ipreg/bind9.git
4 weeks agoUpdate repub branch u/fanf2/patch to rebasing branch u/fanf2/rebasing revision v9_15_... u/fanf2/patch
Tony Finch [Thu, 20 Jun 2019 12:10:34 +0000 (13:10 +0100)]
Update repub branch u/fanf2/patch to rebasing branch u/fanf2/rebasing revision v9_15_0-196-g76bc2022aa

git repub --rw u/fanf2/rebasing --ff u/fanf2/patch # v9_15_0-196-g76bc2022aa

4 weeks agorecolver: extra qmin logging
Tony Finch [Mon, 29 Apr 2019 12:56:50 +0000 (13:56 +0100)]
recolver: extra qmin logging

4 weeks agodnssec-settime: round-trip support for times
Tony Finch [Mon, 29 Apr 2019 12:56:05 +0000 (13:56 +0100)]
dnssec-settime: round-trip support for times

4 weeks agoLocal configuration
Tony Finch [Thu, 6 Mar 2014 16:15:23 +0000 (16:15 +0000)]
Local configuration

4 weeks agoRemove `cleaning-interval` remnants.
Tony Finch [Fri, 13 Apr 2018 16:09:16 +0000 (17:09 +0100)]
Remove `cleaning-interval` remnants.

Since 2008, the cleaning-interval timer has been documented as
"effectively obsolete" and disabled in the default configuration
with a comment saying "now meaningless".

This change deletes all the code that implements the cleaning-interval
timer, except for the config parser in which it is now explicitly
marked as deprecated.

4 weeks agodnssec-signzone -J for jumpy jitter
Tony Finch [Wed, 10 Jan 2018 19:03:06 +0000 (19:03 +0000)]
dnssec-signzone -J for jumpy jitter

4 weeks agoLog view name in client_trace()
Tony Finch [Tue, 2 Jan 2018 15:10:16 +0000 (15:10 +0000)]
Log view name in client_trace()

4 weeks agoAdd {random,srcid,uname}.bind CH TXT
Tony Finch [Wed, 13 Dec 2017 19:10:14 +0000 (19:10 +0000)]
Add {random,srcid,uname}.bind CH TXT

4 weeks agoSuppress RPZ mismatched summary data errors
Tony Finch [Fri, 6 Oct 2017 13:29:19 +0000 (14:29 +0100)]
Suppress RPZ mismatched summary data errors

4 weeks agoExplain why CDS/CDNSKEY UDPATE might have been rejected [RT #45629]
Tony Finch [Fri, 28 Jul 2017 09:35:51 +0000 (10:35 +0100)]
Explain why CDS/CDNSKEY UDPATE might have been rejected [RT #45629]

4 weeks agoMake dig +notcp work more like dig +ignore [RT #45408]
Tony Finch [Mon, 19 Jun 2017 18:06:06 +0000 (19:06 +0100)]
Make dig +notcp work more like dig +ignore [RT #45408]

4 weeks agoRFC 6761 checks in dig for onion, localhost, invalid
Tony Finch [Mon, 19 Jun 2017 18:02:40 +0000 (19:02 +0100)]
RFC 6761 checks in dig for onion, localhost, invalid

4 weeks agoAlternative NSEC3 mode for nsec3hash [Rej #45183]
Tony Finch [Fri, 26 Aug 2016 13:58:00 +0000 (14:58 +0100)]
Alternative NSEC3 mode for nsec3hash [Rej #45183]

4 weeks agoRun non-network tests when ifconfig.sh has not been run [Rej #45184]
Tony Finch [Thu, 4 May 2017 15:31:08 +0000 (16:31 +0100)]
Run non-network tests when ifconfig.sh has not been run [Rej #45184]

4 weeks agomdig: support large batch jobs
Tony Finch [Mon, 23 Jan 2017 15:08:28 +0000 (15:08 +0000)]
mdig: support large batch jobs

4 weeks agoSkip DNSKEY and CDNSKEY RRsets in minimal-any responses [Rej #45690]
Tony Finch [Thu, 8 Dec 2016 11:32:17 +0000 (11:32 +0000)]
Skip DNSKEY and CDNSKEY RRsets in minimal-any responses [Rej #45690]

