Static-stub addresses and addresses from other sources were being
mixed together, resulting in static-stub queries going to addresses
not specified in the configuration, or alternatively, static-stub
addresses being used instead of the correct server addresses.
Closes#4850
Backport of MR !9314
Merge branch 'backport-4850-add-an-additional-class-of-names-to-adb-9.18' into 'bind-9.18'
See merge request isc-projects/bind9!9572
Static-stub address and addresses from other sources where being
mixed together resulting in static-stub queries going to addresses
not specified in the configuration or alternatively static-stub
addresses being used instead of the real addresses.
(cherry picked from commit b3a2c790f3)
Add the new record type WALLET (262). This provides a mapping from a domain name to a cryptographic currency wallet. Multiple mappings can exist if multiple records exist.
Closes#4947
Backport of MR !9521
Merge branch 'backport-4947-add-wallet-type-to-named-9.18' into 'bind-9.18'
See merge request isc-projects/bind9!9555
The ans4 server wasn't shutting down cleanly sometimes. Check that read returns the
expected value for the message length or exit read loop.
Closes#4301
Backport of MR !9537
Merge branch 'backport-4301-check-read-value-in-ans4-9.18' into 'bind-9.18'
See merge request isc-projects/bind9!9546
The ans4 server wasn't shutting down cleanly sometimes. Check that
read returns the expected value for the message length or exit read
loop.
(cherry picked from commit 21baad0a8f)
Keeping a single changelog file creates annoying conflicts when rebasing
the -S version. To eliminate these, keep the changelog for each version
in a separate file and also create files for the -S versions to include
them in the docs. In the open source version, these files will remain
empty and thus won't affect the documentation, while in the -S edition
they'll be filled in and included without introducing any conflicts.
---
Closes#4946
Merge branch 'nicki/reorganize-changelog-docfiles' into 'bind-9.18'
See merge request isc-projects/bind9!9528
Since the changes aren't tracked in the single changelog.rst file,
generate the changelog to stdout instead, so it can be easily redirected
to the proper file.
Keeping a single changelog file creates annoying conflicts when rebasing
the -S version. To eliminate these, keep the changelog for each version
in a separate file and also create files for the -S versions to include
them in the docs. In the open source version, these files will remain
empty and thus won't affect the documentation, while in the -S edition
they'll be filled in and included without introducing any conflicts.
The shutdown system test sends queries when named is shutting down, not
in an attempt to get answers but to destabilize the server into a crash.
With isctest.query.udp() defaulting to try up to ten times with a
ten-second timeout to get a response we don't care about from a likely
terminated server, we make the test run much longer than needed because
of retries and long timeouts.
Also, see isc-projects/bind9#4943.
Backport of MR !9507
Merge branch 'backport-mnowak/shutdown-downgrade-timeout-and-attempts-arguments-9.18' into 'bind-9.18'
See merge request isc-projects/bind9!9542
The shutdown system test sends queries when named is shutting down, not
in an attempt to get answers but to destabilize the server into a crash.
With isctest.query.udp() defaulting to try up to ten times with a
ten-second timeout to get a response we don't care about from a likely
terminated server, we make the test run much longer than needed because
of retries and long timeouts.
(cherry picked from commit 463ab2f3f5)
We currently set SO_INCOMING_CPU incorrectly, and testing by Ondrej
shows that fixing the issue by setting affinities is worse than letting
the kernel schedule threads without constraints. So we should not set
SO_INCOMING_CPU anymore.
Closes#4936
Backport of MR !9497
Merge branch 'backport-4936-remove-so-incoming-cpu-9.18' into 'bind-9.18'
See merge request isc-projects/bind9!9505
We currently set SO_INCOMING_CPU incorrectly, and testing by Ondrej
shows that fixing the issue and setting affinities is worse than letting
the kernel schedule threads without constraints. So we should not set
SO_INCOMING_CPU anymore.
(cherry picked from commit 8b8149cdd2)
When resolving a zone with a 'forward only' policy, and
finding out that all the forwarders are marked as "bad",
the 'ServerQuota' counter of the statistics channel was
incorrectly increased. This has been fixed.
