1. 13 Mar, 2020 1 commit
  2. 09 Mar, 2020 1 commit
  3. 28 Feb, 2020 1 commit
  4. 21 Feb, 2020 1 commit
  5. 18 Feb, 2020 1 commit
  6. 17 Feb, 2020 1 commit
  7. 14 Feb, 2020 1 commit
  8. 13 Feb, 2020 3 commits
    • Evan Hunt's avatar
      apply the modified style · e851ed0b
      Evan Hunt authored
      e851ed0b
    • Ondřej Surý's avatar
      Use clang-tidy to add curly braces around one-line statements · 056e133c
      Ondřej Surý authored
      The command used to reformat the files in this commit was:
      
      ./util/run-clang-tidy \
      	-clang-tidy-binary clang-tidy-11
      	-clang-apply-replacements-binary clang-apply-replacements-11 \
      	-checks=-*,readability-braces-around-statements \
      	-j 9 \
      	-fix \
      	-format \
      	-style=file \
      	-quiet
      clang-format -i --style=format $(git ls-files '*.c' '*.h')
      uncrustify -c .uncrustify.cfg --replace --no-backup $(git ls-files '*.c' '*.h')
      clang-format -i --style=format $(git ls-files '*.c' '*.h')
      056e133c
    • Ondřej Surý's avatar
      Use coccinelle to add braces to nested single line statement · 36c6105e
      Ondřej Surý authored
      Both clang-tidy and uncrustify chokes on statement like this:
      
      for (...)
      	if (...)
      		break;
      
      This commit uses a very simple semantic patch (below) to add braces around such
      statements.
      
      Semantic patch used:
      
      @@
      statement S;
      expression E;
      @@
      
      while (...)
      - if (E) S
      + { if (E) { S } }
      
      @@
      statement S;
      expression E;
      @@
      
      for (...;...;...)
      - if (E) S
      + { if (E) { S } }
      
      @@
      statement S;
      expression E;
      @@
      
      if (...)
      - if (E) S
      + { if (E) { S } }
      36c6105e
  9. 12 Feb, 2020 1 commit
  10. 07 Feb, 2020 1 commit
  11. 05 Feb, 2020 3 commits
    • Mark Andrews's avatar
      'dispatch' must be non NULL, remove test. · 891f24fa
      Mark Andrews authored
      10067 cleanup:
      
      	CID 1452683 (#1 of 1): Dereference before null check (REVERSE_INULL)
      	check_after_deref: Null-checking dispatch suggests that it
      	may be null, but it has already been dereferenced on all
      	paths leading to the check.
      
      10068        if (dispatch != NULL)
      10069                isc_mem_put(server->mctx, dispatch, sizeof(*dispatch));
      891f24fa
    • Mark Andrews's avatar
      'dctx' must be non NULL, remove test. · 8456b562
      Mark Andrews authored
      11030 cleanup:
      
      	CID 1452705 (#1 of 1): Dereference before null check
      	(REVERSE_INULL) check_after_deref: Null-checking dctx
      	suggests that it may be null, but it has already been
      	dereferenced on all paths leading to the check.
      
      11031        if (dctx != NULL)
      11032                dumpcontext_destroy(dctx);
      11033        return (result);
      8456b562
    • Mark Andrews's avatar
      remove dead cleanup code. · b6c3a2f1
      Mark Andrews authored
      13836        if (zone != NULL)
      13837                dns_zone_detach(&zone);
      
           	null: At condition dz != NULL, the value of dz must be NULL.
           	dead_error_condition: The condition dz != NULL cannot be true.
      
      13838        if (dz != NULL) {
      
      	CID 1453456 (#1 of 1): Logically dead code (DEADCODE)
      	dead_error_begin: Execution cannot reach this statement:
      	dns_zone_detach(&dz->zone);.
      
