Ondřej Surý [Tue, 17 Jan 2023 06:21:34 +0000 (07:21 +0100)]
Commit the change of view for view->managed_keys
When we change the view in the view->managed_keys, we never commit the
change, keeping the previous view possibly attached forever.
Call the dns_zone_setviewcommit() immediately after changing the view as
we are detaching the previous view anyway and there's no way to recover
from that.
Ondřej Surý [Tue, 17 Jan 2023 06:18:16 +0000 (07:18 +0100)]
Detach the views in zone_shutdown(), not in zone_free()
The .view (and possibly .prev_view) would be kept attached to the
removed zone until the zone is fully removed from the memory in
zone_free(). If this process is delayed because server is busy
something else like doing constant `rndc reconfig`, it could take
seconds to detach the view, possibly keeping multiple dead views in the
memory. This could quickly lead to a massive memory bloat.
Release the views early in the zone_shutdown() call, and don't wait
until the zone is freed.
Artem Boldariev [Thu, 12 Jan 2023 18:09:51 +0000 (20:09 +0200)]
XoT: properly handle the case when checking for ALPN failed
During XoT it is important to check for "dot" ALPN tag to be
negotiated (according to the RFC 9103). We were doing that, however, the
situation was not handled properly, leading to non-cancelled zone
transfers that would crash (abort()) BIND on shutdown.
In this particular case 'result' might equal 'ISC_R_SUCCESS'. When
this is the case, the part of the code supposed to handle failures
will not cancel the zone transfer.
This situation cannot happen when BIND is a secondary of other BIND
instance. Only primaries following the RFC not closely enough could
trigger such a behaviour.
Tom Krizek [Tue, 17 Jan 2023 13:18:22 +0000 (14:18 +0100)]
Fix feature detection for pytest markers in tests
The condition was accidentally reversed during refactoring in 9730ac4c5691c36d58c06deec1762a4831b268c5 . It would result in skipped
tests on builds with proper support and false negatives on builds
without proper feature support.
Credit for reporting the issue and the fix goes to Stanislav Levin.
Tom Krizek [Fri, 6 Jan 2023 14:08:27 +0000 (15:08 +0100)]
Update the TEST_PARALLEL_JOBS value in CI
The authoritative source for this value is in the project's CI/CD
Variables Setting. The reason to keep it in .gitlab-ci.yaml as well is
to have functional testing in forks without the need to manually specify
this variable in Settings.
The tests have been executed with 4 jobs for some time now. This
"change" only brings .gitlab-ci.yaml file up to date, it doesn't
actually change the number of jobs we currently use to test.
Tom Krizek [Mon, 2 Jan 2023 16:54:58 +0000 (17:54 +0100)]
Look for ifconfig.sh.in in testsock.pl parent dir
Instead of using the current working directory to find the ifconfig.sh
script, look for the ifconfig.sh.in template in the directory where the
testsock.pl script is located. This enables the testsock.pl script to be
called from any working directory.
Using the ifconfig.sh.in template is sufficient, since it contains
the necessary information to be extracted: the max= value (which is
hard-coded in the template).
Tom Krizek [Tue, 20 Dec 2022 14:09:48 +0000 (15:09 +0100)]
Factor out script to handle system test core dumps
Move the core dump detection functionality for system test runs into a
separate script. This enables reuse by the pytest runner. The
functionality remains the same.
Tom Krizek [Mon, 19 Dec 2022 16:44:35 +0000 (17:44 +0100)]
testcrypto.sh: run in TMPDIR if possible
Avoid creating any temporary files in the current workdir.
Additional/changing files in the bin/tests/system directory are
problematic for pytest/xdist collection phase, which assumes the list of
files doesn't change between the collection phase of the main pytest
thread and the subsequent collection phase of the xdist worker threads.
Since the testcrypto.sh is also called during pytest initialization
through conf.sh.common (to detect feature support), this could
occasionally cause a race condition when the list of files would be
different for the main pytest thread and the xdist worker.
Aram Sargsyan [Mon, 14 Nov 2022 12:18:06 +0000 (12:18 +0000)]
Cancel all fetch events in dns_resolver_cancelfetch()
Although 'dns_fetch_t' fetch can have two associated events, one for
each of 'DNS_EVENT_FETCHDONE' and 'DNS_EVENT_TRYSTALE' types, the
dns_resolver_cancelfetch() function is designed in a way that it
expects only one existing event, which it must cancel, and when it
happens so that 'stale-answer-client-timeout' is enabled and there
are two events, only one of them is canceled, and it results in an
assertion in dns_resolver_destroyfetch(), when it finds a dangling
event.
Change the logic of dns_resolver_cancelfetch() function so that it
cancels both the events (if they exist), and in the right order.
Mark Andrews [Thu, 27 Oct 2022 02:22:11 +0000 (13:22 +1100)]
Move the mapping of SIG and RRSIG to ANY
dns_db_findext() asserts if RRSIG is passed to it and
query_lookup_stale() failed to map RRSIG to ANY to prevent this. To
avoid cases like this in the future, move the mapping of SIG and RRSIG
to ANY for qctx->type to qctx_init().
Evan Hunt [Thu, 10 Nov 2022 05:56:16 +0000 (21:56 -0800)]
test failure conditions
verify that updates are refused when the client is disallowed by
allow-query, and update forwarding is refused when the client is
is disallowed by update-forwarding.
verify that "too many DNS UPDATEs" appears in the log file when too
many simultaneous updates are processing.
Evan Hunt [Wed, 9 Nov 2022 01:32:41 +0000 (17:32 -0800)]
move update ACL and update-policy checks before quota
check allow-update, update-policy, and allow-update-forwarding before
consuming quota slots, so that unauthorized clients can't fill the
quota.
