481 Commits

Author SHA1 Message Date
Ondřej Surý
888dcc6aab Remove UNREACHABLE() statements after exit()
Couple of UNREACHABLE() statements following exit() were found and
removed.

(cherry picked from commit 81fdc4a822)
2022-03-25 10:08:39 +01:00
Ondřej Surý
75f9dd8e82 Simplify way we tag unreachable code with only ISC_UNREACHABLE()
Previously, the unreachable code paths would have to be tagged with:

    INSIST(0);
    ISC_UNREACHABLE();

There was also older parts of the code that used comment annotation:

    /* NOTREACHED */

Unify the handling of unreachable code paths to just use:

    UNREACHABLE();

The UNREACHABLE() macro now asserts when reached and also uses
__builtin_unreachable(); when such builtin is available in the compiler.

(cherry picked from commit 584f0d7a7e)
2022-03-25 09:33:51 +01:00
Ondřej Surý
25732d818d Remove usage of deprecated ATOMIC_VAR_INIT() macro
The C17 standard deprecated ATOMIC_VAR_INIT() macro (see [1]).  Follow
the suite and remove the ATOMIC_VAR_INIT() usage in favor of simple
assignment of the value as this is what all supported stdatomic.h
implementations do anyway:

  * MacOSX.plaform: #define ATOMIC_VAR_INIT(__v) {__v}
  * Gcc stdatomic.h: #define ATOMIC_VAR_INIT(VALUE)	(VALUE)

1. http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2018/p1138r0.pdf

(cherry picked from commit f251d69eba)
2022-03-17 21:44:04 +01:00
Ondřej Surý
2bf7921c7e Update the copyright information in all files in the repository
This commit converts the license handling to adhere to the REUSE
specification.  It specifically:

1. Adds used licnses to LICENSES/ directory

2. Add "isc" template for adding the copyright boilerplate

3. Changes all source files to include copyright and SPDX license
   header, this includes all the C sources, documentation, zone files,
   configuration files.  There are notes in the doc/dev/copyrights file
   on how to add correct headers to the new files.

4. Handle the rest that can't be modified via .reuse/dep5 file.  The
   binary (or otherwise unmodifiable) files could have license places
   next to them in <foo>.license file, but this would lead to cluttered
   repository and most of the files handled in the .reuse/dep5 file are
   system test files.

(cherry picked from commit 58bd26b6cf)
2022-01-11 12:22:09 +01:00
Aram Sargsyan
c6e4c28b4e Add dst_key_pubcompare and dst_key_compare unit test
The dst_key_pubcompare() and dst_key_compare() didn't have a unit test,
add the unit tests which test comparing the same keys, different keys,
and, where possible, similar keys with a manually altered parameter.

dst_key_pubcompare() internally uses the *_todns() functions of the
lib/dns/openssl*_link.c modules.

dst_key_compare() internally uses the *_compare() functions of the
lib/dns/openssl*_link.c modules.
2021-10-28 14:52:28 +00:00
Evan Hunt
ddc677ae64 rename dns_zone_master and dns_zone_slave
dns_zone_master and dns_zone_slave are renamed as dns_zone_primary
and dns_zone_secondary.

(cherry picked from commit 916760ae46)
2021-08-30 11:58:29 -07:00
Mark Andrews
7d3d7cacf9 Reject zero length ALPN elements in fromwire
(cherry picked from commit 8833d90292)
2021-08-19 18:59:29 +10:00
Mark Andrews
c9858fa078 Check that ALPN is present when NO-DEFAULT-ALPN is present in fromwire
(cherry picked from commit 2f51bb2d93)
2021-08-19 17:32:32 +10:00
Mark Andrews
c0c38eeb36 Add invalid test vectors
(cherry picked from commit bc21015438)
2021-08-18 14:59:29 +10:00
Mark Andrews
4fd35998e6 add text vs unknown test vectors
(cherry picked from commit 3e459b4808)
2021-08-18 14:59:29 +10:00
Mark Andrews
c7130b36fc Parse and print HTTPS and SVCB records
(cherry picked from commit 36f34a3e79)
2021-08-18 14:59:29 +10:00
Mark Andrews
8538c762cb Fix unchecked returns of dns_name_fromtext 2021-07-12 02:40:25 +00:00
Ondřej Surý
a12938e183 Add rbtdb setownercase/getownercase unit test
This commit adds a unittest that tests private rdataset_getownercase()
and rdataset_setownercase() methods from rbtdb.c.  The test setups
minimal mock dns_rbtdb_t and dns_rbtdbnode_t data structures.

