svn commit: r236197 - in stable/8: contrib/bind9
contrib/bind9/bin/named contrib/bind9/lib/dns
contrib/bind9/lib/dns/include/dns
contrib/bind9/lib/dns/rdata/generic
contrib/bind9/lib/isc/pthreads c...
Doug Barton
dougb at FreeBSD.org
Mon May 28 19:48:38 UTC 2012
Author: dougb
Date: Mon May 28 19:48:37 2012
New Revision: 236197
URL: http://svn.freebsd.org/changeset/base/236197
Log:
Upgrade to BIND version 9.6-ESV-R7, the latest from ISC.
Feature Change
* BIND now recognizes the TLSA resource record type, created to
support IETF DANE (DNS-based Authentication of Named Entities)
Bug Fix
* The locking strategy around the handling of iterative queries
has been tuned to reduce unnecessary contention in a multi-
threaded environment.
Other critical bug fixes are included.
All BIND users are encouraged to upgrade.
Added:
stable/8/contrib/bind9/lib/dns/rdata/generic/tlsa_52.c
- copied unchanged from r236175, vendor/bind9/dist-9.6/lib/dns/rdata/generic/tlsa_52.c
stable/8/contrib/bind9/lib/dns/rdata/generic/tlsa_52.h
- copied unchanged from r236175, vendor/bind9/dist-9.6/lib/dns/rdata/generic/tlsa_52.h
Deleted:
stable/8/contrib/bind9/release-notes.css
Modified:
stable/8/contrib/bind9/CHANGES
stable/8/contrib/bind9/README
stable/8/contrib/bind9/bin/named/query.c
stable/8/contrib/bind9/lib/dns/api
stable/8/contrib/bind9/lib/dns/include/dns/stats.h
stable/8/contrib/bind9/lib/dns/include/dns/view.h
stable/8/contrib/bind9/lib/dns/rbtdb.c
stable/8/contrib/bind9/lib/dns/resolver.c
stable/8/contrib/bind9/lib/dns/sdb.c
stable/8/contrib/bind9/lib/dns/tkey.c
stable/8/contrib/bind9/lib/dns/zone.c
stable/8/contrib/bind9/lib/isc/pthreads/mutex.c
stable/8/contrib/bind9/lib/isccfg/api
stable/8/contrib/bind9/lib/isccfg/parser.c
stable/8/contrib/bind9/version
stable/8/lib/bind/dns/code.h
stable/8/lib/bind/dns/dns/enumtype.h
stable/8/lib/bind/dns/dns/rdatastruct.h
Directory Properties:
stable/8/contrib/bind9/ (props changed)
Modified: stable/8/contrib/bind9/CHANGES
==============================================================================
--- stable/8/contrib/bind9/CHANGES Mon May 28 19:47:56 2012 (r236196)
+++ stable/8/contrib/bind9/CHANGES Mon May 28 19:48:37 2012 (r236197)
@@ -1,3 +1,43 @@
+ --- 9.6-ESV-R7 released ---
+
+3318. [tuning] Reduce the amount of work performed while holding a
+ bucket lock when finshed with a fetch context.
+ [RT #29239]
+
+3314. [bug] The masters list could be updated while refesh_callback
+ and stub_callback were using it. [RT #26732]
+
+3313. [protocol] Add TLSA record type. [RT #28989]
+
+3311. [bug] Abort the zone dump if zone->db is NULL in
+ zone.c:zone_gotwritehandle. [RT #29028]
+
+3310. [test] Increase table size for mutex profiling. [RT #28809]
+
+3309. [bug] resolver.c:fctx_finddone() was not threadsafe.
+ [RT #27995]
+
+3307. [bug] Add missing ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS.
+ [RT #28956]
+
+3304. [bug] Use hmctx, not mctx when freeing rbtdb->heaps.
+ [RT #28571]
+
+3301. [contrib] Update queryperf to build on darwin. Add -R flag
+ for non-recursive queries. [RT #28565]
+
+3300. [bug] Named could die if gssapi was enabled in named.conf
+ but was not compiled in. [RT #28338]
+
+3299. [bug] Make SDB handle errors from database drivers better.
+ [RT #28534]
+
+3232. [bug] Zero zone->curmaster before return in
+ dns_zone_setmasterswithkeys(). [RT #26732]
+
+3197. [bug] Don't try to log the filename and line number when
+ the config parser can't open a file. [RT #22263]
+
--- 9.6-ESV-R6 released ---
3298. [bug] Named could dereference a NULL pointer in
@@ -168,7 +208,7 @@
3189. [test] Added a summary report after system tests. [RT #25517]
-3187. [port] win32: support for Visual Studio 2008. [RT #26356]
+3187. [port] win32: support for Visual Studio 2008. [RT #26356]
3179. [port] kfreebsd: build issues. [RT #26273]
@@ -201,7 +241,7 @@
an assert. [RT #25452]
3151. [bug] Queries for type RRSIG or SIG could be handled
- incorrectly. [RT #21050]
+ incorrectly. [RT #21050]
3149. [tuning] Improve scalability by allocating one zone
task per 100 zones at startup time. (The
@@ -213,7 +253,7 @@
3148. [bug] Processing of normal queries could be stalled when
forwarding a UPDATE message. [RT #24711]
-3146. [test] Fixed gcc4.6.0 errors in ATF. [RT #25598]
+3146. [test] Fixed gcc4.6.0 errors in ATF. [RT #25598]
3145. [test] Capture output of ATF unit tests in "./atf.out" if
there were any errors while running them. [RT #25527]
@@ -273,10 +313,10 @@
dns_rdataset_totext() that could cause named to
crash with an assertion failure. [RT #24777]
-3121. [security] An authoritative name server sending a negative
- response containing a very large RRset could
- trigger an off-by-one error in the ncache code
- and crash named. [RT #24650]
+3121. [security] An authoritative name server sending a negative
+ response containing a very large RRset could
+ trigger an off-by-one error in the ncache code
+ and crash named. [RT #24650]
3120. [bug] Named could fail to validate zones listed in a DLV
that validated insecure without using DLV and had
@@ -370,9 +410,9 @@
3043. [test] Merged in the NetBSD ATF test framework (currently
version 0.12) for development of future unit tests.
