ISC Open Source Projects issueshttps://gitlab.isc.org/groups/isc-projects/-/issues2019-10-14T15:27:50Zhttps://gitlab.isc.org/isc-projects/stork/-/issues/16Need a basic frond-end UI2019-10-14T15:27:50ZTomek MrugalskiNeed a basic frond-end UIAs we decided on last Stork call, we'll use Angular with PrimeNG for front-end.
The goal is to have a very basic initial front-end. At the very minimum, it should:
- print out it's own version
- print out the backend version (see `vers...As we decided on last Stork call, we'll use Angular with PrimeNG for front-end.
The goal is to have a very basic initial front-end. At the very minimum, it should:
- print out it's own version
- print out the backend version (see `version-get` in !4).
- have some very basic installation instructions
- having some unit-tests for it would be great, but we can postpone tests for now0.7Michal NowikowskiMichal Nowikowskihttps://gitlab.isc.org/isc-projects/stork/-/issues/13Stork architecture design2020-05-08T14:26:34ZTomek MrugalskiStork architecture designWe need a high level Stork design. It should cover at least the following:
- overall architecture
- what tasks Stork agent has to do
- backend role, in particular how to handle tasks in the background (such as monitoring for failure eve...We need a high level Stork design. It should cover at least the following:
- overall architecture
- what tasks Stork agent has to do
- backend role, in particular how to handle tasks in the background (such as monitoring for failure events, such as server going down, running out of addresses in dhcp or sending srvfail in dns)
- database interaction
- prometheus integration0.7Marcin SiodelskiMarcin Siodelskihttps://gitlab.isc.org/isc-projects/stork/-/issues/1Create wiki and issue templates2021-03-10T22:17:57ZTomek MrugalskiCreate wiki and issue templatesWe need to start a wiki (both internal and external).We need to start a wiki (both internal and external).0.7Tomek MrugalskiTomek Mrugalskihttps://gitlab.isc.org/isc-projects/bind9/-/issues/1811Follow-up from "Don't set recv/send buffer sizes for udp sockets in netmgr."2020-05-05T12:59:18ZOndřej SurýFollow-up from "Don't set recv/send buffer sizes for udp sockets in netmgr."The following discussion from !3476 should be addressed:
- [ ] @ondrej started a [discussion](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3476#note_128851): (+1 comment)
> I would suggest killing the same code in th...The following discussion from !3476 should be addressed:
- [ ] @ondrej started a [discussion](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3476#note_128851): (+1 comment)
> I would suggest killing the same code in the old networking code.May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)https://gitlab.isc.org/isc-projects/bind9/-/issues/1809Release Checklist for BIND 9.11.19, BIND 9.11.19-S1, BIND 9.14.12, BIND 9.16.32020-06-10T09:16:50ZMichał KępieńRelease Checklist for BIND 9.11.19, BIND 9.11.19-S1, BIND 9.14.12, BIND 9.16.3## Release Schedule
**Code Freeze:** Friday, May 1st, 2020
**Tagging Deadline:** Wednesday, May 6th, 2020
**Public Release:** Tuesday, May 19th, 2020
## Release Checklist
### Before the Code Freeze
- [x] ***(QA)*** Inform Support ...## Release Schedule
**Code Freeze:** Friday, May 1st, 2020
**Tagging Deadline:** Wednesday, May 6th, 2020
**Public Release:** Tuesday, May 19th, 2020
## Release Checklist
### Before the Code Freeze
- [x] ***(QA)*** Inform Support and Marketing of impending release (and give estimated release dates).
- [x] ***(QA)*** Ensure there are no permanent test failures on any platform.
- [x] ***(QA)*** Check Perflab to ensure there has been no unexplained drop in performance for the versions being released.
- [x] ***(QA)*** Check whether all issues assigned to the release milestone are resolved[^1].
- [x] ***(QA)*** Ensure that there are no outstanding merge requests in the private repository[^1] (Subscription Edition only).