4 weeks agoLow-profile ISO8601 log time stamps, and ISO8601 for default channels
Tony Finch [Thu, 1 Dec 2016 10:53:15 +0000 (10:53 +0000)]
Low-profile ISO8601 log time stamps, and ISO8601 for default channels

4 weeks agoquick hack for faster zone dumps
Tony Finch [Tue, 8 Nov 2016 17:51:57 +0000 (17:51 +0000)]
quick hack for faster zone dumps

4 weeks agoextra proof-of-nonexistence logging
Tony Finch [Tue, 11 Oct 2016 09:30:12 +0000 (10:30 +0100)]
extra proof-of-nonexistence logging

4 weeks agoMerge branch '1094-bump-clientinfomethods-version' into 'master'
Ondřej Surý [Thu, 20 Jun 2019 11:12:59 +0000 (07:12 -0400)]
Merge branch '1094-bump-clientinfomethods-version' into 'master'

Bump DNS_CLIENTINFOMETHODS VERSION and AGE

Closes #1094

See merge request isc-projects/bind9!2051

4 weeks agoBump DNS_CLIENTINFOMETHODS_VERSION/_AGE to 2/1 in clientinfo.h 2051/head
Brian Conry [Tue, 18 Jun 2019 19:37:20 +0000 (14:37 -0500)]
Bump DNS_CLIENTINFOMETHODS_VERSION/_AGE to 2/1 in clientinfo.h

BIND 9.11.0 has bumped DNS_CLIENTINFOMETHODS_VERSION and _AGE to
version 2 and 1 in the dlz_minimal.h because a member was addet to the
dnsclientinfo struct.  It was found out that the new member is not
used anywhere and there are no accessor functions therefore the change
was reverted.

Later on, it was found out that the revert caused some problems to the
users of BIND 9, and thus this changes takes a different approach by
syncing the values other way around.

4 weeks agoRevert "Downgrade the dns_clientinfomethod structure to the version in lib/dns/client...
Ondřej Surý [Thu, 20 Jun 2019 10:39:34 +0000 (12:39 +0200)]
Revert "Downgrade the dns_clientinfomethod structure to the version in lib/dns/clientinfo.c"

This reverts commit a6f09b2255e323d8c49306ef0af6b4f7565baa61.

4 weeks agoMerge branch 'u/fanf2/rsa-1024-delenda-est' into 'master' 2064/head
Evan Hunt [Thu, 20 Jun 2019 03:31:48 +0000 (23:31 -0400)]
Merge branch 'u/fanf2/rsa-1024-delenda-est' into 'master'

Use 2048 bits as the default ZSK RSA key size in dnssec-keygen

Closes #1097

See merge request isc-projects/bind9!2055

4 weeks agoCHANGES 2055/head
Evan Hunt [Thu, 20 Jun 2019 02:45:06 +0000 (19:45 -0700)]
CHANGES

4 weeks agoUse 2048 bits as the default ZSK RSA key size in dnssec-keygen
Tony Finch [Wed, 19 Jun 2019 10:31:43 +0000 (11:31 +0100)]
Use 2048 bits as the default ZSK RSA key size in dnssec-keygen

4 weeks agoMerge branch 'security-master' into 'master'
Evan Hunt [Wed, 19 Jun 2019 23:14:43 +0000 (19:14 -0400)]
Merge branch 'security-master' into 'master'

merge security-master

See merge request isc-projects/bind9!2061

4 weeks agoMerge branch 'prep-release' into security-master 2061/head
Tinderbox User [Tue, 11 Jun 2019 07:33:50 +0000 (07:33 +0000)]
Merge branch 'prep-release' into security-master

4 weeks agoprep 9.15.1
Tinderbox User [Mon, 3 Jun 2019 19:29:39 +0000 (19:29 +0000)]
prep 9.15.1

4 weeks agoMerge branch '942-security-move-test-inside-lock' into security-master
Evan Hunt [Wed, 29 May 2019 05:14:11 +0000 (22:14 -0700)]
Merge branch '942-security-move-test-inside-lock' into security-master

4 weeks agoCHANGES, release note
Evan Hunt [Thu, 9 May 2019 17:53:18 +0000 (10:53 -0700)]
CHANGES, release note

