Update patches after rebase
This commit is contained in:
parent
78968700e2
commit
814547323e
@ -1,4 +1,4 @@
|
||||
From 83b889c238282b210f874a3ad81bb56299767495 Mon Sep 17 00:00:00 2001
|
||||
From 2b0dce163a119f5f62eb4428b485f7575f321d6f Mon Sep 17 00:00:00 2001
|
||||
From: Petr Mensik <pemensik@redhat.com>
|
||||
Date: Mon, 5 Aug 2019 11:54:03 +0200
|
||||
Subject: [PATCH] Allow explicit disabling of autodisabled MD5
|
||||
@ -9,16 +9,16 @@ RSAMD5 is included in security policy, it fails to start, because that
|
||||
algorithm is not recognized. Allow it disabled, but fail on any
|
||||
other usage.
|
||||
---
|
||||
bin/named/server.c | 4 ++--
|
||||
lib/bind9/check.c | 4 ++++
|
||||
lib/dns/rcode.c | 33 +++++++++++++++------------------
|
||||
3 files changed, 21 insertions(+), 20 deletions(-)
|
||||
bin/named/server.c | 4 ++--
|
||||
lib/bind9/check.c | 4 ++++
|
||||
lib/dns/rcode.c | 1 +
|
||||
3 files changed, 7 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/bin/named/server.c b/bin/named/server.c
|
||||
index 5b57371..51702ab 100644
|
||||
index ee23f10..22a5c01 100644
|
||||
--- a/bin/named/server.c
|
||||
+++ b/bin/named/server.c
|
||||
@@ -1547,12 +1547,12 @@ disable_algorithms(const cfg_obj_t *disabled, dns_resolver_t *resolver) {
|
||||
@@ -1689,12 +1689,12 @@ disable_algorithms(const cfg_obj_t *disabled, dns_resolver_t *resolver) {
|
||||
r.length = strlen(r.base);
|
||||
|
||||
result = dns_secalg_fromtext(&alg, &r);
|
||||
@ -30,14 +30,14 @@ index 5b57371..51702ab 100644
|
||||
}
|
||||
- if (result != ISC_R_SUCCESS) {
|
||||
+ if (result != ISC_R_SUCCESS && result != ISC_R_DISABLED) {
|
||||
cfg_obj_log(cfg_listelt_value(element),
|
||||
ns_g_lctx, ISC_LOG_ERROR,
|
||||
"invalid algorithm");
|
||||
cfg_obj_log(cfg_listelt_value(element), named_g_lctx,
|
||||
ISC_LOG_ERROR, "invalid algorithm");
|
||||
CHECK(result);
|
||||
diff --git a/lib/bind9/check.c b/lib/bind9/check.c
|
||||
index e0803d4..8023784 100644
|
||||
index f49a346..dbf9ddb 100644
|
||||
--- a/lib/bind9/check.c
|
||||
+++ b/lib/bind9/check.c
|
||||
@@ -302,6 +302,10 @@ disabled_algorithms(const cfg_obj_t *disabled, isc_log_t *logctx) {
|
||||
@@ -317,6 +317,10 @@ disabled_algorithms(const cfg_obj_t *disabled, isc_log_t *logctx) {
|
||||
r.length = strlen(r.base);
|
||||
|
||||
tresult = dns_secalg_fromtext(&alg, &r);
|
||||
@ -49,18 +49,10 @@ index e0803d4..8023784 100644
|
||||
cfg_obj_log(cfg_listelt_value(element), logctx,
|
||||
ISC_LOG_ERROR, "invalid algorithm '%s'",
|
||||
diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c
|
||||
index f51d548..c49b8d1 100644
|
||||
index 327248e..78adf63 100644
|
||||
--- a/lib/dns/rcode.c
|
||||
+++ b/lib/dns/rcode.c
|
||||
@@ -126,7 +126,6 @@
|
||||
#endif
|
||||
|
||||
#define SECALGNAMES \
|
||||
- MD5_SECALGNAMES \
|
||||
DH_SECALGNAMES \
|
||||
DSA_SECALGNAMES \
|
||||
{ DNS_KEYALG_ECC, "ECC", 0 }, \
|
||||
@@ -178,6 +177,7 @@ static struct tbl rcodes[] = { RCODENAMES ERCODENAMES };
|
||||
@@ -152,6 +152,7 @@ static struct tbl rcodes[] = { RCODENAMES ERCODENAMES };
|
||||
static struct tbl tsigrcodes[] = { RCODENAMES TSIGRCODENAMES };
|
||||
static struct tbl certs[] = { CERTNAMES };
|
||||
static struct tbl secalgs[] = { SECALGNAMES };
|
||||
@ -68,54 +60,6 @@ index f51d548..c49b8d1 100644
|
||||
static struct tbl secprotos[] = { SECPROTONAMES };
|
||||
static struct tbl hashalgs[] = { HASHALGNAMES };
|
||||
static struct tbl dsdigests[] = { DSDIGESTNAMES };
|
||||
@@ -358,33 +358,30 @@ dns_cert_totext(dns_cert_t cert, isc_buffer_t *target) {
|
||||
return (dns_mnemonic_totext(cert, target, certs));
|
||||
}
|
||||
|
||||
-static inline struct tbl *
|
||||
-secalgs_tbl_start() {
|
||||
- struct tbl *algs = secalgs;
|
||||
-
|
||||
-#ifndef PK11_MD5_DISABLE
|
||||
- if (!isc_md5_available()) {
|
||||
- while (algs->name != NULL &&
|
||||