As the rbtdb methods are generally hidden behind layers and layers, we
include the "rbtdb.c" directly from rbtdb_test.c, and thus we can use
the private methods and data structures directly.  This also opens up
opportunity to add more unittest for the rbtdb private functions without
going through all the layers.

(cherry picked from commit c7a11bd5b4)
2021-06-23 17:31:13 +02:00
Mark Andrews
c7216ae382 Adjust acceptable count values
usleep(100000) can be slightly less than 10ms so allow the count
to reach 11.

(cherry picked from commit 2bc454dc2d)
2021-06-10 08:33:46 +10:00
Mark Andrews
ee07fb854a Adjust returned method from dns_updatemethod_date
if dns_updatemethod_date is used do that the returned method is only
set to dns_updatemethod_increment if the new serial does not encode
the current day (YYYYMMDDXX).

(cherry picked from commit 5d21042ed8)
2021-05-18 22:55:35 +10:00
Evan Hunt
ef1d909fa9 backport of netmgr/taskmgr to 9.16
this rolls up numerous changes that have been applied to the
main branch, including moving isc_task operations into the
netmgr event loops, and other general stabilization.
2021-05-14 12:52:48 +02:00
Ondřej Surý
a09822b624 Add nanosleep and usleep Windows shims
This commit adds POSIX nanosleep() and usleep() shim implementation for
Windows to help implementors use less #ifdef _WIN32 in the code.

(cherry picked from commit c37ff5d188)
2021-05-14 12:19:48 +02:00
Mark Andrews
53d755966e Update ZONEMD to match RFC 8976
* The location of the digest type field has changed to where the
  reserved field was.
* The reserved field is now called scheme and is where the digest
  type field was.
* Digest type 2 has been defined (SHA256).

(cherry picked from commit 8510ccaa54)
2021-04-30 11:21:19 +10:00
Mark Andrews
9324d2d295 Reduce nsec3 max iterations to 150
(cherry picked from commit 29126500d2)
2021-04-29 17:44:46 +10:00
Matthijs Mekking
0d47f9f20f Use stale TTL as RRset TTL in dumpdb
It is more intuitive to have the countdown 'max-stale-ttl' as the
RRset TTL, instead of 0 TTL. This information was already available
in a comment "; stale (will be retained for x more seconds", but
Support suggested to put it in the TTL field instead.

(cherry picked from commit a83c8cb0af)
2021-04-13 10:59:17 +02:00
Mark Andrews
0cea486327 Test a LOC record with an invalid direction field
(cherry picked from commit 07902d9f9d)
2021-02-19 11:39:12 +11:00
Michal Nowak
f483b102dd Drop USE_OPENSSL constraint from dh_test
The USE_OPENSSL constraint in dh_test does not seems to be necessary
anymore, the test runs with PKCS#11 as well.

(cherry picked from commit c341e7f740)
2021-02-17 12:46:25 +01:00
Michal Nowak
ed38e32b69 Ensure dnstap_test returns SKIPPED_TEST_EXIT_CODE
Make sure lib/dns/tests/dnstap_test returns an exit code that indicates
a skipped test when dnstap is not enabled.

(cherry picked from commit c286341703)
2021-02-17 12:15:18 +01:00
Michal Nowak
04aff208fb Use BIND 9.17 preprocessor macro to skip unit test
BIND 9.17 changed exit code of skipped test to meet Automake
expectations in fa505bfb0e. BIND 9.16 was
not rewritten to Automake, but for consistency reasons, the same
SKIPPED_TEST_EXIT_CODE preprocessor macro is used (though the actual
exit code differs from the one in BIND 9.17).