- [x] ***(QA)*** Ensure all merge requests marked for backporting have been indeed backported.
### Before the Tagging Deadline
- [x] ***(QA)*** Look for outstanding documentation issues (e.g. `CHANGES` mistakes) and address them if any are found.
- [x] ***(QA)*** Ensure release notes are correct, ask Support and Marketing to check them as well.
- [x] ***(Support)*** Check release notes, ask QA to correct any mistakes found.
- [x] ***(Marketing)*** Check release notes, ask QA to correct any mistakes found.
- [x] ***(SwEng)*** Update API files for libraries with new version information.
- [x] ***(SwEng)*** Change software version and library versions in `configure.ac` (new major release only).
- [x] ***(SwEng)*** Rebuild `configure` using Autoconf on `docs.isc.org`.
- [x] ***(SwEng)*** Update `CHANGES`.
- [x] ***(SwEng)*** Update `CHANGES.SE` (Subscription Edition only).
- [x] ***(SwEng)*** Update `README.md`.
- [x] ***(SwEng)*** Update `version`.
- [x] ***(SwEng)*** Build documentation on `docs.isc.org`.
- [x] ***(QA)*** Check that all the above steps were performed correctly.
- [x] ***(QA)*** Check that the formatting is correct for text, PDF, and HTML versions of release notes.
- [x] ***(SwEng)*** Tag the releases[^2]. (Tags may only be pushed to the public repository for releases which are *not* security releases.)
- [x] ***(SwEng)*** If this is the first tag for a release (e.g. beta), create a release branch named `release_v9_X_Y` to allow development to continue on the maintenance branch whilst release engineering continues.
### Before the ASN Deadline (for ASN Releases) or the Public Release Date (for Regular Releases)
- [x] ***(QA)*** Verify GitLab CI results for the tags created and prepare a QA report for the releases to be published.
- [x] ***(QA)*** Request signatures for the tarballs, providing their location and checksums.
- [x] ***(Signers)*** Validate tarball checksums, sign tarballs, and upload signatures.
- [x] ***(QA)*** Verify tarball signatures and check tarball checksums again.
- [x] ***(Support)*** Pre-publish ASN and/or Subscription Edition tarballs so that packages can be built.
- [x] ***(QA)*** Build and test ASN and/or Subscription Edition packages.
- [x] ***(QA)*** Notify Support that the releases have been prepared.
- [x] ***(Support)*** Send out ASNs (if applicable).
### On the Day of Public Release
- [x] ***(Support)*** Wait for clearance from Security Officer to proceed with the public release (if applicable).
- [x] ***(Support)*** Place tarballs in public location on FTP site.
- [x] ***(Support)*** Publish links to downloads on ISC website.
- [x] ***(Support)*** Write release email to *bind-announce*.
- [x] ***(Support)*** Write email to *bind-users* (if a major release).
- [x] ***(Support)*** Update tickets in case of waiting support customers.
- [x] ***(QA)*** Build and test any outstanding private packages.
- [x] ***(QA)*** Build public packages (`*.deb`, RPMs).
- [x] ***(QA)*** Inform Marketing of the release.
- [x] ***(QA)*** Update the internal [BIND release dates wiki page](https://wiki.isc.org/bin/view/Main/BindReleaseDates) when public announcement has been made.
- [x] ***(Marketing)*** Post short note to Twitter.
- [x] ***(Marketing)*** Update [Wikipedia entry for BIND](https://en.wikipedia.org/wiki/BIND).
- [x] ***(Marketing)*** Write blog article (if a major release).
- [x] ***(QA)*** Ensure all new tags are annotated and signed.
- [x] ***(SwEng)*** Push tags for the published releases to the public repository.
- [x] ***(SwEng)*** Merge the automatically prepared `prep 9.X.Y` commit which updates `version` and documentation on the release branch into the relevant maintenance branch (`v9_X`).
