The new
isc_log_createandusechannel() function combines following calls:
isc_log_createchannel()
isc_log_usechannel()
calls into a single call that cannot fail and therefore can be used in
places where we know this cannot fail thus simplifying the error
handling.
Remove the complicated mechanism that could be (in theory) used by
external libraries to register new categories and modules with
statically defined lists in <isc/log.h>. This is similar to what we
have done for <isc/result.h> result codes. All the libraries are now
internal to BIND 9, so we don't need to provide a mechanism to register
extra categories and modules.
The isc_log_write1() and isc_log_vwrite1() functions were meant to
de-duplicate the messages sent to the isc_log subsystem. However, they
were never used in an entire code base and the whole mechanism around it
was complicated and very inefficient. Just remove those, there are
better ways to deduplicate syslog messages inside syslog daemons now.
Add isc_logconfig_get() function to get the current logconfig and use
the getter to replace most of the little dancing around setting up
logging in the tools. Thus:
isc_log_create(mctx, &lctx, &logconfig);
isc_log_setcontext(lctx);
dns_log_setcontext(lctx);
...
...use lcfg...
...
isc_log_destroy();
is now only:
logconfig = isc_logconfig_get(lctx);
...use lcfg...
For thread-safety, isc_logconfig_get() should be surrounded by RCU read
lock, but since we never use isc_logconfig_get() in threaded context,
the only place where it is actually used (but not really needed) is
named_log_init().
Instead of juggling different logging context, use one single logging
context that gets initialized in the libisc constructor and destroyed in
the libisc destructor.
The application is still responsible for creating the logging
configuration before using the isc_log API.
This patch is first in the series in a way that it is transparent for
the users of the isc_log API as the isc_log_create() and
isc_log_destroy() are now thin shims that emulate the previous
functionality, but it isc_log_create() will always return internal
isc__lctx pointer and isc_log_destroy() will actually not destroy the
internal isc__lctx context.
Signed-off-by: Ondřej Surý <ondrej@isc.org>
On FreeBSD, the TCP connection callback could spuriously receive
ISC_R_CONNECTIONRESET even when connection to the loopback interface.
Skip the other checks in such case and graciously shutdown the TCP
connection.
Closes#4849
Merge branch '4849-dispatch_test-fails-in-connected_shutdown-on-freebsd' into 'main'
Closes#4849
See merge request isc-projects/bind9!9303
On FreeBSD, the TCP connection callback could spuriously receive
ISC_R_CONNECTIONRESET even when connection to the loopback interface.
Skip the other checks in such case and graciously shutdown the TCP
connection.
Update Internal_use_only-CVE.md checklist changing some tasks and responsibilities reflecting the new ASN process with RT vs SF. Support will now be sending ASNs to customers, although Marketing will announce the new releases (both publicly and to support customers).
Merge branch 'vicky-main-patch-57381' into 'main'
See merge request isc-projects/bind9!9307
When manually handling the release notes (due to rst markup, fixups
etc.), the different MR number for backports causes needless friction.
Remove the reference from release notes and keep it only in changelog
which isn't manually redacted.
To reduce the friction when handling the release notes, it is preferable
to have the sections sorted by issue number, rather than merge order.
Fallback to commit subject line if unavailable (e.g. for changelog
entries).
The shim implementation of setresuid() was wrong - there was a copy and
paste error and it was calling setresgid() instead. This only affects
NetBSD because Linux, FreeBSD and OpenBSD have setresuid() and
setresgid() implementation available from the system library.
Closes#4862
Merge branch '4862-fix-setresuid-shim' into 'main'
Closes#4862
See merge request isc-projects/bind9!9359
The shim implementation of setresuid() was wrong - there was a copy and
paste error and it was calling setresgid() instead. This only affects
NetBSD because Linux, FreeBSD and OpenBSD have setresuid() and
setresgid() implementation available from the system library.
The test_traffic_json and test_traffic_xml occasionally fail when
running under TSAN. This happens in CI and is most likely a result of
some instability that doesn't seem to be easily reproduced.
Closes#4598
Merge branch '4598-mark-statschannel-test-flaky' into 'main'
Closes#4598
See merge request isc-projects/bind9!9293
The test_traffic_json and test_traffic_xml occasionally fail when
running under TSAN. This happens in CI and is most likely a result of
some instability that doesn't seem to be easily reproduced.
Log canceled resolver queries (e.g. when shutting down a hung
fetch) in DEBUG3 level instead of DEBUG1 which is used for the
"unrecognized" result codes.
Closes#4797
Merge branch '4797-rpz_rewrite-add-ISC_R_CANCELED-processing' into 'main'
Closes#4797
See merge request isc-projects/bind9!9148
In rpz system tests, we could leak file if the applying the updates has
failed. Add the missing fclose() before returning.
