]>
git.ipfire.org Git - thirdparty/bind9.git/log
Matthijs Mekking [Thu, 31 Jan 2019 09:25:20 +0000 (04:25 -0500)]
Merge branch '101-dumpdb-stale-ttl' into 'master'
Resolve "[Support#12071] [RT#46548] Output stale/expired data with 'rndc dumpdb'"
Closes #101
See merge request isc-projects/bind9!1387
Matthijs Mekking [Wed, 30 Jan 2019 12:58:50 +0000 (13:58 +0100)]
CHANGES
Matthijs Mekking [Thu, 24 Jan 2019 09:28:41 +0000 (10:28 +0100)]
Add tests for dumpdb stale ttl
This adds a test for rndc dumpdb to ensure the correct "stale
comment" is printed. It also adds a test for non-stale data to
ensure no "stale comment" is printed for active RRsets.
In addition, the serve-stale tests are hardened with more accurate
grep calls.
Matthijs Mekking [Thu, 24 Jan 2019 09:24:44 +0000 (10:24 +0100)]
Print in dump-file stale ttl
This change makes rndc dumpdb correctly print the "; stale" line.
It also provides extra information on how long this data may still
be served to clients (in other words how long the stale RRset may
still be used).
Evan Hunt [Wed, 30 Jan 2019 19:59:35 +0000 (14:59 -0500)]
Merge branch '821-matthijs-unsigned-gss-tsig-tkey-query-response' into 'master'
Resolve "Unsigned GSS-TSIG TKEY Query Response"
Closes #821
See merge request isc-projects/bind9!1429
Matthijs Mekking [Wed, 30 Jan 2019 10:16:04 +0000 (11:16 +0100)]
Update CHANGES
Matthijs Mekking [Wed, 30 Jan 2019 10:12:49 +0000 (11:12 +0100)]
Harden checks
Matthijs Mekking [Wed, 30 Jan 2019 09:57:06 +0000 (10:57 +0100)]
Better signed TKEY response verification
Matthijs Mekking [Wed, 30 Jan 2019 09:04:41 +0000 (10:04 +0100)]
No longer need +question
Evan Hunt [Tue, 29 Jan 2019 19:56:17 +0000 (11:56 -0800)]
suggested alternate test for TSIG signature
feel free to remove this commit if you prefer the other method.
Evan Hunt [Tue, 29 Jan 2019 19:57:57 +0000 (11:57 -0800)]
"grep -q" isn't portable
Evan Hunt [Tue, 29 Jan 2019 19:51:48 +0000 (11:51 -0800)]
remove the 'new_tsigkey' exception, allow TSIG to be set any time
this allows 'dns_message_settsigkey()' to be run any time after
parsing without having to set a special flag in the message object.
Evan Hunt [Tue, 29 Jan 2019 19:39:06 +0000 (11:39 -0800)]
allow TSIG key to be added to message structure after parsing
up until now, message->tsigkey could only be set during parsing
of the request, but gss-tsig allows one to be created afterward.
this commit adds a new flag to the message structure, `new_tsigkey`,
which indicates that in this case it's okay for `dns_message_settsigkey()`
to be run on a message after parsing, without hitting any assertions due
to the lack of a TSIG in the request. this allows us to keep the current
restriction in place generally, but add an exception for TKEY processing.
it's probably better to just remove the restriction entirely (see next
commit).
Matthijs Mekking [Tue, 29 Jan 2019 17:09:06 +0000 (18:09 +0100)]
Weak verification for signed TKEY response
The introduced grep call checks whether there was a
response that has an answer and an additional record.
There should be only one in the nsupdate output that is
for the TKEY response.
Matthijs Mekking [Tue, 29 Jan 2019 17:10:27 +0000 (18:10 +0100)]
Some thoughts on a solution
Matthijs Mekking [Tue, 29 Jan 2019 17:09:06 +0000 (18:09 +0100)]
Weak verification for signed TKEY response
The introduced grep call checks whether there was a
response that has an answer and an additional record.
There should be only one in the nsupdate output that is
for the TKEY response.
