]> git.ipfire.org Git - thirdparty/bind9.git/log
thirdparty/bind9.git
7 years agoMerge branch '1093-dnstap-read-clear-buffer-before-expanding-it' into 'master'
Michał Kępień [Fri, 28 Jun 2019 11:08:35 +0000 (07:08 -0400)] 
Merge branch '1093-dnstap-read-clear-buffer-before-expanding-it' into 'master'

dnstap-read: clear buffer before expanding it

Closes #1093

See merge request isc-projects/bind9!2049

7 years agoAdd CHANGES entry
Michał Kępień [Fri, 28 Jun 2019 10:12:46 +0000 (12:12 +0200)] 
Add CHANGES entry

5260. [bug] dnstap-read was producing malformed output for large
packets. [GL #1093]

7 years agodnstap-read: clear buffer before expanding it
Michał Kępień [Fri, 28 Jun 2019 10:12:46 +0000 (12:12 +0200)] 
dnstap-read: clear buffer before expanding it

When printing a packet, dnstap-read checks whether its text form takes
up more than the 2048 bytes allocated for the output buffer by default.
If that is the case, the output buffer is automatically expanded, but
the truncated output is left in the buffer, resulting in malformed data
being printed.  Clear the output buffer before expanding it to prevent
this issue from occurring.

7 years agoMerge branch '1101-matthijs-checkconf-i' into 'master'
Matthijs Mekking [Fri, 28 Jun 2019 09:50:40 +0000 (05:50 -0400)] 
Merge branch '1101-matthijs-checkconf-i' into 'master'

named-checkconf -i: ignore deprecate warnings

Closes #1101

See merge request isc-projects/bind9!2079

7 years agonamed-checkconf -i: ignore deprecate warnings
Matthijs Mekking [Tue, 25 Jun 2019 07:41:51 +0000 (09:41 +0200)] 
named-checkconf -i: ignore deprecate warnings

Adds a new option to named-checkconf, -i.  If set, named-checkconf
will not warn you about deprecated options.  This allows people
to use named-checkconf in automated deployment precoesses where an
operator only cares if their conf is valid, even if it is not optimal.

This was added as a request as part of introducing a policy on
removing named.conf options.

7 years agoMerge branch 'each-missing-dbtype' into 'master'
Evan Hunt [Fri, 28 Jun 2019 03:41:05 +0000 (23:41 -0400)] 
Merge branch 'each-missing-dbtype' into 'master'

accidentally omitted region from valid dbtypes

See merge request isc-projects/bind9!2100

7 years agoaccidentally omitted region from valid dbtypes
Evan Hunt [Thu, 27 Jun 2019 23:38:21 +0000 (16:38 -0700)] 
accidentally omitted region from valid dbtypes

7 years agoMerge branch '182-geoip2-api' into 'master'
Evan Hunt [Thu, 27 Jun 2019 22:12:04 +0000 (18:12 -0400)] 
Merge branch '182-geoip2-api' into 'master'

Resolve "Update GeoIP support to new API (GeoLite2 from Maxmind)"

Closes #182

See merge request isc-projects/bind9!2031

7 years agoCHANGES, release note, README
Evan Hunt [Sun, 23 Jun 2019 03:41:43 +0000 (20:41 -0700)] 
CHANGES, release note, README

7 years agoupdate ARM documentation
Evan Hunt [Sun, 23 Jun 2019 03:57:08 +0000 (20:57 -0700)] 
update ARM documentation

7 years agoadd geoip2 system test
Evan Hunt [Sat, 22 Jun 2019 19:52:26 +0000 (12:52 -0700)] 
add geoip2 system test

7 years agoadd GeoIP2 lookups to unit test
Evan Hunt [Sun, 23 Jun 2019 06:45:59 +0000 (23:45 -0700)] 
add GeoIP2 lookups to unit test

7 years agoimplement searching of geoip2 database
Evan Hunt [Wed, 12 Jun 2019 03:32:21 +0000 (20:32 -0700)] 
implement searching of geoip2 database

- revise mapping of search terms to database types to match the
  GeoIP2 schemas.
- open GeoIP2 databases when starting up; close when shutting down.
- clarify the logged error message when an unknown database type
  is configured.
- add new geoip ACL subtypes to support searching for continent in
  country databases.
- map geoip ACL subtypes to specific MMDB database queries.
- perform MMDB lookups based on subtype, saving state between
  queries so repeated lookups for the same address aren't necessary.

