don't try to store an AXFRd OPT record - would ignore it anyhow, but this …
- 13:49 Changeset [1932] by
- silence a lot of debugging output at loglevel 9 (you did not see it, but …
01/29/11:
- 13:34 Changeset [1931] by
- if no dnssec schema is loaded, auth==1 - Leen Besselink discovered …
- 13:33 Changeset [1930] by
- Christoph Meerwald discovered we would sign out-of-zone additional data, …
01/28/11:
- 22:44 Changeset [1929] by
- make sure we can insert huuuuge records
- 21:57 Changeset [1928] by
- reinstate 'recursor' handoff in auth server, issue spotted by Detlef …
- 21:40 Changeset [1927] by
- update pdnssec error message & documentation based on feedback by Leen …
- 21:37 PDNSSEC edited by
- (diff)
- 12:09 Changeset [1926] by
- Jan-Piet Mens discovered that we did not correctly fill out the 'auth' …
- 08:58 Changeset [1925] by
- silence zone2sql debugging output, fix up sqlite3 typo
- 08:50 Changeset [1924] by
- fix up 'too-big-for-udp' testcase. Protipp: increase the percentage of …
- 08:45 Changeset [1923] by
- this is a directory rename, and it does not look good
- 00:19 Changeset [1922] by
- the all new non-generic Oracle Backend, with full DNSSEC support! …
01/27/11:
- 23:20 Changeset [1921] by
- release notes for 3.0
- 16:37 Changeset [1920] by
- with this patch, PowerDNS works around a bug in the Botan GOST code. Post …
- 13:59 Changeset [1919] by
- further spiff up verify-crypto, now correctly processes samples from …
- 13:58 Changeset [1918] by
- teach ECDSA keys to import a public key from the binary DNSKEY value, plus …
- 13:57 Changeset [1917] by
- add supported algorithms & digest types
- 13:55 Changeset [1916] by
- add support for digest provisional codepoint 4, SHA384
- 11:31 Changeset [1915] by
- add signature verification infrastructure for RSA & GOST, test with …
- 10:35 Changeset [1914] by
- remove vestiges of RSA-centrism from the DNSKEY code - at assumed every …
01/26/11:
- 22:01 Changeset [1913] by
- finish up support for GOST, including DS with digest type=3, plus abstract …
- 17:04 Changeset [1912] by
- First part of the GOST support: R 34.10-2001, GOST R 34.11-94 will follow. …
- 01:12 Changeset [1911] by
- work in progress, but needed to complete the tar.gz build
- 01:08 Changeset [1910] by
- add Botan to our static builds
- 00:27 Changeset [1909] by
- this huge commit adds support for RSASHA512 & draft-ietf-dnsext-ecdsa …
01/25/11:
- 20:14 Changeset [1908] by
- massively speed up nsec/nsec3 rectification by wrapping the update …
- 20:13 Changeset [1907] by
- and generic sql too
- 20:08 Changeset [1906] by
- teach backends not to delete a zone if a negative zone-id is passed to …
- 08:51 Changeset [1905] by
- 'multi-algorithm support' - for now we still only do RSA, but the whole …
01/22/11:
- 19:21 Changeset [1904] by
- oops, missed this in the previous commit
- 19:21 Changeset [1903] by
- move code around in preparation for non-RSA keys & signatures
01/21/11:
- 13:49 Changeset [1902] by
- further fix up parsing hex strings with spaces in odd places (it rhymes!)
01/20/11:
- 22:26 Changeset [1901] by
- mutate nsecxcache into metacache, simplify cache handling while we are at …
01/19/11:
- 20:28 Changeset [1900] by
- work around apparent bug in 'dig' output of DS records. Dig likes to …
- 20:26 Changeset [1899] by
- fix up us putting the RRSIG in the wrong place for DS records. Spotted by …
- 20:21 Changeset [1898] by
- fix up some tabdamage
- 20:15 Changeset [1897] by
- sync the docs with pre-signing mode
01/18/11:
- 20:09 PDNSSEC edited by
- (diff)
- 20:01 Changeset [1896] by
- Jose Arthur Benetasso Villanova fixed a very old comment typo ;-)
- 20:01 Changeset [1895] by
- Jose Arthur Benetasso Villanova contributed the postgresql schema update …
- 16:33 Changeset [1894] by
- document (un)set-presigned
- 15:55 Changeset [1893] by
- implement 'pdnssec set-presigned', allowing PowerDNSSEC to serve …
- 13:58 Ticket #336 (field change_date does not work as expected) created by
- I am using pdns 2.9.21 with gpgsql backend I've set up serial = 0 in SOA …
- 09:43 Changeset [1892] by
- remove the signing code from dnspacket, where it was cute but wrong.