4 weeks agomove item_out test inside lock in dns_dispatch_getnext()
Mark Andrews [Tue, 19 Mar 2019 03:14:21 +0000 (14:14 +1100)]
move item_out test inside lock in dns_dispatch_getnext()

4 weeks agoMerge branch '161-fix-symbol-ordering-in-dns-update_test.c' into 'master'
Ondřej Surý [Wed, 19 Jun 2019 12:13:27 +0000 (08:13 -0400)]
Merge branch '161-fix-symbol-ordering-in-dns-update_test.c' into 'master'

Fix lib/dns/tests/update_test spurious errors on macOS

Closes #161

See merge request isc-projects/bind9!2050

4 weeks agoRename mctx in dnstest.c to dt_mctx to prevent any global/local name clashes 2050/head
Ondřej Surý [Tue, 18 Jun 2019 13:01:43 +0000 (15:01 +0200)]
Rename mctx in dnstest.c to dt_mctx to prevent any global/local name clashes

The common construct seen in the BIND 9 source is func(isc_mem_t *mctx, ...).
Unfortunately, the dnstest.{h,c} has been using mctx as a global symbol, which
in turn generated a lot of errors when update.c got included in update_test.c.

As a rule of thumb, we should avoid naming global symbols with generic names
(like mctx) and we should prefix them with "namespace" (like dt_mctx).

4 weeks agoMake CHECK() macro local by moving it from dnstest.h to respective .c files
Ondřej Surý [Tue, 18 Jun 2019 12:56:41 +0000 (14:56 +0200)]
Make CHECK() macro local by moving it from dnstest.h to respective .c files

The CHECK() macro has been defined both in dnstest.h and update.c
files.  This has created a conflict between macro definitions when
including both of the files in update_test.c.  While the CHECK() macro
is convenient for the tests, it has been really used in just two
files, so the MR moves them into those respective .c files.

4 weeks agoFix spurious lib/dns/tests/update_test errors on macOS
Ondřej Surý [Tue, 18 Jun 2019 12:48:00 +0000 (14:48 +0200)]
Fix spurious lib/dns/tests/update_test errors on macOS

lib/dns/tests/update_test was failing on macOS on random occasions.  It
turned out this was a linker problem - it preferred isc_stdtime_get()
from libisc instead of the local version in lib/dns/tests/update_test.c.

Fix by including the original .c file in the unit test.  This has two
benefits:

 a) linking order may no longer cause issues as symbols found in the
    same compilation unit are always preferred,

 b) it allows writing tests for static functions in lib/dns/update.c.

4 weeks agoMerge branch 'ondrej/autoconf-use-more-convenience-macros-from-autoconf-archive'...
Ondřej Surý [Wed, 19 Jun 2019 11:21:10 +0000 (07:21 -0400)]
Merge branch 'ondrej/autoconf-use-more-convenience-macros-from-autoconf-archive' into 'master'

Use couple more autoconf convenience macros to cleanup configure.ac

See merge request isc-projects/bind9!2054

4 weeks agoUse couple more autoconf convenience macros to cleanup configure.ac ondrej/autoconf-use-more-convenience-macros-from-autoconf-archive 2054/head
Ondřej Surý [Wed, 19 Jun 2019 09:16:47 +0000 (11:16 +0200)]
Use couple more autoconf convenience macros to cleanup configure.ac

Pull and use several autoconf archive convenience macros to simplify
configure.ac.

* AX_CHECK_COMPILE_FLAG(FLAG, ...) - check whether given CFLAG works
* AX_CHECK_LINK_FLAG(FLAG, ...) - check whether given LDFLAG works
* AX_CHECK_PREPROC_FLAG(FLAG, ...) - check whether give CPPFLAG works
* AX_SAVE_FLAGS/AX_RESTORE_FLAGS - save and restore *FLAGS

4 weeks agoMerge branch '1088-always-fail-a-system-test-if-crashes-are-detected' into 'master'
Michał Kępień [Tue, 18 Jun 2019 07:55:20 +0000 (03:55 -0400)]
Merge branch '1088-always-fail-a-system-test-if-crashes-are-detected' into 'master'

