Mark Andrews
17d971a405
formally cast to int; use %u instead of %d
2018-02-16 10:20:38 +11:00
Mark Andrews
8aff92c150
formally cast to int
2018-02-16 10:20:38 +11:00
Michał Kępień
3abc7bf264
Merge branch 'fix-loadpending-handling' into 'master'
...
Fix DNS_ZONEFLG_LOADPENDING handling
See merge request isc-projects/bind9!22
2018-02-15 16:18:32 -05:00
Evan Hunt
883a9485e9
[master] copyrights
2018-02-15 11:56:13 -08:00
Michał Kępień
f5079bb877
Do not recheck DNS_ZONEFLG_LOADPENDING in zone_asyncload()
...
Remove a block of code which dates back to commit 8a2ab2b920
2018-02-15 20:31:54 +01:00
Michał Kępień
b9e9361c7b
Asynchronous zone load events have no way of getting canceled
...
Code handling cancellation of asynchronous zone load events was likely
copied over from other functions when asynchronous zone loading was
first implemented in commit 8a2ab2b920
2018-02-15 20:31:53 +01:00
Michał Kępień
29b7efdd9f
Only clear DNS_ZONEFLG_LOADPENDING in zone_asyncload() if zone loading is completed immediately
...
zone_load() is not always synchronous, it may only initiate an
asynchronous load and return DNS_R_CONTINUE, which means zone loading
has not yet been completed. In such a case, zone_asyncload() must not
clear DNS_ZONEFLG_LOADPENDING immediately and leave that up to
zone_postload().
2018-02-15 20:31:51 +01:00
Michał Kępień
0e4fba2ced
Lock zone before checking whether its asynchronous load is already pending
...
While this is not an issue in named, which only calls
dns_zone_asyncload() from task-exclusive mode, this function is exported
by libdns and thus may in theory be concurrently called for the same
zone by multiple threads. It also does not hurt to be consistent
locking-wise with other DNS_ZONEFLG_LOADPENDING accesses.
2018-02-15 20:31:49 +01:00
Petr Menšík
e7a93321f0
Reuse new function from rt46864 for similar block elsewhere.
2018-02-15 12:42:33 +01:00
Ondřej Surý
4ff2d36adc
Remove whole unused ondestroy callback mechanism
2018-02-12 14:49:32 +01:00
Tinderbox User
2fac9b0be6
update copyright notice / whitespace
2018-02-07 23:45:53 +00:00
Mark Andrews
ec771bbdc8
4885. [security] update-policy rules that otherwise ignore the name
...
field now require that it be set to "." to ensure
that any type list present is properly interpreted.
[RT #47126 ]
2018-02-07 13:34:02 +11:00
Tinderbox User
ffac31097d
update copyright notice / whitespace
2018-01-30 23:45:59 +00:00
Mark Andrews
7817caa3c7
4882. [bug] Address potential memory leak in
...
dns_update_signaturesinc. [RT #47084 ]
2018-01-30 15:27:22 +11:00
Mark Andrews
a64503c736
4881. [bug] Only include dst_openssl.h when OpenSSL is required.
...
[RT #47068 ]
2018-01-30 15:21:02 +11:00
Mark Andrews
3ae586b857
4879. [bug] dns_rdata_caa:value_len is was small. [RT #47086 ]
2018-01-30 10:58:56 +11:00
Tinderbox User
47d13972e9
update copyright notice / whitespace
2018-01-24 23:46:02 +00:00
Evan Hunt
52043a7204
[master] change uint to isc_uint
2018-01-24 11:03:05 -08:00
Evan Hunt
7dd2d7f329
[master] update 9.11 api range
2018-01-24 10:22:59 -08:00
Mark Andrews
8b440753b6
[master] address overflow in retry backoff
...
4877. [bug] Address integer overflow when exponentially
backing off retry intervals. [RT #47041 ]
2018-01-24 09:45:01 -08:00
Mark Andrews
b575c4ec42
4876. [bug] Address deadlock with accessing a keytable. [RT #47000 ]
2018-01-24 18:55:56 +11:00
Mark Andrews
83d005de61
4874. [bug] Wrong time display when reporting new keywarntime.
...