      13839                dns_zone_detach(&dz->zone);
      13840                isc_mem_put(named_g_mctx, dz, sizeof(*dz));
      13841        }
      b6c3a2f1
  12. 03 Feb, 2020 1 commit
  13. 14 Jan, 2020 2 commits
  14. 13 Jan, 2020 2 commits
    • Evan Hunt's avatar
      associate socket stats counters with netmgr socket objects · 80a5c9f5
      Evan Hunt authored
      - the socket stat counters have been moved from socket.h to stats.h.
      - isc_nm_t now attaches to the same stats counter group as
        isc_socketmgr_t, so that both managers can increment the same
        set of statistics
      - isc__nmsocket_init() now takes an interface as a paramter so that
        the address family can be determined when initializing the socket.
      - based on the address family and socket type, a group of statistics
        counters will be associated with the socket - for example, UDP4Active
        with IPv4 UDP sockets and TCP6Active with IPv6 TCP sockets.  note
        that no counters are currently associated with TCPDNS sockets; those
        stats will be handled by the underlying TCP socket.
      - the counters are not actually used by netmgr sockets yet; counter
        increment and decrement calls will be added in a later commit.
      80a5c9f5
    • Tony Finch's avatar
      Fix line spacing in `rndc secroots` · 5b600c2c
      Tony Finch authored
      Before this change, there was a missing blank line between the
      negative trust anchors for one view, and the heading line for the next
      view. This is because dns_ntatable_totext() omits the last newline.
      There is an example of the incorrect output below; the fixed output
      has a blank line before "Start view auth".
      
      secure roots as of 21-Oct-2019 12:03:23.500:
      
       Start view rec
         Secure roots:
      
      ./RSASHA256/20326 ; managed
      
         Negative trust anchors:
      
      example.com: expiry 21-Oct-2019 13:03:15.000
       Start view auth
         Secure roots:
      
      ./RSASHA256/20326 ; managed
      
         Negative trust anchors:
      
      example.com: expiry 21-Oct-2019 13:03:07.000
      5b600c2c
  15. 06 Dec, 2019 1 commit
    • Matthijs Mekking's avatar
      Minor fixes in trust anchor code · eddac857
      Matthijs Mekking authored
      This commit makes some minor changes to the trust anchor code:
      
      1. Replace the undescriptive n1, n2 and n3 identifiers with slightly
         better rdata1, rdata2, and rdata3.
      2. Fix an occurrence where in the error log message a static number
         32 was printed, rather than the rdata3 length.
      3. Add a default case to the switch statement checking DS digest
         algorithms to catch unknown algorithms.
      eddac857
  16. 05 Dec, 2019 1 commit
  17. 04 Dec, 2019 1 commit
    • Ondřej Surý's avatar
      Refactor the dns_geoip API to use ISC_THREAD_LOCAL · a4ffb640
      Ondřej Surý authored
      Previously, the dns_geoip API used isc_thread_key API for TLS, which is
      fairly complicated and requires initialization of memory contexts, etc.
      This part of code was refactored to use a ISC_THREAD_LOCAL pointer which
      greatly simplifies the whole code related to storing TLS variables, and
      creating the local memory context was moved to named and stored in the
      named_g_geoip global context.
      a4ffb640
  18. 03 Dec, 2019 1 commit
    • Ondřej Surý's avatar
      Refactor the dns_dt API to use ISC_THREAD_LOCAL · 4a3d5894
      Ondřej Surý authored
      Previously, the dns_dt API used isc_thread_key API for TLS, which is
      fairly complicated and requires initialization of memory contexts, etc.
      This part of code was refactored to use a ISC_THREAD_LOCAL pointer which
      greatly simplifies the whole code related to storing TLS variables.
      4a3d5894
  19. 02 Dec, 2019 1 commit
    • Michał Kępień's avatar
      Fix GeoIP2 memory leak upon reconfiguration · 670afbe8
      Michał Kępień authored
      Loaded GeoIP2 databases are only released when named is shut down, but
      not during server reconfiguration.  This causes memory to be leaked
      every time "rndc reconfig" or "rndc reload" is used, as long as any
      GeoIP2 database is in use.  Fix by releasing any loaded GeoIP2 databases
      before reloading them.  Do not call dns_geoip_shutdown() until server
      shutdown as that function releases the memory context used for caching
      GeoIP2 lookup results.
      670afbe8
  20. 29 Nov, 2019 1 commit
  21. 26 Nov, 2019 1 commit
    • Ondřej Surý's avatar
      Request exclusive access when crashing via fatal() · 952d7fde
      Ondřej Surý authored
      When loading the configuration fails, there might be already other tasks
      running and calling OpenSSL library functions.  The OpenSSL on_exit
      handler is called when exiting the main process and there's a timing
      race between the on_exit function that destroys OpenSSL allocated
      resources (threads, locks, ...) and other tasks accessing the very same
      resources leading to a crash in the system threading library. Therefore,
      the fatal() function needs to request exlusive access to the task
      manager to finish the already running tasks and exit only when no other
      tasks are running.
      952d7fde
  22. 23 Nov, 2019 1 commit
    • Evan Hunt's avatar
      netmgr: make TCP timeouts configurable · 199bd6b6
      Evan Hunt authored
      - restore support for tcp-initial-timeout, tcp-idle-timeout,
        tcp-keepalive-timeout and tcp-advertised-timeout configuration
        options, which were ineffective previously.
      199bd6b6
  23. 18 Nov, 2019 1 commit
  24. 15 Nov, 2019 5 commits
    • Evan Hunt's avatar
    • Evan Hunt's avatar
      use DS-style trust anchor to verify 5011 key refresh query · a8f89e9a
      Evan Hunt authored
      note: this also needs further refactoring.
      