Always fail a system test if crashes are detected

Closes #1088

See merge request isc-projects/bind9!2041

4 weeks agoAlways fail a system test if crashes are detected 2041/head
Michał Kępień [Tue, 18 Jun 2019 07:14:07 +0000 (09:14 +0200)]
Always fail a system test if crashes are detected

In certain situations (e.g. a named instance crashing upon shutdown in a
system test which involves shutting down a server and restarting it
afterwards), a system test may succeed despite a named crash being
triggered.  This must never be the case.  Extend run.sh to mark a test
as failed if core dumps or log lines indicating assertion failures are
detected (the latter is only an extra measure aimed at test environments
in which core dumps are not generated; note that some types of crashes,
e.g. segmentation faults, will not be detected using this method alone).

4 weeks agoMerge branch 'michal/fix-transfer-statistics-extraction' into 'master'
Michał Kępień [Tue, 18 Jun 2019 07:12:53 +0000 (03:12 -0400)]
Merge branch 'michal/fix-transfer-statistics-extraction' into 'master'

Fix transfer statistics extraction

See merge request isc-projects/bind9!2038

4 weeks agoFix transfer statistics extraction 2038/head
Michał Kępień [Tue, 18 Jun 2019 06:51:50 +0000 (08:51 +0200)]
Fix transfer statistics extraction

Make the get_named_xfer_stats() helper shell function more precise in
order to prevent it from matching the wrong lines as that may trigger
false positives for the "ixfr" and "xfer" system tests.  As an example,
the regular expression responsible for extracting the number of bytes
transmitted throughout an entire zone transfer could also match a line
containing the following string:

    transfer of '<zone-name>/IN': sending TCP message of <integer> bytes

However, such a line is not one summarizing a zone transfer.

Also simplify both get_dig_xfer_stats() and get_named_xfer_stats() by
eliminating the need for "echo" statements in them.

4 weeks agoMerge branch 'marka-cleanup-builtin-config' into 'master'
Mark Andrews [Mon, 17 Jun 2019 13:35:58 +0000 (09:35 -0400)]
Merge branch 'marka-cleanup-builtin-config' into 'master'

remove geoip-use-ecs from default config

See merge request isc-projects/bind9!2032

4 weeks agoremove geoip-use-ecs from default config 2032/head
Mark Andrews [Wed, 12 Jun 2019 06:50:03 +0000 (16:50 +1000)]
remove geoip-use-ecs from default config

4 weeks agoMerge branch 'michal/tkey-system-test-fix-key-id-processing' into 'master'
Michał Kępień [Mon, 17 Jun 2019 12:43:18 +0000 (08:43 -0400)]
Merge branch 'michal/tkey-system-test-fix-key-id-processing' into 'master'

"tkey" system test: fix key ID processing

See merge request isc-projects/bind9!2033

4 weeks agoFix key ID processing 2033/head
Michał Kępień [Mon, 17 Jun 2019 12:15:18 +0000 (14:15 +0200)]
Fix key ID processing

If ns1/setup.sh generates a key with ID 0, the "KEYID" token in
ns1/named.conf.in will be replaced with an empty string, causing the
following broken statement to appear in ns1/named.conf:

    tkey-dhkey "server" ;

Such a statement triggers false positives for the "tkey" system test due
to ns1 being unable to start with a broken configuration file.  Fix by
tweaking the regular expression used for removing leading zeros from the
key ID, so that it removes at most 4 leading zeros.

5 weeks agoUpdate repub branch u/fanf2/patch to rebasing branch u/fanf2/rebasing revision v9_15_...
Tony Finch [Thu, 13 Jun 2019 13:29:20 +0000 (14:29 +0100)]
Update repub branch u/fanf2/patch to rebasing branch u/fanf2/rebasing revision v9_15_0-171-g84c0493d39

git repub --rw u/fanf2/rebasing --ff u/fanf2/patch # v9_15_0-171-g84c0493d39

5 weeks agorecolver: extra qmin logging
Tony Finch [Mon, 29 Apr 2019 12:56:50 +0000 (13:56 +0100)]
recolver: extra qmin logging