Closes#1793
Backport of MR !9493
Merge branch 'backport-1793-serverquota-counter-bug-with-forward-only-9.18' into 'bind-9.18'
See merge request isc-projects/bind9!9503
The 'bin/tests/system/resolver.c' tool used in the resolver system
test uses the 'dns_client_setservers()' function, which sets up a
resolution in 'forward only' mode. Since a bug was just fixed in
'fctx_getaddresses()', two expected failures in the resolver system
test now fail with a different failure message, because
'fctx_getaddresses()' returns 'ISC_R_FAILURE' instead of
'res->quotaresp[dns_quotatype_server]', which is 'DNS_R_SERVFAIL'
by default. Change the expected failure message.
Check that the fix in the previous commit works and that the
'ServerQuota' counter in the statistics channel is still unset
after a SERVFAIL result in a 'forward only' zone.
(cherry picked from commit 81b3c5d908)
The 'all_spilled' local variable in resolver.c:fctx_getaddresses()
is 'true' by default, and only becomes false when there is at least
one successfully found NS address. However, when a 'forward only;'
configuration is used, the code jumps over the part where it looks
for NS addresses and doesn't reset the 'all_spilled' to false, which
results in incorretly increased 'serverquota' statistics variable,
and also in invalid return error code from the function. The result
code error didn't make any differences, because all codes other than
'ISC_R_SUCCESS' or 'DNS_R_WAIT' were treated in the same way, and
the result code was never logged anywhere.
Set the default value of 'all_spilled' to 'false', and only make it
'true' before actually starting to look up NS addresses.
(cherry picked from commit e430ce7039)
If the operating system UDP queue gets full and the outgoing UDP sending
starts to be delayed, BIND 9 could exhibit memory spikes as it tries to
enqueue all the outgoing UDP messages. Try a bit harder to deliver the
outgoing UDP messages synchronously and if that fails, drop the outgoing
DNS message that would get queued up and then timeout on the client side.
Closes#4930
Backport of MR !9506
Merge branch 'backport-4930-limit-the-UDP-send-queue-9.18' into 'bind-9.18'
See merge request isc-projects/bind9!9512
If the operating system UDP queue gets full and the outgoing UDP sending
starts to be delayed, BIND 9 could exhibit memory spikes as it tries to
enqueue all the outgoing UDP messages. As those are not going to be
delivered anyway (as we argued when we stopped enlarging the operating
system send and receive buffers), try to send the UDP messages directly
using `uv_udp_try_send()` and if that fails, drop the outgoing UDP
message.
(cherry picked from commit b576c4c977)
Silence Coverity CID 468757 and 468767 (DATA RACE read not locked) by converting dnssec-signzone to use atomics for statistics counters rather than using a lock.
Closes#4939
Backport of MR !9496
Merge branch 'backport-4939-remove-stats-lock-from-dnssec-signzone-9.18' into 'bind-9.18'
See merge request isc-projects/bind9!9501
Silence Coverity CID 468757 and 468767 (DATA RACE read not locked)
by converting dnssec-signzone to use atomics for statistics counters
rather than using a lock. This should be marginally faster than
using the lock as well when statistics are requested.
(cherry picked from commit 473cbd4e87)
Closes#4634
Backport of MR !9150
Merge branch 'backport-4634-drop-dns.resolver-module-from-system-tests-9.18' into 'bind-9.18'
See merge request isc-projects/bind9!9492
When the libxml2 and libjson-c libraries are not supported, the statistics channel can't return anything useful, so it is now disabled. Use of `statistics-channel` in `named.conf` is a fatal error.
Closes#4895
Backport of MR !9423
Merge branch 'backport-4895-link-style-sheet-to-libxml2-support-9.18' into 'bind-9.18'
See merge request isc-projects/bind9!9487
If neither libxml2 nor libjson_c are available have named-checkconf
fail if a statistics-channels block is specified.
(cherry picked from commit b9246418e8)
The `statschannel` system test failed if only one of `libxml2` or `json-c` is
available / configured as checks were being run against the non available
statistics page.
Closes#4919
Backport of MR !9454
Merge branch 'backport-4919-fix-statschannel-system-test-9.18' into 'bind-9.18'
See merge request isc-projects/bind9!9484
