2
0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00

30160 Commits

Author SHA1 Message Date
Ondřej Surý
9abcff9ce3 Merge branch '1206-tcp-high-water-stats' into 'master'
Added tcp-high-water statistics variable.

Closes #1206

See merge request isc-projects/bind9!2425
2019-11-06 08:47:19 +00:00
Diego Fronza
ba3fe75e65 Added TCP high-water entry to CHANGES 2019-11-06 09:18:27 +01:00
Diego Fronza
dd492b64d9 Added TCP high-water entry to release notes 2019-11-06 09:18:27 +01:00
Diego Fronza
29be224a04 Added TCP high-water system tests
Note: ans6/ans6.py is a helper script that allows tests.sh to open/close
TCP connections to some BIND instance.
2019-11-06 09:18:27 +01:00
Diego Fronza
66fe8627de Added TCP high-water statistics variable
This variable will report the maximum number of simultaneous tcp clients
that BIND has served while running.

It can be verified by running rndc status, then inspect "tcp high-water:
count", or by generating statistics file, rndc stats, then inspect the
line with "TCP connection high-water" text.

The tcp-highwater variable is atomically updated based on an existing
tcp-quota system handled in ns/client.c.
2019-11-06 09:18:27 +01:00
Diego Fronza
a544e2e300 Add functions for collecting high-water counters
Add {isc,ns}_stats_{update_if_greater,get_counter}() functions that
are used to set and collect high-water type of statistics.
2019-11-06 09:11:20 +01:00
Diego Fronza
eb5611a770 Change the isc_stat_t type to isc__atomic_statcounter_t
The isc_stat_t type was too similar to isc_stats_t type, so the name was
changed to something more distinguishable.
2019-11-06 09:09:45 +01:00
Diego Fronza
0fc98ef2d5 Change the isc_statscounter_t type from int to C99 int_fast64_t type
For TCP high-water work, we need to keep the used integer types widths
in sync.

Note: int_fast32_t is used on WIN32 platform
2019-11-06 08:43:46 +01:00
Mark Andrews
5d4182c945 Merge branch '1301-geoip2-default-data-path' into 'master'
Resolve "geoip2 default data path"

Closes #1301

See merge request isc-projects/bind9!2520
2019-11-05 23:50:12 +00:00
Mark Andrews
7b10faf108 Add CHANGES note 2019-11-06 10:23:33 +11:00
Mark Andrews
51fb42edcb Regenerate configure. 2019-11-06 10:23:29 +11:00
Mark Andrews
2eaa75c380 Have 'named -V' report geoip-directory 2019-11-06 10:20:16 +11:00
Mark Andrews
fcd765a59d The default geoip-directory should be <MAXMINDDB_PREFIX>/share/GeoIP 2019-11-06 10:20:16 +11:00
Mark Andrews
e0fe33506c MAXMINDDB_LIBS should end with '/lib' not '/libs' 2019-11-06 10:20:16 +11:00
Ondřej Surý
ae33c75d06 Merge branch '664-fetches-per-server-quota-docs' into 'master'
Describe the polynomial backoff curve used in the quota adjustment

Closes #664

See merge request isc-projects/bind9!2519
2019-11-05 08:50:01 +00:00
Ondřej Surý
56ef09c3a1 Describe the polynomial backoff curve used in the quota adjustment 2019-11-05 09:48:15 +01:00
Ondřej Surý
5fc8130822 Merge branch '45-integrate-llvm-scan-build-to-gitlab-ci-workflow' into 'master'
Add LLVM/Clang scan-build checks into the GitLab CI

Closes #45

See merge request isc-projects/bind9!2452
2019-11-04 16:00:56 +00:00
Ondřej Surý
e9acad638e libdns: add missing checks for return values in dnstap unit test
Related scan-build report:

dnstap_test.c:169:2: warning: Value stored to 'result' is never read
        result = dns_test_makeview("test", &view);
        ^        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
dnstap_test.c:193:2: warning: Value stored to 'result' is never read
        result = dns_compress_init(&cctx, -1, dt_mctx);
        ^        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 warnings generated.
2019-11-04 16:15:22 +01:00
Ondřej Surý
6decd14592 named: remove named_g_defaultdnstap global variable
The named_g_defaultdnstap was never used as the dnstap requires
explicit configuration of the output file.

