2
0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 14:07:59 +00:00

30767 Commits

Author SHA1 Message Date
Witold Kręcicki
42f0e25a4c calling isc__nm_udp_send() on a non-udp socket is not 'unexpected', it's a critical failure 2020-01-20 22:28:36 +01:00
Witold Kręcicki
8d6dc8613a clean up some handle/client reference counting errors in error cases.
We weren't consistent about who should unreference the handle in
case of network error. Make it consistent so that it's always the
client code responsibility to unreference the handle - either
in the callback or right away if send function failed and the callback
will never be called.
2020-01-20 22:28:36 +01:00
Witold Kręcicki
dcc0835a3a cleanup properly if we fail to initialize ns_client structure
If taskmgr is shutting down ns_client_setup will fail to create
a task for the newly created client, we weren't cleaning up already
created/attached things (memory context, server, clientmgr).
2020-01-20 22:28:36 +01:00
Witold Kręcicki
f75a9e32be netmgr: fix a non-thread-safe access to libuv structures
In tcp and udp stoplistening code we accessed libuv structures
from a different thread, which caused a shutdown crash when named
was under load. Also added additional DbC checks making sure we're
in a proper thread when accessing uv_ functions.
2020-01-20 22:28:36 +01:00
Witold Kręcicki
16908ec3d9 netmgr: don't send to an inactive (closing) udp socket
We had a race in which n UDP socket could have been already closing
by libuv but we still sent data to it. Mark socket as not-active
when stopping listening and verify that socket is not active when
trying to send data to it.
2020-01-20 22:28:36 +01:00
Mark Andrews
402f067fc0 Merge branch '1537-nslookup-manual-page-needs-update-for-default-querytype-a-and-aaaa' into 'master'
Resolve "nslookup manual page needs update for default querytype (A and AAAA)"

Closes #1537

See merge request isc-projects/bind9!2894
2020-01-19 23:43:47 +00:00
Mark Andrews
938fc81493 document that nslookup defaults to A + AAAA lookups 2020-01-19 23:14:07 +00:00
Mark Andrews
df709dcf8a Merge branch 'marka-check-CHANGES-SE-in-CI' into 'master'
Check CHANGES.SE in CI

See merge request isc-projects/bind9!2912
2020-01-17 21:09:16 +00:00
Mark Andrews
05f2ba973f check that CHANGES.SE entries are correctly ordered and that whitespace is correct 2020-01-17 09:31:10 +11:00
Michał Kępień
9c5547b118 Merge branch 'michal/fix-the-dnssec-system-test-on-windows' into 'master'
Fix the "dnssec" system test on Windows

See merge request isc-projects/bind9!2902
v9.15.8
2020-01-16 08:49:13 +00:00
Michał Kępień
451484b870 Fix the "dnssec" system test on Windows
Make sure carriage return characters are stripped from awk input to
enable the "dnssec" system test to pass on Windows.
2020-01-16 09:48:01 +01:00
Evan Hunt
aac8736998 Merge branch 'prep-v9_15_8' into 'master'
prep 9.15.8

See merge request isc-projects/bind9!2901
2020-01-16 08:21:28 +00:00
Tinderbox User
05f2241fcb prep 9.15.8 2020-01-16 08:01:20 +00:00
Evan Hunt
48989e9426 Merge branch 'each-add-relnotes-v9_15_8' into 'master'
add release notes for  9.15.8

See merge request isc-projects/bind9!2900
2020-01-16 07:41:10 +00:00
Evan Hunt
1af6de6b62 add release notes for 9.15.8 bugs and changes, and fix CHANGES errors 2020-01-16 08:33:31 +01:00
Evan Hunt
95c76e537f Add empty release notes section for BIND 9.15.8 2020-01-16 08:32:34 +01:00
Evan Hunt
e19819457b Merge branch '1561-ncache-validation-crash' into 'master'
fix a bug when validating negative cache entries

