1. 24 Jun, 2020 1 commit
  2. 22 Jun, 2020 1 commit
  3. 11 Jun, 2020 1 commit
    • Mark Andrews's avatar
      The dsset returned by dns_keynode_dsset needs to be thread safe. · e5b2eca1
      Mark Andrews authored
      - clone keynode->dsset rather than return a pointer so that thread
        use is independent of each other.
      - hold a reference to the dsset (keynode) so it can't be deleted
        while in use.
      - create a new keynode when removing DS records so that dangling
        pointers to the deleted records will not occur.
      - use a rwlock when accessing the rdatalist to prevent instabilities
        when DS records are added.
      e5b2eca1
  4. 05 Jun, 2020 1 commit
    • Michal Nowak's avatar
      Fix "make dist" · 5bbc6dd7
      Michal Nowak authored
      Make various adjustments necessary to enable "make dist" to build a BIND
      source tarball whose contents are complete enough to build binaries, run
      unit & system tests, and generate documentation on Unix systems.
      
      Known outstanding issues:
      
        - "make distcheck" does not work yet.
        - Tests do not work for out-of-tree source-tarball-based builds.
        - Source tarballs are not complete enough for building on Windows.
      
      All of the above will be addressed in due course.
      5bbc6dd7
  5. 04 Jun, 2020 1 commit
  6. 03 Jun, 2020 1 commit
    • Ondřej Surý's avatar
      Reduce the default value for max-stale-ttl from 1 week to 12 hours · 13fd3ecf
      Ondřej Surý authored
      Originally, the default value for max-stale-ttl was 1 week, which could
      and in some scenarios lead to cache exhaustion on a busy resolvers.
      Picking the default value will always be juggling between value that's
      useful (e.g. keeping the already cached records after they have already
      expired and the upstream name servers are down) and not bloating the
      cache too much (e.g. keeping everything for a very long time).  The new
      default reflects what we think is a reasonable to time to react on both
      sides (upstream authoritative and downstream recursive).
      13fd3ecf
  7. 01 Jun, 2020 2 commits
  8. 29 May, 2020 1 commit
  9. 28 May, 2020 3 commits
  10. 25 May, 2020 4 commits
  11. 13 May, 2020 1 commit
  12. 12 May, 2020 3 commits
  13. 07 May, 2020 1 commit
    • Ondřej Surý's avatar
      Convert the documentation to Sphinx documentation format · 9fb6d11a
      Ondřej Surý authored
      The ARM and the manpages have been converted into Sphinx documentation
      format.
      
      Sphinx uses reStructuredText as its markup language, and many of its
      strengths come from the power and straightforwardness of
      reStructuredText and its parsing and translating suite, the Docutils.
      9fb6d11a
  14. 01 May, 2020 1 commit
    • Michał Kępień's avatar
      Make dnstap work reliably with netmgr · 77dc0918
      Michał Kępień authored
      The introduction of netmgr doubled the number of threads from which
      dnstap data may be logged: previously, it could only happen from within
      taskmgr worker threads; with netmgr, it can happen both from taskmgr
      worker threads and from network threads.  Since the argument passed to
      fstrm_iothr_options_set_num_input_queues() was not updated to reflect
      this change, some calls to fstrm_iothr_get_input_queue() can now return
      NULL, effectively preventing some dnstap data from being logged.
      Whether this bug is triggered or not depends on thread scheduling order
      and packet distribution between network threads, but will almost
      certainly be triggered on any recursive resolver sooner or later.  Fix
      by requesting the correct number of dnstap input queues to be allocated.
      77dc0918
  15. 30 Apr, 2020 1 commit
  16. 28 Apr, 2020 3 commits
  17. 21 Apr, 2020 2 commits
    • Ondřej Surý's avatar
      Complete rewrite the BIND 9 build system · 978c7b2e
      Ondřej Surý authored
      The rewrite of BIND 9 build system is a large work and cannot be reasonable
      split into separate merge requests.  Addition of the automake has a positive
      effect on the readability and maintainability of the build system as it is more
      declarative, it allows conditional and we are able to drop all of the custom
      make code that BIND 9 developed over the years to overcome the deficiencies of
      autoconf + custom Makefile.in files.
      
