1. 13 Jul, 2020 11 commits
  2. 10 Jul, 2020 3 commits
    • Michał Kępień's avatar
      Merge branch '1976-fix-locking-for-lmdb-0.9.26-v9_11' into 'v9_11' · ce18373d
      Michał Kępień authored
      [v9_11] Fix locking for LMDB 0.9.26
      
      See merge request !3832
      ce18373d
    • Michał Kępień's avatar
      Add CHANGES for GL #1976 · 24973401
      Michał Kępień authored
      (cherry picked from commit 7fffa5ab)
      24973401
    • Michał Kępień's avatar
      Fix locking for LMDB 0.9.26 · 25818ac8
      Michał Kępień authored
      When "rndc reconfig" is run, named first configures a fresh set of views
      and then tears down the old views.  Consider what happens for a single
      view with LMDB enabled; "envA" is the pointer to the LMDB environment
      used by the original/old version of the view, "envB" is the pointer to
      the same LMDB environment used by the new version of that view:
      
       1. mdb_env_open(envA) is called when the view is first created.
       2. "rndc reconfig" is called.
       3. mdb_env_open(envB) is called for the new instance of the view.
       4. mdb_env_close(envA) is called for the old instance of the view.
      
      This seems to have worked so far.  However, an upstream change [1] in
      LMDB which will be part of its 0.9.26 release prevents the above
      sequence of calls from working as intended because the locktable mutexes
      will now get destroyed by the mdb_env_close() call in step 4 above,
      causing any subsequent mdb_txn_begin() calls to fail (because all of the
      above steps are happening within a single named process).
      
      Preventing the above scenario from happening would require either
      redesigning the way we use LMDB in BIND, which is not something we can
      easily backport, or redesigning the way BIND carries out its
      reconfiguration process, which would be an even more severe change.
      
      To work around the problem, set MDB_NOLOCK when calling mdb_env_open()
      to stop LMDB from controlling concurrent access to the database and do
      the necessary locking in named instead.  Reuse the view->new_zone_lock
      mutex for this purpose to prevent the need for modifying struct dns_view
      (which would necessitate library API version bumps).  Drop use of
      MDB_NOTLS as it is made redundant by MDB_NOLOCK: MDB_NOTLS only affects
      where LMDB reader locktable slots are stored while MDB_NOLOCK prevents
      the reader locktable from being used altogether.
      
      [1] https://git.openldap.org/openldap/openldap/-/commit/2fd44e325195ae81664eb5dc36e7d265927c5ebc
      
      (cherry picked from commit 53120279)
      25818ac8
  3. 08 Jul, 2020 3 commits
  4. 07 Jul, 2020 1 commit
  5. 02 Jul, 2020 2 commits
  6. 01 Jul, 2020 3 commits
  7. 30 Jun, 2020 3 commits
  8. 29 Jun, 2020 8 commits
  9. 26 Jun, 2020 4 commits
  10. 25 Jun, 2020 2 commits
    • Mark Andrews's avatar
      Merge branch... · bb7d2bb0
      Mark Andrews authored
      Merge branch '1689-bind-stops-dnskey-lookup-in-get_dst_key-when-a-key-with-unsupported-algorithm-is-found-first-v9_11' into 'v9_11'
      
      Resolve "BIND stops DNSKEY lookup in get_dst_key() when a key with unsupported algorithm is found first"
      
      See merge request !3749
      bb7d2bb0
    • Matthijs Mekking's avatar
      Add todo in dnssec system test for [GL #1689] · 7e3777c2
      Matthijs Mekking authored
      Add a note why we don't have a test case for the issue.
      
      It is tricky to write a good test case for this if our tools are
      not allowed to create signatures for unsupported algorithms.
      
      (cherry picked from commit c6345fff)
      7e3777c2