Commit Graph
34165 Commits
Author SHA1 Message Date
Ondřej SurýandOndřej Surý b624be2544 Remove use of the inline keyword used as suggestion to compiler
Historically, the inline keyword was a strong suggestion to the compiler
that it should inline the function marked inline.  As compilers became
better at optimising, this functionality has receded, and using inline
as a suggestion to inline a function is obsolete.  The compiler will
happily ignore it and inline something else entirely if it finds that's
a better optimisation.

Therefore, remove all the occurences of the inline keyword with static
functions inside single compilation unit and leave the decision whether
to inline a function or not entirely on the compiler

NOTE: We keep the usage the inline keyword when the purpose is to change
the linkage behaviour.

(cherry picked from commit 20f0936cf2)
2022-03-25 09:37:18 +01:00
Ondřej SurýandOndřej Surý 75f9dd8e82 Simplify way we tag unreachable code with only ISC_UNREACHABLE()
Previously, the unreachable code paths would have to be tagged with:

    INSIST(0);
    ISC_UNREACHABLE();

There was also older parts of the code that used comment annotation:

    /* NOTREACHED */

Unify the handling of unreachable code paths to just use:

    UNREACHABLE();

The UNREACHABLE() macro now asserts when reached and also uses
__builtin_unreachable(); when such builtin is available in the compiler.

(cherry picked from commit 584f0d7a7e)
2022-03-25 09:33:51 +01:00
Ondřej SurýandOndřej Surý 673e53f81d Add FALLTHROUGH macro for __attribute__((fallthrough))
Gcc 7+ and Clang 10+ have implemented __attribute__((fallthrough)) which
is explicit version of the /* FALLTHROUGH */ comment we are currently
using.

Add and apply FALLTHROUGH macro that uses the attribute if available,
but does nothing on older compilers.

In one case (lib/dns/zone.c), using the macro revealed that we were
using the /* FALLTHROUGH */ comment in wrong place, remove that comment.

(cherry picked from commit fe7ce629f4)
2022-03-25 09:30:16 +01:00
Ondřej Surý 374fe8c70e Merge branch 'ondrej-save-tsan-files-with-txt-extension-v9_16' into 'v9_16'
Save parsed tsan files with .txt extension [v9.16]

See merge request isc-projects/bind9!6021
2022-03-25 07:20:02 +00:00
Ondřej Surý f2a5ba0250 Save parsed tsan files with .txt extension
When the parse tsan files have text extension they can be viewed
directly in the GitLab web UI without downloading them locally.

(cherry picked from commit 80582073a5)
2022-03-23 20:31:50 +01:00
Ondřej Surý ae9b9ca0a1 Merge branch '3201-no-vla-v9_16' into 'v9_16'
Remove a redundant variable-length array

See merge request isc-projects/bind9!6005
2022-03-18 18:12:51 +00:00
Tony Finch afb5f59a6f Remove a redundant variable-length array
In the GSS-TSIG verification code there was an alarming
variable-length array whose size came off the network, from the
signature in the request. It turned out to be safe, because the caller
had previously checked that the signature had a reasonable size.
However, the safety checks are in the generic TSIG implementation, and
the risky VLA usage was in the GSS-specific code, and they are
separated by the DST indirection layer, so it wasn't immediately
obvious that the risky VLA was in fact safe.

In fact this risky VLA was completely unnecessary, because the GSS
signature can be verified in place without being copied to the stack,
like the message covered by the signature. The `REGION_TO_GBUFFER()`
macro backwardly assigns the region in its left argument to the GSS
buffer in its right argument; this is just a pointer and length
conversion, without copying any data. The `gss_verify_mic()` call uses
both message and signature GSS buffers in a read-only manner.
2022-03-18 17:21:57 +00:00
Ondřej Surý 865808939b Merge branch 'ondrej/remove-ATOMIC_VAR_INIT-v9_16' into 'v9_16'
Remove usage of deprecated ATOMIC_VAR_INIT() macro

See merge request isc-projects/bind9!5951
2022-03-17 21:43:13 +00:00
Ondřej Surý 2c86bd4ed9 Remove debugging implementation of stdatomic using mutexes
Upcoming LLVM/Clang 15 has marked the ATOMIC_VAR_INIT() as deprecated
breaking the build.  In the previous commit, we have removed the use of
ATOMIC_VAR_INIT(), but as that was a prerequisite to using the
--enable-mutexatomic debugging mode, we have to remove the debugging
mode.
2022-03-17 21:44:04 +01:00
Ondřej Surý 25732d818d Remove usage of deprecated ATOMIC_VAR_INIT() macro
The C17 standard deprecated ATOMIC_VAR_INIT() macro (see [1]).  Follow
the suite and remove the ATOMIC_VAR_INIT() usage in favor of simple
assignment of the value as this is what all supported stdatomic.h
implementations do anyway:

  * MacOSX.plaform: #define ATOMIC_VAR_INIT(__v) {__v}
  * Gcc stdatomic.h: #define ATOMIC_VAR_INIT(VALUE)	(VALUE)

1. http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2018/p1138r0.pdf

(cherry picked from commit f251d69eba)
2022-03-17 21:44:04 +01:00
Ondřej Surý 87cd661638 Merge branch '3208-fix-xfrout-maxtimer-timer-log-message-log-level-v9_16' into 'v9_16'
Change xfer-out timer message log level to DEBUG(1)

See merge request isc-projects/bind9!5997
2022-03-17 20:41:20 +00:00
Ondřej Surý 821be88002 Change xfer-out timer message log level to DEBUG(1)
When max-transfer-*-out timeouts were reintroduced, the log message
about starting the timer was errorneously left as ISC_LOG_ERROR.
Change the log level of said message to ISC_LOG_DEBUG(1).

(cherry picked from commit 8f6e4dfa15)
2022-03-17 21:39:20 +01:00
Ondřej Surý dfb2e611de Merge branch 'ondrej/add-missing-braces-clang-format-15-v9_16' into 'v9_16'
Add couple missing braces around single-line statements [v9.16]

See merge request isc-projects/bind9!5970
2022-03-17 19:45:06 +00:00
Ondřej Surý be47b2e5e4 Add couple missing braces around single-line statements
The clang-format-15 has new option InsertBraces that could add missing
branches around single line statements.  Use that to our advantage
without switching to not-yet-released LLVM version to add missing braces
in couple of places.
2022-03-17 18:31:36 +01:00
Ondřej Surý f81b183c78 Merge branch '3200-add-per-send-timer-v9_16' into 'v9_16'
Change single write timer to per-send timers [v9.16]

See merge request isc-projects/bind9!5962
2022-03-17 16:25:04 +00:00
Ondřej Surý 96e01d40bf Add CHANGES and release note for [GL #3200]
(cherry picked from commit 8ace9e0c62)
2022-03-17 16:07:52 +01:00
Ondřej Surý 7a386256b6 On shutdown, reset the established TCP connections
Previously, the established TCP connections (both client and server)
would be gracefully closed waiting for the write timeout.

Don't wait for TCP connections to gracefully shutdown, but directly
reset them for faster shutdown.

(cherry picked from commit 6ddac2d56d)
2022-03-17 16:07:52 +01:00
Ondřej Surý d17d043499 Change single write timer to per-send timers
Previously, there was a single per-socket write timer that would get
restarted for every new write.  This turned out to be insufficient
because the other side could keep reseting the timer, and never reading
back the responses.

Change the single write timer to per-send timer which would in turn
reset the TCP connection on the first send timeout.

(cherry picked from commit a761aa59e3)
2022-03-17 16:07:52 +01:00
Michał Kępień 25382f1d2d Merge branch 'v9_16_27-release' into 'v9_16'
Merge 9.16.27 release branch

See merge request isc-projects/bind9!5991
2022-03-16 23:26:55 +00:00
Michał Kępień e82ffa9b03 Set up release notes for BIND 9.16.28 2022-03-17 00:19:11 +01:00
Tinderbox UserandMichał Kępień 0eab4dd1ae Merge branch 'prep-release' into security-v9_16 2022-03-17 00:19:11 +01:00
Michał Kępień b6c6c70e33 Merge branch 'michal/prepare-documentation-for-bind-9.16.27' into 'security-v9_16'
Prepare documentation for BIND 9.16.27

See merge request isc-private/bind9!393
2022-03-17 00:19:11 +01:00
Tinderbox UserandMichał Kępień 05e2e8c98b prep 9.16.27 2022-03-17 00:19:11 +01:00
Michał Kępień 6066c45496 Merge branch '3112-ensure-correct-ordering-in-isc__nm_process_sock_buffer-v9_16' into 'security-v9_16'
[CVE-2022-0396] [v9_16] Resolve #3112 TCP sockets stuck in CLOSE_WAIT

See merge request isc-private/bind9!376
2022-03-17 00:19:11 +01:00
Michał Kępień 3849ad19fb Prepare release notes for BIND 9.16.27 2022-03-17 00:19:11 +01:00
Michał Kępień f1bc36f193 Merge branch '2950-confidential-cache-acceptance-rules-v9_16' into 'security-v9_16'
[CVE-2021-25220] [v9_16] prevent cache poisoning from forwarder responses