- algs->value == DNS_KEYALG_RSAMD5)
|
||||
- ++algs;
|
||||
- }
|
||||
-#endif
|
||||
- return algs;
|
||||
-}
|
||||
-
|
||||
isc_result_t
|
||||
dns_secalg_fromtext(dns_secalg_t *secalgp, isc_textregion_t *source) {
|
||||
unsigned int value;
|
||||
+ isc_result_t result;
|
||||
|
||||
- RETERR(dns_mnemonic_fromtext(&value, source,
|
||||
- secalgs_tbl_start(), 0xff));
|
||||
+ result = dns_mnemonic_fromtext(&value, source,
|
||||
+ secalgs, 0xff);
|
||||
+ if (result != ISC_R_SUCCESS) {
|
||||
+ result = dns_mnemonic_fromtext(&value, source,
|
||||
+ md5_secalgs, 0xff);
|
||||
+ if (result != ISC_R_SUCCESS) {
|
||||
+ return (result);
|
||||
+ } else if (!isc_md5_available()) {
|
||||
+ *secalgp = value;
|
||||
+ return (ISC_R_DISABLED);
|
||||
+ }
|
||||
+ }
|
||||
*secalgp = value;
|
||||
return (ISC_R_SUCCESS);
|
||||
}
|
||||
|
||||
isc_result_t
|
||||
dns_secalg_totext(dns_secalg_t secalg, isc_buffer_t *target) {
|
||||
- return (dns_mnemonic_totext(secalg, target, secalgs_tbl_start()));
|
||||
+ return (dns_mnemonic_totext(secalg, target, secalgs));
|
||||
}
|
||||
|
||||
void
|
||||
--
|
||||
2.20.1
|
||||
2.21.1
|
||||
|
||||
|
@ -1,50 +0,0 @@
|
||||
From cb6d2019766a6c8c5516fd8859cedf0052f03293 Mon Sep 17 00:00:00 2001
|
||||
From: Petr Mensik <pemensik@redhat.com>
|
||||
Date: Thu, 25 Jul 2019 11:37:57 +0200
|
||||
Subject: [PATCH] Skip support of jsoncpp
|
||||
|
||||
Bind cannot be compiled when jsoncpp-devel is installed. Remove support
|
||||
for jsoncpp, use only json-c-devel. Bind 9.15 has already support for
|
||||
--with-json-c, do not yet introduce it.
|
||||
---
|
||||
configure.ac | 17 ++---------------
|
||||
1 file changed, 2 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 6d05337..5ce83b5 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -2594,15 +2594,7 @@ case "$use_libjson" in
|
||||
auto|yes)
|
||||
for d in /usr /usr/local /opt/local
|
||||
do
|
||||
- if test -f "${d}/include/json/json.h"
|
||||
- then
|
||||
- if test ${d} != /usr
|
||||
- then
|
||||
- libjson_cflags="-I ${d}/include"
|
||||
- LIBS="$LIBS -L${d}/lib"
|
||||
- fi
|
||||
- have_libjson="yes"
|
||||
- elif test -f "${d}/include/json-c/json.h"
|
||||
+ if test -f "${d}/include/json-c/json.h"
|
||||
then
|
||||
if test ${d} != /usr
|
||||
then
|
||||
@@ -2615,12 +2607,7 @@ case "$use_libjson" in
|
||||
done
|
||||
;;
|
||||
*)
|
||||
- if test -f "${use_libjson}/include/json/json.h"
|
||||
- then
|
||||
- libjson_cflags="-I${use_libjson}/include"
|
||||
- LIBS="$LIBS -L${use_libjson}/lib"
|
||||
- have_libjson="yes"
|
||||
- elif test -f "${use_libjson}/include/json-c/json.h"
|
||||
+ if test -f "${use_libjson}/include/json-c/json.h"
|
||||
then
|
||||
libjson_cflags="-I${use_libjson}/include"
|
||||
LIBS="$LIBS -L${use_libjson}/lib"
|
||||
--
|
||||
2.20.1
|
||||
|
@ -1,47 +0,0 @@
|
||||
From cb654ddde5953cab9dfde7173ea1ed14b51c3727 Mon Sep 17 00:00:00 2001
|
||||
From: Mark Andrews <marka@isc.org>
|
||||
Date: Sun, 22 Dec 2019 21:51:21 +0000
|
||||
Subject: [PATCH] Merge branch
|
||||
'1530-lib-dns-gen-c-29-26-fatal-error-isc-platform-h-no-such-file-or-directory-v9_11'
|
||||
into 'v9_11'
|
||||
|
||||
Resolve "lib/dns/gen.c:29:26: fatal error: isc/platform.h: No such file or directory"
|
||||
|
||||
See merge request isc-projects/bind9!2794
|
||||
|
||||
(cherry picked from commit 335ab375d6a0227fb362722acad22f2a5b75d8b7)
|
||||
---
|
||||
lib/dns/gen.c | 10 +++++-----
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/lib/dns/gen.c b/lib/dns/gen.c
|
||||
index 81bc7ada1d..5fbdc3bfd3 100644
|
||||
--- a/lib/dns/gen.c
|
||||
+++ b/lib/dns/gen.c
|
||||
@@ -26,18 +26,18 @@
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
-#include <isc/platform.h>
|
||||
-
|
||||
#include <ctype.h>
|
||||
+#include <errno.h>
|
||||
#include <limits.h>
|
||||
#include <stdint.h>
|
||||
