Michał Kępień [Wed, 24 Jun 2020 08:07:57 +0000 (10:07 +0200)]
Fix libtool initialization
The LT_INIT() call in configure.ac is effectively a no-op because it is
preceded by a call to AC_PROG_LIBTOOL(), which is the previous name of
LT_INIT() used in older libtool versions. Replace AC_PROG_LIBTOOL()
with AC_PATH_PROG() to look for libtool in PATH without initializing it,
which is the originally intended behavior.
Without this change, --enable-static is used by default, which causes a
plain ./configure invocation to fail because static linking is now
disallowed. Drop --disable-static from the ./configure invocations used
in GitLab CI to test this scenario continuously.
Ondřej Surý [Tue, 16 Jun 2020 08:38:46 +0000 (10:38 +0200)]
Disable and disallow static linking
Linking BIND 9 programs and libraries statically disables several
important features:
* dlopen() - relied on by dynamic loading of modules, dlz, and dyndb,
* RELRO (read-only relocations) and ASLR (address space layout
randomization) - security features which are important for any
program interacting with the network and/or user input.
Disable and disallow linking BIND 9 binaries statically, thus enforcing
dlopen() support and allowing use of RELRO and ASLR by default.
Tony Finch [Sun, 21 Jun 2020 20:17:51 +0000 (21:17 +0100)]
Fix `rndc dnstap -roll N`
The `rndc` argument was always overridden by the static configuration,
because the logic for handling the number of dnstap files to retain
was both backwards and a bit redundant.
Ondřej Surý [Mon, 22 Jun 2020 12:26:07 +0000 (14:26 +0200)]
Enable maintainer mode by default only when building from git
When maintainer mode is enabled (./configure --enable-maintainer-mode)
it enables rebuild of documentation source files that require extra
tools to be installed or compiled. For a convenience, those files are
already committed into the repository and their rebuild is not required
to build BIND 9 from sources.
Ondřej Surý [Mon, 22 Jun 2020 11:08:58 +0000 (13:08 +0200)]
Rebuild the manpages sources only when in maintainer mode
Similarly, the manpage sources will get rebuild only when in maintainer
mode because they require sphinx-build to be available locally and that
might not be always the case.
Ondřej Surý [Mon, 22 Jun 2020 11:03:07 +0000 (13:03 +0200)]
Rebuild the file in doc/misc only when in maintainer mode
The files in doc/misc requires all the BIND 9 libraries to be built
before the documentation can be built. One of the extra automake
features is maintainer mode that allows to conditionally build and clean
files that require special tools. Make use of the automake maintainer
mode to not rebuild the files in doc/misc under normal circumstances.
Evan Hunt [Sat, 20 Jun 2020 22:39:43 +0000 (15:39 -0700)]
reorder system tests to shorten runtime
if tests that take a particularly long time to complete
(serve-stale, dnssec, rpzrecurse) are run first, a parallel
run of the system tests can finish 1-2 minutes faster.
Ondřej Surý [Mon, 22 Jun 2020 10:41:01 +0000 (12:41 +0200)]
Remove // not configured when generating doc/misc/options
The doc/misc/options is used to generate a file describing all
configuration options. Currently, the file contents could differ
based on ./configure option which is kind of suboptimal.
We already removed the "// not configured" from the options.active, and
this time we remove generation of the string altogether.
Evan Hunt [Wed, 17 Jun 2020 00:48:42 +0000 (17:48 -0700)]
"check-names primary" and "check-names secondary" were ignored
these keywords were added to the parser as synonyms for "master"
and "slave" but were never hooked in to the configuration of named,
so they were ignored. this has been fixed and the option is now
checked for correctness.
Evan Hunt [Sat, 6 Jun 2020 00:32:36 +0000 (17:32 -0700)]
implement isc_nm_cancelread()
The isc_nm_cancelread() function cancels reading on a connected
socket and calls its read callback function with a 'result'
parameter of ISC_R_CANCELED.
when isc_nm_destroy() is called, there's a loop that waits for
other references to be detached, pausing and unpausing the netmgr
to ensure that all the workers' events are run, followed by a
1-second sleep. this caused a delay on shutdown which will be
noticeable when netmgr is used in tools other than named itself,
so the delay has now been reduced to a hundredth of a second.
Evan Hunt [Tue, 17 Dec 2019 02:24:55 +0000 (18:24 -0800)]
implement isc_nm_tcpconnect()
the isc_nm_tcpconnect() function establishes a client connection via
TCP. once the connection is esablished, a callback function will be
called with a newly created network manager handle.
Witold Kręcicki [Wed, 10 Jun 2020 00:07:16 +0000 (17:07 -0700)]
allow tcpdns sockets to self-reference while connected
A TCPDNS socket creates a handle for each complete DNS message.
Previously, when all the handles were disconnected, the socket
would be closed, but the wrapped TCP socket might still have
more to read.
Now, when a connection is established, the TCPDNS socket creates
a reference to itself by attaching itself to sock->self. This
reference isn't cleared until the connection is closed via
EOF, timeout, or server shutdown. This allows the socket to remain
open even when there are no active handles for it.
Evan Hunt [Fri, 5 Jun 2020 06:13:54 +0000 (23:13 -0700)]
modify reference counting within netmgr
- isc__nmhandle_get() now attaches to the sock in the nmhandle object.
the caller is responsible for dereferencing the original socket
pointer when necessary.
