Ondřej Surý [Thu, 23 Mar 2023 22:52:26 +0000 (23:52 +0100)]
Convert stopping generic socket children to to isc_async callback
Simplify the stopping of the generic socket children by using the
isc_async API from the loopmgr instead of using the asychronous
netievent mechanism in the netmgr.
Ondřej Surý [Thu, 23 Mar 2023 22:47:33 +0000 (23:47 +0100)]
Convert setting of the TLS contexts to to isc_async callback
Simplify the setting of the TLS contexts by using the isc_async API
from the loopmgr instead of using the asychronous netievent mechanism in
the netmgr.
Ondřej Surý [Thu, 23 Mar 2023 22:34:12 +0000 (23:34 +0100)]
Convert canceling StreamDNS socket to to isc_async callback
Simplify the canceling of the StreamDNS socket by using the isc_async API
from the loopmgr instead of using the asychronous netievent mechanism in
the netmgr.
Ondřej Surý [Thu, 23 Mar 2023 22:30:32 +0000 (23:30 +0100)]
Convert reading from StreamDNS socket to to isc_async callback
Simplify the reading from the StreamDNS socket by using the isc_async API
from the loopmgr instead of using the asychronous netievent mechanism in
the netmgr.
Ondřej Surý [Thu, 23 Mar 2023 22:20:33 +0000 (23:20 +0100)]
Convert setting of the DoH endpoints to to isc_async callback
Simplify the setting of the DoH endpoints by using the isc_async API
from the loopmgr instead of using the asychronous netievent mechanism in
the netmgr.
Ondřej Surý [Thu, 23 Mar 2023 21:37:55 +0000 (22:37 +0100)]
Convert accepting new TCP connection to to isc_async callback
Simplify the acception the new TCP connection by using the isc_async API
from the loopmgr instead of using the asychronous netievent mechanism in
the netmgr.
Ondřej Surý [Thu, 23 Mar 2023 21:16:47 +0000 (22:16 +0100)]
Convert canceling UDP socket to to isc_async callback
Simplify the canceling of the UDP socket by using the isc_async API
from the loopmgr instead of using the asychronous netievent mechanism in
the netmgr.
Ondřej Surý [Thu, 23 Mar 2023 11:34:49 +0000 (12:34 +0100)]
Convert stopping TCP children to to isc_async callback
Simplify the stopping of the TCP children by using the isc_async API
from the loopmgr instead of using the asychronous netievent mechanism in
the netmgr.
Ondřej Surý [Thu, 23 Mar 2023 11:18:18 +0000 (12:18 +0100)]
Convert starting TCP children to to isc_async callback
Simplify the starting of the TCP children by using the isc_async API
from the loopmgr instead of using the asychronous netievent mechanism in
the netmgr.
Ondřej Surý [Thu, 23 Mar 2023 11:11:04 +0000 (12:11 +0100)]
Convert stopping UDP children to to isc_async callback
Simplify the stopping of the UDP children by using the isc_async API
from the loopmgr instead of using the asychronous netievent mechanism in
the netmgr.
Ondřej Surý [Thu, 23 Mar 2023 10:48:04 +0000 (11:48 +0100)]
Convert starting UDP children to to isc_async callback
Simplify the starting of the UDP children by using the isc_async API
from the loopmgr instead of using the asychronous netievent mechanism in
the netmgr.
Ondřej Surý [Thu, 23 Mar 2023 08:47:47 +0000 (09:47 +0100)]
Simplify netmgr active handles accounting
The active handles accounting was both using atomic counter and ISC_LIST
to keep track of active handles. Remove the atomic counter that was in
use before the ISC_LIST was added for better tracking of the handles
attached to the socket.
Ondřej Surý [Thu, 23 Mar 2023 07:55:29 +0000 (08:55 +0100)]
Convert netmgr handle detach to synchronous callback
Instead of calling isc__nmhandle_detach calling
nmhandle_detach_cb() asynchronously when there's closehandle_cb
initialized, convert the closehandle_cb to use isc_job, and make the
isc__nmhandle_detach() to be fully synchronous.
Ondřej Surý [Thu, 23 Mar 2023 05:56:17 +0000 (06:56 +0100)]
Convert netmgr connect, read and send callbacks to isc_job
The netmgr connect, read and send callbacks can now only be executed on
the same loop, convert it from asynchronous netievent queue event to
more direct isc_job.
Evan Hunt [Wed, 22 Mar 2023 22:01:30 +0000 (15:01 -0700)]
deprecate delegation-only and root-delegation only
These options and zone type were created to address the
SiteFinder controversy, in which certain TLD's redirected queries
rather than returning NXDOMAIN. since TLD's are now DNSSEC-signed,
this is no longer likely to be a problem.
The deprecation message for 'type delegation-only' is issued from
the configuration checker rather than the parser. therefore,
isccfg_check_namedconf() has been modified to take a 'nodeprecate'
parameter to suppress the warning when named-checkconf is used with
the command-line option to ignore warnings on deprecated options (-i).