-#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <time.h>
|
||||
-#include <errno.h>
|
||||
-#include <limits.h>
|
||||
+
|
||||
+#ifndef PATH_MAX
|
||||
+#define PATH_MAX 1024
|
||||
+#endif
|
||||
|
||||
#ifdef WIN32
|
||||
#include "gen-win32.h"
|
||||
--
|
||||
2.21.0
|
||||
|
@ -1,194 +0,0 @@
|
||||
From 6010876e561b4345e569ffd11eaec9ea52725817 Mon Sep 17 00:00:00 2001
|
||||
From: Pavel Zhukov <pzhukov@redhat.com>
|
||||
Date: Wed, 24 Jul 2019 17:15:55 +0200
|
||||
Subject: [PATCH] Detect system time jumps
|
||||
|
||||
In case if system time was changed backward it's possible to have ip
|
||||
address dropped by the kernel due to lifetime expirity. Try to detect
|
||||
this situation using either monotonic time or saved timestamp and execute
|
||||
go_reboot() procedure to request lease extention
|
||||
---
|
||||
lib/isc/include/isc/result.h | 3 ++-
|
||||
lib/isc/include/isc/util.h | 3 +++
|
||||
lib/isc/result.c | 2 ++
|
||||
lib/isc/unix/app.c | 39 +++++++++++++++++++++++++++++----
|
||||
lib/isc/unix/include/isc/time.h | 20 +++++++++++++++++
|
||||
lib/isc/unix/time.c | 22 +++++++++++++++++++
|
||||
6 files changed, 84 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/lib/isc/include/isc/result.h b/lib/isc/include/isc/result.h
|
||||
index 0389efa..149cde5 100644
|
||||
--- a/lib/isc/include/isc/result.h
|
||||
+++ b/lib/isc/include/isc/result.h
|
||||
@@ -89,7 +89,8 @@
|
||||
#define ISC_R_DISCFULL 67 /*%< disc full */
|
||||
#define ISC_R_DEFAULT 68 /*%< default */
|
||||
#define ISC_R_IPV4PREFIX 69 /*%< IPv4 prefix */
|
||||
-#define ISC_R_NRESULTS 70
|
||||
+#define ISC_R_TIMESHIFTED 70 /*%< system time changed */
|
||||
+#define ISC_R_NRESULTS 71
|
||||
|
||||
ISC_LANG_BEGINDECLS
|
||||
|
||||
diff --git a/lib/isc/include/isc/util.h b/lib/isc/include/isc/util.h
|
||||
index 973c348..8160dd3 100644
|
||||
--- a/lib/isc/include/isc/util.h
|
||||
+++ b/lib/isc/include/isc/util.h
|
||||
@@ -289,6 +289,9 @@ extern void mock_assert(const int result, const char* const expression,
|
||||
* Time
|
||||
*/
|
||||
#define TIME_NOW(tp) RUNTIME_CHECK(isc_time_now((tp)) == ISC_R_SUCCESS)
|
||||
+#ifdef CLOCK_BOOTTIME
|
||||
+#define TIME_MONOTONIC(tp) RUNTIME_CHECK(isc_time_boottime((tp)) == ISC_R_SUCCESS)
|
||||
+#endif
|
||||
|
||||
/*%
|
||||
* Alignment
|
||||
diff --git a/lib/isc/result.c b/lib/isc/result.c
|
||||
index a9db132..7c04831 100644
|
||||
--- a/lib/isc/result.c
|
||||
+++ b/lib/isc/result.c
|
||||
@@ -105,6 +105,7 @@ static const char *description[ISC_R_NRESULTS] = {
|
||||
"disc full", /*%< 67 */
|
||||
"default", /*%< 68 */
|
||||
"IPv4 prefix", /*%< 69 */
|
||||
+ "time changed", /*%< 70 */
|
||||
};
|
||||
|
||||
static const char *identifier[ISC_R_NRESULTS] = {
|
||||
@@ -178,6 +179,7 @@ static const char *identifier[ISC_R_NRESULTS] = {
|
||||
"ISC_R_DISCFULL",
|
||||
"ISC_R_DEFAULT",
|
||||
"ISC_R_IPV4PREFIX",
|
||||
+ "ISC_R_TIMESHIFTED",
|
||||
};
|
||||
|
||||
#define ISC_RESULT_RESULTSET 2
|
||||
diff --git a/lib/isc/unix/app.c b/lib/isc/unix/app.c
|
||||
index a6e9882..52eb3e0 100644
|
||||
--- a/lib/isc/unix/app.c
|
||||
+++ b/lib/isc/unix/app.c
|
||||
@@ -442,15 +442,48 @@ isc__app_ctxonrun(isc_appctx_t *ctx0, isc_mem_t *mctx, isc_task_t *task,
|
||||
static isc_result_t
|
||||
evloop(isc__appctx_t *ctx) {
|
||||
isc_result_t result;
|
||||
+ isc_time_t now;
|
||||
+#ifdef CLOCK_BOOTTIME
|
||||
+ isc_time_t monotonic;
|
||||
+ uint64_t diff = 0;
|
||||
+#else
|
||||
+ isc_time_t prev;
|
||||
+ TIME_NOW(&prev);
|
||||
+#endif
|
||||
+
|
||||
+
|
||||
|
||||
while (!ctx->want_shutdown) {
|
||||
int n;
|
||||
- isc_time_t when, now;
|
||||
+ isc_time_t when;
|
||||
struct timeval tv, *tvp;
|
||||
isc_socketwait_t *swait;
|
||||
bool readytasks;
|
||||
bool call_timer_dispatch = false;
|
||||
-
|
||||
+ uint64_t us;
|
||||
+
|
||||
+#ifdef CLOCK_BOOTTIME
|
||||
