Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jun 13 21:46
    GitLab | David Vasek pushed 1 commits to Knot DNS
  • Jun 13 21:25
    GitLab | David Vasek pushed 2 commits to Knot DNS
  • Jun 11 20:23
    GitLab | David Vasek pushed 10 commits to Knot DNS
  • Jun 11 20:05
    GitLab | Libor Peltan pushed 2 commits to Knot DNS
  • Jun 11 19:41
    GitLab | David Vasek pushed 10 commits to Knot DNS
  • Jun 11 14:52
    GitLab | Libor Peltan pushed 1 commits to Knot DNS
  • Jun 11 09:37
    GitLab | Daniel Salzman pushed to Knot DNS
  • Jun 11 09:37
    GitLab | Daniel Salzman pushed 4 commits to Knot DNS
  • Jun 11 04:24
    Matthieu Guegan commented on issue #743 Wrong detection of online CPUs on OpenBSD in Knot DNS
  • Jun 10 18:40
    GitLab | David Vasek pushed 48 commits to Knot DNS
  • Jun 10 18:20
    GitLab | David Vasek pushed 2 commits to Knot DNS
  • Jun 10 15:39
    Libor Peltan opened merge request #1308 dnssec: implemented unsafe policy in Knot DNS
  • Jun 10 15:39
    GitLab | Libor Peltan pushed 1 commits to Knot DNS
  • Jun 10 14:59
    GitLab | Daniel Salzman pushed 8 commits to Knot DNS
  • Jun 10 13:24
    Daniel Salzman commented on issue #742 Knot 3.0.6 stops generating PKCS#11 keys with "key generation error" in Knot DNS
  • Jun 10 13:15
    JP Mens commented on issue #742 Knot 3.0.6 stops generating PKCS#11 keys with "key generation error" in Knot DNS
  • Jun 10 11:09
    GitLab | Daniel Salzman pushed to Knot DNS
  • Jun 10 11:09
    GitLab | Daniel Salzman pushed 1 commits to Knot DNS
  • Jun 10 11:09
    David Vasek closed issue #743 Wrong detection of online CPUs on OpenBSD in Knot DNS
  • Jun 10 11:05
    GitLab | David Vasek pushed 1 commits to Knot DNS
bleve
@bleve
Hmh. got everything apply cleanly by removing tests
libor-peltan-cznic
@libor-peltan-cznic
good luck
bleve
@bleve
Thx. I'm working with Paul, we try to move from opendnssec to knot.
I suggested moving old keys to knot and after moving to knot doing algoritm rollover but he wanted to do it while doing algoritm rollover :)
Matthieu Guegan
@mguegan
Hello, I'm using knot 3.0.6 with OpenBSD and when adding a listen: 0.0.0.0 directive, knotd exits with the following msg : assertion "0" failed: file "knot/server/udp-handler.c", line 555, function "udp_master" Abort trap
Daniel Salzman
@salzmdan
Hello, it's nice to see a Knot user on OpenBSD :-) We will investigate.
Matthieu Guegan
@mguegan
looking into the code, I can confirm that XDP is disabled. But it seems that OpenBSD is entering inside XDP code parts.
for example, at line 474 (udp-handler.c), xdp_thread is true
Daniel Salzman
@salzmdan
Do you compile Knot by yourself or is it from a port?
Matthieu Guegan
@mguegan
a quick workaround for me is to change the return value at line 467 to 0 forcing the result of is_xdp_thread
it is by tweaking the port
Daniel Salzman
@salzmdan
And OBSD version?
Matthieu Guegan
@mguegan
6.9
I can confirm the behavior with knot 3.0.5 (release version) and 3.0.6 (current version)
(and I'm in contact with the obsd port maintainer)
Daniel Salzman
@salzmdan
Could you test adding --enable-xdp=no to CONFIGURE_ARGS in the Makefile
Matthieu Guegan
@mguegan
sure
building right now with the release port
``` Knot DNS 3.0.5 Target: openbsd6.9 x86_64 little-endian
Compiler: cc
CFLAGS: -O2 -pipe -g -Wall -Wshadow -Werror=format-security -Werror=implicit -Werror=attributes -Wstrict-prototypes -I/usr/local/include LIBS: -L/usr/local/lib -g LibURCU: -L/usr/local/lib -lurcu -I/usr/local/include
GnuTLS: -L/usr/local/lib -lgnutls -I/usr/local/include -I/usr/local/include/p11-kit-1
Libedit: -ledit -lcurses
LMDB: -llmdb
Config: 500 MiB default mapsize
Prefix:      /usr/local
Run dir:     /var/run/knot
Storage dir: /var/db/knot
Config dir:  /etc/knot
Module dir:  

Static modules: cookies dnsproxy geoip noudp onlinesign queryacl rrl stats synthrecord whoami 
Shared modules: 

Knot DNS libraries:     yes
Knot DNS daemon:        yes
Knot DNS utilities:     yes
Knot DNS documentation: yes

Use recvmmsg:           no
Use SO_REUSEPORT(_LB):  no
XDP support:            no
Memory allocator:       auto
Fast zone parser:       yes
Utilities with IDN:     libidn2
Utilities with DoH:     libnghttp2
Utilities with Dnstap:  no
MaxMind DB support:     no
Systemd integration:    no
POSIX capabilities:     no
PKCS #11 support:       yes
Ed25519 support:        yes
Ed448 support:          yes
Reproducible signing:   yes
Code coverage:          no
Sanitizer:              no
LibFuzzer:              no
OSS-Fuzz:               no```
Matthieu Guegan
@mguegan
still assertion "0" failed: file "knot/server/udp-handler.c", line 555, function "udp_master" Abort trap
Daniel Salzman
@salzmdan
Okay, thanks for the test!
