Commit graph

35637 commits

Author SHA1 Message Date
Michał Kępień
659e0d80fd
Prepare release notes for BIND 9.16.48 2024-02-11 12:10:17 +01:00
Michał Kępień
81ac09c421 Merge branch '4568-fix-isc_ht-case-insensitive-matching-9.16' into 'v9.16.48-release'
[9.16] Fix case insensitive matching in isc_ht hash table implementation

See merge request isc-private/bind9!654
2024-02-11 11:06:57 +00:00
Ondřej Surý
81479eaa63
Add CHANGES note for [GL #4568]
(cherry picked from commit e91884553f)
2024-02-11 11:57:58 +01:00
Ondřej Surý
b9c10a194d
Add a system test for mixed-case data for the same owner
We were missing a test where a single owner name would have multiple
types with a different case.  The generated RRSIGs and NSEC records will
then have different case than the signed records and message parser have
to cope with that and treat everything as the same owner.

(cherry picked from commit a114042059)
2024-02-11 11:57:58 +01:00
Ondřej Surý
f493a83941
Fix case insensitive matching in isc_ht hash table implementation
The case insensitive matching in isc_ht was basically completely broken
as only the hashvalue computation was case insensitive, but the key
comparison was always case sensitive.

(cherry picked from commit 175655b771)
2024-02-11 11:57:58 +01:00
Michał Kępień
90dc9a326d
Merge branch 'prep-release' into v9.16.47-release 2024-02-02 11:20:19 +01:00
Michal Nowak
bab1aa9666
prep 9.16.47 2024-02-02 11:19:57 +01:00
Michal Nowak
830e62aa8e Merge branch 'michal/prepare-documentation-for-bind-9.16.47' into 'v9.16.47-release'
Prepare documentation for BIND 9.16.47

See merge request isc-private/bind9!645
2024-02-02 10:06:42 +00:00
Michał Kępień
83cad74ae2
Prepare release notes for BIND 9.16.47 2024-02-02 09:23:00 +01:00
Michał Kępień
435787efa3 Merge branch 'ondrej/split-taskmgr-9.16' into 'v9.16.47-release'
[9.16] [CVE-2023-50387] Fix KeyTrap

See merge request isc-private/bind9!629
2024-02-01 20:54:47 +00:00
Ondřej Surý
0ab4125801
Add CHANGES and release note for [GL #4424]
(cherry picked from commit c847092a17)
2024-02-01 21:51:07 +01:00
Ondřej Surý
a520fbc047
Optimize selecting the signing key
Don't parse the crypto data before parsing and matching the id and the
algorithm for consecutive DNSKEYs.  This allows us to parse the RData
only in case the other parameters match allowing us to skip keys that
are of no interest to us, but still would consume precious CPU time by
parsing possibly garbage with OpenSSL.

(cherry picked from commit f39cd17a26)
2024-02-01 21:51:07 +01:00
Ondřej Surý
3d206e918b
Don't iterate from start every time we select new signing key
Remember the position in the iterator when selecting the next signing
key.  This should speed up processing for larger DNSKEY RRSets because
we don't have to iterate from start over and over again.

(cherry picked from commit 21af5c9a97)
2024-02-01 21:51:07 +01:00
Mark Andrews
6a65a42528
Fail processing incoming DNS message on first validation failure
Stop processing the DNS validation when first validation failure occurs
in the DNS message.

(cherry picked from commit 0add293477)
2024-02-01 21:51:07 +01:00
Mark Andrews
751b7cc475
Skip revoked keys when selecting DNSKEY in the validation loop
Don't select revoked keys when iterating through DNSKEYs in the DNSSEC
validation routines.

(cherry picked from commit 439e16e4de)
2024-02-01 21:51:07 +01:00
Ondřej Surý
c12608ca93
Split fast and slow task queues
Change the taskmgr (and thus netmgr) in a way that it supports fast and
slow task queues.  The fast queue is used for incoming DNS traffic and
it will pass the processing to the slow queue for sending outgoing DNS
messages and processing resolver messages.

In the future, more tasks might get moved to the slow queues, so the
cached and authoritative DNS traffic can be handled without being slowed
down by operations that take longer time to process.

(cherry picked from commit 1b3b0cef22)
2024-02-01 21:51:07 +01:00
Michał Kępień
a0c78d19f1 Merge branch '4234-confidential-parser-regression-9.16' into 'v9.16.47-release'
[9.16] fix a message parsing regression

See merge request isc-private/bind9!634
2024-02-01 20:29:35 +00:00
Michał Kępień
010a660624
Add a CHANGES entry
(cherry picked from commit 04ba284e1a)
2024-01-31 16:04:59 +01:00
Evan Hunt
f397ff5bb8
fix another message parsing regression
The fix for CVE-2023-4408 introduced a regression in the message
parser, which could cause a crash if an rdata type that can only
occur in the question was found in another section.