- [x] ***(QA)*** For each maintained branch, update the `BIND_BASELINE_VERSION` variable for the `abi-check:sid:amd64` job in `.gitlab-ci.yml` to the latest published BIND version tag for a given branch.
- [x] ***(QA)*** Prepare empty release notes for the next set of releases.
[^1]: If not, use the time remaining until the tagging deadline to ensure all outstanding issues are either resolved or moved to a different milestone.
[^2]: Preferred command line: `git tag -u <DEVELOPER_KEYID> -a -s -m "BIND 9.X.Y[alphatag]" v9_X_Y[alphatag]`, where `[alphatag]` is an optional string such as `b1`, `rc1`, etc.May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)Vicky Riskvicky@isc.orgVicky Riskvicky@isc.org2020-05-19https://gitlab.isc.org/isc-projects/bind9/-/issues/1807"named-checkconf -z" exit status reflects only the last view loaded2022-01-24T16:35:07ZGraham Clinch"named-checkconf -z" exit status reflects only the last view loaded<!--
If the bug you are reporting is potentially security-related - for example,
if it involves an assertion failure or other crash in `named` that can be
triggered repeatedly - then please do *NOT* report it here, but send an
email to [...<!--
If the bug you are reporting is potentially security-related - for example,
if it involves an assertion failure or other crash in `named` that can be
triggered repeatedly - then please do *NOT* report it here, but send an
email to [security-officer@isc.org](security-officer@isc.org).
-->
### Summary
When processing a named.conf with views, the exit status of 'named-checkconf -z' only reflects whether there were errors whilst loading the final view, even though all zones in all views are processed and errors printed as appropriate.
### BIND version used
```
BIND 9.16.2 (Stable Release) <id:b310dc7>
running on Darwin x86_64 19.4.0 Darwin Kernel Version 19.4.0: Wed Mar 4 22:28:40 PST 2020; root:xnu-6153.101.6~15/RELEASE_X86_64
built by make with '--prefix=/usr/local/Cellar/bind/9.16.2' '--with-json-c' '--with-openssl=/usr/local/opt/openssl@1.1' '--with-libjson=/usr/local/opt/json-c' '--with-python-install-dir=/usr/local/Cellar/bind/9.16.2/libexec/vendor/lib/python3.8/site-packages' '--with-python=/usr/local/opt/python@3.8/bin/python3' '--without-lmdb' 'CC=clang' 'PKG_CONFIG_PATH=/usr/local/opt/json-c/lib/pkgconfig:/usr/local/opt/libuv/lib/pkgconfig:/usr/local/opt/openssl@1.1/lib/pkgconfig:/usr/local/opt/readline/lib/pkgconfig:/usr/local/opt/sqlite/lib/pkgconfig:/usr/local/opt/xz/lib/pkgconfig:/usr/local/opt/python@3.8/lib/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig:/usr/local/Homebrew/Library/Homebrew/os/mac/pkgconfig/10.15'
compiled by CLANG 4.2.1 Compatible Apple LLVM 11.0.3 (clang-1103.0.32.59)
compiled with OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020
linked to OpenSSL version: OpenSSL 1.1.1g 21 Apr 2020
compiled with libxml2 version: 2.9.4
linked to libxml2 version: 20904
compiled with json-c version: 0.13.1
linked to json-c version: 0.13.1
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
threads support is enabled
default paths:
named configuration: /usr/local/Cellar/bind/9.16.2/etc/named.conf
rndc configuration: /usr/local/Cellar/bind/9.16.2/etc/rndc.conf
DNSSEC root key: /usr/local/Cellar/bind/9.16.2/etc/bind.keys
nsupdate session key: /usr/local/Cellar/bind/9.16.2/var/run/named/session.key
named PID file: /usr/local/Cellar/bind/9.16.2/var/run/named/named.pid
named lock file: /usr/local/Cellar/bind/9.16.2/var/run/named/named.lock
```
### Steps to reproduce
Given the configuration files listed later on, and intentionally creating an error by not creating a missing.net zone file:
Running named-checkconf -z against named-missing-last.conf gives an exit status of 1 as expected:
```
$ named-checkconf -d -z named-missing-last.conf
loading "example.net" from "example.net" class "IN"
zone example.net/IN: loaded serial 1
loading "missing.net" from "missing.net" class "IN"
zone missing.net/IN: loading from master file missing.net failed: file not found
zone missing.net/IN: not loaded due to errors.
missing/missing.net/IN: file not found
$ echo $?
