2
0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 05:28:00 +00:00

8548 Commits

Author SHA1 Message Date
Ondřej Surý
ce3e1abc1d Use dns_name_copynf() with dns_message_gettempname() when needed
dns_message_gettempname() returns an initialized name with a dedicated
buffer, associated with a dns_fixedname object.  Using dns_name_copynf()
to write a name into this object will actually copy the name data
from a source name. dns_name_clone() merely points target->ndata to
source->ndata, so it is faster, but it can lead to a use-after-free if
the source is freed before the target object is released via
dns_message_puttempname().

In a few places, clone was being used where copynf should have been;
this is now fixed.

As a side note, no memory was lost, because the ndata buffer used in
the dns_fixedname_t is internal to the structure, and is freed when
the dns_fixedname_t is freed regardless of the .ndata contents.
2021-05-21 21:28:10 -07:00
Ondřej Surý
5ee9edc4ce Optimize rdataset_getownercase not to use bitshifts
The last rdataset_getownercase() left it in a state where the code was
mix of microoptimizations (manual loop unrolling, complicated bitshifts)
with a code that would always rewrite the character even if it stayed
the same after transformation.

This commit makes sure that we modify only the characters that actually
need to change, removes the manual loop unrolling, and replaces the
weird bit arithmetics with a simple shift and bit-and.
2021-05-20 20:41:29 +02:00
Evan Hunt
e31cc1eeb4 use a fixedname buffer in dns_message_gettempname()
dns_message_gettempname() now returns a pointer to an initialized
name associated with a dns_fixedname_t object. it is no longer
necessary to allocate a buffer for temporary names associated with
the message object.
2021-05-20 20:41:29 +02:00
Matthijs Mekking
252a1ae0a1 Lock kasp when looking for zone keys
We should also lock kasp when reading key files, because at the same
time the zone in another view may be updating the key file.
2021-05-20 09:15:43 +02:00
Matthijs Mekking
19395fd168 Fix coverity issue 331478
Move the "cannot start rollover" warning into code block that checks
if 'active_key' is not NULL.
2021-05-19 00:45:54 +00:00
Mark Andrews
314b5362a8 Remove dns_zone_setflag()
This function has never been used since it was added to the source tree
by commit 686b27bfd3ef906721fad485e3dae759679890b7 back in 1999.  As
the dns_zoneflg_t type is only defined in lib/dns/zone.c, no function
external to that file would be able to use dns_zone_setflag() properly
anyway - the DNS_ZONE_SETFLAG() and DNS_ZONE_CLRFLAG() macros should be
used instead. Zone options that can be set from outside zone.c are set
using dns_zone_setoption().
2021-05-18 16:02:18 -07:00
Mark Andrews
5d21042ed8 Adjust returned method from dns_updatemethod_date
if dns_updatemethod_date is used do that the returned method is only
set to dns_updatemethod_increment if the new serial does not encode
the current day (YYYYMMDDXX).
2021-05-18 12:30:22 +00:00
Mark Andrews
29f1c1e677 Silence gcc-10-fanalyzer false positive
If 'state == ft_ordinary' then 'label' can't be NULL. Add
INSIST to reflect this.
2021-05-18 15:51:51 +10:00
Mark Andrews
683ad6e4bd Silence gcc-10-fanalyzer false positive
Add REQUIRE(type == dns_rdatatype_nsec3 || firstp != NULL); so
that dereferences of *firstp is not flagged as a NULL pointer
dereference.
2021-05-18 15:19:28 +10:00
Mark Andrews
8eed392add Address potential resource leak in dst_key_fromnamedfile 2021-05-18 10:33:43 +10:00
Michal Nowak
c628f2c71b
Make masterXX.data.in reachable by out-of-tree builds
Unit test run for out-of-tree builds used to fail to find
masterXX.data.in files:

    /usr/bin/perl -w /builds/mnowak/bind9/lib/dns/tests/mkraw.pl < testdata/master/master12.data.in > testdata/master/master12.data
    /bin/bash: testdata/master/master12.data.in: No such file or directory
    make[4]: *** [Makefile:1910: testdata/master/master12.data] Error 1
2021-05-14 13:22:09 +02:00
Mark Andrews
e86508708d Check that the first and last SOA of an AXFR are consistent 2021-05-13 03:36:50 +00:00
Evan Hunt
5c08f97791 only run tasks as privileged if taskmgr is in privileged mode
all zone loading tasks have the privileged flag, but we only want
them to run as privileged tasks when the server is being initialized;
if we privilege them the rest of the time, the server may hang for a
long time after a reload/reconfig. so now we call isc_taskmgr_setmode()
to turn privileged execution mode on or off in the task manager.