7 years agoadd HAVE_GEOIP2 #ifdef branches, without implementing yet
Evan Hunt [Wed, 12 Jun 2019 01:36:52 +0000 (18:36 -0700)] 
add HAVE_GEOIP2 #ifdef branches, without implementing yet

7 years agoadd a search for GeoIP2 libraries in configure
Evan Hunt [Tue, 11 Jun 2019 22:59:31 +0000 (15:59 -0700)] 
add a search for GeoIP2 libraries in configure

- "--with-geoip" is used to enable the legacy GeoIP library.
- "--with-geoip2" is used to enable the new GeoIP2 library
  (libmaxminddb), and is on by default if the library is found.
- using both "--with-geoip" and "--with-geoip2" at the same time
  is an error.
- an attempt is made to determine the default GeoIP2 database path at
  compile time if pkg-config is able to report the module prefix. if
  this fails, it will be necessary to set the path in named.conf with
  geoip-directory
- Makefiles have been updated, and a stub lib/dns/geoip2.c has been
  added for the eventual GeoIP2 search implementation.

7 years agoMerge branch '1095-when-gnu-c-compiler-is-used-on-solaris-gnu-ld-must-be-used' into...
Ondřej Surý [Thu, 27 Jun 2019 11:29:13 +0000 (07:29 -0400)] 
Merge branch '1095-when-gnu-c-compiler-is-used-on-solaris-gnu-ld-must-be-used' into 'master'

Enforce usage -zrelax=transtls when GNU C Compiler is used on Solaris

Closes #1095

See merge request isc-projects/bind9!2053

7 years agoEnforce usage -zrelax=transtls when GNU C Compiler is used on Solaris
Ondřej Surý [Wed, 19 Jun 2019 09:21:36 +0000 (11:21 +0200)] 
Enforce usage -zrelax=transtls when GNU C Compiler is used on Solaris

When GNU C Compiler is used on Solaris (11), the Thread Local Storage
is completely broken.  The behaviour doesn't manifest when GNU ld is
used.  Thus, we need to enforce usage of GNU ld when GNU C Compiler is
the compiler of choice.

For more background for this change, see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90912

7 years agoMerge branch '1030-statistics-channel-fixes' into 'master'
Mark Andrews [Thu, 27 Jun 2019 03:20:16 +0000 (23:20 -0400)] 
Merge branch '1030-statistics-channel-fixes' into 'master'

Statistics Channel Fixes

Closes #1030

See merge request isc-projects/bind9!1945

7 years agoadd CHANGES
Mark Andrews [Thu, 16 May 2019 01:04:43 +0000 (11:04 +1000)] 
add CHANGES

7 years agocheck xsl vs xml
Mark Andrews [Mon, 20 May 2019 05:24:03 +0000 (15:24 +1000)] 
check xsl vs xml

7 years agoadd odd/even shading to the remaining tables
Evan Hunt [Wed, 26 Jun 2019 21:00:49 +0000 (14:00 -0700)] 
add odd/even shading to the remaining tables

7 years agoremove 'Configured Zones'; add even/odd to zone list
Mark Andrews [Thu, 16 May 2019 00:51:50 +0000 (10:51 +1000)] 
remove 'Configured Zones'; add even/odd to zone list

7 years agoFix ISC-Bugs 45340: Statschannel XSL for zones, Traffic
Timothe Litt [Tue, 14 May 2019 20:06:01 +0000 (16:06 -0400)] 
Fix ISC-Bugs 45340: Statschannel XSL for zones, Traffic

In ISC-Bugs 45340, I wrote:

The Statistics channel offers links to Zones and Traffic.
Both produce valid data, but display as blank pages with
a web browser.

Zones never had XSL (I provided the original
implementation, but punted on the XSL).

Traffic has XSL, but it wasn't updated to reflect the
split between IPv4 and IPv6 data.

I've picked up enough XSL to fix my original omission,
and as penance for my sloth, fixed the Traffic bug as well.

7 years agoMerge branch '1068-make-libxml2-library-usage-opaque-fixup' into 'master'
Ondřej Surý [Wed, 26 Jun 2019 16:41:48 +0000 (12:41 -0400)] 
Merge branch '1068-make-libxml2-library-usage-opaque-fixup' into 'master'

Fix printing whether libxml2 is used in the report part of configure.ac

Closes #1068

See merge request isc-projects/bind9!2088

7 years agoFix printing whether libxml2 is used in the report part of configure.ac
Ondřej Surý [Wed, 26 Jun 2019 10:53:35 +0000 (12:53 +0200)] 
Fix printing whether libxml2 is used in the report part of configure.ac

7 years agoMerge branch '1092-allow-priming-glue' into 'master'
Evan Hunt [Wed, 26 Jun 2019 16:15:00 +0000 (12:15 -0400)] 
Merge branch '1092-allow-priming-glue' into 'master'

allow glue in authoritative responses to root priming queries

Closes #1092

See merge request isc-projects/bind9!2045

7 years agoCHANGES, release note
Evan Hunt [Tue, 18 Jun 2019 02:13:59 +0000 (19:13 -0700)] 
CHANGES, release note

7 years agoadd system test to confirm glue is returned in priming queries
Evan Hunt [Tue, 18 Jun 2019 02:12:02 +0000 (19:12 -0700)] 
add system test to confirm glue is returned in priming queries

7 years agoallow glue in authoritative responses to root priming queries
Evan Hunt [Tue, 18 Jun 2019 00:11:00 +0000 (17:11 -0700)] 
allow glue in authoritative responses to root priming queries

- when processing authoritative queries for ./NS, set 'gluedb' so
  that glue will be included in the response, regardless of how
  'minimal-responses' has been configured.