1
```
Running named-checkconf -z against named-missing-first.conf should also give an exit status of 1, but does not:
```
$ named-checkconf -d -z named-missing-first.conf
loading "missing.net" from "missing.net" class "IN"
zone missing.net/IN: loading from master file missing.net failed: file not found
zone missing.net/IN: not loaded due to errors.
missing/missing.net/IN: file not found
loading "example.net" from "example.net" class "IN"
zone example.net/IN: loaded serial 1
$ echo $?
0
```
### What is the current *bug* behavior?
The exit status of named-checkconf -z reflects whether there was an error loading the zones in the *final* view.
### What is the expected *correct* behavior?
The exit status of named-checkconf -z should reflect whether there was an error loading the zones in *any* view.
### Relevant configuration files
named-missing-first.conf:
```
view "missing" {
zone "missing.net" {
type master;
file "missing.net";
};
};
view "example" {
zone "example.net" {
type master;
file "example.net";
};
};
```
named-missing-last.conf:
```
view "example" {
zone "example.net" {
type master;
file "example.net";
};
};
view "missing" {
zone "missing.net" {
type master;
file "missing.net";
};
};
```
example.net zone file:
```
$TTL 5
@ SOA ns1.example.net. hostmaster.example.net. 1 300 300 300 300
@ NS ns1.example.net.
ns1 A 127.0.0.1
```
*and no missing.net zone file*
### Possible fixes
bin/check/named-checkconf.c: load_zones_fromconfig() - 'result' (taken from 'tresult') variable appears to be reset by each call to configure_view.May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)https://gitlab.isc.org/isc-projects/bind9/-/issues/1806system and unit clang:asan have incorrect needs2020-05-01T06:41:29ZMark Andrewssystem and unit clang:asan have incorrect needsMay 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)https://gitlab.isc.org/isc-projects/bind9/-/issues/1804util/parse_tsan.py is not pylint clean2020-04-30T07:38:43ZMark Andrewsutil/parse_tsan.py is not pylint cleanMay 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)https://gitlab.isc.org/isc-projects/bind9/-/issues/1797libuv >= 1.37 requires uv_udp_init_ex() to be used for mmsg2020-05-04T10:53:23ZOndřej Surýlibuv >= 1.37 requires uv_udp_init_ex() to be used for mmsglibuv >= 1.37 has changed the way it enabled mmsg, and now `uv_udp_init_ex()` with proper flags needs to be called. We should adapt our code to that.libuv >= 1.37 has changed the way it enabled mmsg, and now `uv_udp_init_ex()` with proper flags needs to be called. We should adapt our code to that.May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/issues/1795Some dnstap data may not be logged in BIND 9.15.6+2020-05-01T13:26:59ZMichał KępieńSome dnstap data may not be logged in BIND 9.15.6+The introduction of netmgr doubled the number of threads from which
dnstap data may be logged: previously, it could only happen from within
taskmgr worker threads; with netmgr, it can happen both from taskmgr
worker threads and from netw...The introduction of netmgr doubled the number of threads from which
dnstap data may be logged: previously, it could only happen from within
taskmgr worker threads; with netmgr, it can happen both from taskmgr
worker threads and from network threads. Since the argument [passed][1]
to `fstrm_iothr_options_set_num_input_queues()` was not updated to
reflect this change, some [calls][2] to `fstrm_iothr_get_input_queue()`
can now return `NULL`, effectively preventing some dnstap data from
being logged. Whether this bug is triggered or not depends on thread
scheduling order and packet distribution between network threads, but
will almost certainly be triggered on any recursive resolver sooner or
later.
