GitLab

Describe the polynomial backoff curve used in the quota adjustment

Closes #664

See merge request !2519

Add LLVM/Clang scan-build checks into the GitLab CI

Closes #45

See merge request !2452

Related scan-build report:

dnstap_test.c:169:2: warning: Value stored to 'result' is never read
        result = dns_test_makeview("test", &view);
        ^        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
dnstap_test.c:193:2: warning: Value stored to 'result' is never read
        result = dns_compress_init(&cctx, -1, dt_mctx);
        ^        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 warnings generated.

The named_g_defaultdnstap was never used as the dnstap requires
explicit configuration of the output file.

Related scan-build report:

./server.c:3476:14: warning: Value stored to 'dpath' during its initialization is never read
        const char *dpath = named_g_defaultdnstap;
                    ^~~~~   ~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

libdns: Change check_dnskey_sigs() return type to void to match the reality how the function is used

Do not flush the cache for `rndc validation status`

See merge request !2462

And add a note to the man page that `rndc validation` flushes the
cache when the validation state is changed. (It is necessary to flush
the cache when turning on validation, to avoid continuing to use
cryptographically invalid data. It is probably wise to flush the cache
when turning off validation to recover from lameness problems.)

Include all views in output of `rndc validation status`

See merge request !2461

The implementation of `rndc validation status` iterates over all the
views to print their validation status. It takes care to print newlines
in between, but it also used put a nul byte at the end of the first view
which truncated the output.

After this change, the nul byte is added at the end so that it prints
the validation status in all views. The `_bind` view is skipped
because its validation status is irrelevant.

digdelv: Extra quotes prevent IPv6 runs

See merge request !2390

Portion of the digdelv test are skipped on IPv6 due to extra quotes
around $TESTSOCK6: "I:digdelv:IPv6 unavailable; skipping".

Researched by @michal.

Regressed with 351efd88.

Update the git-replay-merge to use the latest GitLab -o options

See merge request !2503

Minor documentation updates

Closes #876

See merge request !2483

Prevent TCP failures from affecting EDNS stats

See merge request !2501

5310.	[bug]		TCP failures were affecting EDNS statistics. [GL #1059]

EDNS mechanisms only apply to DNS over UDP.  Thus, errors encountered
while sending DNS queries over TCP must not influence EDNS timeout
statistics.

Prevent query loops for misbehaving servers

See merge request !2500

If a TCP connection fails while attempting to send a query to a server,
the fetch context will be restarted without marking the target server as
a bad one.  If this happens for a server which:

  - was already marked with the DNS_FETCHOPT_EDNS512 flag,
  - responds to EDNS queries with the UDP payload size set to 512 bytes,
  - does not send response packets larger than 512 bytes,

and the response for the query being sent is larger than 512 byes, then
named will pointlessly alternate between sending UDP queries with EDNS
UDP payload size set to 512 bytes (which are responded to with truncated
answers) and TCP connections until the fetch context retry limit is
reached.  Prevent such query loops by marking the server as bad for a
given fetch context if the advertised EDNS UDP payload size for that
server gets reduced to 512 bytes and it is impossible to reach it using
TCP.

Add a CHANGES placeholder

See merge request !2502

See [GL !2476].