Michał Kępień [Thu, 21 May 2020 09:33:11 +0000 (11:33 +0200)]
Add py.test-3 to the list of tested pytest names
Some operating systems (e.g. CentOS, OpenBSD) install the main pytest
script as "py.test-3". Add that name to the list of names passed to
AC_PATH_PROGS() in order for pytest to be properly detected on a broader
range of operating systems.
Michał Kępień [Thu, 21 May 2020 09:33:11 +0000 (11:33 +0200)]
Do not use f-strings in Python system tests
Use str.format() instead of f-strings in Python system tests to enable
them to work on Python 3 versions older than 3.6 as the latter is not
available on some operating systems used in GitLab CI that are still
actively supported (CentOS 6, Debian 9, Ubuntu 16.04).
Michał Kępień [Thu, 21 May 2020 09:33:11 +0000 (11:33 +0200)]
Do not install doc build tools in GitLab CI jobs
As documentation building utilities are now all included in operating
system images used in GitLab CI, do not install them in each "docs" CI
job any more.
Michał Kępień [Thu, 21 May 2020 09:33:11 +0000 (11:33 +0200)]
Do not install Python packages in GitLab CI jobs
As Python QA tools, BIND system test prerequisites, and documentation
building utilities are now all included in operating system images used
in GitLab CI, do not use pip for installing them in each CI job any
more.
Michał Kępień [Thu, 21 May 2020 07:14:27 +0000 (09:14 +0200)]
Update release checklist
- First merge release branches to maintenance branches, then push
tags. If tags are pushed first and a given set of releases contains
security fixes, the push will be rejected by a server-side Git hook.
- Update ABI check job name.
- Add an item for updating QA tools used in GitLab CI after each
public release.
Witold Kręcicki [Tue, 19 May 2020 08:08:25 +0000 (10:08 +0200)]
Fix possible deadlock in unix/socket.c
In process_fd we lock sock->lock and then internal_accept locks mgr->lock,
in isc_sockmgr_render* functions we lock mgr->lock and then lock sock->lock,
that can cause a deadlock when accessing stats. Unlock sock->lock early in
all the internal_{send,recv,connect,accept} functions instead of late
in process_fd.
Stephen Morris [Thu, 5 Mar 2020 18:46:46 +0000 (18:46 +0000)]
Add test for reduction in number of fetches
Add a system test that counts how many address fetches are made
for different numbers of NS records and checks that the number
are successfully limited.
Mark Andrews [Thu, 6 Feb 2020 06:19:10 +0000 (17:19 +1100)]
Reduce the number of fetches we make when looking up addresses
If there are more that 5 NS record for a zone only perform a
maximum of 4 address lookups for all the name servers. This
limits the amount of remote lookup performed for server
addresses at each level for a given query.
Mark Andrews [Tue, 19 May 2020 00:09:51 +0000 (10:09 +1000)]
Address race in dnssec system test. 'clear signing records' can fail
as the update triggers by the rndc command to clear the signing records
may not have completed by the time the subsequent rndc command to test
that the records have been removed is commenced. Loop several times to
prevent false negative.
Apparently cppcheck 2.0 has issues with processing (&var)->field syntax,
which is what the macros from lib/isc/include/isc/buffer.h are evaluated
to. This issue was reported upstream [1] and will hopefully be
addressed in a future cppcheck release.
In the meantime, to avoid modifying BIND source code in multiple places
just because of a static checker false positive, work around the issue
by adding intermediate variables to buffer macro definitions using a sed
invocation in the cppcheck job script.
Michał Kępień [Mon, 18 May 2020 08:23:06 +0000 (10:23 +0200)]
Make GCC version extraction work with GCC 10
Add whitespace to the regular expression used for extracting the GCC
version from "gcc --version" output so that it works properly with
multi-digit major version numbers.
Michał Kępień [Mon, 18 May 2020 08:23:06 +0000 (10:23 +0200)]
Ensure cppcheck creates a HTML report upon failure
Commit ec72d1100d7e86c131ab1936f91ed4da87c48a4b broke the cppcheck job
in GitLab CI: when cppcheck fails, the script is immediately
interrupted, preventing cppcheck-htmlreport from being run. To ensure
the HTML report is generated when cppcheck fails, revert to invoking
cppcheck-htmlreport in the "after_script" part of the job.
Evan Hunt [Fri, 15 May 2020 20:10:36 +0000 (13:10 -0700)]
incidental fix: reduce a long timeout in dnstap test
the dnstap test was pausing for 20 seconds to search for a string in
named.run, which only appears if named is built with --enable-developer or
--enable-querytrace.
Evan Hunt [Fri, 15 May 2020 19:57:18 +0000 (12:57 -0700)]
move wire_test back to bin/tests, no longer dependent on dnstap
wire_test is not only used by the dnstap system test, but also in
fuzz testing. it doesn't need to be installed, but it's useful to have it
built when BIND is. this commit moves it back from bin/tests/system to
bin/tests, as a noinst_PROGRAM so that it's built by "make all" but
not installed.
Witold Kręcicki [Tue, 24 Mar 2020 12:38:51 +0000 (13:38 +0100)]
Redesigned TCP accepting: one listen/accept loop, passing the connected socket.
Instead of using bind() and passing the listening socket to the children
threads using uv_export/uv_import use one thread that does the accepting,
and then passes the connected socket using uv_export/uv_import to a random
worker. The previous solution had thundering herd problems (all workers
waking up on one connection and trying to accept()), this one avoids this
and is simpler.
The tcp clients quota is simplified with isc_quota_attach_cb - a callback
is issued when the quota is available.
Ondřej Surý [Tue, 12 May 2020 08:01:35 +0000 (10:01 +0200)]
Fail immediatelly when clean.sh or setup.sh fails
The `statschannel/ns2/` was missing `manykeys.db.in`, but the test
succeeded even when `setup.sh` (or `clean.sh`) failed to execute. This
commit makes run.sh to run in stricter mode and fail the test
immediately when `clean.sh` or `setup.sh` fails.
projects / thirdparty / bind9.git / log