[RT #47042 ]
2018-01-24 07:59:07 +11:00
Tinderbox User
3fda67b596
update copyright notice / whitespace
2018-01-22 23:46:02 +00:00
Mukund Sivaraman
8a4ce20172
Don't permit loading meta RR types such as TKEY from master files ( #47009 )
2018-01-22 14:26:04 +05:30
Tinderbox User
38a9d9ba76
update copyright notice / whitespace
2018-01-21 23:45:57 +00:00
Mark Andrews
fdd8838bf9
4869. [bug] Address some cases where NULL with zero length could
...
be passed to memmove which is undefined behaviour and
can lead to bad optimisation. [RT #46888 ]
2018-01-22 09:36:12 +11:00
Tinderbox User
8b8c2990d6
update copyright notice / whitespace
2018-01-17 23:45:56 +00:00
Francis Dupont
614d838acf
Merged rt46864 (check MD5 amd SHA1 support)
2018-01-17 14:33:21 +01:00
Tinderbox User
3d2a6c9949
update copyright notice / whitespace
2018-01-16 23:45:57 +00:00
Michał Kępień
73819362d8
[master] Simplify handling isc_socket_sendto2() return values when flags == 0
...
4865. [cleanup] Simplify handling isc_socket_sendto2() return values.
[RT #46986 ]
2018-01-16 08:33:30 +01:00
Tinderbox User
ed9fea3a6e
update copyright notice / whitespace
2018-01-15 23:46:16 +00:00
Michał Kępień
ae51a676c9
[master] Ensure all master definitions in a catalog zone contain an IP address
...
4864. [bug] named acting as a slave for a catalog zone crashed if
the latter contained a master definition without an IP
address. [RT #45999 ]
2018-01-15 20:50:09 +01:00
Tinderbox User
5ce167be2e
update copyright notice / whitespace
2018-01-12 23:45:54 +00:00
Mukund Sivaraman
f96133826e
Fix various bugs reported by valgrind --tool=memcheck ( #46978 )
2018-01-13 00:33:35 +05:30
Tinderbox User
4b48e307e0
update copyright notice / whitespace
2018-01-10 23:46:37 +00:00
Mark Andrews
7befb67af4
4862. [bug] The rdata flags for RRSIG was not being properly set
...
when constructing a rdataslab. [RT #46978 ]
2018-01-11 09:51:52 +11:00
Tinderbox User
10e49fc83b
update copyright notice / whitespace
2018-01-04 23:45:32 +00:00
Evan Hunt
053b51c4db
[master] block validator deadlock and prevent use-after-free
...
4859. [bug] A loop was possible when attempting to validate
unsigned CNAME responses from secure zones;
this caused a delay in returning SERVFAIL and
also increased the chances of encountering
CVE-2017-3145. [RT #46839 ]
4858. [security] Addresses could be referenced after being freed
in resolver.c, causing an assertion failure.
(CVE-2017-3145) [RT #46839 ]
2018-01-03 19:11:18 -08:00
Tinderbox User
a280a7871d
update copyright notice / whitespace
2018-01-03 23:45:29 +00:00
Mark Andrews
7258b852cf
missing newline in comment
2018-01-03 17:11:12 +11:00
Tinderbox User
903662d5c3
regen master
2017-12-29 01:44:18 +00:00
Tinderbox User
015c017dfa
regen master
2017-12-29 01:04:39 +00:00
Mark Andrews
9f61f6b46b
initalize sigsize to zero; ATF_CHECK_EQ(sigsize, tsig.siglen);
2017-12-22 08:58:20 +11:00
Mark Andrews
4d1bbe308d
4847. [bug] dnssec-dnskey-kskonly was not being honoured for
...
CDS and CDNSKEY. [RT #46755 ]
2017-12-13 12:40:36 +11:00
Mark Andrews
cb8650d875
don't attempt to call isc_buffer_free(&buf) twice; don't attempt to call dns_message_destroy(&msg) twice; don't test for key != NULL
2017-12-12 13:20:56 +11:00
Mark Andrews
63459cdc05
4842. [bug] Conditionally compile opensslecdsa_link.c to avoid
...
warnings about unused function. [RT #46790 ]
2017-12-07 13:26:21 +11:00
Mark Andrews
9d5a0abe81
4841. [bug] Address -fsanitize=undefined warnings. [RT #46786 ]
2017-12-06 21:00:14 +11:00
Mark Andrews
00f5ea91cf
4839. [bug] zone.c:zone_sign was not properly determining
...
if there were active KSK and ZSK keys for
a algorithm when update-check-ksk is true
(default) leaving records unsigned with one or
more DNSKEY algorithms. [RT #46774 ]
2017-12-05 16:09:47 +11:00
Mark Andrews
6fa2a0691e
4838. [bug] zone.c:add_sigs was not properly determining
...
if there were active KSK and ZSK keys for
a algorithm when update-check-ksk is true
(default) leaving records unsigned with one or
more DNSKEY algorithms. [RT #46754 ]
2017-12-05 09:25:09 +11:00
Mark Andrews
196e01da5f
4837. [bug] dns_update_signatures{inc} (add_sigs) was not
...
properly determining if there were active KSK and
ZSK keys for a algorithm when update-check-ksk is
true (default) leaving records unsigned. [RT #46743 ]
2017-12-04 10:03:51 +11:00
Evan Hunt
2f855055ed
[master] prep 9.12.0rc1
2017-11-30 14:39:16 -08:00
Evan Hunt
49a8cd6c01
[master] silence compiler warning
2017-11-30 13:55:34 -08:00
Ondřej Surý
a4a148cf9a
[master] Type the shifted values to isc_uint32_t so the top bit is unsigned (found by UBSAN) [RT #46740 ]
2017-11-30 18:23:35 +01:00
Michał Kępień
2c20fc0d13
[master] Fix LMDB support on OpenBSD; clean up and refactor LMDB-related code
...
