Commit Graph

7071 Commits

Author SHA1 Message Date
Mark Andrews
7d89e40ea0 Queue nsec3param setting until receive_secure_serial has completed.
(cherry picked from commit 456888c00f)
2019-09-24 11:38:26 +10:00
Mark Andrews
ff700b2259 address or suppress cppcheck warnings
(cherry picked from commit b59fe46e76)
2019-09-12 19:31:56 +10:00
Tinderbox User
1860bab56b prep for 9.11.11 2019-09-09 14:22:44 +00:00
Mark Andrews
47722eacbf remove accidentally back ported code 2019-09-09 16:27:22 +10:00
Evan Hunt
564a62bc2f use an rbtnodechain to walk up labels
when looking for a possible wildcard match in the RPZ summary database,
use an rbtnodechain to walk up label by label, rather than using the
node's parent pointer.

(cherry picked from commit 6e9be9a952)
2019-08-29 20:05:22 -07:00
Ondřej Surý
397249f0b3 Fix uninitialized variable warning in restore_nsec3param()
(cherry picked from commit 1c084c35f0)
2019-08-29 16:04:05 +02:00
Mark Andrews
b94f0db15b check that open() succeeded
(cherry picked from commit 510306c654)
2019-08-29 10:26:22 +10:00
Mark Andrews
b67c6fe8bd Add support for displaying EDNS option LLQ.
(cherry picked from commit d98f446d3f)
2019-08-28 17:48:24 +10:00
Mark Andrews
6aee585e94 add dns_zone_cdscheck to integrity checks
(cherry picked from commit cd40c9fe61)
2019-08-28 16:27:09 +10:00
Mark Andrews
70a85ab614 implement getoriginnode for sdb
(cherry picked from commit 2ebc4776ca)
2019-08-28 16:26:24 +10:00
Tinderbox User
eb55184bda prep 9.11.10 2019-08-13 09:34:56 +00:00
Ondřej Surý
e80c4c3431 Have the dns_client hold a .references until all external references are removed
so that cleanup can all be done in dns_client_destroy().
2019-08-07 11:35:06 +02:00
Mark Andrews
be8af3afb7 Have the view hold a weakref until all external references are removed
so that cleanup can all be done in dns_view_weakattach().
2019-08-06 17:18:48 +02:00
Ondřej Surý
a7c9a52c89 lib/dns/resolver.c: Convert (dns_view_t *)->weakrefs to isc_refcount_t
There's a deadlock in BIND 9 code where (dns_view_t){ .lock } and
(dns_resolver_t){ .buckets[i].lock } gets locked in different order.  When
view->weakrefs gets converted to a reference counting we can reduce the locking
in dns_view_weakdetach only to cases where it's the last instance of the
dns_view_t object.
2019-08-06 15:03:35 +02:00
Mark Andrews
cfbefb57d6 Store the DS and RRSIG(DS) with trust dns_trust_pending_answer
so that the validator can validate the records as part of validating
the current request.

(cherry picked from commit 57a328d67e)
2019-08-02 16:52:57 +10:00
Michał Kępień
eb13d4b279 Unify header ordering in unit tests
Make sure all unit tests include headers in a similar order:

 1. Three headers which must be included before <cmocka.h>.
 2. System headers.
 3. UNIT_TESTING definition, followed by the <cmocka.h> header.
 4. libisc headers.
 5. Headers from other BIND libraries.
 6. Local headers.

Also make sure header file names are sorted alphabetically within each
block of #include directives.

(cherry picked from commit 5381ac0fcc)
2019-07-30 22:22:28 +02:00
Michał Kępień
5e9ac86c2b Include <sched.h> where necessary for musl libc
All unit tests define the UNIT_TESTING macro, which causes <cmocka.h> to
replace malloc(), calloc(), realloc(), and free() with its own functions
tracking memory allocations.  In order for this not to break
compilation, the system header declaring the prototypes for these
standard functions must be included before <cmocka.h>.

Normally, these prototypes are only present in <stdlib.h>, so we make
sure it is included before <cmocka.h>.  However, musl libc also defines
the prototypes for calloc() and free() in <sched.h>, which is included
by <pthread.h>, which is included e.g. by <isc/mutex.h>.  Thus, unit
tests including "dnstest.h" (which includes <isc/mem.h>, which includes
<isc/mutex.h>) after <cmocka.h> will not compile with musl libc as for
these programs, <sched.h> will be included after <cmocka.h>.