Related scan-build report:

./server.c:3476:14: warning: Value stored to 'dpath' during its initialization is never read
        const char *dpath = named_g_defaultdnstap;
                    ^~~~~   ~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
2019-11-04 16:15:22 +01:00
Ondřej Surý
64cf5144a6 libdns: Change check_dnskey_sigs() return type to void to match the reality how the function is used 2019-11-04 16:15:22 +01:00
Ondřej Surý
309dca417c tests: Resolve scan-build false positive by adding extra assertion 2019-11-04 16:15:22 +01:00
Ondřej Surý
6bbb0b8e42 dnssec: don't qsort() empty hashlist 2019-11-04 16:15:22 +01:00
Ondřej Surý
6bf364aec8 named: Add INSIST() after bindkeysfile configuration load to silence scan-build FP 2019-11-04 16:15:22 +01:00
Ondřej Surý
7aa7f8592c tests: Workaround scan-build false positive with FD_ZERO/FD_SET 2019-11-04 16:15:22 +01:00
Ondřej Surý
80b55d25de libdns: Remove useless checks for ISC_R_MEMORY, which cannot happen now 2019-11-04 16:15:22 +01:00
Ondřej Surý
5f584310bc ci: Add LLVM/Clang scan-build checks into the GitLab CI 2019-11-04 16:15:22 +01:00
Ondřej Surý
d2fdebe02e Merge branch 'u/fanf2/rndc-validation-status-noflush' into 'master'
Do not flush the cache for `rndc validation status`

See merge request isc-projects/bind9!2462
2019-10-31 15:19:57 -04:00
Ondřej Surý
9de062ae76 Add CHANGES 2019-10-31 13:32:00 -05:00
Tony Finch
b612e38af1 Do not flush the cache for rndc validation status
And add a note to the man page that `rndc validation` flushes the
cache when the validation state is changed. (It is necessary to flush
the cache when turning on validation, to avoid continuing to use
cryptographically invalid data. It is probably wise to flush the cache
when turning off validation to recover from lameness problems.)
2019-10-31 13:31:41 -05:00
Ondřej Surý
de368cdf1c Merge branch 'u/fanf2/rndc-validation-status-views' into 'master'
Include all views in output of `rndc validation status`

See merge request isc-projects/bind9!2461
2019-10-31 14:29:43 -04:00
Tony Finch
a7bcca50c1 Add CHANGES 2019-10-31 11:28:00 -05:00
Tony Finch
bebeadc8e6 Include all views in output of rndc validation status
The implementation of `rndc validation status` iterates over all the
views to print their validation status. It takes care to print newlines
in between, but it also used put a nul byte at the end of the first view
which truncated the output.

After this change, the nul byte is added at the end so that it prints
the validation status in all views. The `_bind` view is skipped
because its validation status is irrelevant.
2019-10-31 11:28:00 -05:00
Michal Nowak
ebbe199715 Merge branch 'mnowak/1244-extra-quotes-around-TESTSOCK6/master' into 'master'
digdelv: Extra quotes prevent IPv6 runs

See merge request isc-projects/bind9!2390
2019-10-31 12:26:46 -04:00
Michal Nowak
1b6419f8a7
digdelv: Extra quotes prevent IPv6 runs
Portion of the digdelv test are skipped on IPv6 due to extra quotes
around $TESTSOCK6: "I:digdelv:IPv6 unavailable; skipping".

Researched by @michal.