- Use configure --with-atf to build ATF internally
- or configure --with-atf=prefix to use an external
- copy. [RT #23209]
+ Use configure --with-atf to build ATF internally
+ or configure --with-atf=prefix to use an external
+ copy. [RT #23209]
3042. [bug] dig +trace could fail attempting to use IPv6
addresses on systems with only IPv4 connectivity.
@@ -562,7 +602,7 @@
2929. [bug] Improved handling of GSS security contexts:
- added LRU expiration for generated TSIGs
- added the ability to use a non-default realm
- - added new "realm" keyword in nsupdate
+ - added new "realm" keyword in nsupdate
- limited lifetime of generated keys to 1 hour
or the lifetime of the context (whichever is
smaller)
@@ -927,11 +967,11 @@
trigger an assert. [RT #20368]
2705. [bug] Reconcile the XML stats version number with a later
- BIND9 release, by adding a "name" attribute to
- "cache" elements and increasing the version number
- to 2.2. (This is a minor version change, but may
- affect XML parsers if they assume the cache element
- doesn't take an attribute.)
+ BIND9 release, by adding a "name" attribute to
+ "cache" elements and increasing the version number
+ to 2.2. (This is a minor version change, but may
+ affect XML parsers if they assume the cache element
+ doesn't take an attribute.)
2704. [bug] Serial of dynamic and stub zones could be inconsistent
with their SOA serial. [RT #19387]
@@ -1590,10 +1630,10 @@
time. [RT #18277]
2423. [security] Randomize server selection on queries, so as to
- make forgery a little more difficult. Instead of
- always preferring the server with the lowest RTT,
- pick a server with RTT within the same 128
- millisecond band. [RT #18441]
+ make forgery a little more difficult. Instead of
+ always preferring the server with the lowest RTT,
+ pick a server with RTT within the same 128
+ millisecond band. [RT #18441]
2422. [bug] Handle the special return value of a empty node as
if it was a NXRRSET in the validator. [RT #18447]
@@ -1674,7 +1714,7 @@
2399. [placeholder]
-2398. [bug] Improve file descriptor management. New,
+2398. [bug] Improve file descriptor management. New,
temporary, named.conf option reserved-sockets,
default 512. [RT #18344]
Modified: stable/8/contrib/bind9/README
==============================================================================
--- stable/8/contrib/bind9/README Mon May 28 19:47:56 2012 (r236196)
+++ stable/8/contrib/bind9/README Mon May 28 19:48:37 2012 (r236197)
@@ -48,6 +48,11 @@ BIND 9
For up-to-date release notes and errata, see
http://www.isc.org/software/bind9/releasenotes
+BIND 9.6-ESV-R7 (Extended Support Version)
+
+ BIND 9.4-ESV-R7 is a maintenance release, fixing bugs in BIND
+ 9.6-ESV-R6.
+
BIND 9.6-ESV-R6 (Extended Support Version)
BIND 9.6-ESV-R6 includes a number of bug fixes and prevents a
Modified: stable/8/contrib/bind9/bin/named/query.c
==============================================================================
--- stable/8/contrib/bind9/bin/named/query.c Mon May 28 19:47:56 2012 (r236196)
+++ stable/8/contrib/bind9/bin/named/query.c Mon May 28 19:48:37 2012 (r236197)
@@ -2912,6 +2912,11 @@ query_addwildcardproof(ns_client_t *clie
dns_name_copy(name, cname, NULL);
while (result == DNS_R_NXDOMAIN) {
labels = dns_name_countlabels(cname) - 1;
+ /*
+ * Sanity check.