7 years agoMerge branch '1109-inline-reload-error' into 'master'
Evan Hunt [Wed, 26 Jun 2019 15:45:13 +0000 (11:45 -0400)] 
Merge branch '1109-inline-reload-error' into 'master'

don't overwrite the dns_master_loadfile() result before calling zone_postload()

Closes #1109

See merge request isc-projects/bind9!2084

7 years agoCHANGES
Evan Hunt [Wed, 26 Jun 2019 02:42:46 +0000 (19:42 -0700)] 
CHANGES

7 years agoadd a test that reloading errors are not ignored
Evan Hunt [Wed, 26 Jun 2019 01:59:47 +0000 (18:59 -0700)] 
add a test that reloading errors are not ignored

7 years agodon't overwrite the dns_master_loadfile() result before calling zone_postload()
Evan Hunt [Wed, 26 Jun 2019 00:53:32 +0000 (17:53 -0700)] 
don't overwrite the dns_master_loadfile() result before calling zone_postload()

if "rndc reload" fails, the result code is supposed to be passed to
zone_postload, but for inline-signing zones, the result can be
overwritten first by a call to the ZONE_TRYLOCK macro. this can lead
to the partially-loaded unsigned zone being synced over to the signed
zone instead of being rejected.

7 years agoMerge branch 'michal/prevent-idna-test-failures-with-libidn2-2.2.0' into 'master'
Michał Kępień [Wed, 26 Jun 2019 13:00:52 +0000 (09:00 -0400)] 
Merge branch 'michal/prevent-idna-test-failures-with-libidn2-2.2.0' into 'master'

Prevent "idna" test failures with libidn2 2.2.0+

See merge request isc-projects/bind9!2089

7 years agoPrevent "idna" test failures with libidn2 2.2.0+
Michał Kępień [Wed, 26 Jun 2019 12:20:17 +0000 (14:20 +0200)] 
Prevent "idna" test failures with libidn2 2.2.0+

libidn2 2.2.0+ parses Punycode more strictly than older versions and
thus "dig +idnin +noidnout xn--19g" fails with libidn2 2.2.0+ but
succeeds with older versions.

We could preserve the old behavior by using the IDN2_NO_ALABEL_ROUNDTRIP
flag available in libidn2 2.2.0+, but:

  - this change in behavior is considered a libidn2 bug fix [1],
  - we want to make sure dig behaves as expected, not libidn2,
  - implementing that would require additional configure.ac cruft.

Removing the problematic check appears to be the simplest solution as it
does not prevent the relevant block of checks in the "idna" system test
from achieving its purpose, i.e. ensuring dig properly handles invalid
U-labels.

[1] see upstream commit 241e8f486134793cb0f4a5b0e5817a97883401f5

7 years agoMerge branch '1108-include-stdlib.h-in-lib-dns-dnsrps.c' into 'master'
Michał Kępień [Wed, 26 Jun 2019 09:06:54 +0000 (05:06 -0400)] 
Merge branch '1108-include-stdlib.h-in-lib-dns-dnsrps.c' into 'master'

Include <stdlib.h> in lib/dns/dnsrps.c

Closes #1108

See merge request isc-projects/bind9!2085

7 years agoInclude <stdlib.h> in lib/dns/dnsrps.c
Michał Kępień [Wed, 26 Jun 2019 06:37:31 +0000 (08:37 +0200)] 
Include <stdlib.h> in lib/dns/dnsrps.c

Since commit 0771dd3be8bad18f669de978f3be5e08cf2dbd6e, <isc/mem.h> no
longer includes <isc/xml.h>.  On some systems (e.g. FreeBSD), this means
that no header included by lib/dns/dnsrps.c (and no header included by
those headers) contains a definition of free() any more, which triggers
a compiler warning as lib/dns/dnsrps.c calls that function.  Add the
missing #include directive to prevent that warning from being triggered.

7 years agoMerge branch 'michal/remove-nonexistent-function-from-libdns.def.in' into 'master'
Michał Kępień [Wed, 26 Jun 2019 05:53:10 +0000 (01:53 -0400)] 
Merge branch 'michal/remove-nonexistent-function-from-libdns.def.in' into 'master'

Remove nonexistent function from libdns.def.in

See merge request isc-projects/bind9!2083

7 years agoRemove nonexistent function from libdns.def.in
Michał Kępień [Tue, 25 Jun 2019 20:27:01 +0000 (22:27 +0200)] 
Remove nonexistent function from libdns.def.in

No function called dns_dnssecsignstats_decrement() actually exists.
Putting it into lib/dns/win32/libdns.def.in breaks at least some Windows
builds.  Remove the nonexistent function from that file.

