ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
26,896 Commits 589 Branches 805 Tags
aabd651ae852e6581fd56b43ce447dbe69b4c7e7
Commit Graph

26896 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mark Andrews
aabd651ae8 add placeholder 2018-05-18 12:32:37 +10:00
Evan Hunt
bb4bfb9ae6 Merge branch '251-documentation-of-rpz-min-update-interval-is-inconsistent-with-implementation' into 'master' 
Resolve "Documentation of RPZ min-update-interval is inconsistent with implementation"

Closes #251

See merge request isc-projects/bind9!277
 2018-05-17 22:12:17 -04:00
Mukund Sivaraman
975afc508d Fix ARM about min-update-interval default for RPZ zones 
Also, use variable names consistent with catz for rpz configuration functions
 2018-05-17 19:02:51 -07:00
Mark Andrews
5a75f5bc91 Merge branch '267-iscpk11libs-is-not-defined-anywhere-resulting-in-dstrandom_test-not-being-built' into 'master' 
Remove dstrandom_test from lib/dns/tests/Atffile

See merge request isc-projects/bind9!292
 2018-05-17 02:20:30 -04:00
Mark Andrews
074f247926 remove dstrandom_test 2018-05-17 16:10:24 +10:00
Mark Andrews
7a8f04b826 Merge branch 'u/fanf2/restore-nsid-logging' into 'master' 
Fix request-nsid log level to match documentation.

See merge request isc-projects/bind9!290
 2018-05-16 23:49:25 -04:00
Tony Finch
adbdedda7a Add CHANGES entry. 
4948.	[bug]		When request-nsid is turned on, EDNS NSID options
			should be logged at level info. Since change 3741
			they have been logged at debug(3) by mistake.
			[GL !290]
 2018-05-16 20:24:24 +01:00
Tony Finch
174cd00290 Fix request-nsid log level to match documentation. 
Since change 3741 (commit 1d761cb4) they have been logged at
debug(3) by mistake.
 2018-05-16 20:20:05 +01:00
Witold Krecicki
5296ecb946 Merge branch '221-new-isc_random-api' into 'master' 
Unify the random number provider

Closes #221

See merge request isc-projects/bind9!269
 2018-05-16 04:05:31 -04:00
Ondřej Surý
e61082015d Add CHANGES entry. 
4947.   [func]          Replace all random functions with isc_random(),
                        isc_random_buf() and isc_random_uniform() API.
                        [GL #221]
 2018-05-16 09:55:56 +02:00
Ondřej Surý
087eab022f Add release notes. 2018-05-16 09:54:35 +02:00
Ondřej Surý
b890abb4f3 Remove -p pseudo-random documentation from dnssec-signzone 2018-05-16 09:54:35 +02:00
Ondřej Surý
b4d6541fe8 Remove genrandom man page 2018-05-16 09:54:35 +02:00
Ondřej Surý
f872cfcb45 Remove -p option usage from rpz test 2018-05-16 09:54:35 +02:00
Ondřej Surý
2b8fab6828 Remove genrandom command and all usage of specific random files throughout the system test suite 2018-05-16 09:54:35 +02:00
Ondřej Surý
3a4f820d62 Replace all random functions with isc_random, isc_random_buf and isc_random_uniform API. 
The three functions has been modeled after the arc4random family of
functions, and they will always return random bytes.