      This squashed commit contains following changes:
      
      - conversion (or rather fresh rewrite) of all Makefile.in files to Makefile.am
        by using automake
      
      - the libtool is now properly integrated with automake (the way we used it
        was rather hackish as the only official way how to use libtool is via
        automake
      
      - the dynamic module loading was rewritten from a custom patchwork to libtool's
        libltdl (which includes the patchwork to support module loading on different
        systems internally)
      
      - conversion of the unit test executor from kyua to automake ...
      978c7b2e
    • Ondřej Surý's avatar
      Remove files generated by autotools · 4df5a583
      Ondřej Surý authored
      4df5a583
  18. 16 Apr, 2020 2 commits
    • Matthijs Mekking's avatar
      dnssec-policy: to sign inline or not · 644f0d95
      Matthijs Mekking authored
      When dnssec-policy was introduced, it implicitly set inline-signing.
      But DNSSEC maintenance required either inline-signing to be enabled,
      or a dynamic zone.  In other words, not in all cases you want to
      DNSSEC maintain your zone with inline-signing.
      
      Change the behavior and determine whether inline-signing is
      required: if the zone is dynamic, don't use inline-signing,
      otherwise implicitly set it.
      
      You can also explicitly set inline-signing to yes with dnssec-policy,
      the restriction that both inline-signing and dnssec-policy cannot
      be set at the same time is now lifted.
      
      However, 'inline-signing no;' on a non-dynamic zone with a
      dnssec-policy is not possible.
      644f0d95
    • Matthijs Mekking's avatar
      Replace leftover DNSSEC-KEYS with TRUST-ANCHORS · 4b5711fd
      Matthijs Mekking authored
      Change 5332 renamed "dnssec-keys" configuration statement to the
      more descriptive "trust-anchors".  Not all occurrences in the
      documentation had been updated.
      4b5711fd
  19. 15 Apr, 2020 2 commits
    • Ondřej Surý's avatar
      Disable MSB8028 warning · b6c2012d
      Ondřej Surý authored
      All our MSVS Project files share the same intermediate directory.  We
      know that this doesn't cause any problems, so we can just disable the
      detection in the project files.
      
      Example of the warning:
      
        warning MSB8028: The intermediate directory (.\Release\) contains files shared from another project (dnssectool.vcxproj).  This can lead to incorrect clean and rebuild behavior.
      b6c2012d
    • Ondřej Surý's avatar
      Set WarningLevel to Level1 for Release, treat warnings as errors · 789d253e
      Ondřej Surý authored
      Our vcxproj files set the WarningLevel to Level3, which is too verbose
      for a code that needs to be portable.  That basically leads to ignoring
      all the errors that MSVC produces.  This commits downgrades the
      WarningLevel to Level1 and enables treating warnings as errors for
      Release builds.  For the Debug builds the WarningLevel got upgraded to
      Level4, and treating warnings as errors is explicitly disabled.
      
      We should eventually make the code clean of all MSVC warnings, but it's
      a long way to go for Level4, so it's more reasonable to start at Level1.
      
