Merge branch 'v9_10' of ssh://repo.isc.org/proj/git/prod/bind9 into v9_10

CHANGES

@@ -1,3 +1,6 @@
+3971.	[bug]		Reduce the cascasding failures due to a bad $TTL line
+			in named-checkconf / named-checkzone. [RT #37138]
+
 3970.   [contrib]       Fixed a use after free bug in the SDB LDAP driver.
 			[RT #37237]
 

bin/tests/system/checkzone/zones/badttl.db

@@ -0,0 +1,23 @@
+; Copyright (C) 2014  Internet Systems Consortium, Inc. ("ISC")
+;
+; Permission to use, copy, modify, and/or distribute this software for any
+; purpose with or without fee is hereby granted, provided that the above
+; copyright notice and this permission notice appear in all copies.
+;
+; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+; AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+; PERFORMANCE OF THIS SOFTWARE.
+
+
+$TTL
+@		SOA     ns hostmaster 2011012708 3600 1200 604800 1200
+                NS      ns
+ns		A       192.0.2.1
+
+ns-and-dname	NS      ns.ns-and-dname
+		DNAME	example.com.
+ns.ns-and-dname	A       203.178.141.207

bin/tests/system/views/setup.sh

@@ -37,8 +37,8 @@ test -r $RANDFILE || $GENRANDOM 400 $RANDFILE
 #
 $KEYGEN -K ns2/internal -r $RANDFILE -3q inline > /dev/null 2>&1
 $KEYGEN -K ns2/internal -r $RANDFILE -3qfk inline > /dev/null 2>&1
-k1=`$KEYGEN -K ns2/external -r $RANDFILE -3q inline`
-k2=`$KEYGEN -K ns2/external -r $RANDFILE -3qfk inline`
+k1=`$KEYGEN -K ns2/external -r $RANDFILE -3q inline 2> /dev/null`
+k2=`$KEYGEN -K ns2/external -r $RANDFILE -3qfk inline 2> /dev/null`
 $KEYGEN -K ns2/external -r $RANDFILE -3q inline > /dev/null 2>&1
 $KEYGEN -K ns2/external -r $RANDFILE -3qfk inline > /dev/null 2>&1
 test -n "$k1" && rm -f ns2/external/$k1.*

bin/tests/system/views/tests.sh

@@ -123,17 +123,20 @@ fi
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
-echo "I:verifying inline zones work with views"
-ret=0
-$DIG @10.53.0.2 -p 5300 -b 10.53.0.2 +dnssec DNSKEY inline > dig.out.internal
-$DIG @10.53.0.2 -p 5300 -b 10.53.0.5 +dnssec DNSKEY inline > dig.out.external
-grep "ANSWER: 4," dig.out.internal > /dev/null || ret=1
-grep "ANSWER: 4," dig.out.external > /dev/null || ret=1
-int=`awk '$4 == "DNSKEY" { print $8 }' dig.out.internal | sort`
-ext=`awk '$4 == "DNSKEY" { print $8 }' dig.out.external | sort`
-test "$int" != "$ext" || ret=1
-if [ $ret != 0 ]; then echo "I:failed"; fi
-status=`expr $status + $ret`
+if $SHELL ../testcrypto.sh
+then
+	echo "I:verifying inline zones work with views"
+	ret=0
+	$DIG @10.53.0.2 -p 5300 -b 10.53.0.2 +dnssec DNSKEY inline > dig.out.internal
+	$DIG @10.53.0.2 -p 5300 -b 10.53.0.5 +dnssec DNSKEY inline > dig.out.external
+	grep "ANSWER: 4," dig.out.internal > /dev/null || ret=1
+	grep "ANSWER: 4," dig.out.external > /dev/null || ret=1
+	int=`awk '$4 == "DNSKEY" { print $8 }' dig.out.internal | sort`
+	ext=`awk '$4 == "DNSKEY" { print $8 }' dig.out.external | sort`
+	test "$int" != "$ext" || ret=1
+	if [ $ret != 0 ]; then echo "I:failed"; fi
+	status=`expr $status + $ret`
+fi
 
 echo "I:exit status: $status"
 exit $status

lib/dns/master.c

@@ -221,7 +221,7 @@ task_send(dns_loadctx_t *lctx);
 static void
 loadctx_destroy(dns_loadctx_t *lctx);
 
-#define GETTOKEN(lexer, options, token, eol) \
+#define GETTOKENERR(lexer, options, token, eol, err) \
 	do { \
 		result = gettoken(lexer, options, token, eol, callbacks); \
 		switch (result) { \
@@ -234,6 +234,7 @@ loadctx_destroy(dns_loadctx_t *lctx);
 				SETRESULT(lctx, result); \
 				LOGIT(result); \
 				read_till_eol = ISC_TRUE; \
+				err \
 				goto next_line; \
 			} else \
 				goto log_and_cleanup; \
@@ -249,6 +250,8 @@ loadctx_destroy(dns_loadctx_t *lctx);
 				goto log_and_cleanup; \
 		} \
 	} while (0)
+#define GETTOKEN(lexer, options, token, eol) \
+	GETTOKENERR(lexer, options, token, eol, )
 
 #define COMMITALL \
 	do { \
@@ -389,13 +392,19 @@ gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *token,
 	if (eol != ISC_TRUE)
 		if (token->type == isc_tokentype_eol ||
 		    token->type == isc_tokentype_eof) {
+			unsigned long int line;
+			const char *what;
+			const char *file;
+			file = isc_lex_getsourcename(lex);
+			line = isc_lex_getsourceline(lex);
+			if (token->type == isc_tokentype_eol) {
+				line--;
+				what = "line";
+			} else
+				what = "file";
 			(*callbacks->error)(callbacks,
 			    "dns_master_load: %s:%lu: unexpected end of %s",
-					    isc_lex_getsourcename(lex),
-					    isc_lex_getsourceline(lex),
-					    (token->type ==
-					     isc_tokentype_eol) ?
-					    "line" : "file");
+					    file, line, what);
 			return (ISC_R_UNEXPECTEDEND);
 		}
 	return (ISC_R_SUCCESS);
@@ -1152,7 +1161,9 @@ load_text(dns_loadctx_t *lctx) {
 				finish_origin = ISC_TRUE;
 			} else if (strcasecmp(DNS_AS_STR(token),
 					      "$TTL") == 0) {
-				GETTOKEN(lctx->lex, 0, &token, ISC_FALSE);
+				GETTOKENERR(lctx->lex, 0, &token, ISC_FALSE,
+					    lctx->ttl = 0;
+					    lctx->default_ttl_known = ISC_TRUE;);
 				result =
 				   dns_ttl_fromtext(&token.value.as_textregion,
 						    &lctx->ttl);

util/copyrights

@@ -957,6 +957,7 @@
 ./bin/tests/system/checkzone/zones/bad-nsec3owner-padded.db	ZONE	2014
 ./bin/tests/system/checkzone/zones/bad1.db	ZONE	2013
 ./bin/tests/system/checkzone/zones/bad2.db	ZONE	2014
+./bin/tests/system/checkzone/zones/badttl.db	ZONE	2014
 ./bin/tests/system/checkzone/zones/good-nsec3-nopadhash.db	ZONE	2014
 ./bin/tests/system/checkzone/zones/good1.db	ZONE	2011
 ./bin/tests/system/checkzone/zones/spf.db	ZONE	2013