+ // TBD macros for following three lines
|
||||
+ TIME_NOW(&now);
|
||||
+ TIME_MONOTONIC(&monotonic);
|
||||
+ INSIST(now.seconds > monotonic.seconds)
|
||||
+ us = isc_time_microdiff (&now, &monotonic);
|
||||
+ if (us < diff){
|
||||
+ us = diff - us;
|
||||
+ if (us > 1000000){ // ignoring shifts less than one second
|
||||
+ return ISC_R_TIMESHIFTED;
|
||||
+ };
|
||||
+ diff = isc_time_microdiff (&now, &monotonic);
|
||||
+ } else {
|
||||
+ diff = isc_time_microdiff (&now, &monotonic);
|
||||
+ // not implemented
|
||||
+ }
|
||||
+#else
|
||||
+ TIME_NOW(&now);
|
||||
+ if (isc_time_compare (&now, &prev) < 0)
|
||||
+ return ISC_R_TIMESHIFTED;
|
||||
+ TIME_NOW(&prev);
|
||||
+#endif
|
||||
/*
|
||||
* Check the reload (or suspend) case first for exiting the
|
||||
* loop as fast as possible in case:
|
||||
@@ -475,8 +508,6 @@ evloop(isc__appctx_t *ctx) {
|
||||
if (result != ISC_R_SUCCESS)
|
||||
tvp = NULL;
|
||||
else {
|
||||
- uint64_t us;
|
||||
-
|
||||
TIME_NOW(&now);
|
||||
us = isc_time_microdiff(&when, &now);
|
||||
if (us == 0)
|
||||
diff --git a/lib/isc/unix/include/isc/time.h b/lib/isc/unix/include/isc/time.h
|
||||
index b864c29..5dd43c9 100644
|
||||
--- a/lib/isc/unix/include/isc/time.h
|
||||
+++ b/lib/isc/unix/include/isc/time.h
|
||||
@@ -132,6 +132,26 @@ isc_time_isepoch(const isc_time_t *t);
|
||||
*\li 't' is a valid pointer.
|
||||
*/
|
||||
|
||||
+#ifdef CLOCK_BOOTTIME
|
||||
+isc_result_t
|
||||
+isc_time_boottime(isc_time_t *t);
|
||||
+/*%<
|
||||
+ * Set 't' to monotonic time from previous boot
|
||||
+ * it's not affected by system time change. It also
|
||||
+ * includes the time system was suspended
|
||||
+ *
|
||||
+ * Requires:
|
||||
+ *\li 't' is a valid pointer.
|
||||
+ *
|
||||
+ * Returns:
|
||||
+ *
|
||||
+ *\li Success
|
||||
+ *\li Unexpected error
|
||||
+ * Getting the time from the system failed.
|
||||
+ */
|
||||
+#endif /* CLOCK_BOOTTIME */
|
||||
+
|
||||
+
|
||||
isc_result_t
|
||||
isc_time_now(isc_time_t *t);
|
||||
/*%<
|
||||
diff --git a/lib/isc/unix/time.c b/lib/isc/unix/time.c
|
||||
index 8edc9df..fe0bb91 100644
|
||||
--- a/lib/isc/unix/time.c
|
||||
+++ b/lib/isc/unix/time.c
|
||||
@@ -498,3 +498,25 @@ isc_time_formatISO8601ms(const isc_time_t *t, char *buf, unsigned int len) {
|
||||
t->nanoseconds / NS_PER_MS);
|
||||
}
|
||||
}
|
||||
+
|
||||
+
|
||||
+#ifdef CLOCK_BOOTTIME
|
||||
+isc_result_t
|
||||
+isc_time_boottime(isc_time_t *t) {
|
||||
+ struct timespec ts;
|
||||
+
|
||||
+ char strbuf[ISC_STRERRORSIZE];
|
||||
+
|
||||
+ if (clock_gettime (CLOCK_BOOTTIME, &ts) != 0){
|
||||
+ isc__strerror(errno, strbuf, sizeof(strbuf));
|
||||
+ UNEXPECTED_ERROR(__FILE__, __LINE__, "%s", strbuf);
|
||||
+ return (ISC_R_UNEXPECTED);
|
||||
+ }
|
||||
+
|
||||
+ t->seconds = ts.tv_sec;
|
||||
+ t->nanoseconds = ts.tv_nsec;
|
||||
+
|
||||
+ return (ISC_R_SUCCESS);
|
||||
+
|
||||
+};
|
||||
+#endif
|
||||
--
|
||||
2.20.1
|
||||
|
@ -1,59 +0,0 @@
|
||||
From 6257d829c9d7e71ac51bcdc6b5b981c7a19200e2 Mon Sep 17 00:00:00 2001
|
||||
From: Mark Andrews <marka@isc.org>
|
||||
Date: Mon, 25 Nov 2019 05:46:55 +0000
|
||||
Subject: [PATCH] Merge branch
|
||||
'1373-threadsanitizer-data-race-rbtdb-c-5193-in-detachnode' into 'master'
|
||||
|
||||
Resolve "ThreadSanitizer: data race rbtdb.c:5193 in detachnode"
|
||||
|
||||
Closes #1373
|
||||
|
||||
See merge request isc-projects/bind9!2598
|
||||
---
|
||||
lib/dns/include/dns/rbt.h | 22 +++++++++-------------
|
||||
1 file changed, 9 insertions(+), 13 deletions(-)
|
||||
|
||||
diff --git a/lib/dns/include/dns/rbt.h b/lib/dns/include/dns/rbt.h
|
||||
index 67ac3e4d8a..a084bd6193 100644
|
||||
--- a/lib/dns/include/dns/rbt.h
|
||||
+++ b/lib/dns/include/dns/rbt.h
|
||||
@@ -49,10 +49,7 @@ ISC_LANG_BEGINDECLS
|
||||
|
||||
#define DNS_RBT_USEMAGIC 1
|
||||
|
||||
-/*
|
||||
- * These should add up to 30.