      For reference[1], these are the warning levels as described by MSVC
      documentation:
      
        * /W0 suppresses all warnings. It's equivalent to /w.
        * /W1 displays level 1 (severe) warnings. /W1 is the default setting
          in the command-line compiler.
        * /W2 displays level 1 and level 2 (significant) warnings.
        * /W3 displays level 1, level 2, and level 3 (production quality)
          warnings. /W3 is the default setting in the IDE.
        * /W4 displays level 1, level 2, and level 3 warnings, and all level 4
          (informational) warnings that aren't off by default. We recommend
          that you use this option to provide lint-like warnings. For a new
          project, it may be best to use /W4 in all compilations. This option
          helps ensure the fewest possible hard-to-find code defects.
        * /Wall displays all warnings displayed by /W4 and all other warnings
          that /W4 doesn't include — for example, warnings that are off by
          default.
        * /WX treats all compiler warnings as errors. For a new project, it
          may be best to use /WX in all compilations; resolving all warnings
          ensures the fewest possible hard-to-find code defects.
      
      1. https://docs.microsoft.com/en-us/cpp/build/reference/compiler-option-warning-level?view=vs-2019
      789d253e
  20. 03 Apr, 2020 3 commits
    • Matthijs Mekking's avatar
      Merge if blocks in statschannel.c · 1596d3b4
      Matthijs Mekking authored
      1596d3b4
    • Matthijs Mekking's avatar
      Replace sign operation bool with enum · 44b49955
      Matthijs Mekking authored
      44b49955
    • Matthijs Mekking's avatar
      Redesign dnssec sign statistics · 705810d5
      Matthijs Mekking authored
      The first attempt to add DNSSEC sign statistics was naive: for each
      zone we allocated 64K counters, twice.  In reality each zone has at
      most four keys, so the new approach only has room for four keys per
      zone. If after a rollover more keys have signed the zone, existing
      keys are rotated out.
      
      The DNSSEC sign statistics has three counters per key, so twelve
      counters per zone. First counter is actually a key id, so it is
      clear what key contributed to the metrics.  The second counter
      tracks the number of generated signatures, and the third tracks
      how many of those are refreshes.
      
      This means that in the zone structure we no longer need two separate
      references to DNSSEC sign metrics: both the resign and refresh stats
      are kept in a single dns_stats structure.
      
      Incrementing dnssecsignstats:
      
      Whenever a dnssecsignstat is incremented, we look up the key id
      to see if we already are counting metrics for this key.  If so,
      we update the corresponding operation counter (resign or
      refresh).
      
      If the key is new, store the value in a new counter and increment
      corresponding counter.
      
      If all slots are full, we rotate the keys and overwrite the last
      slot with the new key.
      
      Dumping dnssecsignstats:
      
      Dumping dnssecsignstats is no longer a simple wrapper around
      isc_stats_dump, but uses the same principle.  The difference is that
      rather than dumping the index (key tag) and counter, we have to look
      up the corresponding counter.
      705810d5
  21. 25 Mar, 2020 2 commits
    • Ondřej Surý's avatar
      Fix 'Dereference of null pointer' from scan-build-10 · ddd0d356
      Ondřej Surý authored
      These are mostly false positives, the clang-analyzer FAQ[1] specifies
      why and how to fix it:
      
      > The reason the analyzer often thinks that a pointer can be null is
      > because the preceding code checked compared it against null. So if you
      > are absolutely sure that it cannot be null, remove the preceding check
      > and, preferably, add an assertion as well.
      
      The 4 warnings reported are:
      
      dnssec-cds.c:781:4: warning: Access to field 'base' results in a dereference of a null pointer (loaded from variable 'buf')
                              isc_buffer_availableregion(buf, &r);
                              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      /builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:996:36: note: expanded from macro 'isc_buffer_availableregion'
                                         ^
      /builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:821:16: note: expanded from macro 'ISC__BUFFER_AVAILABLEREGION'
                      (_r)->base = isc_buffer_used(_b);              \
                                   ^~~~~~~~~~~~~~~~~~~
      /builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:152:29: note: expanded from macro 'isc_buffer_used'
              ((void *)((unsigned char *)(b)->base + (b)->used)) /*d*/
                                         ^~~~~~~~~
      1 warning generated.
      