This issue has been introduced by !2528 (specifically by commit
53f0b6c34d3fe01c885d8020d155061d55c19477), i.e. it affects BIND 9.15.6+.
It was not caught by the `dnstap` system test for two reasons:
- the problem is rarely triggered in that system test as a low number
of queries is sent to the tested servers,
- another rarely triggered issue (with the test code itself) has been
known to exist before and it has very similar symptoms.
I believe a fix for this issue warrants a release note.
[1]: https://gitlab.isc.org/isc-projects/bind9/-/blob/e2dd8f48b1ec923ef151708628d987fec1e73531/bin/named/server.c#L3680
[2]: https://gitlab.isc.org/isc-projects/bind9/-/blob/e2dd8f48b1ec923ef151708628d987fec1e73531/lib/dns/dnstap.c#L449-450May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/issues/1783AX_CHECK_COMPILE_FLAG -fno-delete-null-pointer-checks does not fail for clang2020-04-29T16:26:35ZMark AndrewsAX_CHECK_COMPILE_FLAG -fno-delete-null-pointer-checks does not fail for clangMay 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)Mark AndrewsMark Andrewshttps://gitlab.isc.org/isc-projects/bind9/-/issues/1780Fix system tests failing with Automake2020-04-27T14:27:27ZMichał KępieńFix system tests failing with Automake 1. `.gitlab-ci.yml` script for running tests is currently broken as it
hides test failures[^1].
2. A number of system tests (e.g. `rrsetorder`) are consistently
failing.
We should first make CI jobs fail when tests fail and t... 1. `.gitlab-ci.yml` script for running tests is currently broken as it
hides test failures[^1].
2. A number of system tests (e.g. `rrsetorder`) are consistently
failing.
We should first make CI jobs fail when tests fail and then fix the
failures one by one.
[^1]: `( cd bin/tests/system && make -j${TEST_PARALLEL_JOBS:-1} -k check V=1 ) || cat bin/tests/system/test-suite.log`May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)https://gitlab.isc.org/isc-projects/bind9/-/issues/1777Update the build instructions for automake2020-05-01T07:07:24ZOndřej SurýUpdate the build instructions for automakeGo through various README and other documentation files and update the instructions how to build BIND 9 with automake in place.Go through various README and other documentation files and update the instructions how to build BIND 9 with automake in place.May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/issues/1768move dns_peer_t into peer.c2020-04-29T11:54:43ZMark Andrewsmove dns_peer_t into peer.cMay 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)https://gitlab.isc.org/isc-projects/bind9/-/issues/1765create empty release notes for 9.17.2, 9.16.3, 9.11.192020-04-17T06:30:38ZMark Andrewscreate empty release notes for 9.17.2, 9.16.3, 9.11.19May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)https://gitlab.isc.org/isc-projects/bind9/-/issues/1764build 9.16.2/release, @ `make depend`, "fatal error: lib/dns/dnstap.pb-c.h: N...2020-10-30T10:40:21Zpgndbuild 9.16.2/release, @ `make depend`, "fatal error: lib/dns/dnstap.pb-c.h: No such file or directory"building 9.16.2/release on linux/64
config with
```
./configure \
...
--without-pkcs11
--enable-dnstap \
--with-protobuf-c \
--with-libfstrm \
...
```
reports as expected
```
...
=========================================...building 9.16.2/release on linux/64
config with
```
./configure \
...
--without-pkcs11
--enable-dnstap \
--with-protobuf-c \
--with-libfstrm \
...
```
reports as expected
```
...
===============================================================================
Configuration summary:
...
-------------------------------------------------------------------------------
Optional features enabled:
...
!!! Allow 'dnstap' packet logging (--enable-dnstap)
...
-------------------------------------------------------------------------------
Features disabled or unavailable on this platform:
...
