Witold Kręcicki [Thu, 21 May 2020 09:18:53 +0000 (11:18 +0200)]
Fix assertion failure during startup when the server is under load.
When we're coming back from recursion fetch_callback does not accept
DNS_R_NXDOMAIN as an rcode - query_gotanswer calls query_nxdomain in
which an assertion fails on qctx->is_zone. Yet, under some
circumstances, qname minimization will return an DNS_R_NXDOMAIN - when
root zone mirror is not yet loaded. The fix changes the DNS_R_NXDOMAIN
answer to DNS_R_SERVFAIL.
Diego Fronza [Mon, 25 May 2020 18:03:32 +0000 (15:03 -0300)]
Added test for the fix
This test ensures that named will correctly shutdown
when receiving multiple control connections after processing
of either "rncd stop" or "kill -SIGTERM" commands.
Before the fix, named was crashing due to a race condition happening
between two threads, one running shutdown logic in named/server.c
and other handling control logic in controlconf.c.
This test tries to reproduce the above scenario by issuing multiple
queries to a target named instance, issuing either rndc stop or kill
-SIGTERM command to the same named instance, then starting multiple rndc
status connections to ensure it is not crashing anymore.
Ondřej Surý [Tue, 23 Jun 2020 11:02:21 +0000 (13:02 +0200)]
Don't continue opening a new rndc connection if we are shutting down
Due to lack of synchronization, whenever named was being requested to
stop using rndc, controlconf.c module could be trying to access an already
released pointer through named_g_server->interfacemgr in a separate
thread.
The race could only be triggered if named was being shutdown and more
rndc connections were ocurring at the same time.
This fix correctly checks if the server is shutting down before opening
a new rndc connection.
Evan Hunt [Wed, 17 Jun 2020 19:09:10 +0000 (12:09 -0700)]
restore "blackhole" functionality
the blackhole ACL was accidentally disabled with respect to client
queries during the netmgr conversion.
in order to make this work for TCP, it was necessary to add a return
code to the accept callback functions passed to isc_nm_listentcp() and
isc_nm_listentcpdns().
Matthijs Mekking [Thu, 18 Jun 2020 15:07:52 +0000 (17:07 +0200)]
Output rndc dnssec -status
Implement the 'rndc dnssec -status' command that will output
some information about the key states, such as which policy is
used for the zone, what keys are in use, and when rollover is
scheduled.
Add loose testing in the kasp system test, the actual times are
already tested via key file inspection.
Matthijs Mekking [Wed, 17 Jun 2020 12:58:57 +0000 (14:58 +0200)]
Implement dummy 'rndc dnssec -status' command
Add the code and documentation required to provide DNSSEC signing
status through rndc. This does not yet show any useful information,
just provide the command that will output some dummy string.
Matthijs Mekking [Wed, 17 Jun 2020 12:00:09 +0000 (14:00 +0200)]
Move dst key printtime in separate function
I'd like to use the same functionality (pretty print the datetime
of keytime metadata) in the 'rndc dnssec -status' command. So it is
better that this logic is done in a separate function.
Since the stdtime.c code have differernt files for unix and win32,
I think the "#ifdef WIN32" define can be dropped.
Ondřej Surý [Mon, 29 Jun 2020 17:37:18 +0000 (19:37 +0200)]
Add missing rndc.conf header that was breaking manpages section
The rndc.conf main header was missing the header markup and that was
breaking the TOC for all manpages in the ARM because sphinx-build
incorrectly remembered the markup for subheader to be ~~~~ instead of
----.
Michał Kępień [Thu, 23 Apr 2020 10:32:35 +0000 (12:32 +0200)]
Fix build-time GSSAPI detection on Tumbleweed
The "krb5-devel" package on openSUSE Tumbleweed installs the
"krb5-config" binary into a custom prefix, which prevents BIND's
"configure" script from autodetecting it. Fix by specifying the path to
the "krb5-config" binary using --with-gssapi.
Michał Kępień [Mon, 29 Jun 2020 08:23:23 +0000 (10:23 +0200)]
Fix libdns CFLAGS
Since lib/dns/include/dns/view.h unconditionally defines dnstap-related
fields in struct dns_view (and includes <dns/dnstap.h>), care must be
taken to ensure that any source file which includes <dns/view.h> gets
built with a set of CFLAGS which allows <dns/dnstap.h> to be properly
processed (particularly its <fstrm.h> and <protobuf-c/protobuf-c.h>
conditional dependencies which are only included for dnstap-enabled
builds). Ensure that by making LIBDNS_CFLAGS include DNSTAP_CFLAGS when
building with dnstap support.
