Aydın Mercan [Tue, 12 Aug 2025 09:53:11 +0000 (12:53 +0300)]
start treating openssl 3.0 and 1.1 as separate libraries
OpenSSL 3.0 has completely revamed the way applications are supposed to
interact with libcrypto with the old way gaining a hefty perfomance
penalty.
Almost every cryptographic functionality will have a pre-3.0 and
post-3.0 counterpart split by the preprocessor after the migration is
complete.
Instead of having a macros mess everywhere, start the long term plan of
having a cryptographic functionality layer with OpenSSL >=3.0 and
OpenSSL <3.0 as two separate backends.
Start this process by splitting the initialization function.
Arаm Sаrgsyаn [Fri, 22 Aug 2025 18:37:20 +0000 (18:37 +0000)]
new: usr: Add a new 'servfail-until-ready' configuration option for RPZ
By default, when :iscman:`named` is started it may start answering to
queries before the response policy zones are completely loaded
and processed. This new feature gives an option to the users to
tell :iscman:`named` that incoming requests should result in SERVFAIL answer
until all the response policy zones are processed and ready. Note that if
one or more response policy zones fail to load, :iscman:`named` starts
responding to queries according to those zones that did load.
Closes #5222
Merge branch '5222-stop-sending-responses-until-rpz-is-ready' into 'main'
Aram Sargsyan [Fri, 8 Aug 2025 12:24:47 +0000 (12:24 +0000)]
Test the new 'servfail-until-ready' option
Test whether 'servfail-until-ready yes' works by enabling slow
RPZ loading with a USDT probe activation, and checking that named
returns SERVFAIL during the initial RPZ zones processing stage.
The test requires SystemTap (stap, dtrace) to activate the USDT
probe.
Aram Sargsyan [Mon, 19 May 2025 17:11:57 +0000 (17:11 +0000)]
Add a new 'servfail-until-ready' configuration option for RPZ
By default, when named is started it may start answering to
queries before the response policy zones are completely loaded
and processed. This new feature gives an option to the users to
tell named that incoming requests should result in SERVFAIL anwser
until all the response policy zones are procesed and ready.
Aram Sargsyan [Fri, 8 Aug 2025 12:08:55 +0000 (12:08 +0000)]
Add 'first_time' member to 'dns_rpz_zones_t'
During the initial configuration of named after startup, 'first_time'
is true. This is needed for implementing the new 'servfail-until-ready'
configuration option, which should take into effect only during the
initial configuration.
Matthijs Mekking [Thu, 21 Aug 2025 15:18:15 +0000 (15:18 +0000)]
new: usr: Add manual mode configuration option to dnsec-policy
Add a new option ``manual-mode`` to :any:`dnssec-policy`. The intended use is that if it is enabled, it will not automatically move to the
next state transition, but instead the transition is logged. Only after manual confirmation with ``rndc dnssec -step`` the transition is made.
Closes #4606
Merge branch '4606-dnssec-policy-dry-run' into 'main'
Matthijs Mekking [Wed, 20 Aug 2025 13:41:13 +0000 (15:41 +0200)]
Test manual-mode error case
If we hit an error when issuing an 'rndc dnssec -step' command, and the
keymgr runs again at a later scheduled time, we don't want to enforce
transitions.
Parametrize each test case and in case of manual-mode, execute
additional checks. First a keymgr run should not change the existing
key state (with exceptions of timing events such as moving from
RUMOURED to OMNIPRESENT, and from UNRETENTIVE to HIDDEN). Appropriate
messages must be logged.
After enforcing the next step with 'rndc dnssec -step', the key state
should be the same as if the step were to be taken automatically.
Parametrize each test case and in case of manual-mode, execute
additional checks. First a keymgr run should not change the existing
key state (with exceptions of timing events such as moving from
RUMOURED to OMNIPRESENT, and from UNRETENTIVE to HIDDEN). Appropriate
messages must be logged.
After enforcing the next step with 'rndc dnssec -step', the key state
should be the same as if the step were to be taken automatically.
Parametrize each test case and in case of manual-mode, execute
additional checks. First a keymgr run should not change the existing
key state (with exceptions of timing events such as moving from
RUMOURED to OMNIPRESENT, and from UNRETENTIVE to HIDDEN). Appropriate
messages must be logged.
After enforcing the next step with 'rndc dnssec -step', the key state
should be the same as if the step were to be taken automatically.
