Commit graph

44512 commits

Author SHA1 Message Date
Nicki Křížek
2bb840bbc7 Remove unused dlz-filesystem feature check
There isn't any system test that uses this feature check.
2025-12-08 18:07:41 +01:00
Nicki Křížek
789e40bd4c Remove unused ipv6only feature check
There isn't any system test that uses this feature check.
2025-12-08 18:07:41 +01:00
Nicki Křížek
e8ecb4ffb6 new: test: Regex support for logs and cmd output in pytest
Improve and unify the handling of regular expressions when searching in logs, files and command output in system tests.
- Use `Re()` for constructing regular expressions, which is an imported shorthand for `re.compile()` (imported as `from re import compile as Re`
- Add new `isctest.text.Text` interface which is a text wrapper that supports the `in` operator for line matching operation for both strings and regular expressions, e.g.:
  - `assert "running" in ns1.log`
  - `assert Re("a.example..*10.0.0.1") in response.out`
- Use the new `isctest.text.Text` for:
  - `isctest.run.cmd()` output, where `.out` and `.err` can be used for stdout and stderr contents
  - `NamedInstance.log` rather than the previous log interface (`.expect()` and `.prohibit()` is no longer available or needed. The `in` operator along with an `assert` statement can be used now instead.)
  - `NamedInstance.rndc()` output, which returns identical output as `isctest.run.cmd()`

Merge branch 'nicki/pytest-grep' into 'main'

See merge request isc-projects/bind9!11054
2025-12-08 16:14:11 +01:00
Nicki Křížek
f33e2b6d87 Refactor NamedInstance.rndc() to use EnvCmd() interface
To unify the command handling, utilize EnvCmd() to handle rndc commands:

1. Remove isctest.rndc abstractions. They were intended for an upcoming
   python-only implementation. A couple of years later, it doesn't seem
   to be coming any time soon, so let's stick with the interface that
   makes sense today, i.e. use the same command handling interface
   everywhere.
2. Remove the specialized rndc.log in favor of the generic logging
   already implemented by isctest.run.cmd(). I believe the cause of the
   many rndc(log=False) invocations was that nobody wanted this extra
   file. Yet, logging everything by default makes sense for debugging,
   unless there's a good reason not to. In almost all cases, logging was
   switched to the default (enabled).
3. With the NamedInstance.rndc() call now returning CmdResult rather
   than combined stdout+stderr string, adjust all the invocations to use
   `.out` or `.err` as necessary.
4. Replace some manual rndc invocation and its base argument
   construction with the standardized nsX.rndc() call.
5. In cases where rndc is expected to fail, utilize
   raise_on_exception=False and check the `.rc` from the result, rather
   than handling an exception.
6. In addzone/tests_rndc_deadlock.py, refactor the test slightly to
   avoid using EnvCmd() entirely to avoid spamming the logs. This test
   calls rndc in a loop from multiple threads and such test case is an
   exception which doesn't warrant changing the `isctest.run.cmd()`
   implementation.
2025-12-08 14:57:47 +01:00
Nicki Křížek
ff613a72d7 Add generic isctest.run.EnvCmd helper to pytest
A generic helper that calls the environment-specified binaries in a
developer-friendly manner, i.e. passing arguments as strings rather than
having to split them first.

The isctest.run.cmd() remains as the basis which provides a clean and
robust interface, while the isctest.run.EnvCmd() can be used as a
convenient wrapper for tests, or when there are some shared default
parameters.

The isctest.run.Dig() is superseded with the isctest.run.EnvCmd(). In
the future, we might revisit adding Dig() or command-specific helpers
again, but it probably only makes sense if they offer command-aware
attributes / methods, rather than just being shortcuts to
isctest.run.EnvCmd().
2025-12-08 14:57:47 +01:00
Nicki Křížek
a8bf53411d Add pylint check for re.compile() alias
Ensure that Re() is used consistently across our code base.
2025-12-08 14:57:47 +01:00
Nicki Křížek
9bad9491a1 Improve file handling in ksr test
Refactor the file handling to write to a file directly when calling
isctest.run.cmd().

