Commit graph

32150 commits

Author SHA1 Message Date
Michał Kępień
4fa2dfe72e Update release checklist
Add an item to the release checklist to make sure confidential issues
assigned to the relevant milestone are made public after the BIND
versions addressing them are released.
2020-07-16 11:28:09 +02:00
Evan Hunt
b4cdd00fa3 Merge branch '2022-stats-netmgr' into 'main'
Resolve "use netmgr for statschannel"

Closes #2022

See merge request isc-projects/bind9!3847
2020-07-16 06:04:21 +00:00
Evan Hunt
efa5639934 CHANGES, release note 2020-07-15 22:35:07 -07:00
Evan Hunt
69c1ee1ce9 rewrite statschannel to use netmgr
modify isc_httpd to use the network manager instead of the
isc_socket API.

also cleaned up bin/named/statschannel.c to use CHECK.
2020-07-15 22:35:07 -07:00
Michał Kępień
d8e6b32a18 Merge branch 'v9_17_3-release' into 'main'
Merge 9.17.3 release branch

See merge request isc-projects/bind9!3860
2020-07-15 21:09:46 +00:00
Michał Kępień
2b2e97a815 Set up release notes for BIND 9.17.4 2020-07-15 23:06:25 +02:00
Michał Kępień
02de51d957 Bump BIND_BASELINE_VERSION for ABI checks 2020-07-15 23:06:25 +02:00
Michał Kępień
49c62f3e8e Fix "make dist" 2020-07-15 22:54:13 +02:00
Michał Kępień
fc6d0a932b Update BIND version to 9.17.3 2020-07-15 22:54:13 +02:00
Michał Kępień
28d32ca7da Add a CHANGES marker 2020-07-15 22:54:13 +02:00
Michał Kępień
97a2733ef9 Update library API versions 2020-07-15 22:54:13 +02:00
Michał Kępień
3e74f894d4 Merge branch 'michal/prepare-release-notes-for-bind-9.17.3' into v9_17_3-release 2020-07-15 22:51:33 +02:00
Michał Kępień
fba5ce8a75 Reorder release notes 2020-07-15 22:51:33 +02:00
Michał Kępień
af35a186d0 Add release note for #1958 2020-07-15 22:51:33 +02:00
Michał Kępień
eedbd6ecf5 Add release note for #1938 2020-07-15 22:51:33 +02:00
Michał Kępień
41a79d068c Add release note for #1937 2020-07-15 22:51:33 +02:00
Michał Kępień
e9a869f51e Tweak and reword release notes 2020-07-15 22:51:33 +02:00
Michał Kępień
aa1d6a46ab Prepare release notes for BIND 9.17.3 2020-07-15 22:51:32 +02:00
Michał Kępień
267794244f Tweak and reword recent CHANGES entries 2020-07-15 22:50:16 +02:00
Matthijs Mekking
f8ef2c0439 Merge branch '2006-coverity-checked-return-keymgr' into 'main'
Fix Coverity keymgr reports

Closes #2006

See merge request isc-projects/bind9!3808
2020-07-14 15:46:56 +00:00
Matthijs Mekking
e645d2ef1e Check return value of dst_key_getbool()
Fix Coverity CHECKED_RETURN reports for dst_key_getbool().  In most
cases we do not really care about its return value, but it is prudent
to check it.

In one case, where a dst_key_getbool() error should be treated
identically as success, cast the return value to void and add a relevant
comment.
2020-07-14 12:53:54 +00:00
Michał Kępień
df72c52239 Merge branch 'michal/use-image-key-in-qemu-based-ci-job-templates' into 'main'
Use "image" key in QEMU-based CI job templates

See merge request isc-projects/bind9!3855
2020-07-14 08:24:42 +00:00
Michał Kępień
72201badf0 Use "image" key in QEMU-based CI job templates
Our GitLab Runner Custom executor scripts now use the "image" key
instead of the job name for determining the QCOW2 image to use for a
given CI job.  Update .gitlab-ci.yml to reflect that change.
2020-07-14 09:58:04 +02:00
Mark Andrews
c53bfb30e8 Merge branch 'u/fanf2/fix-signing' into 'main'
Fix re-signing when `sig-validity-interval` has two arguments

See merge request isc-projects/bind9!3735
2020-07-14 02:07:28 +00:00
Mark Andrews
3ff60b881f Add release note for [GL !3735] 2020-07-14 10:59:59 +10:00
Mark Andrews
f4fbca6e16 Add CHANGES note for [GL !3735] 2020-07-14 10:59:59 +10:00
Mark Andrews
11ecf7901b Add regression test for [GL !3735]
Check that resign interval is actually in days rather than hours
by checking that RRSIGs are all within the allowed day range.
2020-07-14 10:59:59 +10:00
Tony Finch
030674b2a3 Fix re-signing when sig-validity-interval has two arguments
Since October 2019 I have had complaints from `dnssec-cds` reporting
that the signatures on some of my test zones had expired. These were
zones signed by BIND 9.15 or 9.17, with a DNSKEY TTL of 24h and
`sig-validity-interval 10 8`.