      --
      
      byname_test.c:308:34: warning: Access to field 'fwdtable' results in a dereference of a null pointer (loaded from variable 'view')
                      RUNTIME_CHECK(dns_fwdtable_add(view->fwdtable, dns_rootname,
                                                     ^~~~~~~~~~~~~~
      /builds/isc-projects/bind9/lib/isc/include/isc/util.h:318:52: note: expanded from macro 'RUNTIME_CHECK'
                                                         ^~~~
      /builds/isc-projects/bind9/lib/isc/include/isc/error.h:50:21: note: expanded from macro 'ISC_ERROR_RUNTIMECHECK'
              ((void)(ISC_LIKELY(cond) ||  \
                                 ^~~~
      /builds/isc-projects/bind9/lib/isc/include/isc/likely.h:23:43: note: expanded from macro 'ISC_LIKELY'
                                                  ^
      1 warning generated.
      
      --
      
      ./rndc.c:255:6: warning: Dereference of null pointer (loaded from variable 'host')
              if (*host == '/') {
                  ^~~~~
      1 warning generated.
      
      --
      
      ./main.c:1254:9: warning: Access to field 'sctx' results in a dereference of a null pointer (loaded from variable 'named_g_server')
              sctx = named_g_server->sctx;
                     ^~~~~~~~~~~~~~~~~~~~
      1 warning generated.
      
      References:
      1. https://clang-analyzer.llvm.org/faq.html#null_pointer
      ddd0d356
    • Ondřej Surý's avatar
      Fix 'Dead nested assignment's from scan-build-10 · 262f087b
      Ondřej Surý authored
      The 3 warnings reported are:
      
      os.c:872:7: warning: Although the value stored to 'ptr' is used in the enclosing expression, the value is never actually read from 'ptr'
              if ((ptr = strtok_r(command, " \t", &last)) == NULL) {
                   ^     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      1 warning generated.
      
      --
      
      rpz.c:1117:10: warning: Although the value stored to 'zbits' is used in the enclosing expression, the value is never actually read from 'zbits'
              return (zbits &= x);
                      ^        ~
      1 warning generated.
      
      --
      
      openssleddsa_link.c:532:10: warning: Although the value stored to 'err' is used in the enclosing expression, the value is never actually read from 'err'
              while ((err = ERR_get_error()) != 0) {
                      ^     ~~~~~~~~~~~~~~~
      1 warning generated.
      262f087b
  22. 18 Mar, 2020 1 commit
    • Mark Andrews's avatar
      Refactor the isc_log API so it cannot fail on memory failures · 0b793166
      Mark Andrews authored
      The isc_mem API now crashes on memory allocation failure, and this is
      the next commit in series to cleanup the code that could fail before,
      but cannot fail now, e.g. isc_result_t return type has been changed to
      void for the isc_log API functions that could only return ISC_R_SUCCESS.
      0b793166
  23. 17 Mar, 2020 1 commit
  24. 16 Mar, 2020 1 commit
    • Diego Fronza's avatar
      Added RPZ configuration option "nsdname-wait-recurse" · c786c578
      Diego Fronza authored
      This new option was added to fill a gap in RPZ configuration
      options.
      
      It was possible to instruct BIND wheter NSIP rewritting rules would
      apply or not, as long as the required data was already in cache or not,
      respectively, by means of the option nsip-wait-recurse.
      
      A value of yes (default) could incur a little processing cost, since
      BIND would need to recurse to find NS addresses in case they were not in
      the cache.
      
      This behavior could be changed by setting nsip-wait-recurse value to no,
      in which case BIND would promptly return some error code if the NS IP addresses
      data were not in cache, then BIND would start a recursive query
      in background, so future similar requests would have the required data
      (NS IPs) in cache, allowing BIND to apply NSIP rules accordingly.
      
      A similar feature wasn't available for NSDNAME triggers, so this commit
      adds the option nsdname-wait-recurse to fill this gap, as it was
      expected by couple BIND users.
      c786c578