Commit 42b75e7759 added "pipelines" to CI
job trigger lists without updating the names of the YAML anchors
containing those lists accordingly. Update YAML anchor names so that
they are consistent with their own contents.
(cherry picked from commit a7ece8e0bd)
Since pre-release testing is usually carried out for branches in which
CHANGES entries are intentionally malformed to prevent entry numbering
conflicts down the road, do not run the "changes" GitLab CI job in
pipelines that are triggered by a parent pipeline (which can currently
only be a pre-release testing pipeline) to prevent triggering job
failures that would be meaningless anyway.
(cherry picked from commit 8c2503947f)
Checking the contents of the CHANGES file currently requires invoking
multiple shell scripts. These invocations are conflated with those for
other test scripts in the "misc" GitLab CI job. Extract the commands
checking the contents of the CHANGES file to a separate GitLab CI job,
"changes", to improve readability. Remove similar checks for the
CHANGES.SE file altogether as they are only relevant for BIND -S and
therefore should not be present in an open source branch.
(cherry picked from commit 1335e139f2)
Commit f351c21034 modified the
"serve-stale" system test by adding the ns3/named9.conf.in configuration
file and making the ns3 named instance load that file near the end of
the test. However, ns3/named9.conf.in changes the
stale-answer-client-timeout setting to a very low value, which affects
all subsequent checks in tests.sh (rather than just the check that needs
the low value to be set) and may cause false positives. Fix by
reloading configuration from ns3/named8.conf.in as soon as the check
using a very low stale-answer-client-timeout value is finished.
(cherry picked from commit cd64a3747b)
Check that named correctly returns a synthesized DNS64 answer when the
server stale timer triggers for the A lookup. Use a small value for
stale-answer-client-timeout (2ms) and delay the A response by 1 second.
(cherry picked from commit 2eee1e1761)
Check that RFC 1918 leak detection does not trigger an assertion
when nxdomain redirection is enabled in the server but not for the
RFC 1918 reverse namespace.
(cherry picked from commit 2789906ce4)
tsiggss system tests crash or are unstable with the base FreeBSD
(Heimdal-based) GSS-API.
Move the --without-gssapi ./configure option to Alpine Linux, so the
option is tested somewhere.
(cherry picked from commit d6df757fdc)
IO::Socket::INET6 is no longer being maintained and its functionality
has been replaced by IO::Socket::IP.
(cherry picked from commit d1983adc22)
(cherry picked from commit fff8de8430)
Variable assignment when calling subroutines might not be portable.
Notably, it doesn't work with FreeBSD shell, where the value of HOME
would be ignored in this case.
Since the commands are already executed in a subshell, export the HOME
variable to ensure it is properly handled in all shells.
(cherry picked from commit 86a192cece)
To enable GitLab CI jobs in other projects to trigger pipelines in the
BIND 9 project using their CI_JOB_TOKEN, add "pipelines" to the relevant
GitLab CI job trigger lists.
(cherry picked from commit a4e9ce500a)
The ThreadSanitizer version currently available from Fedora 39
repositories is unable to cope with very high ASLR entropy, which is the
default in some recent Linux distributions [1]. This causes all
TSAN-enabled builds to fail on the affected systems with an error like:
FATAL: ThreadSanitizer: unexpected memory mapping 0x7d00e0772000-0x7d00e0c00000
Work around the problem by reducing ASLR entropy for all TSAN-enabled
builds until the problem is resolved upstream.
[1] https://github.com/google/sanitizers/issues/1716
(cherry picked from commit 05b09f2b5b)
The specification was implemented (#1132) when it was a draft. Now that
it is RFC, add the RFC to the list of supported RFCs.
(cherry picked from commit 5b5f43babc)
Add a regression test case for the scenario where a secure chain of
trust includes an inactive KSK, that is a KSK that is not signing the
DNSKEY RRset.
(cherry picked from commit f0bfd276e0)
Commit eba7fb5f9f modified the definition
of struct dns_rbtnode. Doing that changes the layout of map-format zone
files. Bump MAPAPI and update the offsets used in map-format zone file
checks in the "masterformat" system test, as these changes were
inadvertently omitted from the aforementioned change.
(cherry picked from commit 52fe0b6be7)