isc_task_privileged() returns true if the task's privilege flag is
set *and* the taskmgr is in privileged execution mode. this is used
to determine in which netmgr event queue the task should be run.
2021-05-07 14:28:30 -07:00
Ondřej Surý
b5bf58b419 Destroy netmgr before destroying taskmgr
With taskmgr running on top of netmgr, the ordering of how the tasks and
netmgr shutdown interacts was wrong as previously isc_taskmgr_destroy()
was waiting until all tasks were properly shutdown and detached.  This
responsibility was moved to netmgr, so we now need to do the following:

  1. shutdown all the tasks - this schedules all shutdown events onto
     the netmgr queue

  2. shutdown the netmgr - this also makes sure all the tasks and
     events are properly executed

  3. Shutdown the taskmgr - this now waits for all the tasks to finish
     running before returning

  4. Shutdown the netmgr - this call waits for all the netmgr netievents
     to finish before returning

This solves the race when the taskmgr object would be destroyed before
all the tasks were finished running in the netmgr loops.
2021-05-07 14:28:30 -07:00
Ondřej Surý
a011d42211 Add new isc_managers API to simplify <*>mgr create/destroy
Previously, netmgr, taskmgr, timermgr and socketmgr all had their own
isc_<*>mgr_create() and isc_<*>mgr_destroy() functions.  The new
isc_managers_create() and isc_managers_destroy() fold all four into a
single function and makes sure the objects are created and destroy in
correct order.

Especially now, when taskmgr runs on top of netmgr, the correct order is
important and when the code was duplicated at many places it's easy to
make mistake.

The former isc_<*>mgr_create() and isc_<*>mgr_destroy() functions were
made private and a single call to isc_managers_create() and
isc_managers_destroy() is required at the program startup / shutdown.
2021-05-07 10:19:05 -07:00
Matthijs Mekking
66f2cd228d Use isdigit instead of checking character range
When looking for key files, we could use isdigit rather than checking
if the character is within the range [0-9].

Use (unsigned char) cast to ensure the value is representable in the
unsigned char type (as suggested by the isdigit manpage).

Change " & 0xff" occurrences to the recommended (unsigned char) type
cast.
2021-05-05 19:15:33 +02:00
Mark Andrews
4a8e33b9f0 Always perform a re-write when processing a version 1 journal
version 1 journals may have a mix of type 1 and type 2 transaction
headers so always use the recovery code.
2021-05-05 23:12:37 +10:00
Matthijs Mekking
636ff1e15c No longer need to strcmp for "none"
When we introduced "dnssec-policy insecure" we could have removed the
'strcmp' check for "none", because if it was set to "none", the 'kasp'
variable would have been set to NULL.
2021-05-05 11:23:53 +02:00
Matthijs Mekking
6a60bf637d Update smart signing when key is offline
BIND 9 is smart about when to sign with what key. If a key is offline,
BIND will delete the old signature anyway if there is another key to
sign the RRset with.

With KASP we don't want to fallback to the KSK if the ZSK is missing,
only for the SOA RRset. If the KSK is missing, but we do have a ZSK,
deleting the signature is fine. Otherwise it depends on if we use KASP
or not. Update the 'delsig_ok' function to reflect that.
2021-05-05 11:13:19 +02:00
Matthijs Mekking
3e6fc49c16 Don't roll offline keys
When checking the current DNSSEC state against the policy, consider
offline keys. If we didn't found an active key, check if the key is
offline by checking the public key list. If there is a match in the
public key list (the key data is retrieved from the .key and the
.state files), treat the key as offline and don't create a successor
key for it.
2021-05-05 11:13:19 +02:00
Matthijs Mekking
7ed089576f Try to read state when reading keylist from rdata
The function 'dns_dnssec_keylistfromrdataset()' creates a keylist from
the DNSKEY RRset. If we attempt to read the private key, we also store
the key state. However, if the private key is offline, the key state
will not be stored. To fix this, first attempt to read the public key
file. If then reading the private key file fails, and we do have a
public key, add that to the keylist, with appropriate state. If we
also failed to read the public key file, add the DNSKEY to the keylist,
as we did before.
2021-05-05 11:13:19 +02:00
Matthijs Mekking
fa05c1b8da When reading public key from file, also read state
The 'dst_key_fromnamedfile()' function did not read and store the
key state from the .state file when reading a public key file.
2021-05-05 11:13:19 +02:00
Matthijs Mekking
cf17698f87 Fix a kasp lock issue
The kasp lock would stay locked if 'dns_keymgr_run' failed.
2021-05-05 11:13:19 +02:00
Ondřej Surý
d2dba352cb Fix RFC292 -> RFC952 typo 2021-05-04 17:21:52 +02:00
Ondřej Surý
c37ff5d188 Add nanosleep and usleep Windows shims
This commit adds POSIX nanosleep() and usleep() shim implementation for
Windows to help implementors use less #ifdef _WIN32 in the code.
2021-05-03 20:22:54 +02:00
Matthijs Mekking
2710d9a11d Add built-in dnssec-policy "insecure"
Add a new built-in policy "insecure", to be used to gracefully unsign
a zone. Previously you could just remove the 'dnssec-policy'
configuration from your zone statement, or remove it.