(cherry picked from commit 510f1de8a6)
2024-01-31 16:04:59 +01:00
Evan Hunt
0bbb0065e6
fix a message parsing regression
the fix for CVE-2023-4408 introduced a regression in the message
parser, which could cause a crash if duplicate rdatasets were found
in the question section. this commit ensures that rdatasets are
correctly disassociated and freed when this occurs.

(cherry picked from commit 4c19d35614)
2024-01-31 16:04:59 +01:00
Michal Nowak
28d7802525
Merge branch 'prep-release' into v9.16.46-release 2024-01-05 15:25:06 +01:00
Michal Nowak
ac85b33c27
prep 9.16.46 2024-01-05 15:19:34 +01:00
Michal Nowak
cd2bbf7f3e Merge branch 'michal/prepare-documentation-for-bind-9.16.46' into 'v9.16.46-release'
Prepare documentation for BIND 9.16.46

See merge request isc-private/bind9!626
2024-01-05 14:14:15 +00:00
Michał Kępień
0b43bf1a38
Fix Danger rules for flagging release note issues
The logic contained in dangerfile.py incorrectly warns about missing
release note changes for merge requests preparing release documentation
as such merge requests rename files in the doc/notes/ directory.  This
(correctly) causes these files to be passed to dangerfile.py via
danger.git.created_files and danger.git.deleted_files rather than via
danger.git.modified_files, which in turn causes the logic checking the
use of the "Release Notes" label to assume that no release notes are
added, removed, or modified by a given merge request.

Fix by considering all types of file changes (modifications, additions,
and removals - which also covers file renaming) when checking whether a
given merge request modifies release notes.  Update the warning messages
accordingly.

However, when trying to find release notes added by a given merge
request, deleted files must not be considered.  Tweak the logic looking
for GitLab identifiers in the release notes added by a given merge
request so that it only scans modified and added (or renamed) files.

(cherry picked from commit 0fec404c64)
2024-01-05 13:01:26 +01:00
Michał Kępień
86a78021fe
Tweak and reword release notes 2024-01-05 13:01:26 +01:00
Michał Kępień
c53e81a800
Prepare release notes for BIND 9.16.46 2024-01-05 13:01:26 +01:00
Michał Kępień
24b52a62fb Merge branch '4383-security-limit-tree-pruning-overhead-9.16' into 'v9.16.46-release'
[9.16] [CVE-2023-6516] Limit isc_task_send() overhead for tree pruning

See merge request isc-private/bind9!621
2024-01-05 11:49:35 +00:00
Michał Kępień
1237d73cd1
Fix map offsets in the "masterformat" system test
The "masterformat" system test attempts to check named-checkzone
behavior when it is fed corrupt map-format zone files.  However, despite
the RBTDB and RBT structures having evolved over the years, the offsets
at which a valid map-format zone file is malformed by the "masterformat"
test have not been updated accordingly, causing the relevant checks to
introduce a different type of corruption than they were originally meant
to cause:

  - the "bad node header" check originally mangled the 'type' member of
    the rdatasetheader_t structure for cname.example.nil,

  - the "bad node data" check originally mangled the 'serial' and
    'rdh_ttl' members of the rdatasetheader_t structure for
    aaaa.example.nil.

Update the offsets at which the map-format zone file is malformed at by
the "masterformat" system test so that the relevant checks fulfill their
original purpose again.
2024-01-05 12:40:50 +01:00
Michał Kępień
f66150204c
Add CHANGES entry and release note for GL #4383
(cherry picked from commit 04df558d57)
2024-01-05 12:40:50 +01:00
Michał Kępień
c3377cbfaa
Limit isc_task_send() overhead for tree pruning
Instead of issuing a separate isc_task_send() call for every RBTDB node
that triggers tree pruning, maintain a list of nodes from which tree
pruning can be started from and only issue an isc_task_send() call if
pruning has not yet been triggered by another RBTDB node.

The extra queuing overhead eliminated by this change could be remotely
exploited to cause excessive memory use.

As this change modifies struct dns_rbtnode by adding a new 'prunelink'
member to it, bump MAPAPI to prevent any attempts of loading map-format
zone files created using older BIND 9 versions.

(cherry picked from commit 24381cc36d)
2024-01-05 12:40:50 +01:00
Michał Kępień
38a03e5ab9 Merge branch '4334-confidential-dns64-and-serve-stale-bind-9.16' into 'v9.16.46-release'
[9.16] [CVE-2023-5679] Fix a bad interaction between DNS64 and serve-stale

See merge request isc-private/bind9!603
2024-01-05 11:29:58 +00:00
Mark Andrews
549d860b33
Add release note for [GL #4334]
(cherry picked from commit c4faf5c69f)
2024-01-05 12:24:05 +01:00
Mark Andrews
10bfb3de95
Add CHANGES note for [GL #4334]
(cherry picked from commit 26671f8c47)
2024-01-05 12:24:05 +01:00
Mark Andrews
7db2796507
Restore dns64 state during serve-stale processing
If we are in the process of looking for the A records as part of
dns64 processing and the server-stale timeout triggers, redo the
dns64 changes that had been made to the orignal qctx.