+ */
+ if (labels == 0U)
+ goto cleanup;
dns_name_split(cname, labels, NULL, cname);
result = dns_db_find(db, cname, version,
dns_rdatatype_nsec,
Modified: stable/8/contrib/bind9/lib/dns/api
==============================================================================
--- stable/8/contrib/bind9/lib/dns/api Mon May 28 19:47:56 2012 (r236196)
+++ stable/8/contrib/bind9/lib/dns/api Mon May 28 19:48:37 2012 (r236197)
@@ -4,5 +4,5 @@
# 9.8: 80-89
# 9.9: 90-109
LIBINTERFACE = 110
-LIBREVISION = 1
+LIBREVISION = 2
LIBAGE = 0
Modified: stable/8/contrib/bind9/lib/dns/include/dns/stats.h
==============================================================================
--- stable/8/contrib/bind9/lib/dns/include/dns/stats.h Mon May 28 19:47:56 2012 (r236196)
+++ stable/8/contrib/bind9/lib/dns/include/dns/stats.h Mon May 28 19:48:37 2012 (r236197)
@@ -147,6 +147,8 @@ typedef void (*dns_rdatatypestats_dumper
void *);
typedef void (*dns_opcodestats_dumper_t)(dns_opcode_t, isc_uint64_t, void *);
+ISC_LANG_BEGINDECLS
+
isc_result_t
dns_generalstats_create(isc_mem_t *mctx, dns_stats_t **statsp, int ncounters);
/*%<
Modified: stable/8/contrib/bind9/lib/dns/include/dns/view.h
==============================================================================
--- stable/8/contrib/bind9/lib/dns/include/dns/view.h Mon May 28 19:47:56 2012 (r236196)
+++ stable/8/contrib/bind9/lib/dns/include/dns/view.h Mon May 28 19:48:37 2012 (r236197)
@@ -878,4 +878,6 @@ dns_view_getresquerystats(dns_view_t *vi
*\li 'statsp' != NULL && '*statsp' != NULL
*/
+ISC_LANG_ENDDECLS
+
#endif /* DNS_VIEW_H */
Modified: stable/8/contrib/bind9/lib/dns/rbtdb.c
==============================================================================
--- stable/8/contrib/bind9/lib/dns/rbtdb.c Mon May 28 19:47:56 2012 (r236196)
+++ stable/8/contrib/bind9/lib/dns/rbtdb.c Mon May 28 19:48:37 2012 (r236197)
@@ -7277,7 +7277,7 @@ dns_rbtdb_create
for (i = 0 ; i < (int)rbtdb->node_lock_count ; i++)
if (rbtdb->heaps[i] != NULL)
isc_heap_destroy(&rbtdb->heaps[i]);
- isc_mem_put(mctx, rbtdb->heaps,
+ isc_mem_put(hmctx, rbtdb->heaps,
rbtdb->node_lock_count * sizeof(isc_heap_t *));
}
Copied: stable/8/contrib/bind9/lib/dns/rdata/generic/tlsa_52.c (from r236175, vendor/bind9/dist-9.6/lib/dns/rdata/generic/tlsa_52.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ stable/8/contrib/bind9/lib/dns/rdata/generic/tlsa_52.c Mon May 28 19:48:37 2012 (r236197, copy of r236175, vendor/bind9/dist-9.6/lib/dns/rdata/generic/tlsa_52.c)
@@ -0,0 +1,285 @@
+/*
+ * Copyright (C) 2012 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id$ */
+
+/* draft-ietf-dane-protocol-19.txt */
+
+#ifndef RDATA_GENERIC_TLSA_52_C
+#define RDATA_GENERIC_TLSA_52_C
+
+#define RRTYPE_TLSA_ATTRIBUTES 0
+
+static inline isc_result_t
+fromtext_tlsa(ARGS_FROMTEXT) {
+ isc_token_t token;
+
+ REQUIRE(type == 52);
+
+ UNUSED(type);
+ UNUSED(rdclass);
+ UNUSED(origin);
+ UNUSED(options);
+ UNUSED(callbacks);
+
+ /*
+ * Certificate Usage.
+ */
+ RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
+ ISC_FALSE));
+ if (token.value.as_ulong > 0xffU)
+ RETTOK(ISC_R_RANGE);
+ RETERR(uint8_tobuffer(token.value.as_ulong, target));
+
+ /*
+ * Selector.
+ */
+ RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
+ ISC_FALSE));
+ if (token.value.as_ulong > 0xffU)
+ RETTOK(ISC_R_RANGE);
+ RETERR(uint8_tobuffer(token.value.as_ulong, target));
+
+ /*
+ * Matching type.
+ */
+ RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
+ ISC_FALSE));
+ if (token.value.as_ulong > 0xffU)
+ RETTOK(ISC_R_RANGE);
+ RETERR(uint8_tobuffer(token.value.as_ulong, target));
+
+ /*
+ * Certificate Association Data.
+ */
+ return (isc_hex_tobuffer(lexer, target, -1));
+}
+
+static inline isc_result_t
+totext_tlsa(ARGS_TOTEXT) {
+ isc_region_t sr;
+ char buf[sizeof("64000 ")];
+ unsigned int n;
+
+ REQUIRE(rdata->type == 52);
+ REQUIRE(rdata->length != 0);
+
+ UNUSED(tctx);
+
+ dns_rdata_toregion(rdata, &sr);
+
+ /*
+ * Certificate Usage.
+ */
+ n = uint8_fromregion(&sr);
+ isc_region_consume(&sr, 1);
+ sprintf(buf, "%u ", n);
+ RETERR(str_totext(buf, target));
+
+ /*
+ * Selector.
+ */
+ n = uint8_fromregion(&sr);
+ isc_region_consume(&sr, 1);
+ sprintf(buf, "%u ", n);
+ RETERR(str_totext(buf, target));
+
+ /*
+ * Matching type.
