It was possible for the result to be overwritten after a
validation failure, causing check_signer() to return success
when it should have returned an error.
Co-Authored-By: Ondřej Surý <ondrej@isc.org>
Generally speaking, no AI generated slop is permitted. If AI has been
used to find an actual problem, the findings need to be verified by a
person, and the report should be written by the person. No copy and
paste is allowed. Anyone reporting the problem needs to be able to
verify the problem independently of the AI.
Merge branch 'ondrej/no-ai-templates' into 'main'
See merge request isc-projects/bind9!11105
Generally speaking, no AI generated slop is permitted. If AI has been
used to find an actual problem, the findings need to be verified by a
person, and the report should be written by the person. No copy and
paste is allowed. Anyone reporting the problem needs to be able to
verify the problem independently of the AI.
Expect created.* and unused.* files at the end of running
the multisigner test.
Closes#5565
Merge branch '5565-multisigner-test-can-leave-created-and-unused-files' into 'main'
See merge request isc-projects/bind9!11089
`nextpart file | grep -q` doesn't work as expected. `grep -q` is not
required to read all of the input and that causes `nextpart` to fail.
Closes#5566
Merge branch '5566-nextpart-piped-to-grep-q-doesn-t-work-as-expected' into 'main'
See merge request isc-projects/bind9!11090
If dns_name_fromtext failed or the subsequent dns_name_compare
failed the lexer's comments state wasn't cleaned up.
Closes#5564
Merge branch '5564-fix-bug-in-skr-c-parse_rr-on-error-path' into 'main'
See merge request isc-projects/bind9!11088
The `bindkeys-file` option was only used for testing purposes, and has now been replaced with a `-T bindkeys=<filename>` option for `named`.
Merge branch 'each-remove-bindkeys-file' into 'main'
See merge request isc-projects/bind9!11081
the comments in the bind.keys file were outdated; the file now only
exists to be converted into bind.keys.h and compiled into named and
delv.
some tests also referenced it, and have been cleaned up, since
the keys in it are already built into named.
:program:`dnssec-importkey` should not be used to import DNSKEY records from other providers (for example when setting up multi-signer). Clarify this in the manpage.
Merge branch 'matthijs-clarify-import-key-dnssec-policy' into 'main'
See merge request isc-projects/bind9!11064
You should not use dnssec-importkey to import DNSKEY records from
other providers (for example when setting up multi-signer).
Clarify this in the manpage.
With the collision avoidance on, some of the tests would occasionally
fail. None of the tests using keyfromlabel are revoking the keys so it
should be safe to disable it.
Closes#5554
Merge branch '5554-disable-keyfromlabel-collision-avoidance-in-tests' into 'main'
See merge request isc-projects/bind9!11066
With the collision avoidance on, some of the tests would occasionally
fail. None of the tests using keyfromlabel are revoking the keys so it
should be safe to disable it.
We agreed to make "expect" a direct attribute of KeyProperties, but it turns out the property is unused, so we can just remove it.
Closes#5278
Merge branch '5278-kasp-system-test-follow-up-1' into 'main'
See merge request isc-projects/bind9!11042
Zone API `dns_zone_dump` is dead code in 9.21 (and was also dead code at
least in 9.20), removing it.
Merge branch 'colin/remove-dns_zone_dump' into 'main'
See merge request isc-projects/bind9!11060
Disable unsigned-int spatch in db.h to silence the following error from coccinelle v1.1:
```
EXN: Failure("./lib/dns/include/dns/db.h: 188: try to delete an expanded token: unsigned") in ./lib/dns/include/dns/db.h
```
Merge branch 'marka-cocci-fix' into 'main'
See merge request isc-projects/bind9!11062
Disable unsigned-int spatch in db.h to silence the following error
from coccinelle v1.1:
EXN: Failure("./lib/dns/include/dns/db.h: 188: try to delete an expanded token: unsigned") in ./lib/dns/include/dns/db.h
Fixing an (invalid) Coverity NULL-dereference (ns_pluginctx_t is always
defined) by enforcing a REQUIRE, and add a missing return value check.
Closes#1586
Merge branch 'colin/synthrecord-fixup' into 'main'
See merge request isc-projects/bind9!11053
The files in question are no longer included in the git tree and
distributed with the code. Remove the reuse annotations as they caused
issues with reuse 6.0.0, as multiline annotation for
SPDX-FileCopyrightText breaks the parsing.
Merge branch 'nicki/reuse-remove-m4-annotations' into 'main'
See merge request isc-projects/bind9!11056
The files in question are no longer included in the git tree and
distributed with the code. Remove the reuse annotations as they caused
issues with reuse 6.0.0, as multiline annotation for
SPDX-FileCopyrightText breaks the parsing.
