Ubuntu
bind9 package

The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04

  1. Jammy (22.04)
  2. Bug #1970252
Bug #1970252 reported by Fedon Kadifeli
28
This bug affects 5 people
Affects Status Importance Assigned to Milestone
bind9 (Ubuntu)
Fix Released
High
Lena Voytek
Jammy
Fix Released
High
Lena Voytek
Kinetic
Fix Released
High
Lena Voytek

Bug Description

[Impact]

When using dig with the +nssearch option, the application will likely crash with a core dump. In this case the resulting list of domains will be incomplete.

The fix should be backported to Kinetic and Jammy to allow users to get all results of an nssearch on a domain.

The bug will be fixed by the minor release update described in (LP: #2003586) through upstream correcting IPv6 functionality.

[Test Plan]

# lxc launch images:ubuntu/{kinetic, jammy} test-bind9
# lxc exec test-bind9
# apt update && apt dist-upgrade -y
# apt install dnsutils -y
# dig +nssearch isc.org
- Before the update this leads to a crash ending in "Aborted (core dumped)" after failing to get a response from an ipv6 address while after it will show that there was a communication error with addresses it did not get a response from

[Where problems could occur]

Problems could occour in multiple areas outside of this fix because it is being added in a minor release update. Issues directly related to this fix would arise in the functionality of dig +nssearch, likely related to the handling of domains containing IPv6 addresses.

[Original Description]

The dig and host commands give incomplete results or (sometimes) give core dump on Ubuntu 22.04. Both commands are on version "9.18.1-1ubuntu1-Ubuntu."

When I run them like this:

$ dig google.com +nssearch

$ host -C google.com

most of the times the output is incomplete (no output or only a single line) and the other times they core dump. This happens on x86_64 systems. On aarch64 systems, they output some lines and then they hang.

All systems are Ubuntu 22.04 and command versions are the same as given above. Previous versions do not exhibit this problem.

Sample run:

$ dig google.com +nssearch
$ dig google.com +nssearch
$ dig google.com +nssearch
SOA ns1.google.com. dns-admin.google.com. 444034222 900 900 1800 60 from server 216.239.38.10 in 0 ms.
$ dig google.com +nssearch
SOA ns1.google.com. dns-admin.google.com. 444217784 900 900 1800 60 from server 216.239.32.10 in 8 ms.
$ dig google.com +nssearch
SOA ns1.google.com. dns-admin.google.com. 444034222 900 900 1800 60 from server 216.239.34.10 in 0 ms.
dighost.c:1517: INSIST((uint_fast32_t) __extension__ ({ __auto_type __atomic_load_ptr = ((&recvcount)); __typeof__ ((void)0, *__atomic_load_ptr) __atomic_load_tmp; __atomic_load (__atomic_load_ptr, &__atomic_load_tmp, (memory_order_acquire)); __atomic_load_tmp; }) == 0) failed, back trace
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1-Ubuntu.so(+0x32083)[0x7f821fafc083]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1-Ubuntu.so(isc_assertion_failed+0x10)[0x7f821fafb570]
dig(+0x11de1)[0x55afb566fde1]
dig(+0xc7cd)[0x55afb566a7cd]
dig(+0xfdc2)[0x55afb566ddc2]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1-Ubuntu.so(isc__nm_async_readcb+0xb1)[0x7f821faeac41]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1-Ubuntu.so(isc__nm_readcb+0x9b)[0x7f821faead7b]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1-Ubuntu.so(+0x2b0d0)[0x7f821faf50d0]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1-Ubuntu.so(isc__nm_udp_read_cb+0x4a)[0x7f821faf526a]
/lib/x86_64-linux-gnu/libuv.so.1(+0x23e6b)[0x7f821f612e6b]
/lib/x86_64-linux-gnu/libuv.so.1(+0x2511e)[0x7f821f61411e]
/lib/x86_64-linux-gnu/libuv.so.1(uv_run+0x678)[0x7f821f5fdc88]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1-Ubuntu.so(+0x25eae)[0x7f821faefeae]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1-Ubuntu.so(isc__trampoline_run+0x1a)[0x7f821fb1f7ba]
/lib/x86_64-linux-gnu/libc.so.6(+0x94b43)[0x7f821f6b5b43]
/lib/x86_64-linux-gnu/libc.so.6(+0x126a00)[0x7f821f747a00]
Aborted (core dumped)