Michał Kępień [Mon, 29 Jun 2020 08:23:23 +0000 (10:23 +0200)]
Fix restoring CFLAGS and LIBS in AX_LIB_LMDB()
The AX_LIB_LMDB() macro attempts to test the potential LMDB installation
path provided to it by temporarily updating CFLAGS and LIBS, calling
AC_SEARCH_LIBS(), and then restoring CFLAGS and LIBS to their original
values. However, including certain statements (e.g. "break") in the
arguments provided to the AX_LIB_LMDB() macro may cause an early exit
from it, in which case CFLAGS and LIBS will be left polluted. Fix by
resetting CFLAGS and LIBS to their original values before executing the
commands provided as AX_LIB_LMDB() arguments.
Matthijs Mekking [Tue, 26 May 2020 11:28:29 +0000 (13:28 +0200)]
kasp tests: fix wait for reconfig done
The wait until zones are signed after rndc reconfig is broken
because the zones are already signed before the reconfig. Fix
by having a different way to ensure the signing of the zone is
complete. This does require a call to the "wait_for_done_signing"
function after each "check_keys" call after the ns6 reconfig.
The "wait_for_done_signing" looks for a (newly added) debug log
message that named will output if it is done signing with a certain
key.
Evan Hunt [Mon, 22 Jun 2020 23:45:47 +0000 (16:45 -0700)]
Make netmgr tcpdns send calls asynchronous
isc__nm_tcpdns_send() was not asynchronous and accessed socket
internal fields in an unsafe manner, which could lead to a race
condition and subsequent crash. Fix it by moving tcpdns processing
to a proper netmgr thread.
Witold Kręcicki [Mon, 22 Jun 2020 22:46:11 +0000 (15:46 -0700)]
Fix a shutdown race in netmgr udp
We need to mark the socket as inactive early (and synchronously)
in the stoplistening process; otherwise we might destroy the
callback argument before we actually stop listening, and call
the callback on bad memory.
Mark Andrews [Tue, 23 Jun 2020 07:00:43 +0000 (17:00 +1000)]
Resize unamebuf[] to avoid warnings about snprintf() not having
enough buffer space. Also change named_os_uname() prototype so
that it is now returning (const char *) rather than (char *). If
uname() is not supported on a UNIX build prepopulate unamebuf[]
with "unknown architecture".
Michał Kępień [Wed, 24 Jun 2020 08:07:57 +0000 (10:07 +0200)]
Fix libtool initialization
The LT_INIT() call in configure.ac is effectively a no-op because it is
preceded by a call to AC_PROG_LIBTOOL(), which is the previous name of
LT_INIT() used in older libtool versions. Replace AC_PROG_LIBTOOL()
with AC_PATH_PROG() to look for libtool in PATH without initializing it,
which is the originally intended behavior.
Without this change, --enable-static is used by default, which causes a
plain ./configure invocation to fail because static linking is now
disallowed. Drop --disable-static from the ./configure invocations used
in GitLab CI to test this scenario continuously.
Ondřej Surý [Tue, 16 Jun 2020 08:38:46 +0000 (10:38 +0200)]
Disable and disallow static linking
Linking BIND 9 programs and libraries statically disables several
important features:
* dlopen() - relied on by dynamic loading of modules, dlz, and dyndb,
* RELRO (read-only relocations) and ASLR (address space layout
randomization) - security features which are important for any
program interacting with the network and/or user input.
Disable and disallow linking BIND 9 binaries statically, thus enforcing
dlopen() support and allowing use of RELRO and ASLR by default.
Tony Finch [Sun, 21 Jun 2020 20:17:51 +0000 (21:17 +0100)]
Fix `rndc dnstap -roll N`
The `rndc` argument was always overridden by the static configuration,
because the logic for handling the number of dnstap files to retain
was both backwards and a bit redundant.
Ondřej Surý [Mon, 22 Jun 2020 12:26:07 +0000 (14:26 +0200)]
Enable maintainer mode by default only when building from git
When maintainer mode is enabled (./configure --enable-maintainer-mode)
it enables rebuild of documentation source files that require extra
tools to be installed or compiled. For a convenience, those files are
already committed into the repository and their rebuild is not required
to build BIND 9 from sources.
