The counter in ns_client_t is used to track the maximum number of
recursions in the resolver, but it is created unconditionally when
starting the client and deallocated when resetting it.
This commit defers the allocation of the counter till recursion needs to
actually happen, speeding up authoritative workloads in perflab by
1.5~2%.
Add a test to check serve-stale with the 'stale-answer-client-timeout 0'
configuration option and with a delegation which is a CNAME to a auth
zone.
Closes#5372
Merge branch '5372-serve-stale-crash-on-insist-unreachable-test' into 'main'
See merge request isc-projects/bind9!10920
Mark the ``tkey-domain`` statement as obsolete, since it has not had any
effect on server behavior since support for TKEY Mode 2 (Diffie-Hellman)
was removed (in BIND 9.20.0).
See #4204
Merge branch '4204-obsolete-tkey-domain' into 'main'
See merge request isc-projects/bind9!10798
The "tkey-domain" statement has effectively been a no-op since commit
bd4576b3ce, which removed the only bit of
code using it: the logic implementing TKEY Mode 2 (Diffie-Hellman).
A subsequent cleanup commit, 885c132f4a,
also missed the opportunity to remove the "tkey-domain" statement
altogether.
Mark the "tkey-domain" statement as obsolete and remove all code and
documentation related to it.
The :any:`tkey-gssapi-keytab` statement allows GSS-TSIG to be set up in
a simpler and more reliable way than using the
:any:`tkey-gssapi-credential` statement and setting environment
variables (e.g. ``KRB5_KTNAME``). Therefore, the
:any:`tkey-gssapi-credential` statement has been deprecated;
:any:`tkey-gssapi-keytab` should be used instead.
For configurations currently using a combination of both
:any:`tkey-gssapi-keytab` *and* :any:`tkey-gssapi-credential`, the
latter should be dropped and the keytab pointed to by
:any:`tkey-gssapi-keytab` should now only contain the credential
previously specified by :any:`tkey-gssapi-credential`.
See #4204
Merge branch '4204-deprecate-tkey-gssapi-credential' into 'main'
See merge request isc-projects/bind9!10782
The "tkey-gssapi-keytab" statement enables GSS-TSIG to be set up in a
simpler and more reliable way than using the "tkey-gssapi-credential"
statement and setting environment variables (e.g. KRB5_KTNAME).
Mark the "tkey-gssapi-credential" statement as deprecated to eventually
only have one method for setting up GSS-TSIG in named. Do not mention
"tkey-gssapi-credential" in the section of the ARM on dynamic updates.
- Remove double non-NULL guard around bindrdataset()
- Add DNS_SLABTOP_FOREACH macros
- Made add() function in qpcache a single pass
Merge branch 'ondrej/add-DNS_SLABTOP_FOREACH' into 'main'
See merge request isc-projects/bind9!10879
The existing logic would always scan the headers if:
- adding negative cache entry that's NXDOMAIN or negative RRSIG
- adding positive cache entry
- the type doesn't exist in the node
As the rest is relatively minor - we only delete rrset from resolver
on broken chain and most negative entries don't exist in the case
anyway, it feels like the extra logic to decide whether we should do
full scan or not is just complicating things.
Remove the extra logic and always scan all the slabtop/slabheaders in
the node when adding new entry into the cache.
There were several consequtive foreach loops when adding new entry into
the cache. Merge the multiple foreach loops into a single pass loop
with some effort and a lot of comments.
The bindrdataset() already has a logic to skip the rest of the function
if the passed rdataset is NULL. Remove the external guarding for
'addedrdataset' to simplify the code flow both from the zone and cache
databases.
This is a follow-up of !10895 where the keystore pointer was removed
from the zone (as not specific to the zone) and moved to the view. But
in order to avoid adding extra lifecycle dependencies from the zone to
the view, the keystore pointer is now moved to the zonemgr, which also
makes more sense as this is a global settings, and zonemgr wraps a bunch
of other global settings to be accessibles from the zones.