+ */
+ n = uint8_fromregion(&sr);
+ isc_region_consume(&sr, 1);
+ sprintf(buf, "%u", n);
+ RETERR(str_totext(buf, target));
+
+ /*
+ * Certificate Association Data.
+ */
+ if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
+ RETERR(str_totext(" (", target));
+ RETERR(str_totext(tctx->linebreak, target));
+ if (tctx->width == 0) /* No splitting */
+ RETERR(isc_hex_totext(&sr, 0, "", target));
+ else
+ RETERR(isc_hex_totext(&sr, tctx->width - 2,
+ tctx->linebreak, target));
+ if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
+ RETERR(str_totext(" )", target));
+ return (ISC_R_SUCCESS);
+}
+
+static inline isc_result_t
+fromwire_tlsa(ARGS_FROMWIRE) {
+ isc_region_t sr;
+
+ REQUIRE(type == 52);
+
+ UNUSED(type);
+ UNUSED(rdclass);
+ UNUSED(dctx);
+ UNUSED(options);
+
+ isc_buffer_activeregion(source, &sr);
+
+ if (sr.length < 3)
+ return (ISC_R_UNEXPECTEDEND);
+
+ isc_buffer_forward(source, sr.length);
+ return (mem_tobuffer(target, sr.base, sr.length));
+}
+
+static inline isc_result_t
+towire_tlsa(ARGS_TOWIRE) {
+ isc_region_t sr;
+
+ REQUIRE(rdata->type == 52);
+ REQUIRE(rdata->length != 0);
+
+ UNUSED(cctx);
+
+ dns_rdata_toregion(rdata, &sr);
+ return (mem_tobuffer(target, sr.base, sr.length));
+}
+
+static inline int
+compare_tlsa(ARGS_COMPARE) {
+ isc_region_t r1;
+ isc_region_t r2;
+
+ REQUIRE(rdata1->type == rdata2->type);
+ REQUIRE(rdata1->rdclass == rdata2->rdclass);
+ REQUIRE(rdata1->type == 52);
+ REQUIRE(rdata1->length != 0);
+ REQUIRE(rdata2->length != 0);
+
+ dns_rdata_toregion(rdata1, &r1);
+ dns_rdata_toregion(rdata2, &r2);
+ return (isc_region_compare(&r1, &r2));
+}
+
+static inline isc_result_t
+fromstruct_tlsa(ARGS_FROMSTRUCT) {
+ dns_rdata_tlsa_t *tlsa = source;
+
+ REQUIRE(type == 52);
+ REQUIRE(source != NULL);
+ REQUIRE(tlsa->common.rdtype == type);
+ REQUIRE(tlsa->common.rdclass == rdclass);
+
+ UNUSED(type);
+ UNUSED(rdclass);
+
+ RETERR(uint8_tobuffer(tlsa->usage, target));
+ RETERR(uint8_tobuffer(tlsa->selector, target));
+ RETERR(uint8_tobuffer(tlsa->match, target));
+
+ return (mem_tobuffer(target, tlsa->data, tlsa->length));
+}
+
+static inline isc_result_t
+tostruct_tlsa(ARGS_TOSTRUCT) {
+ dns_rdata_tlsa_t *tlsa = target;
+ isc_region_t region;
+
+ REQUIRE(rdata->type == 52);
+ REQUIRE(target != NULL);
+ REQUIRE(rdata->length != 0);
+
+ tlsa->common.rdclass = rdata->rdclass;
+ tlsa->common.rdtype = rdata->type;
+ ISC_LINK_INIT(&tlsa->common, link);
+
+ dns_rdata_toregion(rdata, ®ion);
+
+ tlsa->usage = uint8_fromregion(®ion);
+ isc_region_consume(®ion, 1);
+ tlsa->selector = uint8_fromregion(®ion);
+ isc_region_consume(®ion, 1);
+ tlsa->match = uint8_fromregion(®ion);
+ isc_region_consume(®ion, 1);
+ tlsa->length = region.length;
+
+ tlsa->data = mem_maybedup(mctx, region.base, region.length);
+ if (tlsa->data == NULL)
+ return (ISC_R_NOMEMORY);
+
+ tlsa->mctx = mctx;
+ return (ISC_R_SUCCESS);
+}
+
+static inline void
+freestruct_tlsa(ARGS_FREESTRUCT) {
+ dns_rdata_tlsa_t *tlsa = source;
+
+ REQUIRE(tlsa != NULL);
+ REQUIRE(tlsa->common.rdtype == 52);
+
+ if (tlsa->mctx == NULL)
+ return;
+
+ if (tlsa->data != NULL)
+ isc_mem_free(tlsa->mctx, tlsa->data);
+ tlsa->mctx = NULL;
+}
+
+static inline isc_result_t
+additionaldata_tlsa(ARGS_ADDLDATA) {
+ REQUIRE(rdata->type == 52);
+
+ UNUSED(rdata);
+ UNUSED(add);
+ UNUSED(arg);
+
+ return (ISC_R_SUCCESS);
+}
+
+static inline isc_result_t
+digest_tlsa(ARGS_DIGEST) {
+ isc_region_t r;
+
+ REQUIRE(rdata->type == 52);
+
+ dns_rdata_toregion(rdata, &r);
+
+ return ((digest)(arg, &r));
+}
+
+static inline isc_boolean_t
+checkowner_tlsa(ARGS_CHECKOWNER) {
+
+ REQUIRE(type == 52);
+
+ UNUSED(name);
+ UNUSED(type);
+ UNUSED(rdclass);
+ UNUSED(wildcard);
+
+ return (ISC_TRUE);
+}
+
+static inline isc_boolean_t
+checknames_tlsa(ARGS_CHECKNAMES) {
+
+ REQUIRE(rdata->type == 52);
+
+ UNUSED(rdata);
+ UNUSED(owner);
+ UNUSED(bad);
+
+ return (ISC_TRUE);
+}
+
+#endif /* RDATA_GENERIC_TLSA_52_C */
Copied: stable/8/contrib/bind9/lib/dns/rdata/generic/tlsa_52.h (from r236175, vendor/bind9/dist-9.6/lib/dns/rdata/generic/tlsa_52.h)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ stable/8/contrib/bind9/lib/dns/rdata/generic/tlsa_52.h Mon May 28 19:48:37 2012 (r236197, copy of r236175, vendor/bind9/dist-9.6/lib/dns/rdata/generic/tlsa_52.h)
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2012 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id$ */
+
+#ifndef GENERIC_TLSA_52_H
+#define GENERIC_TLSA_52_H 1
+
+/*!