The built-in policy "none" (or not configured) now actually means
no DNSSEC maintenance for the corresponding zone. So if you
immediately reconfigure your zone from whatever policy to "none",
your zone will temporarily be seen as bogus by validating resolvers.

This means we can remove the functions 'dns_zone_use_kasp()' and
'dns_zone_secure_to_insecure()' again. We also no longer have to
check for the existence of key state files to figure out if a zone
is transitioning to insecure.
2021-04-30 11:18:38 +02:00
Mark Andrews
8510ccaa54 Update ZONEMD to match RFC 8976
* The location of the digest type field has changed to where the
  reserved field was.
* The reserved field is now called scheme and is where the digest
  type field was.
* Digest type 2 has been defined (SHA256).
2021-04-30 10:43:37 +10:00
Mark Andrews
af02bbcdd6 Mark DNSSEC responses with NSEC3 records that exceed 150 as insecure 2021-04-29 13:43:40 +02:00
Mark Andrews
5318627227 Unload a zone if a transfer breaks its SOA record
If a zone transfer results in a zone not having any NS records, named
stops serving it because such a zone is broken.  Do the same if an
incoming zone transfer results in a zone lacking an SOA record at the
apex or containing more than one SOA record.
2021-04-29 10:30:00 +02:00
Mark Andrews
2ca0bd882d Address inconsistencies in checking added RRsets
loading_addrdataset() rejects SOA RRsets which are not at top of zone.
addrdataset() should similarly reject such RRsets.
2021-04-29 10:30:00 +02:00
Mark Andrews
01209dfa49 Check SOA owner names in zone transfers
An IXFR containing SOA records with owner names different than the
transferred zone's origin can result in named serving a version of that
zone without an SOA record at the apex.  This causes a RUNTIME_CHECK
assertion failure the next time such a zone is refreshed.  Fix by
immediately rejecting a zone transfer (either an incremental or
non-incremental one) upon detecting an SOA record not placed at the apex
of the transferred zone.
2021-04-29 10:30:00 +02:00
Mark Andrews
c9f5f8a059 Warn if there is excessive NSEC3 iterations 2021-04-29 17:18:26 +10:00
Mark Andrews
29126500d2 Reduce nsec3 max iterations to 150 2021-04-29 17:18:26 +10:00
Mark Andrews
b7cdc3583e Be more precise with the stopping conditions in zone_resigninc
If there happens to be a RRSIG(SOA) that is not at the zone apex
for any reason it should not be considered as a stopping condition
for incremental zone signing.
2021-04-23 14:26:48 +02:00
Matthijs Mekking
668301f138 Check for keyid conflicts between new keys
When the keymgr needs to create new keys, it is possible it needs to
create multiple keys. The keymgr checks for keyid conflicts with
already existing keys, but it should also check against that it just
created.
2021-04-26 10:42:46 +02:00
Ondřej Surý
b540722bc3 Refactor taskmgr to run on top of netmgr
This commit changes the taskmgr to run the individual tasks on the
netmgr internal workers.  While an effort has been put into keeping the
taskmgr interface intact, couple of changes have been made:

 * The taskmgr has no concept of universal privileged mode - rather the
   tasks are either privileged or unprivileged (normal).  The privileged
   tasks are run as a first thing when the netmgr is unpaused.  There
   are now four different queues in in the netmgr:

   1. priority queue - netievent on the priority queue are run even when
      the taskmgr enter exclusive mode and netmgr is paused.  This is
      needed to properly start listening on the interfaces, free
      resources and resume.