Ondřej Surý [Mon, 22 Jun 2020 11:08:58 +0000 (13:08 +0200)]
Rebuild the manpages sources only when in maintainer mode
Similarly, the manpage sources will get rebuild only when in maintainer
mode because they require sphinx-build to be available locally and that
might not be always the case.
Ondřej Surý [Mon, 22 Jun 2020 11:03:07 +0000 (13:03 +0200)]
Rebuild the file in doc/misc only when in maintainer mode
The files in doc/misc requires all the BIND 9 libraries to be built
before the documentation can be built. One of the extra automake
features is maintainer mode that allows to conditionally build and clean
files that require special tools. Make use of the automake maintainer
mode to not rebuild the files in doc/misc under normal circumstances.
Evan Hunt [Sat, 20 Jun 2020 22:39:43 +0000 (15:39 -0700)]
reorder system tests to shorten runtime
if tests that take a particularly long time to complete
(serve-stale, dnssec, rpzrecurse) are run first, a parallel
run of the system tests can finish 1-2 minutes faster.
Ondřej Surý [Mon, 22 Jun 2020 10:41:01 +0000 (12:41 +0200)]
Remove // not configured when generating doc/misc/options
The doc/misc/options is used to generate a file describing all
configuration options. Currently, the file contents could differ
based on ./configure option which is kind of suboptimal.
We already removed the "// not configured" from the options.active, and
this time we remove generation of the string altogether.
Evan Hunt [Wed, 17 Jun 2020 00:48:42 +0000 (17:48 -0700)]
"check-names primary" and "check-names secondary" were ignored
these keywords were added to the parser as synonyms for "master"
and "slave" but were never hooked in to the configuration of named,
so they were ignored. this has been fixed and the option is now
checked for correctness.
Evan Hunt [Sat, 6 Jun 2020 00:32:36 +0000 (17:32 -0700)]
implement isc_nm_cancelread()
The isc_nm_cancelread() function cancels reading on a connected
socket and calls its read callback function with a 'result'
parameter of ISC_R_CANCELED.
when isc_nm_destroy() is called, there's a loop that waits for
other references to be detached, pausing and unpausing the netmgr
to ensure that all the workers' events are run, followed by a
1-second sleep. this caused a delay on shutdown which will be
noticeable when netmgr is used in tools other than named itself,
so the delay has now been reduced to a hundredth of a second.
Evan Hunt [Tue, 17 Dec 2019 02:24:55 +0000 (18:24 -0800)]
implement isc_nm_tcpconnect()
the isc_nm_tcpconnect() function establishes a client connection via
TCP. once the connection is esablished, a callback function will be
called with a newly created network manager handle.
Witold Kręcicki [Wed, 10 Jun 2020 00:07:16 +0000 (17:07 -0700)]
allow tcpdns sockets to self-reference while connected
A TCPDNS socket creates a handle for each complete DNS message.
Previously, when all the handles were disconnected, the socket
would be closed, but the wrapped TCP socket might still have
more to read.
Now, when a connection is established, the TCPDNS socket creates
a reference to itself by attaching itself to sock->self. This
reference isn't cleared until the connection is closed via
EOF, timeout, or server shutdown. This allows the socket to remain
open even when there are no active handles for it.
Evan Hunt [Fri, 5 Jun 2020 06:13:54 +0000 (23:13 -0700)]
modify reference counting within netmgr
- isc__nmhandle_get() now attaches to the sock in the nmhandle object.
the caller is responsible for dereferencing the original socket
pointer when necessary.
- tcpdns listener sockets attach sock->outer to the outer tcp listener
socket. tcpdns connected sockets attach sock->outerhandle to the handle
for the tcp connected socket.
- only listener sockets need to be attached/detached directly. connected
sockets should only be accessed and reference-counted via their
associated handles.
Evan Hunt [Thu, 4 Jun 2020 21:54:36 +0000 (14:54 -0700)]
make isc_nmsocket_{attach,detach}{} functions private
there is no need for a caller to reference-count socket objects.
they need tto be able tto close listener sockets (i.e., those
returned by isc_nm_listen{udp,tcp,tcpdns}), and an isc_nmsocket_close()
function has been added for that. other sockets are only accessed via
handles.
Michał Kępień [Thu, 18 Jun 2020 08:52:54 +0000 (10:52 +0200)]
Fix ABI check job in GitLab CI
Since the reference BIND version for the ABI check job which is run for
the main branch is now 9.17.2, autoreconf needs to be run before
./configure as the latter is no longer present in the Git repository.
projects / thirdparty / bind9.git / log
