Mark Andrews [Tue, 9 Jul 2024 01:59:39 +0000 (11:59 +1000)]
Prevent overflow of size
If size overflows we will have an infinite loop. In practice
this will not happen unless we have made a coding error. Add
an INSIST to detect this condition.
CID 498025: (#1 of 1): Overflowed constant (INTEGER_OVERFLOW)
overflow_const: Expression size, which is equal to 0, overflows the type that
receives it, an unsigned integer 32 bits wide.
192 size *= 2;
193 }
Mark Andrews [Fri, 2 Aug 2024 06:34:08 +0000 (06:34 +0000)]
fix: dev: Remove unnecessary operations
Decrementing optlen immediately before calling continue is unneccesary
and inconsistent with the rest of dns_message_pseudosectiontoyaml
and dns_message_pseudosectiontotext. Coverity was also reporting
an impossible false positive overflow of optlen (CID 499061).
Mark Andrews [Tue, 9 Jul 2024 00:29:30 +0000 (10:29 +1000)]
Remove unnecessary operations
Decrementing optlen immediately before calling continue is unneccesary
and inconsistent with the rest of dns_message_pseudosectiontoyaml
and dns_message_pseudosectiontotext. Coverity was also reporting
an impossible false positive overflow of optlen (CID 499061).
The minimum allowed value of 'resolver-query-timeout' was lowered to
301 milliseconds instead of the earlier 10000 milliseconds (which is the
default). As earlier, values less than or equal to 300 are converted to
seconds before applying the limit.
Closes #4320
Merge branch '4320-allow-shorter-resolver-query-timeout-configuration' into 'main'
Aram Sargsyan [Thu, 6 Jun 2024 19:58:57 +0000 (19:58 +0000)]
Update the resolver unit test
Before there was a gap from 301 to 9999 which would be converted
to 10000 and now there is no such gap.
This settimeout_belowmin test was checking the behavior of a value
in the gap. As there is now no gap left, the minimum is 301 and
anything below that is converted to seconds as before. In order
for this check to still test the "below minimum" behavior, change
the value from 9000 to 300.
Update the settimeout_overmax value test too so it logically aligns
with the minimum value test.
There are use cases for which shorter timeout values make sense.
For example if there is a load balancer which sets RD=1 and
forwards queries to a BIND resolver which is then configured to
talk to backend servers which are not visible in the public NS set.
WIth a shorter timeout value the frontend can give back SERVFAIL
early when backends are not available and the ultimate client will
not penalize the BIND-frontend for non-response.
Arаm Sаrgsyаn [Thu, 1 Aug 2024 16:54:45 +0000 (16:54 +0000)]
new: usr: implement rndc retransfer -force
A new optional argument '-force' has been added to the command channel
command 'rndc retransfer'. When it is specified, named aborts the
ongoing zone transfer (if there is one), and starts a new transfer.
Closes #2299
Merge branch '2299-implement-rndc-force-retransfer' into 'main'
Aram Sargsyan [Tue, 11 Jun 2024 12:26:08 +0000 (12:26 +0000)]
Test rndc retransfer -force
Use a big zone and the slow transfer mode. Initiate a retransfer, wait
several seconds, then initiate a retransfer using a '-force' argument,
which should cancel the previous transfer and start a new one.
Mark Andrews [Thu, 1 Aug 2024 06:40:17 +0000 (06:40 +0000)]
fix: usr: fix generation of 6to4-self name expansion from IPv4 address
The period between the most significant nibble of the encoded IPv4 address and the 2.0.0.2.IP6.ARPA suffix was missing resulting in the wrong name being checked. Add system test for 6to4-self implementation.
Closes #4766
Merge branch '4766-add-system-test-for-6to4-self' into 'main'
Mark Andrews [Wed, 5 Jun 2024 03:59:39 +0000 (13:59 +1000)]
Add missing period to generated IPv4 6to4 name
The period between the most significant nibble of the IPv4 address
and the 2.0.0.2.IP6.ARPA suffix was missing resulting in the wrong
name being checked.
Mark Andrews [Mon, 8 Jul 2024 04:00:14 +0000 (14:00 +1000)]
Fix yaml output
In yaml mode we emit a string for each question and record. Certain
names and data could result in invalid yaml being produced. Use single
quote string for all questions and records. This requires that single
quotes get converted to two quotes within the string.
Mark Andrews [Mon, 17 Jun 2024 13:16:28 +0000 (23:16 +1000)]
Properly reject zero length ALPN in commatxt_fromtext
ALPN are defined as 1*255OCTET in RFC 9460. commatxt_fromtext was not
rejecting invalid inputs produces by missing a level of escaping
which where later caught be dns_rdata_fromwire on reception.
These inputs should have been rejected
svcb in svcb 1 1.svcb alpn=\,abc
svcb1 in svcb 1 1.svcb alpn=a\,\,abc
and generated 00 03 61 62 63 and 01 61 00 02 61 62 63 respectively.
The correct inputs to include commas in the alpn requires double
escaping.
svcb in svcb 1 1.svcb alpn=\\,abc
svcb1 in svcb 1 1.svcb alpn=a\\,\\,abc
and generate 04 2C 61 62 63 and 06 61 2C 2C 61 62 63 respectively.
Aram Sargsyan [Thu, 6 Jun 2024 20:49:34 +0000 (20:49 +0000)]
Update the chain test
Update the CNAME chain test to correspond to the changed behavior,
because now named returns SERVFAIL when hitting the maximum query
restarts limit (e.g. happening when following a long CNAME chain).