The previously deprecated ``tkey-domain`` statement has now been
removed.
Closes#4204
Merge branch '4204-remove-tkey-domain' into 'main'
See merge request isc-projects/bind9!10801
The previously deprecated ``tkey-gssapi-credential`` statement and all
code related to it have now been removed.
Closes#4204
Merge branch '4204-remove-tkey-gssapi-credential' into 'main'
See merge request isc-projects/bind9!10800
With the code handling the "tkey-gssapi-credential" statement removed,
the named_tkeyctx_fromconfig() function can no longer fail. Update its
return type to void and revise its only call site accordingly. Clean up
the function's documentation. Declare the 's' helper variable only in
the scope it is used in to improve readability.
Since the "tkey-gssapi-credential" statement has been previously
deprecated, mark it as ancient and remove all code related to it:
- The code processing the "tkey-gssapi-credential" statement in the
configuration is the only user of the dst_gssapi_acquirecred() and
dst_gssapi_releasecred() functions, so remove them along with their
static helper functions and a backup definition of the
GSS_KRB5_MECHANISM macro.
- When calling gss_accept_sec_context(), pass GSS_C_NO_CREDENTIAL
instead of the credential acquired by gss_acquire_cred().
(Previously, NULL was passed when "tkey-gssapi-credential" was not
specified. Kerberos headers define GSS_C_NO_CREDENTIAL as
(gss_cred_id_t) 0, so the logic was effectively the same, but using
the GSS_C_NO_CREDENTIAL macro is more appropriate.) This renders
the 'cred' parameter for dst_gssapi_acceptctx() redundant, so remove
it from the prototype of the latter. (Contrary to what the
documentation for dst_gssapi_acceptctx() claims,
dst_gssapi_releasecred() does not need to subsequently be called to
free the GSS-API context; a dst_gssapi_deletectx() call in
gssapi_destroy() takes care of that when the dynamically generated
TSIG key is destroyed.)
- Remove the 'gsscred' member from struct dns_tkeyctx, along with its
related dns_gss_cred_id_t typedef.
Update the relevant sections of the ARM and code comments accordingly.
This makes the "tkey-gssapi-keytab" statement the only way to set up
GSS-TSIG in named.
Remove redundant code from bin/named/tkeyconf.c while at it.
Since the "tkey-gssapi-credential" statement is now deprecated and is
about to be removed, migrate the only system test using it ("nsupdate")
to "tkey-gssapi-keytab".
Currently, the GSS-TSIG parts of the "nsupdate" system test require
properly setting up a combination of:
- "tkey-gssapi-credential" statements in named.conf files,
- the KRB5_KTNAME environment variable.
Specifically, this configuration causes named startup to include
acquiring the credential that GSS-API is allowed to match keys against
from a keytab file specified by the KRB5_KTNAME environment variable.
By contrast, the revised configuration uses the "tkey-gssapi-keytab"
statement, which makes GSS-API match keys against any credential present
in the specified keytab file.
Since both keytabs in question (ns9/dns.keytab, ns10/dns.keytab) only
contain a single credential, the two configurations are functionally
equivalent, with the revised one being significantly more readable and
simpler to prepare.
bin/tests/system/synthrecord/tests_synthrecord.py imports hypothesis
before importing isctest.hypothesis, which causes the "synthrecord"
system test to fail on platforms on which the Hypothesis module is not
available. Reorganize Python imports in tests_synthrecord.py to fix the
above issue and also to make it more in line with other similar test
scripts.
Closes#1586
Merge branch '1586-reorganize-imports-in-tests_synthrecord.py' into 'main'
See merge request isc-projects/bind9!11046
bin/tests/system/synthrecord/tests_synthrecord.py imports hypothesis
before importing isctest.hypothesis, which causes the "synthrecord"
system test to fail on platforms on which the Hypothesis module is not
available. Reorganize Python imports in tests_synthrecord.py to fix the
above issue and also to make it more in line with other similar test
scripts.
Follow-up on the discussion on the kasp system test rewrite to pytest.
Closes#5289
Merge branch '5289-kasp-system-test-follow-up-2' into 'main'
See merge request isc-projects/bind9!11043
The type `ns_pluginregister_ctx_t` was initially added to pass plugin
contextual data when the plugin is registered, but this is also now
passed into `plugin_check`. Furthermore, those various data are not
specific to the registration in particular. Rename the type into
`ns_pluginctx_t` for clarity.
Merge branch 'colin/rename-pluginctx-rename' into 'main'
See merge request isc-projects/bind9!11035