5 weeks agodnssec-settime: round-trip support for times
Tony Finch [Mon, 29 Apr 2019 12:56:05 +0000 (13:56 +0100)]
dnssec-settime: round-trip support for times

5 weeks agoBuild: version sort OpenSSL
Tony Finch [Thu, 25 Apr 2019 16:34:03 +0000 (17:34 +0100)]
Build: version sort OpenSSL

5 weeks agoLocal configuration
Tony Finch [Thu, 6 Mar 2014 16:15:23 +0000 (16:15 +0000)]
Local configuration

5 weeks agoRemove `cleaning-interval` remnants.
Tony Finch [Fri, 13 Apr 2018 16:09:16 +0000 (17:09 +0100)]
Remove `cleaning-interval` remnants.

Since 2008, the cleaning-interval timer has been documented as
"effectively obsolete" and disabled in the default configuration
with a comment saying "now meaningless".

This change deletes all the code that implements the cleaning-interval
timer, except for the config parser in which it is now explicitly
marked as deprecated.

5 weeks agodnssec-signzone -J for jumpy jitter
Tony Finch [Wed, 10 Jan 2018 19:03:06 +0000 (19:03 +0000)]
dnssec-signzone -J for jumpy jitter

5 weeks agoLog view name in client_trace()
Tony Finch [Tue, 2 Jan 2018 15:10:16 +0000 (15:10 +0000)]
Log view name in client_trace()

5 weeks agoAdd {random,srcid,uname}.bind CH TXT
Tony Finch [Wed, 13 Dec 2017 19:10:14 +0000 (19:10 +0000)]
Add {random,srcid,uname}.bind CH TXT

5 weeks agoSuppress RPZ mismatched summary data errors
Tony Finch [Fri, 6 Oct 2017 13:29:19 +0000 (14:29 +0100)]
Suppress RPZ mismatched summary data errors

5 weeks agoExplain why CDS/CDNSKEY UDPATE might have been rejected [RT #45629]
Tony Finch [Fri, 28 Jul 2017 09:35:51 +0000 (10:35 +0100)]
Explain why CDS/CDNSKEY UDPATE might have been rejected [RT #45629]

5 weeks agoMake dig +notcp work more like dig +ignore [RT #45408]
Tony Finch [Mon, 19 Jun 2017 18:06:06 +0000 (19:06 +0100)]
Make dig +notcp work more like dig +ignore [RT #45408]

5 weeks agoRFC 6761 checks in dig for onion, localhost, invalid
Tony Finch [Mon, 19 Jun 2017 18:02:40 +0000 (19:02 +0100)]
RFC 6761 checks in dig for onion, localhost, invalid

5 weeks agoAlternative NSEC3 mode for nsec3hash [Rej #45183]
Tony Finch [Fri, 26 Aug 2016 13:58:00 +0000 (14:58 +0100)]
Alternative NSEC3 mode for nsec3hash [Rej #45183]

5 weeks agoRun non-network tests when ifconfig.sh has not been run [Rej #45184]
Tony Finch [Thu, 4 May 2017 15:31:08 +0000 (16:31 +0100)]
Run non-network tests when ifconfig.sh has not been run [Rej #45184]

5 weeks agomdig: support large batch jobs
Tony Finch [Mon, 23 Jan 2017 15:08:28 +0000 (15:08 +0000)]
mdig: support large batch jobs

5 weeks agoSkip DNSKEY and CDNSKEY RRsets in minimal-any responses [Rej #45690]
Tony Finch [Thu, 8 Dec 2016 11:32:17 +0000 (11:32 +0000)]
Skip DNSKEY and CDNSKEY RRsets in minimal-any responses [Rej #45690]

5 weeks agoLow-profile ISO8601 log time stamps, and ISO8601 for default channels
Tony Finch [Thu, 1 Dec 2016 10:53:15 +0000 (10:53 +0000)]
Low-profile ISO8601 log time stamps, and ISO8601 for default channels

5 weeks agoquick hack for faster zone dumps
Tony Finch [Tue, 8 Nov 2016 17:51:57 +0000 (17:51 +0000)]
quick hack for faster zone dumps

5 weeks agoextra proof-of-nonexistence logging
Tony Finch [Tue, 11 Oct 2016 09:30:12 +0000 (10:30 +0100)]
extra proof-of-nonexistence logging

5 weeks agoMerge branch '1067-underflow-recursing-clients-stats' into 'master'
Witold Krecicki [Thu, 13 Jun 2019 12:19:32 +0000 (08:19 -0400)]
Merge branch '1067-underflow-recursing-clients-stats' into 'master'

Resolve "Underflow in Stats Channel RecursClients value?"