+ * \brief per draft-ietf-dane-protocol-19.txt
+ */
+typedef struct dns_rdata_tlsa {
+ dns_rdatacommon_t common;
+ isc_mem_t *mctx;
+ isc_uint8_t usage;
+ isc_uint8_t selector;
+ isc_uint8_t match;
+ isc_uint16_t length;
+ unsigned char *data;
+} dns_rdata_tlsa_t;
+
+#endif /* GENERIC_TLSA_52_H */
Modified: stable/8/contrib/bind9/lib/dns/resolver.c
==============================================================================
--- stable/8/contrib/bind9/lib/dns/resolver.c Mon May 28 19:47:56 2012 (r236196)
+++ stable/8/contrib/bind9/lib/dns/resolver.c Mon May 28 19:48:37 2012 (r236197)
@@ -172,7 +172,9 @@ struct fetchctx {
dns_rdatatype_t type;
unsigned int options;
unsigned int bucketnum;
- char * info;
+ char * info;
+ isc_mem_t * mctx;
+
/*% Locked by appropriate bucket lock. */
fetchstate state;
isc_boolean_t want_shutdown;
@@ -436,7 +438,8 @@ static void resquery_response(isc_task_t
static void resquery_connected(isc_task_t *task, isc_event_t *event);
static void fctx_try(fetchctx_t *fctx, isc_boolean_t retrying,
isc_boolean_t badcache);
-static isc_boolean_t fctx_destroy(fetchctx_t *fctx);
+static void fctx_destroy(fetchctx_t *fctx);
+static isc_boolean_t fctx_unlink(fetchctx_t *fctx);
static isc_result_t ncache_adderesult(dns_message_t *message,
dns_db_t *cache, dns_dbnode_t *node,
dns_rdatatype_t covers,
@@ -468,8 +471,7 @@ valcreate(fetchctx_t *fctx, dns_adbaddri
dns_valarg_t *valarg;
isc_result_t result;
- valarg = isc_mem_get(fctx->res->buckets[fctx->bucketnum].mctx,
- sizeof(*valarg));
+ valarg = isc_mem_get(fctx->mctx, sizeof(*valarg));
if (valarg == NULL)
return (ISC_R_NOMEMORY);
@@ -491,8 +493,7 @@ valcreate(fetchctx_t *fctx, dns_adbaddri
}
ISC_LIST_APPEND(fctx->validators, validator, link);
} else
- isc_mem_put(fctx->res->buckets[fctx->bucketnum].mctx,
- valarg, sizeof(*valarg));
+ isc_mem_put(fctx->mctx, valarg, sizeof(*valarg));
return (result);
}
@@ -1375,13 +1376,12 @@ fctx_query(fetchctx_t *fctx, dns_adbaddr
dns_message_reset(fctx->rmessage, DNS_MESSAGE_INTENTPARSE);
- query = isc_mem_get(res->buckets[fctx->bucketnum].mctx,
- sizeof(*query));
+ query = isc_mem_get(fctx->mctx, sizeof(*query));
if (query == NULL) {
result = ISC_R_NOMEMORY;
goto stop_idle_timer;
}
- query->mctx = res->buckets[fctx->bucketnum].mctx;
+ query->mctx = fctx->mctx;
query->options = options;
query->attributes = 0;
query->sends = 0;
@@ -1558,8 +1558,7 @@ fctx_query(fetchctx_t *fctx, dns_adbaddr
cleanup_query:
if (query->connects == 0) {
query->magic = 0;
- isc_mem_put(res->buckets[fctx->bucketnum].mctx,
- query, sizeof(*query));
+ isc_mem_put(fctx->mctx, query, sizeof(*query));
}
stop_idle_timer:
@@ -1589,8 +1588,7 @@ add_bad_edns(fetchctx_t *fctx, isc_socka
if (bad_edns(fctx, address))
return;
- sa = isc_mem_get(fctx->res->buckets[fctx->bucketnum].mctx,
- sizeof(*sa));
+ sa = isc_mem_get(fctx->mctx, sizeof(*sa));
if (sa == NULL)
return;
@@ -1619,8 +1617,7 @@ add_triededns(fetchctx_t *fctx, isc_sock
if (triededns(fctx, address))
return;
- sa = isc_mem_get(fctx->res->buckets[fctx->bucketnum].mctx,
- sizeof(*sa));
+ sa = isc_mem_get(fctx->mctx, sizeof(*sa));
if (sa == NULL)
return;
@@ -1649,8 +1646,7 @@ add_triededns512(fetchctx_t *fctx, isc_s
if (triededns512(fctx, address))
return;
- sa = isc_mem_get(fctx->res->buckets[fctx->bucketnum].mctx,
- sizeof(*sa));