The isc_random family of functions internally use these CSPRNG (if available):

1. getrandom() libc call (might be available on Linux and Solaris)
2. SYS_getrandom syscall (might be available on Linux, detected at runtime)
3. arc4random(), arc4random_buf() and arc4random_uniform() (available on BSDs and Mac OS X)
4. crypto library function:
4a. RAND_bytes in case OpenSSL
4b. pkcs_C_GenerateRandom() in case PKCS#11 library
 2018-05-16 09:54:35 +02:00
Ondřej Surý
74dd289a1c Merge branch '209-glue-is-no-longer-included' into 'master' 
Resolve "Glue is no longer included for non-DNSSEC-signed zones since CHANGE 4596"

Closes #209

See merge request isc-projects/bind9!247
 2018-05-16 02:27:32 -04:00
Mukund Sivaraman
dfd73d7e16 Add CHANGES entry 2018-05-16 08:16:12 +02:00
Mukund Sivaraman
303391ea41 Add system test 2018-05-16 08:15:36 +02:00
Mukund Sivaraman
31bd3147d1 Don't validate non-pending glue when adding to the additional section 2018-05-16 08:15:36 +02:00
Evan Hunt
f03d68a7d0 Merge branch '233-clarify-documentation-of-update-policy-tcp-self-and-6to4-self' into 'master' 
Resolve "Clarify documentation of update-policy tcp-self and 6to4-self"

Closes #233

See merge request isc-projects/bind9!227
 2018-05-15 16:19:27 -04:00
Evan Hunt
dea89f2a52 rewrite the update-policy documentation 
- clarify the behavior of the name and identity fields for various
  rule types, particularly tcp-self and 6to4-self.
 2018-05-15 13:05:05 -07:00
Michał Kępień
a6f99bb3e3 Merge branch '258-address-ubsan-warnings' into 'master' 
Address issues found by ubsan

Closes #258

See merge request isc-projects/bind9!278
 2018-05-15 03:27:27 -04:00
Michał Kępień
6ddbca6f2b isc_buffer_*(): if source can be NULL, only call memmove() when length is non-zero 
Certain isc_buffer_*() functions might call memmove() with the second
argument (source) set to NULL and the third argument (length) set to 0.
While harmless, it triggers an ubsan warning:

    runtime error: null pointer passed as argument 2, which is declared to never be null

Modify all memmove() call sites in lib/isc/include/isc/buffer.h and
lib/isc/buffer.c which may potentially use NULL as the second argument
(source) so that memmove() is only called if the third argument (length)
is non-zero.
 2018-05-15 09:11:34 +02:00
Michał Kępień
9bc6ba0be9 dns_rdataslab_merge(): use dns_rdata_compare() instead of compare_rdata() 
compare_rdata() was meant to be used as a qsort() callback.  Meanwhile,
dns_rdataslab_merge() calls compare_rdata() for a pair of dns_rdata_t
structures rather than a pair of struct xrdata structures, which is
harmless, but triggers an ubsan warning:

    rdataslab.c:84:33: runtime error: member access within address <address> with insufficient space for an object of type 'const struct xrdata'

Use dns_rdata_compare() instead of compare_rdata() to prevent the
warning from being triggered.
 2018-05-15 09:11:34 +02:00
Michał Kępień
34de85dab8 Merge branch '252-9-9-sigs_test-updatesigs-is-failing' into 'master' 
Skip lib/dns/tests/sigs_test for builds without DNSSEC support

Closes #252

See merge request isc-projects/bind9!271
 2018-05-14 03:26:43 -04:00
Michał Kępień
f98e145c5b Extend the list of headers included by lib/dns/tests/sigs_test.c 2018-05-14 09:18:00 +02:00
Mark Andrews
2420320b96 return untested if not built with OPENSSL or PKCS11CRYPTO 2018-05-14 02:21:48 -04:00
Ondřej Surý
769551c336 Merge branch 'dont-close-stderr-doc' into 'master' 
Add notice about closing stdout/stderr file descriptors to style.md

See merge request isc-projects/bind9!272
 2018-05-14 02:08:52 -04:00
Ondřej Surý
174d00fbb8 Add notice about closing stdout/stderr file descriptors to style.md 2018-05-14 07:54:23 +02:00
Evan Hunt
a02efbe1f8 Merge branch '244-enforce-crypto-library' into 'master' 
Disable builds without cryptographic provider (OpenSSL or PKCS#11)