Always including <cmocka.h> after all other header files is not a
feasible solution as that causes the mock assertion macros defined in
<isc/util.h> to mangle the contents of <cmocka.h>, thus breaking
compilation.  We cannot really use the __noreturn__ or analyzer_noreturn
attributes with cmocka assertion functions because they do return if the
tested condition is true.  The problem is that what BIND unit tests do
is incompatible with Clang Static Analyzer's assumptions: since we use
cmocka, our custom assertion handlers are present in a shared library
(i.e. it is the cmocka library that checks the assertion condition, not
a macro in unit test code).  Redefining cmocka's assertion macros in
<isc/util.h> is an ugly hack to overcome that problem - unfortunately,
this is the only way we can think of to make Clang Static Analyzer
properly process unit test code.  Giving up on Clang Static Analyzer
being able to properly process unit test code is not a satisfactory
solution.

Undefining _GNU_SOURCE for unit test code could work around the problem
(musl libc's <sched.h> only defines the prototypes for calloc() and
free() when _GNU_SOURCE is defined), but doing that could introduce
discrepancies for unit tests including entire *.c files, so it is also
not a good solution.

All in all, including <sched.h> before <cmocka.h> for all affected unit
tests seems to be the most benign way of working around this musl libc
quirk.  While quite an ugly solution, it achieves our goals here, which
are to keep the benefit of proper static analysis of unit test code and
to fix compilation against musl libc.

(cherry picked from commit 59528d0e9d)
2019-07-30 22:22:27 +02:00
Mark Andrews
de153f1a43 Do not attempt to perform a DNS64 rewrite if RPZ returns NODATA.
(cherry picked from commit 1eb640049c)
2019-07-25 07:26:35 +10:00
Ondřej Surý
a0f4e6d27e Add new siphash24 DNS Cookie algorithm
This commit changes the BIND cookie algorithms to match
draft-sury-toorop-dnsop-server-cookies-00.  Namely, it changes the Client Cookie
algorithm to use SipHash 2-4, adds the new Server Cookie algorithm using SipHash
2-4.  The change doesn't make the SipHash 2-4 to be the default algorithm, this
is up to the operator.

(cherry picked from commit 196b342bc9)
2019-07-22 09:06:03 -04:00
Ondřej Surý
9f431ce20c Fix the memory leaks in GeoIP unit test
Each individual test opened GeoIP databases but the database handles were never
closed.  This commit moves the open/close from the individual unit tests into
the _setup and _teardown methods where they really belong.

(cherry picked from commit d1c7b79183)
(cherry picked from commit aad88d2c00)
2019-07-16 16:27:05 -07:00
Tinderbox User
466dd24411 prep 9.11.9 2019-07-09 10:06:34 +00:00
Mark Andrews
e070fdab1d use printf instead of print_message for '1..0 # Skipped: sigs test requires crypto' 2019-07-08 10:57:22 +10:00
Evan Hunt
cf9c7959a0 add support for building GeoIP2 on windows 2019-07-04 12:06:01 -07:00
Evan Hunt
f81020a748 fix broken windows build
The MSVS C compiler requires every struct to have at least one member.
The dns_geoip_databases_t structure had one set of members for
HAVE_GEOIP and a different set for HAVE_GEOIP2, and none when neither
API is in use.

This commit silences the compiler error by moving the declaration of
dns_geoip_databases_t to types.h as an opaque reference, and commenting
out the contents of geoip.h when neither version of GeoIP is enabled.

(cherry picked from commit 81fcde5953)
2019-07-03 10:52:51 -07:00
Evan Hunt
8ec293e51e add GeoIP2 lookups to unit test
(cherry picked from commit 6399a70cb4)
(cherry picked from commit 7468036226)
2019-07-02 12:29:44 -07:00
Evan Hunt
0d50d9988c implement searching of geoip2 database
- revise mapping of search terms to database types to match the
  GeoIP2 schemas.
- open GeoIP2 databases when starting up; close when shutting down.
- clarify the logged error message when an unknown database type
  is configured.
- add new geoip ACL subtypes to support searching for continent in
  country databases.
- map geoip ACL subtypes to specific MMDB database queries.
- perform MMDB lookups based on subtype, saving state between
  queries so repeated lookups for the same address aren't necessary.

(cherry picked from commit 6e0b93e5a0)
(cherry picked from commit 0283ab7512)
2019-07-02 12:29:39 -07:00
Evan Hunt
a553ac45ed add HAVE_GEOIP2 #ifdef branches, without implementing yet
(cherry picked from commit fe46d5bc34)
(cherry picked from commit 7fc92bee0c)
2019-07-02 12:28:14 -07:00
Evan Hunt
7de12aaa34 add a search for GeoIP2 libraries in configure
- "--with-geoip" is used to enable the legacy GeoIP library.
- "--with-geoip2" is used to enable the new GeoIP2 library
  (libmaxminddb), and is on by default if the library is found.
- using both "--with-geoip" and "--with-geoip2" at the same time
  is an error.
- an attempt is made to determine the default GeoIP2 database path at
  compile time if pkg-config is able to report the module prefix. if
  this fails, it will be necessary to set the path in named.conf with
  geoip-directory
- Makefiles have been updated, and a stub lib/dns/geoip2.c has been
  added for the eventual GeoIP2 search implementation.