- 09:37 Changeset [1891] by
- add tools to compare pdns output to that of other servers
- 09:21 Changeset [1890] by
- move clone-zone into the pdnssec era
01/17/11:
- 21:04 Changeset [1889] by
- alternate rdtsc() implementation
01/15/11:
- 21:41 Changeset [1888] by
- massively speed up our NSEC3 AXFR code
- 12:26 Changeset [1887] by
- add support for NSEC3 zonetransfers!
- 12:24 Changeset [1886] by
- emitNSEC3 and getNSEC3Hashes are useful outside of the packethandler class …
- 12:23 Changeset [1885] by
- teach bindbackend about the possibility of empty nsec3 salts
01/14/11:
- 23:12 Changeset [1884] by
- implement 'pdnssec import-zone-key-pem' which is compatible with the …
- 14:14 Ticket #335 (pdnsd problem querying pdns authoritative only and external cnames) created by
- Hi, I have a problem configuring pdnsd proxy server querying a local only …
- 13:12 Changeset [1883] by
- fix up nsec3 hunt in BIND backend, problems spotted by Christoph Meerwald
- 13:10 Changeset [1882] by
- properly invalidate keycache on adding a new key - this removes the …
01/12/11:
- 21:19 Changeset [1881] by
- repeat after me.. no more rushed coding
- 20:27 Changeset [1880] by
- make packetcache further aware of difference between tcp and udp, so we …
- 19:26 Changeset [1879] by
- refuse to make keys of unknown algorithm instead of just complaining allow …
- 17:35 Changeset [1878] by
- oops, put the NSEC3NARROW item in the NSEC3PARAM cache
- 17:30 Changeset [1877] by
- don't interleave DNSBackend::lookup and ::getSOA! Plus don't add NSEC to …
01/11/11:
- 23:50 Changeset [1876] by
- add some logic to prevent us crashing on an nsec3 non-narrow zone with …
- 23:00 Changeset [1875] by
- messed up the 'narrow' detection from the db
- 22:45 Changeset [1874] by
- keycache would only serve expired records, and never renew expired …
- 22:42 Changeset [1873] by
- improve syntax checking for pdnssec
- 22:41 Changeset [1872] by
- make replacing_insert from syncres.hh useable for the rest of pdns
- 21:08 Changeset [1871] by
- restore NSEC generation & signatures for AXFR.
- 20:59 Changeset [1870] by
- implement simplistic 60 dnssec key cache
- 20:56 Changeset [1869] by
- make packetcache dnssec aware (different answers based on do)
- 20:52 Changeset [1868] by
- quiet query logging with log-dns-details, move query logging to place …
- 15:40 PDNSSEC edited by
- (diff)
- 15:39 Changeset [1867] by
- remainder of 3600-ectomy
- 15:14 Changeset [1866] by
- making the world safe for ttl!=3600 dnssec, one step at a time ;-)
- 14:44 Changeset [1865] by
- fix typo in bindbackend, add pdnssec hash-zone-record convenience function …
- 12:53 PDNSSEC edited by
- (diff)
- 12:19 WikiStart edited by
- (diff)
- 12:13 PDNSSEC edited by
- (diff)
- 11:26 PDNSSEC edited by
- (diff)
- 11:05 PDNSSEC edited by
- (diff)
- 11:01 PDNSSEC edited by
- (diff)
- 10:29 Changeset [1864] by
- oops - previous commit was uncompiled & thus broken
- 10:25 Changeset [1863] by
- silence a warning from the BIND backend, plus vamp up the auto-build …
- 10:21 PDNSSEC edited by
- (diff)
- 10:15 Changeset [1862] by
- slim down our tar.gz, taking out a .svn directory + outdated sgml
- 09:43 Changeset [1861] by
- update our internal tar.gz builder
- 09:43 Changeset [1860] by
- bye bye sgml, plus some updates to the xml
01/10/11:
- 15:41 PDNSSEC edited by
- (diff)
- 14:48 Changeset [1859] by
- hypermodern bulk slave engine forward ported from 2.9.22.x. Does 5000 …