+ sa = isc_mem_get(fctx->mctx, sizeof(*sa));
if (sa == NULL)
return;
@@ -2156,8 +2152,8 @@ fctx_finddone(isc_task_t *task, isc_even
isc_boolean_t want_try = ISC_FALSE;
isc_boolean_t want_done = ISC_FALSE;
isc_boolean_t bucket_empty = ISC_FALSE;
- isc_boolean_t destroy = ISC_FALSE;
unsigned int bucketnum;
+ isc_boolean_t destroy = ISC_FALSE;
find = event->ev_sender;
fctx = event->ev_arg;
@@ -2195,17 +2191,14 @@ fctx_finddone(isc_task_t *task, isc_even
}
} else if (SHUTTINGDOWN(fctx) && fctx->pending == 0 &&
fctx->nqueries == 0 && ISC_LIST_EMPTY(fctx->validators)) {
- /*
- * Note that we had to wait until we had the lock before
- * looking at fctx->references.
- */
- if (fctx->references == 0)
+
+ if (fctx->references == 0) {
+ bucket_empty = fctx_unlink(fctx);
destroy = ISC_TRUE;
+ }
}
UNLOCK(&res->buckets[bucketnum].lock);
- if (destroy)
- bucket_empty = fctx_destroy(fctx);
isc_event_free(&event);
dns_adb_destroyfind(&find);
@@ -2213,8 +2206,11 @@ fctx_finddone(isc_task_t *task, isc_even
fctx_try(fctx, ISC_TRUE, ISC_FALSE);
else if (want_done)
fctx_done(fctx, ISC_R_FAILURE, __LINE__);
- else if (bucket_empty)
- empty_bucket(res);
+ else if (destroy) {
+ fctx_destroy(fctx);
+ if (bucket_empty)
+ empty_bucket(res);
+ }
}
@@ -2337,8 +2333,7 @@ add_bad(fetchctx_t *fctx, dns_adbaddrinf
FCTXTRACE("add_bad");
- sa = isc_mem_get(fctx->res->buckets[fctx->bucketnum].mctx,
- sizeof(*sa));
+ sa = isc_mem_get(fctx->mctx, sizeof(*sa));
if (sa == NULL)
return;
*sa = *address;
@@ -2689,12 +2684,9 @@ fctx_getaddresses(fetchctx_t *fctx, isc_
fctx->fwdpolicy = forwarders->fwdpolicy;
if (fctx->fwdpolicy == dns_fwdpolicy_only &&
isstrictsubdomain(domain, &fctx->domain)) {
- isc_mem_t *mctx;
-
- mctx = res->buckets[fctx->bucketnum].mctx;
- dns_name_free(&fctx->domain, mctx);
+ dns_name_free(&fctx->domain, fctx->mctx);
dns_name_init(&fctx->domain, NULL);
- result = dns_name_dup(domain, mctx,
+ result = dns_name_dup(domain, fctx->mctx,
&fctx->domain);
if (result != ISC_R_SUCCESS)
return (result);
@@ -3133,10 +3125,9 @@ fctx_try(fetchctx_t *fctx, isc_boolean_t
}
static isc_boolean_t
-fctx_destroy(fetchctx_t *fctx) {
+fctx_unlink(fetchctx_t *fctx) {
dns_resolver_t *res;
unsigned int bucketnum;
- isc_sockaddr_t *sa, *next_sa;
/*
* Caller must be holding the bucket lock.
@@ -3153,13 +3144,42 @@ fctx_destroy(fetchctx_t *fctx) {
REQUIRE(fctx->references == 0);
REQUIRE(ISC_LIST_EMPTY(fctx->validators));
- FCTXTRACE("destroy");
+ FCTXTRACE("unlink");
res = fctx->res;
bucketnum = fctx->bucketnum;
ISC_LIST_UNLINK(res->buckets[bucketnum].fctxs, fctx, link);
+ LOCK(&res->nlock);
+ res->nfctx--;
+ UNLOCK(&res->nlock);
+
+ if (res->buckets[bucketnum].exiting &&
+ ISC_LIST_EMPTY(res->buckets[bucketnum].fctxs))
+ return (ISC_TRUE);
+
+ return (ISC_FALSE);
+}
+
+static void
+fctx_destroy(fetchctx_t *fctx) {
+ isc_sockaddr_t *sa, *next_sa;
+
+ REQUIRE(VALID_FCTX(fctx));
+ REQUIRE(fctx->state == fetchstate_done ||
+ fctx->state == fetchstate_init);
+ REQUIRE(ISC_LIST_EMPTY(fctx->events));
+ REQUIRE(ISC_LIST_EMPTY(fctx->queries));
+ REQUIRE(ISC_LIST_EMPTY(fctx->finds));
+ REQUIRE(ISC_LIST_EMPTY(fctx->altfinds));
+ REQUIRE(fctx->pending == 0);
+ REQUIRE(fctx->references == 0);
+ REQUIRE(ISC_LIST_EMPTY(fctx->validators));
+ REQUIRE(!ISC_LINK_LINKED(fctx, link));
+
+ FCTXTRACE("destroy");
+
/*
* Free bad.