!!! Using PKCS#11 for Public-Key Cryptography (--with-native-pkcs11)
...
-------------------------------------------------------------------------------
...
```
on exec of
```
make depend
```
an error's reported,
```
...
make[3]: Leaving directory '/usr/local/src/bind-9.16.2/lib/dns/include'
/bin/sh /usr/local/src/bind-9.16.2/make/mkdep -include /usr/local/src/bind-9.16.2/config.h -I/usr/local/src/bind-9.16.2 -I../.. -I. -I../../lib/dns -Iinclude -I/usr/local/src/bind-9.16.2/lib/dns/include -I../../lib/dns/include -I/usr/local/src/bind-9.16.2/lib/isc/include -I../../lib/isc -I../../lib/isc/include -I../../lib/isc/unix/include -I../../lib/isc/pthreads/include -I/usr/local/openssl11/include -I/usr/include/json-c -I/usr/include/libxml2 -I/var/lib/GeoIP2/include -include /usr/local/src/bind-9.16.2/config.h -I/usr/local/src/bind-9.16.2 -I../.. -I. -I../../lib/dns -Iinclude -I/usr/local/src/bind-9.16.2/lib/dns/include -I../../lib/dns/include -I/usr/local/src/bind-9.16.2/lib/isc/include -I../../lib/isc -I../../lib/isc/include -I../../lib/isc/unix/include -I../../lib/isc/pthreads/include -I/usr/local/openssl11/include -I/usr/include/json-c -I/usr/include/libxml2 -I/var/lib/GeoIP2/include -O3 -Wall -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -fPIC -DPIC -D_GNU_SOURCE -fno-strict-aliasing -Wall -pthread -I/usr/local/lmdb/include -Iyes/include -Iyes/include -fPIC -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat -Wpointer-arith -Wno-missing-field-initializers -fno-strict-aliasing @PKCS11LINKSRCS@ dst_api.c dst_parse.c dst_result.c gssapi_link.c gssapictx.c hmac_link.c openssl_link.c openssldh_link.c opensslecdsa_link.c openssleddsa_link.c opensslrsa_link.c pkcs11rsa_link.c pkcs11ecdsa_link.c pkcs11eddsa_link.c pkcs11.c key.c acl.c adb.c badcache. byaddr.c cache.c callbacks.c clientinfo.c compress.c db.c dbiterator.c dbtable.c diff.c dispatch.c dlz.c dns64.c dnsrps.c dnssec.c ds.c dyndb.c ecs.c fixedname.c forward.c ipkeylist.c iptable.c journal.c kasp.c keydata.c keymgr.c keytable.c lib.c log.c lookup.c master.c masterdump.c message.c name.c ncache.c nsec.c nsec3.c nta.c order.c peer.c portlist.c rbt.c rbtdb.c rcode.c rdata.c rdatalist.c rdataset.c rdatasetiter.c rdataslab.c request.c resolver.c result.c rootns.c rpz.c rrl.c rriterator.c sdb.c sdlz.c soa.c ssu.c ssu_external.c stats.c tcpmsg.c time.c timer.c tkey.c tsec.c tsig.c ttl.c update.c validator.c version.c view.c xfrin.c zone.c zoneverify.c
zonekey.c zt.c client.c ecdb.c dnstap.c dnstap.pb-c.c
!!! gcc-10: error: PKCS11LINKSRCS@: No such file or directory
!!! gcc-10: error: badcache.: No such file or directory
!!! gcc-10: error: dnstap.pb-c.c: No such file or directory
make[2]: Leaving directory '/usr/local/src/bind-9.16.2/lib/dns'
...