(cherry picked from commit fa505bfb0e)
2021-02-17 12:09:25 +01:00
Ondřej Surý
4bbe3e75de Stop including dnstap headers from <dns/dnstap.h>
The <fstrm.h> and <protobuf-c/protobuf-c.h> headers are only directly
included where used and we stopped exposing those headers from libdns
headers.
2021-02-16 12:08:21 +11:00
Mark Andrews
b8fc8742e5 Re-order include directories
${FSTRM_CFLAGS} ${PROTOBUF_C_CFLAGS} ${OPENSSL_CFLAGS} ${LMDB_CFLAGS}
need to appear after all directories in the build tree.
2021-02-16 12:08:21 +11:00
Ondřej Surý
04f9f45c54 Print warning when falling back to increment soa serial method
When using the `unixtime` or `date` method to update the SOA serial,
`named` and `dnssec-signzone` would silently fallback to `increment`
method to prevent the new serial number to be smaller than the old
serial number (using the serial number arithmetics).  Add a warning
message when such fallback happens.

(cherry picked from commit ef685bab5c)
2020-12-12 07:55:29 +01:00
Matthijs Mekking
2f0b924ce6 Add NSEC3PARAM unit test, refactor zone.c
Add unit test to ensure the right NSEC3PARAM event is scheduled in
'dns_zone_setnsec3param()'.  To avoid scheduling and managing actual
tasks, split up the 'dns_zone_setnsec3param()' function in two parts:

1. 'dns__zone_lookup_nsec3param()' that will check if the requested
   NSEC3 parameters already exist, and if a new salt needs to be
   generated.

2. The actual scheduling of the new NSEC3PARAM event (if needed).

(cherry picked from commit 64db30942d)
2020-11-26 14:15:05 +00:00
Michał Kępień
a6f2e36ee6 Use proper cmocka macros for pointer checks
Make sure pointer checks in unit tests use cmocka assertion macros
dedicated for use with pointers instead of those dedicated for use with
integers or booleans.

(cherry picked from commit f440600126)
2020-11-26 13:13:21 +01:00
Ondřej Surý
50db10b7ca Fix the clang 12 warnings with multi-line strings in string arrays
The clang 12 has a new warning that warns when using multi-line strings
in the string arrays, f.e.:

    { "aa",
      "b"
      "b",
      "cc" }

would generate warning like this:

    private_test.c:162:7: error: suspicious concatenation of string literals in an array initialization; did you mean to separate the elements with a comma? [-Werror,-Wstring-concatenation]
                                      "33333/RSASHA1" };
                                      ^
    private_test.c:161:7: note: place parentheses around the string literal to silence warning
                                      "Done removing signatures for key "
                                      ^
    private_test.c:197:7: error: suspicious concatenation of string literals in an array initialization; did you mean to separate the elements with a comma? [-Werror,-Wstring-concatenation]
                                      "NSEC chain",
                                      ^
    private_test.c:196:7: note: place parentheses around the string literal to silence warning
                                      "Removing NSEC3 chain 1 0 30 DEAF / creating "
                                      ^
    2 errors generated.

(cherry picked from commit 7b07f22969)
2020-10-01 18:42:11 +02:00
Mark Andrews
2b4f4cbbd0 Add the ability select individual tests to rdata_test
(cherry picked from commit 6293682020)
2020-10-01 22:57:47 +10:00
Ondřej Surý
f0989bdf03 The dns_message_create() cannot fail, change the return to void
The dns_message_create() function cannot soft fail (as all memory
allocations either succeed or cause abort), so we change the function to
return void and cleanup the calls.

(cherry picked from commit 33eefe9f85)
2020-09-30 14:26:26 +02:00
Diego Fronza
da84f8d1fd Refactored dns_message_t for using attach/detach semantics
This commit will be used as a base for the next code updates in
order to have a better control of dns_message_t objects' lifetime.

(cherry picked from commit 12d6d13100)
2020-09-30 11:34:42 +10:00
Evan Hunt
df698d73f4 update all copyright headers to eliminate the typo 2020-09-14 16:50:58 -07:00
Mark Andrews
c2ee9eea3a Refactor totext_loc
(cherry picked from commit 2ca4d35037)
2020-08-26 16:44:01 +02:00
Mark Andrews
06b76b2b16 Check LOC's altitude field is properly parsed and encoded.
(cherry picked from commit 888dfd78c7)
2020-08-26 16:44:00 +02:00
Mark Andrews
7eb5d61703 Tighten LOC parsing to reject period and/or m as a value.
(cherry picked from commit 9225c67835)
2020-08-26 16:44:00 +02:00
Mark Andrews
b0942c2442 Check walking the hip rendezvous servers.
Also fixes extraneous white space at end of record when
there are no rendezvous servers.

