Mark Andrews [Wed, 1 Oct 2025 04:49:33 +0000 (14:49 +1000)]
Check notify with bad notify source address and tsig
named was asserting when the notify source address was not available
and TSIG was being used. Check this scenario by adding a nameserver
to the zone which is configured to uses a non-existent source address
and a blackholed destination address and a TSIG using a server clause
for that destination address.
Ondřej Surý [Thu, 19 Feb 2026 12:44:28 +0000 (13:44 +0100)]
Don't retry notify over TCP if it could not successed
Prevent retrying the notify over TCP in case the source address is not
available or the source vs the destination address family mismatch or
when the destination address has been blackholed. Properly log the
hard notify failures.
Ondřej Surý [Thu, 19 Feb 2026 12:44:23 +0000 (13:44 +0100)]
Fix assertion failure when sending notify fails over UDP
When dns_request_create() fails in notify_send_toaddr() the TSIG key was
not cleared when retrying over TCP causing assertion failure. Set the
TSIG key to NULL in the dns_message to prevent the assertion failure.
Michał Kępień [Fri, 13 Feb 2026 13:27:10 +0000 (14:27 +0100)]
Implement a response handler that forwards queries
Add a new response handler, ForwarderHandler, which enables forwarding
all queries to another DNS server. To simplify implementation, always
forward queries to the target server via UDP, even if they are
originally received using a different transport protocol.
Michał Kępień [Fri, 13 Feb 2026 13:27:10 +0000 (14:27 +0100)]
Log the server socket receiving each query
Extend AsyncDnsServer._log_query() and AsyncDnsServer._log_response() so
that they also log the <address, port> tuple for the socket on which a
given query was received on. Minimize the signatures of those methods
by taking advantage of all the information contained in the QueryContext
instances passed to them.
Michał Kępień [Fri, 13 Feb 2026 13:27:10 +0000 (14:27 +0100)]
Store server socket information in QueryContext
Extend the QueryContext class with a field holding the <address, port>
tuple for the socket on which a given query was received. This will
enable query handlers to act upon that information in arbitrary ways.
Ondřej Surý [Fri, 6 Feb 2026 19:57:31 +0000 (20:57 +0100)]
[9.20] fix: nil: Release gnamebuf also on the error path
In dst_gssapi_acceptctx(), the gnamebuf could leak a little bit of
memory if dns_name_fromtext() would theoretically fail. This would
require a Kerberos principal with invalid DNS name.
Closes #5737
Backport of MR !11536
Merge branch 'backport-5737-memory-leak-in-dst_gssapi_acceptctx-on-dns_name_fromtext-failure-9.20' into 'bind-9.20'
Ondřej Surý [Fri, 6 Feb 2026 16:50:55 +0000 (17:50 +0100)]
Release gnamebuf also on the error path
In dst_gssapi_acceptctx(), the gnamebuf could leak a little bit of
memory if dns_name_fromtext() would theoretically fail. This would
require a Kerberos principal with invalid DNS name.
Mark Andrews [Fri, 6 Feb 2026 01:52:55 +0000 (12:52 +1100)]
Record query time for all dnstap responses
The description in the protobuf specification is not a list of request
types to process but rather a list of examples to qualify the
description of whether the time indicates when the message is received
or sent.
Nicki Křížek [Thu, 29 Jan 2026 10:42:37 +0000 (11:42 +0100)]
Allow re-run of kasp test case on all FreeBSDs
Previously, the issue when the kasp.test_kasp_case[secondary.kasp] fails
due to a timeout has been only ocassionally observed on FreeBSD 13
in our CI. It seems to have come back on FreeBSD 15.
Very large inbound IXFR transfers were much slower compared to BIND
9.18. The performance was improved by adding specialized logic to
handle IXFR transfers.