Regressed with 351efd8812560c97e1bc7f6142b80ac5798d6ded.
2019-10-31 16:52:28 +01:00
Ondřej Surý
b7ed939659 Merge branch 'ondrej/update-git-replay-merge' into 'master'
Update the git-replay-merge to use the latest GitLab -o options

See merge request isc-projects/bind9!2503
2019-10-31 10:18:44 -04:00
Ondřej Surý
0d61b73958 Update the git-replay-merge to use the latest GitLab -o options 2019-10-31 09:18:01 -05:00
Ondřej Surý
ecdbc14035 Merge branch '876-documentation-feedback' into 'master'
Minor documentation updates

Closes #876

See merge request isc-projects/bind9!2483
2019-10-31 10:05:49 -04:00
Ondřej Surý
e0618174b6 arm: add more text describing interaction between automatic-interface-scan and interface-interval 2019-10-31 09:04:01 -05:00
Ondřej Surý
f7eea400a8 arm: Fix the default for the lock-file command, it's 'none' 2019-10-31 09:04:01 -05:00
Brian Conry
c6f91f8bd0 arm: Add an explanation on the effect of 'require-server-cookie yes;' 2019-10-31 09:04:01 -05:00
Mark Andrews
c5453ea328 arm: add why when to set 'require-server-cookie yes;' 2019-10-31 09:04:01 -05:00
Mark Andrews
1ea6aadf6f arm: document resolver-nonbackoff-tries and resolver-retry-interval 2019-10-31 09:04:01 -05:00
Mark Andrews
d8abf4f5b6 arm: add default values for require-server-cookie and send-cookie options 2019-10-31 09:04:01 -05:00
Michał Kępień
18dff8e031 Merge branch '1059-prevent-tcp-failures-from-affecting-edns-stats' into 'master'
Prevent TCP failures from affecting EDNS stats

See merge request isc-projects/bind9!2501
2019-10-31 05:36:50 -04:00
Michał Kępień
36d3c66e4e Add CHANGES entry
5310.	[bug]		TCP failures were affecting EDNS statistics. [GL #1059]
2019-10-31 09:54:07 +01:00
Michał Kępień
fce3c93ea2 Prevent TCP failures from affecting EDNS stats
EDNS mechanisms only apply to DNS over UDP.  Thus, errors encountered
while sending DNS queries over TCP must not influence EDNS timeout
statistics.
2019-10-31 09:54:05 +01:00
Michał Kępień
7346e6d3b5 Merge branch '1059-prevent-query-loops-for-misbehaving-servers' into 'master'
Prevent query loops for misbehaving servers

See merge request isc-projects/bind9!2500
2019-10-31 04:45:50 -04:00
Michał Kępień
6cd115994e Prevent query loops for misbehaving servers
If a TCP connection fails while attempting to send a query to a server,
the fetch context will be restarted without marking the target server as
a bad one.  If this happens for a server which:

  - was already marked with the DNS_FETCHOPT_EDNS512 flag,
  - responds to EDNS queries with the UDP payload size set to 512 bytes,
  - does not send response packets larger than 512 bytes,

and the response for the query being sent is larger than 512 byes, then
named will pointlessly alternate between sending UDP queries with EDNS
UDP payload size set to 512 bytes (which are responded to with truncated
answers) and TCP connections until the fetch context retry limit is
reached.  Prevent such query loops by marking the server as bad for a
given fetch context if the advertised EDNS UDP payload size for that
server gets reduced to 512 bytes and it is impossible to reach it using
TCP.
2019-10-31 08:48:35 +01:00
Michał Kępień
9fd89c0587 Merge branch 'michal/placeholder-2476' into 'master'
Add a CHANGES placeholder

See merge request isc-projects/bind9!2502
2019-10-30 11:12:37 -04:00
Michał Kępień
3c29291842 Add a CHANGES placeholder
See [GL !2476].
2019-10-30 16:10:39 +01:00