7 years agoMerge branch 'michal/wait-for-outgoing-transfer-statistics-to-be-logged' into 'master'
Michał Kępień [Tue, 25 Jun 2019 20:15:19 +0000 (16:15 -0400)] 
Merge branch 'michal/wait-for-outgoing-transfer-statistics-to-be-logged' into 'master'

Wait for outgoing transfer statistics to be logged

See merge request isc-projects/bind9!2081

7 years agoWait for outgoing transfer statistics to be logged
Michał Kępień [Tue, 25 Jun 2019 12:30:16 +0000 (14:30 +0200)] 
Wait for outgoing transfer statistics to be logged

Since the message confirming outgoing transfer completion is logged
asynchronously, it may happen that transfer statistics may not yet be
logged by the time the dig command triggering a given transfer returns.
This causes false positives for the "ixfr" and "xfer" system tests.
Prevent this from happening by checking outgoing transfer statistics up
to 10 times, in 1-second intervals.

7 years agoMerge branch '4-rename-OPENSSL_INCLUDES-to-OPENSSL_CFLAGS' into 'master'
Ondřej Surý [Tue, 25 Jun 2019 11:10:08 +0000 (07:10 -0400)] 
Merge branch '4-rename-OPENSSL_INCLUDES-to-OPENSSL_CFLAGS' into 'master'

Rename OPENSSL_INCLUDES to OPENSSL_CFLAGS in AX_CHECK_OPENSSL() macro

See merge request isc-projects/bind9!2073

7 years agoRename OPENSSL_INCLUDES to OPENSSL_CFLAGS in AX_CHECK_OPENSSL() macro
Ondřej Surý [Mon, 24 Jun 2019 12:06:56 +0000 (14:06 +0200)] 
Rename OPENSSL_INCLUDES to OPENSSL_CFLAGS in AX_CHECK_OPENSSL() macro

The ax_check_openssl m4 macro used OPENSSL_INCLUDES.  Rename the
subst variable to OPENSSL_CFLAGS and wrap AX_CHECK_OPENSSL() in
action-if-not-found part of PKG_CHECK_MODULE check for libcrypto.

7 years agoMerge branch '1068-make-libxml2-library-usage-opaque' into 'master'
Ondřej Surý [Tue, 25 Jun 2019 10:23:15 +0000 (06:23 -0400)] 
Merge branch '1068-make-libxml2-library-usage-opaque' into 'master'

Make the usage of json-c and libxml2 libraries opaque to the caller

Closes #1104 and #1068

See merge request isc-projects/bind9!2074

7 years agoExplicitly enable --with-libxml2 and --with-json-c to test whether pkg-config way...
Ondřej Surý [Tue, 25 Jun 2019 09:39:18 +0000 (11:39 +0200)] 
Explicitly enable --with-libxml2 and --with-json-c to test whether pkg-config way works

7 years agoMake the usage of json-c objects opaque to the caller
Ondřej Surý [Mon, 24 Jun 2019 10:21:47 +0000 (12:21 +0200)] 
Make the usage of json-c objects opaque to the caller

The json-c have previously leaked into the global namespace leading
to forced -I<include_path> for every compilation unit using isc/xml.h
header.  This MR fixes the usage making the caller object opaque.

7 years agoMake the usage of libxml2 opaque to the caller
Ondřej Surý [Mon, 24 Jun 2019 12:25:55 +0000 (14:25 +0200)] 
Make the usage of libxml2 opaque to the caller

The libxml2 have previously leaked into the global namespace leading
to forced -I<include_path> for every compilation unit using isc/xml.h
header.  This MR fixes the usage making the caller object opaque.

7 years agoMerge branch '513-matthijs-dnssec-sign-stats' into 'master'
Matthijs Mekking [Tue, 25 Jun 2019 09:59:28 +0000 (05:59 -0400)] 
Merge branch '513-matthijs-dnssec-sign-stats' into 'master'

Resolve "New metrics to report DNSSEC signing operations and IXFRs [ISC-support #13431]"

Closes #513

See merge request isc-projects/bind9!2067

7 years agoDNSSEC sign metrics: CHANGES, doc, release note
Matthijs Mekking [Fri, 21 Jun 2019 09:11:25 +0000 (11:11 +0200)] 
DNSSEC sign metrics: CHANGES, doc, release note

Add some information about the new statistic-channel DNS sign
metrics. Also add a CHANGES and release note entry.