Ondřej Surý [Thu, 23 Mar 2023 09:48:39 +0000 (10:48 +0100)]
Properly handle ISC_R_SHUTTINGDOWN in resquery_response()
When resquery_response() was called with ISC_R_SHUTTINDOWN, the region
argument would be NULL, but rctx_respinit() would try to pass
region->base and region->len to the isc_buffer_init() leading to
a NULL pointer dereference. Properly handle non-ISC_R_SUCCESS by
ignoring the provided region.
Tom Krizek [Mon, 13 Mar 2023 16:45:20 +0000 (17:45 +0100)]
Lighten the CI load during the dupsigs test
Previously, an AXFR request would be issued every second while waiting
for the zone to be signed. This might've been the cause of issues in CI
where many tests are running in parallel and any extra load may increase
test instability.
Instead, check for the last NSEC record to have a signature before
commencing the AXFR request to check the zone has been fully signed.
Also increase the time for the zone signing to a total of 60+10 seconds
up from the previous 30.
Tom Krizek [Mon, 13 Mar 2023 14:13:44 +0000 (15:13 +0100)]
Redirect dupsigs test output to proper logger
Ensure messages from dupsigs system test end up in its log rather than
stdout. Previously, the output was hard to debug when running the tests
in parallel and messages wouldn't end up in the dupsigs.log.
Aram Sargsyan [Tue, 21 Mar 2023 09:56:36 +0000 (09:56 +0000)]
Hold a catz reference while the update process is running
This should delay the catalog zone from being destroyed during
shutdown, if the update process is still running.
Doing this should not introduce significant shutdown delays, as
the update function constantly checks the 'shuttingdown' flag
and cancels the process if it is set.
Evan Hunt [Wed, 1 Mar 2023 02:29:38 +0000 (18:29 -0800)]
add basic test for TSIG key dump/restore functionality
stop and restart the server in the 'tsiggss' test, in order
to confirm that GSS negotiated TSIG keys are saved and restored
when named loads.
added logging to dns_tsigkey_createfromkey() to indicate whether
a key has been statically configured, generated via GSS negotiation,
or restored from a file.
Tom Krizek [Thu, 9 Mar 2023 12:33:31 +0000 (13:33 +0100)]
Use the default retention time for CI artifacts
The instance-wide GitLab CI artifact retention time was changed to 1 day
up from the previous value of 12 hours. Remove our explicit overrides
for 1 day artifact retention time, as it is the default now.
Previously, most of our jobs had overrides for 1 day retention, while
some of our jobs used the default 12 hours. This discrepancy could be
quite impractical at times.
Mark Andrews [Tue, 14 Mar 2023 02:13:14 +0000 (13:13 +1100)]
When signing with a new algorithm preserve NSEC/NSEC3 chains
If the zone already has existing NSEC/NSEC3 chains then zone_sign
needs to continue to use them. If there are no chains then use
kasp setting otherwise generate an NSEC chain.
Aram Sargsyan [Fri, 10 Mar 2023 11:07:13 +0000 (11:07 +0000)]
Improve dnstap system test reliability
The dnstap system test fails intermittently, and it appears to be
a timing issue - adding a short delay after running 'fstrm_capture',
and before running 'dnstap -reopen' improves the situation from
50% failures (5 out of 10 times) to 0% failures (0 out of 20 times),
tested locally.
The reason is that 'fstrm_capture' is executed in the background,
and due to OS scheduling and other factors, the listener socket
may not be ready when the following command runs and tells 'named'
to (re)open it.
Ondřej Surý [Sat, 11 Mar 2023 04:03:54 +0000 (05:03 +0100)]
Install liburcu-dev to GitHub Actions
The CodeQL and SonarCloud GitHub Actions would FTBFS because of missing
liburcu-dev package resulting. Install the required package to both
GitHub Action files.
Tony Finch [Wed, 8 Mar 2023 19:22:27 +0000 (19:22 +0000)]
CHANGES and release notes for [GL #3935]
[func] BIND now requires liburcu for lock-free data structures
and concurrent safe memory reclamation. It replaces the
home-grown lock-free linked list and QSBR machinery
added in changes 6108 and 6109. The qp-trie code has
been adjusted to use liburcu.
Ondřej Surý [Tue, 7 Mar 2023 14:13:03 +0000 (15:13 +0100)]
Build with liburcu, Userspace RCU
BIND needs a collection of standard lock-free data structures,
which we can find in liburcu, along with its RCU safe memory
reclamation machinery. We will use liburcu's QSBR variant instead
of the home-grown isc_qsbr.
Aram Sargsyan [Thu, 9 Mar 2023 21:38:04 +0000 (21:38 +0000)]
Fix ISC_REFCOUNT_TRACE_IMPL usage
ISC_REFCOUNT_TRACE_IMPL uses isc_tid(), but the corresponding header
file is not included, which breaks, for example, compiling BIND with
DNS_CATZ_TRACE defined in lib/dns/include/dns/catz.h.
Add '#include <isc/tid.h>' in lib/isc/include/isc/refcount.h.
