1. 21 Oct, 2019 4 commits
  2. 19 Oct, 2019 1 commit
  3. 17 Oct, 2019 1 commit
  4. 16 Oct, 2019 2 commits
    • Michał Kępień's avatar
      Suppress cppcheck 1.89 false positive · db7fd163
      Michał Kępień authored
      cppcheck 1.89 emits a false positive for lib/dns/spnego_asn1.c:
      
          lib/dns/spnego_asn1.c:698:9: error: Uninitialized variable: data [uninitvar]
           memset(data, 0, sizeof(*data));
                  ^
          lib/dns/spnego.c:1707:47: note: Calling function 'decode_NegTokenResp', 3rd argument '&resp' value is <Uninit>
           ret = decode_NegTokenResp(buf + taglen, len, &resp, NULL);
                                                        ^
          lib/dns/spnego_asn1.c:698:9: note: Uninitialized variable: data
           memset(data, 0, sizeof(*data));
                  ^
      
      This message started appearing with cppcheck 1.89 [1], but it will be
      gone in the next release [2], so just suppress it for the time being.
      
      [1] https://github.com/danmar/cppcheck/commit/af214e8212efa303e664920a468de00ee0b1fe3d
      
      [2] https://github.com/danmar/cppcheck/commit/2595b826349a7ffbe1c958b806498b6e336bea33
      db7fd163
    • Michał Kępień's avatar
      Fix cppcheck 1.89 warnings · abfde3d5
      Michał Kępień authored
      cppcheck 1.89 enabled certain value flow analysis mechanisms [1] which
      trigger null pointer dereference false positives in lib/dns/rpz.c:
      
          lib/dns/rpz.c:582:7: warning: Possible null pointer dereference: tgt_ip [nullPointer]
            if (KEY_IS_IPV4(tgt_prefix, tgt_ip)) {
                ^
          lib/dns/rpz.c:1419:44: note: Calling function 'adj_trigger_cnt', 4th argument 'NULL' value is 0
            adj_trigger_cnt(rpzs, rpz_num, rpz_type, NULL, 0, true);
                                                     ^
          lib/dns/rpz.c:582:7: note: Null pointer dereference
            if (KEY_IS_IPV4(tgt_prefix, tgt_ip)) {
                ^
          lib/dns/rpz.c:596:7: warning: Possible null pointer dereference: tgt_ip [nullPointer]
            if (KEY_IS_IPV4(tgt_prefix, tgt_ip)) {
                ^
          lib/dns/rpz.c:1419:44: note: Calling function 'adj_trigger_cnt', 4th argument 'NULL' value is 0
            adj_trigger_cnt(rpzs, rpz_num, rpz_type, NULL, 0, true);
                                                     ^
          lib/dns/rpz.c:596:7: note: Null pointer dereference
            if (KEY_IS_IPV4(tgt_prefix, tgt_ip)) {
                ^
          lib/dns/rpz.c:610:7: warning: Possible null pointer dereference: tgt_ip [nullPointer]
            if (KEY_IS_IPV4(tgt_prefix, tgt_ip)) {
                ^
          lib/dns/rpz.c:1419:44: note: Calling function 'adj_trigger_cnt', 4th argument 'NULL' value is 0
            adj_trigger_cnt(rpzs, rpz_num, rpz_type, NULL, 0, true);
                                                     ^
          lib/dns/rpz.c:610:7: note: Null pointer dereference
            if (KEY_IS_IPV4(tgt_prefix, tgt_ip)) {
                ^
      
      It seems that cppcheck no longer treats at least some REQUIRE()
      assertion failures as fatal, so add extra assertion macro definitions to
      lib/isc/include/isc/util.h that are only used when the CPPCHECK
      preprocessor macro is defined; these definitions make cppcheck 1.89
      behave as expected.
      