7 years agoAlso collect DNSSEC refresh signature statistics
Matthijs Mekking [Fri, 21 Jun 2019 08:30:05 +0000 (10:30 +0200)] 
Also collect DNSSEC refresh signature statistics

In addition to gather how many times signatures are created per
key in a zone, also count how many of those signature creations are
because of DNSSEC maintenance.  These maintenance counters are
incremented if a signature is refreshed (but the RRset did not
changed), when the DNSKEY RRset is changed, and when that leads
to additional RRset / RRSIG updates (for example SOA, NSEC).

7 years agoAdd tests for DNSSEC sign statistics
Matthijs Mekking [Thu, 20 Jun 2019 11:10:33 +0000 (13:10 +0200)] 
Add tests for DNSSEC sign statistics

This adds tests to the statschannel system test for testing if
the dnskey sign operation counters are incremented correctly.

It tests three cases:

1. A zone maintenance event where all the signatures that are about
   to expire are resigned.
2. A dynamic update event where the new RR and other relevant records
   (SOA, NSEC) are resigned.
3. Adding a standby key, that means the DNSKEY and SOA RRset are
   resigned.

7 years agoUpdate dnskey sign operations statistics
Matthijs Mekking [Thu, 20 Jun 2019 11:06:04 +0000 (13:06 +0200)] 
Update dnskey sign operations statistics

Update per key tag the stats counter when it creates a new signature.
This can happen upon a dynamic update, or when doing DNSSEC
maintenance.

7 years agoAdd DNSSEC sign operations statistics channel
Matthijs Mekking [Wed, 19 Jun 2019 14:02:50 +0000 (16:02 +0200)] 
Add DNSSEC sign operations statistics channel

Add a new statistics structure to record how many sign operations
a key has made within a zone.

7 years agoMerge branch 'marka-silence-unchecked-return' into 'master'
Mark Andrews [Tue, 25 Jun 2019 00:13:24 +0000 (20:13 -0400)] 
Merge branch 'marka-silence-unchecked-return' into 'master'

silence unchecked return

See merge request isc-projects/bind9!2039

7 years agosilence unchecked return
Mark Andrews [Fri, 14 Jun 2019 07:05:55 +0000 (17:05 +1000)] 
silence unchecked return

7 years agoMerge branch '1098-compile-failure-on-9-11-8-master' into 'master'
Mark Andrews [Mon, 24 Jun 2019 23:48:34 +0000 (19:48 -0400)] 
Merge branch '1098-compile-failure-on-9-11-8-master' into 'master'

Resolve "Compile failure on 9.11.8"

See merge request isc-projects/bind9!2075

7 years agoadd CHANGES
Mark Andrews [Mon, 24 Jun 2019 23:44:07 +0000 (09:44 +1000)] 
add CHANGES

(cherry picked from commit 5c23623094ed83bd38d67e9b12552f4622b26ec4)

7 years agodefine ULLONG_MAX if not already defined
Mark Andrews [Thu, 20 Jun 2019 05:29:20 +0000 (15:29 +1000)] 
define ULLONG_MAX if not already defined

(cherry picked from commit 4110b9184da5660372342d620700436abac25c52)

7 years agoMerge branch 'u/fanf2/rndc-missing-newline' into 'master'
Evan Hunt [Mon, 24 Jun 2019 19:35:00 +0000 (15:35 -0400)] 
Merge branch 'u/fanf2/rndc-missing-newline' into 'master'

When a server reload fails, print a note in `rndc status`.

See merge request isc-projects/bind9!2040

7 years agoadd CHANGES
Mark Andrews [Thu, 20 Jun 2019 04:37:54 +0000 (14:37 +1000)] 
add CHANGES

7 years agoWhen a server reload fails, print a note in `rndc status`.
Tony Finch [Fri, 14 Jun 2019 10:14:00 +0000 (11:14 +0100)] 
When a server reload fails, print a note in `rndc status`.

After a failed reload I noticed two problems:

* There was a missing newline in the output of `rndc status` so it
  finished "reload/reconfig in progressserver is up and running"
* The "reconfig in progress" note should have said "reconfig failed"

7 years agoMerge branch 'marka-wait-for-zones-to-load' into 'master'
Mark Andrews [Mon, 24 Jun 2019 01:54:57 +0000 (21:54 -0400)] 
Merge branch 'marka-wait-for-zones-to-load' into 'master'

wait for zones to load

See merge request isc-projects/bind9!2027

7 years agowait for zones to load
Mark Andrews [Tue, 11 Jun 2019 07:42:35 +0000 (17:42 +1000)] 
wait for zones to load

7 years agoMerge branch '4-remove-libbind-from-configure' into 'master'
Ondřej Surý [Fri, 21 Jun 2019 17:16:59 +0000 (13:16 -0400)] 
Merge branch '4-remove-libbind-from-configure' into 'master'

Remove the noop warning when using --with-libbind from configure.ac

See merge request isc-projects/bind9!2069

7 years agoRemove the noop warning when using --with-libbind from configure.ac
Ondřej Surý [Fri, 21 Jun 2019 16:52:31 +0000 (18:52 +0200)] 
Remove the noop warning when using --with-libbind from configure.ac

The configure option --with-libbind was already obsolete, this MR
just removes the warning from configure.ac.