Parametrize each test case and in case of manual-mode, execute
additional checks. First a keymgr run should not change the existing
key state (with exceptions of timing events such as moving from
RUMOURED to OMNIPRESENT, and from UNRETENTIVE to HIDDEN). Appropriate
messages must be logged.
After enforcing the next step with 'rndc dnssec -step', the key state
should be the same as if the step were to be taken automatically.
Parametrize each test case and in case of manual-mode, execute
additional checks. First a keymgr run should not change the existing
key state (with exceptions of timing events such as moving from
RUMOURED to OMNIPRESENT, and from UNRETENTIVE to HIDDEN). Appropriate
messages must be logged.
After enforcing the next step with 'rndc dnssec -step', the key state
should be the same as if the step were to be taken automatically.
Similar to the previous commit that tests CSK algorithm rollover.
Parametrize each test case and in case of manual-mode, execute
additional checks. First a keymgr run should not change the existing
key state (with exceptions of timing events such as moving from
RUMOURED to OMNIPRESENT, and from UNRETENTIVE to HIDDEN). Appropriate
messages must be logged.
After enforcing the next step with 'rndc dnssec -step', the key state
should be the same as if the step were to be taken automatically.
Update check_rollover_step to return the found keys. This can be used
to test that keymgr-manual-mode messages are correctly logged.
Parametrize each test case and in case of manual-mode, execute
additional checks. First a keymgr run should not change the existing
key state (with exceptions of timing events such as moving from
RUMOURED to OMNIPRESENT, and from UNRETENTIVE to HIDDEN). Appropriate
messages must be logged.
After enforcing the next step with 'rndc dnssec -step', the key state
should be the same as if the step were to be taken automatically.
Key state transitions may be blocked by manual-mode, meaning key
timing metadata may not be respected and can be inaccurate. For these
tests use the state values to determine whether the DNSKEY/CDS/CDNSKEY
RRset must be published or not.
If so we also want to tickle the apex because DNSKEY/CDNSKEY/CDS
RRsets may need to be re-signed.
Note that this may be overzealous, because if state transitions
happen just because of timing events (RUMOURED -> OMNIPRESENT,
UNRETENTIVE -> HIDDEN) this would have to cause changes in the
zone DNSSEC records.
Matthijs Mekking [Wed, 19 Mar 2025 16:10:25 +0000 (17:10 +0100)]
Implement manual-mode for kasp
When a key retire, key generation/introduction, or a state transition
to RUMOURED/UNRETENTIVE should happen, instead they are logged.
When those logs look good, you can run 'rndc dnssec -step' to run the
keymgr and apply those steps.
Matthijs Mekking [Mon, 17 Feb 2025 11:05:25 +0000 (12:05 +0100)]
Add manual-mode config option
Add a new option 'manual-mode' to 'dnssec-policy'. The intended
use is that if it is enabled, it will not automatically move to the
next state transition (RUMOURED, UNRETENTIVE), only after manual
confirmation. The intended state transition should be logged.
Matthijs Mekking [Tue, 19 Aug 2025 14:07:21 +0000 (14:07 +0000)]
new: test: Test migrating to dnsec-policy
Various test cases where legacy keys exist and are used to migrate to 'dnssec-policy'. These once existed as shell script but were removed because 'auto-dnssec' was removed. But the test cases are still useful if one wants to migrate to 'dnssec-policy' with such legacy keys, so it would be good to resurrect these tests.
Closes #3769
Merge branch '3769-migrate-zsk-ksk-plit' into 'main'
Various test cases where legacy keys exist and are used to migrate to
dnssec-policy. These once existed as shell script but were removed
because auto-dnssec was removed. But the test cases are still useful
if one wants to migrate to dnssec-policy with such legacy keys.
When migrating to dnssec-policy, keys that do not match will not have
a lifetime set. Adjust the test code to allow for that. Setting '-'
in a key properties string signals lifetime is expected not to be set.
If we are migrating keys, we should take the existing key timing
metadata to initialise the state values. These tests will only setup
keys with Publish/Activate/SyncPublish times, because the Retire and
Remove timings will still need to be adjusted to the DNSSEC policy.
Aydın Mercan [Mon, 28 Jul 2025 13:19:41 +0000 (13:19 +0000)]
Use a proper compiler test for constexpr support
After GCC 15, C23 became the default version. [1]
Add a proper compiler test for constexpr support to ensure that GCC 15+
invoked with `c_std` set to `none` does not erroneously use the
constexpr shim.