Refactor the existing code to use CmdResult rather than out and err
separately.
2025-12-08 14:57:47 +01:00
Nicki Křížek
4b6a86b029 Use Text with Grep support in isctest.run.cmd()
When commands are executed using the isctest.run.cmd() command, allow
the output to be Grep-able like logs and text files.
2025-12-08 14:57:47 +01:00
Nicki Křížek
7743bab5fc Refactor LogFile into TextFile with Grep support
Add a new Grep-like interface which can be used for searching for
regular expressions in files. Replace the prior LogFile used for named
logs with the new TextFile interface.
2025-12-08 14:57:47 +01:00
Nicki Křížek
be6bae2a75 Move text-related operations into isctest.text module
Add a new module for working with text and keep the isctest.log.watchlog
module focused on its purpose. Move LogFile and LineReader into the new
module. Add compile_pattern() helper which will be useful in subsequent
commits.
2025-12-08 14:57:47 +01:00
Nicki Křížek
ac7127d620 Use Re() for creating regular expressions
It's a fairly common pattern to use regular expression in our tests.
Instead of using the fairly verbose re.compile(), import that function
as Re() instead to allow for more brevity in the test syntax.
2025-12-08 14:57:47 +01:00
Nicki Křížek
ac998da3f6 Use CmdResult to decode stdout/stderr from isctest.run.cmd()
Avoid repeating the .decode("utf-8") snippet when processing command
output and provide a helper instead, which leads to more concise code.
2025-12-08 14:57:47 +01:00
Nicki Křížek
ac2be27f8f Utilize nsX.rndc() helper
Remove the duplicated code and replace it with nsX.rndc() call.
2025-12-08 13:29:40 +01:00
Ondřej Surý
064deef4a7 fix: usr: Adding NSEC3 opt-out records could leave invalid records in chain
When creating an NSEC3 opt-out chain, a node in the chain could be removed too soon, causing the previous NSEC3 being unable to be found, resulting in invalid NSEC3 records to be left in the zone. This has been fixed.

Closes #5671

Merge branch '5671-fix-dbiterator-prev' into 'main'

See merge request isc-projects/bind9!11328
2025-12-08 10:20:19 +01:00
Ondřej Surý
9914bd383e
In dns_qpiter_{prev,next}, defer dereference_iter_node call
dns_qpiter_{prev,next} requires the current iterator node to still be
valid which might not always the case after dereference_iter_node was
called.  Currently, this is ensured via closeversion() mechanism, but it
is not guaranteed to be true in the future.

Move the call to dereference_iter_node to after the dns_qpiter_prev()
and dns_qpiter_next() to prevent a possible use-after-free of the
current iterator node.
2025-12-08 09:44:58 +01:00
Mark Andrews
5e486a7c0a fix: usr: Missing unlock
'kasp->lock' was not released before returning.  This could result in
named locking up if 'dns_keymgr_status' fails when 'rndc dnssec -status'
is called.

Closes #5675

Merge branch '5675-missing-unlock' into 'main'

See merge request isc-projects/bind9!11338
2025-12-08 19:39:21 +11:00
Mark Andrews
b2a3a2ebcf Missing unlock
'kasp->lock' was not released before returning.
2025-12-08 09:59:29 +11:00
Ondřej Surý
978bd61757 chg: doc: Installing after building
Added the required steps for installing after building.

Merge branch 'patch-3' into 'main'

See merge request isc-projects/bind9!11337
2025-12-06 18:59:49 +01:00
Paul Hoffman
95f5e3cc57 Added the required steps for installing after building 2025-12-06 17:00:23 +00:00
Colin Vidal
ca0dc621e4 chg: dev: Shrunk cfgobj down from 48 bytes to 40 bytes
Follow-up of 38ce2906 as the size of the `cfg_obj_t` can actually goes
down to 40 bytes "for free", by using bitfields to only use 31 bits for
the `line` field, so the remaining bit can be use to hold the `cloned`
state without paying the extra 8 bytes padding.

