ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
26,975 Commits 589 Branches 805 Tags
192f777ee8319c4d85d89beacfadb4e9305d46ea
Commit Graph

26975 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ondřej Surý
192f777ee8 Add backtrace_test and nsecify to bin/tests/optional/.gitignore 2018-05-31 12:06:51 +02:00
Ondřej Surý
3dcc303d10 Merge branch '289-fix-non-threaded-and-windows-builds' into 'master' 
Fixup the Windows and non-threaded builds

See merge request isc-projects/bind9!328
 2018-05-31 05:41:46 -04:00
Ondřej Surý
4f6d6919ab Remove thread_local macro from win32 platform.h 2018-05-30 23:03:22 +02:00
Ondřej Surý
29be9cddaf Uninline isc_nonce_buf 2018-05-30 22:43:39 +02:00
Ondřej Surý
e50210c695 Add isc_entropy_get to libisc.def.in 2018-05-30 22:34:57 +02:00
Ondřej Surý
ed3389a72c Remove return from void function 2018-05-30 22:14:38 +02:00
Ondřej Surý
eb242959cb Add nonce.{c,h} and entropy.c to libisc.vcxproj.* 2018-05-30 22:07:51 +02:00
Ondřej Surý
05d7aa5734 Fix various build failures on Windows (Courtesy of rockerinthelocker) 2018-05-30 15:09:55 +02:00
Ondřej Surý
57c3064785 Remove non-existant GUIDs from bind9.sln.in 2018-05-30 13:27:35 +02:00
Ondřej Surý
430e8d6858 Change the _LOCK macro on Windows and the variable initialization to be more VC compatible 2018-05-30 07:28:19 +02:00
Ondřej Surý
12bdee3aa7 Turn the _LOCK/_UNLOCK in xoshiro128** to no-op for non-threaded builds 2018-05-30 06:37:51 +02:00
Ondřej Surý
28e0b2c4c4 Use isc int types to be able to build with old VS 2018-05-30 06:26:05 +02:00
Evan Hunt
b1e2ecbc03 Merge branch '72-supported-platforms' into 'master' 
add PLATFORMS.md file to list supported platforms

Closes #72

See merge request isc-projects/bind9!315
 2018-05-29 22:33:30 -04:00
Evan Hunt
79bf79082b add PLATFORMS.md/PLATFORMS, for a supported platform list 2018-05-29 22:25:27 -04:00
Curtis Blackburn
09aaed4329 Merge branch '301-rpzrecurse-output' into 'master' 
Resolve "output of the rpzrecurse test is incorrect on windows"

Closes #301

See merge request isc-projects/bind9!327
 2018-05-29 22:14:12 -04:00
Evan Hunt
75d348bed6 bits of conf.sh.in and conf.sh.win32 were out of sync 2018-05-29 22:06:09 -04:00
Evan Hunt
02f591f54c Merge branch 'cleanups' into 'master' 
fix missing config.h and win32 symbols

See merge request isc-projects/bind9!326
 2018-05-29 22:05:24 -04:00
Evan Hunt
3abb2db9e8 fix missing config.h and win32 symbols 2018-05-29 18:39:56 -07:00
Ondřej Surý
0369ee1b85 Merge branch '289-add-non-cs-prng' into 'master' 
Change isc_random() to be just PRNG, and add isc_nonce_buf() that uses CSPRNG

Closes #289

See merge request isc-projects/bind9!325
 2018-05-29 17:08:52 -04:00
Ondřej Surý
a3aed02e43 Add CHANGES entry. 
4956.   [func]          Change isc_random() to be just PRNG using xoshiro128**,
                        and add isc_nonce_buf() that uses CSPRNG. [GL #289]
 2018-05-29 22:58:49 +02:00
Ondřej Surý
ce71d94434 Make the xoshiro128plusplus thread-safe 2018-05-29 22:58:49 +02:00
Ondřej Surý
99ba29bc52 Change isc_random() to be just PRNG, and add isc_nonce_buf() that uses CSPRNG 
This commit reverts the previous change to use system provided
entropy, as (SYS_)getrandom is very slow on Linux because it is
a syscall.

The change introduced in this commit adds a new call isc_nonce_buf
that uses CSPRNG from cryptographic library provider to generate
secure data that can be and must be used for generating nonces.
Example usage would be DNS cookies.

The isc_random() API has been changed to use fast PRNG that is not
cryptographically secure, but runs entirely in user space.  Two
contestants have been considered xoroshiro family of the functions
by Villa&Blackman and PCG by O'Neill.  After a consideration the
xoshiro128starstar function has been used as uint32_t random number
provider because it is very fast and has good enough properties
for our usage pattern.

The other change introduced in the commit is the more extensive usage
of isc_random_uniform in places where the usage pattern was
isc_random() % n to prevent modulo bias.  For usage patterns where
only 16 or 8 bits are needed (DNS Message ID), the isc_random()
functions has been renamed to isc_random32(), and isc_random16() and
isc_random8() functions have been introduced by &-ing the
isc_random32() output with 0xffff and 0xff.  Please note that the
functions that uses stripped down bit count doesn't pass our
NIST SP 800-22 based random test.
 2018-05-29 22:58:21 +02:00
Mark Andrews
1a9a1b48d7 Merge branch '286-new-cppcheck-detected-errors' into 'master' 
Resolve "New cppcheck-detected errors"