|
||||
- */
|
||||
-#define DNS_RBT_LOCKLENGTH 10
|
||||
+#define DNS_RBT_LOCKLENGTH (sizeof(((dns_rbtnode_t *)0)->locknum)*8)
|
||||
#define DNS_RBT_REFLENGTH 20
|
||||
|
||||
#define DNS_RBTNODE_MAGIC ISC_MAGIC('R','B','N','O')
|
||||
@@ -159,16 +156,15 @@ struct dns_rbtnode {
|
||||
* separate region of memory.
|
||||
*/
|
||||
void *data;
|
||||
- unsigned int :0; /* start of bitfields c/o node lock */
|
||||
- unsigned int dirty:1;
|
||||
- unsigned int wild:1;
|
||||
- unsigned int locknum:DNS_RBT_LOCKLENGTH;
|
||||
-#ifndef DNS_RBT_USEISCREFCOUNT
|
||||
- unsigned int references:DNS_RBT_REFLENGTH;
|
||||
-#endif
|
||||
- unsigned int :0; /* end of bitfields c/o node lock */
|
||||
+ uint8_t :0; /* start of bitfields c/o node lock */
|
||||
+ uint8_t dirty:1;
|
||||
+ uint8_t wild:1;
|
||||
+ uint8_t :0; /* end of bitfields c/o node lock */
|
||||
+ uint16_t locknum; /* note that this is not in the bitfield */
|
||||
#ifdef DNS_RBT_USEISCREFCOUNT
|
||||
- isc_refcount_t references; /* note that this is not in the bitfield */
|
||||
+ isc_refcount_t references;
|
||||
+#else
|
||||
+ unsigned int references:DNS_RBT_REFLENGTH;
|
||||
#endif
|
||||
/*@}*/
|
||||
};
|
||||
--
|
||||
2.21.0
|
||||
|
@ -1,159 +0,0 @@
|
||||
From 638561615c37e8eace986e268811335c12d1b6a1 Mon Sep 17 00:00:00 2001
|
||||
From: Mark Andrews <marka@isc.org>
|
||||
Date: Thu, 12 Dec 2019 20:41:44 +1100
|
||||
Subject: [PATCH] give zspill its own lock
|
||||
|
||||
(cherry picked from commit a52189e8e67a20097539fe3e6f7da4e4c01dc340)
|
||||
---
|
||||
lib/dns/resolver.c | 45 +++++++++++++++++++++++++++++----------------
|
||||
1 file changed, 29 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
|
||||
index 9f65c0596a..04367f82c6 100644
|
||||
--- a/lib/dns/resolver.c
|
||||
+++ b/lib/dns/resolver.c
|
||||
@@ -460,20 +460,21 @@ struct dns_resolver {
|
||||
isc_mutex_t lock;
|
||||
isc_mutex_t nlock;
|
||||
isc_mutex_t primelock;
|
||||
+ isc_mutex_t zspill_lock;
|
||||
dns_rdataclass_t rdclass;
|
||||
isc_socketmgr_t * socketmgr;
|
||||
isc_timermgr_t * timermgr;
|
||||
isc_taskmgr_t * taskmgr;
|
||||
dns_view_t * view;
|
||||
- bool frozen;
|
||||
+ bool frozen;
|
||||
unsigned int options;
|
||||
dns_dispatchmgr_t * dispatchmgr;
|
||||
dns_dispatchset_t * dispatches4;
|
||||
- bool exclusivev4;
|
||||
+ bool exclusivev4;
|
||||
dns_dispatchset_t * dispatches6;
|
||||
isc_dscp_t querydscp4;
|
||||
isc_dscp_t querydscp6;
|
||||
- bool exclusivev6;
|
||||
+ bool exclusivev6;
|
||||
unsigned int nbuckets;
|
||||
fctxbucket_t * buckets;
|
||||
zonebucket_t * dbuckets;
|
||||
@@ -492,7 +493,7 @@ struct dns_resolver {
|
||||
unsigned int spillatmax;
|
||||
unsigned int spillatmin;
|
||||
isc_timer_t * spillattimer;
|
||||
- bool zero_no_soa_ttl;
|
||||
+ bool zero_no_soa_ttl;
|
||||
unsigned int query_timeout;
|
||||
unsigned int maxdepth;
|
||||
unsigned int maxqueries;
|
||||
@@ -502,14 +503,16 @@ struct dns_resolver {
|
||||
unsigned int retryinterval; /* in milliseconds */
|
||||
unsigned int nonbackofftries;
|
||||
|
||||
+ /* Locked by lock. */
|
||||
+ unsigned int zspill; /* fetches-per-zone */
|
||||
+
|
||||
/* Locked by lock. */
|
||||
unsigned int references;
|
||||
- bool exiting;
|
||||
+ bool exiting;
|
||||
isc_eventlist_t whenshutdown;
|
||||
unsigned int activebuckets;
|
||||
