From e688ca5316fda7cbc50420cad86f9629d50ecabd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Wed, 1 Feb 2023 11:22:59 +0100 Subject: [PATCH 1/4] Add DNSRPS builds to pairwise testing The --enable-dnsrps-dl switch for ./configure enables preparing a DNSRPS-enabled build of BIND 9 that is not directly linked against a DNSRPS provider library (dlopen() at runtime is used instead). Employ this switch to test DNSRPS-enabled builds in the pairwise testing job in GitLab CI. --- configure.ac | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index dcfe65377e..be818d58be 100644 --- a/configure.ac +++ b/configure.ac @@ -1497,10 +1497,7 @@ AC_COMPILE_IFELSE( AC_MSG_RESULT([no]) ]) -# DNSRPS is not included in pairwise testing as the librpz library is not -# present in the relevant Docker image. -# -# [pairwise: skip] +# [pairwise: --enable-dnsrps --enable-dnsrps-dl, --disable-dnsrps] AC_ARG_ENABLE([dnsrps-dl], [AS_HELP_STRING([--enable-dnsrps-dl], [DNS Response Policy Service delayed link From f3def4e4edcaecef6fd4cb95376dfcc9a4a6d467 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Wed, 1 Feb 2023 11:22:59 +0100 Subject: [PATCH 2/4] Handle iterator options in rpsdb_allrdatasets() Commit 7695c36a5de01c441690f2a0e46f176321b58896 added a new parameter, 'options', to the prototype of the 'allrdatasets' function pointer in struct dns_dbmethods. Handle this new parameter accordingly in rpsdb_allrdatasets(). --- lib/dns/dnsrps.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/dns/dnsrps.c b/lib/dns/dnsrps.c index 94f5d1c490..a78c8f2013 100644 --- a/lib/dns/dnsrps.c +++ b/lib/dns/dnsrps.c @@ -624,7 +624,8 @@ rpsdb_finddb(dns_db_t *db, const dns_name_t *name, dns_dbversion_t *version, static isc_result_t rpsdb_allrdatasets(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, - isc_stdtime_t now, dns_rdatasetiter_t **iteratorp) { + unsigned int options, isc_stdtime_t now, + dns_rdatasetiter_t **iteratorp) { rpsdb_t *rpsdb = (rpsdb_t *)db; rpsdb_rdatasetiter_t *rpsdb_iter; @@ -640,6 +641,7 @@ rpsdb_allrdatasets(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, .common= {.magic = DNS_RDATASETITER_MAGIC, .methods = &rpsdb_rdatasetiter_methods, .db = db, + .options = options, }, }; From 183cd1bbe528886f30485b84f1675bb4708b6ec9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Wed, 1 Feb 2023 11:22:59 +0100 Subject: [PATCH 3/4] Fix 'view' variable scope in load_configuration() Commit b69e783164cd50e3306364668558e460617ee8fc changed the scope of the local 'view' variable in load_configuration(), but the code section guarded by the #ifdef USE_DNSRPS directive was not adjusted accordingly, causing build errors for DNSRPS-enabled builds. Fix the latter by declaring the 'view' variable inside the loop in the DNSRPS-specific block of code. --- bin/named/server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/named/server.c b/bin/named/server.c index 3bffb2d061..b57976ff31 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -9720,7 +9720,7 @@ load_configuration(const char *filename, named_server_t *server, * Start and connect to the DNS Response Policy Service * daemon, dnsrpzd, for each view that uses DNSRPS. */ - for (view = ISC_LIST_HEAD(server->viewlist); view != NULL; + for (dns_view_t *view = ISC_LIST_HEAD(server->viewlist); view != NULL; view = ISC_LIST_NEXT(view, link)) { result = dns_dnsrps_connect(view->rpzs); From 493eadd1ae24b3ab685c23d5f8a3d28cb08e7326 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Wed, 1 Feb 2023 11:22:59 +0100 Subject: [PATCH 4/4] Add CHANGES entry for GL #3827 --- CHANGES | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGES b/CHANGES index 586d58b7bc..18820e0b47 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +6083. [bug] Fix DNSRPS-enabled builds as they were inadvertently + broken by changes 5949 and 6042. [GL #3827] + 6082. [test] fuzz/dns_message_checksig leaked memory when shutting down. [GL #3828]