See merge request isc-private/bind9!380
2022-03-17 00:19:11 +01:00
Ondřej SurýandMichał Kępień e0565c3362 Add CHANGES and release note for [GL #3112] 2022-03-17 00:19:11 +01:00
Michał Kępień 768fdcd38b Reorder release notes 2022-03-17 00:19:11 +01:00
Petr ŠpačekandMichał Kępień 6939b9f47d Add Release Note for [GL #2950] 2022-03-17 00:19:11 +01:00
Ondřej SurýandMichał Kępień afee2b5a7b Run .closehandle_cb asynchrounosly in nmhandle_detach_cb()
When sock->closehandle_cb is set, we need to run nmhandle_detach_cb()
asynchronously to ensure correct order of multiple packets processing in
the isc__nm_process_sock_buffer().  When not run asynchronously, it
would cause:

  a) out-of-order processing of the return codes from processbuffer();

  b) stack growth because the next TCP DNS message read callback will
     be called from within the current TCP DNS message read callback.

The sock->closehandle_cb is set to isc__nm_resume_processing() for TCP
sockets which calls isc__nm_process_sock_buffer().  If the read callback
(called from isc__nm_process_sock_buffer()->processbuffer()) doesn't
attach to the nmhandle (f.e. because it wants to drop the processing or
we send the response directly via uv_try_write()), the
isc__nm_resume_processing() (via .closehandle_cb) would call
isc__nm_process_sock_buffer() recursively.

The below shortened code path shows how the stack can grow:

 1: ns__client_request(handle, ...);
 2: isc_nm_tcpdns_sequential(handle);
 3: ns_query_start(client, handle);
 4:   query_lookup(qctx);
 5:     query_send(qctcx->client);
 6:       isc__nmhandle_detach(&client->reqhandle);
 7:         nmhandle_detach_cb(&handle);
 8:           sock->closehandle_cb(sock); // isc__nm_resume_processing
 9:             isc__nm_process_sock_buffer(sock);
10:               processbuffer(sock); // isc__nm_tcpdns_processbuffer
11:                 isc_nmhandle_attach(req->handle, &handle);
12:                 isc__nm_readcb(sock, req, ISC_R_SUCCESS);
13:                   isc__nm_async_readcb(NULL, ...);
14:                     uvreq->cb.recv(...); // ns__client_request

Instead, if 'sock->closehandle_cb' is set, we need to run detach the
handle asynchroniously in 'isc__nmhandle_detach', so that on line 8 in
the code flow above does not start this recursion. This ensures the
correct order when processing multiple packets in the function
'isc__nm_process_sock_buffer()' and prevents the stack growth.

When not run asynchronously, the out-of-order processing leaves the
first TCP socket open until all requests on the stream have been
processed.

If the pipelining is disabled on the TCP via `keep-response-order`
configuration option, named would keep the first socket in lingering
CLOSE_WAIT state when the client sends an incomplete packet and then
closes the connection from the client side.
2022-03-17 00:19:11 +01:00
Michał Kępień 0470bce329 Tweak and reword release notes 2022-03-17 00:19:11 +01:00
Petr ŠpačekandMichał Kępień da84b6ea4f Add CHANGES note for [GL #2950] 2022-03-17 00:19:11 +01:00
Michał Kępień b622db776c Fix typo in CHANGES 2022-03-17 00:19:11 +01:00
Mark AndrewsandMichał Kępień 71b2421054 Look for zones deeper than the current domain or forward name
When caching glue, we need to ensure that there is no closer
source of truth for the name. If the owner name for the glue
record would be answered by a locally configured zone, do not
cache.
2022-03-17 00:19:11 +01:00
Mark AndrewsandMichał Kępień ea06552a3d Check cached names for possible "forward only" clause
When caching additional and glue data *not* from a forwarder, we must
check that there is no "forward only" clause covering the owner name
that would take precedence.  Such names would normally be allowed by
baliwick rules, but a "forward only" zone introduces a new baliwick
scope.
2022-03-17 00:19:11 +01:00
Mark AndrewsandMichał Kępień 3fc7accd88 Check that the forward declaration is unchanged and not overridden
If we are using a fowarder, in addition to checking that names to
be cached are subdomains of the forwarded namespace, we must also
check that there are no subsidiary forwarded namespaces which would
take precedence. To be safe, we don't cache any responses if the
forwarding configuration has changed since the query was sent.
2022-03-17 00:19:11 +01:00
Mark AndrewsandMichał Kępień 24155213be Add additional name checks when using a forwarder
When using a forwarder, check that the owner name of response
records are within the bailiwick of the forwarded name space.
2022-03-17 00:19:11 +01:00
Michał Kępień d20a04aea8 Merge branch 'michal/tidy-setup-of-python-based-tests-v9_16' into 'v9_16'
[v9_16] Tidy setup of Python-based tests