*/
@@ -3168,7 +3188,7 @@ fctx_destroy(fetchctx_t *fctx) {
sa = next_sa) {
next_sa = ISC_LIST_NEXT(sa, link);
ISC_LIST_UNLINK(fctx->bad, sa, link);
- isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa));
+ isc_mem_put(fctx->mctx, sa, sizeof(*sa));
}
for (sa = ISC_LIST_HEAD(fctx->edns);
@@ -3176,7 +3196,7 @@ fctx_destroy(fetchctx_t *fctx) {
sa = next_sa) {
next_sa = ISC_LIST_NEXT(sa, link);
ISC_LIST_UNLINK(fctx->edns, sa, link);
- isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa));
+ isc_mem_put(fctx->mctx, sa, sizeof(*sa));
}
for (sa = ISC_LIST_HEAD(fctx->edns512);
@@ -3184,7 +3204,7 @@ fctx_destroy(fetchctx_t *fctx) {
sa = next_sa) {
next_sa = ISC_LIST_NEXT(sa, link);
ISC_LIST_UNLINK(fctx->edns512, sa, link);
- isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa));
+ isc_mem_put(fctx->mctx, sa, sizeof(*sa));
}
for (sa = ISC_LIST_HEAD(fctx->bad_edns);
@@ -3192,31 +3212,21 @@ fctx_destroy(fetchctx_t *fctx) {
sa = next_sa) {
next_sa = ISC_LIST_NEXT(sa, link);
ISC_LIST_UNLINK(fctx->bad_edns, sa, link);
- isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa));
+ isc_mem_put(fctx->mctx, sa, sizeof(*sa));
}
isc_timer_detach(&fctx->timer);
dns_message_destroy(&fctx->rmessage);
dns_message_destroy(&fctx->qmessage);
if (dns_name_countlabels(&fctx->domain) > 0)
- dns_name_free(&fctx->domain, res->buckets[bucketnum].mctx);
+ dns_name_free(&fctx->domain, fctx->mctx);
if (dns_rdataset_isassociated(&fctx->nameservers))
dns_rdataset_disassociate(&fctx->nameservers);
- dns_name_free(&fctx->name, res->buckets[bucketnum].mctx);
+ dns_name_free(&fctx->name, fctx->mctx);
dns_db_detach(&fctx->cache);
dns_adb_detach(&fctx->adb);
- isc_mem_free(res->buckets[bucketnum].mctx, fctx->info);
- isc_mem_put(res->buckets[bucketnum].mctx, fctx, sizeof(*fctx));
-
- LOCK(&res->nlock);
- res->nfctx--;
- UNLOCK(&res->nlock);
-
- if (res->buckets[bucketnum].exiting &&
- ISC_LIST_EMPTY(res->buckets[bucketnum].fctxs))
- return (ISC_TRUE);
-
- return (ISC_FALSE);
+ isc_mem_free(fctx->mctx, fctx->info);
+ isc_mem_putanddetach(&fctx->mctx, fctx, sizeof(*fctx));
}
/*
@@ -3316,6 +3326,7 @@ fctx_doshutdown(isc_task_t *task, isc_ev
dns_resolver_t *res;
unsigned int bucketnum;
dns_validator_t *validator;
+ isc_boolean_t destroy = ISC_FALSE;
REQUIRE(VALID_FCTX(fctx));
@@ -3365,13 +3376,18 @@ fctx_doshutdown(isc_task_t *task, isc_ev
}
if (fctx->references == 0 && fctx->pending == 0 &&
- fctx->nqueries == 0 && ISC_LIST_EMPTY(fctx->validators))
- bucket_empty = fctx_destroy(fctx);
+ fctx->nqueries == 0 && ISC_LIST_EMPTY(fctx->validators)) {
+ bucket_empty = fctx_unlink(fctx);
+ destroy = ISC_TRUE;
+ }
UNLOCK(&res->buckets[bucketnum].lock);
- if (bucket_empty)
- empty_bucket(res);
+ if (destroy) {
+ fctx_destroy(fctx);
+ if (bucket_empty)
+ empty_bucket(res);
+ }
}
static void
@@ -3380,6 +3396,7 @@ fctx_start(isc_task_t *task, isc_event_t
isc_boolean_t done = ISC_FALSE, bucket_empty = ISC_FALSE;
dns_resolver_t *res;
unsigned int bucketnum;
+ isc_boolean_t destroy = ISC_FALSE;
REQUIRE(VALID_FCTX(fctx));
@@ -3412,7 +3429,8 @@ fctx_start(isc_task_t *task, isc_event_t
/*
* It's now safe to destroy this fctx.