Closes #1067

See merge request isc-projects/bind9!2030

5 weeks agoCHANGES note 2030/head
Witold Kręcicki [Tue, 11 Jun 2019 09:40:20 +0000 (11:40 +0200)]
CHANGES note

5 weeks agoMake sure that recursclient gauge is calculated correctly.
Witold Kręcicki [Tue, 11 Jun 2019 09:32:35 +0000 (11:32 +0200)]
Make sure that recursclient gauge is calculated correctly.

We increase recursclients when we attach to recursion quota,
decrease when we detach. In some cases, when we hit soft
quota, we might attach to quota without increasing recursclients
gauge. We then decrease the gauge when we detach from quota,
and it causes the statistics to underflow.
Fix makes sure that we increase recursclients always when we
succesfully attach to recursion quota.

5 weeks agoMerge branch 'michal/address-compilation-warnings-for-O3-builds' into 'master'
Michał Kępień [Tue, 11 Jun 2019 08:49:01 +0000 (04:49 -0400)]
Merge branch 'michal/address-compilation-warnings-for-O3-builds' into 'master'

Address compilation warnings for -O3 builds

See merge request isc-projects/bind9!1994

5 weeks agoAddress GCC 9.1 -O3 compilation warnings 1994/head
Michał Kępień [Fri, 31 May 2019 12:34:34 +0000 (14:34 +0200)]
Address GCC 9.1 -O3 compilation warnings

Compiling with -O3 triggers the following warnings with GCC 9.1:

    task.c: In function ‘isc_taskmgr_create’:
    task.c:1384:43: warning: ‘%04u’ directive output may be truncated writing between 4 and 10 bytes into a region of size 6 [-Wformat-truncation=]
     1384 |   snprintf(name, sizeof(name), "isc-worker%04u", i);
          |                                           ^~~~
    task.c:1384:32: note: directive argument in the range [0, 4294967294]
     1384 |   snprintf(name, sizeof(name), "isc-worker%04u", i);
          |                                ^~~~~~~~~~~~~~~~
    task.c:1384:3: note: ‘snprintf’ output between 15 and 21 bytes into a destination of size 16
     1384 |   snprintf(name, sizeof(name), "isc-worker%04u", i);
          |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    private_test.c: In function ‘private_nsec3_totext_test’:
    private_test.c:110:9: warning: array subscript 4 is outside array bounds of ‘uint32_t[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds]
      110 |  while (*sp == '\0' && slen > 0) {
          |         ^~~
    private_test.c:103:11: note: while referencing ‘salt’
      103 |  uint32_t salt;
          |           ^~~~

Prevent these warnings from being triggered by increasing the size of
the relevant array (task.c) and reordering conditions (private_test.c).

5 weeks agoAddress GCC 8.3 -O3 compilation warning
Witold Kręcicki [Fri, 31 May 2019 08:43:53 +0000 (10:43 +0200)]
Address GCC 8.3 -O3 compilation warning

Compiling with -O3 triggers the following warning with GCC 8.3:

    driver.c: In function ‘dlz_findzonedb’:
    driver.c:191:29: warning: ‘%u’ directive output may be truncated writing between 1 and 5 bytes into a region of size between 0 and 99 [-Wformat-truncation=]
      snprintf(buffer, size, "%s#%u", addr_buf, port);
                                 ^~
    driver.c:191:25: note: directive argument in the range [0, 65535]
      snprintf(buffer, size, "%s#%u", addr_buf, port);
                             ^~~~~~~
    driver.c:191:2: note: ‘snprintf’ output between 3 and 106 bytes into a destination of size 100
      snprintf(buffer, size, "%s#%u", addr_buf, port);
      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Increase the size of the relevant array to prevent this warning from
being triggered.