(cherry picked from commit 1fcc483df1)
2024-01-05 12:24:05 +01:00
Michał Kępień
283efdde69 Merge branch '4281-confidential-redirect-rfc1918-check-failure-bind-9.16' into 'v9.16.46-release'
[9.16] [CVE-2023-5517] Fix handling of RFC 1918 reverse queries with "nxdomain-redirect" enabled

See merge request isc-private/bind9!613
2024-01-05 11:17:32 +00:00
Mark Andrews
20754ea186
Add release note for [GL #4281]
(cherry picked from commit 2fbafc2675)
2024-01-05 12:10:22 +01:00
Mark Andrews
47d4c0e5a6
Add CHANGES note for [GL #4281]
(cherry picked from commit 0748965b7c)
2024-01-05 12:10:22 +01:00
Mark Andrews
c732624936
Save the correct result value to resume with nxdomain-redirect
The wrong result value was being saved for resumption with
nxdomain-redirect when performing the fetch.  This lead to an assert
when checking that RFC 1918 reverse queries where not leaking to
the global internet.

(cherry picked from commit 9d0fa07c5e)
2024-01-05 12:10:22 +01:00
Michał Kępień
770bb71ce7 Merge branch '4234-confidential-use-hashmap-when-parsing-9.16' into 'v9.16.46-release'
[9.16] [CVE-2023-4408] Use hashtable when parsing DNS messages

See merge request isc-private/bind9!586
2024-01-05 10:58:57 +00:00
Matthijs Mekking
c44965af33
Fix windows build, remove external symbols
The functions dns_message_find and dns_message_movename have been
removed. Remove the symbols from libdns.def.in to fix the windows
build.
2024-01-05 11:52:05 +01:00
Ondřej Surý
1b76796c18
Add CHANGES and release note for [GL #4234]
(cherry picked from commit 30d27928cf)
2024-01-05 11:52:05 +01:00
Ondřej Surý
a4baf32415
Backport isc_ht API changes from BIND 9.18
To prevent allocating large hashtable in dns_message, we need to
backport the improvements to isc_ht API from BIND 9.18+ that includes
support for case insensitive keys and incremental rehashing of the
hashtables.
2024-01-05 11:52:05 +01:00
Ondřej Surý
608707b4f5
Use hashtable when parsing a message
When parsing messages use a hashtable instead of a linear search to
reduce the amount of work done in findname when there's more than one
name in the section.

There are two hashtables:

1) hashtable for owner names - that's constructed for each section when
we hit the second name in the section and destroyed right after parsing
that section;

2) per-name hashtable - for each name in the section, we construct a new
hashtable for that name if there are more than one rdataset for that
particular name.

(cherry picked from commit b8a9631754)
2024-01-05 11:52:05 +01:00
Michał Kępień
fc0434cc3b Merge branch '4182-confidential-fix-races-in-dns-tsigkey-find-9.16' into 'v9.16.46-release'
[9.16] Address race in dns_tsigkey_find()

See merge request isc-private/bind9!623
2024-01-05 10:33:56 +00:00
Mark Andrews
12a476fa9b
Add CHANGES note for [GL #4182]
(cherry picked from commit a62cda787f)
2024-01-05 11:28:25 +01:00
Mark Andrews
ec28eb05db
Address race in dns_tsigkey_find()
Restart the process with a write lock if we discover an expired key
while holding the read lock.

(cherry picked from commit d2ba96488e)
2024-01-05 11:28:25 +01:00
Mark Andrews
f6b7fa0338 Merge branch '4513-system-tests-fail-with-net-dns-1-42-bind-9.16' into 'bind-9.16'
[9.16] Resolve "System tests fail with Net::DNS 1.42"

See merge request isc-projects/bind9!8619
2024-01-03 01:30:58 +00:00
Mark Andrews
16f3d79052 Support Net::DNS::Nameserver 1.42
In Net::DNS 1.42 $ns->main_loop no longer loops.  Use current methods
for starting the server, wait for SIGTERM then cleanup child processes
using $ns->stop_server(), then remove the pid file.

(cherry picked from commit c2c59dea60)
2024-01-03 12:01:14 +11:00
Tom Krizek
719a8ee0e2 Merge branch 'tkrizek/update-sphinx_rtd_theme-9.16' into 'bind-9.16'
[9.16] Update sphinx_rtd_theme and docutils

See merge request isc-projects/bind9!8605
2023-12-20 17:55:08 +00:00
Tom Krizek
c309a04c88
Update sphinx_rtd_theme and docutils
(cherry picked from commit 4156fa09d9)
2023-12-20 18:05:24 +01:00