7 years agoMerge branch '658-dont-override-default-sysconfdir' into 'master'
Ondřej Surý [Fri, 21 Jun 2019 17:01:03 +0000 (13:01 -0400)] 
Merge branch '658-dont-override-default-sysconfdir' into 'master'

Get rid of overriding default --sysconfdir and --localstatedir autoconf options

Closes #658

See merge request isc-projects/bind9!1455

7 years agoGet rid of overriding default --sysconfdir and --localstatedir autoconf options
Ondřej Surý [Tue, 5 Feb 2019 14:14:21 +0000 (15:14 +0100)] 
Get rid of overriding default --sysconfdir and --localstatedir autoconf options

Previously the autoconf script set sysconfdir to /etc and localstatedir to /var
if they were not explicitly set in the ./configure invocation.  This MR reverts
the override and make it more in line with default and generally expected
autoconf behavior.

7 years agoMerge branch '4-autoreconf-and-maintainer-mode' into 'master'
Ondřej Surý [Fri, 21 Jun 2019 08:55:49 +0000 (04:55 -0400)] 
Merge branch '4-autoreconf-and-maintainer-mode' into 'master'

Add AM_MAINTAINER_MODE to autoconf.ac and re-generate configure in precheck CI step

See merge request isc-projects/bind9!2056

7 years agoRun autoreconf -fi in precheck phase and disable maintainer mode in build jobs
Ondřej Surý [Wed, 19 Jun 2019 12:30:32 +0000 (14:30 +0200)] 
Run autoreconf -fi in precheck phase and disable maintainer mode in build jobs

7 years agoAdd AM_MAINTAINER_MODE macro to configure.ac and enable it by default
Ondřej Surý [Wed, 19 Jun 2019 12:26:49 +0000 (14:26 +0200)] 
Add AM_MAINTAINER_MODE macro to configure.ac and enable it by default

AM_MAINTAINER_MODE macro adds ability to disable rebuilding build file
(Makefile.in, configure, ...) when the source file changes.  This is
important in the CI where the timestamps could get skewed and that
triggers the rebuild on every ./configure run.

7 years agoMerge branch 'ondrej/unify-unix-and-win32-app.c' into 'master'
Ondřej Surý [Fri, 21 Jun 2019 08:36:45 +0000 (04:36 -0400)] 
Merge branch 'ondrej/unify-unix-and-win32-app.c' into 'master'

Merge unix/app.c and win32/app.c

See merge request isc-projects/bind9!1970

7 years agoStop requiring same memory ordering in win32 atomic_compare_exchange functions
Ondřej Surý [Thu, 20 Jun 2019 16:51:36 +0000 (18:51 +0200)] 
Stop requiring same memory ordering in win32 atomic_compare_exchange functions

7 years agoisc_app_reload doesn't return value, don't use return() there
Ondřej Surý [Wed, 29 May 2019 11:37:10 +0000 (13:37 +0200)] 
isc_app_reload doesn't return value, don't use return() there

7 years agoMerge unix/app.c and win32/app.c
Ondřej Surý [Tue, 28 May 2019 21:15:38 +0000 (23:15 +0200)] 
Merge unix/app.c and win32/app.c

The differences between two files are very minimal and most of the
code is common.  Merge those two files and use #ifdef WIN32 to include
the right bits on Windows.

7 years agoMerge branch '1081-fix-statistics-in-x86-windows-builds' into 'master'
Ondřej Surý [Thu, 20 Jun 2019 16:07:28 +0000 (12:07 -0400)] 
Merge branch '1081-fix-statistics-in-x86-windows-builds' into 'master'

Fix statistics in x86 Windows builds

Closes #1081

See merge request isc-projects/bind9!2025

7 years agoAdd CHANGES entry
Michał Kępień [Fri, 7 Jun 2019 13:21:43 +0000 (15:21 +0200)] 
Add CHANGES entry

5249. [bug] Statistics were broken in x86 Windows builds.
[GL #1081]

7 years agoFix statistics for x86 Windows builds
Michał Kępień [Fri, 7 Jun 2019 13:21:43 +0000 (15:21 +0200)] 
Fix statistics for x86 Windows builds

Using atomic_int_fast64_t variables with atomic functions on x86 does
not cause Visual Studio to report build errors, but such operations
yield useless results.  Since the isc_stat_t type is unconditionally
typedef'd to atomic_int_fast64_t, any code performing atomic operations
on isc_stat_t variables is broken in x86 Windows builds.  Fix by using
the atomic_int_fast32_t type for isc_stat_t in x86 Windows builds.