See original description

Related branches

~lvoytek/ubuntu/+source/bind9:MRE-jammy-9.18.11
git-ubuntu bot: Approve
Sergio Durigan Junior (community): Approve
Canonical Server Reporter: Pending requested
Diff: 198829 lines (+67192/-35110)
1489 files modified
CHANGES (+690/-2)
COPYRIGHT (+1/-1)
ChangeLog (+690/-2)
Makefile.am (+5/-1)
Makefile.docs (+2/-13)
Makefile.in (+16/-6)
Makefile.tests (+10/-4)
Makefile.top (+2/-1)
NEWS (+690/-2)
OPTIONS.md (+1/-0)
README.md (+1/-1)
aclocal.m4 (+2/-1)
bin/Makefile.in (+12/-3)
bin/check/Makefile.in (+13/-4)
bin/check/check-tool.c (+6/-3)
bin/check/named-checkconf.c (+20/-16)
bin/check/named-checkconf.rst (+41/-28)
bin/check/named-checkzone.c (+7/-6)
bin/check/named-checkzone.rst (+87/-67)
bin/check/named-compilezone.rst (+224/-0)
bin/confgen/Makefile.in (+13/-4)
bin/confgen/ddns-confgen.rst (+96/-0)
bin/confgen/keygen.c (+1/-24)
bin/confgen/rndc-confgen.c (+2/-2)
bin/confgen/rndc-confgen.rst (+51/-38)
bin/confgen/tsig-keygen.c (+5/-5)
bin/confgen/tsig-keygen.rst (+19/-56)
bin/confgen/util.h (+1/-1)
bin/delv/Makefile.in (+13/-4)
bin/delv/delv.c (+22/-15)
bin/delv/delv.rst (+124/-86)
bin/dig/Makefile.in (+13/-4)
bin/dig/dig.c (+214/-73)
bin/dig/dig.rst (+316/-183)
bin/dig/dighost.c (+706/-206)
bin/dig/dighost.h (+27/-13)
bin/dig/host.c (+19/-17)
bin/dig/host.rst (+75/-53)
bin/dig/nslookup.c (+2/-1)
bin/dig/nslookup.rst (+13/-11)
bin/dnssec/Makefile.in (+13/-4)
bin/dnssec/dnssec-cds.c (+12/-7)
bin/dnssec/dnssec-cds.rst (+55/-42)
bin/dnssec/dnssec-dsfromkey.c (+4/-4)
bin/dnssec/dnssec-dsfromkey.rst (+46/-31)
bin/dnssec/dnssec-importkey.c (+2/-2)
bin/dnssec/dnssec-importkey.rst (+55/-26)
bin/dnssec/dnssec-keyfromlabel.c (+9/-7)
bin/dnssec/dnssec-keyfromlabel.rst (+101/-60)
bin/dnssec/dnssec-keygen.c (+14/-9)
bin/dnssec/dnssec-keygen.rst (+117/-69)
bin/dnssec/dnssec-revoke.c (+4/-3)
bin/dnssec/dnssec-revoke.rst (+21/-11)
bin/dnssec/dnssec-settime.c (+6/-4)
bin/dnssec/dnssec-settime.rst (+100/-57)
bin/dnssec/dnssec-signzone.c (+72/-46)
bin/dnssec/dnssec-signzone.rst (+122/-69)
bin/dnssec/dnssec-verify.c (+3/-3)
bin/dnssec/dnssec-verify.rst (+27/-15)
bin/dnssec/dnssectool.c (+24/-5)
bin/dnssec/dnssectool.h (+2/-2)
bin/named/Makefile.am (+0/-3)
bin/named/Makefile.in (+13/-8)
bin/named/bind9.xsl (+1/-1)
bin/named/builtin.c (+2/-1)
bin/named/config.c (+85/-133)
bin/named/control.c (+1/-1)
bin/named/controlconf.c (+5/-3)
bin/named/dlz_dlopen_driver.c (+1/-2)
bin/named/include/named/config.h (+5/-6)
bin/named/include/named/globals.h (+0/-1)
bin/named/include/named/main.h (+2/-2)
bin/named/include/named/server.h (+7/-7)
bin/named/include/named/zoneconf.h (+3/-7)
bin/named/log.c (+2/-1)
bin/named/logconf.c (+1/-2)
bin/named/main.c (+153/-46)
bin/named/named.conf.rst (+25/-865)
bin/named/named.rst (+94/-58)
bin/named/os.c (+4/-2)
bin/named/server.c (+374/-385)
bin/named/statschannel.c (+146/-170)
bin/named/transportconf.c (+10/-21)
bin/named/tsigconf.c (+2/-1)
bin/named/zoneconf.c (+53/-170)
bin/nsupdate/Makefile.in (+13/-4)
bin/nsupdate/nsupdate.c (+51/-39)
bin/nsupdate/nsupdate.rst (+80/-51)
bin/plugins/Makefile.in (+13/-4)
bin/plugins/filter-a.c (+6/-4)
bin/plugins/filter-a.rst (+3/-2)
bin/plugins/filter-aaaa.c (+4/-3)
bin/plugins/filter-aaaa.rst (+5/-4)
bin/rndc/Makefile.in (+13/-4)
bin/rndc/rndc.c (+18/-14)
bin/rndc/rndc.conf.rst (+17/-15)
bin/rndc/rndc.rst (+199/-134)
bin/rndc/util.h (+1/-1)
bin/tests/Makefile.am (+5/-0)
bin/tests/Makefile.in (+15/-7)
bin/tests/convert-trs-to-junit.py (+148/-0)
bin/tests/system/Makefile.am (+11/-18)
bin/tests/system/Makefile.in (+97/-74)
bin/tests/system/acl/ns2/named1.conf.in (+1/-1)
bin/tests/system/acl/ns2/named2.conf.in (+1/-1)
bin/tests/system/acl/ns2/named3.conf.in (+1/-1)
bin/tests/system/acl/ns2/named4.conf.in (+1/-1)
bin/tests/system/acl/ns2/named5.conf.in (+1/-1)
bin/tests/system/acl/ns3/named.conf.in (+1/-1)
bin/tests/system/acl/ns4/named.conf.in (+1/-1)
bin/tests/system/acl/tests.sh (+2/-1)
bin/tests/system/addzone/ns1/named.conf.in (+1/-1)
bin/tests/system/addzone/tests.sh (+11/-11)
bin/tests/system/addzone/tests_rndc_deadlock.py (+24/-22)
bin/tests/system/allow-query/ns3/named1.conf.in (+1/-1)
bin/tests/system/allow-query/ns3/named2.conf.in (+1/-1)
bin/tests/system/allow-query/ns3/named3.conf.in (+1/-1)
bin/tests/system/allow-query/ns3/named4.conf.in (+1/-1)
bin/tests/system/allow-query/tests.sh (+7/-0)
bin/tests/system/auth/clean.sh (+2/-0)
bin/tests/system/autosign/clean.sh (+3/-1)
bin/tests/system/autosign/ns1/keygen.sh (+12/-12)
bin/tests/system/autosign/ns1/named.conf.in (+1/-1)
bin/tests/system/autosign/ns2/Xbar.+013+59973.key (+5/-0)
bin/tests/system/autosign/ns2/Xbar.+013+59973.private (+6/-0)
bin/tests/system/autosign/ns2/Xbar.+013+60101.key (+5/-0)
bin/tests/system/autosign/ns2/Xbar.+013+60101.private (+6/-0)
bin/tests/system/autosign/ns2/keygen.sh (+12/-11)
bin/tests/system/autosign/ns2/named.conf.in (+1/-1)
bin/tests/system/autosign/ns3/cdnskey-delete.example.db.in (+28/-0)
bin/tests/system/autosign/ns3/cds-delete.example.db.in (+28/-0)
bin/tests/system/autosign/ns3/keygen.sh (+74/-48)
bin/tests/system/autosign/ns3/named.conf.in (+17/-3)
bin/tests/system/autosign/tests.sh (+388/-288)
bin/tests/system/builtin/tests.sh (+8/-6)
bin/tests/system/cacheclean/ns2/named.conf.in (+1/-1)
bin/tests/system/cacheclean/tests.sh (+3/-3)
bin/tests/system/case/setup.sh (+2/-0)
bin/tests/system/catz/clean.sh (+13/-6)
bin/tests/system/catz/ns1/catalog-bad1.example.db (+2/-5)
bin/tests/system/catz/ns1/catalog-bad2.example.db (+14/-0)
bin/tests/system/catz/ns1/catalog-bad3.example.db (+15/-0)
bin/tests/system/catz/ns1/catalog-bad4.example.db (+14/-0)
bin/tests/system/catz/ns1/catalog-bad5.example.db (+14/-0)
bin/tests/system/catz/ns1/catalog.example.db.in (+1/-1)
bin/tests/system/catz/ns1/named.conf.in (+101/-25)
bin/tests/system/catz/ns2/dom-existing.example.db (+2/-5)
bin/tests/system/catz/ns2/named1.conf.in (+118/-28)
bin/tests/system/catz/ns2/named2.conf.in (+85/-21)
bin/tests/system/catz/ns3/catalog.example.db.in (+14/-0)
bin/tests/system/catz/ns4/named.conf.in (+55/-0)
bin/tests/system/catz/setup.sh (+3/-1)
bin/tests/system/catz/tests.sh (+1163/-323)
bin/tests/system/cds/checktime.pl (+1/-1)
bin/tests/system/cds/setup.sh (+13/-13)
bin/tests/system/cds/tests.sh (+5/-5)
bin/tests/system/chain/ans4/ans.py (+121/-82)
bin/tests/system/chain/ns2/sign.sh (+10/-10)
bin/tests/system/chain/ns7/named.conf.in (+1/-1)
bin/tests/system/chain/tests.sh (+2/-0)
bin/tests/system/checkconf/bad-duration.conf (+2/-8)
bin/tests/system/checkconf/bad-kasp-keydir1.conf.in (+2/-2)
bin/tests/system/checkconf/bad-kasp-keydir2.conf.in (+2/-2)
bin/tests/system/checkconf/bad-kasp-keydir3.conf.in (+2/-2)
bin/tests/system/checkconf/bad-kasp-keydir4.conf.in (+2/-2)
bin/tests/system/checkconf/bad-kasp-keydir5.conf.in (+2/-2)
bin/tests/system/checkconf/bad-kasp-nsec3-alg.conf (+25/-0)
bin/tests/system/checkconf/bad-ksk-without-zsk.conf (+24/-0)
bin/tests/system/checkconf/bad-unpaired-keys.conf (+27/-0)
bin/tests/system/checkconf/bad-zsk-without-ksk.conf (+24/-0)
bin/tests/system/checkconf/check-wildcard-no.conf (+18/-0)
bin/tests/system/checkconf/check-wildcard.conf (+18/-0)
bin/tests/system/checkconf/check-wildcard.db (+4/-7)
bin/tests/system/checkconf/clean.sh (+9/-4)
bin/tests/system/checkconf/deprecated.conf (+9/-0)
bin/tests/system/checkconf/dnssec.3 (+18/-0)
bin/tests/system/checkconf/good-dot-doh-tls-nokeycert.conf (+1/-0)
bin/tests/system/checkconf/good-kasp.conf (+5/-0)
bin/tests/system/checkconf/good-key-directory.conf (+3/-0)
bin/tests/system/checkconf/good.conf (+14/-3)
bin/tests/system/checkconf/kasp-and-other-dnssec-options.conf (+0/-1)
bin/tests/system/checkconf/kasp-bad-lifetime.conf (+91/-0)
bin/tests/system/checkconf/kasp-bad-nsec3-iter.conf (+1/-0)
bin/tests/system/checkconf/kasp-bad-signatures-refresh.conf (+46/-0)
bin/tests/system/checkconf/kasp-ignore-keylen.conf (+1/-0)
bin/tests/system/checkconf/kasp-warning.conf (+62/-0)
bin/tests/system/checkconf/range.conf (+0/-9)
bin/tests/system/checkconf/setup.sh (+7/-0)
bin/tests/system/checkconf/tests.sh (+141/-62)
bin/tests/system/checkconf/warn-kasp-max-zone-ttl.conf (+27/-0)
bin/tests/system/checkconf/warn-random-device.conf (+1/-21)
bin/tests/system/checkds/clean.sh (+1/-0)
bin/tests/system/checkds/ns1/named.conf.in (+4/-4)
bin/tests/system/checkds/ns1/root.db.in (+24/-0)
bin/tests/system/checkds/ns1/setup.sh (+46/-0)
bin/tests/system/checkds/ns10/named.conf.in (+8/-7)
bin/tests/system/checkds/ns10/root.db.in (+24/-0)
bin/tests/system/checkds/ns2/named.conf.in (+1/-1)
bin/tests/system/checkds/ns2/setup.sh (+3/-1)
bin/tests/system/checkds/ns2/template.db.in (+2/-1)
bin/tests/system/checkds/ns3/named.conf.in (+15/-5)
bin/tests/system/checkds/ns4/named.conf.in (+1/-1)
bin/tests/system/checkds/ns5/named.conf.in (+1/-1)
bin/tests/system/checkds/ns5/template.db.in (+2/-0)
bin/tests/system/checkds/ns6/named.conf.in (+1/-1)
bin/tests/system/checkds/ns7/named.conf.in (+1/-1)
bin/tests/system/checkds/ns8/named.conf.in (+17/-7)
bin/tests/system/checkds/ns8/root.hint (+14/-0)
bin/tests/system/checkds/ns9/named.conf.in (+37/-1)
bin/tests/system/checkds/ns9/setup.sh (+6/-4)
bin/tests/system/checkds/setup.sh (+8/-0)
bin/tests/system/checkds/tests_checkds.py (+190/-102)
bin/tests/system/checknames/setup.sh (+2/-0)
bin/tests/system/checkzone/clean.sh (+3/-0)
bin/tests/system/checkzone/setup.sh (+4/-0)
bin/tests/system/checkzone/tests.sh (+42/-31)
bin/tests/system/checkzone/zones/bad-generate-garbage.db (+1/-1)
bin/tests/system/checkzone/zones/bad-generate-missing-brace.db (+17/-0)
bin/tests/system/checkzone/zones/bad-generate-range.db (+18/-0)
bin/tests/system/checkzone/zones/bad-tsig.db.in (+17/-0)
bin/tests/system/checkzone/zones/generate-overflow.db (+17/-0)
bin/tests/system/checkzone/zones/good-generate-modifier.db (+20/-0)
bin/tests/system/checkzone/zones/good-svcb.db (+1/-0)
bin/tests/system/ckdnsrps.sh (+1/-1)
bin/tests/system/common/controls.conf.in (+1/-1)
bin/tests/system/conf.sh.common (+73/-86)
bin/tests/system/conf.sh.in (+72/-85)
bin/tests/system/conftest.py (+19/-1)
bin/tests/system/cookie/ans9/ans.py (+82/-53)
bin/tests/system/cookie/clean.sh (+2/-0)
bin/tests/system/cookie/ns1/named.conf.in (+4/-4)
bin/tests/system/cookie/ns2/named.conf.in (+3/-3)
bin/tests/system/cookie/ns3/named.conf.in (+4/-4)
bin/tests/system/cookie/ns4/named.conf.in (+1/-1)
bin/tests/system/cookie/ns5/named.conf.in (+1/-1)
bin/tests/system/cookie/ns6/named.conf.in (+1/-1)
bin/tests/system/cookie/ns7/named.conf.in (+3/-3)
bin/tests/system/cookie/ns8/named.conf.in (+1/-1)
bin/tests/system/custom-test-driver (+2/-1)
bin/tests/system/database/ns1/named1.conf.in (+1/-1)
bin/tests/system/database/ns1/named2.conf.in (+1/-1)
bin/tests/system/dialup/clean.sh (+2/-0)
bin/tests/system/dialup/ns1/named.conf.in (+1/-1)
bin/tests/system/dialup/ns2/named.conf.in (+1/-1)
bin/tests/system/dialup/ns3/named.conf.in (+1/-1)
bin/tests/system/dialup/setup.sh (+1/-4)
bin/tests/system/dialup/tests.sh (+1/-1)
bin/tests/system/digdelv/ans8/ans.py (+202/-0)
bin/tests/system/digdelv/clean.sh (+2/-0)
bin/tests/system/digdelv/ns3/named.conf.in (+1/-1)
bin/tests/system/digdelv/tests.sh (+110/-11)
bin/tests/system/digdelv/yamlget.py (+0/-1)
bin/tests/system/dispatch/ans3/ans.py (+4/-4)
bin/tests/system/dispatch/ns1/named.conf.in (+1/-1)
bin/tests/system/dispatch/ns2/named.conf.in (+1/-1)
bin/tests/system/dispatch/tests_connreset.py (+5/-4)
bin/tests/system/dlzexternal/driver/Makefile.in (+13/-4)
bin/tests/system/dlzexternal/driver/driver.c (+4/-2)
bin/tests/system/dlzexternal/ns1/named.conf.in (+1/-1)
bin/tests/system/dlzexternal/tests.sh (+1/-1)
bin/tests/system/dns64/ns1/sign.sh (+2/-2)
bin/tests/system/dnssec/ans10/ans.py (+27/-15)
bin/tests/system/dnssec/clean.sh (+1/-2)
bin/tests/system/dnssec/ns2/example.db.in (+4/-0)
bin/tests/system/dnssec/ns2/named.conf.in (+1/-1)
bin/tests/system/dnssec/ns3/insecure2.example.db (+8/-7)
bin/tests/system/dnssec/ns3/named.conf.in (+7/-1)
bin/tests/system/dnssec/ns3/sign.sh (+3/-3)
bin/tests/system/dnssec/ns4/managed-keys.bind.in (+21/-0)
bin/tests/system/dnssec/ns4/named1.conf.in (+4/-4)
bin/tests/system/dnssec/ns4/named2.conf.in (+4/-5)
bin/tests/system/dnssec/ns4/named3.conf.in (+1/-1)
bin/tests/system/dnssec/ns4/named4.conf.in (+2/-2)
bin/tests/system/dnssec/ns4/named5.conf.in (+1/-1)
bin/tests/system/dnssec/ns5/named1.conf.in (+1/-1)
bin/tests/system/dnssec/ns5/named2.conf.in (+1/-1)
bin/tests/system/dnssec/ns8/named.conf.in (+1/-1)
bin/tests/system/dnssec/ns9/named.conf.in (+1/-1)
bin/tests/system/dnssec/signer/general/Kexample.com.+010+18240.key (+5/-0)