This change does not affect the build in its default configuration
(which uses GNU C11); it is only meant to prepare the build system for
adding C23 elements to the code.
Aydın Mercan [Thu, 24 Jul 2025 09:25:55 +0000 (12:25 +0300)]
Remove install_rpath from installed targets
Specifying the RPATH deviates from widespread packaging norms where the
value isn't expected to be set by the project. [1] [2] [3]
Meet this expectation by restoring meson's default behavior where
targets in the build directory have the RPATH fixed with meson stripping
the value during installation.
Alessio Podda [Tue, 19 Aug 2025 13:00:47 +0000 (13:00 +0000)]
chg: dev: Remove opportunistic node cleaning from qpzone
Currently, when releasing a qpznode after a read operation, we will
check if the node is dirty due to a previous write, upgrade the lock to
a write lock and perform a cleanup.
An unintended side effect of this is that protecting a node by
increasing the reference count must also protect its parent database.
For the very common case where only one zone is configured, this is a
non-trivial source of contention, as the same refcount will be hit by
all threads.
This MR removes the opportunistic cleaning and the database
refcount, reducing contention. Cleaning will be done only on
closeversion.
Merge branch 'alessio/remove-opportunistic-node-cleaning' into 'main'
Alessio Podda [Wed, 28 May 2025 23:03:45 +0000 (01:03 +0200)]
Remove opportunistic node cleaning, clean up only on closeversion
Currently, when releasing a qpznode after a read operation, we will
check if the node is dirty due to a previous write, upgrade the lock to
a write lock and perform a cleanup.
An unintended side effect of this is that protecting a node by
increasing the reference count must also protect its parent database.
For the very common case where only one zone is configured, this is a
non-trivial source of contention, as the same refcount will be hit by
all threads.
This commit removes the opportunistic cleaning and the database
refcount, reducing contention. Cleaning will be done only on
closeversion.
Alessio Podda [Tue, 19 Aug 2025 12:12:46 +0000 (14:12 +0200)]
Do not skip cleanup for origin nodes in qpzone
Per @each, skipping cleanup of (|nsec_|nsec3_)origin nodes in
qpznode_release in qpzone.c is a residual from RBTDB, but it is
unnecessary or at most a performance optimization with QP.
Remove it to make it further changes easier to qpznode_release easier.
Aydın Mercan [Tue, 19 Aug 2025 11:03:12 +0000 (14:03 +0300)]
new: dev: add <isc/bit.h>
The `<isc/bit.h>` header is a GNU C11 compatible version of C23's
`<stdbit.h>`.
It currently uses either `<stdbit.h>` or the equivilent compiler
builtins. However, the generic `__builtin_ctzg` and `__builtin_ctlz`
builtins are not available in every compiler version and thus falls
back to manually selecting from type.
Furthermore, the ctz fallback has been removed since `__builtin_ctzll`
has been used for a while directly without any compilation issues from
users. Thus, we can also require `__builtin_ctz`.
Aydın Mercan [Mon, 18 Aug 2025 11:07:38 +0000 (14:07 +0300)]
add isc/bit.h and unify common bit operations
The `<isc/bit.h>` header is a GNU C11 compatible version of C23's
`<stdbit.h>`.
It currently uses either `<stdbit.h>` or the equivilent compiler
builtins. However, the generic `__builtin_ctzg` and `__builtin_ctlz`
builtins are not available in every compiler version and thus falls
back to manually selecting from type.
Furthermore, the ctz fallback has been removed since `__builtin_ctzll`
has been used for a while directly without any compilation issues from
users. Thus, we can also require `__builtin_ctz`.
Unlike the rest of C23's bit utilities, we avoid the stdc_rotate_*
functions since we don't need the rotation modulus precision. This adds
a couple (admittedly cheap) unwanted instructions on some architectures.
Ondřej Surý [Tue, 19 Aug 2025 06:00:20 +0000 (08:00 +0200)]
chg: dev: Update clang-format style with options added in newer versions
Add and apply InsertBraces statement to add missing curly braces around one-line statements and use ControlStatementsExceptControlMacros for SpaceBeforeParens to remove space between foreach macro and the brace, e.g. `FOREACH (x) {` becomes `FOREACH(x) {`.