      There is an important requirement for these custom definitions to work:
      cppcheck must properly treat abort() as a function which does not
      return.  In order for that to happen, the __GNUC__ macro must be set to
      a high enough number (because system include directories are used and
      system headers compile attributes away if __GNUC__ is not high enough).
      __GNUC__ is thus set to the major version number of the GCC compiler
      used, which is what that latter does itself during compilation.
      
      [1] https://github.com/danmar/cppcheck/commit/aaeec462e6d96bb70c2b1cf030979d09e2d7c959
      abfde3d5
  5. 15 Oct, 2019 10 commits
    • Michał Kępień's avatar
      Merge branch 'michal/cleanup-with-cc-alg-remnants' into 'master' · 15b8f92a
      Michał Kępień authored
      Remove remnants of the --with-cc-alg option
      
      See merge request !2436
      15b8f92a
    • Michał Kępień's avatar
      Remove remnants of the --with-cc-alg option · 428dcf3b
      Michał Kępień authored
      Commit afa81ee4 omitted some spots in
      the source tree which are still referencing the removed --with-cc-alg
      "configure" option.  Make sure the latter is removed completely.
      428dcf3b
    • Michał Kępień's avatar
      Merge branch 'michal/limit-triggers-for-openbsd-system-test-jobs' into 'master' · 2007a7d2
      Michał Kępień authored
      Limit triggers for OpenBSD system test jobs
      
      See merge request !2468
      2007a7d2
    • Michał Kępień's avatar
      Limit triggers for OpenBSD system test jobs · 603e0456
      Michał Kępień authored
      When a GitLab CI runner is not under load, a single OpenBSD system test
      job completes in about 12 minutes, which is considered decent.  However,
      such jobs are usually multiplexed with other system test jobs on the
      same host, which causes each of them to take even 40 minutes to
      complete.  Taking retries into account, this is completely unacceptable
      for everyday use, so only start OpenBSD system test jobs for pipelines
      created through GitLab's web interface and for pipelines created for Git
      tags.
      603e0456
    • Michał Kępień's avatar
      Merge branch 'michal/minor-gitlab-ci-tweaks' into 'master' · 818d2bed
      Michał Kępień authored
      Minor GitLab CI tweaks
      
      See merge request !2435
      818d2bed
    • Michał Kępień's avatar
      Tweak dependencies for the Windows build job · dd97dfdc
      Michał Kępień authored
      Since the Windows build job does not use the files created as a result
      of running "autoreconf -fi" in the "autoreconf:sid:amd64" job, set its
      dependencies to an empty list.
      
      Since it is currently not possible to use "needs: []" for jobs which do
      not belong to the first stage of a pipeline, set the "needs" key for the
      Windows build job to the "autoreconf:sid:amd64" job so that all build
      jobs are started at the same time (without this change, the Windows
      build job does not start until all jobs in the "precheck" stage are
      finished).
      
      As a side note, these changes also attempt to eliminate intermittent,
      bogus GitLab error messages ("There has been a missing dependency
      failure").
      dd97dfdc
    • Michał Kępień's avatar
      Fix artifacts created by the "autoreconf" CI job · e83b322f
      Michał Kępień authored
      The intended purpose of the "autoreconf:sid:amd64" GitLab CI job is to
      run "autoreconf -fi" and then pass the updated files on to subsequent
      non-Windows build jobs.  However, the artifacts currently created by
      that job only include files which are not tracked by Git.  Since we
      currently do track e.g. "configure" with Git, the aforementioned job is
      essentially a no-op.  Fix by manually specifying the files generated by
      the "autoreconf:sid:amd64" job that should be passed on to subsequent
      build jobs.
      e83b322f
    • Michał Kępień's avatar
      Merge branch 'michal/add-openbsd-to-gitlab-ci' into 'master' · 175d096e
      Michał Kępień authored
      Add OpenBSD to GitLab CI
      
      Closes #148
      
      See merge request !2434
      175d096e
    • Michał Kępień's avatar
      Add OpenBSD to GitLab CI · 07d2fcb5
      Michał Kępień authored
      Ensure BIND can be tested on OpenBSD in GitLab CI to more quickly catch
      build and test errors on that operating system.
      