- bool priming;
|
||||
+ bool priming;
|
||||
unsigned int spillat; /* clients-per-query */
|
||||
- unsigned int zspill; /* fetches-per-zone */
|
||||
|
||||
dns_badcache_t * badcache; /* Bad cache. */
|
||||
|
||||
@@ -1257,7 +1260,7 @@ fcount_incr(fetchctx_t *fctx, bool force) {
|
||||
isc_result_t result = ISC_R_SUCCESS;
|
||||
zonebucket_t *dbucket;
|
||||
fctxcount_t *counter;
|
||||
- unsigned int bucketnum, spill;
|
||||
+ unsigned int bucketnum;
|
||||
|
||||
REQUIRE(fctx != NULL);
|
||||
REQUIRE(fctx->res != NULL);
|
||||
@@ -1266,10 +1269,6 @@ fcount_incr(fetchctx_t *fctx, bool force) {
|
||||
bucketnum = dns_name_fullhash(&fctx->domain, false)
|
||||
% RES_DOMAIN_BUCKETS;
|
||||
|
||||
- LOCK(&fctx->res->lock);
|
||||
- spill = fctx->res->zspill;
|
||||
- UNLOCK(&fctx->res->lock);
|
||||
-
|
||||
dbucket = &fctx->res->dbuckets[bucketnum];
|
||||
|
||||
LOCK(&dbucket->lock);
|
||||
@@ -1297,6 +1296,12 @@ fcount_incr(fetchctx_t *fctx, bool force) {
|
||||
ISC_LIST_APPEND(dbucket->list, counter, link);
|
||||
}
|
||||
} else {
|
||||
+ unsigned int spill;
|
||||
+
|
||||
+ LOCK(&fctx->res->zspill_lock);
|
||||
+ spill = fctx->res->zspill;
|
||||
+ UNLOCK(&fctx->res->zspill_lock);
|
||||
+
|
||||
if (!force && spill != 0 && counter->count >= spill) {
|
||||
counter->dropped++;
|
||||
fcount_logspill(fctx, counter);
|
||||
@@ -8811,6 +8816,7 @@ destroy(dns_resolver_t *res) {
|
||||
|
||||
INSIST(res->nfctx == 0);
|
||||
|
||||
+ DESTROYLOCK(&res->zspill_lock);
|
||||
DESTROYLOCK(&res->primelock);
|
||||
DESTROYLOCK(&res->nlock);
|
||||
DESTROYLOCK(&res->lock);
|
||||
@@ -9089,10 +9095,14 @@ dns_resolver_create(dns_view_t *view,
|
||||
if (result != ISC_R_SUCCESS)
|
||||
goto cleanup_nlock;
|
||||
|
||||
+ result = isc_mutex_init(&res->zspill_lock);
|
||||
+ if (result != ISC_R_SUCCESS)
|
||||
+ goto cleanup_primelock;
|
||||
+
|
||||
task = NULL;
|
||||
result = isc_task_create(taskmgr, 0, &task);
|
||||
if (result != ISC_R_SUCCESS)
|
||||
- goto cleanup_primelock;
|
||||
+ goto cleanup_zspill_lock;
|
||||
isc_task_setname(task, "resolver_task", NULL);
|
||||
|
||||
result = isc_timer_create(timermgr, isc_timertype_inactive, NULL, NULL,
|
||||
@@ -9100,7 +9110,7 @@ dns_resolver_create(dns_view_t *view,
|
||||
&res->spillattimer);
|
||||
isc_task_detach(&task);
|
||||
if (result != ISC_R_SUCCESS)
|
||||
- goto cleanup_primelock;
|
||||
+ goto cleanup_zspill_lock;
|
||||
|
||||
#if USE_ALGLOCK
|
||||
result = isc_rwlock_init(&res->alglock, 0, 0);
|
||||
@@ -9133,6 +9143,9 @@ dns_resolver_create(dns_view_t *view,
|
||||
isc_timer_detach(&res->spillattimer);
|
||||
#endif
|
||||
|
||||
+ cleanup_zspill_lock:
|
||||
+ DESTROYLOCK(&res->zspill_lock);
|
||||
+
|
||||
cleanup_primelock:
|
||||
DESTROYLOCK(&res->primelock);
|
||||
|
||||
@@ -10275,9 +10288,9 @@ dns_resolver_setfetchesperzone(dns_resolver_t *resolver, uint32_t clients)
|
||||
{
|
||||
REQUIRE(VALID_RESOLVER(resolver));
|
||||
|
||||
- LOCK(&resolver->lock);
|
||||
+ LOCK(&resolver->zspill_lock);
|
||||
resolver->zspill = clients;
|
||||
- UNLOCK(&resolver->lock);
|
||||
+ UNLOCK(&resolver->zspill_lock);
|
||||
}
|
||||
|
||||
|
||||
--
|
||||
2.21.0
|
||||
|
@ -1,77 +0,0 @@
|
||||
From 23a6775f62deeee63e9f7927be387fecf23a8074 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
|
||||
Date: Tue, 10 Dec 2019 10:02:09 +0100
