Merge branch 'v9_17_14-release' into 'main'

Merge 9.17.14 release branch

See merge request isc-projects/bind9!5186

CHANGES

@@ -14,54 +14,62 @@
 			for KASP zones on restart.
 			[GL #2725]
 
-5652.	[bug]		Copy and paste error caused the socket option to
-			be enabled instead of disabled. [GL #2746]
+	--- 9.17.14 released ---
 
-5651.	[func]		Refactor zone dumping to be processed asynchronously
-			via the uv_work_t thread pool API. [GL #2732]
+5652.	[bug]		A copy-and-paste error in change 5584 caused the
+			IP_DONTFRAG socket option to be enabled instead of
+			disabled. This has been fixed. [GL #2746]
 
-5650.	[bug]		Prevent a crash that could occur if serve-stale
-			was enabled and a prefetch was triggered during a
-			query restart. [GL #2733]
+5651.	[func]		Refactor zone dumping to be processed asynchronously via
+			the uv_work_t thread pool API. [GL #2732]
 
-5649.	[bug]		If a query was answered with stale data on a server
-			with DNS64 enabled, an assertion could occur if a
-			non-stale answer arrived afterward. [GL #2731]
+5650.	[bug]		Prevent a crash that could occur if serve-stale was
+			enabled and a prefetch was triggered during a query
+			restart. [GL #2733]
 
-5648.	[bug]		The calculation of the estimated IXFR transaction
-			size by dns_journal_iter_init() was invalid. [GL #2685]
+5649.	[bug]		If a query was answered with stale data on a server with
+			DNS64 enabled, an assertion could occur if a non-stale
+			answer arrived afterward. [GL #2731]
 
-5647.	[func]		The interfacemgr has been refactored to use fewer
-			clientmgr objects, which in turn use fewer memory
-			contexts and tasks.  This should result in less
+5648.	[bug]		The calculation of the estimated IXFR transaction size
+			in dns_journal_iter_init() was invalid. [GL #2685]
+
+5647.	[func]		The interface manager has been refactored to use fewer
+			client manager objects, which in turn use fewer memory
+			contexts and tasks. This should result in less
 			fragmented memory and better startup performance.
 			[GL #2433]
 
-5646.	[bug]		The default TCP timeout for rndc has been increased
-			to 60 seconds. This was its original value, but it
-			had been inadvertently lowered to 10. [GL #2643]
+5646.	[bug]		The default TCP timeout for rndc has been increased to
+			60 seconds. This was its original value, but it had been
+			inadvertently lowered to 10 when rndc was updated to use
+			the network manager. [GL #2643]
 
-5645.	[cleanup]	Remove the rarely-used dns_name_copy() function
-			and rename dns_name_copynf() to dns_name_copy().
-			[GL !5081]
+5645.	[cleanup]	Remove the rarely-used dns_name_copy() function and
+			rename dns_name_copynf() to dns_name_copy(). [GL !5081]
 
 5644.	[bug]		Fix a race condition in reading and writing key files
-			for KASP zones in multiple views. [GL #1875]
+			for zones using KASP and configured in multiple views.
+			[GL #1875]
 
 5643.	[placeholder]
 
-5642.	[bug]		Check "key-directory" conflicts in "named.conf" for
-			zones in multiple views with different "dnssec-policy".
-			[GL #2463].
+5642.	[bug]		Zones which are configured in multiple views with
+			different values set for "dnssec-policy" and with
+			identical values set for "key-directory" are now
+			detected and treated as a configuration error.
+			[GL #2463]
 
-5641.	[bug]		Address potential memory leak in dst_key_fromnamedfile.
-			[GL #2689]
+5641.	[bug]		Address a potential memory leak in
+			dst_key_fromnamedfile(). [GL #2689]
 
-5640.	[func]		Add new configuration option to set the operating system
-			receive and send buffers. [GL #2313]
+5640.	[func]		Add new configuration options for setting the size of
+			receive and send buffers in the operating system:
+			"tcp-receive-buffer", "tcp-send-buffer",
+			"udp-receive-buffer", and "udp-send-buffer". [GL #2313]
 
-5639.	[bug]		Check that the first and last SOA record of an AXFR
-			are consistent. [GL #2528]
+5639.	[bug]		Check that the first and last SOA record of an AXFR are
+			consistent. [GL #2528]
 
 	--- 9.17.13 released ---
 

configure.ac

@@ -14,7 +14,7 @@
 #
 m4_define([bind_VERSION_MAJOR], 9)dnl
 m4_define([bind_VERSION_MINOR], 17)dnl
-m4_define([bind_VERSION_PATCH], 13)dnl
+m4_define([bind_VERSION_PATCH], 14)dnl
 m4_define([bind_VERSION_EXTRA], )dnl
 m4_define([bind_DESCRIPTION], [(Development Release)])dnl
 m4_define([bind_SRCID], [m4_esyscmd_s([git rev-parse --short HEAD | cut -b1-7])])dnl

doc/arm/notes.rst

@@ -52,6 +52,7 @@ https://www.isc.org/download/. There you will find additional
 information about each release, and source code.
 