4835. [cleanup] Clean up and refactor LMDB-related code. [RT #46718 ]
4834. [port] Fix LMDB support on OpenBSD. [RT #46718 ]
2017-11-30 14:34:04 +01:00
Tinderbox User
dc66c4a49c
update copyright notice / whitespace
2017-11-29 23:45:31 +00:00
Mark Andrews
9ddf7d6c4c
4833. [bug] isc_event_free should check that the event is not
...
linked when called. [RT #46725 ]
4832. [bug] Events were not being removed from zone->rss_events.
[RT #46725 ]
2017-11-30 10:31:44 +11:00
Mark Andrews
0579a11658
4831. [bug] Convert the RRSIG expirytime to 64 bits for
...
comparisions in diff.c:resign. [RT #46710 ]
2017-11-29 15:20:23 +11:00
Mark Andrews
a8c1bfd673
map more entry points to <name>64
2017-11-28 14:08:14 +11:00
Mark Andrews
18c7fa2f93
#define update_recordsandbytes update_recordsandbytes64
2017-11-28 13:58:49 +11:00
Tinderbox User
393135d693
update copyright notice / whitespace
2017-11-27 23:46:24 +00:00
Mark Andrews
c22b540e4c
restore setting header->heap_index to zero in setsigningtime
2017-11-28 06:46:33 +11:00
Michał Kępień
40a90fbf89
[master] Do not use thread-local storage for storing LMDB reader locktable slots
...
4828. [bug] Do not use thread-local storage for storing LMDB reader
locktable slots. [RT #46556 ]
2017-11-27 09:48:10 +01:00
Mark Andrews
19f6a63184
More:
...
4819. [bug] Fully backout the transaction when adding a RRset
to the resigning / removal heaps fails. [RT #46473 ]
2017-11-27 15:15:41 +11:00
Mark Andrews
14e9925868
add missing entries to .def files [RT #46215 ]
2017-11-27 13:49:39 +11:00
Mark Andrews
1dc8208a89
silence %lu vs size_t warning by casting to (unsigned long)
2017-11-24 10:25:37 +11:00
Mark Andrews
6ead410268
in rdbdb.c:setsigningtime stop breaking heap invariant property unless we are going to restore the invariant property
2017-11-24 08:47:52 +11:00
Michał Kępień
165df18f75
[master] Prevent bogus warning from being logged
...
4825. [bug] Prevent a bogus "error during managed-keys processing
(no more)" warning from being logged. [RT #46645 ]
2017-11-23 09:36:04 +01:00
Mark Andrews
2f4e0e5a81
initalise serve_stale_ttl
2017-11-23 16:11:49 +11:00
Mark Andrews
78e1d7cdde
style
2017-11-23 16:09:27 +11:00
Michał Kępień
6035d557c4
[master] Refactor reclimit system test
...
4823. [test] Refactor reclimit system test to improve its
reliability and speed. [RT #46632 ]
2017-11-21 10:32:45 +01:00
Mark Andrews
900215654b
#include <isc/util.h> [RT #46626 ]
2017-11-18 11:22:44 +11:00
Tinderbox User
445cabb392
update copyright notice / whitespace
2017-11-17 23:45:28 +00:00
Mark Andrews
a197094d76
remove out of date comment
2017-11-18 08:50:58 +11:00
Mark Andrews
656eed7c9b
4821. [bug] When resigning ensure that the SOA's expire time is
...
always later that the resigning time of other records.
[RT #46473 ]
4820. [bug] dns_db_subtractrdataset should transfer the resigning
information to the new header. [RT #46473 ]
4819. [bug] Fully backout the transaction when adding a RRset
to the resigning / removal heaps fail. [RT #46473 ]
2017-11-18 07:11:12 +11:00
Mark Andrews
bcce55197a
whitespace
2017-11-14 14:48:41 +11:00
Tinderbox User
3bfc28a0d0
update copyright notice / whitespace
2017-11-13 23:45:33 +00:00
Mark Andrews
e2f9dcfd86
more DNS_NAME_INITABSOLUTE cases
2017-11-14 00:21:50 +11:00
Mark Andrews
31975d85de
remove out of date comment
2017-11-14 00:18:20 +11:00
Mark Andrews
3d905e0533
4817. [cleanup] Use DNS_NAME_INITABSOLUTE and DNS_NAME_INITNONABSOLUTE.