|
||||
Subject: [PATCH] Ensure all zone_settimer() calls are done on locked zone
|
||||
|
||||
(cherry picked from commit cf48e8eb326f824170f2069e5d5c33992b1783a4)
|
||||
(cherry picked from commit 3bac7e98074643ff62582545e5840e4195517b07)
|
||||
---
|
||||
lib/dns/zone.c | 9 +++++----
|
||||
1 file changed, 5 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/lib/dns/zone.c b/lib/dns/zone.c
|
||||
index e8cff77588..db837aae50 100644
|
||||
--- a/lib/dns/zone.c
|
||||
+++ b/lib/dns/zone.c
|
||||
@@ -10291,7 +10291,9 @@ zone_maintenance(dns_zone_t *zone) {
|
||||
default:
|
||||
break;
|
||||
}
|
||||
+ LOCK_ZONE(zone);
|
||||
zone_settimer(zone, &now);
|
||||
+ UNLOCK_ZONE(zone);
|
||||
}
|
||||
|
||||
void
|
||||
@@ -13081,6 +13083,7 @@ zone_settimer(dns_zone_t *zone, isc_time_t *now) {
|
||||
isc_result_t result;
|
||||
|
||||
REQUIRE(DNS_ZONE_VALID(zone));
|
||||
+ REQUIRE(LOCKED_ZONE(zone));
|
||||
ENTER;
|
||||
|
||||
if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING))
|
||||
@@ -18405,6 +18408,7 @@ zone_rekey(dns_zone_t *zone) {
|
||||
UNLOCK_ZONE(zone);
|
||||
}
|
||||
|
||||
+ LOCK_ZONE(zone);
|
||||
isc_time_settoepoch(&zone->refreshkeytime);
|
||||
|
||||
/*
|
||||
@@ -18416,11 +18420,9 @@ zone_rekey(dns_zone_t *zone) {
|
||||
isc_time_t timethen;
|
||||
isc_stdtime_t then;
|
||||
|
||||
- LOCK_ZONE(zone);
|
||||
DNS_ZONE_TIME_ADD(&timenow, zone->refreshkeyinterval,
|
||||
&timethen);
|
||||
zone->refreshkeytime = timethen;
|
||||
- UNLOCK_ZONE(zone);
|
||||
|
||||
for (key = ISC_LIST_HEAD(dnskeys);
|
||||
key != NULL;
|
||||
@@ -18431,12 +18433,10 @@ zone_rekey(dns_zone_t *zone) {
|
||||
continue;
|
||||
|
||||
DNS_ZONE_TIME_ADD(&timenow, then - now, &timethen);
|
||||
- LOCK_ZONE(zone);
|
||||
if (isc_time_compare(&timethen,
|
||||
&zone->refreshkeytime) < 0) {
|
||||
zone->refreshkeytime = timethen;
|
||||
}
|
||||
- UNLOCK_ZONE(zone);
|
||||
}
|
||||
|
||||
zone_settimer(zone, &timenow);
|
||||
@@ -18444,6 +18444,7 @@ zone_rekey(dns_zone_t *zone) {
|
||||
isc_time_formattimestamp(&zone->refreshkeytime, timebuf, 80);
|
||||
dns_zone_log(zone, ISC_LOG_INFO, "next key event: %s", timebuf);
|
||||
}
|
||||
+ UNLOCK_ZONE(zone);
|
||||
|
||||
done:
|
||||
dns_diff_clear(&diff);
|
||||
--
|
||||
2.21.0
|
||||
|
@ -1,38 +0,0 @@
|
||||
From 7e844b093b0442bdc5cdc5aefd56fdc05f9be88f Mon Sep 17 00:00:00 2001
|
||||
From: Mark Andrews <marka@isc.org>
|
||||
Date: Thu, 12 Dec 2019 19:17:39 +1100
|
||||
Subject: [PATCH] acquire task lock before calling push_readyq for task->flags
|
||||
access
|
||||
|
||||
(cherry picked from commit 7c94d2cd7dfaa3f04cd86ad9ed97e8366a774a4c)
|
||||
---
|
||||
lib/isc/task.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/lib/isc/task.c b/lib/isc/task.c
|
||||
index 329604a465..f9c4354bd2 100644
|
||||
--- a/lib/isc/task.c
|
||||
+++ b/lib/isc/task.c
|
||||
@@ -473,7 +473,9 @@ task_ready(isc__task_t *task) {
|
||||
XTRACE("task_ready");
|
||||
|
||||
LOCK(&manager->lock);
|
||||
+ LOCK(&task->lock);
|
||||
push_readyq(manager, task);
|
||||
+ UNLOCK(&task->lock);
|
||||
#ifdef USE_WORKER_THREADS
|
||||
if (manager->mode == isc_taskmgrmode_normal || has_privilege)
|
||||
SIGNAL(&manager->work_available);
|
||||
@@ -1263,7 +1265,9 @@ dispatch(isc__taskmgr_t *manager) {
|
||||
* might even hurt rather than help.
