Commit graph

107 commits

Author SHA1 Message Date
Ondřej Surý
58bd26b6cf Update the copyright information in all files in the repository
This commit converts the license handling to adhere to the REUSE
specification.  It specifically:

1. Adds used licnses to LICENSES/ directory

2. Add "isc" template for adding the copyright boilerplate

3. Changes all source files to include copyright and SPDX license
   header, this includes all the C sources, documentation, zone files,
   configuration files.  There are notes in the doc/dev/copyrights file
   on how to add correct headers to the new files.

4. Handle the rest that can't be modified via .reuse/dep5 file.  The
   binary (or otherwise unmodifiable) files could have license places
   next to them in <foo>.license file, but this would lead to cluttered
   repository and most of the files handled in the .reuse/dep5 file are
   system test files.
2022-01-11 09:05:02 +01:00
Matthijs Mekking
f3d3a4ff6e Replace "master/slave" terminology in tests
Replace most "master/slave" terminology in tests with the preferred
"primary/secondary", with the following exceptions:

- When testing the old syntax
- When master is used in master file and master file format terms
- When master is used in hostmaster or postmaster terms
- When master used in legacy domain names (for example in dig.batch)
- When there is no replacement (for example default-masters)
2021-10-12 13:04:00 -07:00
Matthijs Mekking
2abad4d969 Change default of dnssec-dnskey-kskonly to yes
The extra RRSIG on DNSKEY, CDS and CDNSKEY RRsets add to the payload,
without having added value.
2021-10-12 13:45:44 +02:00
Michal Nowak
a4b7eb7188
Make views system test ShellCheck-clean
Also, add "set -e" to all shell scripts of the views test to exit when
any command fails or is unknown, e.g., this on OpenBSD:

    tests.sh[174]: seq: not found
2021-05-19 14:04:48 +02:00
Michal Nowak
a08487ec3d
Replace seq command with POSIX-compliant shell code
The seq command is not defined in the POSIX standard and is missing on
OpenBSD. Given that the system test code is meant to be POSIX-compliant
replace it with a shell construct.
2021-05-19 14:04:48 +02:00
Diego Fronza
43b0b20b43 Test reconfig after adding inline signed zones won't crash named
This test ensures that named won't crash after many inline-signed zones
are added to configurarion, followed by a rndc reconfig.
2021-02-15 11:15:20 -03:00
Diego Fronza
30729c7013 Fix dangling references to outdated views after reconfig
This commit fix a leak which was happening every time an inline-signed
zone was added to the configuration, followed by a rndc reconfig.

During the reconfig process, the secure version of every inline-signed
zone was "moved" to a new view upon a reconfig and it "took the raw
version along", but only once the secure version was freed (at shutdown)
was prev_view for the raw version detached from, causing the old view to
be released as well.

This caused dangling references to be kept for the previous view, thus
keeping all resources used by that view in memory.
2021-02-15 11:15:20 -03:00
Michal Nowak
1319875c46
Ensure use of "echo_i" where possible
In many instances 'echo "I:' construct was used where echo_i function
should have been.
2020-10-22 09:54:24 +02:00
Evan Hunt
dcee985b7f update all copyright headers to eliminate the typo 2020-09-14 16:20:40 -07:00
Mark Andrews
7b65bea6d2 Also wait for 'zone_dump: zone example/IN: enter'
use nextpartpeek as we don't want to reset the starting point
2020-09-10 18:17:45 +10:00
Michal Nowak
093af1c00a
Drop $SYSTEMTESTTOP from bin/tests/system/
The $SYSTEMTESTTOP shell variable if often set to .. in various shell
scripts inside bin/tests/system/, but most of the time it is only
used one line later, while sourcing conf.sh. This hardly improves
code readability.

$SYSTEMTESTTOP is also used for the purpose of referencing
scripts/files living in bin/tests/system/, but given that the
variable is always set to a short, relative path, we can drop it and
replace all of its occurrences with the relative path without adversely
affecting code readability.
2020-07-30 15:58:50 +02:00
Evan Hunt
e43b3c1fa1 further tidying of primary/secondary terminology in system tests
this changes most visble uses of master/slave terminology in tests.sh
and most uses of 'type master' or 'type slave' in named.conf files.
files in the checkconf test were not updated in order to confirm that
the old syntax still works. rpzrecurse was also left mostly unchanged
to avoid interference with DNSRPS.
2020-07-01 11:12:12 -07:00
Evan Hunt
16e14353b1 add "primaries" as a synonym for "masters" in named.conf
as "type primary" is preferred over "type master" now, it makes
sense to make "primaries" available as a synonym too.

added a correctness check to ensure "primaries" and "masters"
cannot both be used in the same zone.
2020-07-01 11:11:34 -07:00
Ondřej Surý
978c7b2e89 Complete rewrite the BIND 9 build system
The rewrite of BIND 9 build system is a large work and cannot be reasonable
split into separate merge requests.  Addition of the automake has a positive
effect on the readability and maintainability of the build system as it is more
declarative, it allows conditional and we are able to drop all of the custom
make code that BIND 9 developed over the years to overcome the deficiencies of
autoconf + custom Makefile.in files.