   2. privileged task queue - only privileged tasks are queued here and
      this is the first queue that gets processed when network manager
      is unpaused using isc_nm_resume().  All netmgr workers need to
      clean the privileged task queue before they all proceed normal
      operation.  Both task queues are processed when the workers are
      finished.

   3. task queue - only (traditional) task are scheduled here and this
      queue along with privileged task queues are process when the
      netmgr workers are finishing.  This is needed to process the task
      shutdown events.

   4. normal queue - this is the queue with netmgr events, e.g. reading,
      sending, callbacks and pretty much everything is processed here.

 * The isc_taskmgr_create() now requires initialized netmgr (isc_nm_t)
   object.

 * The isc_nm_destroy() function now waits for indefinite time, but it
   will print out the active objects when in tracing mode
   (-DNETMGR_TRACE=1 and -DNETMGR_TRACE_VERBOSE=1), the netmgr has been
   made a little bit more asynchronous and it might take longer time to
   shutdown all the active networking connections.

 * Previously, the isc_nm_stoplistening() was a synchronous operation.
   This has been changed and the isc_nm_stoplistening() just schedules
   the child sockets to stop listening and exits.  This was needed to
   prevent a deadlock as the the (traditional) tasks are now executed on
   the netmgr threads.

 * The socket selection logic in isc__nm_udp_send() was flawed, but
   fortunatelly, it was broken, so we never hit the problem where we
   created uvreq_t on a socket from nmhandle_t, but then a different
   socket could be picked up and then we were trying to run the send
   callback on a socket that had different threadid than currently
   running.
2021-04-20 23:22:28 +02:00
Ondřej Surý
6cf6de55bc Prevent the double xfrin_fail() call
When we are reading from the xfrin socket, and the transfer would be
shutdown, the shutdown function would call `xfrin_fail()` which in turns
calls `xfrin_cancelio()` that causes the read callback to be invoked
with `ISC_R_CANCELED` status code and that caused yet another
`xfrin_fail()` call.

The fix here is to ensure the `xfrin_fail()` would be run only once
properly using better synchronization on xfr->shuttingdown flag.
2021-04-20 14:12:26 +02:00
Ondřej Surý
25d27851d8 Fix lock-order-inversion (potential deadlock) in dns_resolver_createfetch
There's a lock-order-inversion when running `zone_maintenance()` from
the timer while shutting down the server `shutdown_server()`.  This only
happens when the taskmgr scheduling is more relaxed and paralellized,
but the issue is real nevertheless.

The associated ThreadSanitizer warning:

    WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock)
      Cycle in lock order graph: M1 (0x000000000001) => M2 (0x000000000000) => M1

      Mutex M2 acquired here while holding mutex M1 in thread T1:
	#0 pthread_mutex_lock <null>
	#1 dns_view_findzonecut lib/dns/view.c:1326:2
	#2 fctx_create lib/dns/resolver.c:5144:13
	#3 dns_resolver_createfetch lib/dns/resolver.c:10977:12
	#4 zone_refreshkeys lib/dns/zone.c:10830:13
	#5 zone_maintenance lib/dns/zone.c:11065:5
	#6 zone_timer lib/dns/zone.c:14652:2
	#7 task_run lib/isc/task.c:857:5
	#8 isc_task_run lib/isc/task.c:944:10
	#9 isc__nm_async_task lib/isc/netmgr/netmgr.c:730:24
	#10 process_netievent lib/isc/netmgr/netmgr.c
	#11 process_queue lib/isc/netmgr/netmgr.c:885:8
	#12 process_tasks_queue lib/isc/netmgr/netmgr.c:756:10
	#13 process_queues lib/isc/netmgr/netmgr.c:772:7
	#14 async_cb lib/isc/netmgr/netmgr.c:671:2
	#15 uv__async_io /home/ondrej/Projects/tsan/libuv/src/unix/async.c:163:5
	#16 uv__io_poll /home/ondrej/Projects/tsan/libuv/src/unix/linux-core.c:462:11
	#17 uv_run /home/ondrej/Projects/tsan/libuv/src/unix/core.c:392:5
	#18 nm_thread lib/isc/netmgr/netmgr.c:597:11
	#19 isc__trampoline_run lib/isc/trampoline.c:184:11