Merge branch 'ondrej/update-clang-format' into 'main'
Ondřej Surý [Tue, 19 Aug 2025 05:14:45 +0000 (07:14 +0200)]
Use ControlStatementsExceptControlMacros for SpaceBeforeParens
> Put a space before opening parentheses only after control statement
> keywords (for/if/while...) except this option doesn’t apply to ForEach
> and If macros. This is useful in projects where ForEach/If macros are
> treated as function calls instead of control statements.
Ondřej Surý [Tue, 19 Aug 2025 05:11:16 +0000 (07:11 +0200)]
Add and apply InsertBraces statement
> Insert braces after control statements (if, else, for, do, and while)
> in C++ unless the control statements are inside macro definitions or
> the braces would enclose preprocessor directives.
Evan Hunt [Mon, 18 Aug 2025 21:08:22 +0000 (21:08 +0000)]
fix: dev: Disassociate added rdataset on error in cache_rrset()
When first dns_db_addrdataset() succeeds in cache_rrset(), but the
second one fails with error, the added rdataset was kept associated.
This caused assertion failure down the pipe in fctx_sendevents().
Merge branch 'ondrej/disassociate-added-on-error-in-cache_rrset' into 'main'
Ondřej Surý [Mon, 18 Aug 2025 15:11:03 +0000 (17:11 +0200)]
Disassociate added rdataset on error in cache_rrset()
When first dns_db_addrdataset() succeeds in cache_rrset(), but the
second one fails with error, the added rdataset was kept associated.
This caused assertion failure down the pipe in fctx_sendevents().
Colin Vidal [Mon, 18 Aug 2025 12:28:47 +0000 (14:28 +0200)]
fix: dev: remove unused warning if DNS_TYPEPAIR_CHECK is off
The compile-time DNS__TYPEPAIR_CHECK macro (wrapping an INSIST) is a
no-op if DNS_TYPEPAIR_CHECK is off, making at least one unused variable
in DNS_TYPEPAIR_TYPE and DNS_TYPEPAIR_COVERS scopes (as in such case,
only one member of the pair is effectively needed).
In such case, having an unused variable (the other member of the pair)
is expected, this silence the warning by adding a (void) cast on the
no-op version of DNS__TYPEPAIR_CHECK.
Merge branch 'colin/typepair-check-unused-warn' into 'main'
Colin Vidal [Mon, 18 Aug 2025 09:23:19 +0000 (11:23 +0200)]
remove unused warning if DNS_TYPEPAIR_CHECK is off
The compile-time DNS__TYPEPAIR_CHECK macro (wrapping an INSIST) is a
no-op if DNS_TYPEPAIR_CHECK is off, making at least one unused variable
in DNS_TYPEPAIR_TYPE and DNS_TYPEPAIR_COVERS scopes (as in such case,
only one member of the pair is effectively needed).
In such case, having an unused variable (the other member of the pair)
is expected, this silence the warning by adding a (void) cast on the
no-op version of DNS__TYPEPAIR_CHECK.
Evan Hunt [Sun, 17 Aug 2025 20:53:04 +0000 (13:53 -0700)]
simplify iterator_active()
the if statements calling iterator_active() checked the EXISTS
flag on the header and then iterator_active() checked it again.
simplify so only the caller checks it.
Ondřej Surý [Wed, 13 Aug 2025 07:30:45 +0000 (09:30 +0200)]
Move SIEVE-LRU to dns_slabtop_t structure
As the qpcache has only one active header at the time, we can move the
SIEVE-LRU members from dns_slabheader_t to dns_slabtop_t structure thus
saving a little bit of memory in each slabheader and using it only once
per type.
Ondřej Surý [Tue, 5 Aug 2025 16:05:52 +0000 (18:05 +0200)]
Split the top level slab header hierarchy and the headers
The code that combines the top-level hierarchy (per-typepair) and
individual slab headers (per-version) saves a little bit of memory, but
makes the code convoluted, hard to read and hard to modify. Change the
top level hierarchy to be of different type with individual slabheaders
"hanging" from the per-typepair dns_slabtop_t structure.
This change makes the future enhancements (changing the top level data
structure for faster lookups; coupling type + sig(type) into single
slabtop) much easier.
