Ondřej Surý [Wed, 19 Jun 2019 12:26:49 +0000 (14:26 +0200)]
Add AM_MAINTAINER_MODE macro to configure.ac and enable it by default
AM_MAINTAINER_MODE macro adds ability to disable rebuilding build file
(Makefile.in, configure, ...) when the source file changes. This is
important in the CI where the timestamps could get skewed and that
triggers the rebuild on every ./configure run.
Ondřej Surý [Tue, 28 May 2019 21:15:38 +0000 (23:15 +0200)]
Merge unix/app.c and win32/app.c
The differences between two files are very minimal and most of the
code is common. Merge those two files and use #ifdef WIN32 to include
the right bits on Windows.
Michał Kępień [Fri, 7 Jun 2019 13:21:43 +0000 (15:21 +0200)]
Fix statistics for x86 Windows builds
Using atomic_int_fast64_t variables with atomic functions on x86 does
not cause Visual Studio to report build errors, but such operations
yield useless results. Since the isc_stat_t type is unconditionally
typedef'd to atomic_int_fast64_t, any code performing atomic operations
on isc_stat_t variables is broken in x86 Windows builds. Fix by using
the atomic_int_fast32_t type for isc_stat_t in x86 Windows builds.
Brian Conry [Tue, 18 Jun 2019 19:37:20 +0000 (14:37 -0500)]
Bump DNS_CLIENTINFOMETHODS_VERSION/_AGE to 2/1 in clientinfo.h
BIND 9.11.0 has bumped DNS_CLIENTINFOMETHODS_VERSION and _AGE to
version 2 and 1 in the dlz_minimal.h because a member was addet to the
dnsclientinfo struct. It was found out that the new member is not
used anywhere and there are no accessor functions therefore the change
was reverted.
Later on, it was found out that the revert caused some problems to the
users of BIND 9, and thus this changes takes a different approach by
syncing the values other way around.
Ondřej Surý [Tue, 18 Jun 2019 13:01:43 +0000 (15:01 +0200)]
Rename mctx in dnstest.c to dt_mctx to prevent any global/local name clashes
The common construct seen in the BIND 9 source is func(isc_mem_t *mctx, ...).
Unfortunately, the dnstest.{h,c} has been using mctx as a global symbol, which
in turn generated a lot of errors when update.c got included in update_test.c.
As a rule of thumb, we should avoid naming global symbols with generic names
(like mctx) and we should prefix them with "namespace" (like dt_mctx).
Ondřej Surý [Tue, 18 Jun 2019 12:56:41 +0000 (14:56 +0200)]
Make CHECK() macro local by moving it from dnstest.h to respective .c files
The CHECK() macro has been defined both in dnstest.h and update.c
files. This has created a conflict between macro definitions when
including both of the files in update_test.c. While the CHECK() macro
is convenient for the tests, it has been really used in just two
files, so the MR moves them into those respective .c files.
Ondřej Surý [Tue, 18 Jun 2019 12:48:00 +0000 (14:48 +0200)]
Fix spurious lib/dns/tests/update_test errors on macOS
lib/dns/tests/update_test was failing on macOS on random occasions. It
turned out this was a linker problem - it preferred isc_stdtime_get()
from libisc instead of the local version in lib/dns/tests/update_test.c.
Fix by including the original .c file in the unit test. This has two
benefits:
a) linking order may no longer cause issues as symbols found in the
same compilation unit are always preferred,
b) it allows writing tests for static functions in lib/dns/update.c.
Ondřej Surý [Wed, 19 Jun 2019 09:16:47 +0000 (11:16 +0200)]
Use couple more autoconf convenience macros to cleanup configure.ac
Pull and use several autoconf archive convenience macros to simplify
configure.ac.
* AX_CHECK_COMPILE_FLAG(FLAG, ...) - check whether given CFLAG works
* AX_CHECK_LINK_FLAG(FLAG, ...) - check whether given LDFLAG works
* AX_CHECK_PREPROC_FLAG(FLAG, ...) - check whether give CPPFLAG works
* AX_SAVE_FLAGS/AX_RESTORE_FLAGS - save and restore *FLAGS
Michał Kępień [Tue, 18 Jun 2019 07:14:07 +0000 (09:14 +0200)]
Always fail a system test if crashes are detected
In certain situations (e.g. a named instance crashing upon shutdown in a
system test which involves shutting down a server and restarting it
afterwards), a system test may succeed despite a named crash being
triggered. This must never be the case. Extend run.sh to mark a test
as failed if core dumps or log lines indicating assertion failures are
detected (the latter is only an extra measure aimed at test environments
in which core dumps are not generated; note that some types of crashes,
e.g. segmentation faults, will not be detected using this method alone).