*/
- bucket_empty = fctx_destroy(fctx);
+ bucket_empty = fctx_unlink(fctx);
+ destroy = ISC_TRUE;
}
done = ISC_TRUE;
} else {
@@ -3434,6 +3452,8 @@ fctx_start(isc_task_t *task, isc_event_t
if (!done) {
isc_result_t result;
+ INSIST(!destroy);
+
/*
* All is well. Start working on the fetch.
*/
@@ -3442,8 +3462,11 @@ fctx_start(isc_task_t *task, isc_event_t
fctx_done(fctx, result, __LINE__);
else
fctx_try(fctx, ISC_FALSE, ISC_FALSE);
- } else if (bucket_empty)
- empty_bucket(res);
+ } else if (destroy) {
+ fctx_destroy(fctx);
+ if (bucket_empty)
+ empty_bucket(res);
+ }
}
/*
@@ -3530,27 +3553,29 @@ fctx_create(dns_resolver_t *res, dns_nam
char buf[DNS_NAME_FORMATSIZE + DNS_RDATATYPE_FORMATSIZE];
char typebuf[DNS_RDATATYPE_FORMATSIZE];
dns_name_t suffix;
+ isc_mem_t *mctx;
/*
* Caller must be holding the lock for bucket number 'bucketnum'.
*/
REQUIRE(fctxp != NULL && *fctxp == NULL);
- fctx = isc_mem_get(res->buckets[bucketnum].mctx, sizeof(*fctx));
+ mctx = res->buckets[bucketnum].mctx;
+ fctx = isc_mem_get(mctx, sizeof(*fctx));
if (fctx == NULL)
return (ISC_R_NOMEMORY);
dns_name_format(name, buf, sizeof(buf));
dns_rdatatype_format(type, typebuf, sizeof(typebuf));
strcat(buf, "/"); /* checked */
strcat(buf, typebuf); /* checked */
- fctx->info = isc_mem_strdup(res->buckets[bucketnum].mctx, buf);
+ fctx->info = isc_mem_strdup(mctx, buf);
if (fctx->info == NULL) {
result = ISC_R_NOMEMORY;
goto cleanup_fetch;
}
FCTXTRACE("create");
dns_name_init(&fctx->name, NULL);
- result = dns_name_dup(name, res->buckets[bucketnum].mctx, &fctx->name);
+ result = dns_name_dup(name, mctx, &fctx->name);
if (result != ISC_R_SUCCESS)
goto cleanup_info;
dns_name_init(&fctx->domain, NULL);
@@ -3652,9 +3677,7 @@ fctx_create(dns_resolver_t *res, dns_nam
NULL);
if (result != ISC_R_SUCCESS)
goto cleanup_name;
- result = dns_name_dup(domain,
- res->buckets[bucketnum].mctx,
- &fctx->domain);
+ result = dns_name_dup(domain, mctx, &fctx->domain);
if (result != ISC_R_SUCCESS) {
dns_rdataset_disassociate(&fctx->nameservers);
goto cleanup_name;
@@ -3665,16 +3688,12 @@ fctx_create(dns_resolver_t *res, dns_nam
/*
* We're in forward-only mode. Set the query domain.
*/
- result = dns_name_dup(domain,
- res->buckets[bucketnum].mctx,
- &fctx->domain);
+ result = dns_name_dup(domain, mctx, &fctx->domain);
if (result != ISC_R_SUCCESS)
goto cleanup_name;
}
} else {
- result = dns_name_dup(domain,
- res->buckets[bucketnum].mctx,
- &fctx->domain);
+ result = dns_name_dup(domain, mctx, &fctx->domain);
if (result != ISC_R_SUCCESS)
goto cleanup_name;
dns_rdataset_clone(nameservers, &fctx->nameservers);
@@ -3687,16 +3706,14 @@ fctx_create(dns_resolver_t *res, dns_nam
INSIST(dns_name_issubdomain(&fctx->name, &fctx->domain));
fctx->qmessage = NULL;
- result = dns_message_create(res->buckets[bucketnum].mctx,
- DNS_MESSAGE_INTENTRENDER,
+ result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER,
&fctx->qmessage);
if (result != ISC_R_SUCCESS)
goto cleanup_domain;
fctx->rmessage = NULL;
- result = dns_message_create(res->buckets[bucketnum].mctx,
- DNS_MESSAGE_INTENTPARSE,
+ result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE,
&fctx->rmessage);
if (result != ISC_R_SUCCESS)
@@ -3746,6 +3763,8 @@ fctx_create(dns_resolver_t *res, dns_nam
dns_db_attach(res->view->cachedb, &fctx->cache);
fctx->adb = NULL;
dns_adb_attach(res->view->adb, &fctx->adb);
+ fctx->mctx = NULL;
+ isc_mem_attach(mctx, &fctx->mctx);
ISC_LIST_INIT(fctx->events);
ISC_LINK_INIT(fctx, link);
@@ -3769,18 +3788,18 @@ fctx_create(dns_resolver_t *res, dns_nam
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-all
mailing list