See merge request isc-projects/bind9!5974
2022-03-14 11:44:10 +00:00
Michał Kępień eaed6c74d8 Fix broken dnspython version checks
The dns.query Python module has the send_tcp() method defined in both
dnspython 1.x and 2.x, so checking for the existence of that method to
determine the dnspython version available in the test environment does
not make any sense.  Fix by checking the dns.version.MAJOR integer
instead.
2022-03-14 09:19:03 +01:00
Michał Kępień e41c0a6b6c Rework skipping long tests
The ability to conveniently mark tests which should only be run when the
CI_ENABLE_ALL_TESTS environment variable is set seems to be useful on a
general level and therefore it should not be limited to the "timeouts"
system test, where it is currently used.

pytest documentation [1] suggests to reuse commonly used test markers by
putting them all in a single Python module which then has to be imported
by test files that want to use the markers defined therein.  Follow that
advice by creating a new bin/tests/system/pytest_custom_markers.py
Python module containing the relevant marker definitions.

Note that "import pytest_custom_markers" works from a test-specific
subdirectory because pytest modifies sys.path so that it contains the
paths to all parent directories containing a conftest.py file (and
bin/tests/system/ is one).  PyLint does not like that, though, so add a
relevant PyLint suppression.

The above changes make bin/tests/system/timeouts/conftest.py redundant,
so remove it.

[1] https://docs.pytest.org/en/7.0.x/how-to/skipping.html#id1

(cherry picked from commit 00392921f0)
2022-03-14 09:19:03 +01:00
Michał Kępień 30bbbc7aef Rework imports in dnspython-based system tests
Ensure all "import dns.*" statements are always placed after
pytest.importorskip('dns') calls, in order to allow the latter to
fulfill their purpose.  Explicitly import all dnspython modules used by
each dnspython-based test to avoid relying on nested imports.  Replace
function-scoped imports with global imports to reduce code duplication.

(cherry picked from commit 49312d6bb2)
2022-03-14 09:19:03 +01:00
Michał Kępień 45bbb518d5 Fix skipping tests requiring dnspython
The intended purpose of the @pytest.mark.dnspython{,2} decorators was to
cause dnspython-based tests to be skipped if dnspython is not available
(or not recent enough).  However, a number of system tests employing
those decorators contain global "import dns.resolver" statements which
trigger ImportError exceptions during test initialization if dnspython
is not available.  In other words, the @pytest.mark.dnspython{,2}
decorators serve no useful purpose.

Currently, whenever a Python-based test requires dnspython, that
requirement applies to all tests in a given *.py file.  Given that,
employ global pytest.importorskip() calls to ensure dnspython-based
parts of various system tests are skipped when dnspython is not
available.  Remove all occurrences of the @pytest.mark.dnspython{,2}
decorators (and all associated code) to prevent confusion.

(cherry picked from commit 05c97f2329)
2022-03-14 09:19:03 +01:00
Michał Kępień d9ae31be8c Fix skipping tests requiring the requests module
The intended purpose of the @pytest.mark.requests decorator was to cause
Python-based parts of the "statschannel" system test to be skipped if
the requests Python module is not available.  However, both
tests-json.py and tests-xml.py contain a global "import requests"
statement which triggers ImportError exceptions during test
initialization if the requests module is not available.  In other words,
the @pytest.mark.requests decorator serves no useful purpose.

Since all tests in both tests-json.py and tests-xml.py depend on the
requests Python module, employ pytest.importorskip() to ensure the
Python-based parts of the "statschannel" system test are skipped when
the requests module is not available.  Remove all occurrences of the
@pytest.mark.requests decorator (and all associated code) to prevent
confusion.

(cherry picked from commit 704ad2907f)
2022-03-14 09:19:03 +01:00
Michał Kępień 098bd03f7d Simplify skipping tests depending on libxml2
All tests in bin/tests/system/statschannel/tests-xml.py require libxml2
support to be enabled in BIND 9 at build-time.  Instead of applying the
same pytest.mark.skipif() decorator to every test in that file, set the
'pytestmark' global accordingly in order to immediately skip all tests
in tests-xml.py if libxml2 support is not compiled in.