bin/tests/system/dnssec/signer/general/Kexample.com.+010+18240.private (+13/-0)
bin/tests/system/dnssec/signer/general/Kexample.com.+010+28633.key (+5/-0)
bin/tests/system/dnssec/signer/general/Kexample.com.+010+28633.private (+13/-0)
bin/tests/system/dnssec/signer/general/bogus-ksk.key (+2/-2)
bin/tests/system/dnssec/signer/general/bogus-zsk.key (+2/-2)
bin/tests/system/dnssec/signer/general/test1.zone (+2/-2)
bin/tests/system/dnssec/signer/general/test2.zone (+1/-1)
bin/tests/system/dnssec/signer/general/test3.zone (+1/-1)
bin/tests/system/dnssec/signer/general/test4.zone (+2/-2)
bin/tests/system/dnssec/signer/general/test5.zone (+2/-2)
bin/tests/system/dnssec/signer/general/test6.zone (+2/-2)
bin/tests/system/dnssec/signer/general/test8.zone (+1/-1)
bin/tests/system/dnssec/tests.sh (+80/-55)
bin/tests/system/dnstap/clean.sh (+1/-2)
bin/tests/system/dnstap/ns1/named.conf.in (+1/-1)
bin/tests/system/dnstap/ns2/named.conf.in (+1/-1)
bin/tests/system/dnstap/ns3/named.conf.in (+1/-1)
bin/tests/system/dnstap/ns4/named.conf.in (+1/-1)
bin/tests/system/dnstap/prereq.sh (+20/-0)
bin/tests/system/dnstap/tests.sh (+8/-2)
bin/tests/system/dnstap/tests_dnstap.py (+83/-0)
bin/tests/system/dnstap/ydump.py (+1/-1)
bin/tests/system/doth/CA/CA.cfg (+121/-0)
bin/tests/system/doth/CA/CA.pem (+29/-0)
bin/tests/system/doth/CA/README (+2/-0)
bin/tests/system/doth/CA/certs/srv01.client01.example.com.key (+6/-0)
bin/tests/system/doth/CA/certs/srv01.client01.example.com.pem (+68/-0)
bin/tests/system/doth/CA/certs/srv01.client02-ns2.example.com.key (+6/-0)
bin/tests/system/doth/CA/certs/srv01.client02-ns2.example.com.pem (+68/-0)
bin/tests/system/doth/CA/certs/srv01.client03-ns2-expired.example.com.key (+6/-0)
bin/tests/system/doth/CA/certs/srv01.client03-ns2-expired.example.com.pem (+69/-0)
bin/tests/system/doth/CA/certs/srv01.crt01.example.com.key (+6/-0)
bin/tests/system/doth/CA/certs/srv01.crt01.example.com.pem (+69/-0)
bin/tests/system/doth/CA/certs/srv01.crt02-no-san.example.com.key (+6/-0)
bin/tests/system/doth/CA/certs/srv01.crt02-no-san.example.com.pem (+64/-0)
bin/tests/system/doth/CA/certs/srv01.crt03-expired.example.com.key (+6/-0)
bin/tests/system/doth/CA/certs/srv01.crt03-expired.example.com.pem (+69/-0)
bin/tests/system/doth/CA/certs/srv02.crt01.example.com.key (+6/-0)
bin/tests/system/doth/CA/certs/srv02.crt01.example.com.pem (+69/-0)
bin/tests/system/doth/CA/certs/srv03.crt01.example.com.key (+6/-0)
bin/tests/system/doth/CA/certs/srv03.crt01.example.com.pem (+69/-0)
bin/tests/system/doth/CA/certs/srv04.crt01.example.com.key (+6/-0)
bin/tests/system/doth/CA/certs/srv04.crt01.example.com.pem (+69/-0)
bin/tests/system/doth/CA/index.txt (+9/-0)
bin/tests/system/doth/CA/index.txt.attr (+1/-0)
bin/tests/system/doth/CA/newcerts/6BB3183CDEF52001.pem (+69/-0)
bin/tests/system/doth/CA/newcerts/6BB3183CDEF52002.pem (+64/-0)
bin/tests/system/doth/CA/newcerts/6BB3183CDEF52003.pem (+69/-0)
bin/tests/system/doth/CA/newcerts/6BB3183CDEF52004.pem (+69/-0)
bin/tests/system/doth/CA/newcerts/6BB3183CDEF52005.pem (+69/-0)
bin/tests/system/doth/CA/newcerts/6BB3183CDEF52006.pem (+69/-0)
bin/tests/system/doth/CA/newcerts/6BB3183CDEF52007.pem (+68/-0)
bin/tests/system/doth/CA/newcerts/6BB3183CDEF52008.pem (+68/-0)
bin/tests/system/doth/CA/newcerts/6BB3183CDEF52009.pem (+69/-0)
bin/tests/system/doth/CA/private/CA.key (+39/-0)
bin/tests/system/doth/CA/serial (+1/-0)
bin/tests/system/doth/clean.sh (+1/-0)
bin/tests/system/doth/conftest.py (+17/-13)
bin/tests/system/doth/example8.axfr.good (+2676/-0)
bin/tests/system/doth/get_openssl_version.py (+5/-13)
bin/tests/system/doth/ns1/named.conf.in (+96/-6)
bin/tests/system/doth/ns2/named.conf.in (+123/-4)
bin/tests/system/doth/ns3/named.conf.in (+3/-3)
bin/tests/system/doth/ns4/named.conf.in (+3/-3)
bin/tests/system/doth/prereq.sh (+20/-0)
bin/tests/system/doth/stress_http_quota.py (+27/-26)
bin/tests/system/doth/tests.sh (+320/-8)
bin/tests/system/doth/tests_gnutls.py (+32/-17)
bin/tests/system/doth/tests_sslyze.py (+65/-0)
bin/tests/system/dsdigest/ns1/sign.sh (+2/-2)
bin/tests/system/dsdigest/ns2/sign.sh (+4/-4)
bin/tests/system/dupsigs/check_journal.pl (+0/-5)
bin/tests/system/dupsigs/clean.sh (+3/-0)
bin/tests/system/dupsigs/ns1/named.conf.in (+1/-1)
bin/tests/system/dupsigs/ns1/reset_keys.sh (+8/-7)
bin/tests/system/dupsigs/ns1/signing.test.db.in (+1/-1)
bin/tests/system/dupsigs/setup.sh (+2/-0)
bin/tests/system/dupsigs/tests.sh (+29/-9)
bin/tests/system/dyndb/driver/Makefile.in (+13/-4)
bin/tests/system/dyndb/driver/db.c (+11/-8)
bin/tests/system/dyndb/driver/log.h (+0/-2)
bin/tests/system/dyndb/driver/syncptr.c (+1/-1)
bin/tests/system/dyndb/ns1/named.conf.in (+1/-1)
bin/tests/system/dyndb/prereq.sh (+2/-0)
bin/tests/system/ednscompliance/tests.sh (+1/-1)
bin/tests/system/emptyzones/clean.sh (+2/-0)
bin/tests/system/emptyzones/ns1/named1.conf.in (+4/-4)
bin/tests/system/emptyzones/ns1/named2.conf.in (+4/-4)
bin/tests/system/emptyzones/setup.sh (+2/-0)
bin/tests/system/enginepkcs11/clean.sh (+3/-3)
bin/tests/system/enginepkcs11/ns1/named.args (+1/-0)
bin/tests/system/enginepkcs11/ns1/named.conf.in (+1/-1)
bin/tests/system/enginepkcs11/setup.sh (+4/-4)
bin/tests/system/feature-test.c (+31/-11)
bin/tests/system/fetchlimit/ns2/named.conf.in (+1/-1)
bin/tests/system/fetchlimit/ns3/named1.conf.in (+5/-1)
bin/tests/system/fetchlimit/ns3/named2.conf.in (+5/-1)
bin/tests/system/fetchlimit/ns3/named3.conf.in (+5/-1)
bin/tests/system/fetchlimit/tests.sh (+22/-19)
bin/tests/system/filter-aaaa/ns1/named1.conf.in (+1/-1)
bin/tests/system/filter-aaaa/ns1/named2.conf.in (+1/-1)
bin/tests/system/filter-aaaa/ns2/named1.conf.in (+1/-1)
bin/tests/system/filter-aaaa/ns2/named2.conf.in (+1/-1)
bin/tests/system/filter-aaaa/ns3/named1.conf.in (+1/-1)
bin/tests/system/filter-aaaa/ns3/named2.conf.in (+1/-1)
bin/tests/system/filter-aaaa/ns4/named1.conf.in (+1/-1)
bin/tests/system/filter-aaaa/ns4/named2.conf.in (+1/-1)
bin/tests/system/filter-aaaa/ns5/named.conf.in (+1/-1)
bin/tests/system/formerr/clean.sh (+2/-0)
bin/tests/system/forward/ans11/ans.py (+271/-0)
bin/tests/system/forward/clean.sh (+4/-1)
bin/tests/system/forward/ns1/diditwork.net.db (+7/-11)
bin/tests/system/forward/ns1/named.conf.in (+20/-0)
bin/tests/system/forward/ns1/net.example.lll (+15/-0)
bin/tests/system/forward/ns1/spoofed.net.db (+22/-0)
bin/tests/system/forward/ns1/sub.local.net.db (+22/-0)
bin/tests/system/forward/ns10/fakenet.zone (+17/-0)
bin/tests/system/forward/ns10/fakenet2.zone (+15/-0)
bin/tests/system/forward/ns10/fakesublocalnet.zone (+15/-0)
bin/tests/system/forward/ns10/fakesublocaltld.zone (+15/-0)
bin/tests/system/forward/ns10/named.conf.in (+53/-0)
bin/tests/system/forward/ns10/net.example.lll (+15/-0)
bin/tests/system/forward/ns10/spoofednet.zone (+16/-0)
bin/tests/system/forward/ns2/tld.db (+6/-0)
bin/tests/system/forward/ns3/named1.conf.in (+1/-1)
bin/tests/system/forward/ns3/named2.conf.in (+1/-1)
bin/tests/system/forward/ns3/root2.db (+21/-0)
bin/tests/system/forward/ns4/named.conf.in (+5/-0)
bin/tests/system/forward/ns4/sibling.tld.db (+22/-0)
bin/tests/system/forward/ns8/named.conf.in (+5/-0)
bin/tests/system/forward/ns8/sub.local.tld.db (+15/-0)
bin/tests/system/forward/ns9/local.net.db (+16/-0)
bin/tests/system/forward/ns9/local.tld.db (+15/-0)
bin/tests/system/forward/ns9/named1.conf.in (+67/-0)
bin/tests/system/forward/ns9/named2.conf.in (+70/-0)
bin/tests/system/forward/ns9/named3.conf.in (+50/-0)
bin/tests/system/forward/ns9/named4.conf.in (+21/-9)
bin/tests/system/forward/ns9/root.db (+2/-8)
bin/tests/system/forward/setup.sh (+2/-0)
bin/tests/system/forward/tests.sh (+157/-11)
bin/tests/system/geoip2/conf/bad-regiondb.conf (+1/-1)
bin/tests/system/geoip2/ns2/named1.conf.in (+1/-1)
bin/tests/system/geoip2/ns2/named10.conf.in (+1/-1)
bin/tests/system/geoip2/ns2/named11.conf.in (+1/-1)
bin/tests/system/geoip2/ns2/named12.conf.in (+1/-1)
bin/tests/system/geoip2/ns2/named2.conf.in (+1/-1)
bin/tests/system/geoip2/ns2/named3.conf.in (+1/-1)
bin/tests/system/geoip2/ns2/named4.conf.in (+1/-1)
bin/tests/system/geoip2/ns2/named5.conf.in (+1/-1)
bin/tests/system/geoip2/ns2/named6.conf.in (+1/-1)
bin/tests/system/geoip2/ns2/named7.conf.in (+1/-1)
bin/tests/system/geoip2/ns2/named8.conf.in (+1/-1)
bin/tests/system/geoip2/ns2/named9.conf.in (+1/-1)
bin/tests/system/get_algorithms.py (+242/-0)
bin/tests/system/get_core_dumps.sh (+66/-0)
bin/tests/system/get_ports.sh (+6/-2)
bin/tests/system/hooks/driver/Makefile.in (+13/-4)
bin/tests/system/hooks/driver/test-async.c (+1/-9)
bin/tests/system/hooks/ns1/named.conf.in (+1/-1)
bin/tests/system/host/clean.sh (+8/-5)
bin/tests/system/host/ns1/example.net.db (+31/-0)
bin/tests/system/host/ns1/named.conf.in (+9/-10)
bin/tests/system/host/setup.sh (+6/-0)
bin/tests/system/host/tests.sh (+128/-0)
bin/tests/system/idna/tests.sh (+7/-5)
bin/tests/system/ifconfig.sh.in (+217/-192)
bin/tests/system/inline/clean.sh (+2/-0)
bin/tests/system/inline/ns1/sign.sh (+2/-2)
bin/tests/system/inline/ns3/sign.sh (+39/-39)
bin/tests/system/inline/ns7/sign.sh (+3/-3)
bin/tests/system/inline/ns8/sign.sh (+4/-4)
bin/tests/system/inline/setup.sh (+2/-0)
bin/tests/system/inline/tests.sh (+237/-242)
bin/tests/system/inline/tests_signed_zone_files.py (+16/-16)
bin/tests/system/ixfr/ns1/named.conf.in (+1/-1)
bin/tests/system/ixfr/ns3/named.conf.in (+1/-1)
bin/tests/system/ixfr/ns4/named.conf.in (+1/-1)
bin/tests/system/ixfr/ns5/named.conf.in (+1/-1)
bin/tests/system/ixfr/tests.sh (+4/-0)
bin/tests/system/journal/clean.sh (+2/-0)
bin/tests/system/journal/ns1/named.conf.in (+1/-1)
bin/tests/system/journal/ns2/named.conf.in (+1/-1)
bin/tests/system/kasp.sh (+77/-23)
bin/tests/system/kasp/clean.sh (+3/-2)
bin/tests/system/kasp/kasp.conf (+2/-2)
bin/tests/system/kasp/ns2/named.conf.in (+3/-2)
bin/tests/system/kasp/ns3/ed25519.conf (+1/-0)
bin/tests/system/kasp/ns3/ed448.conf (+1/-0)
bin/tests/system/kasp/ns3/named-fips.conf.in (+508/-0)
bin/tests/system/kasp/ns3/named.conf.in (+2/-426)
bin/tests/system/kasp/ns3/policies/kasp-fips.conf.in (+118/-0)
bin/tests/system/kasp/ns3/policies/kasp.conf.in (+1/-101)
bin/tests/system/kasp/ns3/setup.sh (+120/-65)
bin/tests/system/kasp/ns4/named.conf.in (+18/-10)
bin/tests/system/kasp/ns5/named.conf.in (+11/-7)
bin/tests/system/kasp/ns6/named.conf.in (+16/-3)
bin/tests/system/kasp/ns6/named2.conf.in (+26/-2)
bin/tests/system/kasp/ns6/policies/csk1.conf.in (+1/-1)
bin/tests/system/kasp/ns6/policies/kasp-fips.conf.in (+63/-0)
bin/tests/system/kasp/ns6/policies/kasp.conf.in (+1/-27)
bin/tests/system/kasp/ns6/setup.sh (+57/-39)
bin/tests/system/kasp/setup.sh (+17/-1)
bin/tests/system/kasp/tests.sh (+258/-119)
bin/tests/system/keepalive/clean.sh (+2/-0)
bin/tests/system/keepalive/ns1/named.conf.in (+1/-1)
bin/tests/system/keepalive/ns2/named.conf.in (+1/-1)
bin/tests/system/keepalive/ns3/named.conf.in (+1/-1)
bin/tests/system/keyfromlabel/prereq.sh (+2/-2)
bin/tests/system/keyfromlabel/tests.sh (+4/-4)
bin/tests/system/keymgr2kasp/clean.sh (+1/-0)
bin/tests/system/keymgr2kasp/ns3/kasp.conf.in (+4/-4)
bin/tests/system/keymgr2kasp/ns3/named.conf.in (+1/-1)
bin/tests/system/keymgr2kasp/ns3/named2.conf.in (+1/-1)
bin/tests/system/keymgr2kasp/ns3/setup.sh (+7/-7)
bin/tests/system/keymgr2kasp/ns4/named.conf.in (+3/-3)
bin/tests/system/keymgr2kasp/ns4/named2.conf.in (+6/-4)
bin/tests/system/keymgr2kasp/ns4/setup.sh (+1/-1)
bin/tests/system/keymgr2kasp/tests.sh (+14/-14)
bin/tests/system/legacy/clean.sh (+2/-0)
bin/tests/system/legacy/ns1/named1.conf.in (+1/-1)
bin/tests/system/legacy/tests.sh (+14/-9)
bin/tests/system/logfileconfig/ns1/named.dirconf.in (+1/-1)
bin/tests/system/logfileconfig/ns1/named.iso8601-utc.in (+1/-1)
bin/tests/system/logfileconfig/ns1/named.iso8601.in (+1/-1)
bin/tests/system/logfileconfig/ns1/named.pipeconf.in (+1/-1)
bin/tests/system/logfileconfig/ns1/named.plain.in (+1/-1)
bin/tests/system/logfileconfig/ns1/named.plainconf.in (+1/-1)
bin/tests/system/logfileconfig/ns1/named.symconf.in (+1/-1)
bin/tests/system/logfileconfig/ns1/named.tsconf.in (+1/-1)
bin/tests/system/logfileconfig/ns1/named.unlimited.in (+1/-1)
bin/tests/system/logfileconfig/ns1/named.versconf.in (+1/-1)
bin/tests/system/logfileconfig/tests.sh (+4/-4)
bin/tests/system/masterformat/ns1/named.conf.in (+1/-1)
bin/tests/system/masterformat/ns3/named.conf.in (+1/-1)
bin/tests/system/masterformat/tests.sh (+3/-3)
bin/tests/system/metadata/setup.sh (+11/-11)
bin/tests/system/metadata/tests.sh (+79/-55)
bin/tests/system/mirror/clean.sh (+2/-0)
bin/tests/system/mirror/ns1/sign.sh (+2/-2)
bin/tests/system/mirror/ns2/named.conf.in (+1/-1)
bin/tests/system/mirror/ns2/sign.sh (+8/-8)
bin/tests/system/mirror/ns3/named.conf.in (+1/-1)