This is the same setup we have used for our production zones since
2015, which is intended to re-sign the zones every 2 days, keeping
at least 8 days signature validity. The SOA expire interval is 7
days, so even in the presence of zone transfer problems, no-one
should ever see expired signatures. (These timers are a bit too
tight to be completely correct, because I should have increased
the expiry timers when I increased the DNSKEY TTLs from 1h to 24h.
But that should only matter when zone transfers are broken, which
was not the case for the error reports that led to this patch.)

For example, this morning my test zone contained:

        dev.dns.cam.ac.uk. 86400 IN RRSIG DNSKEY 13 5 86400 (
                                20200701221418 20200621213022 ...)

But one of my resolvers had cached:

        dev.dns.cam.ac.uk. 21424 IN RRSIG DNSKEY 13 5 86400 (
                                20200622063022 20200612061136 ...)

This TTL was captured at 20200622105807 so the resolver cached the
RRset 64976 seconds previously (18h02m56s), at 20200621165511
only about 12h before expiry.

The other symptom of this error was incorrect `resign` times in
the output from `rndc zonestatus`.

For example, I have configured a test zone

        zone fast.dotat.at {
                file "../u/z/fast.dotat.at";
                type primary;
                auto-dnssec maintain;
                sig-validity-interval 500 499;
        };

The zone is reset to a minimal zone containing only SOA and NS
records, and when `named` starts it loads and signs the zone. After
that, `rndc zonestatus` reports:

        next resign node: fast.dotat.at/NS
        next resign time: Fri, 28 May 2021 12:48:47 GMT

The resign time should be within the next 24h, but instead it is
near the signature expiry time, which the RRSIG(NS) says is
20210618074847. (Note 499 hours is a bit more than 20 days.)
May/June 2021 is less than 500 days from now because expiry time
jitter is applied to the NS records.

Using this test I bisected this bug to 09990672d which contained a
mistake leading to the resigning interval always being calculated in
hours, when days are expected.

This bug only occurs for configurations that use the two-argument form
of `sig-validity-interval`.
2020-07-14 10:57:43 +10:00
Mark Andrews
2ac2d83265 Merge branch '1994-netscope-c-23-50-error-unused-parameter-addr-when-have_if_nametoindex-undefined-on-illumos' into 'main'
Resolve "netscope.c:23:50: error: unused parameter 'addr' when HAVE_IF_NAMETOINDEX undefined on illumos"

Closes #1994

See merge request isc-projects/bind9!3829
2020-07-14 00:51:22 +00:00
Mark Andrews
e7662c4c63 Mark 'addr' as unused if HAVE_IF_NAMETOINDEX is not defined
Also 'zone' should be initialised to zero.
2020-07-14 00:13:40 +00:00
Mark Andrews
1a1e52b7fe Merge branch '1995-gssapictx-c-681-10-error-implicit-declaration-of-function-gsskrb5_register_acceptor_identity' into 'main'
Resolve "gssapictx.c:681:10: error: implicit declaration of function 'gsskrb5_register_acceptor_identity' on illumos"

Closes #1995

See merge request isc-projects/bind9!3830
2020-07-14 00:05:39 +00:00
Mark Andrews
488eef63ca Only call gsskrb5_register_acceptor_identity if we have gssapi_krb5.h. 2020-07-14 08:55:13 +10:00
Mark Andrews
35ea733e2c Merge branch '1993-check-c-1576-37-error-expected-identifier-before-numeric-constant-on-illumos' into 'main'
Resolve "check.c:1576:37: error: expected identifier before numeric constant on illumos"

Closes #1993

See merge request isc-projects/bind9!3828
2020-07-13 22:06:48 +00:00
Mark Andrews
18eef20241 Handle namespace clash over 'SEC' on illumos. 2020-07-14 07:46:10 +10:00
Mark Andrews
bc5bd577d7 Merge branch '2005-coverity-is-reporting-double-unlock' into 'main'
Resolve "Coverity is reporting double unlock."

