Merge tag 'v9.18.31' into bind-9.18

2024-10-16 17:54:38 +02:00
parent 8ce45e2a72 6298f90b85
commit 55c09a4d95
5 changed files with 206 additions and 0 deletions
--- a/doc/arm/changelog.rst
+++ b/doc/arm/changelog.rst
@@ -18,6 +18,8 @@ Changelog
   development. Regular users should refer to :ref:`Release Notes <relnotes>`
   for changes relevant to them.

+.. include:: ../changelog/changelog-9.18.31-S1.rst
+.. include:: ../changelog/changelog-9.18.31.rst
 .. include:: ../changelog/changelog-9.18.30-S1.rst
 .. include:: ../changelog/changelog-9.18.30.rst
 .. include:: ../changelog/changelog-9.18.29-S1.rst
--- a/doc/arm/notes.rst
+++ b/doc/arm/notes.rst
@@ -37,6 +37,7 @@ https://www.isc.org/download/. There you will find additional
 information about each release, and source code.

 .. include:: ../notes/notes-known-issues.rst
+.. include:: ../notes/notes-9.18.31.rst
 .. include:: ../notes/notes-9.18.30.rst
 .. include:: ../notes/notes-9.18.29.rst
 .. include:: ../notes/notes-9.18.28.rst
--- a/doc/changelog/changelog-9.18.31-S1.rst
+++ b/doc/changelog/changelog-9.18.31-S1.rst
@@ -0,0 +1,11 @@
+.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+..
+.. SPDX-License-Identifier: MPL-2.0
+..
+.. This Source Code Form is subject to the terms of the Mozilla Public
+.. License, v. 2.0.  If a copy of the MPL was not distributed with this
+.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
+..
+.. See the COPYRIGHT file distributed with this work for additional
+.. information regarding copyright ownership.
+
--- a/doc/changelog/changelog-9.18.31.rst
+++ b/doc/changelog/changelog-9.18.31.rst
@@ -0,0 +1,114 @@
+.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+..
+.. SPDX-License-Identifier: MPL-2.0
+..
+.. This Source Code Form is subject to the terms of the Mozilla Public
+.. License, v. 2.0.  If a copy of the MPL was not distributed with this
+.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
+..
+.. See the COPYRIGHT file distributed with this work for additional
+.. information regarding copyright ownership.
+
+BIND 9.18.31
+------------
+
+New Features
+~~~~~~~~~~~~
+
+- Added WALLET type. ``65d9f28b32d``
+
+  Add the new record type WALLET (262).  This provides a mapping from a
+  domain name to a cryptographic currency wallet.  Multiple mappings can
+  exist if multiple records exist. :gl:`#4947` :gl:`!9555`
+
+Feature Changes
+~~~~~~~~~~~~~~~
+
+- Allow IXFR-to-AXFR fallback on DNS_R_TOOMANYRECORDS. ``1d6465ff169``
+
+  This change allows fallback from an IXFR failure to AXFR when the
+  reason is `DNS_R_TOOMANYRECORDS`. This is because this error condition
+  could be temporary only in an intermediate version of IXFR
+  transactions and it's possible that the latest version of the zone
+  doesn't have that condition. In such a case, the secondary would never
+  be able to update the zone (even if it could) without this fallback.
+
+  This fallback behavior is particularly useful with the recently
+  introduced `max-records-per-type` and `max-types-per-name` options:
+  the primary may not have these limitations and may temporarily
+  introduce "too many" records, breaking IXFR. If the primary side
+  subsequently deletes these records, this fallback will help recover
+  the zone transfer failure automatically; without it, the secondary
+  side would first need to increase the limit, which requires more
+  operational overhead and has its own adverse effect. :gl:`#4928`
+  :gl:`!9472`
+
+- Remove statslock from dnssec-signzone. ``5c51e044c42``
+
+  Silence Coverity CID 468757 and 468767 (DATA RACE read not locked) by
+  converting dnssec-signzone to use atomics for statistics counters
+  rather than using a lock. :gl:`#4939` :gl:`!9501`
+
+- Use release memory ordering when incrementing reference counter.
+  ``b2bbceecfe8``
+
+  As the relaxed memory ordering doesn't ensure any memory
+  synchronization, it is possible that the increment will succeed even
+  in the case when it should not - there is a race between
+  atomic_fetch_sub(..., acq_rel) and atomic_fetch_add(..., relaxed).
+  Only the result is consistent, but the previous value for both calls
+  could be same when both calls are executed at the same time.
+  :gl:`!9568`
+
+Bug Fixes
+~~~~~~~~~
+
+- Fix a statistics channel counter bug when 'forward only' zones are
+  used. ``5a6c5218ad1``
+
+  When resolving a zone with a 'forward only' policy, and finding out
+  that all the forwarders are marked as "bad", the 'ServerQuota' counter
+  of the statistics channel was incorrectly increased. This has been
+  fixed. :gl:`#1793` :gl:`!9503`
+