 .. include:: ../notes/notes-current.rst
+.. include:: ../notes/notes-9.17.14.rst
 .. include:: ../notes/notes-9.17.13.rst
 .. include:: ../notes/notes-9.17.12.rst
 .. include:: ../notes/notes-9.17.11.rst

doc/notes/notes-9.17.14.rst

@@ -0,0 +1,63 @@
+.. 
+   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+   
+   This Source Code Form is subject to the terms of the Mozilla Public
+   License, v. 2.0. If a copy of the MPL was not distributed with this
+   file, you can obtain one at https://mozilla.org/MPL/2.0/.
+   
+   See the COPYRIGHT file distributed with this work for additional
+   information regarding copyright ownership.
+
+Notes for BIND 9.17.14
+----------------------
+
+New Features
+~~~~~~~~~~~~
+
+- New configuration options, ``tcp-receive-buffer``,
+  ``tcp-send-buffer``, ``udp-receive-buffer``, and ``udp-send-buffer``,
+  have been added. These options allow the operator to fine-tune the
+  receiving and sending buffers in the operating system. On busy
+  servers, increasing the size of the receive buffers can prevent the
+  server from dropping packets during short traffic spikes, and
+  decreasing it can prevent the server from becoming clogged with
+  queries that are too old and have already timed out. :gl:`#2313`
+
+Feature Changes
+~~~~~~~~~~~~~~~
+
+- Zone dumping tasks are now run on separate asynchronous thread pools.
+  This change prevents zone dumping from blocking network I/O.
+  :gl:`#2732`
+
+- The interface handling code has been refactored to use fewer
+  resources, which should lead to less memory fragmentation and better
+  startup performance. :gl:`#2433`
+
+Bug Fixes
+~~~~~~~~~
+
+- The calculation of the estimated IXFR transaction size in
+  ``dns_journal_iter_init()`` was invalid. This resulted in excessive
+  AXFR-style IXFR responses. :gl:`#2685`
+
+- Fixed an assertion failure that could occur if stale data was used to
+  answer a query, and then a prefetch was triggered after the query was
+  restarted (for example, to follow a CNAME). :gl:`#2733`
+
+- If a query was answered with stale data on a server with DNS64
+  enabled, an assertion could occur if a non-stale answer arrived
+  afterward. This has been fixed. :gl:`#2731`
+
+- Fixed an error which caused the ``IP_DONTFRAG`` socket option to be
+  enabled instead of disabled, leading to errors when sending oversized
+  UDP packets. :gl:`#2746`
+
+- Zones which are configured in multiple views, with different values
+  set for ``dnssec-policy`` and with identical values set for
+  ``key-directory``, are now detected and treated as a configuration
+  error. :gl:`#2463`
+
+- A race condition could occur when reading and writing key files for
+  zones using KASP and configured in multiple views. This has been
+  fixed. :gl:`#1875`

doc/notes/notes-current.rst

@@ -8,7 +8,7 @@
    See the COPYRIGHT file distributed with this work for additional
    information regarding copyright ownership.
 
-Notes for BIND 9.17.14
+Notes for BIND 9.17.15
 ----------------------
 
 Security Fixes
@@ -24,17 +24,7 @@ Known Issues
 New Features
 ~~~~~~~~~~~~
 
-- New configuration options, ``tcp-receive-buffer``, ``tcp-send-buffer``,
-  ``udp-receive-buffer``, and ``udp-send-buffer``, have been added.  These
-  options allows the operator to fine tune the receiving and sending
-  buffers in the operating system.  On busy servers, increasing the value
-  of the receive buffers can prevent the server from dropping the packets
-  during short spikes, and decreasing the value would prevent the server to
-  became clogged up with queries that are too old and have already timeouted
-  on the receiving side. :gl:`#2313`
-
-- Run zone dumping tasks on separate asynchronous thread pools.  This change
-  makes zone dumping no longer block networking I/O. :gl:`#2732`
+- None.
 
 Removed Features
 ~~~~~~~~~~~~~~~~
@@ -46,39 +36,11 @@ Removed Features
 Feature Changes
 ~~~~~~~~~~~~~~~
 
-- The interface handling code has been refactored to use fewer resources,
-  which should lead to less memory fragmentation and better startup
-  performance.  :gl:`#2433`
+- None.
 
 Bug Fixes
 ~~~~~~~~~
 
-- Fix a race condition in reading and writing key files for KASP zones in
-  multiple views. :gl:`#1875`
-
-- Check ``key-directory`` conflicts in ``named.conf`` for zones in multiple
-  views with different ``dnssec-policy``. Using the same ``key-directory`` for
-  such zones is not allowed. :gl:`#2463`
-
-- ``named-checkconf`` now complains if zones with ``dnssec-policy`` reference
-  the same zone file more than once. :gl:`#2603`
-
-- The calculation of the estimated IXFR transaction size by
-  `dns_journal_iter_init()` was invalid.  This resulted in excessive
-  AXFR-style-IXFR responses. :gl:`#2685`
-
-- If a query was answered with stale data on a server with DNS64 enabled,
-  an assertion could occur if a non-stale answer arrived afterward. This
-  has been fixed. :gl:`#2731`
-
-- Fixed an assertion failure that could occur if stale data was used
-  to answer a query, and then a prefetch was triggered after the query
-  was restarted (for example, to follow a CNAME). :gl:`#2733`
-
-- Fix an error that would enable don't fragment socket option instead
-  of disabling it leading to errors when sending the oversized UDP
-  packets. [GL #2746]
-
 - Fixed a bug that caused the NSEC salt to be changed for KASP zones on
   every startup. :gl:`#2725`