dnsreplay tool:
"The issue is a stack-based buffer overflow occurring when replaying a
specially crafted PCAP file with the `--ecs-stamp` option enabled,
leading to a denial of service or potentially arbitrary code execution.
Regardless of this issue, we do not advise the use of dnsreplay with
untrusted PCAP files."
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-02.html
some tweaks by me.
- retire local sample SQL schemas in files/; up-to-date ones from
upstream are installed in the doc dir.
- remove "from upstream" section of files/pdns.conf; instead use
this file as a header only, catted together with upstream's up-to-date
version. add uid setting in sample config.
- unbreak modules; when any module was enabled pdns_server was failing
to start up(!). Brad traced this to a LINK_SPEC problem and came up
with the workaround in patch-configure_in, thanks very much!
- set SHARED_ONLY and merge PFRAG.shared into PLISTs; PowerDNS itself
can work static-only, but you need to compile-in the relevant modules,
which doesn't mix well with MULTI_PACKAGES.
mysql backend is tested; other backends not yet, but this is a big
improvement on what's there at the moment.
pdnsd is a proxy dns server with permanent caching (the cache
contents are written to hard disk on exit) that is designed to cope
with unreachable or down dns servers (for example in dial-in
networking).
original port by dlg@ and robert@, banged into shape by me.
not hooked to the builds as this needs further testing/tweaking
