The check_loaded() function compares the zone's loadtime value and
an expected loadtime value, which is based on the zone file's mtime
extracted from the filesystem.
For the secondary zones there may be cases, when the zone file isn't
ready yet before the zone transfer is complete and the zone file is
dumped to the disk, so a so zero value mtime is retrieved.
In such cases wait one second and retry until timeout. Also modify
the affected check to allow a possible difference of the same amount
of seconds as the chosen timeout value.
(cherry picked from commit 4e94ff2541)
The BIND 9.16 build system occasionally produces a bin/named/bind9.xsl.h
file that differs slightly from the version in the bind-9.16 branch due
to a race condition. This poses an issue for the "docs" CI job, which
executes the "maintainer-clean" make target, regenerates the
bin/named/bind9.xsl.h file, and checks for differences with the
committed file. The race condition causes discrepancies in this check.
Since this problem doesn't occur in BIND 9.18+, we can hide it by adding
bin/named/bind9.xsl.h to the list of files excluded from the check.
A merge request might have no description at all (i.e. None, rather than
an empty string). This might happen when the MR is created via an API.
Check a description is present before trying to find a backport string
in it.
(cherry picked from commit 4f70f5bd7c)
Since the list of lines added to Git-tracked text files in a given
branch is not part of the Danger DSL [1], it is determined using custom
code in dangerfile.py. The current implementation of that logic is less
than perfect as it examines the diff between the current tip of the
target branch and the source branch rather than the diff between the
merge base of the two branches and the source branch. Consider a Git
history like this:
* F (target)
...
* E
* D
* C
| * B (source)
|/
* A (merge base)
If danger-python or Hazard are run for commit B, the current logic for
determining the list of added lines in dangerfile.py examines the diff
between commits F and B rather than between commits A and B. Therefore,
the added_lines() function returns not just the lines added by commit B
on top of commit A, but also the list of lines that were removed between
commits A and F, which leads to confusing results.
Fix by using the triple-dot diff operator in the Git invocation whose
output is used as the source of information for determining the list of
lines added by a given branch.
Since Hazard fetches the target branch itself when it is run, remove the
explicit "git fetch" invocation that fetches the target branch from
GitLab (shortening its local history to a single commit in the process)
before "git diff" is invoked.
[1] https://danger.systems/js/reference.html#GitDSL
(cherry picked from commit 43126e81e6)
The maximum DNS message size is 65535 octets. Check that the buffer
being passed to dns_message_renderbegin does not exceed this as the
compression code assumes that all offsets are no bigger than this.
(cherry picked from commit a069513234)
The system tests on OpenBSD consistently exhibit lower stability
compared to our other CI platforms. Some of these challenges are
intrinsic to the system test itself and require attention. However,
there are OpenBSD issues, which seem to be more widespread on this
platform than others. In our daily CI pipelines, OpenBSD system tests
often bear the brunt of all failed CI jobs.
It's possible that our OpenBSD CI image could be optimized, but we
currently lack the domain-specific knowledge needed to make
improvements.
(cherry picked from commit 2ab292c169)
The AES algorithm for DNS cookies was being kept for legacy reasons,
and it can be safely removed in the next major release. Mark is as
deprecated, so the `named-checkconf` prints a warning when in use.
(cherry picked from commit 67d14b0ee5)
This enables the "logfileconfig" and "rpzextra" system tests to pass
when named is started under the supervision of rr (USE_RR=1).
(cherry picked from commit 422286e9c2)
The definition of the "cross-version-config-tests" GitLab CI job was
accidentally added in the .gitlab-ci.yml section that claims to only
contain job templates. Move the definition of that job to a more
appropriate location in .gitlab-ci.yml, without changing the job
definition itself.
(cherry picked from commit 192cceba5a)
All currently supported BIND 9 branches use xz-packed tarballs for
source code distribution. Having variables with lengthy names that only
hold two characters does not improve readability - it was only useful
for maintaining .gitlab-ci.yml consistency between BIND 9.11 and all the
newer branches, but that era has come to an end a while ago.
Replace all occurrences of the TARBALL_COMPRESSOR and TARBALL_EXTENSION
variables in .gitlab-ci.yml with a fixed string ("xz") to simplify the
contents of that file.
(cherry picked from commit 832c7d4396)
when transferring in a non-inline-signing secondary for the first time,
we previously never set the value of zone->loadtime, so it remained
zero. this caused a test failure in the statschannel system test,
and that test case was temporarily disabled. the value is now set
correctly and the test case has been reinstated.
(cherry picked from commit 9643281453)
To reduce the amount of log spam when root servers change their
addresses keep a table of upcoming changes by expected date and time
and suppress reporting differences for them until then.
Add initial entry for B.ROOT-SERVERS.NET, Nov 27, 2023.
(cherry picked from commit b69100b747)
This covers both root hints and the default primaries for the root
zone mirror. The official change date is Nov 27, 2023.
(cherry picked from commit 2ca2f7e985)