5 weeks agoMake some build jobs use -O3 optimizations
Michał Kępień [Fri, 31 May 2019 12:34:34 +0000 (14:34 +0200)]
Make some build jobs use -O3 optimizations

Change the compiler optimization level for Debian sid build jobs from
-O2 to -O3 in order to enable triggering compilation warnings which are
not raised when -O2 is used.

5 weeks agoMerge branch '1070-fix-zonemgr-unreachablecache' into 'master'
Witold Krecicki [Tue, 11 Jun 2019 07:58:22 +0000 (03:58 -0400)]
Merge branch '1070-fix-zonemgr-unreachablecache' into 'master'

Resolve "Use zonemgr unreachable cache more effectively"

Closes #1070

See merge request isc-projects/bind9!2017

5 weeks agoPut the items into unreachable LRU cache from first to last, not last to first 2017/head
Ondřej Surý [Fri, 7 Jun 2019 12:41:05 +0000 (14:41 +0200)]
Put the items into unreachable LRU cache from first to last, not last to first

5 weeks agoAdd Gitlab CI job with pthread_rwlock
Witold Kręcicki [Fri, 7 Jun 2019 07:46:14 +0000 (09:46 +0200)]
Add Gitlab CI job with pthread_rwlock

5 weeks agoIn dns_zonemgr_unreachable use atomics to avoid unnecessary
Witold Kręcicki [Wed, 5 Jun 2019 20:07:50 +0000 (22:07 +0200)]
In dns_zonemgr_unreachable use atomics to avoid unnecessary
write locking.

Unreachable cache in zonemgr is realized as an static LRU list.
When we 'use' an entry we need to update the last-used time, we
can use atomics to do so without the necessity to upgrading
read-lock to write-lock.

5 weeks agoMerge branch '1082-fix-symtab-error' into 'master'
Evan Hunt [Tue, 11 Jun 2019 01:56:54 +0000 (21:56 -0400)]
Merge branch '1082-fix-symtab-error' into 'master'

allocate memory for symtab keys

Closes #1082

See merge request isc-projects/bind9!2026

5 weeks agoallocate memory for symtab keys 2026/head
Evan Hunt [Mon, 10 Jun 2019 23:43:56 +0000 (16:43 -0700)]
allocate memory for symtab keys

this prevents an intermittent failure when conflicts between
static and initializing keys are not detected by named-checkconf.

5 weeks agoMerge branch 'wpk/git-replay-merge-worktrees' into 'master'
Witold Krecicki [Mon, 10 Jun 2019 14:51:01 +0000 (10:51 -0400)]
Merge branch 'wpk/git-replay-merge-worktrees' into 'master'

util/git-replay-merge.sh: make the tool compatible with git worktrees

See merge request isc-projects/bind9!1985

5 weeks agoutil/git-replay-merge.sh: make the tool compatible with git worktrees 1985/head
Witold Kręcicki [Thu, 30 May 2019 08:08:36 +0000 (10:08 +0200)]
util/git-replay-merge.sh: make the tool compatible with git worktrees

5 weeks agoMerge branch 'each-pandoc-args' into 'master'
Evan Hunt [Mon, 10 Jun 2019 04:29:24 +0000 (00:29 -0400)]
Merge branch 'each-pandoc-args' into 'master'

specify title metadata and markdown format when calling pandoc

See merge request isc-projects/bind9!2022

5 weeks agospecify title metadata and markdown format when calling pandoc 2022/head
Evan Hunt [Mon, 10 Jun 2019 04:26:55 +0000 (21:26 -0700)]
specify title metadata and markdown format when calling pandoc

this change silences a warning message and prevents the unwanted
use of smart quotes when using pandoc 2.7.1 to generate human-readable
versions of README and other markdown files.

