--- 9.9.2-P1 released ---
3407. [security] Named could die on specific queries with dns64 enabled.
[Addressed in change #3388 for BIND 9.8.5 and 9.9.3.]
--- 9.9.2 released ---
3383. [security] A certain combination of records in the RBT could
cause named to hang while populating the additional
section of a response. [RT #31090]
3373. [bug] win32: open raw files in binary mode. [RT #30944]
3364. [security] Named could die on specially crafted record.
[RT #30416]
--- 9.9.2rc1 released ---
3370. [bug] Address use after free while shutting down. [RT #30241]
3369. [bug] nsupdate terminated unexpectedly in interactive mode
if built with readline support. [RT #29550]
3368. [bug] <dns/iptable.h>, <dns/private.h> and <dns/zone.h>
were not C++ safe.
3367. [bug] dns_dnsseckey_create() result was not being checked.
[RT #30685]
3366. [bug] Fixed Read-After-Write dependency violation for IA64
atomic operations. [RT #25181]
3365. [bug] Removed spurious newlines from log messages in
zone.c [RT #30675]
3363. [bug] Need to allow "forward" and "fowarders" options
in static-stub zones; this had been overlooked.
[RT #30482]
3362. [bug] Setting some option values to 0 in named.conf
could trigger an assertion failure on startup.
[RT #27730]
3361. [bug] "rndc signing -nsec3param" didn't work correctly
when salt was set to '-' (no salt). [RT #30099]
3360. [bug] 'host -w' could die. [RT #18723]
3359. [bug] An improperly-formed TSIG secret could cause a
memory leak. [RT #30607]
3357. [port] Add support for libxml2-2.8.x [RT #30440]
3356. [bug] Cap the TTL of signed RRsets when RRSIGs are
approaching their expiry, so they don't remain
in caches after expiry. [RT #26429]
3355. [port] Use more portable awk in verify system test.
3354. [func] Improve OpenSSL error logging. [RT #29932]
--- 9.9.2b1 released ---
3353. [bug] Use a single task for task exclusive operations.
[RT #29872]
3352. [bug] Ensure that learned server attributes timeout of the
adb cache. [RT #29856]
3351. [bug] isc_mem_put and isc_mem_putanddetach didn't report
caller if either ISC_MEM_DEBUGSIZE or ISC_MEM_DEBUGCTX
memory debugging flags are set. [RT #30243]
3350. [bug] Memory read overrun in isc___mem_reallocate if
ISC_MEM_DEBUGCTX memory debugging flag is set.
[RT #30240]
3349. [bug] Change #3345 was incomplete. [RT #30233]
3348. [bug] Prevent RRSIG data from being cached if a negative
record matching the covering type exists at a higher
trust level. Such data already can't be retrieved from
the cache since change 3218 -- this prevents it
being inserted into the cache as well. [RT #26809]
3347. [bug] dnssec-settime: Issue a warning when writing a new
private key file would cause a change in the
permissions of the existing file. [RT #27724]
3346. [security] Bad-cache data could be used before it was
initialized, causing an assert. [RT #30025]
3345. [bug] Addressed race condition when removing the last item
or inserting the first item in an ISC_QUEUE.
[RT #29539]
3344. [func] New "dnssec-checkds" command checks a zone to
determine which DS records should be published
in the parent zone, or which DLV records should be
published in a DLV zone, and queries the DNS to
ensure that it exists. (Note: This tool depends
on python; it will not be built or installed on
systems that do not have a python interpreter.)
[RT #28099]
3342. [bug] Change #3314 broke saving of stub zones to disk
resulting in excessive cpu usage in some cases.
[RT #29952]
3341. [func] New "dnssec-verify" command checks a signed zone
to ensure correctness of signatures and of NSEC/NSEC3
chains. [RT #23673]
3339. [func] Allow the maximum supported rsa exponent size to be
specified: "max-rsa-exponent-size <value>;" [RT #29228]
3338. [bug] Address race condition in units tests: asyncload_zone
and asyncload_zt. [RT #26100]
3337. [bug] Change #3294 broke support for the multiple keys
in controls. [RT #29694]
3335. [func] nslookup: return a nonzero exit code when unable
to get an answer. [RT #29492]
3334. [bug] Hold a zone table reference while performing a
asyncronous load of a zone. [RT #28326]
3333. [bug] Setting resolver-query-timeout too low can cause
named to not recover if it loses connectivity.
[RT #29623]
3332. [bug] Re-use cached DS rrsets if possible. [RT #29446]
3331. [security] dns_rdataslab_fromrdataset could produce bad
rdataslabs. [RT #29644]
3330. [func] Fix missing signatures on NOERROR results despite
RPZ rewriting. Also
- add optional "recursive-only yes|no" to the
response-policy statement
- add optional "max-policy-ttl" to the response-policy
statement to limit the false data that
"recursive-only no" can introduce into
resolvers' caches
- add a RPZ performance test to bin/tests/system/rpz
when queryperf is available.