Michał Kępień [Tue, 18 Jun 2019 06:51:50 +0000 (08:51 +0200)]
Fix transfer statistics extraction
Make the get_named_xfer_stats() helper shell function more precise in
order to prevent it from matching the wrong lines as that may trigger
false positives for the "ixfr" and "xfer" system tests. As an example,
the regular expression responsible for extracting the number of bytes
transmitted throughout an entire zone transfer could also match a line
containing the following string:
transfer of '<zone-name>/IN': sending TCP message of <integer> bytes
However, such a line is not one summarizing a zone transfer.
Also simplify both get_dig_xfer_stats() and get_named_xfer_stats() by
eliminating the need for "echo" statements in them.
Michał Kępień [Mon, 17 Jun 2019 12:15:18 +0000 (14:15 +0200)]
Fix key ID processing
If ns1/setup.sh generates a key with ID 0, the "KEYID" token in
ns1/named.conf.in will be replaced with an empty string, causing the
following broken statement to appear in ns1/named.conf:
tkey-dhkey "server" ;
Such a statement triggers false positives for the "tkey" system test due
to ns1 being unable to start with a broken configuration file. Fix by
tweaking the regular expression used for removing leading zeros from the
key ID, so that it removes at most 4 leading zeros.
Witold Kręcicki [Tue, 11 Jun 2019 09:32:35 +0000 (11:32 +0200)]
Make sure that recursclient gauge is calculated correctly.
We increase recursclients when we attach to recursion quota,
decrease when we detach. In some cases, when we hit soft
quota, we might attach to quota without increasing recursclients
gauge. We then decrease the gauge when we detach from quota,
and it causes the statistics to underflow.
Fix makes sure that we increase recursclients always when we
succesfully attach to recursion quota.
Michał Kępień [Fri, 31 May 2019 12:34:34 +0000 (14:34 +0200)]
Address GCC 9.1 -O3 compilation warnings
Compiling with -O3 triggers the following warnings with GCC 9.1:
task.c: In function ‘isc_taskmgr_create’:
task.c:1384:43: warning: ‘%04u’ directive output may be truncated writing between 4 and 10 bytes into a region of size 6 [-Wformat-truncation=]
1384 | snprintf(name, sizeof(name), "isc-worker%04u", i);
| ^~~~
task.c:1384:32: note: directive argument in the range [0, 4294967294]
1384 | snprintf(name, sizeof(name), "isc-worker%04u", i);
| ^~~~~~~~~~~~~~~~
task.c:1384:3: note: ‘snprintf’ output between 15 and 21 bytes into a destination of size 16
1384 | snprintf(name, sizeof(name), "isc-worker%04u", i);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
private_test.c: In function ‘private_nsec3_totext_test’:
private_test.c:110:9: warning: array subscript 4 is outside array bounds of ‘uint32_t[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds]
110 | while (*sp == '\0' && slen > 0) {
| ^~~
private_test.c:103:11: note: while referencing ‘salt’
103 | uint32_t salt;
| ^~~~
Prevent these warnings from being triggered by increasing the size of
the relevant array (task.c) and reordering conditions (private_test.c).
Witold Kręcicki [Fri, 31 May 2019 08:43:53 +0000 (10:43 +0200)]
Address GCC 8.3 -O3 compilation warning
Compiling with -O3 triggers the following warning with GCC 8.3:
driver.c: In function ‘dlz_findzonedb’:
driver.c:191:29: warning: ‘%u’ directive output may be truncated writing between 1 and 5 bytes into a region of size between 0 and 99 [-Wformat-truncation=]
snprintf(buffer, size, "%s#%u", addr_buf, port);
^~
driver.c:191:25: note: directive argument in the range [0, 65535]
snprintf(buffer, size, "%s#%u", addr_buf, port);
^~~~~~~
driver.c:191:2: note: ‘snprintf’ output between 3 and 106 bytes into a destination of size 100
snprintf(buffer, size, "%s#%u", addr_buf, port);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Increase the size of the relevant array to prevent this warning from
being triggered.
Michał Kępień [Fri, 31 May 2019 12:34:34 +0000 (14:34 +0200)]
Make some build jobs use -O3 optimizations
Change the compiler optimization level for Debian sid build jobs from
-O2 to -O3 in order to enable triggering compilation warnings which are
not raised when -O2 is used.
Witold Kręcicki [Wed, 5 Jun 2019 20:07:50 +0000 (22:07 +0200)]
In dns_zonemgr_unreachable use atomics to avoid unnecessary
write locking.
Unreachable cache in zonemgr is realized as an static LRU list.
When we 'use' an entry we need to update the last-used time, we
can use atomics to do so without the necessity to upgrading
read-lock to write-lock.
Evan Hunt [Mon, 10 Jun 2019 04:26:55 +0000 (21:26 -0700)]
specify title metadata and markdown format when calling pandoc
this change silences a warning message and prevents the unwanted
use of smart quotes when using pandoc 2.7.1 to generate human-readable
versions of README and other markdown files.