Matthijs Mekking [Tue, 29 Jan 2019 16:58:46 +0000 (17:58 +0100)]
Harden GSS-TSIG tests
Ondřej Surý [Wed, 30 Jan 2019 15:56:47 +0000 (10:56 -0500)]
Merge branch 'each-fix-win32-build' into 'master'
atomic_store wasn't working on windows
See merge request isc-projects/bind9!1403
Ondřej Surý [Wed, 30 Jan 2019 14:50:35 +0000 (15:50 +0100)]
Fix Centos 6 build by explicitly casting to __typeof__(obj) in atomic_compare_exchange_strong shim function
Witold Kręcicki [Wed, 30 Jan 2019 10:21:30 +0000 (11:21 +0100)]
Cast atomic_load_explicit to proper size
Ondřej Surý [Tue, 29 Jan 2019 16:07:27 +0000 (17:07 +0100)]
Add #pragma intrinsic for intrinsic Windows functions
Ondřej Surý [Tue, 29 Jan 2019 15:35:03 +0000 (16:35 +0100)]
Fix memory_order_cst_seq -> memory_order_seq_cst typo
Ondřej Surý [Tue, 29 Jan 2019 15:19:50 +0000 (16:19 +0100)]
Properly use atomic_compare_exchange instead of load/store
Ondřej Surý [Tue, 29 Jan 2019 14:27:55 +0000 (15:27 +0100)]
Add define for InterlockedExchangeAdd8 intrinsic
Ondřej Surý [Tue, 29 Jan 2019 09:30:54 +0000 (10:30 +0100)]
Add atomic_bool implementation to unix and win32 stdatomic.h shim headers
Ondřej Surý [Mon, 28 Jan 2019 20:29:56 +0000 (21:29 +0100)]
Fix copy&paste error in the atomic_fetch_add_explicit{32,64} macros.
- InterlockedExchange was incorrectly used in place where InterlockedExchangeAdd
should have been used
Ondřej Surý [Tue, 29 Jan 2019 09:24:37 +0000 (10:24 +0100)]
Bump Windows minimum target environment to _WIN32_WINNT_WIN8/NTDDI_WIN8 values
Evan Hunt [Fri, 25 Jan 2019 21:38:24 +0000 (13:38 -0800)]
Fix a typo in the win32 version of the atomic_store macro
Evan Hunt [Fri, 25 Jan 2019 21:38:24 +0000 (13:38 -0800)]
Moved the unix version to lib/isc/unix/include/isc so it's more obvious in the future that it isn't the only copy
Mark Andrews [Wed, 30 Jan 2019 04:36:31 +0000 (23:36 -0500)]
Merge branch '848-keymgr-19-old-keys-failing-on-penguin' into 'master'
Resolve "keymgr 19-old-keys failing on penguin"
Closes #848
See merge request isc-projects/bind9!1424
Mark Andrews [Wed, 30 Jan 2019 04:07:30 +0000 (15:07 +1100)]
add CHANGES
Mark Andrews [Wed, 30 Jan 2019 02:02:14 +0000 (13:02 +1100)]
add 300 seconds of fudge
Mark Andrews [Wed, 30 Jan 2019 01:12:47 +0000 (12:12 +1100)]
only use a single policy file when testing.
Evan Hunt [Tue, 29 Jan 2019 23:07:31 +0000 (18:07 -0500)]
Merge branch 'placeholder' into 'master'
placeholder
See merge request isc-projects/bind9!1421
Evan Hunt [Tue, 29 Jan 2019 23:07:01 +0000 (15:07 -0800)]
placeholder
Evan Hunt [Tue, 29 Jan 2019 22:19:49 +0000 (17:19 -0500)]
Merge branch '766-querytrace-doc' into 'master'
Resolve "--enable-querytrace has negative performance impact - update the documentation to say this"
Closes #766
See merge request isc-projects/bind9!1367
Evan Hunt [Sun, 20 Jan 2019 00:12:45 +0000 (16:12 -0800)]
added querytrace documentation in README
also:
- rearranged things a little, adding a "dependencies" section
- removed the documentation of 'enable-threads'. (this part of
the change should not be backported.)
Michał Kępień [Tue, 29 Jan 2019 12:53:15 +0000 (07:53 -0500)]
Merge branch 'michal/add-fedora-29-to-ci' into 'master'
Add Fedora 29 to CI
See merge request isc-projects/bind9!1414
Michał Kępień [Tue, 29 Jan 2019 12:02:53 +0000 (13:02 +0100)]
Add Fedora 29 to CI
Modify .gitlab-ci.yml so that every CI pipeline also builds and tests
BIND on Fedora 29.