      - when initializing RFC 5011 for a name, we populate the managed-keys
        zone with KEYDATA records derived from the initial-key trust anchors.
      
        however, with initial-ds trust anchors, there is no key. but the
        managed-keys zone still must have a KEYDATA record for the name,
        otherwise zone_refreshkeys() won't refresh that key. so, for
        initial-ds trust anchors, we now add an empty KEYDATA record and set
        the key refresh timer so that the real keys will be looked up as soon
        as possible.
      
      - when a key refresh query is done, we verify it against the
        trust anchor; this is done in two ways, one with the DS RRset
        set up during configuration if present, or with the keys linked
        from each keynode in the list if not.  because there are two different
        verification methods, the loop structure is overly complex and should
        be simplified.
      
      - the keyfetch_done() and sync_keyzone() functions are both too long
        and should be broken into smaller functions.
      a8f89e9a
    • Evan Hunt's avatar
      allow DS trust anchors to be set in keytable · 854af5a3
      Evan Hunt authored
      note: this is a frankensteinian kluge which needs further refactoring.
      
      the keytable started as an RBT where the node->data points to a list of
      dns_keynode structures, each of which points to a single dst_key.
      later it was modified so that the list could instead point to a single
      "null" keynode structure, which does not reference a key; this means
      a trust anchor has been configured but the RFC 5011 refresh failed.
      
      in this branch it is further updated to allow the first keynode in
      the list to point to an rdatalist of DS-style trust anchors.  these will
      be used by the validator to populate 'val->dsset' when validating a zone
      key.
      
      a DS style trust anchor can be updated as a result of RFC 5011
      processing to contain DST keys instead; this results in the DS list
      being freed.  the reverse is not possible; attempting to add a DS-style
      trust anchor if a key-style trust anchor is already in place results
      in an error.
      