bin/tests/system/mirror/tests.sh (+73/-73)
bin/tests/system/mkeys/clean.sh (+1/-0)
bin/tests/system/mkeys/ns1/named1.conf.in (+1/-1)
bin/tests/system/mkeys/ns1/named2.conf.in (+1/-1)
bin/tests/system/mkeys/ns1/named3.conf.in (+1/-1)
bin/tests/system/mkeys/ns1/sign.sh (+35/-2)
bin/tests/system/mkeys/ns2/named.conf.in (+1/-1)
bin/tests/system/mkeys/ns3/named.conf.in (+2/-5)
bin/tests/system/mkeys/ns4/named.conf.in (+1/-1)
bin/tests/system/mkeys/ns5/named.conf.in (+1/-1)
bin/tests/system/mkeys/ns6/named.conf.in (+1/-1)
bin/tests/system/mkeys/ns6/setup.sh (+4/-4)
bin/tests/system/mkeys/ns7/named.conf.in (+1/-1)
bin/tests/system/mkeys/setup.sh (+7/-0)
bin/tests/system/mkeys/tests.sh (+23/-22)
bin/tests/system/names/setup.sh (+2/-0)
bin/tests/system/notify/clean.sh (+4/-4)
bin/tests/system/notify/ns2/named.conf.in (+1/-1)
bin/tests/system/notify/ns3/named.conf.in (+2/-0)
bin/tests/system/notify/tests.sh (+76/-97)
bin/tests/system/nsec3/clean.sh (+3/-2)
bin/tests/system/nsec3/ns2/named.conf.in (+21/-7)
bin/tests/system/nsec3/ns2/setup.sh (+22/-0)
bin/tests/system/nsec3/ns2/template.db.in (+28/-0)
bin/tests/system/nsec3/ns3/named.conf.in (+96/-1)
bin/tests/system/nsec3/ns3/named2.conf.in (+84/-1)
bin/tests/system/nsec3/ns3/setup.sh (+28/-1)
bin/tests/system/nsec3/setup.sh (+5/-1)
bin/tests/system/nsec3/tests.sh (+277/-59)
bin/tests/system/nslookup/clean.sh (+2/-0)
bin/tests/system/nslookup/tests.sh (+15/-0)
bin/tests/system/nsupdate/krb/setup.sh (+2/-0)
bin/tests/system/nsupdate/ns1/named.conf.in (+6/-4)
bin/tests/system/nsupdate/ns10/named.conf.in (+1/-1)
bin/tests/system/nsupdate/ns2/named.conf.in (+4/-4)
bin/tests/system/nsupdate/ns3/named.conf.in (+3/-3)
bin/tests/system/nsupdate/ns3/sign.sh (+6/-6)
bin/tests/system/nsupdate/ns5/named.conf.in (+1/-1)
bin/tests/system/nsupdate/ns6/named.conf.in (+1/-1)
bin/tests/system/nsupdate/ns7/named.conf.in (+1/-1)
bin/tests/system/nsupdate/ns8/named.conf.in (+1/-1)
bin/tests/system/nsupdate/ns9/named.conf.in (+1/-1)
bin/tests/system/nsupdate/tests.sh (+191/-137)
bin/tests/system/nzd2nzf/ns1/named.conf.in (+1/-1)
bin/tests/system/nzd2nzf/prereq.sh (+7/-12)
bin/tests/system/nzd2nzf/tests.sh (+5/-4)
bin/tests/system/org.isc.bind.system (+14/-3)
bin/tests/system/padding/clean.sh (+2/-0)
bin/tests/system/padding/ns1/named.conf.in (+1/-1)
bin/tests/system/padding/ns2/named.conf.in (+1/-1)
bin/tests/system/padding/ns3/named.conf.in (+1/-1)
bin/tests/system/padding/ns4/named.conf.in (+1/-1)
bin/tests/system/pending/ns1/sign.sh (+2/-2)
bin/tests/system/pending/ns2/sign.sh (+2/-2)
bin/tests/system/pipelined/ans5/ans.py (+44/-30)
bin/tests/system/pipelined/ns1/named.conf.in (+1/-1)
bin/tests/system/pipelined/ns2/named.conf.in (+1/-1)
bin/tests/system/pipelined/ns3/named.conf.in (+1/-1)
bin/tests/system/pipelined/ns4/named.conf.in (+1/-1)
bin/tests/system/pipelined/pipequeries.c (+4/-4)
bin/tests/system/pytest_custom_markers.py (+42/-0)
bin/tests/system/qmin/ans2/ans.py (+154/-44)
bin/tests/system/qmin/ans3/ans.py (+72/-21)
bin/tests/system/qmin/ans4/ans.py (+101/-27)
bin/tests/system/qmin/clean.sh (+1/-1)
bin/tests/system/qmin/ns5/named.conf.in (+1/-1)
bin/tests/system/qmin/ns6/named.conf.in (+1/-1)
bin/tests/system/qmin/ns7/named.conf.in (+1/-1)
bin/tests/system/qmin/tests.sh (+1/-1)
bin/tests/system/reclimit/ns3/named1.conf.in (+1/-1)
bin/tests/system/reclimit/ns3/named2.conf.in (+1/-1)
bin/tests/system/reclimit/ns3/named3.conf.in (+1/-1)
bin/tests/system/reclimit/ns3/named4.conf.in (+1/-1)
bin/tests/system/redirect/ns1/sign.sh (+4/-4)
bin/tests/system/redirect/ns2/named.conf.in (+1/-1)
bin/tests/system/redirect/ns3/sign.sh (+4/-4)
bin/tests/system/redirect/ns4/named.conf.in (+1/-1)
bin/tests/system/redirect/ns5/sign.sh (+4/-4)
bin/tests/system/redirect/tests.sh (+9/-0)
bin/tests/system/resolve.c (+7/-4)
bin/tests/system/resolver/ans2/ans.pl (+11/-0)
bin/tests/system/resolver/ans3/ans.pl (+64/-10)
bin/tests/system/resolver/ns1/named.conf.in (+16/-3)
bin/tests/system/resolver/ns4/named.conf.in (+9/-4)
bin/tests/system/resolver/ns4/root.db (+3/-0)
bin/tests/system/resolver/ns4/tld1.db (+3/-0)
bin/tests/system/resolver/ns4/tld2.db (+5/-2)
bin/tests/system/resolver/ns4/v4only.net.db (+22/-0)
bin/tests/system/resolver/ns5/named.conf.in (+4/-4)
bin/tests/system/resolver/ns6/keygen.sh (+7/-4)
bin/tests/system/resolver/ns6/named.conf.in (+15/-5)
bin/tests/system/resolver/ns6/redirect.com.db (+27/-0)
bin/tests/system/resolver/ns6/root.db (+3/-0)
bin/tests/system/resolver/ns6/tld1.db (+17/-0)
bin/tests/system/resolver/ns7/named1.conf.in (+15/-5)
bin/tests/system/resolver/ns7/named2.conf.in (+15/-5)
bin/tests/system/resolver/ns7/sub.tld1.db (+17/-0)
bin/tests/system/resolver/ns7/tld2.db (+18/-0)
bin/tests/system/resolver/ns9/named.args (+2/-0)
bin/tests/system/resolver/ns9/named.conf.in (+39/-0)
bin/tests/system/resolver/ns9/named.ipv6-only (+0/-0)
bin/tests/system/resolver/ns9/root.hint (+15/-0)
bin/tests/system/resolver/setup.sh (+1/-0)
bin/tests/system/resolver/tests.sh (+95/-18)
bin/tests/system/rndc/ns2/named.conf.in (+1/-1)
bin/tests/system/rndc/ns3/named.conf.in (+1/-1)
bin/tests/system/rndc/ns5/named.conf.in (+1/-1)
bin/tests/system/rndc/ns6/named.conf.in (+1/-1)
bin/tests/system/rndc/ns7/named.conf.in (+3/-3)
bin/tests/system/rndc/setup.sh (+1/-1)
bin/tests/system/rndc/tests.sh (+14/-14)
bin/tests/system/rootkeysentinel/ns1/sign.sh (+2/-2)
bin/tests/system/rootkeysentinel/ns2/sign.sh (+8/-6)
bin/tests/system/rpz/clean.sh (+3/-1)
bin/tests/system/rpz/dnsrps.c (+4/-5)
bin/tests/system/rpz/ns1/named.conf.in (+1/-1)
bin/tests/system/rpz/ns10/hints (+2/-8)
bin/tests/system/rpz/ns10/named.conf.in (+42/-0)
bin/tests/system/rpz/ns10/stub.db (+21/-0)
bin/tests/system/rpz/ns2/base-tld2s.db (+1/-0)
bin/tests/system/rpz/ns2/named.conf.in (+5/-1)
bin/tests/system/rpz/ns2/stub.db (+20/-0)
bin/tests/system/rpz/ns2/tld2.db (+3/-0)
bin/tests/system/rpz/ns3/named.conf.in (+21/-1)
bin/tests/system/rpz/ns4/named.conf.in (+1/-1)
bin/tests/system/rpz/ns5/named.conf.in (+1/-1)
bin/tests/system/rpz/ns6/bl.tld2s.db.in (+20/-0)
bin/tests/system/rpz/ns6/named.conf.in (+7/-1)
bin/tests/system/rpz/ns7/named.conf.in (+1/-1)
bin/tests/system/rpz/ns8/named.conf.in (+1/-1)
bin/tests/system/rpz/ns9/named.conf.in (+1/-1)
bin/tests/system/rpz/qperf.sh (+1/-1)
bin/tests/system/rpz/setup.sh (+8/-6)
bin/tests/system/rpz/tests.sh (+61/-16)
bin/tests/system/rpzextra/clean.sh (+2/-0)
bin/tests/system/rpzextra/ns1/named.conf.in (+1/-1)
bin/tests/system/rpzextra/ns2/named.conf.in (+1/-1)
bin/tests/system/rpzextra/setup.sh (+1/-1)
bin/tests/system/rpzextra/tests_rpz_passthru_logging.py (+8/-6)
bin/tests/system/rpzrecurse/clean.sh (+2/-0)
bin/tests/system/rpzrecurse/ns1/named.conf.in (+1/-1)
bin/tests/system/rpzrecurse/ns2/named.conf.header.in (+1/-1)
bin/tests/system/rpzrecurse/ns4/named.conf.in (+1/-1)
bin/tests/system/rpzrecurse/tests.sh (+4/-4)
bin/tests/system/rrchecker/clean.sh (+2/-0)
bin/tests/system/rrl/broken.conf.in (+2/-2)
bin/tests/system/rrl/clean.sh (+3/-0)
bin/tests/system/rrl/ns2/named.conf.in (+1/-1)
bin/tests/system/rrl/ns4/named.conf.in (+1/-1)
bin/tests/system/rrl/setup.sh (+1/-0)
bin/tests/system/rrl/tests.sh (+12/-15)
bin/tests/system/rrsetorder/tests.sh (+144/-139)
bin/tests/system/rsabigexponent/README.md (+8/-0)
bin/tests/system/rsabigexponent/bigkey.c (+2/-2)
bin/tests/system/rsabigexponent/ns1/sign.sh (+1/-1)
bin/tests/system/rsabigexponent/ns2/Xexample.+008+51650.key (+5/-0)
bin/tests/system/rsabigexponent/ns2/Xexample.+008+51650.private (+13/-0)
bin/tests/system/rsabigexponent/ns2/Xexample.+008+52810.key (+2/-0)
bin/tests/system/rsabigexponent/ns2/Xexample.+008+52810.private (+10/-0)
bin/tests/system/rsabigexponent/ns2/dsset-example.in (+1/-2)
bin/tests/system/rsabigexponent/ns2/example.db.bad (+135/-91)
bin/tests/system/rsabigexponent/ns2/sign.sh (+3/-3)
bin/tests/system/run.sh.in (+6/-48)
bin/tests/system/runtime/ns2/named1.conf.in (+1/-1)
bin/tests/system/serve-stale/ans2/ans.pl (+24/-0)
bin/tests/system/serve-stale/clean.sh (+2/-0)
bin/tests/system/serve-stale/ns1/named1.conf.in (+1/-1)
bin/tests/system/serve-stale/ns1/named2.conf.in (+4/-3)
bin/tests/system/serve-stale/ns1/named3.conf.in (+1/-2)
bin/tests/system/serve-stale/ns1/named4.conf.in (+48/-0)
bin/tests/system/serve-stale/ns1/stale.test.db (+19/-0)
bin/tests/system/serve-stale/ns3/named1.conf.in (+1/-1)
bin/tests/system/serve-stale/ns3/named2.conf.in (+1/-1)
bin/tests/system/serve-stale/ns3/named3.conf.in (+1/-1)
bin/tests/system/serve-stale/ns3/named4.conf.in (+1/-1)
bin/tests/system/serve-stale/ns3/named5.conf.in (+1/-1)
bin/tests/system/serve-stale/ns3/named6.conf.in (+1/-5)
bin/tests/system/serve-stale/ns3/named7.conf.in (+1/-1)
bin/tests/system/serve-stale/ns3/named8.conf.in (+1/-1)
bin/tests/system/serve-stale/ns4/named.conf.in (+1/-1)
bin/tests/system/serve-stale/ns5/named.conf.in (+1/-1)
bin/tests/system/serve-stale/tests.sh (+372/-141)
bin/tests/system/sfcache/ns2/named.conf.in (+1/-1)
bin/tests/system/sfcache/ns5/named.conf.in (+1/-1)
bin/tests/system/shutdown/clean.sh (+2/-0)
bin/tests/system/shutdown/ns1/named.conf.in (+1/-1)
bin/tests/system/shutdown/ns2/named.conf.in (+1/-1)
bin/tests/system/shutdown/resolver/named.conf.in (+2/-1)
bin/tests/system/shutdown/setup.sh (+1/-1)
bin/tests/system/shutdown/tests_shutdown.py (+46/-41)
bin/tests/system/smartsign/tests.sh (+38/-38)
bin/tests/system/sortlist/tests.sh (+4/-4)
bin/tests/system/spf/clean.sh (+2/-0)
bin/tests/system/start.pl (+27/-17)
bin/tests/system/staticstub/ns2/named.conf.in (+1/-1)
bin/tests/system/staticstub/ns3/named.conf.in (+1/-1)
bin/tests/system/staticstub/ns3/sign.sh (+4/-4)
bin/tests/system/staticstub/ns4/sign.sh (+2/-2)
bin/tests/system/statistics/clean.sh (+1/-1)
bin/tests/system/statistics/ns2/named.conf.in (+1/-1)
bin/tests/system/statistics/ns2/named2.conf.in (+1/-1)
bin/tests/system/statistics/ns3/named.conf.in (+1/-1)
bin/tests/system/statistics/ns3/root.hint (+7/-0)
bin/tests/system/statistics/tests.sh (+5/-5)
bin/tests/system/statschannel/clean.sh (+1/-2)
bin/tests/system/statschannel/conftest.py (+1/-83)
bin/tests/system/statschannel/generic.py (+72/-57)
bin/tests/system/statschannel/generic_dnspython.py (+55/-70)
bin/tests/system/statschannel/ns1/named.conf.in (+1/-1)
bin/tests/system/statschannel/ns2/named.conf.in (+1/-1)
bin/tests/system/statschannel/ns2/named2.conf.in (+1/-1)
bin/tests/system/statschannel/ns3/named.conf.in (+1/-1)
bin/tests/system/statschannel/tests.sh (+155/-81)
bin/tests/system/statschannel/tests_json.py (+108/-0)
bin/tests/system/statschannel/tests_xml.py (+48/-54)
bin/tests/system/stop.pl (+4/-0)
bin/tests/system/stress/clean.sh (+3/-0)
bin/tests/system/stress/ns1/named.conf.in (+2/-1)
bin/tests/system/stress/ns2/named.conf.in (+1/-1)
bin/tests/system/stress/ns3/named.conf.in (+3/-3)
bin/tests/system/stress/ns4/named.conf.in (+1/-1)
bin/tests/system/stress/setup.sh (+5/-0)
bin/tests/system/stress/tests.sh (+6/-2)
bin/tests/system/stub/tests.sh (+2/-2)
bin/tests/system/synthfromdnssec/ns1/dnamed.db.in (+2/-1)
bin/tests/system/synthfromdnssec/ns1/named.conf.in (+1/-1)
bin/tests/system/synthfromdnssec/ns1/root.db.in (+1/-0)
bin/tests/system/synthfromdnssec/ns1/sign.sh (+5/-5)
bin/tests/system/synthfromdnssec/ns2/example.internal.db (+16/-0)
bin/tests/system/synthfromdnssec/ns2/named.conf.in (+11/-1)
bin/tests/system/synthfromdnssec/ns3/named.conf.in (+1/-1)
bin/tests/system/synthfromdnssec/ns4/named.conf.in (+1/-2)
bin/tests/system/synthfromdnssec/ns5/internal2.db (+17/-0)
bin/tests/system/synthfromdnssec/ns5/named.conf.in (+13/-1)
bin/tests/system/synthfromdnssec/ns6/named.conf.in (+1/-1)
bin/tests/system/synthfromdnssec/tests.sh (+49/-1)
bin/tests/system/tcp/ans6/ans.py (+25/-24)
bin/tests/system/tcp/ns1/named.conf.in (+1/-1)
bin/tests/system/tcp/ns2/named.conf.in (+1/-1)
bin/tests/system/tcp/ns3/named.conf.in (+1/-1)
bin/tests/system/tcp/ns4/named.conf.in (+1/-1)
bin/tests/system/tcp/ns5/named.conf.in (+1/-1)
bin/tests/system/tcp/ns7/named.conf.in (+1/-1)
bin/tests/system/tcp/ns7/named.dropedns (+1/-0)
bin/tests/system/tcp/tests_tcp.py (+46/-20)
bin/tests/system/testcrypto.sh (+67/-45)
bin/tests/system/testsock.pl (+12/-1)
bin/tests/system/timeouts/tests_tcp_timeouts.py (+69/-86)
bin/tests/system/tkey/keycreate.c (+3/-3)
bin/tests/system/tkey/keydelete.c (+3/-3)
bin/tests/system/tkey/ns1/named.conf.in (+1/-1)
bin/tests/system/tsiggss/ns1/named.conf.in (+1/-1)
bin/tests/system/tsiggss/tests.sh (+1/-1)
bin/tests/system/ttl/ns1/named.conf.in (+1/-1)
bin/tests/system/ttl/ns2/named.conf.in (+1/-1)
bin/tests/system/unknown/ns3/sign.sh (+2/-2)
bin/tests/system/unknown/setup.sh (+2/-0)