Ondřej Surý [Tue, 29 Jan 2019 12:20:41 +0000 (07:20 -0500)]
Merge branch 'ondrej/configure.ac-fix-int-assignment-to-pointer-in-ECC-checks' into 'master'
Change the check for EC curves so it doesn't assign int to pointer
See merge request isc-projects/bind9!1413
Ondřej Surý [Mon, 28 Jan 2019 15:31:22 +0000 (16:31 +0100)]
Change the check for EC curves so it doesn't assign int to pointer
Witold Krecicki [Tue, 29 Jan 2019 08:56:55 +0000 (03:56 -0500)]
Merge branch 'wpk-fix-taskmgr-tsan-issues' into 'master'
ix taskmgr tsan issues
See merge request isc-projects/bind9!1396
Witold Kręcicki [Fri, 18 Jan 2019 10:47:43 +0000 (11:47 +0100)]
Fix a race in access to manager->tasks in taskmgr
Make taskmgr->mode and boolean state flags (exclusive, paused, exiting) atomic.
Mark Andrews [Tue, 29 Jan 2019 04:59:57 +0000 (23:59 -0500)]
Merge branch '845-configure-PLATFORMS' into 'master'
corrected PLATFORM.md to PLATFORMS.md to match reality
Closes #845
See merge request isc-projects/bind9!1408
Alan [Tue, 29 Jan 2019 04:01:11 +0000 (04:01 +0000)]
corrected PLATFORM.md to PLATFORMS.md to match reality
Evan Hunt [Tue, 29 Jan 2019 04:24:42 +0000 (23:24 -0500)]
Merge branch '259-named-args' into 'master'
add properly-formatted -D options to named.args files
Closes #259
See merge request isc-projects/bind9!1372
Evan Hunt [Tue, 29 Jan 2019 02:11:57 +0000 (18:11 -0800)]
also add -D options for transient named processes started in tests.sh
Evan Hunt [Mon, 21 Jan 2019 06:54:01 +0000 (22:54 -0800)]
add properly-formatted -D options to named.args files
this prevents servers that use arguments specified in named.args
from appearing different in 'ps' output from servers run with arguments
from start.pl
Evan Hunt [Tue, 29 Jan 2019 03:57:47 +0000 (22:57 -0500)]
Merge branch 'each-fix-logfileconfig' into 'master'
reset SYSTEMTESTTOP when changing directories
See merge request isc-projects/bind9!1407
Evan Hunt [Tue, 29 Jan 2019 02:13:31 +0000 (18:13 -0800)]
reset SYSTEMTESTTOP when changing directories
Mark Andrews [Tue, 29 Jan 2019 02:32:56 +0000 (21:32 -0500)]
Merge branch '842-broken-build' into 'master'
rename struct members to avoid a name collision on BSD and MacOS
Closes #842
See merge request isc-projects/bind9!1406
Evan Hunt [Mon, 28 Jan 2019 18:59:27 +0000 (10:59 -0800)]
rename struct members to avoid a name collision on BSD
Evan Hunt [Mon, 28 Jan 2019 18:54:15 +0000 (13:54 -0500)]
Merge branch 'michal/update-PLATFORMS-2019-01' into 'master'
Update PLATFORMS (January 2019)
See merge request isc-projects/bind9!1405
Michał Kępień [Mon, 28 Jan 2019 12:37:39 +0000 (13:37 +0100)]
Update the list of supported platforms
- Change 5023 (present in BIND 9.13.3+) removed BIND's internal
implementation of the getifaddrs() function which was required for
iterating network interfaces on Solaris 10 as that system does not
support that function natively.
- As of January 2019, FreeBSD 10.x is neither supported upstream nor
regularly tested by ISC, so move it from the list of regularly tested
platforms to the "Best effort" section.
- Debian 10, OpenBSD 6.3, and Fedora 29 have been released and are now
tested regularly.