This squashed commit contains following changes:

- conversion (or rather fresh rewrite) of all Makefile.in files to Makefile.am
  by using automake

- the libtool is now properly integrated with automake (the way we used it
  was rather hackish as the only official way how to use libtool is via
  automake

- the dynamic module loading was rewritten from a custom patchwork to libtool's
  libltdl (which includes the patchwork to support module loading on different
  systems internally)

- conversion of the unit test executor from kyua to automake parallel driver

- conversion of the system test executor from custom make/shell to automake
  parallel driver

- The GSSAPI has been refactored, the custom SPNEGO on the basis that
  all major KRB5/GSSAPI (mit-krb5, heimdal and Windows) implementations
  support SPNEGO mechanism.

- The various defunct tests from bin/tests have been removed:
  bin/tests/optional and bin/tests/pkcs11

- The text files generated from the MD files have been removed, the
  MarkDown has been designed to be readable by both humans and computers

- The xsl header is now generated by a simple sed command instead of
  perl helper

- The <irs/platform.h> header has been removed

- cleanups of configure.ac script to make it more simpler, addition of multiple
  macros (there's still work to be done though)

- the tarball can now be prepared with `make dist`

- the system tests are partially able to run in oot build

Here's a list of unfinished work that needs to be completed in subsequent merge
requests:

- `make distcheck` doesn't yet work (because of system tests oot run is not yet
  finished)

- documentation is not yet built, there's a different merge request with docbook
  to sphinx-build rst conversion that needs to be rebased and adapted on top of
  the automake

- msvc build is non functional yet and we need to decide whether we will just
  cross-compile bind9 using mingw-w64 or fix the msvc build

