ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
29,218 Commits 589 Branches 805 Tags
bdae8ed097912effdeebb7fc75a56ce2abb35e4a
Commit Graph

6054 Commits

Author SHA1 Message Date
Witold Kręcicki
000fdd8fa5 Fix a possible deadlock in TCP accepting 
Each network thread holds an array of locks, indexed by a hash
of fd. When we accept a connection we hold a lock in accepting thread.
We then generate the thread number and lock bucket for the new
connection socket - if we hit the same thread and lock bucket as
accepting socket we get a deadlock. Avoid this by checking if we're
in the same thread/lock bucket and not locking in this case.

(cherry picked from commit 75815c1581)
 2019-05-24 12:50:15 +02:00
Mark Andrews
98de15b780 Recurse to find the root server list with 'dig +trace'. 
(cherry picked from commit e65d4989a1)
 2019-05-22 16:05:25 +10:00
Mark Andrews
4de58ee1c8 arm: just use the compiler's default yield support 
(cherry picked from commit f546769b8b)
 2019-05-13 12:19:26 +10:00
Tinderbox User
d7862ea81c prep 9.14.2 2019-05-10 04:51:22 +00:00
Evan Hunt
3b7bf9ecac fix change number 2019-05-09 21:00:54 -07:00
Michał Kępień
9ca0c63f1f Add CHANGES entry 
5219.	[bug]		Negative trust anchors did not work with "forward only;"
			to validating resolvers. [GL #997]

(cherry picked from commit 5be7c6f4b3)
 2019-05-09 20:37:37 -07:00
Mark Andrews
07f8daf536 Recognise EDNS Client Tag and EDNS Server Tag 
(cherry picked from commit ee7cf180b3)
 2019-05-09 18:19:29 +10:00
Evan Hunt
bfd646795d CHANGES, release notes 2019-05-08 21:59:35 -07:00
Mark Andrews
7dd4fa9da3 enforce known SSHFP finger print lengths 
(cherry picked from commit 1722728c80)
 2019-05-09 08:48:28 +10:00
Mark Andrews
7098238039 add CHANGES 
(cherry picked from commit ba1d7f3a07)
 2019-05-07 13:43:15 +10:00
Mark Andrews
0b6a698320 add CHANGES 
(cherry picked from commit bdc66eb5d9)
 2019-05-07 11:07:32 +10:00
Mark Andrews
83310317c7 add CHANGES note 
(cherry picked from commit ce5520b695)
 2019-05-07 10:27:18 +10:00
Evan Hunt
df9cfeaf1b CHANGES 
(cherry picked from commit d3cd0729c9)
 2019-05-06 15:54:31 -07:00
Evan Hunt
6925c8136d CHANGES 
(cherry picked from commit f1aaf45085)
 2019-05-06 14:02:41 -07:00
Mark Andrews
455472c817 move change 5190 above 9.14.1 release point. 2019-04-30 08:41:35 +10:00
Evan Hunt
e4204809ed CHANGES 
(cherry picked from commit ce8ad08a45)
 2019-04-26 00:32:55 -07:00
Tinderbox User
02cbca91d7 prep 9.14.1 
(cherry picked from commit c7004347bc)
 2019-04-25 17:00:56 +02:00
Evan Hunt
228a29da4b CHANGES, release note 
(cherry picked from commit 244e44af432121a05e0a308b7ccce96a8ecd28ab)
(cherry picked from commit 79fad84bf6)
 2019-04-25 16:20:50 +02:00
Evan Hunt
31c690396d CHANGES, release note 
(cherry picked from commit ab5473007e91f011d003ff0ba5ab32fa0d56360c)
(cherry picked from commit 404be59527)
 2019-04-25 15:59:43 +02:00
Witold Kręcicki
434ef46661 When resuming from qname-minimization increase fetches-per-zone counters for the 'new' zone 
(cherry picked from commit 7043c6eaf5)
 2019-04-24 11:03:37 +10:00
Mark Andrews
c7bf78d52d add CHANGES 
(cherry picked from commit 19e4098139)
 2019-04-24 09:31:04 +10:00
Mark Andrews
c15805d74d add CHANGES 
(cherry picked from commit 11cddb689f)
 2019-04-24 08:52:20 +10:00
Evan Hunt
358e37309c CHANGES 
(cherry picked from commit 4d358c9bce)
 2019-04-22 19:11:41 -07:00
Michał Kępień
b45e5fc0c6 Add CHANGES entry 
5214.	[bug]		win32: named now removes its lock file upon shutdown.
			[GL #979]

(cherry picked from commit e048436805)
 2019-04-19 11:00:36 +02:00
Michał Kępień
d79ad36b90 Add CHANGES entry 
5213.	[bug]		win32: Eliminated a race which allowed named.exe running
			as a service to be killed prematurely during shutdown.
			[GL #978]

(cherry picked from commit e7332343ed)
 2019-04-19 09:53:39 +02:00
Matthijs Mekking
30ec661356 Update CHANGES 
(cherry picked from commit 768ded1102)
 2019-04-17 10:36:20 +02:00
Evan Hunt
0d6a4f7a89 CHANGES 
(cherry picked from commit 5071e43c19)
 2019-04-15 11:38:28 -07:00
Matthijs Mekking
f4dc62f33b With update-check-ksk also consider offline keys 
The option `update-check-ksk` will look if both KSK and ZSK are
available before signing records.  It will make sure the keys are
active and available.  However, for operational practices keys may
be offline.  This commit relaxes the update-check-ksk check and will
mark a key that is offline to be available when adding signature
tasks.