Witold Krecicki [Fri, 25 Jan 2019 09:45:27 +0000 (04:45 -0500)]
Merge branch 'wpk-atomic-counters-quota' into 'master'
Atomic counters and quota
See merge request isc-projects/bind9!1389
Witold Kręcicki [Fri, 25 Jan 2019 08:35:13 +0000 (09:35 +0100)]
CHANGES entry
Witold Kręcicki [Thu, 24 Jan 2019 11:05:29 +0000 (12:05 +0100)]
Make isc_counter use atomics instead of locks
Witold Kręcicki [Thu, 24 Jan 2019 11:01:11 +0000 (12:01 +0100)]
- Make isc_quota use atomics instead of locks
- Use getters for isc_quota parameters, make fields private
- Fix a potential data race with recursion clients limits logging
Witold Kręcicki [Mon, 21 Jan 2019 08:32:36 +0000 (09:32 +0100)]
Add atomic_store_relaxed and atomic_load_relaxed macros to isc/atomic.h, fix issues in isc/stdatomic.h
Evan Hunt [Fri, 25 Jan 2019 08:45:06 +0000 (03:45 -0500)]
Merge branch 'each-win32-test-list' into 'master'
fix win32 system tests
See merge request isc-projects/bind9!1381
Evan Hunt [Thu, 24 Jan 2019 18:11:25 +0000 (10:11 -0800)]
fix rrl test
strip CR characters before using awk/sed
Evan Hunt [Thu, 24 Jan 2019 17:42:30 +0000 (09:42 -0800)]
fix rpz test
- work around a CR newline problem
- use rndc to stop servers
Evan Hunt [Thu, 24 Jan 2019 17:21:35 +0000 (09:21 -0800)]
fix rpzrecurse test
use rndc to stop servers
Evan Hunt [Thu, 24 Jan 2019 06:57:49 +0000 (22:57 -0800)]
fix dnssec test
- work around CR issues
- use UTC for time comparisons
- use $DIFF instead of cmp
Evan Hunt [Thu, 24 Jan 2019 06:08:43 +0000 (22:08 -0800)]
fix legacy test
use rndc rather than signals to stop the server
Evan Hunt [Thu, 24 Jan 2019 06:00:00 +0000 (22:00 -0800)]
fix fetchlimit test
use TCP for the test queries in between UDP bursts; this avoids
congestion issues that interfered with the test on windows
Evan Hunt [Thu, 24 Jan 2019 05:02:03 +0000 (21:02 -0800)]
fix nsupdate test
rndc_reload was failing on windows
Evan Hunt [Thu, 24 Jan 2019 02:32:36 +0000 (18:32 -0800)]
fix sfcache test
use a lame server configuration to force SERVFAILs instead of killing ns2.
this prevents test failures that occurred due to a different behavior of
the netowrking stack in windows.
Evan Hunt [Wed, 23 Jan 2019 08:52:21 +0000 (00:52 -0800)]
fix rndc test
use regex instead of exact string matching to deal with CR at end of line
Evan Hunt [Wed, 23 Jan 2019 06:49:00 +0000 (22:49 -0800)]
fix statistics test
the active sockets test is supposed to be commented out on win32, but
only part of it was
Evan Hunt [Wed, 23 Jan 2019 06:46:16 +0000 (22:46 -0800)]
fix redirect test
strip CR characters before using sed
Evan Hunt [Wed, 23 Jan 2019 06:24:24 +0000 (22:24 -0800)]
fix notify test
test the average delay between notifies instead of the minimum delay;
this helps avoid unnecessary test failures on systems with bursty
network performance.
Evan Hunt [Wed, 23 Jan 2019 05:48:59 +0000 (21:48 -0800)]
fix masterformat test
use stop.pl instead of rndc to stop server
Evan Hunt [Wed, 23 Jan 2019 05:06:48 +0000 (21:06 -0800)]
fix inline test
use regex instead of exact string matching, to deal with CR at end of ine
Evan Hunt [Wed, 23 Jan 2019 04:34:19 +0000 (20:34 -0800)]
fix forward test
strip CR characters before using sed
Evan Hunt [Wed, 23 Jan 2019 01:53:57 +0000 (17:53 -0800)]
fix cookie test
strip CR characters before comparing files
Evan Hunt [Wed, 23 Jan 2019 00:23:49 +0000 (16:23 -0800)]
fix cds test
- use $PERL instead of perl
- use $DIFF instead of cmp for windows portability; cmp doesn't
handle CR characters properly
Evan Hunt [Tue, 22 Jan 2019 23:41:44 +0000 (15:41 -0800)]
fix addzone test
typographical error prevented reconfiguration
Evan Hunt [Wed, 23 Jan 2019 00:29:34 +0000 (16:29 -0800)]
use $DIFF instead of diff
Evan Hunt [Wed, 23 Jan 2019 09:04:54 +0000 (01:04 -0800)]
remove logfileconfig from test list
this test doesn't work on windows
Evan Hunt [Wed, 23 Jan 2019 00:52:56 +0000 (16:52 -0800)]
set and use SYSTEMTESTTOP consistently
Evan Hunt [Tue, 22 Jan 2019 23:20:59 +0000 (15:20 -0800)]
complete the set of tools available in windows tests
- dnssec-cds wasn't being built for windows
- nsec3hash was available, but the NSEC3HASH variable wasn't
set in conf.sh.win32
Evan Hunt [Thu, 24 Jan 2019 03:20:26 +0000 (19:20 -0800)]
more reliable method for killing "ans" servers on windows
as perl and python are both native to cygwin, we don't want to use
the "kill -f" option to terminate them.