Closes #5442
Backport of MR !11077
Merge branch 'backport-5442-ixfr-batch-transaction-9.20' into 'bind-9.20'
Alessio Podda [Thu, 29 Jan 2026 08:56:24 +0000 (09:56 +0100)]
Handle databases with no update methods
Non qp/rbt databases might not implement the
dns_db_(begin|commit|abort)update methods. This commit ensures that we
return ISC_R_NOTIMPLEMENTED in those cases.
Alessio Podda [Sat, 25 Oct 2025 09:01:35 +0000 (11:01 +0200)]
Implement qpzone specific update path
This commit implements a batch update function for qpzone. The main
reason for this is speed: using addrdataset would cause a qp transaction
per rrdataset added, leading to a substantial slowdown compared to
RBTDB. The new API results in a qp transaction per applied diff.
Alessio Podda [Fri, 24 Oct 2025 22:47:42 +0000 (00:47 +0200)]
Abstract updates into a vtable
This commit adds a layer of indirection to the apply_diff logic used by
IXFR and resigning by having the database updates go through a vtable.
We do this in three steps:
- We extend dns_rdatacallbacks_t vtable to allow subtraction and
resigning.
- We add a new set of api (begin|commit|abort)update to the dbmethods
vtable, that model an incremental update that can be aborted.
- We extract the core logic of diff_apply into a function that
satisfies the new interface.
- We make diff_apply use this new function, and log the results.
The intent of this commit is to allow databases to expose a batch
incremental update implementation, just like they expose a custom
batch creation implementation through (begin|end)load.
Alessio Podda [Sat, 25 Oct 2025 09:01:27 +0000 (11:01 +0200)]
Clean up ixfr transaction API
Make the API tighter. The idea of this commit is to highlight the
distinction between a database transaction and a journal transaction,
and ensure we run dns_zone_verifydb on error.
Mark Andrews [Wed, 28 Jan 2026 14:06:54 +0000 (01:06 +1100)]
[9.20] fix: test: ISC_RUN_TEST_IMPL should use a static declaration
These functions don't need to be called from multiple places and
by making them static we will detect when they are not added to the
list functions to be tested.
Closes #5715
Backport of MR !11480
Merge branch 'backport-5715-isc_run_test_impl-should-use-a-static-declaration-9.20' into 'bind-9.20'
Mark Andrews [Fri, 23 Jan 2026 04:57:42 +0000 (15:57 +1100)]
ISC_RUN_TEST_IMPL should use a static declaration
These functions don't need to be called from multiple places and
by making them static we will detect when they are not added to the
list functions to be tested.
Mark Andrews [Tue, 27 Jan 2026 21:40:42 +0000 (08:40 +1100)]
[9.20] chg: dev: Use enum rather than numbers for isc_base64_tobuffer and isc_hex_tobuffer
Use isc_one_or_more and isc_zero_or_more rather than (-2) and
(-1) when calling isc_base64_tobuffer. Similarly for
isc_hex_tobuffer. This should help reduce the probability
that the wrong number is used and it makes the intent clearer.
Closes #5713
Backport of MR !11479
Merge branch 'backport-5713-use-macros-with-isc_base64_tobuffer-and-isc_hex_tobuffer-9.20' into 'bind-9.20'
Mark Andrews [Fri, 23 Jan 2026 03:53:18 +0000 (14:53 +1100)]
Add enum for use with isc_base64_tobuffer and isc_hex_tobuffer
This adds the following enum isc_one_or_more and isc_zero_or_more
which specify if one or more or zeror or more bytes are required
when reading the unbounded base64 / hex encoded data.
Arаm Sаrgsyаn [Tue, 27 Jan 2026 13:28:33 +0000 (13:28 +0000)]
[9.20] fix: usr: Fix a possible issue with reponse policy zones and catalog zones
If a response policy zone (RPZ) or a catalog zone contained an
`$INCLUDE` directive, then manually reloading that zone could
fail to process the changes in the response policy or in the
catalog, respectively. This has been fixed.