|
||||
*/
|
||||
#ifdef USE_WORKER_THREADS
|
||||
+ LOCK(&task->lock);
|
||||
push_readyq(manager, task);
|
||||
+ UNLOCK(&task->lock);
|
||||
#else
|
||||
ENQUEUE(new_ready_tasks, task, ready_link);
|
||||
if ((task->flags & TASK_F_PRIVILEGED) != 0)
|
||||
--
|
||||
2.21.0
|
||||
|
@ -1,42 +0,0 @@
|
||||
From 20848d8284951481051f6ebdeb8128c05c7e82e2 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
|
||||
Date: Mon, 11 Nov 2019 16:56:52 +0100
|
||||
Subject: [PATCH] Move stale_ttl from middle to the end
|
||||
|
||||
bind-dyndb-ldap is using rdataset structure. Do not modify its body,
|
||||
move stale_ttl to the end. Make it binary compatible.
|
||||
---
|
||||
lib/dns/include/dns/rdataset.h | 10 +++++-----
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/lib/dns/include/dns/rdataset.h b/lib/dns/include/dns/rdataset.h
|
||||
index 97071ed496..a0c6afe624 100644
|
||||
--- a/lib/dns/include/dns/rdataset.h
|
||||
+++ b/lib/dns/include/dns/rdataset.h
|
||||
@@ -137,11 +137,6 @@ struct dns_rdataset {
|
||||
dns_rdataclass_t rdclass;
|
||||
dns_rdatatype_t type;
|
||||
dns_ttl_t ttl;
|
||||
- /*
|
||||
- * Stale ttl is used to see how long this RRset can still be used
|
||||
- * to serve to clients, after the TTL has expired.
|
||||
- */
|
||||
- dns_ttl_t stale_ttl;
|
||||
dns_trust_t trust;
|
||||
dns_rdatatype_t covers;
|
||||
|
||||
@@ -178,6 +173,11 @@ struct dns_rdataset {
|
||||
void * private7;
|
||||
/*@}*/
|
||||
|
||||
+ /*
|
||||
+ * Stale ttl is used to see how long this RRset can still be used
|
||||
+ * to serve to clients, after the TTL has expired.
|
||||
+ */
|
||||
+ dns_ttl_t stale_ttl;
|
||||
};
|
||||
|
||||
/*!
|
||||
--
|
||||
2.20.1
|
||||
|
File diff suppressed because it is too large
Load Diff
23
bind.spec
23
bind.spec
@ -156,19 +156,9 @@ Patch164:bind-9.11-rh1666814.patch
|
||||
Patch170:bind-9.11-feature-test-named.patch
|
||||
Patch171:bind-9.11-tests-variants.patch
|
||||
Patch172:bind-9.11-tests-pkcs11.patch
|
||||
Patch173:bind-9.11-rh1732883.patch
|
||||
# Make sure jsonccp-devel does not interfere
|
||||
Patch174:bind-9.11-json-c.patch
|
||||
Patch175:bind-9.11-fips-disable.patch
|
||||
#Patch175:bind-9.11-fips-disable.patch
|
||||
#Patch176: bind-9.11-unit-dnstap-pkcs11.patch
|
||||
Patch177: bind-9.11-serve-stale.patch
|
||||
Patch178: bind-9.11-serve-stale-dbfix.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1736762
|
||||
Patch183: bind-9.11-rh1736762-5.patch
|
||||
Patch184: bind-9.11-rh1736762-6.patch
|
||||
Patch185: bind-9.11-rh1736762-7.patch
|
||||
Patch186: bind-9.11-rh1736762-8.patch
|
||||
Patch187: bind-9.11-oot-gen.patch
|
||||
|
||||
# SDB patches
|
||||
Patch11: bind-9.3.2b2-sdbsrc.patch
|
||||
@ -567,18 +557,9 @@ are used for building ISC DHCP.
|
||||
%patch170 -p1 -b .featuretest-named
|
||||
%patch171 -p1 -b .test-variant
|
||||
%patch172 -p1 -b .test-pkcs11
|
||||
%patch173 -p1 -b .rh1732883
|
||||
#%patch174 -p1 -b .unit-timer
|
||||
%patch174 -p1 -b .json-c
|
||||
%patch175 -p1 -b .rh1709553
|
||||
#%patch175 -p1 -b .rh1709553
|
||||
#%patch176 -p1 -b .unit-dnstap
|
||||
%patch177 -p1 -b .serve-stale
|
||||
%patch178 -p1 -b .rh1770492
|
||||
%patch183 -p1 -b .rh1736762-5
|
||||
%patch184 -p1 -b .rh1736762-6
|
||||
%patch185 -p1 -b .rh1736762-7
|
||||
%patch186 -p1 -b .rh1736762-8
|
||||
%patch187 -p1 -b .oot-gen
|
||||
|
||||
%if %{with PKCS11}
|
||||
%patch135 -p1 -b .config-pkcs11
|
||||
|
Loading…
Reference in New Issue
Block a user