Closes #2005

See merge request isc-projects/bind9!3807
2020-07-13 21:28:10 +00:00
Mark Andrews
4e03bfac86 Add CHANGES for [GL #2005] 2020-07-14 07:07:58 +10:00
Mark Andrews
cc0089c66b Address potential double unlock in process_fd 2020-07-14 07:07:14 +10:00
Evan Hunt
d97710acdc Merge branch 'each-rndc-netmgr-pt2' into 'main'
RNDC using netmgr

See merge request isc-projects/bind9!3724
2020-07-13 20:39:49 +00:00
Evan Hunt
7c703c851f CHANGES, release note 2020-07-13 13:17:08 -07:00
Witold Kręcicki
ae5d316f64 isccc: merge recv_message and recv_nonce into one function
- make isccc message receiving code clearer by merging recv_nonce and
  recv_message into a single recv_data function and adding a boolean
  state field.
2020-07-13 13:17:08 -07:00
Evan Hunt
55896df79d use handles for isc_nm_pauseread() and isc_nm_resumeread()
by having these functions act on netmgr handles instead of socket
objects, they can be used in callback functions outside the netgmr.
2020-07-13 13:17:08 -07:00
Evan Hunt
29dcdeba1b purge pending command events when shutting down
When we're shutting the system down via "rndc stop" or "rndc halt",
or reconfiguring the control channel, there are potential shutdown
races between the server task and network manager.  These are adressed by:

- purging any pending command tasks when shutting down the control channel
- adding an extra handle reference before the command handler to
  ensure the handle can't be deleted out from under us before calling
  command_respond()
2020-07-13 13:17:08 -07:00
Evan Hunt
45ab0603eb use an isc_task to execute rndc commands
- using an isc_task to execute all rndc functions makes it relatively
  simple for them to acquire task exclusive mode when needed
- control_recvmessage() has been separated into two functions,
  control_recvmessage() and control_respond(). the respond function
  can be called immediately from control_recvmessage() when processing
  a nonce, or it can be called after returning from the task event
  that ran the rndc command function.
2020-07-13 13:16:53 -07:00
Evan Hunt
3551d3ffd2 convert rndc and control channel to use netmgr
- updated libisccc to use netmgr events
- updated rndc to use isc_nm_tcpconnect() to establish connections
- updated control channel to use isc_nm_listentcp()

open issues:

- the control channel timeout was previously 60 seconds, but it is now
  overridden by the TCP idle timeout setting, which defaults to 30
  seconds. we should add a function that sets the timeout value for
  a specific listener socket, instead of always using the global value
  set in the netmgr. (for the moment, since 30 seconds is a reasonable
  timeout for the control channel, I'm not prioritizing this.)
- the netmgr currently has no support for UNIX-domain sockets; until
  this is addressed, it will not be possible to configure rndc to use
  them. we will need to either fix this or document the change in
  behavior.
2020-07-13 13:16:53 -07:00
Evan Hunt
002c328437 don't use exclusive mode for rndc commands that don't need it
"showzone" and "tsig-list" both used exclusive mode unnecessarily;
changing this will simplify future refactoring a bit.
2020-07-13 13:12:33 -07:00
Evan Hunt
0580d9cd8c style cleanup
clean up style in rndc and the control channel in preparation for
changing them to use the new network manager.
2020-07-13 12:41:04 -07:00
Evan Hunt
e7602e2d51 Merge branch 'each-lmdb-lock-fix' into 'main'
ensure new_zone_lock is released after count_newzones()

See merge request isc-projects/bind9!3833
2020-07-13 19:26:46 +00:00
Evan Hunt
ed37c63e2b make sure new_zone_lock is locked before unlocking it
it was possible for the count_newzones() function to try to
unlock view->new_zone_lock on return before locking it, which
caused a crash on shutdown.
2020-07-13 12:06:26 -07:00
Diego dos Santos Fronza
4aaef76c58 Merge branch '1719-observed-stats-underflow-in-multiple-stats' into 'main'
Resolve "Observed stats underflow in multiple stats"

Closes #1719

See merge request isc-projects/bind9!3818
2020-07-13 18:28:58 +00:00
Diego Fronza
a22e61d554 Add CHANGES and release note for #1719 2020-07-13 11:48:55 -03:00