Ondřej Surý [Tue, 5 Aug 2025 16:05:52 +0000 (18:05 +0200)]
Pass 'mctx' instead of 'db' to dns_slabheader_new()
The slabheader doesn't directly attach or link to 'db' anymore. Pass
only the memory context needed to create the slab header to make the
lack of relation ship more prominent.
Also don't call dns_slabheader_reset() from dns_slabheader_new(), it has
no added value.
Ondřej Surý [Wed, 13 Aug 2025 06:45:45 +0000 (08:45 +0200)]
Always return DNS_R_UNCHANGED when new slabheader was not added
Change the add() function in the dns_qpcache to properly return
DNS_R_UNCHANGED if the newheader was not actually consumed, and move
the dns_slabheader_destroy() call outside of the add() function.
Ondřej Surý [Fri, 15 Aug 2025 05:36:13 +0000 (07:36 +0200)]
chg: dev: Remove locking from rdataslab_getownercase()
Under normal circumstances, the case bitfield in the slabheader should
be set only once. By actually (soft-)enforcing this, the read locking
can be completely removed from the rdataslab_getownercase() as we can
check whether the case has been already set or not and making everything
immutable once the case has been set.
Merge branch 'ondrej/remove-locking-from-slabheader-ownercase' into 'main'
Ondřej Surý [Tue, 12 Aug 2025 10:10:24 +0000 (12:10 +0200)]
Remove locking from rdataslab_getownercase()
Under normal circumstances, the case bitfield in the slabheader should
be set only once. By actually (soft-)enforcing this, the read locking
can be completely removed from the rdataslab_getownercase() as we can
check whether the case has been already set or not and making everything
immutable once the case has been set.
Ondřej Surý [Tue, 12 Aug 2025 10:21:56 +0000 (12:21 +0200)]
Move the slabheader attribute helpers to private header
The slabheader.c, qpzone.c and qpcache.c had couple of shared macros
that were copied and paste between the units. Move these common
attributes access macros into private header, so these can be shared
among the three compilation units.
Ondřej Surý [Tue, 12 Aug 2025 09:31:57 +0000 (11:31 +0200)]
Unify the NONEXISTENT() macro in qpzone to EXISTS()
In the dns_qpcache unit, we use EXISTS() macro, but in the dns_qpzone
there's a NONEXISTENT() macro for the same slabheader attribute. Unify
the macro to be also EXISTS() in dns_qpzone.
Ondřej Surý [Mon, 11 Aug 2025 07:39:13 +0000 (09:39 +0200)]
Remove the negative type logic from qpcache
Previously, when a negative header was stored in the cache, it would be
stored in the dns_typepair_t as .type = 0, .covers = <negative type>.
When searching the cache internally, we would have to look for both
positive and negative typepair and the slabheader .down list could be a
mix of positive and negative types.
Remove the extra representation of the negative type and simply use the
negative attribute on the slabheader. Other units (namely dns_ncache)
can still insert the (0, type) negative rdatasets into the cache, but
internally, those will be converted into (type, 0) slabheaders, and vice
versa - when binding the rdatasets, the negative (type, 0) slabheader
will be converted to (0, type) rdataset. Simple DNS_TYPEPAIR() helper
macro was added to simplify converting single rdatatype to typepair
value.
As a side-effect, the search logic in all places can exit early if
there's a negative header for the type we are looking for, f.e. when
searching for the zone cut, we don't have to walk through all the
slabheaders, if there's a stored negative slabheader.
Ondřej Surý [Mon, 11 Aug 2025 05:17:43 +0000 (07:17 +0200)]
Use dns_rdatatype_none more consistently
Use dns_rdatatype_none instead of plain '0' for dns_rdatatype_t and
dns_typepair_t manipulation. While plain '0' is technically ok, it
doesn't carry the required semantic meaning, and using the named
dns_rdatatype_none constant makes the code more readable.
Ondřej Surý [Thu, 7 Aug 2025 06:12:36 +0000 (08:12 +0200)]
Add strict checks on typepair values in the developer's mode
When in developer's mode, make the DNS_TYPEPAIR_* macros be more
strict on the contents of the 'base' and 'covers', so we can catch
invalid use of the API.
Ondřej Surý [Thu, 7 Aug 2025 06:08:24 +0000 (08:08 +0200)]
Disallow TYPE0 to be queried or inserted into the database
The RR type 0 is a reserved type for SIG[1] resource record. It should
not be ever inserted into the database nor queried. Add a special
handling to bail out quickly with DNS_R_DISALLOWED when inserting and
ISC_R_NOTFOUND when looking up TYPE0. This is also prerequisite for
stricter checks in the follow-up commit.
