1. 27 Nov, 2019 1 commit
  2. 20 Nov, 2019 1 commit
  3. 08 Nov, 2019 1 commit
    • Michał Kępień's avatar
      Split release notes into per-version sections · 2f37ab1d
      Michał Kępień authored
      Intertwining release notes from different BIND releases in a single XML
      file has caused confusion in the past due to different (and often
      arbitrary) approaches to keeping/removing release notes from older
      releases on different BIND branches.  Divide doc/arm/notes.xml into
      per-version sections to simplify determining the set of changes
      introduced by a given release and to make adding/reviewing release notes
      less error-prone.
      2f37ab1d
  4. 07 Nov, 2019 6 commits
    • Evan Hunt's avatar
      remove ISC_QUEUE as it is no longer used · b9a5508e
      Evan Hunt authored
      b9a5508e
    • Evan Hunt's avatar
      convert ns_client and related objects to use netmgr · 53f0b6c3
      Evan Hunt authored
      - ns__client_request() is now called by netmgr with an isc_nmhandle_t
        parameter. The handle can then be permanently associated with an
        ns_client object.
      - The task manager is paused so that isc_task events that may be
        triggred during client processing will not fire until after the netmgr is
        finished with it. Before any asynchronous event, the client MUST
        call isc_nmhandle_ref(client->handle), to prevent the client from
        being reset and reused while waiting for an event to process. When
        the asynchronous event is complete, isc_nmhandle_unref(client->handle)
        must be called to ensure the handle can be reused later.
      - reference counting of client objects is now handled in the nmhandle
        object.  when the handle references drop to zero, the client's "reset"
        callback is used to free temporary resources and reiniialize it,
        whereupon the handle (and associated client) is placed in the
        "inactive handles" queue.  when the sysstem is shutdown and the
        handles are cleaned up, the client's "put" callback is called to free
        all remaining resources.
      - because client allocation is no longer handled in the same way,
        the '-T clienttest' option has now been removed and is no longer
        used by any system tests.
      - the unit tests require wrapping the isc_nmhandle_unref() function;
        when LD_WRAP is supported, that is used. otherwise we link a
        libwrap.so interposer library and use that.
      53f0b6c3
    • Witold Krecicki's avatar
      netmgr: libuv-based network manager · 70397f9d
      Witold Krecicki authored
      This is a replacement for the existing isc_socket and isc_socketmgr
      implementation. It uses libuv for asynchronous network communication;
      "networker" objects will be distributed across worker threads reading
      incoming packets and sending them for processing.
      
      UDP listener sockets automatically create an array of "child" sockets
      so each worker can listen separately.
      
      TCP sockets are shared amongst worker threads.
      
      A TCPDNS socket is a wrapper around a TCP socket, which handles the
      the two-byte length field at the beginning of DNS messages over TCP.
      
      (Other wrapper socket types can be implemented in the future to handle
      DNS over TLS, DNS over HTTPS, etc.)
      70397f9d
    • Evan Hunt's avatar
      a8c814cb
    • Witold Krecicki's avatar
      implement fetch-and-add array queue data structure · 402969bf
      Witold Krecicki authored
      this is a lockless queue based on hazard pointers.
      402969bf
    • Witold Krecicki's avatar
      implement hazard pointer data structure · aa57fa70
      Witold Krecicki authored
      this is a mechanism to allow safe lock-free data structures.
      aa57fa70
  5. 06 Nov, 2019 10 commits
    • Matthijs Mekking's avatar
      dnssec-policy inheritance from options/view · 5f464d15
      Matthijs Mekking authored
      'dnssec-policy' can now also be set on the options and view level and
      a zone that does not set 'dnssec-policy' explicitly will inherit it
      from the view or options level.
      
      This requires a new keyword to be introduced: 'none'.  If set to
      'none' the zone will not be DNSSEC maintained, in other words it will
      stay unsigned.  You can use this to break the inheritance.  Of course
      you can also break the inheritance by referring to a different
      policy.
      