Closes #1561

See merge request isc-projects/bind9!2899
2020-01-15 22:15:36 +00:00
Evan Hunt
8b9a3314b1 CHANGES 2020-01-15 13:55:33 -08:00
Evan Hunt
fa04c87578 add system test of insecurity proof from negative cache 2020-01-15 13:55:33 -08:00
Evan Hunt
6a1c41143f fix a bug when validating negative cache entries
if validator_start() is called with validator->event->message set to
NULL, we can't use message->rcode to decide which negative proofs are
needed, so we use the rdataset attributes instead to determine whether
the rdataset was cached as NXDOMAIN or NODATA.
2020-01-15 13:55:33 -08:00
Witold Krecicki
4c1adf96de Merge branch 'wpk/fix-interface-reconfig-crashes' into 'master'
Fix interface reconfig crashes

See merge request isc-projects/bind9!2898
2020-01-15 16:56:55 +00:00
Witold Kręcicki
eda4300bbb netmgr: have a single source of truth for tcpdns callback
We pass interface as an opaque argument to tcpdns listening socket.
If we stop listening on an interface but still have in-flight connections
the opaque 'interface' is not properly reference counted, and we might
hit a dead memory. We put just a single source of truth in a listening
socket and make the child sockets use that instead of copying the
value from listening socket. We clean the callback when we stop listening.
2020-01-15 17:22:13 +01:00
Witold Kręcicki
0d637b5985 netmgr: we can't uv_close(sock->timer) when in sock->timer close callback 2020-01-15 14:56:40 +01:00
Ondřej Surý
1bee87a364 Merge branch 'wpk/fix-uvtransfers-on-windows' into 'master'
Fixes for netmgr on Windows after recent TCP changes

See merge request isc-projects/bind9!2896
2020-01-15 13:50:10 +00:00
Witold Kręcicki
525c583145 netmgr:
- isc__netievent_storage_t was to small to contain
   isc__netievent__socket_streaminfo_t on Windows
 - handle isc_uv_export and isc_uv_import errors properly
 - rewrite isc_uv_export and isc_uv_import on Windows
2020-01-15 14:08:44 +01:00
Michał Kępień
0cf47ed363 Merge branch '1493-make-hazard-pointers-dynamic' into 'master'
Make hazard pointers max_threads configurable at runtime.

Closes #1493

See merge request isc-projects/bind9!2885
2020-01-15 07:56:58 +00:00
Witold Kręcicki
ea7cc30f7c CHANGES 2020-01-15 08:55:39 +01:00
Witold Kręcicki
493b6a9f33 Make hazard pointers max_threads configurable at runtime.
hp implementation requires an object for each thread accessing
a hazard pointer. previous implementation had a hardcoded
HP_MAX_THREAD value of 128, which failed on machines with lots of
CPU cores (named uses 3n threads). We make isc__hp_max_threads
configurable at startup, with the value set to 4*named_g_cpus.
It's also important for this value not to be too big as we do
linear searches on a list.
2020-01-14 21:26:57 +01:00
Evan Hunt
1639dc8dca Merge branch 'each-allow-ds-with-key' into 'master'
allow DS with key trust anchors

See merge request isc-projects/bind9!2892
2020-01-14 19:56:16 +00:00
Evan Hunt
fc36798a81 allow both key and DS trust anchors to be used for the same name. 2020-01-14 11:17:30 -08:00
Evan Hunt
72b3b458d3 Merge branch '1237-keytable-refactoring' into 'master'
Resolve "refactor dns_keytable"

Closes #1237

See merge request isc-projects/bind9!2798
2020-01-14 18:10:16 +00:00
Evan Hunt
6799a222d1 keep the keynode attached as long as dsset is in use
when using the trust anchor dsset as val->dsset, keep a reference
to the keynode so dsset can't be freed.
2020-01-14 09:26:19 -08:00
Evan Hunt
2d249ebeae make dns_keytable_deletekey() work correctly
it now removes matching trust anchors from from the dslist while leaving
the other trust anchors in place.

also cleaned up the API to remove functions that were never being used.
2020-01-14 09:26:13 -08:00
Evan Hunt
678e2d3cfa fix a bug with the insertion of DS records into existing keynodes
NOTE: the keytable test is still failing because dns_keytable_deletekey()
is looking for exact matches in keynodes containing dst_key objects,
which no keynode has anymore.
2020-01-14 09:24:23 -08:00
Evan Hunt
b984a4b647 disable adding keys to keytable; only DS trust anchors can now be added
the internal keytable structure has not yet been changed, but
insertion of DS anchors is the only method now available.