Michal Nowak [Thu, 9 Mar 2023 10:10:53 +0000 (11:10 +0100)]
Drop parallel build from stress tests
BUILD_PARALLEL_JOBS environmental variable is set to 6, which does not
align well with 4 and 8 CPU core systems dedicated to CI "stress" tests.
When multiple parallel jobs run on the host, they compete for resources
with an undesirable result: 6 compiler processes of one job may starve
named, resulting in lower-than-expected throughput and minutes-long
query response latency spikes.
Better drop the build parallelism of BIND-under-test. About 1-2 minutes
are added to the 60-65 minutes long job duration.
Michal Nowak [Tue, 7 Mar 2023 18:42:19 +0000 (19:42 +0100)]
Adapt tarball comparison to dropped pregenerated man pages
Since pregenerated manual pages were removed from the BIND 9 repository,
Sphinx must be present in the build environment for manual pages to be
created and placed to release tarball. release-tarball-comparison.sh
script needs to be adapted to keep up with how to release tarballs are
prepared.
Aram Sargsyan [Tue, 7 Mar 2023 14:08:52 +0000 (14:08 +0000)]
Fix the placement of printing dig output comments in doth system test
There can be comments in dig output for a zone transfer only in case
of an error, so we should print those errors not when wait_for_tls_xfer
succeeds, but when it fails.
Also, there is no point in printing those comments when a failure was
indeed expected.
Michal Nowak [Tue, 28 Feb 2023 16:49:43 +0000 (17:49 +0100)]
Build BIND in stress test jobs with common CFLAGS
By omission, BIND was not built with common CFLAGS in the stress test
jobs. Building with common CFLAGS and -Og should help GDB produce a
backtrace with more information.
Mark Andrews [Wed, 8 Mar 2023 04:16:44 +0000 (15:16 +1100)]
Silence uninitialized value false positives
In base32_decode_char the GCC 12 static analyser fails to determine
that ctx->val[1], ctx->val[3], ctx->val[4] and ctx->val[6] are
assigned values by the previous call to base32_decode_char. Initialise
ctx->val to zeros when initalising the rest of ctx to silence the
false positive.
Mark Andrews [Wed, 8 Mar 2023 05:38:11 +0000 (16:38 +1100)]
Add additional contraints to dns_rdata_checksvcb
REQUIRE that rdata->type is dns_rdatatype_svcb to detect when
dns_rdata_checksvcb is called with the wrong rdata type. There are
no code paths that currently pass the wrong rdata to dns_rdata_checksvcb.
The serve-stale system test was intermittently failing due to a timing
issue:
I:serve-stale:check stale data.example TXT was refreshed...
I:serve-stale:failed
The RRset is refreshed, however, it first checks for an expected log
line, prior checking that the stale data.example TXT was refreshed
(using dig). This log line is there to ensure the record is actually
refreshed before we start querying again. Alternatively we could just
retry_quiet 10 <wait for dig output matches expectations>. It would
lower the chances for intermittent test failures, since there is no
longer a "check for log line, sleep one second if check fails, check
for log line, ...", prior to the check.
Rename and simplify dst__openssl_compare_keypair() to
dst__openssl_keypair_compare(), and introduce two additional functions
dst__openssl_keypair_isprivate and dst__openssl_keypair_destroy.
Use those to de-duplicated openssl{rsa,ecdsa}_isprivate, and
openssl{rsa,ecdsa}_destroy.
Evan Hunt [Tue, 28 Feb 2023 23:28:29 +0000 (15:28 -0800)]
further cleanup after removing diffie-hellman TKEY mode
without diffie-hellman TKEY negotiation, some other code is
now effectively dead or unnecessary, and can be cleaned up:
- the rndc tsig-list and tsig-delete commands.
- a nonoperational command-line option to dnssec-keygen that
was documented as being specific to DH.
- the section of the ARM that discussed TKEY/DH.
- the functions dns_tkey_builddeletequery(), processdeleteresponse(),
and tkey_processgssresponse(), which are unused.
Ondřej Surý [Tue, 28 Feb 2023 15:05:34 +0000 (16:05 +0100)]
Remove TKEY Mode 2 (Diffie-Hellman)
Completely remove the TKEY Mode 2 (Diffie-Hellman Exchanged Keying) from
BIND 9 (from named, named.conf and all the tools). The TKEY usage is
fringe at best and in all known cases, GSSAPI is being used as it should.
The draft-eastlake-dnsop-rfc2930bis-tkey specifies that:
4.2 Diffie-Hellman Exchanged Keying (Deprecated)
The use of this mode (#2) is NOT RECOMMENDED for the following two
reasons but the specification is still included in Appendix A in case
an implementation is needed for compatibility with old TKEY
implementations. See Section 4.6 on ECDH Exchanged Keying.
The mixing function used does not meet current cryptographic
standards because it uses MD5 [RFC6151].
RSA keys must be excessively long to achieve levels of security
required by current standards.
We might optionally implement Elliptic Curve Diffie-Hellman (ECDH) key
exchange mode 6 if the draft ever reaches the RFC status. Meanwhile the
insecure DH mode needs to be removed.
projects / thirdparty / bind9.git / log