+- Fix a bug in the static-stub implementation. ``1e5bc23921e``
+
+  Static-stub addresses and addresses from other sources were being
+  mixed together, resulting in static-stub queries going to addresses
+  not specified in the configuration, or alternatively, static-stub
+  addresses being used instead of the correct server addresses.
+  :gl:`#4850` :gl:`!9572`
+
+- Don't allow statistics-channel if libxml2 and libjson-c are
+  unsupported. ``e8c2c9c9dca``
+
+  When the libxml2 and libjson-c libraries are not supported, the
+  statistics channel can't return anything useful, so it is now
+  disabled. Use of `statistics-channel` in `named.conf` is a fatal
+  error. :gl:`#4895` :gl:`!9487`
+
+- Limit the outgoing UDP send queue size. ``6c1fc4ae544``
+
+  If the operating system UDP queue gets full and the outgoing UDP
+  sending starts to be delayed, BIND 9 could exhibit memory spikes as it
+  tries to enqueue all the outgoing UDP messages.  Try a bit harder to
+  deliver the outgoing UDP messages synchronously and if that fails,
+  drop the outgoing DNS message that would get queued up and then
+  timeout on the client side. :gl:`#4930` :gl:`!9512`
+
+- Do not set SO_INCOMING_CPU. ``694cb11a173``
+
+  We currently set SO_INCOMING_CPU incorrectly, and testing by Ondrej
+  shows that fixing the issue by setting affinities is worse than
+  letting the kernel schedule threads without constraints. So we should
+  not set SO_INCOMING_CPU anymore. :gl:`#4936` :gl:`!9505`
+
+- Don't enable REUSEADDR on outgoing UDP sockets. ``b902a4e214a``
+
+  The outgoing UDP sockets enabled `SO_REUSEADDR` that allows sharing of
+  the UDP sockets, but with one big caveat - the socket that was opened
+  the last would get all traffic.  The dispatch code would ignore the
+  invalid responses in the dns_dispatch, but this could lead to
+  unexpected results. :gl:`!9584`
+
+
--- a/doc/notes/notes-9.18.31.rst
+++ b/doc/notes/notes-9.18.31.rst
@@ -0,0 +1,78 @@
+.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+..
+.. SPDX-License-Identifier: MPL-2.0
+..
+.. This Source Code Form is subject to the terms of the Mozilla Public
+.. License, v. 2.0.  If a copy of the MPL was not distributed with this
+.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
+..
+.. See the COPYRIGHT file distributed with this work for additional
+.. information regarding copyright ownership.
+
+Notes for BIND 9.18.31
+----------------------
+
+New Features
+~~~~~~~~~~~~
+
+- Added WALLET type.
+
+  Add the new record type WALLET (262).  This provides a mapping from a
+  domain name to a cryptographic currency wallet.  Multiple mappings can
+  exist if multiple records exist. :gl:`#4947`
+
+Feature Changes
+~~~~~~~~~~~~~~~
+
+- Allow IXFR-to-AXFR fallback on ``DNS_R_TOOMANYRECORDS``.
+
+  This change allows fallback from an IXFR failure to AXFR when the
+  reason is ``DNS_R_TOOMANYRECORDS``. :gl:`#4928`
+
+Bug Fixes
+~~~~~~~~~
+
+- Fix a statistics channel counter bug when "forward only" zones are
+  used.
+
+  When resolving a zone with a "forward only" policy, and finding out
+  that all the forwarders were marked as "bad", the "ServerQuota"
+  counter of the statistics channel was incorrectly increased. This has
+  been fixed. :gl:`#1793`
+
+- Fix a bug in the static-stub implementation.
+
+  Static-stub addresses and addresses from other sources were being
+  mixed together, resulting in static-stub queries going to addresses
+  not specified in the configuration, or alternatively, static-stub
+  addresses being used instead of the correct server addresses.
+  :gl:`#4850`
+
+- Don't allow :any:`statistics-channels` if libxml2 and libjson-c are
+  not configured.
+
+  When BIND 9 is not configured with the libxml2 and libjson-c
+  libraries, the use of the :any:`statistics-channels` option is a fatal
+  error.  :gl:`#4895`
+
+- Limit the outgoing UDP send queue size.
+
+  If the operating system UDP queue got full and the outgoing UDP
+  sending started to be delayed, BIND 9 could exhibit memory spikes as
+  it tried to enqueue all the outgoing UDP messages. It now tries to
+  deliver the outgoing UDP messages synchronously; if that fails, it
+  drops the outgoing DNS message that would get queued up and then
+  timeout on the client side. :gl:`#4930`
+
+- Do not set ``SO_INCOMING_CPU``.
+
+  Remove the ``SO_INCOMING_CPU`` setting as kernel scheduling performs
+  better without constraints. :gl:`#4936`
+
+
+Known Issues
+~~~~~~~~~~~~
+
+- There are no new known issues with this release. See :ref:`above
+  <relnotes_known_issues>` for a list of all known issues affecting this
+  BIND 9 branch.