Remove all occurrences of the @pytest.mark.xml decorator (and all
associated code) from the "statschannel" system test as the
xml.etree.ElementTree module is a part of the Python standard library
since Python 2.5 (so checking whether it is available is redundant) and
checking for libxml2 support in the tested BIND 9 build is already
handled by setting the 'pytestmark' global accordingly.

(cherry picked from commit 286b57c7f1)
2022-03-14 09:19:03 +01:00
Michał Kępień c1a0651f54 Simplify skipping tests depending on json-c
All tests in bin/tests/system/statschannel/tests-json.py require json-c
support to be enabled in BIND 9 at build-time.  Instead of applying the
same pytest.mark.skipif() decorator to every test in that file, set the
'pytestmark' global accordingly in order to immediately skip all tests
in tests-json.py if json-c support is not compiled in.

Remove all occurrences of the @pytest.mark.json decorator (and all
associated code) from the "statschannel" system test as the json module
is a part of the Python standard library since Python 2.6 (so checking
whether it is available is redundant) and checking for json-c support in
the tested BIND 9 build is already handled by setting the 'pytestmark'
global accordingly.

Also remove a related excerpt from bin/tests/system/rpzextra/conftest.py
as it is a copy-paste artifact that serves no purpose in the "rpzextra"
system test.

(cherry picked from commit 0a76f186a5)
2022-03-14 09:19:03 +01:00
Michał Kępień 14a3bb4897 Refactor "statschannel" test's helper modules
The "statschannel" system test contains two Python helper modules:

  - generic.py: test functions directly invoked by both tests-json.py
    and test-xml.py,

  - helper.py: helper functions invoked by test functions in generic.py.

The above logic for splitting helper functions into Python modules
prevents selective test skipping from working due to unconditional
import statements being present in both helper modules.  For example, if
dnspython is not available on the test host, tests-json.py imports
generic.py, which in turn imports helper.py, which in turn attempts to
import various dnspython modules, triggering ImportError exceptions
during test initialization.  Various decorators used for some tests
(like @pytest.mark.dnspython) suggest that such a scenario should be
handled gracefully, but that is not the case - modifying the test
collection in conftest.py does not prevent pytest from failing due to
import errors.

Fix by moving helper functions around to achieve a different split:

  - generic.py: helper functions only relying on the Python standard
    library,

  - generic_dnspython.py: helper functions requiring dnspython.

Only two tests in tests-{json,xml}.py need dnspython to work
(test_traffic_json(), test_traffic_xml()).  Since all
dnspython-dependent code is now present in generic_dnspython.py, employ
pytest.importorskip() in those two tests to ensure they can be
selectively skipped when dnspython is not available.  Adjust other code
to account for the revised Python helper module layout.  Remove all
occurrences of the @pytest.mark.dnspython decorator (and all associated
code) from the "statschannel" system test to prevent confusion.

(cherry picked from commit 96b7f9f9aa)
2022-03-14 09:19:03 +01:00
Michał Kępień 30d7a68129 Reuse common port-related test fixtures
Most Python-based system tests need to know which ports were assigned to
a given test by bin/tests/system/get_ports.sh.  This is currently
handled by inspecting the values of various environment variables (set
by bin/tests/system/run.sh) and passing the port numbers to Python
scripts via pytest fixtures.  However, this glue code has so far been
copy-pasted into each system test using it, rather than reused.

Since pytest also looks for conftest.py files in parent directories,
move commonly used fixtures to bin/tests/system/conftest.py.  Set the
scope of all the moved fixtures to "session" as their return values are
only based on environment variables, so there is no point in recreating
them for every test requesting them.  Adjust test code accordingly.

(cherry picked from commit 53ef8835c1)
2022-03-14 09:19:03 +01:00
Petr Špaček 049ab48776 Merge branch '2799-documentation-for-administrative-tools-is-out-of-sync-with-manual-pages-v9_16' into 'v9_16'
Fix Administrative Tools section in the ARM [v9_16]

See merge request isc-projects/bind9!5959
2022-03-10 21:10:29 +00:00
Tony FinchandPetr Špaček 1558adbcdf Refer to RFC 4592 for DNS wildcards
The named-checkzone(1) and named-compilezone(1) manual pages used to
refer to the description of wildcards in RFC 1034.

(cherry picked from commit 178aef5b8c)
2022-03-10 21:58:36 +01:00
Suzanne GoldlustandPetr Špaček da3369179f Fix Tools for Use With the Name Server Daemon in the ARM
Remove outdated command references from ARM section
3.3.1. Tools for Use With the Name Server Daemon
and replace them with links to man pages.

Fixes: #2799
(cherry picked from commit 2d2d87a615)
2022-03-10 21:58:36 +01:00