- 14:45 Ticket #334 (Auto-splitting long TXT records doesn't work) created by
- If you enter a TXT record longer than 255 characters the record generates …
- 14:44 Changeset [1858] by
- remote master can now also have a :port number - forward port from …
- 14:42 Changeset [1857] by
- add multiple master support to gsqlbackends - forward port from 2.9.22.x
- 14:41 Changeset [1856] by
- make sure geobackend sets auth=1, which should always be true
- 12:50 Changeset [1855] by
- make sure that DNSKEY requests can be delegated don't do NSEC on …
- 12:14 Changeset [1854] by
- no longer try to add NSEC/NSEC3 to unsigned zones also don't add DNSSEC …
- 12:03 Changeset [1853] by
- more dnssec docs
- 11:06 Ticket #333 (Improvement for recursor wipe cache) created by
- This enables cleaning of names from packet cache as well. Also adds …
- 09:39 Changeset [1852] by
- add support for unsalted nsec3 hashes ('1 0 1 -')
- 08:51 Changeset [1851] by
- show-zone output partially went to stderr we can now roundtrip a zone via …
01/09/11:
- 22:05 Changeset [1850] by
- fix giant memory leak, silence debugging, improve error message about …
- 19:26 Changeset [1849] by
- index the signature cache on the hash of the public key instead of on the …
- 16:54 Changeset [1848] by
- move some non-'keeper' dnssec signing logic away to a separate file, …
- 11:40 Changeset [1847] by
- 3.0pre
- 11:39 PDNSSEC edited by
- (diff)
- 11:31 Changeset [1846] by
- remove more of boost dependency, fix up debian compilation
- 11:27 Changeset [1845] by
- remove boost filesystem dependency
- 10:06 Changeset [1844] by
- always sign DS records - bit of an oddity, we normally assume that all …
- 09:58 Changeset [1843] by
- * Make everything aware of multiple simultaneous signing keys * …
- 09:51 Changeset [1842] by
- silence some debugging output on ordering zone information
- 09:37 Changeset [1841] by
- fix up confusing message about starting up another distributor thread
- 07:13 Changeset [1840] by
- remove dependency on the boost_system libs, easing compilation on …
- 07:12 Changeset [1839] by
- move document generation structure fully over to xml docbook
01/08/11:
- 14:22 Changeset [1838] by
- moving to prettier docbook xml output
- 01:54 Changeset [1837] by
- make rest of powerdns RSASHA256 aware. Works too.
- 01:53 Changeset [1836] by
- unbase32hex speedup dereconversion broke everything, fixed now
- 00:57 Changeset [1835] by
- make dnsseckeeper & dnssecinfra code, plus pdnssec, aware of non-RSASHA1 …
- 00:24 Changeset [1834] by
- also emit DS for digest type 2 (SHA256) in pdnssec output
- 00:13 Changeset [1833] by
- make sure pipe backend for now gets the 'auth' field *mostly* right
01/07/11:
- 23:29 Changeset [1832] by
- make sure we don't send back an oversized packet after adding signatures
- 23:04 Changeset [1831] by
- <- idiot
- 21:34 Ticket #200 (pdns auth from svn sends truncated oversized responses for every query but ...) closed by
- fixed: fixed in commit 1830
- 21:33 Changeset [1830] by
- remove old 'guillotine' truncate functionality which should've been …
- 21:01 Changeset [1829] by
- remove one unneccessary layer of (un)base32hex transitions, spotted by Aki …
- 14:02 Changeset [1828] by
- don't truncate just before sending answer, plus improve logging a bit
- 11:32 Changeset [1827] by
- fix base32 padding issue as found by Aki Tuomi and solved by Michel Stol
Note: See TracTimeline
for information about the timeline view.