(this moves the access check before the prerequisite check, which
violates the precise wording of RFC 2136. however, RFC co-author Paul
Vixie has stated that the RFC is mistaken on this point; it should have
said that access checking must happen *no later than* the completion of
prerequisite checks, not that it must happen exactly then.)
limit the number of simultaneous DNS UPDATE events that can be
processed by adding a quota for update and update forwarding.
this quota currently, arbitrarily, defaults to 100.
also add a statistics counter to record when the update quota
has been exceeded.
Aram Sargsyan [Mon, 12 Dec 2022 09:20:48 +0000 (09:20 +0000)]
Use sizeof(*ptr) for allocating/freeing memory in forward.c
As shown in the previous commit, using sizeof(type_t) is a little
bit more error-prone when copy-pasting code, so extracting the
size information from the pointer which is being dealt with seems
like a better alternative.
Aram Sargsyan [Fri, 9 Dec 2022 12:41:38 +0000 (12:41 +0000)]
Fix dns_fwdtable_addfwd() error path cleanup bug
Free 'sizeof(dns_forwarder_t)' bytes of memory instead of
'sizeof(dns_sockaddr_t)' bytes, because `fwd` is a pointer
to a 'dns_forwarder_t' type structure.
expected_creads can exceed the number of file descriptors on some
platforms.
% ./udp_test
[==========] Running 18 test(s).
[ RUN ] mock_listenudp_uv_udp_open
[ OK ] mock_listenudp_uv_udp_open
[ RUN ] mock_listenudp_uv_udp_bind
[ OK ] mock_listenudp_uv_udp_bind
[ RUN ] mock_listenudp_uv_udp_recv_start
[ OK ] mock_listenudp_uv_udp_recv_start
[ RUN ] mock_udpconnect_uv_udp_open
[ OK ] mock_udpconnect_uv_udp_open
[ RUN ] mock_udpconnect_uv_udp_bind
[ OK ] mock_udpconnect_uv_udp_bind
[ RUN ] mock_udpconnect_uv_udp_connect
[ OK ] mock_udpconnect_uv_udp_connect
[ RUN ] mock_udpconnect_uv_recv_buffer_size
[ OK ] mock_udpconnect_uv_recv_buffer_size
[ RUN ] mock_udpconnect_uv_send_buffer_size
[ OK ] mock_udpconnect_uv_send_buffer_size
[ RUN ] udp_noop
[ OK ] udp_noop
[ RUN ] udp_noresponse
[ OK ] udp_noresponse
[ RUN ] udp_shutdown_connect
[ OK ] udp_shutdown_connect
[ RUN ] udp_shutdown_read
[ OK ] udp_shutdown_read
[ RUN ] udp_cancel_read
[ OK ] udp_cancel_read
[ RUN ] udp_timeout_recovery
[ OK ] udp_timeout_recovery
[ RUN ] udp_double_read
[ OK ] udp_double_read
[ RUN ] udp_recv_one
[ OK ] udp_recv_one
[ RUN ] udp_recv_two
[ OK ] udp_recv_two
[ RUN ] udp_recv_send
udp__connect_cb(0x0, too many open files, 0x0)
udp__connect_cb(0x0, too many open files, 0x0)
udp__connect_cb(0x0, too many open files, 0x0)
udp__connect_cb(0x0, too many open files, 0x0)
udp__connect_cb(0x0, too many open files, 0x0)
udp__connect_cb(0x0, too many open files, 0x0)
%
Ondřej Surý [Wed, 11 Jan 2023 08:28:10 +0000 (09:28 +0100)]
Prefer the pthread_barrier implementation over uv_barrier
Prefer the pthread_barrier implementation on platforms where it is
available over uv_barrier implementation. This also solves the problem
with thread sanitizer builds on macOS that doesn't have pthread barrier.
Tony Finch [Tue, 20 Dec 2022 11:38:51 +0000 (11:38 +0000)]
Auto-tag merge requests created by git-replay-merge
The target branch is added to the title of the MR, and a "Backport"
label is added. If the target branch starts with "v" a version label
is added too.
While I am here, clean up remnants of the old gitlab API (which has
been replaced by push options for our purposes) and improve the
command-line parsing.
Ondřej Surý [Wed, 4 Jan 2023 11:21:00 +0000 (12:21 +0100)]
Get rid of locking during UDP and TCP listen
We already have a synchronization mechanism when starting the UDP and
TCP listener children - barriers. Change how we start the first-born
child (tid == 0), so we don't have to race for sock->parent->result and
sock->parent->fd.
Ondřej Surý [Tue, 3 Jan 2023 07:27:54 +0000 (08:27 +0100)]
Simplify tracing the reference counting in isc_netmgr
Always track the per-worker sockets in the .active_sockets field in the
isc__networker_t struct and always track the per-socket handles in the
.active_handles field ian the isc_nmsocket_t struct.
Evan Hunt [Fri, 6 Jan 2023 06:18:55 +0000 (22:18 -0800)]
remove nonfunctional DSCP implementation
DSCP has not been fully working since the network manager was
introduced in 9.16, and has been completely broken since 9.18.
This seems to have caused very few difficulties for anyone,
so we have now marked it as obsolete and removed the
implementation.
To ensure that old config files don't fail, the code to parse
dscp key-value pairs is still present, but a warning is logged
that the feature is obsolete and should not be used. Nothing is
done with configured values, and there is no longer any
range checking.
Timo Teräs [Wed, 28 Dec 2022 15:13:41 +0000 (17:13 +0200)]
Refactor OpenSSL ECDSA to use pkeypair
- Use separate EVP_PKEY for public and private keys
- On private key load, generate public key allowing better consistency
- Support OpenSSL3 providers
- Clean up key construction abstraction
- Various other clean ups