      The keywords 'default' and 'none' are not allowed when configuring
      your own dnssec-policy statement.
      
      Add appropriate tests for checking the configuration (checkconf)
      and add tests to the kasp system test to verify the inheritance
      works.
      
      Edit the kasp system test such that it can deal with unsigned zones
      and views (so setting a TSIG on the query).
      5f464d15
    • Matthijs Mekking's avatar
      Add kasp tests · c9f1ec83
      Matthijs Mekking authored
      Add more tests for kasp:
      
      - Add tests for different algorithms.
      
      - Add a test to ensure that an edit in an unsigned zone is
        picked up and properly signed.
      
      - Add two tests that ensures that a zone gets signed when it is
        configured as so-called 'inline-signing'.  In other words, a
        secondary zone that is configured with a 'dnssec-policy'.  A zone
        that is transferred over AXFR or IXFR will get signed.
      
      - Add a test to ensure signatures are reused if they are still
        fresh enough.
      
      - Adds two more tests to verify that expired and unfresh signatures
        will be regenerated.
      
      - Add tests for various cases with keys already available in the
        key-directory.
      c9f1ec83
    • Matthijs Mekking's avatar
      Introduce keymgr in named · 7e7aa538
      Matthijs Mekking authored
      Add a key manager to named.  If a 'dnssec-policy' is set, 'named'
      will run a key manager on the matching keys.  This will do a couple
      of things:
      
      1. Create keys when needed (in case of rollover for example)
         according to the set policy.
      
      2. Retire keys that are in excess of the policy.
      
      3. Maintain key states according to "Flexible and Robust Key
         Rollover" [1]. After key manager ran, key files will be saved to
         disk.
      
         [1] https://matthijsmekking.nl/static/pdf/satin2012-Schaeffer.pdf
      
      KEY GENERATION
      
      Create keys according to DNSSEC policy.  Zones configured with
      'dnssec-policy' will allow 'named' to create DNSSEC keys (similar
      to dnssec-keymgr) if not available.
      
      KEY ROLLOVER
      
      Rather than determining the desired state from timing metadata,
      add a key state goal.  Any keys that are created or picked from the
      key ring and selected to be a successor has its key state goal set
      to OMNIPRESENT (this key wants to be signing!). At the same time,
      a key that is being retired has its key state goal set to HIDDEN.
      
      The keymgr state machine with the three rules will make sure no
      introduction or withdrawal of DNSSEC records happens too soon.
      
      KEY TIMINGS
      
      All timings are based on RFC 7583.
      
      The keymgr will return when the next action is happening so
      that the zone can set the proper rekey event. Prior to this change
      the rekey event will run every hour by default (configurable),
      but with kasp we can determine exactly when we need to run again.
      
      The prepublication time is derived from policy.
      7e7aa538
    • Matthijs Mekking's avatar
      dnssec-keygen can create keys given dnssec-policy · 09ac224c
      Matthijs Mekking authored
      This commit adds code for generating keys with dnssec-keygen given
      a specific dnssec-policy.
      
      The dnssec-policy can be set with a new option '-k'. The '-l'
      option can be used to set a configuration file that contains a
      specific dnssec-policy.
      
      Because the dnssec-policy dictates how the keys should look like,
      many of the existing dnssec-keygen options cannot be used together
      with '-k'.
      
      If the dnssec-policy lists multiple keys, dnssec-keygen has now the
      possibility to generate multiple keys at one run.
      
      Add two tests for creating keys with '-k': One with the default
      policy, one with multiple keys from the configuration.
      09ac224c
    • Matthijs Mekking's avatar
      Add code for creating kasp from config · 7bfac503
      Matthijs Mekking authored
      Add code for creating, configuring, and destroying KASP keys.  When
      using the default policy, create one CSK, no rollover.
      7bfac503
    • Matthijs Mekking's avatar
      Introduce kasp structure · e9ccebd9
      Matthijs Mekking authored
      This stores the dnssec-policy configuration and adds methods to
      create, destroy, and attach/detach, as well as find a policy with
      the same name in a list.
      