(cherry picked from commit fea6b5bf10)
(cherry picked from commit 6a7e805796)
2019-07-02 12:28:14 -07:00
Evan Hunt
4dd46ba0f7 don't overwrite the dns_master_loadfile() result before calling zone_postload()
if "rndc reload" fails, the result code is supposed to be passed to
zone_postload, but for inline-signing zones, the result can be
overwritten first by a call to the ZONE_TRYLOCK macro. this can lead
to the partially-loaded unsigned zone being synced over to the signed
zone instead of being rejected.

(cherry picked from commit 0b792bd37b)
2019-06-26 08:51:24 -07:00
Mark Andrews
4110b9184d define ULLONG_MAX if not already defined 2019-06-25 09:42:49 +10:00
Brian Conry
1ff50a2f70 Bump DNS_CLIENTINFOMETHODS_VERSION/_AGE to 2/1 in clientinfo.h
BIND 9.11.0 has bumped DNS_CLIENTINFOMETHODS_VERSION and _AGE to
version 2 and 1 in the dlz_minimal.h because a member was addet to the
dnsclientinfo struct.  It was found out that the new member is not
used anywhere and there are no accessor functions therefore the change
was reverted.

Later on, it was found out that the revert caused some problems to the
users of BIND 9, and thus this changes takes a different approach by
syncing the values other way around.

(cherry picked from commit 39344dfb3e)
2019-06-20 14:24:29 +02:00
Tinderbox User
81c904f697 prep 9.11.8 2019-06-19 15:55:05 -07:00
Mark Andrews
3a9c7bb80d move item_out test inside lock in dns_dispatch_getnext()
(cherry picked from commit 60c42f849d520564ed42e5ed0ba46b4b69c07712)
2019-06-19 15:55:04 -07:00
Michał Kępień
eeec8e8d83 Address GCC 9.1 -O3 compilation warnings
Compiling with -O3 triggers the following warnings with GCC 9.1:

    task.c: In function ‘isc__taskmgr_create’:
    task.c:1456:44: warning: ‘%04u’ directive output may be truncated writing between 4 and 10 bytes into a region of size 6 [-Wformat-truncation=]
     1456 |    snprintf(name, sizeof(name), "isc-worker%04u", i);
          |                                            ^~~~
    task.c:1456:33: note: directive argument in the range [0, 4294967294]
     1456 |    snprintf(name, sizeof(name), "isc-worker%04u", i);
          |                                 ^~~~~~~~~~~~~~~~
    task.c:1456:4: note: ‘snprintf’ output between 15 and 21 bytes into a destination of size 16
     1456 |    snprintf(name, sizeof(name), "isc-worker%04u", i);
          |    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    rrl.c: In function ‘debit_rrl_entry’:
    rrl.c:602:35: error: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 9 [-Werror=format-truncation=]
      602 |   snprintf(buf, sizeof(buf), "age=%d", age);
          |                                   ^~
    rrl.c:602:30: note: directive argument in the range [0, 2147483647]
      602 |   snprintf(buf, sizeof(buf), "age=%d", age);
          |                              ^~~~~~~~
    rrl.c:602:3: note: ‘snprintf’ output between 6 and 15 bytes into a destination of size 13
      602 |   snprintf(buf, sizeof(buf), "age=%d", age);
          |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    rrl.c:602:35: error: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 9 [-Werror=format-truncation=]
      602 |   snprintf(buf, sizeof(buf), "age=%d", age);
          |                                   ^~
    rrl.c:602:30: note: directive argument in the range [0, 2147483647]
      602 |   snprintf(buf, sizeof(buf), "age=%d", age);
          |                              ^~~~~~~~
    rrl.c:602:3: note: ‘snprintf’ output between 6 and 15 bytes into a destination of size 13
      602 |   snprintf(buf, sizeof(buf), "age=%d", age);
          |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    rrl.c:602:35: error: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 9 [-Werror=format-truncation=]
      602 |   snprintf(buf, sizeof(buf), "age=%d", age);
          |                                   ^~
    rrl.c:602:30: note: directive argument in the range [0, 2147483647]
      602 |   snprintf(buf, sizeof(buf), "age=%d", age);
          |                              ^~~~~~~~
    rrl.c:602:3: note: ‘snprintf’ output between 6 and 15 bytes into a destination of size 13
      602 |   snprintf(buf, sizeof(buf), "age=%d", age);
          |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    private_test.c: In function ‘private_nsec3_totext_test’:
    private_test.c:114:9: warning: array subscript 4 is outside array bounds of ‘uint32_t[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds]
      114 |  while (*sp == '\0' && slen > 0) {
          |         ^~~
    private_test.c:107:11: note: while referencing ‘salt’
      107 |  uint32_t salt;
          |           ^~~~

Prevent these warnings from being triggered by increasing the size of
the relevant arrays (task.c, rrl.c) and reordering conditions
(private_test.c).