...
[RT #45433 ]
2017-11-13 16:58:12 +11:00
Mark Andrews
04934b28ea
4815. [bug] rbt_test.c:insert_and_delete needed to call
...
dns_rbt_addnode instead of dns_rbt_addname. [RT #46553 ]
2017-11-13 15:26:35 +11:00
Michał Kępień
312c84c73a
[master] Minor improvements to code handling managed keys
...
4812. [bug] Minor improvements to stability and consistency of code
handling managed keys. [RT #46468 ]
2017-11-09 15:18:39 +01:00
Michał Kępień
4034b098d8
[master] Prevent junk from being logged when using "also-notify { <ip> key <keyname>; };"
2017-11-08 09:21:23 +01:00
Mukund Sivaraman
7e1df5182c
[master] isc_rng_randombytes()
...
4807. [cleanup] isc_rng_randombytes() returns a specified number of
bytes from the PRNG; this is now used instead of
calling isc_rng_random() multiple times. [RT #46230 ]
2017-11-06 10:44:37 -08:00
Evan Hunt
8d23105547
[master] prep 9.12.0b2
2017-11-02 11:50:07 -07:00
Evan Hunt
9bb007fd2d
[master] "zoneload" logging category
...
4806. [func] Log messages related to loading of zones are now
directed to the "zoneload" logging category.
[RT #41640 ]
2017-11-01 22:48:12 -07:00
Mark Andrews
6e02359034
tmp should be a (struct in_addr) not (struct in_addr *)
2017-10-31 10:35:07 +11:00
Michał Kępień
c6c1193e39
[master] Improve clarity of keytable unit tests
...
4799. [cleanup] Improve clarity of keytable unit tests. [RT #46407 ]
2017-10-28 19:59:40 +02:00
Evan Hunt
c9f8165a06
[master] tag initializing keys
...
4798. [func] Keys specified in "managed-keys" statements
are tagged as "initializing" until they have been
updated by a key refresh query. If initialization
fails it will be visible from "rndc secroots".
[RT #46267 ]
2017-10-27 15:49:44 -07:00
Evan Hunt
06049b1c6c
[master] stats counter for priming queries
...
4795. [func] A new statistics counter has been added to track
priming queries. [RT #46313 ]
2017-10-26 21:38:43 -07:00
Tinderbox User
08f18efba2
update copyright notice / whitespace
2017-10-26 23:45:58 +00:00
Mark Andrews
c341e524dc
address resource leak [RT #46413 ]
2017-10-27 09:58:55 +11:00
Evan Hunt
5b69d3da83
[master] check file and tree headers when loading map files
...
4792. [bug] Fix map file header correctness check. [RT #38418 ]
2017-10-25 21:37:00 -07:00
Evan Hunt
89d1777560
[master] clean up DNS_MESSAGETEXTFLAG comments
2017-10-25 21:33:24 -07:00
Tinderbox User
8e2a8a3855
update copyright notice / whitespace
2017-10-25 23:47:47 +00:00
Evan Hunt
aebdc6cd7d
[master] log when update-policy local gets a key match from a remote host
...
4788. [cleanup] When using "update-policy local", log a warning
when an update matching the session key is received
from a remote host. [RT #46213 ]
- this completes change #4762 .
2017-10-25 00:58:11 -07:00
Michał Kępień
910a01550a
[master] Rename nsec3param_salt_totext() to dns_nsec3param_salttotext(), make it public, add unit tests
...
4786. [cleanup] Turn nsec3param_salt_totext() into a public function,
dns_nsec3param_salttotext(), and add unit tests for it.
[RT #46289 ]
2017-10-25 09:46:18 +02:00
Evan Hunt
65314b0fd8
[master] "enable-filter-aaaa" no longer optional
...
4786. [func] The "filter-aaaa-on-v4" and "filter-aaaa-on-v6"
options are no longer conditionally compiled.
[RT #46340 ]
2017-10-25 00:33:51 -07:00
Michał Kępień
a94d68ce43
[master] Remove REQUIRE preventing change 4592 from working
...
Change 4592 was supposed to replace a REQUIRE with a conditional return.
While the latter was added, the former was not removed. Remove the
relevant REQUIRE to fix RT #43822 for good.
2017-10-24 21:11:31 +02:00
Evan Hunt
7810817b71
[master] update B.ROOT-SERVERS.NET
2017-10-24 09:17:08 -07:00
Mark Andrews
c9438ee2e0
4779. [bug] Expire NTA at the start of the second. Don't update
...
the expiry value if the record has already expired
after a successful check. [RT #46368 ]
2017-10-24 09:54:25 +11:00