- contributed dlz modules are not included neither in the autoconf nor automake
2020-04-21 14:19:48 +02:00
Mark Andrews
5a4ab3360d Wait for DNSKEY records to be signed 2020-04-06 13:51:47 +10:00
Michał Kępień
d8905b7a9c Automatically run clean.sh from run.sh
The first step in all existing setup.sh scripts is to call clean.sh.  To
reduce code duplication and ensure all system tests added in the future
behave consistently with existing ones, invoke clean.sh from run.sh
before calling setup.sh.
2019-12-06 14:11:01 +01:00
Matthijs Mekking
c64ed484c8 Only perform test cleanups in clean.sh scripts
Temporary files created by a given system test should be removed by its
clean.sh script, not its setup.sh script.  Remove redundant "rm"
invocations from setup.sh scripts.  Move required "rm" invocations from
setup.sh scripts to their corresponding clean.sh scripts.
2019-03-04 16:26:06 +01:00
Witold Kręcicki
6d50138405 Use rndc_reload in tests, make sure that reload is complete before continuing 2018-12-19 11:33:37 +01:00
Ondřej Surý
c40425d0f6 RSA and ECDSA cryptography is now mandatory; remove the checks for those 2018-07-19 12:47:03 -04:00
Evan Hunt
a7a2fa296a update system tests so validation won't fail when using IANA key
- all tests with "recursion yes" now also specify "dnssec-validation yes",
  and all tests with "recursion no" also specify "dnssec-validation no".
  this must be maintained in all new tests, or else validation will fail
  when we use local root zones for testing.
- clean.sh has been modified where necessary to remove managed-keys.bind
  and viewname.mkeys files.
2018-05-31 18:22:33 +02:00
Ondřej Surý
2b8fab6828 Remove genrandom command and all usage of specific random files throughout the system test suite 2018-05-16 09:54:35 +02:00
Ondřej Surý
55a10b7acd Remove $Id markers, Principal Author and Reviewed tags from the full source tree 2018-05-11 13:17:46 +02:00
Mark Andrews
4cb0873a0a wait for 'all zones loaded' rather than 'reloading zones succeeded' which just indicates that everything kicked off ok 2018-02-28 17:14:30 +11:00
Evan Hunt
0e52fbd0b3 clean up test output
- removed a few remaing places where output wasn't being passed
  through echo_i or cat_i
- added a "digcomp" function to conf.sh.in to send digcomp.pl output
  through cat_i and return the correct exit value
- set SYSTESTDIR when calling echo_i from nsX directories, so that
  the test name will always be printed correctly
- fixed a test name typo in conf.sh.in
2018-02-26 23:37:05 -08:00
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Evan Hunt
0c559199bf final cleanup
- add CHANGES note
- update copyrights and license headers
- add -j to the make commands in .gitlab-ci.yml to take
  advantage of parallelization in the gitlab CI process
2018-02-22 22:58:15 -08:00
Evan Hunt
731ad28be2 removed some unnecessary greps 2018-02-22 15:29:02 -08:00
Evan Hunt
c032c54dda parallelize most system tests 2018-02-22 15:29:02 -08:00
Evan Hunt
45afdb2672 [master] remove default algorithm in dnssec-keygen
4594.	[func]		dnssec-keygen no longer uses RSASHA1 by default;
			the signing algorithm must be specified on
			the command line with the "-a" option.  Signing
			scripts that rely on the existing default behavior
			will break; use "dnssec-keygen -a RSASHA1" to
			repair them. (The goal of this change is to make
			it easier to find scripts using RSASHA1 so they
			can be changed in the event of that algorithm
			being deprecated in the future.) [RT #44755]
2017-08-30 18:51:11 -07:00
Evan Hunt
6ce8a05f6c [master] update copyrights that had been missed recently 2017-04-23 17:06:00 -07:00
Mukund Sivaraman
dd7d1df874 Increase minimum RSA keygen size to 1024 bits (#36895) 2017-04-21 12:00:40 +05:30
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Tinderbox User
dce54b9b5c update copyright notice / whitespace 2016-06-14 23:45:25 +00:00
Mark Andrews
3635d8f910 do not overflow exit status. [RT #42643] 2016-06-14 13:48:39 +10:00
Tinderbox User
4688741c5c update copyright notice / whitespace 2015-12-16 23:45:26 +00:00
Mark Andrews
ecfedec0e0 perform a more complete cleanup after running system tests [rt41255] 2015-12-16 11:29:18 +11:00
Tinderbox User
1b0b6d7325 update copyright notice / whitespace 2015-04-07 23:45:23 +00:00
Mark Andrews
febb020dce 4092. [bug] 'in-view' didn't work for zones beneath a empty zone.
[RT #39173]
2015-04-07 13:21:33 +10:00
Mukund Sivaraman
47d837a499 Make named a singleton process [RT#37908]
Conflicts:
	bin/tests/system/conf.sh.in
	lib/dns/win32/libdns.def.in
	lib/isc/win32/file.c

The merge also needed to update files in legacy and tcp system tests
(newly introduced in master after branch was created) to introduce use
of lockfile.
2014-12-18 12:31:25 +05:30
Mark Andrews
39fb5f2a5d verifying inline zones work with views requires crypto to be configured 2014-10-04 18:06:04 +10:00
Tinderbox User
7a3f584cfc update copyright notice 2014-10-02 23:45:25 +00:00
Mark Andrews
b24061719c 3967. [test] Add test for inlined signed zone in multiple views
with different DNSKEY sets. [RT #35759]
2014-10-03 07:59:44 +10:00
Mark Andrews
ced4f794cf check expected responses 2013-11-15 13:22:48 +11:00
Mark Andrews
3ac9ef6a6d move forwarder server to 10.53.0.5 2013-11-15 13:16:51 +11:00
Tinderbox User
432d8fa3b4 update copyright notice 2013-11-14 23:46:24 +00:00
Evan Hunt
434bfc3dfa [master] "in-view" zone option
3673.	[func]		New "in-view" zone option allows direct sharing
			of zones between views. [RT #32968]
2013-11-13 20:35:40 -08:00
Mark Andrews
2c089bf6d2 whitspace 2013-09-16 10:14:07 +10:00
Tinderbox User
cfa2326b5c update copyright notice 2013-03-14 23:46:11 +00:00
Evan Hunt
4eb998928b [master] algorithm flexibility for rndc
3525.	[func]		Support for additional signing algorithms in rndc:
			hmac-sha1, -sha224, -sha256, -sha384, and -sha512.
			The -A option to rndc-confgen can be used to
			select the algorithm for the generated key.
			(The default is still hmac-md5; this may
			change in a future release.) [RT #20363]
2013-03-13 17:53:11 -07:00
Tinderbox User
a3128c1995 update copyright notice 2012-06-29 23:45:57 +00:00