Closes #244

See merge request isc-projects/bind9!266
 2018-05-13 22:27:33 -04:00
Evan Hunt
ea5626179e CHANGES and release note 2018-05-13 19:18:56 -07:00
Ondřej Surý
23c1f7e506 Enforce usage of OpenSSL or PKCS#11 library in platform.h header 2018-05-13 19:18:56 -07:00
Evan Hunt
cb578fae92 Enforce crypto selection in configure 2018-05-13 19:18:56 -07:00
Ondřej Surý
ee83b59e5e Merge branch '9-remove-dolar-ids-and-other-cruft' into 'master' 
Remove $Id$s and other cruft in a batch

See merge request isc-projects/bind9!263
 2018-05-11 08:18:32 -04:00
Ondřej Surý
55a10b7acd Remove $Id markers, Principal Author and Reviewed tags from the full source tree 2018-05-11 13:17:46 +02:00
Ondřej Surý
93f2d25a9a Merge branch 'redirect-stderr-to-dev-null' into 'master' 
Use 2>/dev/null instead of '>&-'

See merge request isc-projects/bind9!262
 2018-05-11 07:10:42 -04:00
Ondřej Surý
3f66b8acb0 Update tests to not use '>&-' that closes file descriptor, but instead use correct redirection to '>/dev/null' 2018-05-11 12:44:27 +02:00
Michał Kępień
0ea363746e Merge branch '239-don-t-use-null-as-a-argument-to-a-varargs-function-as-it-may-not-be-promoted-properly' into 'master' 
Resolve "don't use NULL as a argument to a varargs function as it may not be promoted properly"

Closes #239

See merge request isc-projects/bind9!228
 2018-05-11 02:20:43 -04:00
Mark Andrews
6aae115d15 silence cppcheck portability warning 2018-05-11 08:12:17 +02:00
Mark Andrews
53fbf143db Merge branch '248-named-9-12-uses-too-much-memory-with-tuning-large-regression-vs-9-11' into 'master' 
Resolve "named 9.12 uses too much memory with `--tuning=large` (regression vs. 9.11)"

Closes #248

See merge request isc-projects/bind9!251
 2018-05-10 21:27:10 -04:00
Mark Andrews
30e58374a3 add CHANGES note 2018-05-11 11:17:48 +10:00
Mukund Sivaraman
3adcc033f6 Don't keep around debuglist structs when done 2018-05-11 11:17:14 +10:00
Mukund Sivaraman
b9886abd86 Reduce number of buckets in tracklines debuglink table 
With 1044 res contexts, each with 65536 debuglink structs of 16 bytes
each, the debuglink table itself was consuming 1GB+ of memory.
 2018-05-11 11:17:14 +10:00
Mark Andrews
56f17ab3d0 Merge branch '196-clang-scan-build-reporting-possible-null-pointer-dereferences' into 'master' 
Resolve "clang scan-build reporting possible null pointer dereferences"

Closes #196

See merge request isc-projects/bind9!230
 2018-05-10 21:02:50 -04:00
Mark Andrews
92e540df1e Silence clang static analyzer warnings; Consolidate multiple instances of splitting of batchline in dig into a single function. 2018-05-11 10:54:21 +10:00
Michał Kępień
770235900e Merge branch '249-address-gcc-8-compilation-warnings' into 'master' 
Address GCC 8 compilation warnings

Closes #249

See merge request isc-projects/bind9!252
 2018-05-10 04:51:23 -04:00
Ondřej Surý
9845c4c4a7 Address GCC 8 -Wstringop-truncation warning 2018-05-10 10:35:01 +02:00
Michał Kępień
172d0c401e Address GCC 8 -Wformat-truncation warnings 2018-05-10 10:35:01 +02:00
Michał Kępień
e93a950b70 Merge branch 'refactor-update-sigs' into 'master' 
Refactor update_sigs()

See merge request isc-projects/bind9!10
 2018-05-10 03:54:53 -04:00