Merge branch 'colin/cfgobj-40bytes' into 'main'

See merge request isc-projects/bind9!11334
2025-12-06 09:25:26 +01:00
Colin Vidal
9c82d15bc2 shrunk cfgobj down from 48 bytes to 40 bytes
Follow-up of 38ce2906 as the size of the `cfg_obj_t` can actually goes
down to 40 bytes "for free", by using bitfields to only use 31 bits for
the `line` field, so the remaining bit can be use to hold the `cloned`
state without paying the extra 8 bytes padding.
2025-12-06 08:51:23 +01:00
Evan Hunt
9afe83c546 fix: doc: correct a double negative in the padding doc
`padding` is incompatible with TSIG and SIG(0), not with "no" TSIG
and SIG(0).

Merge branch 'each-fix-padding-doc' into 'main'

See merge request isc-projects/bind9!11333
2025-12-05 22:31:43 +00:00
Evan Hunt
d054741d92 correct a double negative in the padding doc
`padding` is incompatible with TSIG and SIG(0), not with "no" TSIG
and SIG(0).
2025-12-05 22:31:36 +00:00
Colin Vidal
8055747146 chg: usr: Add Extended DNS Error 13 (Cached Error) support
Extended DNS Error 13 (Cached Error) is now returned when the server
answers a message from a cached SERVFAIL.

See RFC 8914 section 4.14.

See #1836

Merge branch '1836-sfcache-ede' into 'main'

See merge request isc-projects/bind9!11322
2025-12-05 23:28:36 +01:00
Colin Vidal
0b9da992a5 add tests for EDE 13 support
Add system test covering EDE 13 being added in the response in case of
SERVFAIL cache hits.
2025-12-05 23:28:29 +01:00
Colin Vidal
430c0ce76a support EDE 13 (Cached Error)
Extended DNS Error 13 (Cached Error) is now returned when the server
answers a message from a cached SERVFAIL.

See RFC 8914 section 4.14.
2025-12-05 23:28:29 +01:00
Matthijs Mekking
42b0046d1e fix: usr: Make key rollovers more robust
A manual rollover when the zone is in an invalid DNSSEC state causes predecessor keys to be removed too quickly. Additional safeguards to prevent this have been added. DNSSEC records will not be removed from the zone until the underlying state machine has moved back into a valid DNSSEC state.

Closes #5458

Merge branch '5458-safeguard-against-key-rollovers-when-in-invalid-state' into 'main'

See merge request isc-projects/bind9!10813
2025-12-05 12:07:39 +00:00
Matthijs Mekking
14a243a81d Fix statschannel system test
The manykeys test case relies on keys being removed. Make sure the
zone is fully signed with the keys that will stay, so the other keys
may be removed safely.

This means the expected number of signatures generated and refreshed
will change. The CDS and CDNSKEY RRset also need to be signed now.

Configure the test case with sig-signing-signatures 100, large enough
that the entire zone is processed in a single step.
2025-12-05 12:14:14 +01:00
Matthijs Mekking
a8339be0f8 Fix nsec3 system test
The nsec3 system test has a couple of cases where the configured policy
changes the algorithm, effectively triggering an algorithm rollover. Fix
those cases to start in a valid DNSSEC state. Then fix the expected key
states, no longer should the old algorithm be removed immediately.
2025-12-05 12:14:14 +01:00
Matthijs Mekking
c756b8a505 Fix autosign system test
When creating keys, set Publish and Activate times so that keys will
be initialized as omnipresent. This way we start with a safe DNSSEC
state. In most cases at least, because some tests depend on special
key timings.

The ttl[1-4].example cases have become incorrect. With dnssec-policy
we require the TTL to match the dnskey-ttl from the policy.

