Remove UNSPEC rrtype

See merge request !1933

Witold Kręcicki authored Feb 27, 2019 and Ondřej Surý committed May 13, 2019

(cherry picked from commit a8e2ca6f)

Resolve "named can crash under udp load on macos"

See merge request !1916

Witold Kręcicki authored Feb 14, 2019 and Witold Krecicki committed May 09, 2019

already sent a recv/send event.

When doing isc_socket_cancel we need to purge the event that might
already be in flight. If it has been launched already we need
to inform it that it has to bail.

(cherry picked from commit 1286d74c)

synchronize 9.12.4-P1 documentation into v9_12

See merge request !1914

Replace atomic operations in bin/named/client.c with isc_refcount reference counting

See merge request !1879

(cherry picked from commit ef49780d)

Resolve "tcp-clients mostly ineffective"

See merge request !1873

Evan Hunt authored Jan 03, 2019 and Ondřej Surý committed Apr 25, 2019

(cherry picked from commit ef15f7360784c5ec7341f3e4856a759cf1e2aedb)
(cherry picked from commit 802600b1)

Evan Hunt authored Feb 22, 2019 and Ondřej Surý committed Apr 25, 2019

in the "refactor tcpquota and pipeline refs" commit, the counting
of active interfaces was tightened in such a way that named could
fail to listen on an interface if there were more interfaces than
tcp-clients. when checking the quota to start accepting on an
interface, if the number of active clients was above zero, then
it was presumed that some other client was able to handle accepting
new connections. this, however, ignored the fact that the current client
could be included in that count, so if the quota was already exceeded
before all the interfaces were listening, some interfaces would never
listen.

we now check whether the current client has been marked active; if so,
then the number of active clients on the interface must be greater
than 1, not 0.

(cherry picked from commit 71fead4c3e03b178d6e6e3ff7592b45cf5f94069)
(cherry picked from commit 78565872)

Evan Hunt authored Feb 06, 2019 and Ondřej Surý committed Apr 25, 2019

- if the TCP quota has been exceeded but there are no clients listening
  for new connections on the interface, we can now force attachment to the
  quota using isc_quota_force(), instead of carrying on with the quota not
  attached.
- the TCP client quota is now referenced via a reference-counted
  'ns_tcpconn' object, one of which is created whenever a client begins
  listening for new connections, and attached to by members of that
  client's pipeline group. when the last reference to the tcpconn
  object is detached, it is freed and the TCP quota slot is released.
- reduce code duplication by adding mark_tcp_active() function
- convert counters to atomic

(cherry picked from commit 7e822237)
(cherry picked from commit 86a7d4c1)

Evan Hunt authored Feb 06, 2019 and Ondřej Surý committed Apr 25, 2019

- ensure that tcpactive is cleaned up correctly when accept() fails.
- set 'client->tcpattached' when the client is attached to the tcpquota.
  carry this value on to new clients sharing the same pipeline group.
  don't call isc_quota_detach() on the tcpquota unless tcpattached is
  set.  this way clients that were allowed to accept TCP connections
  despite being over quota (and therefore, were never attached to the
  quota) will not inadvertently detach from it and mess up the
  accounting.
- simplify the code for tcpquota disconnection by using a new function
  tcpquota_disconnect().
- before deciding whether to reject a new connection due to quota
  exhaustion, check to see whether there are at least two active
  clients. previously, this was "at least one", but that could be
  insufficient if there was one other client in READING state (waiting
  for messages on an open connection) but none in READY (listening
  for new connections).
- before deciding whether a TCP client object can to go inactive, we
  must ensure there are enough other clients to maintain service
  afterward -- both accepting new connections and reading/processing new
  queries.  A TCP client can't shut down unless at least one
  client is accepting new connections and (in the case of pipelined
  clients) at least one additional client is waiting to read.

(cherry picked from commit c7394738)
(cherry picked from commit 7d6518aa)

Michał Kępień authored Jan 17, 2019 and Ondřej Surý committed Apr 25, 2019

Track pipeline groups using a shared reference counter
instead of a linked list.

(cherry picked from commit 72eb9275)
(cherry picked from commit 890dbb82)

Witold Krecicki authored Jan 04, 2019 and Ondřej Surý committed Apr 25, 2019

the TCP client quota could still be ineffective under some
circumstances.  this change:

- improves quota accounting to ensure that TCP clients are
  properly limited, while still guaranteeing that at least one client
  is always available to serve TCP connections on each interface.
- uses more descriptive names and removes one (ntcptarget) that
  was no longer needed
- adds comments

(cherry picked from commit a43fe7cd)
(cherry picked from commit 7278b66c)

Witold Krecicki authored Jan 03, 2019 and Ondřej Surý committed Apr 25, 2019

tcp-clients settings could be exceeded in some cases by
creating more and more active TCP clients that are over
the set quota limit, which in the end could lead to a
DoS attack by e.g. exhaustion of file descriptors.

If TCP client we're closing went over the quota (so it's
not attached to a quota) mark it as mortal - so that it
will be destroyed and not set up to listen for new
connections - unless it's the last client for a specific
interface.

(cherry picked from commit 9ef6eb4c)
(cherry picked from commit 264384fb)

Resolve "CVE-2019-6467: lib/ns/query.c:9176: INSIST(!qctx->is_zone) failed, back trace"

See merge request !1869

Evan Hunt authored Mar 12, 2019 and Ondřej Surý committed Apr 25, 2019

(cherry picked from commit 82b03ce2)

Matthijs Mekking authored Feb 26, 2019 and Ondřej Surý committed Apr 25, 2019

- Always set is_zonep in query_getdb; previously it was only set if
  result was ISC_R_SUCCESS or ISC_R_NOTFOUND.
- Don't reset is_zone for redirect.
- Style cleanup.

(cherry picked from commit 3352270bdbbb39b167072aa282c6b310ffd96a7d)
(cherry picked from commit e2500c60)
(cherry picked from commit 4f00c86e)

Matthijs Mekking authored Feb 26, 2019 and Ondřej Surý committed Apr 25, 2019

(cherry picked from commit 8dc43bc9fe934a0b4729cb1c467e62a73a11ebad)
(cherry picked from commit 6093cc06)
(cherry picked from commit 21c7c65b)

Resolve "pass the correct name to redirect and redirect2"

See merge request !1866

Mark Andrews authored Feb 22, 2019 and Ondřej Surý committed Apr 25, 2019

(cherry picked from commit 29b792a1)

Mark Andrews authored Feb 21, 2019 and Ondřej Surý committed Apr 25, 2019

(cherry picked from commit 8758d36a)
(cherry picked from commit e7826648)
(cherry picked from commit 7c94f4b8)

(v9_12) Refactor the DNS_RDATASET_FIXED code to use macros instead of ifdefs

See merge request !1819

(cherry picked from commit 4edbb773)

Resolve "--enable-fips-mode option breaks build of  hmacmd5.c and md5.c"

See merge request !1733

(cherry picked from commit d3976fe4)

(cherry picked from commit 98a37c9a)

(v9_12) Update and sort the top level .gitignore to ignore automake files

See merge request !1729

(cherry picked from commit b9d524ed)

(cherry picked from commit 5c67d1d1)