mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00
Code Issues Releases Wiki Activity
28,050 Commits 657 Branches 820 Tags
Commit Graph

28050 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michał Kępień
e1f0aed034 Fix isc_buffer_copyregion() for auto-reallocated buffers 
While isc_buffer_copyregion() calls isc_buffer_reserve() to ensure the
target buffer will have enough available space to append the contents of
the source region to it, the variables used for subsequently checking
available space are not updated accordingly after that call.  This
prevents isc_buffer_copyregion() from working as expected for
auto-reallocated buffers: ISC_R_NOSPACE will be returned if enough space
is not already available in the target buffer before it is reallocated.
Fix by calling isc_buffer_used() and isc_buffer_availablelength()
directly instead of assigning their return values to local variables.
 2018-10-30 13:33:25 +01:00
Michał Kępień
15440d8027 Add unit tests for isc_buffer_copyregion() 
Add some basic checks for isc_buffer_copyregion() to ensure it behaves
as expected for both fixed-size buffers and buffers which can be
automatically reallocated.  Adjust the list of headers included by
lib/isc/tests/buffer_test.c so that it matches what that test program
really uses.
 2018-10-30 13:33:25 +01:00
Ondřej Surý
0c23a3b0c0 Merge branch 'ondrej/cleanup-leftover-fatal' into 'master' 
Remove double result check leftover

See merge request isc-projects/bind9!945
 2018-10-30 07:56:51 -04:00
Ondřej Surý
065ff16e40 Remove double result check leftover 2018-10-30 10:30:40 +00:00
Mark Andrews
503e9b70cf Merge branch '631-dns_rdata_compare-for-nxt-performs-case-sensitive-name-comparison' into 'master' 
Resolve "dns_rdata_compare() for NXT performs case sensitive name comparison"

Closes #631

See merge request isc-projects/bind9!917
 2018-10-29 23:59:52 -04:00
Mark Andrews
921bc89f59 add CHANGES note 2018-10-30 14:51:39 +11:00
Mark Andrews
cf83016682 compare_nxt compared records with identical next fields case insensitively 2018-10-30 14:51:39 +11:00
Mark Andrews
f2368ce181 Merge branch '638-record-types-with-empty-rdata-fields-were-not-being-handled-correctly' into 'master' 
Resolve "Record types with empty rdata fields were not being handled correctly."

Closes #638

See merge request isc-projects/bind9!919
 2018-10-29 20:11:22 -04:00
Mark Andrews
97a680e5ce document eol 2018-10-30 11:03:02 +11:00
Mark Andrews
2ff57d8a39 Record types which support a empty rdata field were not handling the empty rdata field case. 2018-10-30 11:03:02 +11:00
Witold Krecicki
9ff13b23f7 Merge branch 'wpk-fix-race-in-rpz-with-min-update-interval-0' into 'master' 
Fix a race in RPZ with min-update-interval set to 0

Closes #643

See merge request isc-projects/bind9!907
 2018-10-29 18:12:09 -04:00
Witold Kręcicki
8283cbabdc <stdlib.h> include in rpz.c for strtoul 2018-10-29 23:04:01 +01:00
Michał Kępień
139bc2c6ab Release all resources when shutting down an RPZ zone during an update 
If an RPZ zone is to be freed during an update, canceling the
update_quantum() event is not enough because the resources released when
an update completes also need to be accounted for.  Failure to do this
results in a hang upon shutdown.  Fix by copying cleanup code from the
end of update_quantum() to rpz_detach().
 2018-10-29 23:04:00 +01:00
Witold Kręcicki
faf2c7711a Fix a race in RPZ with min-update-interval set to 0 
If another RPZ update is pending when processing the previous one nears
completion and min-update-interval is set to 0, isc_timer_reset() gets
called with 'interval' set to 0, which triggers an assertion failure.
To prevent such a scenario from causing a crash, queue the update event
directly instead of asking the timer thread to do it.
 2018-10-29 23:04:00 +01:00
Witold Krecicki
c3b6eaf3d2 Merge branch '361-forwarding-qname-minimization' into 'master' 
Resolve "Issue With MR 253 QNAME Minimization"

Closes #361 and #583

See merge request isc-projects/bind9!933
 2018-10-29 15:31:00 -04:00
Witold Kręcicki
55a12a4136 Changes 2018-10-29 19:22:31 +00:00
Witold Kręcicki
37df3ca8b6 Style nits 2018-10-29 19:22:10 +00:00
Witold Kręcicki
08460c8cb2 Don't do qname minimization when forwarding; Avoid some intermittent errors in qmin tests caused by timing 2018-10-29 19:22:10 +00:00
Witold Kręcicki
b4ca282589 Test for #361 - forwarding breaks with qname minimization 2018-10-29 19:22:10 +00:00
Evan Hunt
68f1e8e940 Merge branch '642-missing-include' into 'master' 
added stdatomic.h and md.h

Closes #642

See merge request isc-projects/bind9!936
 2018-10-29 14:35:23 -04:00
Evan Hunt
dfe5d3330c added stdatomic.h and md.h 2018-10-29 11:26:38 -07:00
Evan Hunt
ea9a5e3da4 Merge branch '641-unquoted-rpz' into 'master' 
allow unquoted response-policy zone names

Closes #641

See merge request isc-projects/bind9!926
 2018-10-29 12:41:35 -04:00
Evan Hunt
507230aa88 allow unquoted response-policy zone names 2018-10-29 12:25:35 -04:00
Mark Andrews
c6efbe5d26 Merge branch '635-unchecked-return-in-query-c' into 'master' 
Resolve "unchecked return in query.c"