      Also, add structures and functions for creating and destroying
      kasp keys.
      e9ccebd9
    • Matthijs Mekking's avatar
      Introduce dnssec-policy configuration · a50d707f
      Matthijs Mekking authored
      This commit introduces the initial `dnssec-policy` configuration
      statement. It has an initial set of options to deal with signature
      and key maintenance.
      
      Add some checks to ensure that dnssec-policy is configured at the
      right locations, and that policies referenced to in zone statements
      actually exist.
      
      Add some checks that when a user adds the new `dnssec-policy`
      configuration, it will no longer contain existing DNSSEC
      configuration options.  Specifically: `inline-signing`,
      `auto-dnssec`, `dnssec-dnskey-kskonly`, `dnssec-secure-to-insecure`,
      `update-check-ksk`, `dnssec-update-mode`, `dnskey-sig-validity`,
      and `sig-validity-interval`.
      
      Test a good kasp configuration, and some bad configurations.
      a50d707f
    • Matthijs Mekking's avatar
      Design documentation 'dnssec-policy' · 1fbd8bb1
      Matthijs Mekking authored
      Initial design document.
      1fbd8bb1
    • Matthijs Mekking's avatar
      Extend ttlval to accept ISO 8601 durations · b7c5bfb2
      Matthijs Mekking authored
      The ttlval configuration types are replaced by duration configuration
      types. The duration is an ISO 8601 duration that is going to be used
      for DNSSEC key timings such as key lifetimes, signature resign
      intervals and refresh periods, etc. But it is also still allowed to
      use the BIND ttlval ways of configuring intervals (number plus
      optional unit).
      
      A duration is stored as an array of 7 different time parts.
      A duration can either be expressed in weeks, or in a combination of
      the other datetime indicators.
      
      Add several unit tests to ensure the correct value is parsed given
      different string values.
      b7c5bfb2
    • Diego dos Santos Fronza's avatar
      Added TCP high-water system tests · 29be224a
      Diego dos Santos Fronza authored
      Note: ans6/ans6.py is a helper script that allows tests.sh to open/close
      TCP connections to some BIND instance.
      29be224a
  6. 04 Oct, 2019 1 commit
  7. 16 Sep, 2019 1 commit
    • Ondřej Surý's avatar
      Replace the OASIS PKCS#11 header file with one from p11-kit · c47fad24
      Ondřej Surý authored
      The OASIS pkcs11.h header has a restrictive license.  Replace the
      pkcs11.h pkcs11f.h and pkcs11t.h headers with pkcs11.h from p11-kit.
      
      For source distribution, the license for the OASIS headers itself
      doesn't pose any licensing problem when combined with MPL license, but
      it possibly creates problem for downstream distributors of BIND 9.
      c47fad24
  8. 12 Sep, 2019 1 commit
  9. 03 Sep, 2019 1 commit
  10. 29 Aug, 2019 1 commit
  11. 27 Aug, 2019 1 commit
  12. 25 Aug, 2019 1 commit
  13. 09 Aug, 2019 3 commits
    • Evan Hunt's avatar
      update docbook grammar, removing dnssec-looksaide · 02d95d0b
      Evan Hunt authored
      - this required modification to the code that generates grammar text for
        the documentation, because the "dnssec-lookaside" option spanned more
        than one line in doc/misc/options, so grepping out only the lines
        marked "// obsolete" didn't remove the whole option.  this commit adds
        an option to cfg_test to print named.conf clauses only if they don't
        have the obsolete, ancient, test-only, or not-yet-implemented flags
        set.
      02d95d0b
    • Evan Hunt's avatar
      remove DLV system tests · 2c87ab1c
      Evan Hunt authored
      2c87ab1c
    • Evan Hunt's avatar
      remove DLV support from dnssec-checkds · 0b2b6b2e
      Evan Hunt authored
      0b2b6b2e
  14. 31 Jul, 2019 1 commit
    • Ondřej Surý's avatar
      The BIND 9 libraries are now internal-only, so remove isc-config.sh · 4b44351e
      Ondřej Surý authored
      The isc-config.sh script was introduced before pkg-config as is a purely
      historical thing.  There are two reason for removal of isc-config.sh scripts:
      