Evan Hunt [Tue, 22 Jan 2019 22:31:26 +0000 (14:31 -0800)]
update ifconfig.bat with current test interfaces
the addresses set up in ifconfig.bat were out of sync with the
ones in ifconfig.sh
Evan Hunt [Tue, 22 Jan 2019 21:02:24 +0000 (13:02 -0800)]
update conf.sh.win32 test list
- the test lists in conf.sh.in and conf.sh.win32 were out of sync
Evan Hunt [Fri, 25 Jan 2019 07:53:48 +0000 (02:53 -0500)]
Merge branch '820-dig-return-a-non-zero-exit-code-for-failed-tcp-eof-retries' into 'master'
dig: return a non-zero exit code for failed TCP EOF retries
Closes #820
See merge request isc-projects/bind9!1358
Michał Kępień [Fri, 18 Jan 2019 10:15:19 +0000 (11:15 +0100)]
Add CHANGES entry
5144. [bug] dig now returns a non-zero exit code when a TCP
connection is prematurely closed by a peer more than
once for the same lookup. [GL #820]
Michał Kępień [Fri, 18 Jan 2019 10:15:19 +0000 (11:15 +0100)]
dig: return a non-zero exit code for failed TCP EOF retries
dig retries a TCP query when a server closes the connection prematurely.
However, dig's exit code remains unaffected even if the second attempt
to get a response also fails with the same error for the same lookup,
which should not be the case. Ensure the exit code is updated
appropriately when a retry triggered by a TCP EOF condition fails.
Evan Hunt [Thu, 24 Jan 2019 20:51:04 +0000 (15:51 -0500)]
Merge branch '560-dnssec-keymgr-root' into 'master'
improve handling of trailing dots in dnssec-keymgr and dnssec-coverage
Closes #560
See merge request isc-projects/bind9!1374
Evan Hunt [Mon, 21 Jan 2019 21:12:26 +0000 (13:12 -0800)]
improve handling of trailing dots in dnssec-keymgr and dnssec-coverage
- mishandling of trailing dots caused bad behavior with the
root zone or names like "example.com."
- fixing this exposed an error in dnssec-coverage caused the
wrong return value if there were KSK errors but no ZSK errors
- incidentally silenced the dnssec-keygen output in the coverage
system test
Evan Hunt [Thu, 24 Jan 2019 20:26:17 +0000 (15:26 -0500)]
Merge branch '323-cleanup-cfg' into 'master'
cleanup cfg_parse_buffer* functions
Closes #323
See merge request isc-projects/bind9!1377
Evan Hunt [Tue, 22 Jan 2019 04:03:45 +0000 (20:03 -0800)]
cleanup cfg_parse_buffer* functions
cfg_parse_buffer() now has the same signature as the former
cfg_parse_buffer4(). cfg_parse_buffer{2,3,4}() have been removed.
Evan Hunt [Thu, 24 Jan 2019 20:03:00 +0000 (15:03 -0500)]
Merge branch 'each-dead-code-cleanup' into 'master'
remove dead RPZ code
See merge request isc-projects/bind9!1392
Matthijs Mekking [Thu, 24 Jan 2019 10:41:43 +0000 (11:41 +0100)]
Remove dead code
Evan Hunt [Thu, 24 Jan 2019 19:57:03 +0000 (14:57 -0500)]
Merge branch '824-configure-nsip' into 'master'
remove --disable-rpz-nsip and --disable-rpz-nsdname from configure
Closes #824
See merge request isc-projects/bind9!1376
Evan Hunt [Tue, 22 Jan 2019 03:06:50 +0000 (19:06 -0800)]
remove --disable-rpz-nsip and --disable-rpz-nsdname from configure
Evan Hunt [Wed, 23 Jan 2019 19:12:21 +0000 (14:12 -0500)]
Merge branch 'each-set-magic-last' into 'master'
set the magic number at the end of dns_dt_create()
See merge request isc-projects/bind9!1383
Evan Hunt [Wed, 23 Jan 2019 18:48:25 +0000 (10:48 -0800)]
set the magic number at the end of dns_dt_create()
Evan Hunt [Wed, 23 Jan 2019 19:05:32 +0000 (14:05 -0500)]
Merge branch 'placeholder' into 'master'
placeholder
See merge request isc-projects/bind9!1385
Evan Hunt [Wed, 23 Jan 2019 19:05:03 +0000 (11:05 -0800)]
placeholder