Ondřej Surý [Mon, 11 Aug 2025 14:22:03 +0000 (16:22 +0200)]
Fix typo in nsupdate where covers would be equal to type
There was an apparent typo where rdatalist->covers would be assigned the
same value as rdatalist->type. As nsupdate can't update signatures, the
covers must be dns_rdatatype_none.
Ondřej Surý [Wed, 6 Aug 2025 17:34:35 +0000 (19:34 +0200)]
Unify the dns_typepair_t variable naming and usage
The dns_typepair_t and dns_rdatatype_t variables were both named 'type'
in multiple places. Rename all dns_typepair_t variables to include word
'pair' in the variable name to make sure that the distinction between
the two types is more clear.
Ondřej Surý [Fri, 15 Aug 2025 05:06:11 +0000 (07:06 +0200)]
fix: dev: Simplify the DNS_R_UNCHANGED handling in dns_resolver unit
Instead of catching the DNS_R_UNCHANGED from dns_db_addrdataset() (via
cache_rrset() and dns_ncache_add()) individually, mask it properly as
soon as possible by moving the sigrdataset caching logic inside the
cache_rrset() and returning ISC_R_SUCCESS from cache_rrset() and
dns_ncache_add() when the database was unchanged.
Closes #5473
Merge branch '5473-fix-crash-in-validated' into 'main'
Ondřej Surý [Thu, 14 Aug 2025 06:35:05 +0000 (08:35 +0200)]
Simplify the DNS_R_UNCHANGED handling in dns_resolver unit
Instead of catching the DNS_R_UNCHANGED from dns_db_addrdataset() (via
cache_rrset() and dns_ncache_add()) individually, mask it properly as
soon as possible, by moving the sigrdataset caching logic inside
cache_rrset() and returning ISC_R_SUCCESS from cache_rrset() and
dns_ncache_add() when the database was unchanged.
Ondřej Surý [Fri, 15 Aug 2025 04:25:23 +0000 (06:25 +0200)]
fix: dev: result could be set incorrectly in validated()
During a recent refactoring of `validated()`, a line was
removed, causing `result` to be left unchanged. This
caused time to be wasted continuing to try to validate when a
non-recoverable error had occurred, and also caused the wrong
reason to be logged in `add_bad()`.
Ondřej Surý [Thu, 14 Aug 2025 06:41:05 +0000 (08:41 +0200)]
Always delete the cached results on broken chain
The logic to delete records from the cache was relying on the contents
of the validation answer. Change the logic to always delete the
contents of the cache on the broken chain result.
Evan Hunt [Thu, 14 Aug 2025 06:11:29 +0000 (23:11 -0700)]
result could be set incorrectly in validated()
during a recent refactoring of validated(), a line was
removed, causing 'result' to be left unchanged. this
wasted time continuing to try to validate when a
non-recoverable error had occured, and caused the wrong
reason to be logged in add_bad().
Mark Andrews [Thu, 14 Aug 2025 22:07:33 +0000 (08:07 +1000)]
fix: dev: Use DNS_RDATACOMMON_INIT to hide branch differences
Initialization of the common members of rdata type structures varies
across branches. Standardize it by using the `DNS_RDATACOMMON_INIT`
macro for all types, so that new types are more likely to use it,
and hence backport more cleanly.
Closes #5467
Merge branch '5467-use-dns_rdatacommon_init-to-hide-branch-differences' into 'main'
Mark Andrews [Wed, 6 Aug 2025 05:28:39 +0000 (15:28 +1000)]
Use DNS_RDATACOMMON_INIT to hide branch differences
Initialization of the common members of rdata type structures varies
across branches. Standardize it by using the DNS_RDATACOMMON_INIT
macro for all types, so that new types are more likely to use it,
and hence backport more cleanly.
Nicki Křížek [Thu, 14 Aug 2025 18:57:03 +0000 (20:57 +0200)]
fix: ci: Update DNS Shotgun parameters for an updated dataset
We've switched to an updated dataset for shotgun jobs. The change in
underlying traffic caused the more sensitive doh-get (and partially dot)
jobs to overload the resolver, making the jobs unstable and unreliable,
due to an increased number of timeouts.
