BIND 10 #775: b10-auth should not exit if it cannot bind to ports

BIND 10 Development do-not-reply at isc.org
Thu Apr 14 09:38:23 UTC 2011 

#775: b10-auth should not exit if it cannot bind to ports
-------------------------------------+-------------------------------------
                 Reporter:  shane    |                Owner:  hanfeng
                     Type:  defect   |               Status:  reviewing
                 Priority:           |            Milestone:
  critical                           |  Sprint-20110419
                Component:           |           Resolution:
  b10-auth                           |            Sensitive:  0
                 Keywords:           |  Add Hours to Ticket:  0
Estimated Number of Hours:  0.0      |          Total Hours:  0
                Billable?:  1        |
                Internal?:  0        |
-------------------------------------+-------------------------------------
Changes (by vorner):

 * owner:  vorner => hanfeng


Comment:

 Hello

 Actually, I don't like this at all. The function is called in two
 situations:
  * At startup, when the server needs to bind to the ports the first time.
 This is the place which the bug talks about, because if this fails, the
 function throws, and as it is not caught, the server exits just when it
 starts. That would be mostly OK, because it can't work anyway. But
 currently our config system depends on the component running to ask it if
 the new config is good, which it can't, so it can't set a better config.
  * When the setting is changed at runtime. This is the place where current
 behaviour is actually needed (ok, the abort part is questionable, but IMO
 it's better, because it will reject the new config by not answering, it
 will timeout and the server will restart with the config it was able to
 work before). If you remove the throw there, it will fail to assign new
 addresses, restore the original ones. But it will not send error to the
 config manager, so user will think the config is OK (the error will appear
 only in the log, not at his screen with bindctl). Furthermore, cfgmrg will
 also think the config is OK, so it will write it to disk and present the
 config to the server next time it starts. At that time it will be even
 worse, because it will not have any addresses to roll back to, so the
 server becomes unusable at some unknown future time when the admin
 probably isn't near and looking at it.

 So, in short, the throw must stay there. In case of the first startup, if
 it throws, we might want to catch it and not exit the whole program, at
 last as a short-time workaround, before we make it possible to configure
 things even when they are not running.

 Furthermore, please notice that you modify behaviour of resolver as well,
 this part of code is shared with it.

 And, anyway, the tests fail:

 {{{
 [ RUN      ] AuthConfigTest.listenAddressConfig
 Unable to set new address: Failed to initialize network servers: Cannot
 assign requested address
 ../../../../src/lib/testutils/portconfig.h:109: Failure
 Value of: result->equals(*isc::config::createAnswer())
   Actual: true
   Expected: false
 [  FAILED  ] AuthConfigTest.listenAddressConfig (2 ms)
 }}}

 With regards

-- 
Ticket URL: <http://bind10.isc.org/ticket/775#comment:8>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list