Merge branch 'ondrej/add-missing-flose-to-rpz-testlib' into 'main'
See merge request isc-projects/bind9!9317
Instead of directly using the result of dirfd() in the unlinkat() call,
check whether the returned file descriptor is actually valid. That
doesn't really change the logic as the unlinkat() would fail with
invalid descriptor anyway, but this is cleaner and will report the right
error returned directly by dirfd() instead of EBADF from unlinkat().
Closes#4853
Merge branch '4853-check-result-of-dirfd-in-isc_log' into 'main'
Closes#4853
See merge request isc-projects/bind9!9316
Instead of directly using the result of dirfd() in the unlinkat() call,
check whether the returned file descriptor is actually valid. That
doesn't really change the logic as the unlinkat() would fail with
invalid descriptor anyway, but this is cleaner and will report the right
error returned directly by dirfd() instead of EBADF from unlinkat().
The getifaddr() works fine for years, so we don't have to
keep the callback to parse /proc/net/if_inet6 anymore.
Closes#4852
Merge branch '4852-handle-errors-from-rewind' into 'main'
Closes#4852
See merge request isc-projects/bind9!9315
The clang-scan 19 has reported that we are ignoring errno after the call
to rewind(). As we don't really care about the result, just silence the
error, the whole code will be removed in the development version anyway
as it is not needed.
New version of clang (19) has introduced a stricter checks when mixing
integer (and float types) with enums. In this case, we used enum {}
as C17 doesn't have constexpr yet. Change the time conversion constants
to be static const unsigned int instead of enum values.
Closes#4845
Merge branch '4845-change-NS_PER_SEC-type-from-enum-to-integer' into 'main'
Closes#4845
See merge request isc-projects/bind9!9313
The contexpr introduced in C23 standard makes perfect sense to be used
instead of preprocessor macros - the symbols are kept, etc. Define
ISC_CONSTEXPR to be `constexpr` for C23 and `static const` for the older
C standards. Use the newly introduced macro for the NS_PER_SEC and
friends time constants.
New version of clang (19) has introduced a stricter checks when mixing
integer (and float types) with enums. In this case, we used enum {}
as C17 doesn't have constexpr yet. Change the time conversion constants
to be static const unsigned int instead of enum values.
The new TSAN images, the TSAN-enabled images install libraries to
opt/tsan, synchronize the configure options and CFLAGS between gcc:tsan
and clang:tsan images and set the PKG_CONFIG_PATH to /opt/tsan/lib.
Additionally, drop Debian bullseye that's EOL now.
Merge branch 'ondrej/use-staging-tsan-images' into 'main'
See merge request isc-projects/bind9!9324
The new TSAN images, the TSAN-enabled images install libraries to
/opt/tsan, synchronize the configure options and CFLAGS between gcc:tsan
and clang:tsan images and set the PKG_CONFIG_PATH to /opt/tsan/lib.
Check if 'lctx->logconfig' is NULL before using it in isc_log_doit(),
because it's possible that isc_log_destroy() was already called, e.g.
when a 'call_rcu' function wants to log a message during shutdown.
Closes#4842
Merge branch '4842-shutdown-crash-in-isc_log_doit' into 'main'
Closes#4842
See merge request isc-projects/bind9!9297
Check if 'lctx->logconfig' is NULL before using it in isc_log_doit(),
because it's possible that isc_log_destroy() was already called, e.g.
when a 'call_rcu' function wants to log a message during shutdown.
GCC 11.1+ emits a note during compilation when there are 64-bit
atomic fields in a structure, because it fixed a compiler bug
by changing the alignment of such fields, which caused ABI change.
Add -Wno-psabi to CFLAGS for such builds in order to silence the
warning. That shouldn't be a problem since we don't expose our
structures to the outside.
Closes#4841
Merge branch '4841-alignment-of-_Atomic-long-long-unsigned-int' into 'main'
Closes#4841
See merge request isc-projects/bind9!9319
GCC 11.1+ emits a note during compilation when there are 64-bit
atomic fields in a structure, because it fixed a compiler bug
by changing the alignment of such fields, which caused ABI change.
Add -Wno-psabi to CFLAGS for such builds in order to silence the
warning. That shouldn't be a problem since we don't expose our
structures to the outside.
The build system ensures it is always included for every source file.
Merge branch 'aydin/no-include-config-h' into 'main'
See merge request isc-projects/bind9!9320
Instead of keeping the whole array of test_node_t objects, just keep the
hashvalues and generated the rest of the test_node_t on the fly. The
test still works this way and the file size has been reduced from 2M to
90k.
Closes#4851
Merge branch '4851-generate-problematic-isc_hashmap-test-data' into 'main'
Closes#4851
See merge request isc-projects/bind9!9318
Instead of keeping the whole array of test_node_t objects, just keep the
hashvalues and generated the rest of the test_node_t on the fly. The
test still works this way and the file size has been reduced from 2M to
90k.
Change the placement of the attributes to match the existing usage in
other places (after the declaration).
Merge branch 'ondrej/ISC_CONSTRUCTOR-style' into 'main'
See merge request isc-projects/bind9!9291