bin/tests/system/unknown/tests.sh (+4/-4)
bin/tests/system/upforwd/clean.sh (+2/-0)
bin/tests/system/upforwd/ns3/named1.conf.in (+12/-5)
bin/tests/system/upforwd/ns3/named2.conf.in (+20/-10)
bin/tests/system/upforwd/setup.sh (+2/-2)
bin/tests/system/upforwd/tests.sh (+39/-0)
bin/tests/system/verify/clean.sh (+2/-0)
bin/tests/system/verify/tests.sh (+2/-0)
bin/tests/system/verify/zones/genzones.sh (+56/-53)
bin/tests/system/views/ns2/named1.conf.in (+1/-1)
bin/tests/system/views/ns2/named2.conf.in (+1/-1)
bin/tests/system/views/ns2/named3.conf.in (+1/-1)
bin/tests/system/views/ns3/named1.conf.in (+1/-1)
bin/tests/system/views/ns3/named2.conf.in (+1/-1)
bin/tests/system/views/ns5/named.conf.in (+1/-1)
bin/tests/system/views/setup.sh (+6/-6)
bin/tests/system/wildcard/ns1/sign.sh (+10/-10)
bin/tests/system/wildcard/tests.sh (+1/-1)
bin/tests/system/wildcard/tests_wildcard.py (+24/-16)
bin/tests/system/xfer/clean.sh (+2/-1)
bin/tests/system/xfer/dig3.good (+6/-0)
bin/tests/system/xfer/ns1/dot-fallback.db.in (+19/-0)
bin/tests/system/xfer/ns1/named.conf.in (+5/-0)
bin/tests/system/xfer/ns2/named.conf.in (+10/-1)
bin/tests/system/xfer/ns3/named.conf.in (+1/-1)
bin/tests/system/xfer/ns4/named.conf.base (+1/-1)
bin/tests/system/xfer/prereq.sh (+26/-0)
bin/tests/system/xfer/setup.sh (+2/-0)
bin/tests/system/xfer/tests.sh (+18/-7)
bin/tests/system/xferquota/ns1/named.conf.in (+1/-1)
bin/tests/system/zero/clean.sh (+2/-0)
bin/tests/system/zero/setup.sh (+2/-0)
bin/tests/system/zero/tests.sh (+13/-13)
bin/tests/system/zonechecks/ns1/named.conf.in (+1/-1)
bin/tests/system/zonechecks/ns2/named.conf.in (+1/-1)
bin/tests/system/zonechecks/setup.sh (+2/-2)
bin/tests/test_client.c (+5/-5)
bin/tests/test_server.c (+4/-5)
bin/tests/wire_test.c (+3/-3)
bin/tools/Makefile.am (+1/-1)
bin/tools/Makefile.in (+19/-13)
bin/tools/arpaname.rst (+3/-1)
bin/tools/dnstap-read.c (+3/-3)
bin/tools/dnstap-read.rst (+13/-7)
bin/tools/mdig.c (+26/-37)
bin/tools/mdig.rst (+128/-75)
bin/tools/named-journalprint.rst (+9/-7)
bin/tools/named-nzd2nzf.rst (+6/-3)
bin/tools/named-rrchecker.c (+2/-2)
bin/tools/named-rrchecker.rst (+14/-7)
bin/tools/nsec3hash.c (+1/-1)
bin/tools/nsec3hash.rst (+13/-6)
config.h.in (+18/-3)
configure (+1444/-134)
configure.ac (+44/-37)
contrib/dlz/example/Makefile (+1/-1)
contrib/dlz/example/dlz_example.c (+2/-1)
contrib/dlz/modules/bdbhpt/Makefile (+1/-1)
contrib/dlz/modules/bdbhpt/dlz_bdbhpt_dynamic.c (+4/-2)
contrib/dlz/modules/filesystem/Makefile (+1/-1)
contrib/dlz/modules/filesystem/dlz_filesystem_dynamic.c (+12/-6)
contrib/dlz/modules/include/dlz_dbi.h (+1/-1)
contrib/dlz/modules/include/dlz_list.h (+14/-0)
contrib/dlz/modules/include/dlz_minimal.h (+25/-6)
contrib/dlz/modules/ldap/Makefile (+1/-1)
contrib/dlz/modules/ldap/dlz_ldap_dynamic.c (+3/-0)
contrib/dlz/modules/mysql/Makefile (+2/-2)
contrib/dlz/modules/mysql/dlz_mysql_dynamic.c (+11/-9)
contrib/dlz/modules/mysqldyn/Makefile (+2/-2)
contrib/dlz/modules/mysqldyn/dlz_mysqldyn_mod.c (+11/-7)
contrib/dlz/modules/perl/Makefile (+4/-0)
contrib/dlz/modules/perl/dlz_perl_driver.c (+20/-15)
contrib/dlz/modules/sqlite3/Makefile (+1/-1)
contrib/dlz/modules/sqlite3/dlz_sqlite3_dynamic.c (+49/-48)
contrib/dlz/modules/wildcard/Makefile (+1/-1)
contrib/dlz/modules/wildcard/dlz_wildcard_dynamic.c (+14/-12)
debian/bind9-doc.docs (+0/-1)
debian/changelog (+62/-0)
debian/tests/control (+6/-0)
debian/tests/zonetest (+49/-0)
dev/null (+0/-79)
doc/Makefile.in (+12/-3)
doc/arm/Makefile.am (+68/-38)
doc/arm/Makefile.in (+83/-52)
doc/arm/_ext/iscconf.py (+605/-0)
doc/arm/_ext/mergegrammar.py (+63/-0)
doc/arm/_ext/namedconf.py (+35/-0)
doc/arm/_ext/rndcconf.py (+36/-0)
doc/arm/_static/custom.css (+25/-0)
doc/arm/advanced.inc.rst (+37/-460)
doc/arm/build.inc.rst (+7/-5)
doc/arm/catz.inc.rst (+115/-62)
doc/arm/chapter1.rst (+3/-6)
doc/arm/chapter10.rst (+1/-3)
doc/arm/chapter2.rst (+2/-5)
doc/arm/chapter3.rst (+5/-6)
doc/arm/chapter4.rst (+2/-5)
doc/arm/chapter5.rst (+3/-6)
doc/arm/chapter6.rst (+5/-7)
doc/arm/chapter7.rst (+4/-6)
doc/arm/chapter9.rst (+1/-4)
doc/arm/conf.py (+62/-66)
doc/arm/config-auth.inc.rst (+268/-0)
doc/arm/config-intro.inc.rst (+205/-0)
doc/arm/config-resolve.inc.rst (+566/-0)
doc/arm/dlz.inc.rst (+18/-9)
doc/arm/dns-ops.inc.rst (+243/-0)
doc/arm/dnssec-guide.rst (+2/-0)
doc/arm/dnssec.inc.rst (+520/-0)
doc/arm/dyndb.inc.rst (+7/-4)
doc/arm/general.rst (+3/-3)
doc/arm/index.rst (+10/-7)
doc/arm/intro-dns-bind.inc.rst (+197/-0)
doc/arm/intro-security.inc.rst (+76/-0)
doc/arm/introduction.inc.rst (+100/-0)
doc/arm/logging-categories.inc.rst (+7/-7)
doc/arm/managed-keys.inc.rst (+10/-10)
doc/arm/manpages.rst (+2/-2)
doc/arm/notes.rst (+17/-6)
doc/arm/pkcs11.inc.rst (+16/-16)
doc/arm/platforms.inc.rst (+31/-22)
doc/arm/plugins.inc.rst (+14/-11)
doc/arm/reference.rst (+3751/-2763)
doc/arm/requirements.inc.rst (+4/-6)
doc/arm/requirements.txt (+5/-0)
doc/arm/rpz.inc.rst (+786/-0)
doc/arm/security.inc.rst (+28/-22)
doc/arm/sig0.inc.rst (+16/-6)
doc/arm/tkey.inc.rst (+40/-0)
doc/arm/troubleshooting.inc.rst (+10/-11)
doc/arm/tsig.inc.rst (+165/-0)
doc/arm/zones.inc.rst (+500/-0)
doc/dnssec-guide/advanced-discussions.rst (+150/-132)
doc/dnssec-guide/commonly-asked-questions.rst (+51/-48)
doc/dnssec-guide/getting-started.rst (+30/-120)
doc/dnssec-guide/introduction.rst (+5/-5)
doc/dnssec-guide/recipes.rst (+110/-143)
doc/dnssec-guide/signing.rst (+167/-314)
doc/dnssec-guide/troubleshooting.rst (+23/-21)
doc/dnssec-guide/validation.rst (+32/-34)
doc/man/Makefile.am (+3/-0)
doc/man/Makefile.in (+18/-14)
doc/man/arpaname.1in (+1/-1)
doc/man/conf.py (+143/-50)
doc/man/ddns-confgen.8in (+37/-34)
doc/man/ddns-confgen.rst (+1/-1)
doc/man/delv.1in (+123/-57)
doc/man/dig.1in (+378/-153)
doc/man/dnssec-cds.1in (+52/-30)
doc/man/dnssec-dsfromkey.1in (+52/-28)
doc/man/dnssec-importkey.1in (+48/-22)
doc/man/dnssec-keyfromlabel.1in (+108/-52)
doc/man/dnssec-keygen.1in (+124/-57)
doc/man/dnssec-revoke.1in (+24/-10)
doc/man/dnssec-settime.1in (+99/-46)
doc/man/dnssec-signzone.1in (+161/-59)
doc/man/dnssec-verify.1in (+32/-14)
doc/man/dnstap-read.1in (+13/-7)
doc/man/filter-a.8in (+3/-3)
doc/man/filter-aaaa.8in (+5/-5)
doc/man/host.1in (+80/-42)
doc/man/mdig.1in (+159/-64)
doc/man/named-checkconf.1in (+44/-24)
doc/man/named-checkzone.1in (+100/-61)
doc/man/named-compilezone.1in (+106/-65)
doc/man/named-compilezone.rst (+1/-1)
doc/man/named-journalprint.1in (+6/-6)
doc/man/named-nzd2nzf.1in (+3/-3)
doc/man/named-rrchecker.1in (+15/-7)
doc/man/named.8in (+90/-42)
doc/man/named.conf.5in (+834/-1138)
doc/man/nsec3hash.1in (+14/-6)
doc/man/nslookup.1in (+5/-5)
doc/man/nsupdate.1in (+90/-38)
doc/man/rndc-confgen.8in (+57/-37)
doc/man/rndc.8in (+238/-128)
doc/man/rndc.conf.5in (+14/-14)
doc/man/tsig-keygen.8in (+12/-55)
doc/misc/Makefile.am (+20/-126)
doc/misc/Makefile.in (+40/-148)
doc/misc/cfg_test.c (+4/-2)
doc/misc/checkgrammar.py (+167/-0)
doc/misc/forward.zoneopt (+1/-1)
doc/misc/mirror.zoneopt (+9/-9)
doc/misc/options (+555/-719)
doc/misc/parsegrammar.py (+194/-0)
doc/misc/primary.zoneopt (+12/-11)
doc/misc/redirect.zoneopt (+1/-1)
doc/misc/rndc.grammar (+21/-0)
doc/misc/secondary.zoneopt (+15/-14)
doc/misc/static-stub.zoneopt (+1/-1)
doc/misc/stub.zoneopt (+5/-5)
doc/notes/notes-9.18.0.rst (+32/-29)
doc/notes/notes-9.18.1.rst (+18/-11)
doc/notes/notes-9.18.10.rst (+80/-0)
doc/notes/notes-9.18.11.rst (+112/-0)
doc/notes/notes-9.18.12.rst (+54/-0)
doc/notes/notes-9.18.2.rst (+53/-0)
doc/notes/notes-9.18.3.rst (+73/-0)
doc/notes/notes-9.18.4.rst (+44/-0)
doc/notes/notes-9.18.5.rst (+59/-0)
doc/notes/notes-9.18.6.rst (+62/-0)
doc/notes/notes-9.18.7.rst (+80/-0)
doc/notes/notes-9.18.8.rst (+68/-0)
doc/notes/notes-9.18.9.rst (+61/-0)
doc/notes/notes-known-issues.rst (+51/-0)
fuzz/Makefile.am (+5/-0)
fuzz/Makefile.in (+45/-14)
fuzz/dns_message_checksig.c (+542/-0)
fuzz/main.c (+11/-2)
lib/Makefile.in (+15/-9)
lib/bind9/Makefile.in (+13/-4)
lib/bind9/check.c (+161/-109)
lib/bind9/getaddresses.c (+3/-2)
lib/dns/Makefile.am (+3/-8)
lib/dns/Makefile.in (+58/-164)
lib/dns/acl.c (+50/-20)
lib/dns/adb.c (+172/-128)
lib/dns/badcache.c (+2/-1)
lib/dns/byaddr.c (+3/-2)
lib/dns/cache.c (+10/-16)
lib/dns/catz.c (+549/-150)
lib/dns/client.c (+7/-5)
lib/dns/compress.c (+5/-3)
lib/dns/db.c (+18/-5)
lib/dns/diff.c (+21/-15)
lib/dns/dispatch.c (+916/-677)
lib/dns/dlz.c (+1/-1)
lib/dns/dns64.c (+2/-2)
lib/dns/dnsrps.c (+8/-5)
lib/dns/dnssec.c (+72/-42)
lib/dns/dnstap.c (+15/-11)
lib/dns/ds.c (+1/-2)
lib/dns/dst_api.c (+66/-2)
lib/dns/dst_internal.h (+1/-0)
lib/dns/dst_parse.c (+2/-1)
lib/dns/ecs.c (+3/-3)
lib/dns/forward.c (+17/-25)
lib/dns/gen.c (+65/-13)
lib/dns/gssapi_link.c (+2/-7)
lib/dns/gssapictx.c (+1/-1)
lib/dns/hmac_link.c (+22/-24)
lib/dns/include/dns/acl.h (+21/-11)
lib/dns/include/dns/adb.h (+1/-2)
lib/dns/include/dns/callbacks.h (+1/-1)
lib/dns/include/dns/catz.h (+5/-8)
lib/dns/include/dns/clientinfo.h (+3/-3)
lib/dns/include/dns/db.h (+30/-20)
lib/dns/include/dns/dbiterator.h (+1/-1)
lib/dns/include/dns/diff.h (+2/-2)
lib/dns/include/dns/dispatch.h (+39/-52)
lib/dns/include/dns/dlz.h (+15/-15)
lib/dns/include/dns/dlz_dlopen.h (+1/-1)
lib/dns/include/dns/dns64.h (+2/-2)
lib/dns/include/dns/dnsrps.h (+2/-2)
lib/dns/include/dns/dnssec.h (+6/-3)
lib/dns/include/dns/dyndb.h (+6/-6)
lib/dns/include/dns/forward.h (+5/-3)
lib/dns/include/dns/geoip.h (+2/-2)
lib/dns/include/dns/ipkeylist.h (+5/-6)
lib/dns/include/dns/iptable.h (+1/-1)
lib/dns/include/dns/kasp.h (+13/-13)
lib/dns/include/dns/keytable.h (+6/-2)
lib/dns/include/dns/librpz.h (+50/-50)
lib/dns/include/dns/log.h (+1/-1)
lib/dns/include/dns/lookup.h (+2/-2)
lib/dns/include/dns/masterdump.h (+5/-5)
lib/dns/include/dns/message.h (+13/-7)
lib/dns/include/dns/name.h (+3/-8)
lib/dns/include/dns/nsec.h (+6/-1)
lib/dns/include/dns/nsec3.h (+3/-3)
lib/dns/include/dns/nta.h (+2/-2)
lib/dns/include/dns/peer.h (+1/-19)
lib/dns/include/dns/rbt.h (+3/-3)
lib/dns/include/dns/rdata.h (+1/-1)
lib/dns/include/dns/rdatalist.h (+1/-1)
lib/dns/include/dns/rdataset.h (+16/-11)
lib/dns/include/dns/rdatasetiter.h (+5/-4)
lib/dns/include/dns/request.h (+9/-46)
lib/dns/include/dns/resolver.h (+9/-26)
lib/dns/include/dns/rpz.h (+18/-18)
lib/dns/include/dns/rriterator.h (+4/-4)
lib/dns/include/dns/rrl.h (+2/-2)
lib/dns/include/dns/sdb.h (+4/-4)
lib/dns/include/dns/sdlz.h (+4/-4)
lib/dns/include/dns/ssu.h (+1/-1)
lib/dns/include/dns/tkey.h (+4/-4)
lib/dns/include/dns/transport.h (+5/-4)
lib/dns/include/dns/tsig.h (+5/-5)
lib/dns/include/dns/types.h (+1/-0)
lib/dns/include/dns/validator.h (+11/-11)
lib/dns/include/dns/view.h (+73/-35)
lib/dns/include/dns/xfrin.h (+3/-4)
lib/dns/include/dns/zone.h (+23/-138)
lib/dns/include/dns/zt.h (+2/-1)
lib/dns/include/dst/dst.h (+57/-26)
lib/dns/ipkeylist.c (+0/-24)
lib/dns/journal.c (+26/-18)
lib/dns/kasp.c (+6/-24)
lib/dns/key.c (+4/-2)
lib/dns/keymgr.c (+63/-23)
lib/dns/keytable.c (+18/-5)
lib/dns/lookup.c (+1/-1)
lib/dns/master.c (+77/-52)
lib/dns/masterdump.c (+36/-28)
lib/dns/message.c (+74/-45)
lib/dns/name.c (+154/-185)
lib/dns/ncache.c (+6/-3)
lib/dns/nsec.c (+35/-5)
lib/dns/nsec3.c (+17/-9)
lib/dns/nta.c (+5/-2)
lib/dns/openssl_link.c (+10/-2)
lib/dns/openssldh_link.c (+94/-81)
lib/dns/opensslecdsa_link.c (+69/-120)
lib/dns/openssleddsa_link.c (+10/-5)
lib/dns/opensslrsa_link.c (+326/-103)
lib/dns/order.c (+3/-2)
lib/dns/peer.c (+10/-81)
lib/dns/private.c (+12/-6)
lib/dns/rbt.c (+38/-32)
lib/dns/rbtdb.c (+312/-288)
lib/dns/rcode.c (+2/-1)
lib/dns/rdata.c (+30/-22)
lib/dns/rdata/any_255/tsig_250.c (+15/-14)
lib/dns/rdata/ch_3/a_1.c (+13/-13)
lib/dns/rdata/generic/afsdb_18.c (+13/-13)
lib/dns/rdata/generic/amtrelay_260.c (+17/-18)
lib/dns/rdata/generic/avc_258.c (+13/-13)
lib/dns/rdata/generic/caa_257.c (+15/-14)
lib/dns/rdata/generic/cdnskey_60.c (+13/-13)
lib/dns/rdata/generic/cds_59.c (+13/-13)
lib/dns/rdata/generic/cert_37.c (+13/-13)
lib/dns/rdata/generic/cname_5.c (+13/-13)
lib/dns/rdata/generic/csync_62.c (+13/-13)
lib/dns/rdata/generic/dlv_32769.c (+13/-13)
lib/dns/rdata/generic/dname_39.c (+13/-13)
lib/dns/rdata/generic/dnskey_48.c (+13/-13)
lib/dns/rdata/generic/doa_259.c (+13/-13)
lib/dns/rdata/generic/ds_43.c (+18/-18)
lib/dns/rdata/generic/eui48_108.c (+13/-13)
lib/dns/rdata/generic/eui64_109.c (+13/-13)
lib/dns/rdata/generic/gpos_27.c (+15/-14)
lib/dns/rdata/generic/hinfo_13.c (+13/-13)
lib/dns/rdata/generic/hip_55.c (+16/-14)
lib/dns/rdata/generic/ipseckey_45.c (+13/-13)
lib/dns/rdata/generic/isdn_20.c (+15/-14)
lib/dns/rdata/generic/key_25.c (+22/-21)
lib/dns/rdata/generic/keydata_65533.c (+13/-13)
lib/dns/rdata/generic/l32_105.c (+13/-13)
lib/dns/rdata/generic/l64_106.c (+13/-13)