The delzsk.example will have a ZSK removed from the zone. It also
requires that the DNSKEY RRset is already published. This means
that for the existing keys the, no longer "is now published"
messages will be logged.

The nsec-only.example and reconf.example zones are fixed to have a
correct matching policy.

This all means the expected count of log messages changes slightly.
2025-12-05 12:14:14 +01:00
Matthijs Mekking
67ea0e656b Fix views system test
This test case enables DNSSEC and has a mismatch in policy. Fix the
policy so that it matches the existing key set, and adjust the
expected answer count because no longer a new key is generated.
2025-12-05 12:14:14 +01:00
Matthijs Mekking
b19871f8a2 Make keymgr state machine more robust
If the keymgr state machine is in an invalid state, it tries to move
it self to a valid state. But when you do key rollovers during an
invalid state, and the next state is also an invalid state, the keymgr
will happily do the transition.

It would be good to not do key rollovers if there is not a KSK and ZSK
fully omnipresent. But also it would be good to safeguard against
unexpected transitions.

This commit does that by not moving things to unretentive (which is
the state where we would remove the corresponding record from the zone)
if the state machine is currently in an invalid state.
2025-12-05 12:14:14 +01:00
Matthijs Mekking
149ca5d46a Rollover test case for rumoured zone signatures
Test a manual rollover when zone signatures have not become omnipresent
yet. This should not immediately remove the predecessor key.
2025-12-05 12:14:14 +01:00
Matthijs Mekking
04b8747761 fix: doc: Fix sig-signing-* duplicate documentation
Merge branch 'matthijs-doc-sig-signing-options' into 'main'

See merge request isc-projects/bind9!11324
2025-12-05 10:52:37 +00:00
Matthijs Mekking
c3951cdec0 Fix sig-signing-* duplicate documentation 2025-12-05 11:17:06 +01:00
Colin Vidal
38ce29066b chg: dev: Shrunk cfgobj down from 72 bytes to 48 bytes
Make all non-scalar properties of `cfg_obj_t` allocated values, which
ensures the union size is the width of one pointer. Also reorder the
fields inside `cfg_obj_t` to avoid alignment padding that would increase
the size. As a result, a `cfg_obj_t` instance is now 48 bytes on a
64-bit platform.

Add a static assertion to avoid increasing the size of the struct by
mistake.

The function `parse_sockaddrsub` was taking advantage of the fact that
both sockaddr and sockaddrtls were in the same position, and used to
initialize the sockaddr field independently if this was a -tls one or
not. This doesn't work anymore now that all fields are allocated,
so it has been slightly rewritten to take both cases into account
separately.

Merge branch 'colin/cfgobj-48bytes' into 'main'

See merge request isc-projects/bind9!11239
2025-12-05 09:35:58 +01:00
Colin Vidal
77e0104cf4 shrunk cfgobj down to 48bytes
Make all non-scalar properties of `cfg_obj_t` allocated values, which
ensures the union size is the width of one pointer. Also reorder the
fields inside `cfg_obj_t` to avoid alignment padding that would increase
the size. As a result, a `cfg_obj_t` instance is now 48 bytes on a
64-bit platform.

Add a static assertion to avoid increasing the size of the struct by
mistake.

The function `parse_sockaddrsub` was taking advantage of the fact that
both sockaddr and sockaddrtls were in the same position, and used to
initialize the sockaddr field independently if this was a -tls one or
not. This doesn't work anymore now that all fields are allocated,
so it has been slightly rewritten to take both cases into account
separately.
2025-12-05 08:59:53 +01:00
Colin Vidal
b97991463e chg: dev: Remove memory context form cfg_obj_t
Removes the `cfg_obj_t` memory context pointer, as the parser always uses `isc_g_mctx`. This simplifies the parser API/configuration tree API (no need to pass the memory context); and the `cfg_obj_t` size goes down from 80 bytes to 72 bytes.

