We use "monotonic" time-stamps for the dead_since field;
that breaks on system reboots, in which case we reset the stats.
(if the server was categorized as dead)

If the server times out afterwards, we'd fail the condition
`cur_state.consecutive_timeouts == old_state.consecutive_timeouts`
so its stats would not update.  Therefore we'd get stuck forever
in a state where the unusable server has high priority (no_rtt_info).

This commit changes a bit more than was necessary to fix this,
including precision of the stats (in some cases).

The approach was dubious: random shuffle, qsort() and choose the first.
The main functional problem was that qsort() isn't a stable sort,
so the effect of pre-shuffling is not reliable, even though I don't have
any evidence of this causing issues in practice.

The new code should also be a bit more efficient in terms of CPU and
consumed randomness, but that probably won't be noticeable.
The arrays passed into select_transport() are now const (no sorting),
which could make the code easier to "understand".

ci: remove experimental arm builds

See merge request !1270

These are running on a hardware setup which is hard to maintain. In the
near future, ARM64 should be covered by a dedicated runner.

pgp: remove tkrizek, add amrazek

See merge request !1268

distro/tests: use rocky8 instead of centos8

See merge request !1267

cache nit: reduce cache.max_ttl limit a bit

See merge request !1265

The new limit is over 68 years, so still completely meaningless.

Oto Šťáva authored 3 years ago and Vladimír Čunát committed 3 years ago

Targeted CIDs: 155456, 155962, 346121, 346123, 346124, 346125,
  346126, 346127, 346130, 346131, 346132, 346134, 346135, 346138,
  346140, 346145, 346146, 346149, 346152, 346154, 346156, 346157

lib/dnssec/nsec3.c change:
  apparently cleaning fallout from my (= vcunat's) commit b5cf6132

The main thing is the "failed to open socket" message.
But let's also elevate other fatal one-off logs to ERROR level.

Usually in configuration the module is loaded in a separate command
from passing configuration to it.  For dnstap this loading would
immediately lead to opening the default socket path, even if the
configuration actually specifies (a different) path later.

Users can still force using the default by passing an empty table:
`dnstap.config({})` or `modules = { dnstap = {}}`
(though I doubt the utility of the default /tmp/dnstap.sock anyway)

Implements #432

Implements #450

daemon/tls: fix TLS client resumption

Closes #542

See merge request !1261

Fixes #303

We're a bit late with this ad-hoc rule; I think it was most useful
when SHA256 support in DS algorithms wasn't wide-spread yet.
(Note that DNSKEY algos have standardized no similar rule.)

Usage of SHA1 as DS algorithm is highly discouraged, but even at this
point it does *not* seem unsafe, in the sense of anyone publishing an
attack that would come anywhere close to breaking *this* usage of SHA1.