      Mutex M1 previously acquired by the same thread here:
	#0 pthread_mutex_lock <null>
	#1 zone_refreshkeys lib/dns/zone.c:10717:2
	#2 zone_maintenance lib/dns/zone.c:11065:5
	#3 zone_timer lib/dns/zone.c:14652:2
	#4 task_run lib/isc/task.c:857:5
	#5 isc_task_run lib/isc/task.c:944:10
	#6 isc__nm_async_task lib/isc/netmgr/netmgr.c:730:24
	#7 process_netievent lib/isc/netmgr/netmgr.c
	#8 process_queue lib/isc/netmgr/netmgr.c:885:8
	#9 process_tasks_queue lib/isc/netmgr/netmgr.c:756:10
	#10 process_queues lib/isc/netmgr/netmgr.c:772:7
	#11 async_cb lib/isc/netmgr/netmgr.c:671:2
	#12 uv__async_io /home/ondrej/Projects/tsan/libuv/src/unix/async.c:163:5
	#13 uv__io_poll /home/ondrej/Projects/tsan/libuv/src/unix/linux-core.c:462:11
	#14 uv_run /home/ondrej/Projects/tsan/libuv/src/unix/core.c:392:5
	#15 nm_thread lib/isc/netmgr/netmgr.c:597:11
	#16 isc__trampoline_run lib/isc/trampoline.c:184:11

      Mutex M1 acquired here while holding mutex M2 in thread T2:
	#0 pthread_mutex_lock <null>
	#1 dns_zone_flush lib/dns/zone.c:11443:2
	#2 view_flushanddetach lib/dns/view.c:657:5
	#3 dns_view_flushanddetach lib/dns/view.c:690:2
	#4 shutdown_server bin/named/server.c:10056:4
	#5 task_run lib/isc/task.c:857:5
	#6 isc_task_run lib/isc/task.c:944:10
	#7 isc__nm_async_task lib/isc/netmgr/netmgr.c:730:24
	#8 process_netievent lib/isc/netmgr/netmgr.c
	#9 process_queue lib/isc/netmgr/netmgr.c:885:8
	#10 process_tasks_queue lib/isc/netmgr/netmgr.c:756:10
	#11 process_queues lib/isc/netmgr/netmgr.c:772:7
	#12 async_cb lib/isc/netmgr/netmgr.c:671:2
	#13 uv__async_io /home/ondrej/Projects/tsan/libuv/src/unix/async.c:163:5
	#14 uv__io_poll /home/ondrej/Projects/tsan/libuv/src/unix/linux-core.c:462:11
	#15 uv_run /home/ondrej/Projects/tsan/libuv/src/unix/core.c:392:5
	#16 nm_thread lib/isc/netmgr/netmgr.c:597:11
	#17 isc__trampoline_run lib/isc/trampoline.c:184:11

      Mutex M2 previously acquired by the same thread here:
	#0 pthread_mutex_lock <null>
	#1 view_flushanddetach lib/dns/view.c:645:3
	#2 dns_view_flushanddetach lib/dns/view.c:690:2
	#3 shutdown_server bin/named/server.c:10056:4
	#4 task_run lib/isc/task.c:857:5
	#5 isc_task_run lib/isc/task.c:944:10
	#6 isc__nm_async_task lib/isc/netmgr/netmgr.c:730:24
	#7 process_netievent lib/isc/netmgr/netmgr.c
	#8 process_queue lib/isc/netmgr/netmgr.c:885:8
	#9 process_tasks_queue lib/isc/netmgr/netmgr.c:756:10
	#10 process_queues lib/isc/netmgr/netmgr.c:772:7
	#11 async_cb lib/isc/netmgr/netmgr.c:671:2
	#12 uv__async_io /home/ondrej/Projects/tsan/libuv/src/unix/async.c:163:5
	#13 uv__io_poll /home/ondrej/Projects/tsan/libuv/src/unix/linux-core.c:462:11
	#14 uv_run /home/ondrej/Projects/tsan/libuv/src/unix/core.c:392:5
	#15 nm_thread lib/isc/netmgr/netmgr.c:597:11
	#16 isc__trampoline_run lib/isc/trampoline.c:184:11

      Thread T2 (running) created by main thread at:
	#0 pthread_create <null>
	#1 isc_thread_create lib/isc/pthreads/thread.c:79:8
	#2 isc_nm_start lib/isc/netmgr/netmgr.c:303:3
	#3 create_managers bin/named/main.c:957:15
	#4 setup bin/named/main.c:1267:11
	#5 main bin/named/main.c:1558:2

      Thread T2 (running) created by main thread at:
	#0 pthread_create <null>
	#1 isc_thread_create lib/isc/pthreads/thread.c:79:8
	#2 isc_nm_start lib/isc/netmgr/netmgr.c:303:3
	#3 create_managers bin/named/main.c:957:15
	#4 setup bin/named/main.c:1267:11
	#5 main bin/named/main.c:1558:2

    SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) in __interceptor_pthread_mutex_lock
2021-04-19 22:29:14 +02:00
Ondřej Surý
0127ba6472 Fix task timing race in setnsec3param()
When setnsec3param() is schedule from zone_postload() there's no
guarantee that `zone->db` is not `NULL` yet.  Thus when the
setnsec3param() is called, we need to check for `zone->db` existence and
reschedule the task, because calling `rss_post()` on a zone with empty
`.db` ends up with no-op (the function just returns).
2021-04-19 11:16:51 +02:00
Mark Andrews
eadb829dac properly initialise resarg->lock 2021-04-19 14:32:40 +10:00
Evan Hunt
568d455c99 rename dns_client_createx() to dns_client_create()
there's no longer a need to use an alternate name.
2021-04-16 14:29:43 +02:00
Evan Hunt
1beb05f3e2 remove dns_client_request() and related code
continues the cleanup of dns_client started in the previous commit.
2021-04-16 14:29:43 +02:00
Evan Hunt
fb2a352e7c remove dns_client_update() and related code
the libdns client API is no longer being maintained for
external use, we can remove the code that isn't being used
internally, as well as the related tests.
2021-04-16 14:29:43 +02:00
Ondřej Surý
55b942b4a0 Refactor dns_journal_rollforward() to work over opened journal
Too much logic was cramped inside the dns_journal_rollforward() that
made it harder to follow.  The dns_journal_rollforward() was refactored
to work over already opened journal and some of the previous logic was
moved to new static zone_journal_rollforward() that separates the
journal "rollforward" logic from the "zone" logic.
2021-04-16 12:04:06 +02:00
Mark Andrews
ec7a9af381 Fixing a recoverable journal should not result in the zone being written
when dns_journal_rollforward returned ISC_R_RECOVERABLE the distintion
between 'up to date' and 'success' was lost, as a consequence
zone_needdump() was called writing out the zone file when it shouldn't
have been.   This change restores that distintion.  Adjust system
test to reflect visible changes.
2021-04-16 11:15:46 +02:00
Matthijs Mekking
8fcbef2423 Small refactor lib/dns/zone.c
Introduce some macros that can be reused in 'zone_load_soa_rr()' and
'zone_get_from_db()' to make those functions more readable.
2021-04-13 11:26:26 +02:00
Matthijs Mekking
032110bd2e Use designated initializer in dns_zone_create
Shorten the code and make it less prone to initialisation errors
(it is still easy to forget adding an initializer, but it now defaults
to 0).
2021-04-13 11:26:26 +02:00
Matthijs Mekking
9af8caa733 Implement draft-vandijk-dnsop-nsec-ttl
The draft says that the NSEC(3) TTL must have the same TTL value
as the minimum of the SOA MINIMUM field and the SOA TTL. This was
always the intended behaviour.

Update the zone structure to also track the SOA TTL. Whenever we
use the MINIMUM value to determine the NSEC(3) TTL, use the minimum
of MINIMUM and SOA TTL instead.

There is no specific test for this, however two tests need adjusting
because otherwise they failed: They were testing for NSEC3 records
including the TTL. Update these checks to use 600 (the SOA TTL),
rather than 3600 (the SOA MINIMUM).
2021-04-13 11:26:26 +02:00
Matthijs Mekking
a83c8cb0af Use stale TTL as RRset TTL in dumpdb
It is more intuitive to have the countdown 'max-stale-ttl' as the
RRset TTL, instead of 0 TTL. This information was already available
in a comment "; stale (will be retained for x more seconds", but
Support suggested to put it in the TTL field instead.
2021-04-13 09:48:20 +02:00
Matthijs Mekking
debee6157b Check staleness in bind_rdataset
Before binding an RRset, check the time and see if this record is
stale (or perhaps even ancient). Marking a header stale or ancient
happens only when looking up an RRset in cache, but binding an RRset
can also happen on other occasions (for example when dumping the
database).

Check the time and compare it to the header. If according to the
time the entry is stale, but not ancient, set the STALE attribute.
If according to the time is ancient, set the ANCIENT attribute.

We could mark the header stale or ancient here, but that requires
locking, so that's why we only compare the current time against
the rdh_ttl.

Adjust the test to check the dump-db before querying for data. In the
dumped file the entry should be marked as stale, despite no cache
lookup happened since the initial query.
2021-04-13 09:48:20 +02:00