making depend in /usr/local/src/bind-9.16.2/bin/tools
make[2]: Entering directory '/usr/local/src/bind-9.16.2/bin/tools'
/bin/sh /usr/local/src/bind-9.16.2/make/mkdep -include /usr/local/src/bind-9.16.2/config.h -I/usr/local/src/bind-9.16.2 -I../.. -I/usr/local/src/bind-9.16.2/lib/dns/include -I../../lib/dns/include -I/usr/local/src/bind-9.16.2/lib/isc/include -I../../lib/isc -I../../lib/isc/include -I../../lib/isc/unix/include -I../../lib/isc/pthreads/include -I/usr/local/src/bind-9.16.2/lib/isccfg/include -I../../lib/isccfg/include -I/usr/local/src/bind-9.16.2/lib/bind9/include -I../../lib/bind9/include -I/usr/local/openssl11/include -I/var/lib/GeoIP2/include -DVERSION="9.16.2" -include /usr/local/src/bind-9.16.2/config.h -I/usr/local/src/bind-9.16.2 -I../.. -I/usr/local/src/bind-9.16.2/lib/dns/include -I../../lib/dns/include -I/usr/local/src/bind-9.16.2/lib/isc/include -I../../lib/isc -I../../lib/isc/include -I../../lib/isc/unix/include -I../../lib/isc/pthreads/include -I/usr/local/src/bind-9.16.2/lib/isccfg/include -I../../lib/isccfg/include -I/usr/local/src/bind-9.16.2/lib/bind9/include -I../../lib/bind9/include -I/usr/local/openssl11/include -I/var/lib/GeoIP2/include -DVERSION="9.16.2" -O3 -Wall -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -fPIC -DPIC -D_GNU_SOURCE -fno-strict-aliasing -Wall -pthread -I/usr/local/lmdb/include -Iyes/include -Iyes/include -fPIC -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat -Wpointer-arith -Wno-missing-field-initializers -fno-strict-aliasing arpaname.c named-journalprint.c named-rrchecker.c nsec3hash.c mdig.c dnstap-read.c named-nzd2nzf.c
!!! dnstap-read.c:51:10: fatal error: lib/dns/dnstap.pb-c.h: No such file or directory
51 | #include "lib/dns/dnstap.pb-c.h"
| ^~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
...
```May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)Mark AndrewsMark Andrewshttps://gitlab.isc.org/isc-projects/bind9/-/issues/1763Implement and improve the PKCS#11 code2020-05-01T14:26:27ZOndřej SurýImplement and improve the PKCS#11 codeThis is umbrella issue for !3326, !3330 and !3029, and !3467.This is umbrella issue for !3326, !3330 and !3029, and !3467.May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/issues/1761BIND fails to run with new libuv 1.362022-06-09T09:35:18ZKlemen MihevcBIND fails to run with new libuv 1.36<!--
If the bug you are reporting is potentially security-related - for example,
if it involves an assertion failure or other crash in `named` that can be
triggered repeatedly - then please do *NOT* report it here, but send an
email ...<!--
If the bug you are reporting is potentially security-related - for example,
if it involves an assertion failure or other crash in `named` that can be
triggered repeatedly - then please do *NOT* report it here, but send an
email to [security-officer@isc.org](security-officer@isc.org).
-->
### Summary
If i upgrade libuv to 1.36, released today bind failes to start and crashes. Recompile of bind does not help.