7 years agoMerge branch '1094-bump-clientinfomethods-version' into 'master'
Ondřej Surý [Thu, 20 Jun 2019 11:12:59 +0000 (07:12 -0400)] 
Merge branch '1094-bump-clientinfomethods-version' into 'master'

Bump DNS_CLIENTINFOMETHODS VERSION and AGE

Closes #1094

See merge request isc-projects/bind9!2051

7 years agoBump DNS_CLIENTINFOMETHODS_VERSION/_AGE to 2/1 in clientinfo.h
Brian Conry [Tue, 18 Jun 2019 19:37:20 +0000 (14:37 -0500)] 
Bump DNS_CLIENTINFOMETHODS_VERSION/_AGE to 2/1 in clientinfo.h

BIND 9.11.0 has bumped DNS_CLIENTINFOMETHODS_VERSION and _AGE to
version 2 and 1 in the dlz_minimal.h because a member was addet to the
dnsclientinfo struct.  It was found out that the new member is not
used anywhere and there are no accessor functions therefore the change
was reverted.

Later on, it was found out that the revert caused some problems to the
users of BIND 9, and thus this changes takes a different approach by
syncing the values other way around.

7 years agoRevert "Downgrade the dns_clientinfomethod structure to the version in lib/dns/client...
Ondřej Surý [Thu, 20 Jun 2019 10:39:34 +0000 (12:39 +0200)] 
Revert "Downgrade the dns_clientinfomethod structure to the version in lib/dns/clientinfo.c"

This reverts commit a6f09b2255e323d8c49306ef0af6b4f7565baa61.

7 years agoMerge branch 'u/fanf2/rsa-1024-delenda-est' into 'master' 2064/head
Evan Hunt [Thu, 20 Jun 2019 03:31:48 +0000 (23:31 -0400)] 
Merge branch 'u/fanf2/rsa-1024-delenda-est' into 'master'

Use 2048 bits as the default ZSK RSA key size in dnssec-keygen

Closes #1097

See merge request isc-projects/bind9!2055

7 years agoCHANGES
Evan Hunt [Thu, 20 Jun 2019 02:45:06 +0000 (19:45 -0700)] 
CHANGES

7 years agoUse 2048 bits as the default ZSK RSA key size in dnssec-keygen
Tony Finch [Wed, 19 Jun 2019 10:31:43 +0000 (11:31 +0100)] 
Use 2048 bits as the default ZSK RSA key size in dnssec-keygen

7 years agoMerge branch 'security-master' into 'master'
Evan Hunt [Wed, 19 Jun 2019 23:14:43 +0000 (19:14 -0400)] 
Merge branch 'security-master' into 'master'

merge security-master

See merge request isc-projects/bind9!2061

7 years agoMerge branch 'prep-release' into security-master
Tinderbox User [Tue, 11 Jun 2019 07:33:50 +0000 (07:33 +0000)] 
Merge branch 'prep-release' into security-master

7 years agoprep 9.15.1
Tinderbox User [Mon, 3 Jun 2019 19:29:39 +0000 (19:29 +0000)] 
prep 9.15.1

7 years agoMerge branch '942-security-move-test-inside-lock' into security-master
Evan Hunt [Wed, 29 May 2019 05:14:11 +0000 (22:14 -0700)] 
Merge branch '942-security-move-test-inside-lock' into security-master

7 years agoCHANGES, release note
Evan Hunt [Thu, 9 May 2019 17:53:18 +0000 (10:53 -0700)] 
CHANGES, release note

7 years agomove item_out test inside lock in dns_dispatch_getnext()
Mark Andrews [Tue, 19 Mar 2019 03:14:21 +0000 (14:14 +1100)] 
move item_out test inside lock in dns_dispatch_getnext()

7 years agoMerge branch '161-fix-symbol-ordering-in-dns-update_test.c' into 'master'
Ondřej Surý [Wed, 19 Jun 2019 12:13:27 +0000 (08:13 -0400)] 
Merge branch '161-fix-symbol-ordering-in-dns-update_test.c' into 'master'

Fix lib/dns/tests/update_test spurious errors on macOS

Closes #161

See merge request isc-projects/bind9!2050

7 years agoRename mctx in dnstest.c to dt_mctx to prevent any global/local name clashes
Ondřej Surý [Tue, 18 Jun 2019 13:01:43 +0000 (15:01 +0200)] 
Rename mctx in dnstest.c to dt_mctx to prevent any global/local name clashes

The common construct seen in the BIND 9 source is func(isc_mem_t *mctx, ...).
Unfortunately, the dnstest.{h,c} has been using mctx as a global symbol, which
in turn generated a lot of errors when update.c got included in update_test.c.

As a rule of thumb, we should avoid naming global symbols with generic names
(like mctx) and we should prefix them with "namespace" (like dt_mctx).

