mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00
Code Issues Releases Wiki Activity
26,705 Commits 657 Branches 820 Tags
Commit Graph

638 Commits

Author SHA1 Message Date
Michał Kępień
4df4a8e731 Use dns_fixedname_initname() where possible 
Replace dns_fixedname_init() calls followed by dns_fixedname_name()
calls with calls to dns_fixedname_initname() where it is possible
without affecting current behavior and/or performance.

This patch was mostly prepared using Coccinelle and the following
semantic patch:

    @@
    expression fixedname, name;
    @@
    -	dns_fixedname_init(&fixedname);
    	...
    -	name = dns_fixedname_name(&fixedname);
    +	name = dns_fixedname_initname(&fixedname);

The resulting set of changes was then manually reviewed to exclude false
positives and apply minor tweaks.

It is likely that more occurrences of this pattern can be refactored in
an identical way.  This commit only takes care of the low-hanging fruit.
 2018-04-09 12:14:16 +02:00
Witold Kręcicki
102a397e39 libdns refactoring: get rid of multiple versions of dns_keytable_add, dns_iptable_addprefix and dns_iptable_addprefix 2018-04-06 08:04:41 +02:00
Witold Kręcicki
c8aa1ee9e6 libdns refactoring: get rid of multiple versions of dns_dt_create, dns_view_setcache, dns_zt_apply, dns_message_logfmtpacket, dns_message_logpacket, dns_ssutable_checkrules and dns_ttl_totext 2018-04-06 08:04:41 +02:00
Witold Kręcicki
d54d482af0 libdns refactoring: get rid of multiple versions of dns_view_find, dns_view_findzonecut and dns_view_flushcache 2018-04-06 08:04:41 +02:00
Witold Kręcicki
42ee8c853a libdns refactoring: get rid of 3 versions of dns_resolver_createfetch 2018-04-06 08:04:41 +02:00
Witold Kręcicki
e20b702418 libdns refactoring: get rid of multiple versions of dns_dispatch_createtcp and dns_dispatch_addresponse, unify dns_dispatch_gettcp and dns_dispatch_gettcp2 2018-04-06 08:04:41 +02:00
Witold Kręcicki
f0a07b7546 libdns refactoring: get rid of two versions of dns_adb_createfind and dns_adb_probesize 2018-04-06 08:04:41 +02:00
Witold Kręcicki
3687648384 libdns refactoring: get rid of two versions of dns_acl_match and dns_aclelement_match 2018-04-06 08:04:40 +02:00
Mark Andrews
7b27be54ee adjust goto target and conditional compilation so that cleanup_spillattimer and cleanup_alglock labels match the element to be cleanup and so that they are always used 2018-02-24 17:49:49 -08:00
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Ondřej Surý
4801f40e4d Merge branch 'master' into 'master' 
Master

See merge request isc-projects/bind9!36
 2018-02-16 17:19:26 -05:00
Mark Andrews
b5167607ef make declaration and use of setnocookie fully conditional 2018-02-16 10:20:38 +11:00
Mark Andrews
0f8b0dc5d4 use %u instead of %d 2018-02-16 10:20:38 +11:00
Petr Menšík
e7a93321f0 Reuse new function from rt46864 for similar block elsewhere. 2018-02-15 12:42:33 +01:00
Mark Andrews
8b440753b6 [master] address overflow in retry backoff 
4877.	[bug]		Address integer overflow when exponentially
			backing off retry intervals. [RT #47041]
 2018-01-24 09:45:01 -08:00
Mark Andrews
fdd8838bf9 4869. [bug] Address some cases where NULL with zero length could 
be passed to memmove which is undefined behaviour and
                        can lead to bad optimisation. [RT #46888]
 2018-01-22 09:36:12 +11:00
Michał Kępień
73819362d8 [master] Simplify handling isc_socket_sendto2() return values when flags == 0 
4865.	[cleanup]	Simplify handling isc_socket_sendto2() return values.
			[RT #46986]
 2018-01-16 08:33:30 +01:00
Mukund Sivaraman
f96133826e Fix various bugs reported by valgrind --tool=memcheck (#46978) 2018-01-13 00:33:35 +05:30
Tinderbox User
10e49fc83b update copyright notice / whitespace 2018-01-04 23:45:32 +00:00
Evan Hunt
053b51c4db [master] block validator deadlock and prevent use-after-free 
4859.	[bug]		A loop was possible when attempting to validate
			unsigned CNAME responses from secure zones;
			this caused a delay in returning SERVFAIL and
			also increased the chances of encountering
			CVE-2017-3145. [RT #46839]