In the current test auth will hit the limit and return partial data
with a SERVFAIL code, while the resolver will return no data with
a SERVFAIL code after auth returns SERVFAIL to it.
chg: test: Improve crypto support detection and algorithm selection in pytest
Ensure that the selected algorithms remains stable throughout the entire test session. Crypto support detection was rewritten to python and simplified.
Closes #4202
Closes #4422
Related #3810
Merge branch '4202-algorithm-detection-pytest' into 'main'
Nicki Křížek [Fri, 10 May 2024 11:10:14 +0000 (13:10 +0200)]
Initialize all environment variables when running isctest
Ensure all the variables are initialized when running the main function
of isctest module. This enables proper environment variables during test
script development when only conf.sh is sourced, rather than the script
being executed by the pytest runner.
Tom Krizek [Mon, 8 Jan 2024 11:54:19 +0000 (12:54 +0100)]
Rewrite testcrypto.sh into python
Run the crypto support checks when initializing the isctest package and
save those results in environment variable. This removes the need to
repeatedly check for crypto operation support, as it's not something
that would change at test runtime.
Tom Krizek [Thu, 4 Jan 2024 16:27:32 +0000 (17:27 +0100)]
Move test algorithm configuration to isctest
Instead of invoking get_algorithms.py script repeatedly (which may yield
different results), move the algorithm configuration to an isctest
module. This ensures the variables are consistent across the entire test
run.
Mark Andrews [Wed, 31 Jul 2024 08:48:51 +0000 (08:48 +0000)]
new: usr: add support for external log rotation tools
Add two mechanisms to close open log files. The first is `rndc closelogs`. The second is `kill -USR1 <pid>`.
They are intended to be used with external log rotation tools.
Closes #4780
Merge branch '4780-add-support-for-external-log-rotation-tools' into 'main'
Mark Andrews [Wed, 26 Jun 2024 00:47:47 +0000 (10:47 +1000)]
Configure SIGUSR1 to close log files
Some external log file rotation programs use signals to tell programs
to close log files. SIGHUP can be used to do this but it also does
a full reconfiguration. Configure named to accept SIGUSR1 as a
signal to close log files.
Mark Andrews [Tue, 9 Jul 2024 02:37:13 +0000 (12:37 +1000)]
Properly compute the physical memory size
On a 32 bit machine casting to size_t can still lead to an overflow.
Cast to uint64_t. Also detect all possible negative values for
pages and pagesize to silence warning about possible negative value.
39#if defined(_SC_PHYS_PAGES) && defined(_SC_PAGESIZE)
1. tainted_data_return: Called function sysconf(_SC_PHYS_PAGES),
and a possible return value may be less than zero.
2. assign: Assigning: pages = sysconf(_SC_PHYS_PAGES).
40 long pages = sysconf(_SC_PHYS_PAGES);
41 long pagesize = sysconf(_SC_PAGESIZE);
42
3. Condition pages == -1, taking false branch.
4. Condition pagesize == -1, taking false branch.
43 if (pages == -1 || pagesize == -1) {
44 return (0);
45 }
46
5. overflow: The expression (size_t)pages * pagesize might be negative,
but is used in a context that treats it as unsigned.
CID 498034: (#1 of 1): Overflowed return value (INTEGER_OVERFLOW)
6. return_overflow: (size_t)pages * pagesize, which might have underflowed,
is returned from the function.
47 return ((size_t)pages * pagesize);
48#endif /* if defined(_SC_PHYS_PAGES) && defined(_SC_PAGESIZE) */
Matthijs Mekking [Tue, 11 Jun 2024 11:08:30 +0000 (13:08 +0200)]
Fix intermittent test failure dnssec system test
The updatecheck-kskonly.secure zone is being used to test dynamic
updates while the KSK is offline. It ensures that the DNSKEY RRset
will retain the RRSIG record, while the updated data is being signed
with the currently active ZSK.
When walking through ZSK rollovers, ensure that the newest ZSK (ZSK3)
is published before doing the dynamic update, preventing timing
related test failures.
Also fix the test log line ($ZSK_ID3 was not yet created at the time
of logging).
Matthijs Mekking [Mon, 24 Jun 2024 13:14:16 +0000 (15:14 +0200)]
Update key lifetime and metadata after reconfig
If dnssec-policy is reconfigured and the key lifetime has changed,
update existing keys with the new lifetime and adjust the retire
and removed timing metadata accordingly.
If the key has no lifetime yet, just initialize the lifetime. It
may be that the retire/removed timing metadata has already been set.
Skip keys which goal is not set to omnipresent. These keys are already
in the progress of retiring, or still unused.
Use a single source of truth, the git log, to generate the list of CHANGES. Use the .rst format and include it in the ARM for a quick reference with proper gitlab links to issues and merge requests.
The files in contrib/ directory shouldn't be subject to our pylint
check. They can come from external sources and we don't subject these to
the same standards as the rest of the BIND9 code / scripts.
The configuration has been crafted to cater for BIND9 needs:
- Define actions that have an equivalent section in existing Release
Notes
- Assume the commits that have the necessary changelog makrup are merge
commits from GitLab and transform them into messages and proper links
- Put the resulting changelog into the proper place in
doc/arm/changelog.rst
- Have a separate configuration for changelog and release notes. Both of
these should be generated from the `git log`, with release notes being
subject to more scrutiny and further editing
The project hasn't seen any new development/changes since 2018 and it
seems unlikely we'd be able to get any changes into the upstream. Since
it's isolated into a single file and its task is fairly straighforward,
pull the code into our own repository and maintain it here as needed.
This also makes it easier to make any changes that are specific to our
project.
projects / thirdparty / bind9.git / log