lib/dns/rdata/generic/loc_29.c (+32/-29)
lib/dns/rdata/generic/lp_107.c (+13/-13)
lib/dns/rdata/generic/mb_7.c (+13/-13)
lib/dns/rdata/generic/md_3.c (+13/-13)
lib/dns/rdata/generic/mf_4.c (+13/-13)
lib/dns/rdata/generic/mg_8.c (+13/-13)
lib/dns/rdata/generic/minfo_14.c (+13/-13)
lib/dns/rdata/generic/mr_9.c (+13/-13)
lib/dns/rdata/generic/mx_15.c (+13/-13)
lib/dns/rdata/generic/naptr_35.c (+14/-14)
lib/dns/rdata/generic/nid_104.c (+13/-13)
lib/dns/rdata/generic/ninfo_56.c (+13/-13)
lib/dns/rdata/generic/ns_2.c (+13/-13)
lib/dns/rdata/generic/nsec3_50.c (+13/-13)
lib/dns/rdata/generic/nsec3param_51.c (+13/-13)
lib/dns/rdata/generic/nsec_47.c (+13/-13)
lib/dns/rdata/generic/null_10.c (+13/-13)
lib/dns/rdata/generic/nxt_30.c (+13/-13)
lib/dns/rdata/generic/openpgpkey_61.c (+13/-13)
lib/dns/rdata/generic/opt_41.c (+14/-14)
lib/dns/rdata/generic/proforma.c (+13/-13)
lib/dns/rdata/generic/ptr_12.c (+13/-13)
lib/dns/rdata/generic/rkey_57.c (+13/-13)
lib/dns/rdata/generic/rp_17.c (+13/-13)
lib/dns/rdata/generic/rrsig_46.c (+14/-14)
lib/dns/rdata/generic/rt_21.c (+13/-13)
lib/dns/rdata/generic/sig_24.c (+14/-14)
lib/dns/rdata/generic/sink_40.c (+13/-13)
lib/dns/rdata/generic/smimea_53.c (+13/-13)
lib/dns/rdata/generic/soa_6.c (+13/-13)
lib/dns/rdata/generic/spf_99.c (+13/-13)
lib/dns/rdata/generic/sshfp_44.c (+13/-13)
lib/dns/rdata/generic/ta_32768.c (+13/-13)
lib/dns/rdata/generic/talink_58.c (+13/-13)
lib/dns/rdata/generic/tkey_249.c (+15/-14)
lib/dns/rdata/generic/tlsa_52.c (+19/-19)
lib/dns/rdata/generic/txt_16.c (+21/-20)
lib/dns/rdata/generic/uri_256.c (+13/-13)
lib/dns/rdata/generic/x25_19.c (+13/-13)
lib/dns/rdata/generic/zonemd_63.c (+13/-13)
lib/dns/rdata/hs_4/a_1.c (+13/-13)
lib/dns/rdata/in_1/a6_38.c (+13/-13)
lib/dns/rdata/in_1/a_1.c (+15/-14)
lib/dns/rdata/in_1/aaaa_28.c (+15/-14)
lib/dns/rdata/in_1/apl_42.c (+13/-13)
lib/dns/rdata/in_1/atma_34.c (+13/-13)
lib/dns/rdata/in_1/dhcid_49.c (+13/-13)
lib/dns/rdata/in_1/eid_31.c (+13/-13)
lib/dns/rdata/in_1/https_65.c (+13/-13)
lib/dns/rdata/in_1/kx_36.c (+13/-13)
lib/dns/rdata/in_1/nimloc_32.c (+13/-13)
lib/dns/rdata/in_1/nsap-ptr_23.c (+13/-13)
lib/dns/rdata/in_1/nsap_22.c (+13/-13)
lib/dns/rdata/in_1/px_26.c (+13/-13)
lib/dns/rdata/in_1/srv_33.c (+13/-13)
lib/dns/rdata/in_1/svcb_64.c (+82/-35)
lib/dns/rdata/in_1/wks_11.c (+13/-13)
lib/dns/rdatalist.c (+12/-6)
lib/dns/rdataset.c (+3/-2)
lib/dns/rdataslab.c (+4/-3)
lib/dns/request.c (+89/-95)
lib/dns/resolver.c (+588/-478)
lib/dns/rootns.c (+6/-4)
lib/dns/rpz.c (+36/-52)
lib/dns/rriterator.c (+2/-2)
lib/dns/rrl.c (+70/-51)
lib/dns/sdb.c (+11/-7)
lib/dns/sdlz.c (+15/-9)
lib/dns/soa.c (+2/-2)
lib/dns/ssu.c (+31/-19)
lib/dns/stats.c (+12/-7)
lib/dns/tkey.c (+17/-1)
lib/dns/transport.c (+12/-12)
lib/dns/tsec.c (+3/-6)
lib/dns/tsig.c (+30/-22)
lib/dns/update.c (+26/-25)
lib/dns/validator.c (+39/-25)
lib/dns/view.c (+107/-16)
lib/dns/xfrin.c (+248/-111)
lib/dns/zone.c (+885/-924)
lib/dns/zonekey.c (+2/-1)
lib/dns/zoneverify.c (+33/-57)
lib/dns/zt.c (+21/-13)
lib/irs/Makefile.am (+0/-4)
lib/irs/Makefile.in (+51/-159)
lib/isc/Makefile.am (+2/-8)
lib/isc/Makefile.in (+106/-225)
lib/isc/app.c (+25/-45)
lib/isc/assertions.c (+0/-2)
lib/isc/base32.c (+3/-3)
lib/isc/base64.c (+3/-3)
lib/isc/buffer.c (+0/-298)
lib/isc/condition.c (+1/-5)
lib/isc/entropy.c (+1/-1)
lib/isc/error.c (+15/-18)
lib/isc/file.c (+2/-1)
lib/isc/heap.c (+7/-12)
lib/isc/hex.c (+3/-3)
lib/isc/ht.c (+371/-140)
lib/isc/httpd.c (+477/-593)
lib/isc/include/isc/assertions.h (+6/-2)
lib/isc/include/isc/atomic.h (+6/-0)
lib/isc/include/isc/attributes.h (+5/-3)
lib/isc/include/isc/barrier.h (+1/-1)
lib/isc/include/isc/buffer.h (+547/-587)
lib/isc/include/isc/condition.h (+3/-8)
lib/isc/include/isc/dir.h (+1/-1)
lib/isc/include/isc/error.h (+7/-13)
lib/isc/include/isc/glob.h (+2/-2)
lib/isc/include/isc/heap.h (+2/-6)
lib/isc/include/isc/ht.h (+22/-15)
lib/isc/include/isc/httpd.h (+18/-17)
lib/isc/include/isc/lex.h (+1/-1)
lib/isc/include/isc/list.h (+37/-8)
lib/isc/include/isc/log.h (+2/-2)
lib/isc/include/isc/mutex.h (+10/-4)
lib/isc/include/isc/net.h (+0/-14)
lib/isc/include/isc/netmgr.h (+91/-6)
lib/isc/include/isc/quota.h (+1/-1)
lib/isc/include/isc/radix.h (+7/-7)
lib/isc/include/isc/refcount.h (+92/-0)
lib/isc/include/isc/region.h (+1/-1)
lib/isc/include/isc/result.h (+4/-1)
lib/isc/include/isc/stdatomic.h (+0/-2)
lib/isc/include/isc/string.h (+5/-0)
lib/isc/include/isc/symtab.h (+1/-1)
lib/isc/include/isc/task.h (+17/-48)
lib/isc/include/isc/thread.h (+2/-2)
lib/isc/include/isc/time.h (+9/-0)
lib/isc/include/isc/timer.h (+12/-24)
lib/isc/include/isc/tls.h (+308/-17)
lib/isc/include/isc/types.h (+6/-17)
lib/isc/include/isc/url.h (+1/-0)
lib/isc/include/isc/util.h (+57/-22)
lib/isc/interfaceiter.c (+2/-4)
lib/isc/iterated_hash.c (+86/-28)
lib/isc/jemalloc_shim.h (+8/-0)
lib/isc/lex.c (+41/-24)
lib/isc/log.c (+22/-13)
lib/isc/managers.c (+2/-14)
lib/isc/mem.c (+30/-28)
lib/isc/mutex.c (+4/-13)
lib/isc/net.c (+4/-366)
lib/isc/netaddr.c (+3/-3)
lib/isc/netmgr/http.c (+208/-64)
lib/isc/netmgr/netmgr-int.h (+235/-46)
lib/isc/netmgr/netmgr.c (+529/-241)
lib/isc/netmgr/tcp.c (+113/-122)
lib/isc/netmgr/tcpdns.c (+115/-104)
lib/isc/netmgr/timer.c (+3/-1)
lib/isc/netmgr/tlsdns.c (+358/-173)
lib/isc/netmgr/tlsstream.c (+360/-83)
lib/isc/netmgr/udp.c (+61/-78)
lib/isc/netmgr/uv-compat.h (+17/-0)
lib/isc/netmgr/uverr2result.c (+0/-1)
lib/isc/openssl_shim.c (+27/-0)
lib/isc/openssl_shim.h (+15/-0)
lib/isc/os.c (+1/-1)
lib/isc/picohttpparser.c (+727/-0)
lib/isc/picohttpparser.h (+100/-0)
lib/isc/portset.c (+3/-3)
lib/isc/quota.c (+4/-1)
lib/isc/radix.c (+4/-2)
lib/isc/random.c (+2/-2)
lib/isc/ratelimiter.c (+7/-2)
lib/isc/result.c (+6/-0)
lib/isc/rwlock.c (+12/-11)
lib/isc/siphash.c (+20/-16)
lib/isc/sockaddr.c (+6/-9)
lib/isc/stdtime.c (+3/-8)
lib/isc/string.c (+28/-0)
lib/isc/symtab.c (+1/-1)
lib/isc/task.c (+38/-41)
lib/isc/thread.c (+4/-12)
lib/isc/time.c (+35/-45)
lib/isc/timer.c (+83/-80)
lib/isc/tls.c (+601/-38)
lib/isc/tm.c (+2/-2)
lib/isc/trampoline.c (+42/-40)
lib/isc/url.c (+8/-8)
lib/isc/utf8.c (+2/-1)
lib/isccc/Makefile.am (+1/-0)
lib/isccc/Makefile.in (+14/-4)
lib/isccc/alist.c (+2/-1)
lib/isccc/cc.c (+4/-2)
lib/isccc/include/isccc/cc.h (+11/-8)
lib/isccc/include/isccc/ccmsg.h (+2/-2)
lib/isccc/include/isccc/sexpr.h (+1/-1)
lib/isccc/include/isccc/symtab.h (+3/-3)
lib/isccc/sexpr.c (+1/-2)
lib/isccc/symtab.c (+10/-6)
lib/isccfg/Makefile.am (+2/-4)
lib/isccfg/Makefile.in (+67/-162)
lib/isccfg/aclconf.c (+25/-15)
lib/isccfg/duration.c (+239/-0)
lib/isccfg/include/isccfg/cfg.h (+4/-18)
lib/isccfg/include/isccfg/duration.h (+87/-0)
lib/isccfg/include/isccfg/grammar.h (+18/-41)
lib/isccfg/include/isccfg/kaspconf.h (+8/-9)
lib/isccfg/kaspconf.c (+234/-48)
lib/isccfg/namedconf.c (+68/-67)
lib/isccfg/parser.c (+58/-219)
lib/ns/Makefile.am (+1/-5)
lib/ns/Makefile.in (+47/-155)
lib/ns/client.c (+81/-92)
lib/ns/hooks.c (+2/-1)
lib/ns/include/ns/client.h (+19/-19)
lib/ns/include/ns/hooks.h (+2/-2)
lib/ns/include/ns/interfacemgr.h (+5/-5)
lib/ns/include/ns/listenlist.h (+13/-14)
lib/ns/include/ns/log.h (+1/-1)
lib/ns/include/ns/query.h (+24/-23)
lib/ns/include/ns/server.h (+16/-4)
lib/ns/include/ns/sortlist.h (+4/-4)
lib/ns/include/ns/stats.h (+3/-1)
lib/ns/interfacemgr.c (+247/-234)
lib/ns/listenlist.c (+94/-25)
lib/ns/query.c (+401/-209)
lib/ns/server.c (+15/-0)
lib/ns/sortlist.c (+61/-45)
lib/ns/update.c (+371/-311)
lib/ns/xfrout.c (+9/-8)
m4/ax_check_link_flag.m4 (+55/-0)
m4/ax_prog_cc_for_build.m4 (+157/-0)
srcid (+1/-1)
tests/Makefile.am (+16/-0)
tests/Makefile.in (+808/-0)
tests/dns/Krsa.+008+29238.key (+1/-1)
tests/dns/Makefile.am (+16/-9)
tests/dns/Makefile.in (+178/-177)
tests/dns/acl_test.c (+12/-52)
tests/dns/db_test.c (+26/-83)
tests/dns/dbdiff_test.c (+19/-61)
tests/dns/dbiterator_test.c (+41/-96)
tests/dns/dbversion_test.c (+33/-72)
tests/dns/dh_test.c (+94/-0)
tests/dns/dispatch_test.c (+34/-87)
tests/dns/dns64_test.c (+7/-24)
tests/dns/dnstap_test.c (+49/-94)
tests/dns/dst_test.c (+40/-61)
tests/dns/geoip_test.c (+27/-59)
tests/dns/keytable_test.c (+68/-99)
tests/dns/master_test.c (+67/-138)
tests/dns/name_test.c (+37/-102)
tests/dns/nsec3_test.c (+13/-55)
tests/dns/nsec3param_test.c (+11/-50)
tests/dns/private_test.c (+20/-42)
tests/dns/rbt_test.c (+57/-146)
tests/dns/rbtdb_test.c (+15/-49)
tests/dns/rdata_test.c (+90/-222)
tests/dns/rdataset_test.c (+107/-0)
tests/dns/rdatasetstats_test.c (+9/-56)
tests/dns/resolver_test.c (+21/-51)
tests/dns/rsa_test.c (+36/-48)
tests/dns/sigs_test.c (+36/-52)
tests/dns/testdata/dbiterator/zone1.data (+30/-0)
tests/dns/testdata/dnstap/response.auth (+19/-0)
tests/dns/testdata/dnstap/response.recursive (+19/-0)
tests/dns/testdata/dst/Ktest.+008+11349.private (+13/-0)
tests/dns/testdata/master/master10.data (+7/-0)
tests/dns/testdata/master/master14.data.in (+1/-0)
tests/dns/testdata/master/master18.data.in (+2/-2)
tests/dns/testdata/master/master6.data (+33/-0)
tests/dns/testdata/master/master7.data (+17/-0)
tests/dns/testdata/master/master8.data (+4/-0)
tests/dns/testdata/master/master9.data (+4/-0)
tests/dns/testdata/nsec3/1024.db (+16/-0)
tests/dns/testdata/nsec3/2048.db (+16/-0)
tests/dns/testdata/nsec3/4096.db (+16/-0)
tests/dns/testdata/nsec3/min-1024.db (+20/-0)
tests/dns/testdata/nsec3/min-2048.db (+18/-0)
tests/dns/testdata/nsec3param/nsec3.db.signed (+73/-0)
tests/dns/testdata/zt/zone1.db (+22/-0)
tests/dns/testkeys/Kexample.+008+20386.key (+5/-0)
tests/dns/testkeys/Kexample.+008+20386.private (+13/-0)
tests/dns/testkeys/Kexample.+008+37464.key (+5/-0)
tests/dns/testkeys/Kexample.+008+37464.private (+13/-0)
tests/dns/time_test.c (+169/-0)
tests/dns/tsig_test.c (+49/-77)
tests/dns/update_test.c (+38/-87)
tests/dns/zonemgr_test.c (+21/-63)
tests/dns/zt_test.c (+32/-57)
tests/include/tests/dns.h (+10/-22)
tests/include/tests/isc.h (+119/-0)
tests/include/tests/ns.h (+132/-0)
tests/irs/Makefile.am (+16/-0)
tests/irs/Makefile.in (+24/-16)
tests/irs/resconf_test.c (+181/-0)
tests/irs/testdata/domain.conf (+12/-0)
tests/irs/testdata/nameserver-v4.conf (+12/-0)
tests/irs/testdata/nameserver-v6-scoped.conf (+12/-0)
tests/irs/testdata/nameserver-v6.conf (+12/-0)
tests/irs/testdata/options-attempts.conf (+12/-0)
tests/irs/testdata/options-bad-ndots.conf (+13/-0)
tests/irs/testdata/options-debug.conf (+12/-0)
tests/irs/testdata/options-empty.conf (+13/-0)
tests/irs/testdata/options-ndots.conf (+12/-0)
tests/irs/testdata/options-timeout.conf (+12/-0)
tests/irs/testdata/options-unknown.conf (+12/-0)
tests/irs/testdata/options.conf (+12/-0)
tests/irs/testdata/port.conf (+12/-0)
tests/irs/testdata/resolv.conf (+19/-0)
tests/irs/testdata/search.conf (+12/-0)
tests/irs/testdata/sortlist-v4.conf (+12/-0)
tests/irs/testdata/timeout.conf (+12/-0)
tests/irs/testdata/unknown.conf (+12/-0)
tests/isc/Makefile.am (+115/-0)
tests/isc/Makefile.in (+166/-157)
tests/isc/aes_test.c (+12/-29)
tests/isc/buffer_test.c (+16/-60)
tests/isc/counter_test.c (+67/-0)
tests/isc/crc64_test.c (+83/-0)
tests/isc/doh_test.c (+337/-426)
tests/isc/errno_test.c (+108/-0)
tests/isc/file_test.c (+140/-0)
tests/isc/hash_test.c (+96/-0)
tests/isc/heap_test.c (+78/-0)
tests/isc/hmac_test.c (+40/-72)
tests/isc/ht_test.c (+20/-59)
tests/isc/lex_test.c (+19/-97)
tests/isc/md_test.c (+43/-76)
tests/isc/mem_test.c (+55/-115)
tests/isc/netaddr_test.c (+144/-0)
tests/isc/netmgr_test.c (+292/-493)
tests/isc/parse_test.c (+56/-0)
tests/isc/pool_test.c (+152/-0)
tests/isc/quota_test.c (+22/-40)
tests/isc/radix_test.c (+85/-0)
tests/isc/random_test.c (+54/-160)
tests/isc/regex_test.c (+7/-47)
tests/isc/result_test.c (+63/-0)
tests/isc/safe_test.c (+91/-0)
tests/isc/siphash_test.c (+169/-0)
tests/isc/sockaddr_test.c (+148/-0)
tests/isc/stats_test.c (+103/-0)
tests/isc/symtab_test.c (+134/-0)
tests/isc/task_test.c (+74/-187)
tests/isc/taskpool_test.c (+163/-0)
tests/isc/testdata/file/keep (+0/-0)
tests/isc/time_test.c (+43/-56)
tests/isc/timer_test.c (+38/-69)
tests/isc/uv_wrap.h (+18/-20)
tests/isccfg/Makefile.am (+20/-0)
tests/isccfg/Makefile.in (+28/-18)
tests/isccfg/duration_test.c (+244/-0)
tests/isccfg/parser_test.c (+229/-0)
tests/libtest/Makefile.am (+25/-0)
tests/libtest/Makefile.in (+1156/-0)
tests/libtest/dns.c (+44/-175)
tests/libtest/isc.c (+87/-0)
tests/libtest/ns.c (+78/-392)
tests/ns/Makefile.am (+25/-0)
tests/ns/Makefile.in (+64/-79)
tests/ns/listenlist_test.c (+119/-0)
tests/ns/notify_test.c (+141/-0)
tests/ns/plugin_test.c (+165/-0)
tests/ns/query_test.c (+30/-65)
tests/ns/testdata/notify/notify1.msg (+3/-0)
tests/ns/testdata/notify/zone1.db (+26/-0)
tests/ns/testdata/query/foo.db (+20/-0)
tests/unit-test-driver.sh.in (+60/-0)