- tcpdns listener sockets attach sock->outer to the outer tcp listener
socket. tcpdns connected sockets attach sock->outerhandle to the handle
for the tcp connected socket.
- only listener sockets need to be attached/detached directly. connected
sockets should only be accessed and reference-counted via their
associated handles.
Evan Hunt [Thu, 4 Jun 2020 21:54:36 +0000 (14:54 -0700)]
make isc_nmsocket_{attach,detach}{} functions private
there is no need for a caller to reference-count socket objects.
they need tto be able tto close listener sockets (i.e., those
returned by isc_nm_listen{udp,tcp,tcpdns}), and an isc_nmsocket_close()
function has been added for that. other sockets are only accessed via
handles.
Michał Kępień [Thu, 18 Jun 2020 08:52:54 +0000 (10:52 +0200)]
Fix ABI check job in GitLab CI
Since the reference BIND version for the ABI check job which is run for
the main branch is now 9.17.2, autoreconf needs to be run before
./configure as the latter is no longer present in the Git repository.
Mark Andrews [Tue, 2 Jun 2020 02:38:40 +0000 (12:38 +1000)]
Remove INSIST from from new_reference
RBTDB node can now appear on the deadnodes lists following the changes
to decrement_reference in 176b23b6cd98e5b58f832902fdbe964ee5f762d0 to
defer checking of node->down when the tree write lock is not held. The
node should be unlinked instead.
Mark Andrews [Thu, 28 May 2020 05:19:25 +0000 (15:19 +1000)]
Adjust NS_CLIENT_TCP_BUFFER_SIZE and cleanup client_allocsendbuf
NS_CLIENT_TCP_BUFFER_SIZE was 2 byte too large following the
move to netmgr add associated changes to lib/ns/client.c and
as a result an INSIST could be trigger if the DNS message being
constructed had a checkpoint stage that fell in those two extra
bytes. Adjusted NS_CLIENT_TCP_BUFFER_SIZE and cleaned up
client_allocsendbuf now that the previously reserved 2 bytes
are no longer used.
Ondřej Surý [Thu, 11 Jun 2020 11:01:26 +0000 (13:01 +0200)]
Add missing acquire memory barrier in isc_nmhandle_unref
The ThreadSanitizer uses system synchronization primitives to check for
data race. The netmgr handle->references was missing acquire memory
barrier before resetting and reusing the memory occupied by isc_nmhandle_t.
Mark Andrews [Wed, 10 Jun 2020 07:07:52 +0000 (17:07 +1000)]
The dsset returned by dns_keynode_dsset needs to be thread safe.
- clone keynode->dsset rather than return a pointer so that thread
use is independent of each other.
- hold a reference to the dsset (keynode) so it can't be deleted
while in use.
- create a new keynode when removing DS records so that dangling
pointers to the deleted records will not occur.
- use a rwlock when accessing the rdatalist to prevent instabilities
when DS records are added.
Witold Kręcicki [Wed, 10 Jun 2020 14:19:16 +0000 (16:19 +0200)]
Fix a race in TCP accepting.
There's a possibility of a race in TCP accepting code:
T1 accepts a connection C1
T2 accepts a connection C2
T1 tries to accept a connection C3, but we hit a quota,
isc_quota_cb_init() sets quota_accept_cb for the socket,
we return from accept_connection
T2 drops C2, but we race in quota_release with accepting C3 so
we don't see quota->waiting is > 0, we don't launch the callback
T1 accepts a connection C4, we are able to get the quota we clear
the quota_accept_cb from sock->quotacb
T1 drops C1, tries to call the callback which is zeroed, sigsegv.
Michał Kępień [Tue, 9 Jun 2020 13:35:54 +0000 (15:35 +0200)]
Disable temporarily unsupported tests on Windows
Due to the changes introduced by the Automake migration, system tests
requiring Python (chain, pipelined, qmin, tcp), dynamic loading of
shared objects (dlzexternal, dyndb, filter-aaaa), or LMDB (nzd2nzf)
currently do not work on Windows. Temporarily disable them on that
platform by moving them from the PARALLEL_COMMON list to the
PARALLEL_UNIX list until the situation is rectified.
Michał Kępień [Tue, 9 Jun 2020 13:35:54 +0000 (15:35 +0200)]
Fix SYSTEMTESTTOP on Windows
Without SYSTEMTESTTOP=.. lines in tests.sh scripts, SYSTEMTESTTOP is
being set to an absolute path. On Windows, this means that an absolute
Cygwin path gets passed as a command line argument to native Windows
binaries, which cannot work and causes system tests to break. Fix by
passing SYSTEMTESTTOP through cygpath on Windows, which causes that
variable to be set to an absolute "mixed mode" path (Windows path with
forward slashes).
Michał Kępień [Tue, 9 Jun 2020 12:47:06 +0000 (14:47 +0200)]
Restore GitLab CI job building release tarballs
With "make dist" producing usable source tarballs and documentation
building working again, restore the script which allows a release
tarball to be built by a GitLab CI job, only making minimal adjustments
required due to the changes in the documentation building process and
due to dropping the "version" file.
Michał Kępień [Tue, 9 Jun 2020 12:47:06 +0000 (14:47 +0200)]
Fix respdiff job in GitLab CI
As the "configure" script is no longer stored in the Git repository, run
"autoreconf -fi" at the beginning of the respdiff job in GitLab CI in
order to enable that job to work properly.
projects / thirdparty / bind9.git / log
