A typo in commit d39ab7440e introduced a bug in zone database reference
counting which leads to a crash if dumping one version of a slave zone
is not finished by the time transferring a newer version from a master
completes. Correct the typo to fix reference counting, thus preventing
crashes.
getquad() was implemented back in 2001 to warn about IPv4 addresses in
non-dotted-quad form being used. As change 4900 (GL #13) removed all
uses of inet_aton(), which allowed such forms, with inet_pton(), which
does not allow them, there is no point in keeping getquad() around as it
now only prints an extra warning when the parser comes across an IP
address in a form which is not acceptable anyway. Replace all uses of
getquad() with inet_pton(AF_INET, ...).
Support for non-dotted-quad IPv4 addresses in master files was dropped
when the inet_aton() call inside getquad() got replaced with a call to
inet_pton(), so a release note should have been added back then to
inform users that such syntax will no longer work.
The "sortlist-v4.conf" unit test for irs_resconf_load() is always run
twice due to a duplicate entry in the "tests" table. Remove one of them
to prevent this.
irs_resconf_load() stores the value returned by add_search() into ret
without consulting its current value first. This causes any previous
errors raised while parsing resolv.conf to be ignored as long as any
"domain" or "search" statement is present in the file.
Prevent this by returning early in case an error is detected while
parsing resolv.conf. Ensure that "searchlist" and "magic" members of
the created irs_resconf_t structure are always initialized before
isc_resconf_destroy() is called.
The check_mx() function in lib/ns/update.c incorrectly tests whether the
DNS_RDATA_CHECKMX/DNS_RDATA_CHECKMXFAIL flags are set for each applied
MX record update as these flags are never set in code paths related to
dynamic updates; they can only be set when loading a zone from a master
file (DNS_ZONEOPT_CHECKMX -> DNS_MASTER_CHECKMX -> DNS_RDATA_CHECKMX).
This flaw allows MX records containing IP addresses to be added to a
zone even when "check-mx fail;" is used.
Ensure correct behavior by modifying the relevant tests in check_mx() so
that they use DNS_ZONEOPT_CHECKMX/DNS_ZONEOPT_CHECKMXFAIL instead.
generated into builddir. If out-of-tree build is used, make unit
will always fail. Kyuafiles and testdata still have to be copied
manually into the builddir.
Instead of checking current dnstap output file size and potentially
synchronously calling dns_dt_reopen() upon every call to dns_dt_send():
- call dns_dt_reopen() asynchronously by queuing an event to the task
specified at dnstap environment creation time,
- ensure no roll event is outstanding before checking dnstap output
file size and potentially queuing another roll event.
This causes dnstap output files to exceed their configured size limits,
but prevents any two threads from performing the roll simultaneously
(which causes crashes).
Instead of relying on the caller to set up task-exclusive mode, make
dns_dt_reopen() enforce task-exclusive mode itself, using the task
specified at dnstap environment creation time.
Implement a new variant of dns_dt_create() to enable a dnstap
environment structure to hold the task in the context of which
dns_dt_reopen() will be executed.