### BIND version used
```
BIND 9.16.1 (Stable Release) <id:d497c32>
running on Linux x86_64 5.6.4-gentoo #1 SMP Mon Apr 13 17:04:45 CEST 2020
built by make with '--build=x86_64-pc-linux-gnu' '--host=x86_64-pc-linux-gnu' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--datadir=/usr/share' '--sysconfdir=/etc' '--localstatedir=/var/lib' '--docdir=/usr/share/doc/bind-9.16.1' '--htmldir=/usr/share/doc/bind-9.16.1/html' '--with-sysroot=/' '--libdir=/usr/lib64' '--prefix=/usr' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--with-libtool' '--enable-full-report' '--without-readline' '--with-openssl=/usr' '--enable-linux-caps' '--disable-dnsrps' '--disable-dnstap' '--disable-fixed-rrset' '--with-dlz-bdb' '--with-dlopen' '--with-dlz-filesystem' '--with-dlz-stub' '--with-gssapi' '--without-json-c' '--without-dlz-ldap' '--with-dlz-mysql' '--without-dlz-odbc' '--without-dlz-postgres' '--without-lmdb' '--with-python' '--with-libxml2' '--with-zlib' 'build_alias=x86_64-pc-linux-gnu' 'host_alias=x86_64-pc-linux-gnu' 'CFLAGS=-march=native -pipe -O3 -fomit-frame-pointer -I/usr/include/db6.0' 'LDFLAGS=-Wl,-O3 -Wl,--as-needed -Wl,--sort-common -Wl,--hash-style=gnu -L/usr/lib64 -ldl' 'PKG_CONFIG_PATH=/usr/lib64/pkgconfig'
compiled by GCC 9.3.0
compiled with OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020
linked to OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020
compiled with libxml2 version: 2.9.9
linked to libxml2 version: 20909
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
threads support is enabled
```
### Steps to reproduce
Upgrade to new libuv 1.36, restart bind.
### What is the current *bug* behavior?
Crash with following error:
```
15-Apr-2020 23:05:57.838 general: critical: netmgr.c:1000: REQUIRE(worker->recvbuf_inuse) failed, back trace
15-Apr-2020 23:05:57.838 general: critical: #0 0x5629318abbaf in ??
15-Apr-2020 23:05:57.838 general: critical: #1 0x7fc037259d0c in ??
15-Apr-2020 23:05:57.838 general: critical: #2 0x7fc037271eda in ??
15-Apr-2020 23:05:57.838 general: critical: #3 0x7fc0372768fb in ??
15-Apr-2020 23:05:57.838 general: critical: #4 0x7fc03615beea in ??
15-Apr-2020 23:05:57.838 general: critical: #5 0x7fc03615c4eb in ??
15-Apr-2020 23:05:57.838 general: critical: #6 0x7fc03615edd0 in ??
15-Apr-2020 23:05:57.838 general: critical: #7 0x7fc03614e0ca in ??
15-Apr-2020 23:05:57.838 general: critical: #8 0x7fc0372740e9 in ??
15-Apr-2020 23:05:57.838 general: critical: #9 0x7fc03646cea7 in ??
15-Apr-2020 23:05:57.838 general: critical: #10 0x7fc03639ee8f in ??
15-Apr-2020 23:05:57.838 general: critical: exiting (due to assertion failure)
```
### Possible fixes
Reverting libuv back to 1.35 helps :)May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)https://gitlab.isc.org/isc-projects/bind9/-/issues/1760Write a KB article on performance and RW locks2020-05-13T15:54:59ZVicky Riskvicky@isc.orgWrite a KB article on performance and RW locksPlease write a KB article explaining the issue with https://gitlab.isc.org/isc-projects/bind9/issues/1753 and providing some advice about the impact of settings in different scenarios.Please write a KB article explaining the issue with https://gitlab.isc.org/isc-projects/bind9/issues/1753 and providing some advice about the impact of settings in different scenarios.May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/issues/1758Clean the duplicate and not-used code from libirs2020-04-29T12:16:17ZOndřej SurýClean the duplicate and not-used code from libirsThe libirs contains:
* reimplemenation of `getnameinfo()`, `getaddrinfo()`, `freeaddrinfo()`, and `gai_strerror()` - we can drop these
* the `irs_dnsconf` API which is experimental and not used anywhere
The leaves us with irs_resconf a...The libirs contains:
* reimplemenation of `getnameinfo()`, `getaddrinfo()`, `freeaddrinfo()`, and `gai_strerror()` - we can drop these
* the `irs_dnsconf` API which is experimental and not used anywhere
The leaves us with irs_resconf and irs_context APIs.May 2020 (9.11.19, 9.11.19-S1, 9.14.12, 9.16.3)Ondřej SurýOndřej Surý