Closes #635

See merge request isc-projects/bind9!925
 2018-10-29 03:21:26 -04:00
Mark Andrews
e11cfafff2 always call RUNTIME_CHECK(result == ISC_R_SUCCESS); for dns_rdata_tostruct 2018-10-29 03:13:12 -04:00
Mark Andrews
276858d88f Merge branch '553-socket-c-2171-unexpected-error' into 'master' 
Resolve "socket.c:2171: unexpected error"

Closes #553

See merge request isc-projects/bind9!924
 2018-10-29 02:25:37 -04:00
Mark Andrews
561b780ba0 Only set IPV6_USE_MIN_MTU on IPv6. 2018-10-29 16:49:33 +11:00
Mark Andrews
1454665d70 Merge branch '624-lib-dns-dnstap_test-totext-does-not-work-well-with-softhsm-pkcs11' into 'master' 
Resolve "lib/dns/dnstap_test:totext does not work well with SoftHSM PKCS11"

Closes #624

See merge request isc-projects/bind9!921
 2018-10-29 01:25:05 -04:00
Mark Andrews
1cf1254051 Initalize TZ environment variable before calling dns_test_begin in dnstap_test. 2018-10-29 16:15:52 +11:00
Ondřej Surý
87b042a48d Merge branch '639-fix-freebsd-build' into 'master' 
avoid makefile conditional

Closes #639

See merge request isc-projects/bind9!920
 2018-10-28 10:18:47 -04:00
Evan Hunt
ff747365db avoid makefile conditional 2018-10-26 23:34:34 -07:00
Ondřej Surý
241594299b Merge branch '22-remove-last-traces-of-already-removed-algorithms' into 'master' 
Remove various leftovers for algorithms that have been already removed from BIND

See merge request isc-projects/bind9!901
 2018-10-26 06:01:54 -04:00
Ondřej Surý
58cfb2a18a Convert the bin/tests/optional/sig0_test.c to use RSASHA1 instead of DSA 2018-10-26 11:50:11 +02:00
Ondřej Surý
8a6c37faa2 Remove last traces of ECCGOST algorithm 2018-10-26 11:50:11 +02:00
Ondřej Surý
d6c50674bb Remove last traces of DSA and NSEC3DSA algorithm, but restore the algnumber -> name mapping 2018-10-26 11:50:11 +02:00
Ondřej Surý
83dbe04bf3 Update dst_test.c to use ECDSA256 and RSASHA256 as test algorithms 2018-10-26 11:50:11 +02:00
Ondřej Surý
fbb08b30b8 Remove traces of DST_ALG_ECC which is now just Reserved in IANA registry 2018-10-26 11:50:11 +02:00
Ondřej Surý
8efd394c80 Remove last bits of PKCS#11 DH support that has been already removed 2018-10-26 11:50:11 +02:00
Witold Krecicki
cc8c79bb69 Merge branch 'wpk-statschannel-test-timing' into 'master' 
statschannel test fix

See merge request isc-projects/bind9!909
 2018-10-26 05:12:34 -04:00
Witold Kręcicki
b338e6dd21 CHANGES 2018-10-26 08:38:00 +00:00
Witold Kręcicki
5979471dc7 statschannel test: try 5 times to check if compressed and regular output of statschannel is the same - some counters can change, minimize risk of bad timing 2018-10-26 08:36:48 +00:00
Witold Krecicki
7ef2467e6a Merge branch 'wpk-non-crypto-secure-cookies' into 'master' 
Cookies with non-crypto-secure random

See merge request isc-projects/bind9!887
 2018-10-26 04:03:55 -04:00
Witold Kręcicki
6cd89d5e9f Use non-cryptographically-secure PRNG to generate a nonce for cookies. 
Rationale: the nonce here is only used to make sure there is a low
probability of duplication, according to section B.2 of RFC7873.
It is only 32-bit, and even if an attacker knows the algorithm used
to generate nonces it won't, in any way, give him any platform to
attack the server as long as server secret used to sign the
(nonce, time) pair with HMAC-SHA1 is secure.

On the other hand, currently, each packet sent requires (unnecessarily)
a CS pseudo-random number which is ineffective.
 2018-10-26 07:54:58 +00:00
Mark Andrews
9ecb0a9168 Merge branch '633-resource-leak-in-hmac_fromdns' into 'master' 
Resolve "resource leak in hmac_fromdns"

Closes #633

See merge request isc-projects/bind9!918
 2018-10-26 03:04:15 -04:00
Mark Andrews
3219a873a9 free hkey on error 2018-10-26 17:46:15 +11:00
Ondřej Surý
bd3163578b Merge branch '632-check-for-individual-openssl-functions' into 'master' 
Check for individual OpenSSL functions instead of relying on version number

Closes #632

See merge request isc-projects/bind9!916
 2018-10-26 01:05:34 -04:00
Ondřej Surý
eb603cb021 Check for individual OpenSSL functions instead of relying on version number 2018-10-26 06:15:51 +02:00
Mark Andrews
7e2026a50b Merge branch '632-evp_cipher_ctx_free-and-evp_cipher_ctx_new-exist-in-openssl-1-0-1' into 'master' 
Resolve "EVP_CIPHER_CTX_free and EVP_CIPHER_CTX_new exist in OpenSSL 1.0.1"

Closes #632

See merge request isc-projects/bind9!915
 2018-10-25 20:30:52 -04:00
Mark Andrews
632a0ae10b EVP_CIPHER_CTX_new and EVP_CIPHER_CTX_free exist in OpenSSL 1.0.1 2018-10-26 10:01:14 +11:00
Evan Hunt
826c3ddc5b Merge branch '626-implement-eid-and-nimloc' into 'master' 
Resolve "Implement EID and NIMLOC"

Closes #626

See merge request isc-projects/bind9!895
 2018-10-25 18:29:29 -04:00