(cherry picked from commit 78db46d746)
2020-07-24 15:24:49 +10:00
Mark Andrews
e67b7a62d0 Assert tsigout is non-NULL
(cherry picked from commit 827746e89b)
2020-07-13 13:21:12 +10:00
Mark Andrews
12fac1ce70 check returns from inet_pton()
(cherry picked from commit 9499adeb5e)
2020-07-13 11:44:58 +10:00
Matthijs Mekking
9f5a43808f Fix linking problem for #1612
When a library is examined, an object file within it can be left out
of the link if it does not provide symbols that the symbol table
needs.  Introducing `isc_stdtime_tostring` caused a build failure for
`update_test` because it now requires `libisc.a(stdtime.o)` and that
also exports the `isc_stdtime_get` symbol, meaning we have a
multiple definition error.

Add a local version of `isc_stdtime_tostring`, so that the linker
will not search for it in available object files.
2020-07-01 10:55:30 +02:00
Mark Andrews
4df013f0ea Extend loop count by 1 to account for non-exact timing in usleep().
(cherry picked from commit 3012e1ad9b)
2020-05-21 14:09:42 +10:00
Ondřej Surý
af1b56240f Resolve the overlinking of the system libraries
Originally, every library and binaries got linked to everything, which
creates unnecessary overlinking.  This wasn't as straightforward as it
should be as we still support configuration without libtool for 9.16.

Couple of smaller issues related to include headers and an issue where
sanitizer overload dlopen and dlclose symbols, so we were getting false
negatives in the autoconf test.
2020-05-11 09:49:54 +02:00
Mark Andrews
af14091f65 Refactor the isc_log API so it cannot fail on memory failures
The isc_mem API now crashes on memory allocation failure, and this is
the next commit in series to cleanup the code that could fail before,
but cannot fail now, e.g. isc_result_t return type has been changed to
void for the isc_log API functions that could only return ISC_R_SUCCESS.

(cherry picked from commit 0b793166d0)
2020-03-18 11:44:18 +01:00
Mark Andrews
86a30a691b Add MAXMINDDB_CFLAGS to CINCLUDES
(cherry picked from commit 81a80274bd)
2020-03-16 18:51:52 +11:00
Evan Hunt
c5405c2700 improve calculation of database size
"max-journal-size" is set by default to twice the size of the zone
database. however, the calculation of zone database size was flawed.

- change the size calculations in dns_db_getsize() to more accurately
  represent the space needed for a journal file or *XFR message to
  contain the data in the database. previously we returned the sizes
  of all rdataslabs, including header overhead and offset tables,
  which resulted in the database size being reported as much larger
  than the equivalent journal transactions would have been.
- map files caused a particular problem here: the full name can't be
  determined from the node while a file is being deserialized, because
  the uppernode pointers aren't set yet. so we store "full name length"
  in the dns_rbtnode structure while serializing, and clear it after
  deserialization is complete.
2020-03-12 00:38:37 -07:00
Ondřej Surý
f3c2274479 Use the new sorting rules to regroup #include headers 2020-03-11 08:55:12 +00:00
Michał Kępień
69974ea278 Add ZLIB_LIBS to ISCLIBS
When --with-zlib is passed to ./configure (or when the latter
autodetects zlib's presence), libisc uses certain zlib functions and
thus libisc's users should be linked against zlib in that case.  Adjust
Makefile variables appropriately to prevent shared build failures caused
by underlinking.

(cherry picked from commit fc967ba092)
2020-02-28 15:22:59 +01:00
Mark Andrews
c6f73b5d0c update signatures
(cherry picked from commit 40fc5809cd)
2020-02-21 07:05:31 +00:00
Evan Hunt
11a0d771f9 fix spelling errors reported by Fossies.
(cherry picked from commit ba0313e649)
2020-02-21 07:05:31 +00:00