Ondřej Surý [Mon, 3 Jun 2019 12:13:23 +0000 (14:13 +0200)]
Revise the macOS section of <isc/endian.h>
Move the macOS section of <isc/endian.h> to a lower spot as it is
believed not to be the most popular platform for running BIND. Add a
comment and remove redundant definitions.
Ondřej Surý [Mon, 3 Jun 2019 12:13:23 +0000 (14:13 +0200)]
Make <isc/endian.h> detect GNU rather than Linux
Instead of only supporting Linux, try making <isc/endian.h> support
other GNU platforms as well. Since some compilers define __GNUC__ on
BSDs (e.g. Clang on FreeBSD), move the relevant section to the bottom of
the platform-specific part of <isc/endian.h>, so that it only gets
evaluated when more specific platform determination criteria are not
met. Also include <byteswap.h> so that any byte-swapping macros which
may be defined in that file on older platforms are used in the fallback
definitions of the nonstandard hto[bl]e{16,32,64}() and
[bl]e{16,32,64}toh() conversion functions.
Ondřej Surý [Mon, 3 Jun 2019 12:13:23 +0000 (14:13 +0200)]
Add Solaris support for <isc/endian.h>
While Solaris does not support the nonstandard hto[bl]e{16,32,64}() and
[bl]e{16,32,64}toh() conversion functions, it does have some
byte-swapping macros available in <sys/byteorder.h>. Ensure these
macros are used in the fallback definitions of the aforementioned
nonstandard functions.
Ondřej Surý [Mon, 3 Jun 2019 12:13:23 +0000 (14:13 +0200)]
Add fallback definitions to <isc/endian.h>
Since the hto[bl]e{16,32,64}() and [bl]e{16,32,64}toh() conversion
functions are nonstandard, add fallback definitions of these functions
to <isc/endian.h>, so that their unavailability does not prevent
compilation from succeeding.
Michał Kępień [Mon, 3 Jun 2019 12:13:23 +0000 (14:13 +0200)]
Fix <isc/endian.h> on BSD systems
Current versions of DragonFly BSD, FreeBSD, NetBSD, and OpenBSD all
support the modern variants of functions converting values between host
and big-endian/little-endian byte order while older ones might not.
Ensure <isc/endian.h> works properly in both cases.
Michał Kępień [Mon, 3 Jun 2019 11:43:29 +0000 (13:43 +0200)]
Properly detect presence of CDS/CDNSKEY records
Replace grep calls with awk scripts to more precisely detect presence of
CDS and CDNSKEY records in a signed zone file, in order to prevent rare
false positives for the "smartsign" system test triggered by the strings
"CDS" and/or "CDNSKEY" being accidentally present in the Base64 form of
DNSSEC-related data in the zone file being checked.
Witold Kręcicki [Fri, 31 May 2019 08:40:52 +0000 (10:40 +0200)]
Fix a possible race between udp dispatch and socket code
There's a small possibility of race between udp dispatcher and
socket code - socket code can still hold internal reference to a
socket while dispatcher calls isc_socket_open, which can cause
an assertion failure. Fix it by relaxing the assertion test, and
instead simply locking the socket in isc_socket_open.
Witold Kręcicki [Tue, 28 May 2019 12:03:13 +0000 (14:03 +0200)]
Use experimental "_ A" minimization in relaxed mode.
qname minimization, even in relaxed mode, can fail on
some very broken domains. In relaxed mode, instead of
asking for "foo.bar NS" ask for "_.foo.bar A" to either
get a delegation or NXDOMAIN. It will require more queries
than regular mode for proper NXDOMAINs.
Michał Kępień [Wed, 29 May 2019 09:05:01 +0000 (11:05 +0200)]
Optimize dig parameters to decrease test run time
Performing server setup checks using "+tries=3 +time=5" is redundant as
a single query is arguably good enough for determining whether a given
named instance was set up properly. Only use multiple queries with a
long timeout for resolution checks in the "legacy" system test, in order
to significantly reduce its run time (on a contemporary machine, from
about 1m45s to 0m40s).
Michał Kępień [Wed, 29 May 2019 09:05:01 +0000 (11:05 +0200)]
Add more EDNS checks for dig output files
In the "legacy" system test, in order to make server setup checks more
consistent with each other, add further checks for either presence or
absence of the EDNS OPT pseudo-RR in the responses returned by the
tested named instances.
Michał Kępień [Wed, 29 May 2019 09:05:01 +0000 (11:05 +0200)]
Use helper functions for checking resolution
Extract repeated dig and grep calls into two helper shell functions,
resolution_succeeds() and resolution_fails(), in order to reduce code
duplication in the "legacy" system test, emphasize the similarity
between all the resolution checks in that test, and make the conditions
for success and failure uniform for all resolution checks in that test.
Michał Kępień [Wed, 29 May 2019 09:05:01 +0000 (11:05 +0200)]
Use +dnssec instead of separate TXT records
When testing named instances which are configured to drop outgoing UDP
responses larger than 512 bytes, querying with DO=1 may be used instead
of querying for large TXT records as the effect achieved will be
identical: an unsigned response for a SOA query will be below 512 bytes
in size while a signed response for the same query will be over 512
bytes in size. Doing this makes all resolution checks in the "legacy"
system test more similar. Add checks for the TC flag being set in UDP
responses which are expected to be truncated to further make sure that
tested named instances behave as expected.
Michał Kępień [Wed, 29 May 2019 09:05:01 +0000 (11:05 +0200)]
Properly test servers with TCP support disabled
Sending TCP queries to test named instances with TCP support disabled
should cause dig output to contain the phrase "connection refused", not
"connection timed out", as such instances never open the relevant
sockets. Make sure that the "legacy" system test fails if the expected
phrase is not found in any of the relevant files containing dig output.
Ondřej Surý [Mon, 27 May 2019 14:11:11 +0000 (16:11 +0200)]
Use getconf LFS_{CFLAGS,LDFLAGS,LIBS} to get flags to compile lib/dns/gen
On some systems (namely Debian buster armhf) the readdir() call fails
with `Value too large for defined data type` unless the
_FILE_OFFSET_BITS=64 is defined. The correct way to fix this is to
get the appropriate compilation parameters from getconf system
interface.
Witold Kręcicki [Wed, 22 May 2019 10:37:03 +0000 (12:37 +0200)]
Fix a possible deadlock in TCP accepting
Each network thread holds an array of locks, indexed by a hash
of fd. When we accept a connection we hold a lock in accepting thread.
We then generate the thread number and lock bucket for the new
connection socket - if we hit the same thread and lock bucket as
accepting socket we get a deadlock. Avoid this by checking if we're
in the same thread/lock bucket and not locking in this case.
Ondřej Surý [Mon, 20 May 2019 16:20:55 +0000 (18:20 +0200)]
Add CHANGES entry:
5235. [cleanup] Refactor lib/isc/app.c to be thread-safe, unused
parts of the API has been removed and the
isc_appctx_t data type has been changed to be
fully opaque. [GL #1023]
Ondřej Surý [Mon, 13 May 2019 05:17:21 +0000 (12:17 +0700)]
Add most useful relaxed and acquire-relase stdatomic convenience macros
The header file <isc/atomic.h> now contains convenience macros for
most useful explicit memory ordering for C11 stdatomics, only relaxed
and acquire-release semantics is being used. These macros SHOULD be
used instead of atomic_<func>_explicit functions.
projects / thirdparty / bind9.git / log