Evan Hunt [Wed, 3 Oct 2018 20:08:30 +0000 (13:08 -0700)]
update documentation
- change references to trusted-keys to dnssec-keys with static-key
- rebuild doc/misc/options and other generated grammar doc
- add a "see MANAGED-KEYS" note when building named.conf.docbook
Evan Hunt [Fri, 5 Oct 2018 19:00:42 +0000 (12:00 -0700)]
"dnssec-keys" is now a synonym for "managed-keys"
- managed-keys is now deprecated as well as trusted-keys, though
it continues to work as a synonym for dnssec-keys
- references to managed-keys have been updated throughout the code.
- tests have been updated to use dnssec-keys format
- also the trusted-keys entries have been removed from the generated
bind.keys.h file and are no longer generated by bindkeys.pl.
Evan Hunt [Wed, 3 Oct 2018 18:46:06 +0000 (11:46 -0700)]
update key checks in lib/bind9/check.c and fix checkconf test
- any use of trusted or static keys for the root zone will now
elicit a warning, regardless of what the keys may be
- ditto for any use of a key for dlv.isc.org, static or managed
Evan Hunt [Wed, 15 Aug 2018 23:59:45 +0000 (16:59 -0700)]
deprecate "trusted-keys"
- trusted-keys is now flagged as deprecated, but still works
- managed-keys can be used to configure permanent trust anchors by
using the "static-key" keyword in place of "initial-key"
- parser now uses an enum for static-key and initial-key keywords
Tony Finch [Fri, 13 Apr 2018 16:09:16 +0000 (17:09 +0100)]
Remove `cleaning-interval` remnants.
Since 2008, the cleaning-interval timer has been documented as
"effectively obsolete" and disabled in the default configuration with
a comment saying "now meaningless".
This change deletes all the code that implements the cleaning-interval
timer, except for the config parser in whcih it is now explicitly
marked as obsolete.
I have verified (using the deletelru and deletettl cache stats) that
named still cleans the cache after this change.
Ondřej Surý [Mon, 3 Jun 2019 12:13:23 +0000 (14:13 +0200)]
Revise the macOS section of <isc/endian.h>
Move the macOS section of <isc/endian.h> to a lower spot as it is
believed not to be the most popular platform for running BIND. Add a
comment and remove redundant definitions.
Ondřej Surý [Mon, 3 Jun 2019 12:13:23 +0000 (14:13 +0200)]
Make <isc/endian.h> detect GNU rather than Linux
Instead of only supporting Linux, try making <isc/endian.h> support
other GNU platforms as well. Since some compilers define __GNUC__ on
BSDs (e.g. Clang on FreeBSD), move the relevant section to the bottom of
the platform-specific part of <isc/endian.h>, so that it only gets
evaluated when more specific platform determination criteria are not
met. Also include <byteswap.h> so that any byte-swapping macros which
may be defined in that file on older platforms are used in the fallback
definitions of the nonstandard hto[bl]e{16,32,64}() and
[bl]e{16,32,64}toh() conversion functions.
Ondřej Surý [Mon, 3 Jun 2019 12:13:23 +0000 (14:13 +0200)]
Add Solaris support for <isc/endian.h>
While Solaris does not support the nonstandard hto[bl]e{16,32,64}() and
[bl]e{16,32,64}toh() conversion functions, it does have some
byte-swapping macros available in <sys/byteorder.h>. Ensure these
macros are used in the fallback definitions of the aforementioned
nonstandard functions.
Ondřej Surý [Mon, 3 Jun 2019 12:13:23 +0000 (14:13 +0200)]
Add fallback definitions to <isc/endian.h>
Since the hto[bl]e{16,32,64}() and [bl]e{16,32,64}toh() conversion
functions are nonstandard, add fallback definitions of these functions
to <isc/endian.h>, so that their unavailability does not prevent
compilation from succeeding.
Michał Kępień [Mon, 3 Jun 2019 12:13:23 +0000 (14:13 +0200)]
Fix <isc/endian.h> on BSD systems
Current versions of DragonFly BSD, FreeBSD, NetBSD, and OpenBSD all
support the modern variants of functions converting values between host
and big-endian/little-endian byte order while older ones might not.
Ensure <isc/endian.h> works properly in both cases.
Michał Kępień [Mon, 3 Jun 2019 11:43:29 +0000 (13:43 +0200)]
Properly detect presence of CDS/CDNSKEY records
Replace grep calls with awk scripts to more precisely detect presence of
CDS and CDNSKEY records in a signed zone file, in order to prevent rare
false positives for the "smartsign" system test triggered by the strings
"CDS" and/or "CDNSKEY" being accidentally present in the Base64 form of
DNSSEC-related data in the zone file being checked.
projects / thirdparty / bind9.git / log