      Some notes:
      
        - While GCC is packaged for OpenBSD, only old versions (4.2.1, 4.9.4)
          are readily available and none of them is the default system
          compiler, so we are only doing Clang builds in GitLab CI.
      
        - Unit tests are currently not run on OpenBSD because it ships with an
          old version of kyua which does not handle skipped tests properly.
          These jobs will be added when we move away from using kyua in the
          future as the test code itself works fine.
      
        - All OpenBSD jobs are run inside QEMU virtual machines, using GitLab
          Runner Custom executor.
      07d2fcb5
    • Michał Kępień's avatar
      Work around an OpenBSD "make" quirk · 6b5426e1
      Michał Kępień authored
      Consider the following Makefile:
      
          foo:
          	false
      
      On OpenBSD, the following happens for this Makefile:
      
        - "make foo" returns 1,
        - "make -k foo" returns 0,
        - "make -k -j6 foo" returns 1.
      
      However, if the .NOTPARALLEL pseudo-target is added to this Makefile,
      "make -k -j6 foo" will return 0 as well.
      
      Since bin/tests/Makefile contains the .NOTPARALLEL pseudo-target,
      running "make -k -j6 test" from bin/tests/ on OpenBSD prevents any
      errors from being reported through that command's exit code.
      
      Work around the issue by running "make -k -j6 test" in the
      bin/tests/system/ directory instead as bin/tests/system/Makefile does
      not contain the .NOTPARALLEL pseudo-target and thus things work as
      expected there.
      6b5426e1
  6. 13 Oct, 2019 2 commits
    • Mark Andrews's avatar
      Merge branch... · 69b023e8
      Mark Andrews authored
      Merge branch '1143-a-minor-documentation-issue-consideration-of-parsing-inconsistencies-in-ipv4s-in-address-match-lists-and-in-a-controls-inet-statement' into 'master'
      
      Resolve "A minor documentation issue & consideration of parsing inconsistencies in IPv4s in address match lists and in a controls/inet statement"
      
      Closes #1143
      
      See merge request !2152
      69b023e8
    • Mark Andrews's avatar
  7. 10 Oct, 2019 3 commits
    • Ondřej Surý's avatar
      Merge branch 'u/fanf2/dsdigest-abbr' into 'master' · 67cb24b9
      Ondřej Surý authored
      cleanup: more consistent abbreviated DS digest type mnemonics
      
      See merge request !2440
      67cb24b9
    • Tony Finch's avatar
      cleanup: more consistent abbreviated DS digest type mnemonics · b770ea97
      Tony Finch authored
      BIND supports the non-standard DNSKEY algorithm mnemonic ECDSA256
      everywhere ECDSAP256SHA256 is allowed, and allows algorithm numbers
      interchangeably with mnemonics. This is all done in one place by the
      dns_secalg_fromtext() function.
      
      DS digest types were less consistent: the rdata parser does not allow
      abbreviations like SHA1, but the dnssec-* command line tools do; and
      the command line tools do not alow numeric types though that is the
      norm in rdata.
      
      The command line tools now use the dns_dsdigest_fromtext() function
      instead of rolling their own variant, and dns_dsdigest_fromtext() now
      knows about abbreviated digest type mnemonics.
      b770ea97
    • Ondřej Surý's avatar
      Merge branch 'ondrej/1-week-artifact-expiration' into 'master' · 8c33b127
      Ondřej Surý authored
      Synchronize the lifetime of artifact to 1 week
      
      See merge request !2448
      8c33b127
  8. 09 Oct, 2019 7 commits
  9. 06 Oct, 2019 1 commit
  10. 04 Oct, 2019 9 commits