7 years agoMake CHECK() macro local by moving it from dnstest.h to respective .c files
Ondřej Surý [Tue, 18 Jun 2019 12:56:41 +0000 (14:56 +0200)] 
Make CHECK() macro local by moving it from dnstest.h to respective .c files

The CHECK() macro has been defined both in dnstest.h and update.c
files.  This has created a conflict between macro definitions when
including both of the files in update_test.c.  While the CHECK() macro
is convenient for the tests, it has been really used in just two
files, so the MR moves them into those respective .c files.

7 years agoFix spurious lib/dns/tests/update_test errors on macOS
Ondřej Surý [Tue, 18 Jun 2019 12:48:00 +0000 (14:48 +0200)] 
Fix spurious lib/dns/tests/update_test errors on macOS

lib/dns/tests/update_test was failing on macOS on random occasions.  It
turned out this was a linker problem - it preferred isc_stdtime_get()
from libisc instead of the local version in lib/dns/tests/update_test.c.

Fix by including the original .c file in the unit test.  This has two
benefits:

 a) linking order may no longer cause issues as symbols found in the
    same compilation unit are always preferred,

 b) it allows writing tests for static functions in lib/dns/update.c.

7 years agoMerge branch 'ondrej/autoconf-use-more-convenience-macros-from-autoconf-archive'...
Ondřej Surý [Wed, 19 Jun 2019 11:21:10 +0000 (07:21 -0400)] 
Merge branch 'ondrej/autoconf-use-more-convenience-macros-from-autoconf-archive' into 'master'

Use couple more autoconf convenience macros to cleanup configure.ac

See merge request isc-projects/bind9!2054

7 years agoUse couple more autoconf convenience macros to cleanup configure.ac
Ondřej Surý [Wed, 19 Jun 2019 09:16:47 +0000 (11:16 +0200)] 
Use couple more autoconf convenience macros to cleanup configure.ac

Pull and use several autoconf archive convenience macros to simplify
configure.ac.

* AX_CHECK_COMPILE_FLAG(FLAG, ...) - check whether given CFLAG works
* AX_CHECK_LINK_FLAG(FLAG, ...) - check whether given LDFLAG works
* AX_CHECK_PREPROC_FLAG(FLAG, ...) - check whether give CPPFLAG works
* AX_SAVE_FLAGS/AX_RESTORE_FLAGS - save and restore *FLAGS

7 years agoMerge branch '1088-always-fail-a-system-test-if-crashes-are-detected' into 'master'
Michał Kępień [Tue, 18 Jun 2019 07:55:20 +0000 (03:55 -0400)] 
Merge branch '1088-always-fail-a-system-test-if-crashes-are-detected' into 'master'

Always fail a system test if crashes are detected

Closes #1088

See merge request isc-projects/bind9!2041

7 years agoAlways fail a system test if crashes are detected
Michał Kępień [Tue, 18 Jun 2019 07:14:07 +0000 (09:14 +0200)] 
Always fail a system test if crashes are detected

In certain situations (e.g. a named instance crashing upon shutdown in a
system test which involves shutting down a server and restarting it
afterwards), a system test may succeed despite a named crash being
triggered.  This must never be the case.  Extend run.sh to mark a test
as failed if core dumps or log lines indicating assertion failures are
detected (the latter is only an extra measure aimed at test environments
in which core dumps are not generated; note that some types of crashes,
e.g. segmentation faults, will not be detected using this method alone).

7 years agoMerge branch 'michal/fix-transfer-statistics-extraction' into 'master'
Michał Kępień [Tue, 18 Jun 2019 07:12:53 +0000 (03:12 -0400)] 
Merge branch 'michal/fix-transfer-statistics-extraction' into 'master'

Fix transfer statistics extraction

See merge request isc-projects/bind9!2038

7 years agoFix transfer statistics extraction
Michał Kępień [Tue, 18 Jun 2019 06:51:50 +0000 (08:51 +0200)] 
Fix transfer statistics extraction

Make the get_named_xfer_stats() helper shell function more precise in
order to prevent it from matching the wrong lines as that may trigger
false positives for the "ixfr" and "xfer" system tests.  As an example,
the regular expression responsible for extracting the number of bytes
transmitted throughout an entire zone transfer could also match a line
containing the following string:

    transfer of '<zone-name>/IN': sending TCP message of <integer> bytes

However, such a line is not one summarizing a zone transfer.

Also simplify both get_dig_xfer_stats() and get_named_xfer_stats() by
eliminating the need for "echo" statements in them.

7 years agoMerge branch 'marka-cleanup-builtin-config' into 'master'
Mark Andrews [Mon, 17 Jun 2019 13:35:58 +0000 (09:35 -0400)] 
Merge branch 'marka-cleanup-builtin-config' into 'master'

remove geoip-use-ecs from default config

See merge request isc-projects/bind9!2032