Matthieu Guegan
@mguegan
:+1:
Daniel Salzman
@salzmdan
If you set an address different from 0.0.0.0, does it work?
Matthieu Guegan
@mguegan
no
it works when I don't set the listen directive
Daniel Salzman
@salzmdan
Hm, it's a serious problem :-/
Matthieu Guegan
@mguegan
(but it won't listen...)
I wonder if it impacts no-XDP OSes too
Matthieu Guegan
@mguegan
FYI, here is the patch I use on v3.0.6 for 'fixing' the problem : 
--- src/knot/server/udp-handler.c.orig
+++ src/knot/server/udp-handler.c
@@ -464,7 +464,8 @@ static bool is_xdp_thread(const iface_t *iface_zero, i
        if (is_xdp_iface(iface_zero)) { // Only XDP interfaces.
                return (thread_id >= iface_zero->xdp_first_thread_id);
        } else {
-               return (thread_id >= iface_zero->fd_udp_count + iface_zero->fd_tcp_count);
+               //return (thread_id >= iface_zero->fd_udp_count + iface_zero->fd_tcp_count);
+               return 0;
        }
 }
Daniel Salzman
@salzmdan
:-) I'm just building Knot in testing environment
Daniel Salzman
@salzmdan
Strange
2021-06-09T11:44:00+0200 info: Knot DNS 3.0.6.1623229606.b64595f80 starting
2021-06-09T11:44:00+0200 info: loaded configuration file '/home/dsalzman/test/knot.conf'
2021-06-09T11:44:00+0200 info: binding to interface 0.0.0.0@53
2021-06-09T11:44:00+0200 info: loading 0 zones
2021-06-09T11:44:00+0200 warning: no zones loaded
2021-06-09T11:44:00+0200 info: starting server
2021-06-09T11:44:00+0200 info: server started in the foreground, PID 12161
2021-06-09T11:44:00+0200 info: control, binding to '/tmp/knot.sock'
It doesn't crash in my case (asserts not disabled)
Matthieu Guegan
@mguegan
OpenBSD 6.9 ?
Daniel Salzman
@salzmdan
Yes, Target: openbsd6.9 x86_64 little-endian
Matthieu Guegan
@mguegan
can you try the official package ? 
2021-06-09T11:49:11+0200 info: Knot DNS 3.0.5 starting
2021-06-09T11:49:11+0200 info: loaded configuration file '/etc/knot/knot.conf'
2021-06-09T11:49:11+0200 info: binding to interface 0.0.0.0@53
2021-06-09T11:49:11+0200 info: changing GID to 751
2021-06-09T11:49:11+0200 info: changing UID to 751
2021-06-09T11:49:11+0200 info: loading 2 zones
[...]
2021-06-09T11:49:11+0200 info: server started in the foreground, PID 65459
assertion "0" failed: file "knot/server/udp-handler.c", line 555, function "udp_master"
Abort trap
Daniel Salzman
@salzmdan
Ok, I will try :-)
Daniel Salzman
@salzmdan

pkg_add knot

2021-06-09T12:59:48+0200 info: Knot DNS 3.0.5 starting
2021-06-09T12:59:48+0200 info: loaded configuration file 'knot.conf'
2021-06-09T12:59:48+0200 info: binding to interface 0.0.0.0@53
2021-06-09T12:59:48+0200 info: changing GID to 1003
2021-06-09T12:59:48+0200 info: changing UID to 1003
2021-06-09T12:59:48+0200 info: loading 1 zones
2021-06-09T12:59:48+0200 info: [example.com.] zone will be loaded
2021-06-09T12:59:48+0200 info: starting server
2021-06-09T12:59:48+0200 info: [example.com.] zone file parsed, serial 2010111213
2021-06-09T12:59:48+0200 info: [example.com.] loaded, serial none -> 2010111213, 438 bytes
2021-06-09T12:59:48+0200 info: server started in the foreground, PID 80744
2021-06-09T12:59:49+0200 info: control, binding to '/tmp/knot.sock'

:-D

Matthieu Guegan
@mguegan
:thought_balloon:
I just did a fresh install, on OpenBSD-current with the latest snapshot (3.0.6), after adding listen: 0.0.0.0@53 on the default configuration -> crash
environment: Thinkpad X1 C6, and VM (full virt)
Daniel Salzman
@salzmdan
Do you have any special configuration of the server section (e.g. workers)?
Matthieu Guegan
@mguegan
not on my latest test (default config provided by the package)
but on VM trials, yes, I have workers 
server:
    listen: 0.0.0.0
    background-workers: 2
    rundir: "/var/run/knot"
    tcp-workers: 4
    udp-workers: 4
    user: _knot:_knot

for the package config here is the patch:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/knot/patches/patch-samples_knot_sample_conf_in.diff?r1=1.3&r2=1.4

(I wonder why the listen directive has been commented)
Daniel Salzman
@salzmdan
It's intentional. E.g. on Debian, the service is started automatically upon installation. And sometimes it caused problem with this default.
Matthieu Guegan
@mguegan
thanks @salzmdan @dvasek : I've tested commits 3f19f25b6ef726226bc71dde463bf0d8ffc856a8 and d9d46287024b17fa73f8ca031d33a9ad35878637
it works as expected on OpenBSD 6.9