Readjust the load parameters slightly to avoid exceeding ~2 % of
timeouts in the cold cache scenario to stabilize the job results.
Merge branch 'nicki/ci-shotgun-load-new-dataset' into 'main'
Nicki Křížek [Mon, 11 Aug 2025 13:04:50 +0000 (15:04 +0200)]
Update DNS Shotgun parameters for an updated dataset
We've switched to an updated dataset for shotgun jobs. The change in
underlying traffic caused the more sensitive doh-get (and partially dot)
jobs to overload the resolver, making the jobs unstable and unreliable,
due to an increased number of timeouts.
Readjust the load parameters slightly to avoid exceeding ~2 % of
timeouts in the cold cache scenario to stabilize the job results.
Alessio Podda [Thu, 14 Aug 2025 10:10:21 +0000 (10:10 +0000)]
chg: dev: Split dbmethods into node and db vtable
All databases in the codebase follow the same structure: a database is
an associative container from DNS names to nodes, and each node is an
associative container from RR types to RR data.
Each database implementation (qpzone, qpcache, sdlz, builtin, dyndb) has
its own corresponding node type (qpznode, qpcnode, etc). However, some
code needs to work with nodes generically regardless of their specific
type - for example, to acquire locks, manage references, or
register/unregister slabs from the heap.
Before this MR, these generic node operations were implemented as methods in
a `dns_dbmethods_t` vtable. This created a coupling between the database
and node lifetimes. If a node were to outlive its parent database, the node
destructor would destroy all RR data, and each RR data destructor would
try to unregister from heaps by calling a virtual function from the
database vtable. Since the database was already freed, this would cause a
crash.
This MR breaks the coupling by standardizing the layout of all
database nodes, adding a `dns_dbnode_methods_t` vtable for node
operations, and moving node-specific methods from the database vtable to
the node vtable.
Alessio Podda [Thu, 5 Jun 2025 09:51:29 +0000 (11:51 +0200)]
Decouple database and node lifetimes by adding node-specific vtables
All databases in the codebase follow the same structure: a database is
an associative container from DNS names to nodes, and each node is an
associative container from RR types to RR data.
Each database implementation (qpzone, qpcache, sdlz, builtin, dyndb) has
its own corresponding node type (qpznode, qpcnode, etc). However, some
code needs to work with nodes generically regardless of their specific
type - for example, to acquire locks, manage references, or
register/unregister slabs from the heap.
Currently, these generic node operations are implemented as methods in
the database vtable, which creates problematic coupling between database
and node lifetimes. If a node outlives its parent database, the node
destructor will destroy all RR data, and each RR data destructor will
try to unregister from heaps by calling a virtual function from the
database vtable. Since the database was already freed, this causes a
crash.
This commit breaks the coupling by standardizing the layout of all
database nodes, adding a dedicated vtable for node operations, and
moving node-specific methods from the database vtable to the node
vtable.
Refactor sdlz to use name instead of pointer to name
Right now dns_sdlzlookup has a slight difference from other dbnode
implementations in that it stores a pointer to a dns name instead of
the dns name itself.
This commit harmonizes dns_sdlzlookup with other dbnode
implementations, facilitating further refactoring.
Each run of `meson test` overwrites the default log file testlog.txt,
this means we lose the backtraces of previous run. This commit assigns
a different log file for each run.
Nicki Křížek [Wed, 6 Aug 2025 10:38:32 +0000 (12:38 +0200)]
fix: ci: Allow unit tests to fail on AlmaLinux 8
The doh unit test has been timing out recently and we don't have a fix
for it yet. Mark it as warning rather than a hard failure, since it's a
known issue.
Related #5448
Merge branch '5448-allow-failure-unit-almalinux8-doh' into 'main'
Nicki Křížek [Tue, 5 Aug 2025 15:28:52 +0000 (17:28 +0200)]
Allow unit tests to fail on AlmaLinux 8
The doh unit test has been timing out recently and we don't have a fix
for it yet. Mark it as warning rather than a hard failure, since it's a
known issue.
Nicki Křížek [Mon, 4 Aug 2025 14:30:41 +0000 (16:30 +0200)]
Use full path for shared test code imports in rollover tests
Previously, symlinks and relative directory imports were used in test
modules. This caused a name clash when a shared code module "common.py"
was introduced for a different test. To avoid the issue, use full paths
in imports.
projects / thirdparty / bind9.git / log