4858.	[security]	Addresses could be referenced after being freed
			in resolver.c, causing an assertion failure.
			(CVE-2017-3145) [RT #46839]
 2018-01-03 19:11:18 -08:00
Michał Kępień
6035d557c4 [master] Refactor reclimit system test 
4823.	[test]		Refactor reclimit system test to improve its
			reliability and speed. [RT #46632]
 2017-11-21 10:32:45 +01:00
Evan Hunt
c9f8165a06 [master] tag initializing keys 
4798.	[func]		Keys specified in "managed-keys" statements
			are tagged as "initializing" until they have been
			updated by a key refresh query. If initialization
			fails it will be visible from "rndc secroots".
			[RT #46267]
 2017-10-27 15:49:44 -07:00
Evan Hunt
06049b1c6c [master] stats counter for priming queries 
4795.	[func]		A new statistics counter has been added to track
			priming queries. [RT #46313]
 2017-10-26 21:38:43 -07:00
Evan Hunt
b2597ce86b [master] ignore cache when sending 5011 refresh queries 
4771.	[bug]		When sending RFC 5011 refresh queries, disregard
			cached DNSKEY rrsets. [RT #46251]
 2017-10-11 14:24:29 -07:00
Ondřej Surý
5de02a075b [master] reduce unnecessary priming queries 
4770. [bug] Cache additional data from priming queries as glue.
Previously they were ignored as unsigned
non-answer data from a secure zone, and never
actually got added to the cache, causing hints
to be used frequently for root-server
addresses, which triggered re-priming. [RT #45241]
 2017-10-11 09:11:47 +02:00
Mark Andrews
b4c31c8795 tcp test got reversed 2017-09-27 15:19:34 +10:00
Mark Andrews
f9f3f20d2d 4739. [cleanup] Address clang static analysis warnings. [RT #45952] 2017-09-27 10:27:09 +10:00
Evan Hunt
114f95089c [master] cleanup strcat/strcpy 
4722.	[cleanup]	Clean up uses of strcpy() and strcat() in favor of
			strlcpy() and strlcat() for safety. [RT #45981]
 2017-09-13 00:14:37 -07:00
Evan Hunt
25b33bede4 [master] improve handling of qcount=0 replies 
4717.	[bug]		Treat replies with QCOUNT=0 as truncated if TC=1,
			FORMERR if TC=0, and log the error correctly.
			[RT #45836]
 2017-09-12 15:26:30 -07:00
Mark Andrews
df50751585 4700. [func] Serving of stale answers is now supported. This 
allows named to provide stale cached answers when
                        the authoritative server is under attack.
                        See max-stale-ttl, stale-answer-enable,
                        stale-answer-ttl. [RT #44790]
 2017-09-06 09:58:29 +10:00
Mark Andrews
a322a0f31c silence converity warning [RT #45891] 2017-09-05 07:38:13 +10:00
Mark Andrews
5c269d84c2 remove development logging 2017-09-01 14:45:26 +10:00
Mark Andrews
0aed466565 4693. [func] Synthesis of responses from DNSSEC-verified records. 
Stage 1 covers NXDOMAIN synthesis from NSEC records.
                        This is controlled by synth-from-dnssec and is enabled
                        by default. [RT #40138]
 2017-08-31 07:57:50 +10:00
Mark Andrews
ff8d856db0 4675. [cleanup] Don't use C++ keyword class. [RT #45726] 2017-08-10 08:42:04 +10:00
Evan Hunt
cdacec1dcb [master] silence gcc 7 warnings 
4673.	[port]		Silence GCC 7 warnings. [RT #45592]
 2017-08-09 00:17:44 -07:00
Mark Andrews
31605091b4 add comment 2017-08-09 08:42:10 +05:30
Evan Hunt
6bba066302 style 2017-08-09 08:41:51 +05:30
Mark Andrews
bcb2df226f style changes from [RT #45321] 2017-08-09 07:48:57 +10:00
Evan Hunt
2013c9751d [master] address coverity warning about uninitialized variable 2017-08-08 10:46:49 -07:00
Mukund Sivaraman
c88efb83b3 Fix a race in resume_dslookup() (#45168) 2017-08-08 12:20:48 +05:30
Mark Andrews
d5cb164074 conditionally declare fctx 2017-08-08 00:51:37 +10:00
Mark Andrews
73cc289e79 remove unused variable 'fctx' from rctx_next 2017-08-05 12:31:45 +10:00
Evan Hunt
61367c604c [master] refactor resquery_response() and related functions 
4669.	[func]		Iterative query logic in resolver.c has been
			refactored into smaller functions and commented,
			for improved readability, maintainability and
			testability. [RT #45362]
 2017-08-04 16:08:11 -07:00
Mark Andrews
4bf32aa587 4654. [cleanup] Don't use C++ keywords delete, new and namespace. 
[RT #45538]
 2017-07-21 11:52:24 +10:00
Mark Andrews
638c7c635d 4580. [bug] 4578 introduced a regression when handling CNAME to 
referral below the current domain. [RT #44850]
 2017-03-14 15:07:00 +11:00
Mark Andrews
f240f4a5de Reimplement: 
4578.   [security]      Some chaining (CNAME or DNAME) responses to upstream
                        queries could trigger assertion failures.
                        (CVE-2017-3137) [RT #44734]
 2017-03-01 12:01:16 +11:00
Evan Hunt
a1365a0042 [master] remove unnecessary INSIST 
4578.	[security]	Some chaining (CNAME or DNAME) responses to upstream
			queries could trigger assertion failures.
			(CVE-2017-3137) [RT #44734]
 2017-02-23 14:34:33 -08:00
Witold Krecicki
0790f8a361 4577. [func] Make qtype of resolver fuzzing packet configurable via command line. [RT #43540] 2017-02-21 03:49:55 -08:00
Evan Hunt
650b5e7592 [master] store local and remote addresses in dnstap 
4569.	[func]		Store both local and remote addresses in dnstap
			logging, and modify dnstap-read output format to
			print them. [RT #43595]
 2017-02-03 17:05:58 -08:00
Evan Hunt
a2bd99a959 [master] address portability issues 2017-01-30 16:52:18 -08:00