Because the zonemgr lifecycle is the same of the keystores (which are
both depending on named_g_server) this should be a safe change.
Merge branch 'colin/keystores-zonemgr' into 'main'
See merge request isc-projects/bind9!10901
This is a follow-up of !10895 where the keystore pointer was removed
from the zone (as not specific to the zone) and moved to the view. But
in order to avoid adding extra lifecycle dependencies from the zone to
the view, the keystore pointer is now moved to the zonemgr, which also
makes more sense as this is a global settings, and zonemgr wraps a bunch
of other global settings to be accessibles from the zones.
Because the zonemgr lifecycle is the same of the keystores (which are
both depending on named_g_server) this should be a safe change.
Clang 20 was spuriously warning about the possibility of passing a NULL file pointer
to `fprintf()`, which uses the 'nonnull' attribute. To silence the warning, the functions
calling `fprintf()` have been marked with the same attribute to assure that NULL can't be
passed to them in the first place.
Close#5487
Merge branch '5487-mark-passed-file-pointer-as-nonnull-in-dnssec-signzone' into 'main'
See merge request isc-projects/bind9!10888
Clang 20 is complaining about passing NULL to an argument with 'nonnull'
attribute. Mark these two functions with the same attribute to assure
that these two function also don't accept NULL as an argument.
libuv expect file descriptors <= STDERR_FILENO are in use. otherwise,
it may abort when closing a file descriptor it opened.
Closes#5226
Merge branch 'main' into 'main'
See merge request isc-projects/bind9!10582
Testing all combinations seems unnecessary but is cheap.
I was too lazy to run this against all tools we have. nsupdate was
chosen because it is one of few tools which actually use stdin and the
original issue was reproducible even without any network communication,
which was not the case for simple dig invocation.
Sorry for new shell test but doing this in Python seemed very
complicated and fragile.
libuv expects file descriptors <= STDERR_FILENO are in use. otherwise,
it may abort when closing a file descriptor it opened.
See https://github.com/libuv/libuv/pull/4559Closes#5226
A catalog zone with an unset ``default-primaries`` clause could cause
an unexpected termination of the :iscman:`named` process after two
reloading or reconfiguration commands. This has been fixed.
Closes#5494
Merge branch '5494-catz-crash-with-unset-default-primaries-and-double-reconfig' into 'main'
See merge request isc-projects/bind9!10896
When dns_catz_zone_add() returns ISC_R_EXISTS and there is no
'default-primaries' or 'default-masters', the ISC_R_EXISTS result
code doesn't get reset to ISC_R_SUCCESS, and the function returns
ISC_R_EXISTS instead of ISC_R_SUCCESS. Which means that the zone
is successfully added, but the caller assumes that the function has
failed.
Reset 'result' to ISC_R_SUCCESS when dns_catz_zone_add() returns
ISC_R_EXISTS (it's not an error condition).
Refactor the code go call dns_catz_zone_add() when all other error
conditions are already checked.
In gcc 15, __builtin_stdc_rotate_{left,right} was added. Use these
builtins when available otherwise rewrite the ISC_ROTATE_LEFT and
ISC_ROTATE_RIGHT using _Generic.
Merge branch 'ondrej/use-__builtin_stdc_rotate_left_right' into 'main'
See merge request isc-projects/bind9!10893
In gcc 15, __builtin_stdc_rotate_{left,right} was added. Use these
builtins when available otherwise rewrite the ISC_ROTATE_LEFT and
ISC_ROTATE_RIGHT using _Generic.
The list of keystores is owned by the single server object
(named_g_server), but dns_zone_t has a pointer into it in order to
preserve encapsulation (lib/dns won't link to bin/named for good
reasons).
However, getting the keystores from the zone uses the zone lock whereas
this is not needed (as the pointer value doesn't depends on the zone,
and is initialized only with the same named_g_server->keystores value);
also storing an extra pointer per zone is not needed; also, there was a
logic based on the zone->secure property which was not needed (as there
is only one keystore).