Closes #5714
Backport of MR !11489
Merge branch 'backport-5714-zone_loaddone-rpz-and-catz-bugfix-9.20' into 'bind-9.20'
Aram Sargsyan [Mon, 26 Jan 2026 15:34:00 +0000 (15:34 +0000)]
Fix a bug in zone_loaddone()
The zone_loaddone() function disables database notifications for
a catalog zones and response policy zones (RPZ) when loading had
failed. Howerer, the 'result != ISC_R_SUCCESS' check is insufficient,
because the DNS_R_SEENINCLUDE result also indicates success.
Nicki Křížek [Tue, 27 Jan 2026 12:20:24 +0000 (13:20 +0100)]
[9.20] fix: test: Resolve the system_test_dir in pytest
If the system_test_dir contains a symlink, then it might cause issues
further down when using relative_to(), unless it is resolved first. This
has been observed on FreeBSD13 in CI where /home is a symlink to
/usr/home.
Backport of MR !11490
Merge branch 'backport-nicki/pytest-freebsd13-artifacts-path-9.20' into 'bind-9.20'
Nicki Křížek [Mon, 26 Jan 2026 17:37:00 +0000 (18:37 +0100)]
Resolve the system_test_dir in pytest
If the system_test_dir contains a symlink, then it might cause issues
further down when using relative_to(), unless it is resolved first. This
has been observed on FreeBSD13 in CI where /home is a symlink to
/usr/home.
Štěpán Balážik [Thu, 25 Dec 2025 15:58:35 +0000 (16:58 +0100)]
Store the most specific matched domain in DomainHandler
Store the most specific matching domain in DomainHandler and
expose it through the `matched_domain` property for subclasses
to use in their implementations of `get_responses`.
Mark Andrews [Fri, 23 Jan 2026 15:19:23 +0000 (02:19 +1100)]
[9.20] fix: usr: DSYNC record incorrectly used two octets for the Scheme Field
When creating the `DSYNC` record from a structure, `uint16_tobuffer` was used instead of `uint8_tobuffer` when adding the scheme, causing a `DSYNC` record that was one octet too long. This has been fixed.
Closes #5711
Backport of MR !11477
Merge branch 'backport-5711-dsync_fromstruct-produces-an-invalid-record-9.20' into 'bind-9.20'
Mark Andrews [Fri, 23 Jan 2026 02:32:41 +0000 (13:32 +1100)]
dsync_from struct produced an invalid record
uint16_tobuffer was used instead of uint8_tobuffer when adding the
scheme to the buffer. This produced a record that was one octet
too long. This has been fixed.
Andoni Duarte [Fri, 23 Jan 2026 12:38:56 +0000 (12:38 +0000)]
[9.20] chg: ci: Use a small always-on runner for lightweight CI jobs
Some CI jobs spend more time pulling the docker image and setting up their environment than running the script. This MR adds a tag `smalljob` to jobs considered lightweight in order to run them on a dedicated small VM.
Backport of MR !11266
Merge branch 'backport-andoni/try-small-vm-for-lightweight-ci-jobs-9.20' into 'bind-9.20'
Move CI stage "other-checks" right after "quick-checks"
Move CI stage "other-checks" right after "quick-checks" and get the jobs
in it as close to each other as possible in .gitlab-ci.yml.
Since no job is allowed to depend (via "needs") on any job that is
assigned to a stage later than its own, move the "tsan:stress" and
"gcov" jobs to the "system" stage.
Rename the "postcheck" stage to "other-checks" in CI
Rename the "postcheck" CI stage to the more generic "other-checks".
Slower jobs that still run in autoscaled runners belong here, as opposed
to the lightweight ones in "quick-checks".
Rename the "precheck" stage in CI to "quick-checks"
Most jobs in the "precheck" stage spend more time setting up their
environment than running the script (seconds), this allows us to add a
small always on dedicated runner instead of the autoscaled ones.
Hence, the stage is renamed to "quick-checks", and a tag "smalljob" is
added to the anchor so that these jobs are picked by the dedicated
runner.
projects / thirdparty / bind9.git / log