(cherry picked from commit 3cb8c49c73)
 2019-04-12 11:33:06 +02:00
Evan Hunt
ded4650794 CHANGES 2019-04-11 15:48:50 -07:00
Mark Andrews
ad73e08b07 Add CHANGES 
(cherry picked from commit 307a1b563b)
 2019-04-11 19:47:44 +10:00
Mark Andrews
fe0c131061 add CHANGES 
(cherry picked from commit dfc485b02e)
 2019-04-10 15:48:48 +10:00
Mark Andrews
dad1a49e4e Add CHANGES. 
(cherry picked from commit 538da8c80d)
 2019-04-10 15:08:33 +10:00
Mark Andrews
92bb35b2f5 add CHANGES 
(cherry picked from commit 97b7360ce1)
 2019-04-10 14:44:05 +10:00
Mark Andrews
2e7a18fb3c add CHANGES 
(cherry picked from commit d712b88048)
 2019-04-10 13:24:17 +10:00
Mark Andrews
3c32b765c1 add CHANGES 
(cherry picked from commit f78c688c4f)
 2019-04-09 14:22:50 +10:00
Mark Andrews
14313d798a <dns/ecs.h> was missing ISC_LANG_ENDDECLS. 
(cherry picked from commit 698a6f955e)
 2019-04-09 12:05:57 +10:00
Witold Kręcicki
6e63d7047d Fix deadlock in RPZ update code. 
In dns_rpz_update_from_db we call setup_update which creates the db
iterator and calls dns_dbiterator_first. This unpauses the iterator and
might cause db->tree_lock to be acquired. We then do isc_task_send(...)
on an event to do quantum_update, which (correctly) after each iteration
calls dns_dbiterator_pause, and re-isc_task_sends itself.

That's an obvious bug, as we're holding a lock over an async task send -
if a task requesting write (e.g. prune_tree) is scheduled on the same
workers queue as update_quantum but before it, it will wait for the
write lock indefinitely, resulting in a deadlock.

To fix it we have to pause dbiterator in setup_update.

(cherry picked from commit 06021b3529)
 2019-04-06 12:41:36 -07:00
Witold Kręcicki
4df48b84c1 CHANGES 
(cherry picked from commit d11791e24c)
 2019-04-03 16:34:33 +02:00
Mark Andrews
ffdd736b63 add CHANGES 
(cherry picked from commit b779342017)
 2019-03-26 21:32:08 +11:00
Mark Andrews
7a0f39b848 add CHANGES 
(cherry picked from commit bd670d4a04)
 2019-03-26 19:54:40 +11:00
Tinderbox User
e6225b210b prep 9.14.0 2019-03-22 10:35:15 -07:00
Tinderbox User
2d36283bc1 prep 9.14.0rc3 2019-03-22 10:35:15 -07:00
Evan Hunt
6b09e885b8 CHANGES, release notes 
(cherry picked from commit 55a7961cf3)
 2019-03-22 00:15:22 -07:00
Mark Andrews
5125a367ad add CHANGES 
(cherry picked from commit e1db1b8dcb)
 2019-03-22 06:52:10 +11:00
Mark Andrews
2818a83df9 add CHANGES 
(cherry picked from commit c20b89fcf8)
 2019-03-21 20:26:29 +11:00
Mark Andrews
3954d4ec30 Remove revoked root DNSKEY from bind.keys. 
(cherry picked from commit 0e805b58e8)
 2019-03-18 21:21:39 -07:00
Mark Andrews
b1c658b850 add CHANGES 
(cherry picked from commit 788f784191)
 2019-03-15 16:17:52 +11:00
Tony Finch
d69530cae8 A bit more cleanup in the dnssec-keygen manual 
Remove another remnant of shared secret HMAC-MD5 support.

Explain that with currently recommended setups DNSKEY records are
inserted automatically, but you can still use $INCLUDE in other cases.

(cherry picked from commit acc3fa04b7)
 2019-03-14 15:17:03 +11:00
Mark Andrews
1210201ab3 add CHANGES 
(cherry picked from commit 32f2ae3791)
 2019-03-14 09:01:12 +11:00
Evan Hunt
a87585aba3 CHANGES 
(cherry picked from commit 9463a781fb)
 2019-03-12 13:59:12 -07:00