CVE References

Revision history for this message
Lucas Kanashiro (lucaskanashiro) wrote (last edit ):

Thanks for taking the time to file this bug and trying to make Ubuntu better.

I did try to run the same command you did in a clean Jammy lxd container and it just hangs:

root@bind9-test:~# dig google.com +nssearch
SOA ns1.google.com. dns-admin.google.com. 444516783 900 900 1800 60 from server 2001:4860:4802:34::a in 72 ms.
SOA ns1.google.com. dns-admin.google.com. 444516783 900 900 1800 60 from server 2001:4860:4802:32::a in 76 ms.
SOA ns1.google.com. dns-admin.google.com. 444516783 900 900 1800 60 from server 216.239.32.10 in 80 ms.
SOA ns1.google.com. dns-admin.google.com. 444516783 900 900 1800 60 from server 216.239.34.10 in 80 ms.
SOA ns1.google.com. dns-admin.google.com. 444217784 900 900 1800 60 from server 216.239.36.10 in 140 ms.
SOA ns1.google.com. dns-admin.google.com. 444217784 900 900 1800 60 from server 216.239.38.10 in 140 ms.
SOA ns1.google.com. dns-admin.google.com. 444217784 900 900 1800 60 from server 2001:4860:4802:36::a in 144 ms.
SOA ns1.google.com. dns-admin.google.com. 444217784 900 900 1800 60 from server 2001:4860:4802:38::a in 144 ms.

The command stays running forever. I was not able to get the core dump you got but seems that something undesired is happening.

Changed in bind9 (Ubuntu):
status: New → Triaged
Sergio Durigan Junior (sergiodj)
Changed in bind9 (Ubuntu Jammy):
status: New → Triaged
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thanks for the bug report, Fedon.

I have tried reproducing the crash using the steps provided by you (inside a Jammy amd64 container), but I got the same results as Lucas: "dig google.com +nssearch" would hang there indefinitely, but won't crash.

I was able to make it crash when I appended "+tcp" to the command:

# dig google.com +nssearch +tcp
dighost.c:1683: INSIST(query->readhandle == ((void *)0)) failed, back trace
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1-Ubuntu.so(+0x32083)[0x7f193d786083]
/lib/x86_64-linux-gnu/libisc-9.18.1-1ubuntu1-Ubuntu.so(isc_assertion_failed+0x10)[0x7f193d785570]
...

but the assertion that's been triggered is different than the one you're seeing.

Unfortunately there are several problems with dig on bind9 9.18.1, so it's hard to determine if these two errors are the same. I'd like to ask for your help in testing a possible fix for this problem. If I prepare a PPA with a candidate fix, would you be able to give it a try and let me know the results?

Thanks in advance.

tags: added: server-todo
Changed in bind9 (Ubuntu Jammy):
assignee: nobody → Sergio Durigan Junior (sergiodj)
Changed in bind9 (Ubuntu Kinetic):
assignee: nobody → Sergio Durigan Junior (sergiodj)
Revision history for this message
Fedon Kadifeli (fedkad) wrote (last edit ):

I have a Google Cloud instance (x86_64), a local VirtualBox virtual desktop instance (x86_64), and an Oracle Cloud (aarch64) instance, as I mentioned above. I haven't upgraded my physical notebook yet.

I can test your PPA on any or all of these virtual machines. Just give me the instructions. Thanks.

Note: The hang may be related to IPv6 connectivity, since in my test servers only the Oracle Cloud (aarch64) instance has IPv6 (global) address. Just a thought though. :)

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote : Re: [Bug 1970252] Re: The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04

On Wednesday, April 27 2022, Fedon Kadifeli wrote:

> I have a Google Cloud instance (x86_64), a local VirtualBox virtual
> desktop instance (x86_64), and an Oracle Cloud (aarch64) instance, as I
> mentioned above. I haven't upgraded my physical notebook yet.
>
> I can test your PPA on any or all of these virtual machines. Just give
> me the instructions. Thanks.

Thank you, Fedon.

You can find the PPA here:

https://launchpad.net/~sergiodj/+archive/ubuntu/bind9-lp1970252

You just have to add it to the system, run apt-get update and then
upgrade the packages.

> Note: The hang may be related to IPv6 connectivity, since in my test
> servers only the Oracle Cloud (aarch64) instance has IPv6 (global)
> address. Just a thought though. :)

Yes, unfortunately bind9 9.18.1 has several problems with dig/host and
upstream is still addressing everything. For example, the build you
will find in the PPA above contains patches to fix the problem you've
reported, but you can still make dig crash if you something like:

  $ dig google.com +nssearch +tcp

I'm following upstream's progress closely, but I'm afraid it will take a
little bit of time until we can solve everything.

Thanks,

--
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0 EB2F 106D A1C8 C3CB BF14

Changed in bind9 (Ubuntu Jammy):
importance: Undecided → High
Changed in bind9 (Ubuntu Kinetic):
importance: Undecided → High
Revision history for this message
Fedon Kadifeli (fedkad) wrote (last edit ):
Download full text (10.7 KiB)

I tested your PPA Sergio today in one of my virtual systems (x86_64 with no IPv6 connectivity). Previously the commands were giving incomplete results or were crashing.

Now, *they consistently output NOTHING*:

$ dig google.com +nssearch

$ host -C google.com

$ dig -d google.com +nssearch
setup_libs()
setup_system()
create_search_list()
ndots is 1.
timeout is 0.
retries is 3.
get_server_list()
make_server(127.0.0.53)
dig_query_setup
parse_args()
making new lookup
make_empty_lookup()
make_empty_lookup() = 0x564a58fce100->references = 1
digrc (open)
main parsing -d
main parsing google.com
clone_lookup()
make_empty_lookup()
make_empty_lookup() = 0x564a58fcf560->references = 1
clone_server_list()
looking up google.com
main parsing +nssearch
dig_startup()
lock_lookup dighost.c:4324
success
start_lookup()
setup_lookup(0x564a58fcf560)
resetting lookup counter.
cloning server list
clone_server_list()
make_server(127.0.0.53)
idn_textname: google.com
using root origin
recursive query
AD query
add_question()
starting to render the message
add_opt()
done rendering
create query 0x7f8030016870 linked to lookup 0x564a58fcf560
dighost.c:2106:lookup_attach(0x564a58fcf560) = 2
dighost.c:2610:new_query(0x7f8030016870) = 1
do_lookup()
start_udp(0x7f8030016870)
dighost.c:2982:query_attach(0x7f8030016870) = 2
working on lookup 0x564a58fcf560, query 0x7f8030016870
dighost.c:3027:query_attach(0x7f8030016870) = 3
unlock_lookup dighost.c:4326
dighost.c:2944:query_attach(0x7f8030016870) = 4
recving with lookup=0x564a58fcf560, query=0x7f8030016870, handle=(nil)
recvcount=1
have local timeout of 5000
dighost.c:2888:query_attach(0x7f8030016870) = 5
sending a request
sendcount=1
dighost.c:1700:query_detach(0x7f8030016870) = 4
dighost.c:2964:query_detach(0x7f8030016870) = 3
send_done(0x7f803003a180, success, 0x7f8030016870)
sendcount=0
lock_lookup dighost.c:2638
success
dighost.c:2642:lookup_attach(0x564a58fcf560) = 3
dighost.c:2680:query_detach(0x7f8030016870) = 2
dighost.c:2681:lookup_detach(0x564a58fcf560) = 2
check_if_done()
list empty
unlock_lookup dighost.c:2684
recv_done(0x7f803003a180, success, 0x7f8036c6c880, 0x7f8030016870)
lock_lookup dighost.c:3631
success
recvcount=0
dighost.c:3636:lookup_attach(0x564a58fcf560) = 3
before parse starts
after parse
in NSSEARCH code
following up google.com
found NS set
found NS ns2.google.com
requeue_lookup()
clone_lookup()
make_empty_lookup()
make_empty_lookup() = 0x7f803003d250->references = 1
before insertion, init@0x564a58fcf560 -> 0xffffffffffffffff, new@0x7f803003d250 -> 0xffffffffffffffff
after insertion, init -> 0x564a58fcf560, new = 0x7f803003d250, new -> (nil)
dighost.c:1887:_cancel_lookup()
canceling pending query 0x7f8030016870, belonging to 0x564a58fcf560
dighost.c:2707:query_detach(0x7f8030016870) = 1
check_if_done()
list full
pending lookup 0x7f803003d250
adding server ns2.google.com
make_server(216.239.34.10)
make_server(2001:4860:4802:34::a)
found NS set
found NS ns4.google.com
adding server ns4.google.com
make_server(216.239.38.10)
make_server(2001:4860:4802:38::a)
found NS set
found NS ns3.google.com
adding server ns3.google.com
make_server(216.239.36.10)
make_server(2001:4860:4802:36::a)
found NS set
found NS...

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Hi,

Sorry about the absence, but I haven't forgotten about this bug. I'm following upstream's issues and they have been fixing (albeit a bit slowly) the bugs that are affecting dig.

Because we're talking about multiple bugs and several patches here, my plan is to actually do an MRE (microrelease update) of bind9 in Jammy, which should be easier than performing a massive SRU.