5 weeks agoMerge branch 'michal/minor-doc-fixes' into 'master'
Evan Hunt [Mon, 10 Jun 2019 04:21:21 +0000 (00:21 -0400)]
Merge branch 'michal/minor-doc-fixes' into 'master'

Minor doc fixes

See merge request isc-projects/bind9!2018

6 weeks agoUpdate repub branch u/fanf2/patch to rebasing branch u/fanf2/rebasing revision v9_15_...
Tony Finch [Fri, 7 Jun 2019 15:30:30 +0000 (16:30 +0100)]
Update repub branch u/fanf2/patch to rebasing branch u/fanf2/rebasing revision v9_15_0-151-g0e454e53e6

git repub --rw u/fanf2/rebasing --ff u/fanf2/patch # v9_15_0-151-g0e454e53e6

6 weeks agorecolver: extra qmin logging
Tony Finch [Mon, 29 Apr 2019 12:56:50 +0000 (13:56 +0100)]
recolver: extra qmin logging

6 weeks agodnssec-settime: round-trip support for times
Tony Finch [Mon, 29 Apr 2019 12:56:05 +0000 (13:56 +0100)]
dnssec-settime: round-trip support for times

6 weeks agoBuild: version sort OpenSSL
Tony Finch [Thu, 25 Apr 2019 16:34:03 +0000 (17:34 +0100)]
Build: version sort OpenSSL

6 weeks agoLocal configuration
Tony Finch [Thu, 6 Mar 2014 16:15:23 +0000 (16:15 +0000)]
Local configuration

6 weeks agoRemove `cleaning-interval` remnants.
Tony Finch [Fri, 13 Apr 2018 16:09:16 +0000 (17:09 +0100)]
Remove `cleaning-interval` remnants.

Since 2008, the cleaning-interval timer has been documented as
"effectively obsolete" and disabled in the default configuration
with a comment saying "now meaningless".

This change deletes all the code that implements the cleaning-interval
timer, except for the config parser in which it is now explicitly
marked as deprecated.

6 weeks agodnssec-signzone -J for jumpy jitter
Tony Finch [Wed, 10 Jan 2018 19:03:06 +0000 (19:03 +0000)]
dnssec-signzone -J for jumpy jitter

6 weeks agoLog view name in client_trace()
Tony Finch [Tue, 2 Jan 2018 15:10:16 +0000 (15:10 +0000)]
Log view name in client_trace()

6 weeks agoAdd {random,srcid,uname}.bind CH TXT
Tony Finch [Wed, 13 Dec 2017 19:10:14 +0000 (19:10 +0000)]
Add {random,srcid,uname}.bind CH TXT

6 weeks agoSuppress RPZ mismatched summary data errors
Tony Finch [Fri, 6 Oct 2017 13:29:19 +0000 (14:29 +0100)]
Suppress RPZ mismatched summary data errors

6 weeks agoExplain why CDS/CDNSKEY UDPATE might have been rejected [RT #45629]
Tony Finch [Fri, 28 Jul 2017 09:35:51 +0000 (10:35 +0100)]
Explain why CDS/CDNSKEY UDPATE might have been rejected [RT #45629]

6 weeks agoMake dig +notcp work more like dig +ignore [RT #45408]
Tony Finch [Mon, 19 Jun 2017 18:06:06 +0000 (19:06 +0100)]
Make dig +notcp work more like dig +ignore [RT #45408]

6 weeks agoRFC 6761 checks in dig for onion, localhost, invalid
Tony Finch [Mon, 19 Jun 2017 18:02:40 +0000 (19:02 +0100)]
RFC 6761 checks in dig for onion, localhost, invalid

6 weeks agoAlternative NSEC3 mode for nsec3hash [Rej #45183]
Tony Finch [Fri, 26 Aug 2016 13:58:00 +0000 (14:58 +0100)]
Alternative NSEC3 mode for nsec3hash [Rej #45183]

6 weeks agoRun non-network tests when ifconfig.sh has not been run [Rej #45184]
Tony Finch [Thu, 4 May 2017 15:31:08 +0000 (16:31 +0100)]
Run non-network tests when ifconfig.sh has not been run [Rej #45184]

6 weeks agomdig: support large batch jobs
Tony Finch [Mon, 23 Jan 2017 15:08:28 +0000 (15:08 +0000)]
mdig: support large batch jobs

6 weeks agoSkip DNSKEY and CDNSKEY RRsets in minimal-any responses [Rej #45690]
Tony Finch [Thu, 8 Dec 2016 11:32:17 +0000 (11:32 +0000)]
Skip DNSKEY and CDNSKEY RRsets in minimal-any responses [Rej #45690]