      later, this should be refactored to use rdatalists for both DS-style
      and key-style trust anchors, but we're keeping the existing code for
      old-style trust anchors for now.
      854af5a3
    • Evan Hunt's avatar
      read DS trust anchors in named.conf · feba4805
      Evan Hunt authored
      (but they aren't used for anything yet)
      feba4805
    • Evan Hunt's avatar
      3fede8a7
  25. 10 Nov, 2019 1 commit
    • Samuel Thibault's avatar
      hurd: Fix build · d10fbdec
      Samuel Thibault authored
      Move PATH_MAX, NAME_MAX, IOV_MAX default definitions to the common
      <isc/platform.h>.
      d10fbdec
  26. 07 Nov, 2019 1 commit
    • Evan Hunt's avatar
      convert ns_client and related objects to use netmgr · 53f0b6c3
      Evan Hunt authored
      - ns__client_request() is now called by netmgr with an isc_nmhandle_t
        parameter. The handle can then be permanently associated with an
        ns_client object.
      - The task manager is paused so that isc_task events that may be
        triggred during client processing will not fire until after the netmgr is
        finished with it. Before any asynchronous event, the client MUST
        call isc_nmhandle_ref(client->handle), to prevent the client from
        being reset and reused while waiting for an event to process. When
        the asynchronous event is complete, isc_nmhandle_unref(client->handle)
        must be called to ensure the handle can be reused later.
      - reference counting of client objects is now handled in the nmhandle
        object.  when the handle references drop to zero, the client's "reset"
        callback is used to free temporary resources and reiniialize it,
        whereupon the handle (and associated client) is placed in the
        "inactive handles" queue.  when the sysstem is shutdown and the
        handles are cleaned up, the client's "put" callback is called to free
        all remaining resources.
      - because client allocation is no longer handled in the same way,
        the '-T clienttest' option has now been removed and is no longer
        used by any system tests.
      - the unit tests require wrapping the isc_nmhandle_unref() function;
        when LD_WRAP is supported, that is used. otherwise we link a
        libwrap.so interposer library and use that.
      53f0b6c3
  27. 06 Nov, 2019 4 commits
    • Matthijs Mekking's avatar
      dnssec-policy inheritance from options/view · 5f464d15
      Matthijs Mekking authored
      'dnssec-policy' can now also be set on the options and view level and
      a zone that does not set 'dnssec-policy' explicitly will inherit it
      from the view or options level.
      
      This requires a new keyword to be introduced: 'none'.  If set to
      'none' the zone will not be DNSSEC maintained, in other words it will
      stay unsigned.  You can use this to break the inheritance.  Of course
      you can also break the inheritance by referring to a different
      policy.
      
      The keywords 'default' and 'none' are not allowed when configuring
      your own dnssec-policy statement.
      
      Add appropriate tests for checking the configuration (checkconf)
      and add tests to the kasp system test to verify the inheritance
      works.
      
      Edit the kasp system test such that it can deal with unsigned zones
      and views (so setting a TSIG on the query).
      5f464d15
    • Matthijs Mekking's avatar
      Adjust signing code to use kasp · c125b721
      Matthijs Mekking authored
      Update the signing code in lib/dns/zone.c and lib/dns/update.c to
      use kasp logic if a dnssec-policy is enabled.
      
      This means zones with dnssec-policy should no longer follow
      'update-check-ksk' and 'dnssec-dnskey-kskonly' logic, instead the
      KASP keys configured dictate which RRset gets signed with what key.
      
      Also use the next rekey event from the key manager rather than
      setting it to one hour.
      
      Mark the zone dynamic, as otherwise a zone with dnssec-policy is
      not eligble for automatic DNSSEC maintenance.
      c125b721
    • Matthijs Mekking's avatar
      Parse dnssec-policy config into kasp · 2924b19a
      Matthijs Mekking authored
      Add code that actually stores the configuration into the kasp
      structure and attach it to the appropriate zone.
      2924b19a
    • Matthijs Mekking's avatar
      Extend ttlval to accept ISO 8601 durations · b7c5bfb2
      Matthijs Mekking authored
      The ttlval configuration types are replaced by duration configuration
      types. The duration is an ISO 8601 duration that is going to be used
      for DNSSEC key timings such as key lifetimes, signature resign
      intervals and refresh periods, etc. But it is also still allowed to
      use the BIND ttlval ways of configuring intervals (number plus
      optional unit).
      
      A duration is stored as an array of 7 different time parts.
      A duration can either be expressed in weeks, or in a combination of
      the other datetime indicators.
      
      Add several unit tests to ensure the correct value is parsed given
      different string values.
      b7c5bfb2