I will keep an eye on the progress being made by upstream and will update this bug when there's any significant development.

On a side note, I would like to strongly encourage anyone who is experience these dig bugs to comment on upstream's issues and let them know that you are affected. This will certainly help them prioritize things.

Thanks.

Revision history for this message
Fedon Kadifeli (fedkad) wrote (last edit ):

Now that I have more 22.04 installations, I can say with 99% confidence that:

* the machines having IPv6 connectivity display their output, but after that they hang (always).
* the machines that don't have IPv6 connectivity either display incomplete (or empty) output or crash at the end.

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote (last edit ):

Thank you, Fedon. I am keeping track of the current upstream bugs related to "dig", but please feel free to also comment there and let upstream know that this is affecting you.

Sergio Durigan Junior (sergiodj)
tags: removed: server-todo
Revision history for this message
Fedon Kadifeli (fedkad) wrote :

Still the same at version "9.18.4-2ubuntu2-Ubuntu". :(

Revision history for this message
Rolf Leggewie (r0lf) wrote :

@Sergio, where are we supposed to comment upstream? It does not seem they have a public issue tracker. What's the best place?

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Hi,

We're working on merging bind9 9.18.10 in Lunar and, as far as I have checked, this bug is fixed there. This means that upstream has fixed the problem in the meantime, so now we have to work on identifying the proper patches and backport them to Jammy/Kinetic.

I'm adding a server-todo tag here in order to raise the priority of this bug for the Server team. On top of that, and perhaps even more importantly, Lena has been working on obtaining an MRE for bind9 on Jammy, which would effectively solve this bug without the need to backport anything. But that's still WIP and I don't know when (or if) we'll succeed.

I'm a bit swamped this week and will be on PTO next week, but I'll try to squeeze this bug in my TODO list and get it moving until Friday.

Thanks.

tags: added: server-todo
Revision history for this message
Lena Voytek (lvoytek) wrote :

Assigning myself to the development release while doing the mre for lunar

Changed in bind9 (Ubuntu):
assignee: Sergio Durigan Junior (sergiodj) → Lena Voytek (lvoytek)
Christian Ehrhardt  (paelzer)
Changed in bind9 (Ubuntu Jammy):
assignee: Sergio Durigan Junior (sergiodj) → Lena Voytek (lvoytek)
Changed in bind9 (Ubuntu Kinetic):
assignee: Sergio Durigan Junior (sergiodj) → Lena Voytek (lvoytek)
Revision history for this message
Lena Voytek (lvoytek) wrote :

Lunar has been updated to 9.18.10, fixing the core dump and incomplete information issues. I'm working on the MRE for Jammy and Kinetic to get them to the same place to match this behavior.

Changed in bind9 (Ubuntu):
status: Triaged → Fix Released
Changed in bind9 (Ubuntu Jammy):
status: Triaged → In Progress
Changed in bind9 (Ubuntu Kinetic):
status: Triaged → In Progress
Revision history for this message
Fedon Kadifeli (fedkad) wrote :

Thanks for the effort! Any potential release date of 9.18.10 on Kinetic or Jammy?

Revision history for this message
Lena Voytek (lvoytek) wrote :

The release for Kinetic and Jammy should happen relatively soon. It may take some time to review the many changes to make sure all is good to go though. Updates on this process will show up on LP: #2003586

Lena Voytek (lvoytek)
description: updated
Lena Voytek (lvoytek)
description: updated
Revision history for this message
Steve Langasek (vorlon) wrote : Please test proposed package

Hello Fedon, or anyone else affected,

Accepted bind9 into kinetic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/bind9/1:9.18.12-0ubuntu0.22.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-kinetic to verification-done-kinetic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-kinetic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in bind9 (Ubuntu Kinetic):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-kinetic
Revision history for this message
Steve Langasek (vorlon) wrote :

Hello Fedon, or anyone else affected,

Accepted bind9 into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/bind9/1:9.18.12-0ubuntu0.22.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in bind9 (Ubuntu Jammy):
status: In Progress → Fix Committed
tags: added: verification-needed-jammy
Revision history for this message
Ubuntu SRU Bot (ubuntu-sru-bot) wrote : Autopkgtest regression report (bind9/1:9.18.12-0ubuntu0.22.10.1)

All autopkgtests for the newly accepted bind9 (1:9.18.12-0ubuntu0.22.10.1) for kinetic have finished running.
The following regressions have been reported in tests triggered by the package:

testssl.sh/3.0.7+dfsg-1 (arm64)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/kinetic/update_excuses.html#bind9

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message
Simon Déziel (sdeziel) wrote :

I verified the -proposed package on a arm64 VM running Jammy. Before the update, `dig +nssearch google.com` would hang but after updating to -proposed:

# apt-get install bind9-dnsutils
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  bind9-host bind9-libs
The following packages will be upgraded:
  bind9-dnsutils bind9-host bind9-libs
3 upgraded, 0 newly installed, 0 to remove and 27 not upgraded.
Need to get 1409 kB of archives.
After this operation, 151 kB of additional disk space will be used.
Do you want to continue? [Y/n]
Get:1 http://ca-montreal-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports jammy-proposed/main arm64 bind9-host arm64 1:9.18.12-0ubuntu0.22.04.1 [51.9 kB]
Get:2 http://ca-montreal-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports jammy-proposed/main arm64 bind9-dnsutils arm64 1:9.18.12-0ubuntu0.22.04.1 [158 kB]
Get:3 http://ca-montreal-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports jammy-proposed/main arm64 bind9-libs arm64 1:9.18.12-0ubuntu0.22.04.1 [1199 kB]
Fetched 1409 kB in 1s (1687 kB/s)
(Reading database ... 34244 files and directories currently installed.)
Preparing to unpack .../bind9-host_1%3a9.18.12-0ubuntu0.22.04.1_arm64.deb ...
Unpacking bind9-host (1:9.18.12-0ubuntu0.22.04.1) over (1:9.18.1-1ubuntu1.3) ...
Preparing to unpack .../bind9-dnsutils_1%3a9.18.12-0ubuntu0.22.04.1_arm64.deb ...
Unpacking bind9-dnsutils (1:9.18.12-0ubuntu0.22.04.1) over (1:9.18.1-1ubuntu1.3) ...
Preparing to unpack .../bind9-libs_1%3a9.18.12-0ubuntu0.22.04.1_arm64.deb ...
Unpacking bind9-libs:arm64 (1:9.18.12-0ubuntu0.22.04.1) over (1:9.18.1-1ubuntu1.3) ...
Setting up bind9-libs:arm64 (1:9.18.12-0ubuntu0.22.04.1) ...
Setting up bind9-host (1:9.18.12-0ubuntu0.22.04.1) ...
Setting up bind9-dnsutils (1:9.18.12-0ubuntu0.22.04.1) ...
Processing triggers for man-db (2.10.2-1) ...
Processing triggers for libc-bin (2.35-0ubuntu3.1) ...

It now works fine:

$ dig +nssearch google.com
SOA ns1.google.com. dns-admin.google.com. 517756399 900 900 1800 60 from server 2001:4860:4802:32::a in 16 ms.
SOA ns1.google.com. dns-admin.google.com. 517756399 900 900 1800 60 from server 2001:4860:4802:38::a in 12 ms.
SOA ns1.google.com. dns-admin.google.com. 517756399 900 900 1800 60 from server 216.239.38.10 in 12 ms.
SOA ns1.google.com. dns-admin.google.com. 517756399 900 900 1800 60 from server 216.239.32.10 in 12 ms.
SOA ns1.google.com. dns-admin.google.com. 517756399 900 900 1800 60 from server 216.239.36.10 in 24 ms.
SOA ns1.google.com. dns-admin.google.com. 517756399 900 900 1800 60 from server 2001:4860:4802:34::a in 20 ms.
SOA ns1.google.com. dns-admin.google.com. 517756399 900 900 1800 60 from server 216.239.34.10 in 20 ms.
SOA ns1.google.com. dns-admin.google.com. 517756399 900 900 1800 60 from server 2001:4860:4802:36::a in 20 ms.

$ echo $?
0

tags: added: verification-done-jammy
removed: verification-needed-jammy
Revision history for this message
Lena Voytek (lvoytek) wrote :

Verified for Kinetic:

# lxc launch images:ubuntu/{kinetic, jammy} test-bind9
# lxc exec test-bind9

# cat <<EOF >/etc/apt/sources.list.d/ubuntu-$(lsb_release -cs)-proposed.list
# Enable Ubuntu proposed archive
deb http://archive.ubuntu.com/ubuntu/ $(lsb_release -cs)-proposed restricted main multiverse universe
EOF

# apt update && apt dist-upgrade -y
# apt install dnsutils -y
# dig +nssearch isc.org

SOA ns-int.isc.org. hostmaster.isc.org. 2023031585 7200 3600 24796800 3600 from server 149.20.1.73 in 31 ms.
SOA ns-int.isc.org. hostmaster.isc.org. 2023031585 7200 3600 24796800 3600 from server 199.254.63.254 in 131 ms.
SOA ns-int.isc.org. hostmaster.isc.org. 2023031585 7200 3600 24796800 3600 from server 199.6.1.52 in 167 ms.
SOA ns-int.isc.org. hostmaster.isc.org. 2023031585 7200 3600 24796800 3600 from server 51.75.79.143 in 191 ms.
;; communications error to 2001:41d0:701:1100::2c92#53: timed out
;; communications error to 2001:500:60:d::52#53: timed out
;; communications error to 2001:500:2c::254#53: timed out
;; communications error to 2001:4f8:1:f::73#53: timed out

Dig does not crash - good to go

tags: added: verification-done verification-done-kinetic
removed: verification-needed verification-needed-kinetic
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.3 KiB)

This bug was fixed in the package bind9 - 1:9.18.12-0ubuntu0.22.04.1

---------------
bind9 (1:9.18.12-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream releases 9.18.2 - 9.18.12 (LP: #2003586)
    - Updates:
      + update-quota option
      + named -V shows supported cryptographic algorithms
      + Catalog Zones schema version 2 support in named
      + DNS error support Stale Answer and Stale NXDOMAIN Answer
      + Remote TLS certificate verification support
      + reusereport option
    - Bug Fixes Include:
      + Fix crash when using dig with +nssearch and +tcp (LP: #1258003)
      + Fix incomplete results using dig with +nssearch (LP: #1970252)
      + Fix loading of preinstalled plugins (LP: #2006972)
      + CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080,
        CVE-2022-38178, CVE-2022-3094, CVE-2022-3736, CVE-2022-3924,
        CVE-2022-1183
      + Fix thread safety in dns_dispatch
      + Fix ADB quota management in resolver
      + Fix Prohibited DNS error on allow-recursion
      + Fix crash when restarting server with active statschannel connection
      + Fix use after free for catalog zone processing
      + Fix leak of dns_keyfileio_t objects
      + Fix nslookup failure to use port option when record type ANY is used
      + Fix crash on dnssec-policy zone with NSEC3 and inline-signing turned on
      + Fix inheritance when setting remote server port
      + Fix assertion error when accessing statistics channel
      + Fix rndc dumpdb -expired for stuck cache
      + Fix check for other name servers after receiving FORMERR
      + Fix deletion of CDS after zone sign
      + Fix dighost query context management
      + Fix dig hanging due to IPv4 mapped IPv6 address
      + See https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-bind-9-18-12
        for additional bug fixes and information
  * Improve dep-8 test suite (LP: #2003584):
    - d/t/zonetest: Add dep8 test for checking the domain zone creation process
    - d/t/control: Add new test outline
  * d/bind9-doc.docs: Stop installing removed file doc/misc/options.active
  * Remove patches for bugs LP #1964400 and LP #1964686 fixed upstream:
    - lp1964400-lp1964686-Fix-an-issue-in-dig-when-retrying-with-the-next-serv
    - lp1964400-lp1964686-When-resending-a-UDP-request-insert-the-query-to-the
    - lp1964400-lp1964686-Add-digdelv-system-test-to-check-timed-out-result-fo
    - lp1964400-lp1964686-After-dig-request-errors-try-to-use-other-servers-wh
    - lp1964400-lp1964686-Add-digdelv-system-test-to-check-that-dig-tries-othe
    - lp1964400-lp1964686-Fix-dig-error-when-trying-the-next-server-after-a-TC
    - lp1964400-lp1964686-Add-various-dig-host-tests-for-TCP-UDP-socket-error-
  * Remove CVE patches fixed upstream:
    - debian/patches/CVE-2022-1183.patch
      [Included in upstream release 9.18.3]
    - debian/patches/CVE-2022-2795.patch
    - debian/patches/CVE-2022-2881.patch
    - debian/patches/CVE-2022-2906.patch
    - debian/patches/CVE-2022-3080.patch
    - debian/patches/CVE-2022-38178.patch
      [Included in upstream release 9.18.7]
    - debian/patches/CVE-2022-3094.patch
    - debian/patches/CVE-2022-3736.patch
    -...

Read more...

Changed in bind9 (Ubuntu Jammy):
status: Fix Committed → Fix Released
Revision history for this message
Chris Halse Rogers (raof) wrote : Update Released

The verification of the Stable Release Update for bind9 has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package bind9 - 1:9.18.12-0ubuntu0.22.10.1

---------------
bind9 (1:9.18.12-0ubuntu0.22.10.1) kinetic; urgency=medium

  * New upstream releases 9.18.5 - 9.18.12 (LP: #2003586)
    - Updates:
      + update-quota option
      + named -V shows supported cryptographic algorithms
    - Bug Fixes Include:
      + Fix crash when using dig with +nssearch and +tcp (LP: #1258003)
      + Fix incomplete results using dig with +nssearch (LP: #1970252)
      + CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080,
        CVE-2022-38178, CVE-2022-3094, CVE-2022-3736, CVE-2022-3924
      + Fix thread safety in dns_dispatch
      + Fix ADB quota management in resolver
      + Fix Prohibited DNS error on allow-recursion
      + Fix crash when restarting server with active statschannel connection
      + Fix use after free for catalog zone processing
      + Fix leak of dns_keyfileio_t objects
      + Fix nslookup failure to use port option when record type ANY is used
      + Fix crash on dnssec-policy zone with NSEC3 and inline-signing turned on
      + Fix inheritance when setting remote server port
      + Fix assertion error when accessing statistics channel
      + Fix rndc dumpdb -expired for stuck cache
      + Fix check for other name servers after receiving FORMERR
      + See https://bind9.readthedocs.io/en/v9_18_12/notes.html#notes-for-bind-9-18-12
        for additional bug fixes and information
  * Improve dep-8 test suite (LP: #2003584):
    - d/t/zonetest: Add dep8 test for checking the domain zone creation process
    - d/t/control: Add new test outline
  * d/bind9-doc.docs: Stop installing removed file doc/misc/options.active
  * d/p/0001-Disable-treat-warnings-as-errors-in-sphinx-build.patch: refresh to
    apply with version 9.18.8
  * Remove CVE patches fixed upstream:
    - debian/patches/CVE-2022-2795.patch
    - debian/patches/CVE-2022-2881.patch
    - debian/patches/CVE-2022-2906.patch
    - debian/patches/CVE-2022-3080.patch
    - debian/patches/CVE-2022-38178.patch
      [Included in upstream release 9.18.7]
    - debian/patches/CVE-2022-3094.patch
    - debian/patches/CVE-2022-3736.patch
    - debian/patches/CVE-2022-3924.patch
      [Included in upstream release 9.18.11]

 -- Lena Voytek <email address hidden> Wed, 08 Mar 2023 08:49:53 -0700

Changed in bind9 (Ubuntu Kinetic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.