- the encoding of PASSTHRU action to "rpz-passthru".
(The old encoding is still accepted.)
[RT #26172]
3329. [bug] Handle RRSIG signer-name case consistently: We
generate RRSIG records with the signer-name in
lower case. We accept them with any case, but if
they fail to validate, we try again in lower case.
[RT #27451]
3328. [bug] Fixed inconsistent data checking in dst_parse.c.
[RT #29401]
3317. [func] Add ECDSA support (RFC 6605). [RT #21918]
the TOOLDIR version of libnbcompat, associated include files,
and associated defs.mk file, instead of the version from the
.OBJDIR of src/tools/compat. This should fix PR 47188.
ppc64 toolchain where function names are prefixed with a period, so "data"
becomes ".data" and ".data" is confused by the assembler with the segment
directive with the same name. Clearly this is a toolchain issue; we should
be able to call functions "text" and "data" but it is simpler to fix the
code rather than the toolchain.
Elftosb is used to create a digitaly signed "secure boot" file.
This sb file can be booted by the first stage boot loader found in
Freescale i.MX23 and i.MX28 application processors.
Copyright (c) 2004-2010 Freescale Semiconductor, Inc.
The function uses a static variable (stringpool_contents)
and this is not allowed in an inline function with external linkage.
Found by clang -Wstatic-in-inline.
below.
OK'ed by board@ some time ago.
This version of the firmware allows the gpu/arm memory split to be
configured in config.txt using the gpu_mem= option.
Copyright (c) 2006, Broadcom Corporation.
All rights reserved.
Redistribution. Redistribution and use in binary form, without
modification, are permitted provided that the following conditions are
met:
* This software may only be used for the purposes of developing for,
running or using a Raspberry Pi device.
* Redistributions must reproduce the above copyright notice and the
following disclaimer in the documentation and/or other materials
provided with the distribution.
* Neither the name of Broadcom Corporation nor the names of its suppliers
may be used to endorse or promote products derived from this software
without specific prior written permission.
DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.
Solaris returns EEXIST, whereas we want to return ENOTEMPTY (POSIX
allows both), but this got included in an unrelated commit and should
be separated into a common commit for other related error code fixes.
zfs_access uses secpolicy_vnode_access, so it makes no sense for the
latter to call VOP_ACCESS!
Everything seems to return EACCES instead of EPERM, probably because
that's what kauth returns. This should be fixed, but that may
require some nontrivial surgery to zfs's calls to secpolicy_*, which
is where kauth gets involved.
This commit imports some code from illumos to implement the routine
secpolicy_vnode_setattr. This shouldn't be outside dist/, but for
now it is expedient to do so. We ought to fix that, along with all
the other CDDL code outside dist/, when we next import a newer
version of zfs.
Don't try to zget the parent, whose znode id may have been recycled
by now.
It's not clear to me how Solaris avoids this, but maybe I'm just
missing something obvious.
- Restore some zfs locking and unlocking that got lost randomly.
- Enable use of the BSD vnode lock. Lock order: all BSD vnode locks
are taken before all zfs internal locks. There remains an issue with
O_EXCL, to be solved later (famous last words). KASSERT the locking
scheme up the wazoo.
- Take our cruft out of zfs_lookup and move it to zfs_netbsd_lookup.
Restore much of the way zfs_lookup looked to make merging future
versions easier. Disable use of the namecache for now because its
locking dance is too scary to contemplate.
- Implement BSD semantics for rename, to appease our tests. This is
a provisional kludge; eventually we need VOP_RENAME to take a flag
specifying whether to use BSD semantics or POSIX semantics.
- Simplify zfs_netbsd_reclaim and make it work. Now that getnewvnode
never tries to vclean anything itself, we need not worry about
recursion of ZFS_OBJ_MUTEX locks.
- Clarify and fix genfs node initialization and destruction.
zfs passes most of our atf vfs tests now, including the rename races.
Still to do:
- fix the impedance mismatch between our permissions model and zfs's;
- fix O_EXCL (nontrivial);
- throw dirconc at it and see how badly it explodes;
- find why zpool sometimes wedges itself during mkfs; and
- find why pool caches sometimes seem to get corrupted.
Avoid cv_broadcast(&cv); cv_destroy(&cv); which works in Solaris only
by abuse of the condvar abstraction.
There are parts of this code that should be factored into smaller
subroutines, mainly range lock allocation and initialization, but
that would make it harder to merge newer versions of zfs, so for now
I've just expanded those parts further in-line.
Solaris relies on cv_broadcast(&cv); cv_destroy(&cv) working, but
that hoses our cv_wait, which needs to continue using cv after it is
woken. Solaris's idiom is an abuse of the condvar abstraction, but
we can get the same effect with reference counting.