      a) The BIND 9 libraries are now meant to be used only from BIND 9, so there's no
         reason to provide convenience script to link with the libraries.
      
      b) Even if that was not the case, we should and would replace the isc-config.sh
         with respective pkg-config (.pc) file for every library.
      4b44351e
  15. 12 Jul, 2019 1 commit
  16. 09 Jul, 2019 1 commit
  17. 04 Jul, 2019 1 commit
  18. 28 Jun, 2019 1 commit
    • Michał Kępień's avatar
      dnstap-read: clear buffer before expanding it · 3549abe8
      Michał Kępień authored
      When printing a packet, dnstap-read checks whether its text form takes
      up more than the 2048 bytes allocated for the output buffer by default.
      If that is the case, the output buffer is automatically expanded, but
      the truncated output is left in the buffer, resulting in malformed data
      being printed.  Clear the output buffer before expanding it to prevent
      this issue from occurring.
      3549abe8
  19. 27 Jun, 2019 2 commits
    • Evan Hunt's avatar
      add geoip2 system test · 9a1caf99
      Evan Hunt authored
      9a1caf99
    • Evan Hunt's avatar
      add a search for GeoIP2 libraries in configure · fea6b5bf
      Evan Hunt authored
      - "--with-geoip" is used to enable the legacy GeoIP library.
      - "--with-geoip2" is used to enable the new GeoIP2 library
        (libmaxminddb), and is on by default if the library is found.
      - using both "--with-geoip" and "--with-geoip2" at the same time
        is an error.
      - an attempt is made to determine the default GeoIP2 database path at
        compile time if pkg-config is able to report the module prefix. if
        this fails, it will be necessary to set the path in named.conf with
        geoip-directory
      - Makefiles have been updated, and a stub lib/dns/geoip2.c has been
        added for the eventual GeoIP2 search implementation.
      fea6b5bf
  20. 25 Jun, 2019 3 commits
    • Ondřej Surý's avatar
      Make the usage of json-c objects opaque to the caller · e3e68889
      Ondřej Surý authored
      The json-c have previously leaked into the global namespace leading
      to forced -I<include_path> for every compilation unit using isc/xml.h
      header.  This MR fixes the usage making the caller object opaque.
      e3e68889
    • Ondřej Surý's avatar
      Make the usage of libxml2 opaque to the caller · 0771dd3b
      Ondřej Surý authored
      The libxml2 have previously leaked into the global namespace leading
      to forced -I<include_path> for every compilation unit using isc/xml.h
      header.  This MR fixes the usage making the caller object opaque.
      0771dd3b
    • Matthijs Mekking's avatar
      Add tests for DNSSEC sign statistics · a8750a88
      Matthijs Mekking authored
      This adds tests to the statschannel system test for testing if
      the dnskey sign operation counters are incremented correctly.
      
      It tests three cases:
      
      1. A zone maintenance event where all the signatures that are about
         to expire are resigned.
      2. A dynamic update event where the new RR and other relevant records
         (SOA, NSEC) are resigned.
      3. Adding a standby key, that means the DNSKEY and SOA RRset are
         resigned.
      a8750a88
  21. 20 Jun, 2019 1 commit
    • Ondřej Surý's avatar
      Merge unix/app.c and win32/app.c · 5098c954
      Ondřej Surý authored
      The differences between two files are very minimal and most of the
      code is common.  Merge those two files and use #ifdef WIN32 to include
      the right bits on Windows.
      5098c954