NOTE: the keytable unit test is currently failing because of tests
that expect individual keynode objects to contain single DST key
objects.
2020-01-14 09:24:22 -08:00
Evan Hunt
7fdf40770f remove all code that uses non-DS trust anchors
as initial-key and static-key trust anchors will now be stored as a
DS rrset, code referencing keynodes storing DNSKEY trust anchors will
no longer be reached.
2020-01-14 09:24:13 -08:00
Evan Hunt
21d3f66f1c rename dns_keytable_deletekeynode to dns_keytable_deletekey
this function is used by dns_view_untrust() to handle revoked keys, so
it will still be needed after the keytable/validator refactoring is
complete, even though the keytable will be storing DS trust anchors
instead of keys. to simplify the way it's called, it now takes a DNSKEY
rdata struct instead of a DST key.
2020-01-14 09:23:21 -08:00
Ondřej Surý
8f902a72ff Merge branch '1396-document-bind-9-15-x-need-for-pkg-config' into 'master'
Fail the autoconf script early if pkg-config is not present.

Closes #1396

See merge request isc-projects/bind9!2889
2020-01-14 13:31:17 +00:00
Ondřej Surý
fc9c7025bc Fail the autoconf script early if pkg-config is not present. 2020-01-14 14:07:36 +01:00
Ondřej Surý
4f74e75632 Merge branch 'ondrej/more-conversions-to-isc_refcount-API' into 'master'
Convert more reference counting to isc_refcount API

See merge request isc-projects/bind9!2153
2020-01-14 12:16:17 +00:00
Ondřej Surý
3000f14eba Use isc_refcount_increment0() when reusing handle or socket; remove extra DbC checks 2020-01-14 13:12:13 +01:00
Ondřej Surý
4d1e3b1e10 Move the NO_SANITIZE attribute to a correct place (gcc is picky) 2020-01-14 13:12:13 +01:00
Ondřej Surý
ede2208d96 ATOMIC_VAR_INIT() must be used only for static variables (C17) 2020-01-14 13:12:13 +01:00
Ondřej Surý
c4aec79079 When compiling with MSVC, use inline functions for isc_refcount_increment/decrement 2020-01-14 13:12:13 +01:00
Ondřej Surý
49976947ab Restore DbC checks in isc_refcount API
The isc_refcount API that provides reference counting lost DbC checks for
overflows and underflows in the isc_refcount_{increment,decrement} functions.

The commit restores the overflow check in the isc_refcount_increment and
underflows check in the isc_refcount_decrement by checking for the previous
value to not be on the boundary.
2020-01-14 13:12:13 +01:00
Ondřej Surý
a910b0a839 Protect globally accessed variables in rndc.c by making them C11 atomic 2020-01-14 13:12:13 +01:00
Ondřej Surý
64e2331843 Convert global responses variable in dispatch_test to C11 atomics 2020-01-14 13:12:13 +01:00
Ondřej Surý
6afa99362a Remove duplicate INSIST checks for isc_refcount API
This commits removes superfluous checks when using the isc_refcount API.

Examples of superfluous checks:

1. The isc_refcount_decrement function ensures there was not underflow,
   so this check is superfluous:

    INSIST(isc_refcount_decrement(&r) > 0);

2 .The isc_refcount_destroy() includes check whether the counter
   is zero, therefore this is superfluous:

    INSIST(isc_refcount_decrement(&r) == 1 && isc_refcount_destroy(&r));
2020-01-14 13:12:13 +01:00
Ondřej Surý
e711b0304f Convert more reference counting to isc_refcount API 2020-01-14 13:12:13 +01:00
Ondřej Surý
7c3e342935 Use isc_refcount_increment0() where appropriate 2020-01-14 13:12:13 +01:00