The keystores pointer is now accessible and lock-free at view level,
it also simplifies a bit the various zone configuration APIs (server.c,
zoneconf.c).
Merge branch 'colin/move-keystore-to-view' into 'main'
See merge request isc-projects/bind9!10895
The list of keystores is owned by the single server object
(named_g_server), but dns_zone_t has a pointer into it in order to
preserve encapsulation (lib/dns won't link to bin/named for good
reasons).
However, getting the keystores from the zone uses the zone lock whereas
this is not needed (as the pointer value doesn't depends on the zone,
and is initialized only with the same named_g_server->keystores value);
also storing an extra pointer per zone is not needed; also, there was a
logic based on the zone->secure property which was not needed (as there
is only one keystore).
The keystores pointer is now accessible and lock-free at view level,
it also simplifies a bit the various zone configuration APIs (server.c,
zoneconf.c).
Under certain circumstances, BIND 9 can return SERVFAIL when updating
existing entries in the cache with new NS, A, AAAA, or DS records with 0-TTL.
Closes#5294
Merge branch '5294-preserve-ZEROTTL-on-cache-update' into 'main'
See merge request isc-projects/bind9!10897
Under certain circumstances, cache entries with equivalent rdataset
might not get replaced. Previously such entry would get preserved
regardless of the new TTL and expire time on the existing header would
get updated when the expire time was less than the expire time on the
existing header. Change the logic to preserve the existing header only
if the new expire time is larger than the existing one and replace the
existing cache entry when the new expire time is less than the existing
one.
Co-authored-by: Jinmei Tatuya <jtatuya@infoblox.com>
Previously, BIND 9 would drop the ZEROTTL attribute when updating
previously cached NS entry with ZEROTTL attribute set.
Co-authored-by: Jinmei Tatuya <jtatuya@infoblox.com>
Use C23 stdckdint.h when available and define ckd_{mul,add,sub} shims to __builtin_{mul,add,sub}_overflow(). Require all the __builtin functions to be supported to further simplify the non-C23 implementation. Rename the <stdbit.h>-shims in <isc/bit.h> to their C23 names.
Merge branch 'ondrej/use-stdckdint.h-if-available' into 'main'
See merge request isc-projects/bind9!10818
Use C23 stdckdint.h when available and define ckd_{mul,add,sub} shims to
__builtin_{mul,add,sub}_overflow(). Require the __builtin functions
unconditionally.
Currently following __builtin functions are used:
__builtin_add_overflow
__builtin_mul_overflow
__builtin_prefetch
__builtin_sub_overflow
__builtin_unreachable
These are generally available on our supported platform, and also we use
some of these unconditionally anyway in qp.c. Thus make the support for
these functions mandatory so we fail early in the 'setup' step.
Make grammar check in CI more user friendly. Previously Sphinx docs
build might have failed because outdated grammar files and this would
have prevented CI from generating grammar file patch.
The fxhash implementation was missing a constant for 32-bit platforms.
This has been fixed. Constant for 64-bit platform was update to match
the current Rust constants.
Merge branch 'ondrej/update-fxhash-constants' into 'main'
See merge request isc-projects/bind9!10894
The fxhash implementation was missing a constant for 32-bit platforms.
This has been fixed. Constant for 64-bit platform was update to match
the current Rust constants.
The previous refactoring added an assertion failure when negative RRSIG
would be added to the cache database. As result, any query for RRSIG in
any unsigned zone would trigger that assertion failure.
Allow the negative RRSIG entries to be stored in the cache database
again as not caching these would trigger new remote fetch every time
such query would be received from a client.
Closes#5489
Merge branch '5489-allow-negative-RRSIGs-in-qpcache' into 'main'
See merge request isc-projects/bind9!10876
The previous refactoring added an assertion failure when negative RRSIG
would be added to the cache database. As result, any query for RRSIG in
any unsigned zone would trigger that assertion failure.
Allow the negative RRSIG entries to be stored in the cache database
again as not caching these would trigger new remote fetch every time
such query would be received from a client.