While not directly related to the changes, also remove the `cfg_parser_t` `references` field as it is not used anymore (since the `cfg_obj_t` types doesn't reference it anymore).

Merge branch 'colin/remove-memctx-cfgobj' into 'main'

See merge request isc-projects/bind9!11199
2025-12-04 16:42:42 +01:00
Colin Vidal
c3b7b56dd0 document usage of BIND9 constructors/destructors
Document the way `__attribute__((__constructor__))` and
`__attribute__((__destructor__))` must be used in BIND9 libraries in
order to avoid unexpected behaviors with other third-party libraries.
2025-12-04 16:09:40 +01:00
Colin Vidal
15aa160e2e remove --memstats from cfg_test
The `--memstats` option from cfg_test is unused, and even if used, does
nothing because `--memstats` relies on `isc_mem_stats` which dump memory
pools statistics, which are not used at all for configuration.

Also, dropping the option avoid to add a parser API to get the memory
stats (as the parser now uses the global memory context).
2025-12-04 16:09:40 +01:00
Colin Vidal
93f8b2f5bf remove memory context from parser context
As the isccfg library now uses the global memory context, it is now
used directly instead of passing the parser context around to grab its
memory context.

Also remove the memory context from the parser, as well as from
`cfg_obj_t`, as it's now useless.
2025-12-04 16:09:40 +01:00
Colin Vidal
f7b64e2e87 cfg_parse_ API doesn't need memory context
Because the parser now uses global memory context, the cfg_parse_* API
doesn't take a memory context anymore.
2025-12-04 16:09:40 +01:00
Colin Vidal
bc82db7b82 remove references from cfg_parser_t
The parser used to be referenced by `cfg_obj_t`, but not anymore.
Removing the reference counter from `cfg_parser_t`.
2025-12-04 16:09:40 +01:00
Colin Vidal
870b7329f8 parser: add cfg_string_create() API
The parser has a static function `create_string()` used
internally. But there was duplicate code to create a string node
in `namedconf.c`.  Instead of implementing the same logic twice,
`create_string()` is now publicly exposed as `cfg_string_create()`.
2025-12-04 16:09:40 +01:00
Andoni Duarte
48f11cb784 chg: doc: Set up version for BIND 9.21.17
Merge branch 'andoni/set-up-version-for-bind-9.21.17' into 'main'

See merge request isc-projects/bind9!11319
2025-12-04 09:34:57 +00:00
Andoni Duarte Pintado
65dc0ceab6 Update BIND version to 9.21.17-dev 2025-12-04 09:57:25 +01:00
Evan Hunt
a45d253882 fix: dev: Standardize CHECK and RETERR macros
Previously, there were over 40 separate definitions of `CHECK` macros, of
which most used `goto cleanup`, and the rest `goto failure` or `goto out`.
There were another 10 definitions of `RETERR`, of which most were identical
to `CHECK`, but some simply returned a result code instead
of jumping to a cleanup label.

This has now been standardized throughout the code base: `RETERR` is for
returning an error code in the case of an error, and `CHECK` is for jumping
to a cleanup tag, which is now always called `cleanup`. Both macros are
defined in `isc/util.h`.

Merge branch 'each-check-and-cleanup' into 'main'

See merge request isc-projects/bind9!10472
2025-12-04 03:15:12 +00:00
Evan Hunt
d4ebea1037 use a standard CLEANUP macro
CLEANUP is a macro similar to CHECK but unconditional, jumping
to cleanup even if the result is ISC_R_SUCCESS. It is now used
in place of DST_RET, CLEANUP_WITH, and CHECK(<non-success constant>).
2025-12-03 13:45:43 -08:00
Evan Hunt
1d83601c58 add coccinelle script
add a semantic patch to prevent (most) future uses of the
CHECK and RETERR patterns.
2025-12-03 13:45:43 -08:00
Mark Andrews
6c0f1b212e Remove unreachable code
Remove some code checking for return values that are not possible.
2025-12-03 13:45:43 -08:00