See merge request isc-projects/bind9!324
 2018-05-28 19:40:53 -04:00
Mark Andrews
e9134b15eb add CHANGES note 2018-05-29 09:28:30 +10:00
Mark Andrews
cb5802e854 work around cppcheck false positive 2018-05-29 09:28:30 +10:00
Evan Hunt
d71ee81676 Merge branch '293-cleanup-radix' into 'master' 
Resolve "Follow-up from "Remove ECS authoritative implementation from BIND""

Closes #293

See merge request isc-projects/bind9!322
 2018-05-28 19:07:20 -04:00
Evan Hunt
3006ccb7f0 improve readability of radix code 
- use RADIX_V4 and RADIX_V6 instead of 0 and 1 as array indices
- remove some unused macros
 2018-05-28 18:45:41 -04:00
Evan Hunt
e7b2b097ed Merge branch 'serve-stale-doc-and-logging' into 'master' 
Serve stale doc and logging

See merge request isc-projects/bind9!323
 2018-05-28 18:38:49 -04:00
Evan Hunt
049777d6c5 CHANGES 2018-05-25 22:10:24 -07:00
Tony Finch
4b442c309d Move serve-stale logging to its own category, so that its verbosity can be curtailed. 2018-05-25 22:00:51 -07:00
Evan Hunt
d1ca21d50a clarify serve-stale documentation, and add a floor for max-stale-ttl 
- added a 1-second floor to max-stale-ttl similar to stale-answer-ttl;
  if set to 0, it will be silently updated to 1.
- fixed the ARM entry on max-stale-ttl, which incorrectly suggested that
  the default was 0 instead of 1 week.
- clarified rndc serve-stale documentation.
 2018-05-25 22:00:37 -07:00
Evan Hunt
58ad54e7a1 Merge branch '245-fix-test-color' into 'master' 
Resolve "rpz test fails to launch ns2 on openbsd"

Closes #245

See merge request isc-projects/bind9!321
 2018-05-25 15:58:32 -04:00
Evan Hunt
1e31fdb76d fix openbsd color-display problem in system test output 2018-05-25 12:47:40 -07:00
Evan Hunt
17871ac914 Merge branch '184-lock-bucket-mapping-is-broken-in-rbtdb-c-when-dns_rbt_usehash-is-not-defined' into 'master' 
Resolve "Lock bucket mapping is broken in rbtdb.c when DNS_RBT_USEHASH is not defined"

Closes #184

See merge request isc-projects/bind9!159
 2018-05-25 12:29:56 -04:00
Evan Hunt
5a509f9e54 CHANGES 2018-05-25 09:12:28 -07:00
Evan Hunt
7fbffa6c44 remove #ifndef DNS_RBT_USEHASH from rbtdb.c 
- this was a compile time option to disable the use of a hash table in
  the RBTDB. the code path without the hash table was buggy and
  untested, and unlikely to be needed by anyone anyway.
 2018-05-25 09:12:17 -07:00
Evan Hunt
5354adc403 Merge branch '32-remove-ecs-auth' into 'master' 
Resolve "Remove ECS authoritative implementation from BIND"

Closes #32

See merge request isc-projects/bind9!219
 2018-05-25 11:31:11 -04:00
Evan Hunt
9f8ba2eb82 CHANGES, release note 2018-05-25 08:21:25 -07:00
Evan Hunt
cb96608fd8 copyrights 2018-05-25 08:21:25 -07:00
Evan Hunt
e324449349 remove the experimental authoritative ECS support from named 
- mark the 'geoip-use-ecs' option obsolete; warn when it is used
  in named.conf
- prohibit 'ecs' ACL tags in named.conf; note that this is a fatal error
  since simply ignoring the tags could make ACLs behave unpredictably
- re-simplify the radix and iptable code
- clean up dns_acl_match(), dns_aclelement_match(), dns_acl_allowed()
  and dns_geoip_match() so they no longer take ecs options
- remove the ECS-specific unit and system test cases
- remove references to ECS from the ARM
 2018-05-25 08:21:25 -07:00
Mark Andrews
59d076caed Merge branch '290-documentation-error-missing' into 'master' 
Resolve "Documentation error - missing "};""

Closes #290

See merge request isc-projects/bind9!318
 2018-05-24 23:09:03 -04:00
Mark Andrews
ab22160a1c add closing '};' 2018-05-25 12:48:55 +10:00
Evan Hunt
101eafb044 Merge branch 'fix-catz-test' into 'master' 
fix catz test

See merge request isc-projects/bind9!317
 2018-05-24 19:12:51 -04:00
Evan Hunt
af73e16c9c files were left in place after catz run because of non-portable bracket use 2018-05-24 18:59:43 -04:00
Evan Hunt
4049ba866e Merge branch 'add-readme-features' into 'master' 
add new feature list to README

See merge request isc-projects/bind9!316
 2018-05-24 14:35:22 -04:00
Evan Hunt
b4d8349237 add new feature list to README 2018-05-24 11:26:12 -07:00
Evan Hunt
86899552cc Merge branch '283-ensure-there-is-a-blank-line-before-a-changes-entry-and-a-release-marker' into 'master' 
Resolve "ensure there is a blank line before a changes entry and a release marker."

Closes #283

See merge request isc-projects/bind9!311
 2018-05-23 20:55:12 -04:00
Mark Andrews
e1358d1460 add blank line 2018-05-23 20:46:38 -04:00
Mark Andrews
c91770549f ensure there is a blank line before a changes entry and a release marker 2018-05-23 20:46:38 -04:00
Evan Hunt
2d750a15a9 Merge branch 'generate-notes-txt' into 'master' 
use w3m to generate notes.txt as part of the doc build

See merge request isc-projects/bind9!310
 2018-05-23 12:48:42 -04:00