(cherry picked from commit ce796ac1f4)
2019-06-11 10:19:26 +02:00
Mark Andrews
f684368053 POST(optlen)
(cherry picked from commit 4e97f7dccc)
2019-06-04 15:49:16 +10:00
Mark Andrews
9618d822ab fix Ed448 length values for precomputed ASN.1 prefix blobs
(cherry picked from commit 5da97eeea6)
2019-05-30 22:51:04 +10:00
Ondřej Surý
f9880fcf6d Pull the values for LFS_{CFLAGS,LDFLAGS,LIBS} from autoconf instead using them directly in make
(cherry picked from commit d4596baed4)
2019-05-29 13:34:22 +02:00
Ondřej Surý
4203bdef8d Use getconf LFS_{CFLAGS,LDFLAGS,LIBS} to get flags to compile lib/dns/gen
On some systems (namely Debian buster armhf) the readdir() call fails
with `Value too large for defined data type` unless the
_FILE_OFFSET_BITS=64 is defined.  The correct way to fix this is to
get the appropriate compilation parameters from getconf system
interface.

(cherry picked from commit 4c7345bcb6)
2019-05-29 10:31:03 +02:00
Ondřej Surý
bcf4391ec6 Exit the ./gen program on failed readdir() call
(cherry picked from commit 05b7c08a16)
2019-05-29 10:31:03 +02:00
Witold Kręcicki
71d3823dab Remove UNSPEC rrtype
(cherry picked from commit a8e2ca6f7d)
2019-05-13 10:54:10 +07:00
Tinderbox User
d58e36b410 prep 9.11.7 2019-05-10 05:03:46 +00:00
Michał Kępień
f04f107b7e Make NTAs work with validating forwarders
If named is configured to perform DNSSEC validation and also forwards
all queries ("forward only;") to validating resolvers, negative trust
anchors do not work properly because the CD bit is not set in queries
sent to the forwarders.  As a result, instead of retrieving bogus DNSSEC
material and making validation decisions based on its configuration,
named is only receiving SERVFAIL responses to queries for bogus data.
Fix by ensuring the CD bit is always set in queries sent to forwarders
if the query name is covered by an NTA.

(cherry picked from commit 5e80488270)
2019-05-09 21:05:50 -07:00
Ondřej Surý
0dced2fa6a Make lib/dns/gen.c compatible with reproducible builds.
The gen.c will now use SOURCE_DATE_EPOCH[1] if found in environment
to make the build more reproducible build friendly.

1. https://reproducible-builds.org/specs/source-date-epoch/

(cherry picked from commit c8cb612d39)
2019-05-09 16:05:38 +07:00
Mark Andrews
10c53d2873 Recognise EDNS Client Tag and EDNS Server Tag
(cherry picked from commit ee7cf180b3)
2019-05-09 18:24:57 +10:00
Mark Andrews
702cc2dde3 enforce known SSHFP finger print lengths
(cherry picked from commit 1722728c80)
2019-05-09 08:49:19 +10:00
Mark Andrews
595544329a fix whitespace
(cherry picked from commit 32ba5a0494)
2019-05-07 10:28:48 +10:00
Mark Andrews
333116ac5c return rdatasets when processing ANY queries in client_resfind
(cherry picked from commit 127333c71f)
2019-05-07 10:28:47 +10:00
Mark Andrews
ac77f8df02 using 0 instead of false
(cherry picked from commit da7f683abf)
2019-04-23 11:46:12 +10:00
Ondřej Surý
376800b2ad Refactor the DNS_RDATASET_FIXED code to use constants instead of ifdefs
(cherry picked from commit 4edbb773a1)
2019-04-17 11:34:49 +02:00
Matthijs Mekking
4af2d5b6d6 With update-check-ksk also consider offline keys
The option `update-check-ksk` will look if both KSK and ZSK are
available before signing records.  It will make sure the keys are
active and available.  However, for operational practices keys may
be offline.  This commit relaxes the update-check-ksk check and will
mark a key that is offline to be available when adding signature
tasks.

(cherry picked from commit 3cb8c49c73)
(cherry picked from commit b508cffeee3bfb8bc7dcf39db59ec3782a5d9e4c)
2019-04-12 15:57:31 +02:00