Fix "make dist"

MR !3717 added some checks to the "kasp" system test that always fail on
Windows.  This issue will be investigated in due course.  Until it is
addressed, prevent the "kasp" system test from being run on Windows.

CHANGES

@@ -1,3 +1,5 @@
+	--- 9.17.3 released ---
+
 5458.	[bug]		Prevent a theoretically possible NULL dereference caused
 			by a data race between zone_maintenance() and
 			dns_zone_setview_helper(). [GL #1627]
@@ -6,23 +8,21 @@
 
 5456.	[func]		Added "primaries" as a synonym for "masters" in
 			named.conf, and "primary-only" as a synonym for
-			"master-only" in the parameters to "notify",
-			in order to bring terminology up to date with
-			RFC 8499. [GL #1948]
+			"master-only" in the parameters to "notify", to bring
+			terminology up-to-date with RFC 8499. [GL #1948]
 
-5455.	[bug]		`named` could crash when cleaning dead nodes
-			in lib/dns/rbtdb.c that have been reused meanwhile.
-			[GL #1968]
+5455.	[bug]		named could crash when cleaning dead nodes in
+			lib/dns/rbtdb.c that were being reused. [GL #1968]
 
-5454.	[bug]		Address a startup crash happening when server is
-			under load and root zone is not yet loaded. [GL #1862]
+5454.	[bug]		Address a startup crash that occurred when the server
+			was under load and the root zone had not yet been
+			loaded. [GL #1862]
 
-5453.	[bug]		`named` would crash on shutdown when new `rndc`
-			connection is received at the same time as
-			shutting down. [GL #1747]
+5453.	[bug]		named crashed on shutdown when a new rndc connection was
+			received during shutdown. [GL #1747]
 
-5452.	[bug]		The "blackhole" ACL was accidentally disabled with
-			respect to client queries. [GL #1936]
+5452.	[bug]		The "blackhole" ACL was accidentally disabled for client
+			queries. [GL #1936]
 
 5451.	[func]		Add 'rndc dnssec -status' command. [GL #1612]
 
@@ -40,14 +40,14 @@
 
 5446.	[bug]		The validator could fail to accept a properly signed
 			RRset if an unsupported algorithm appeared earlier in
-			the DNSKEY RRset than a supported algorithm.  It could
+			the DNSKEY RRset than a supported algorithm. It could
 			also stop if it detected a malformed public key.
 			[GL #1689]
 
 5445.	[cleanup]	Disable and disallow static linking. [GL #1933]
 
-5444.	[bug]		'rndc dnstap -roll <value>' was not limiting the
-			number of saved files to <value>. [GL !3728]
+5444.	[bug]		'rndc dnstap -roll <value>' did not limit the number of
+			saved files to <value>. [GL !3728]
 
 5443.	[bug]		The "primary" and "secondary" keywords, when used
 			as parameters for "check-names", were not
@@ -60,8 +60,8 @@
 
 5440.	[placeholder]
 
-5439.	[bug]		The dsset returned by dns_keynode_dsset() was not
-			thread safe. [GL #1926]
+5439.	[bug]		The DS RRset returned by dns_keynode_dsset() was used in
+			a non-thread-safe manner. [GL #1926]
 
 	--- 9.17.2 released ---
 

bin/tests/system/conf.sh.common

@@ -87,7 +87,6 @@ include-multiplecfg
 inline
 integrity
 ixfr
-kasp
 keepalive
 legacy
 limits

bin/tests/system/conf.sh.in

@@ -85,6 +85,7 @@ chain
 dlzexternal
 dyndb
 filter-aaaa
+kasp
 logfileconfig
 nzd2nzf
 pipelined

configure.ac

@@ -14,7 +14,7 @@
 #
 m4_define([bind_VERSION_MAJOR], 9)dnl
 m4_define([bind_VERSION_MINOR], 17)dnl
-m4_define([bind_VERSION_PATCH], 2)dnl
+m4_define([bind_VERSION_PATCH], 3)dnl
 m4_define([bind_VERSION_EXTRA], )dnl
 m4_define([bind_DESCRIPTION], [(Development Release)])dnl
 m4_define([bind_SRCID], [m4_esyscmd_s([git rev-parse --short HEAD | cut -b1-7])])dnl

doc/arm/Makefile.am

@@ -33,9 +33,9 @@ EXTRA_DIST =					\
 	../misc/logging.grammar.rst		\
 	../misc/managed-keys.grammar.rst	\
 	../misc/master.zoneopt.rst		\
-	../misc/masters.grammar.rst		\
 	../misc/mirror.zoneopt.rst		\
 	../misc/options.grammar.rst		\
+	../misc/primaries.grammar.rst		\
 	../misc/redirect.zoneopt.rst		\
 	../misc/server.grammar.rst		\
 	../misc/slave.zoneopt.rst		\

doc/arm/notes.rst

@@ -52,7 +52,7 @@ https://www.isc.org/download/. There you will find additional
 information about each release, source code, and pre-compiled versions
 for Microsoft Windows operating systems.
 
-.. include:: ../notes/notes-current.rst
+.. include:: ../notes/notes-9.17.3.rst
 .. include:: ../notes/notes-9.17.2.rst
 .. include:: ../notes/notes-9.17.1.rst
 .. include:: ../notes/notes-9.17.0.rst

doc/notes/notes-9.17.3.rst

@@ -0,0 +1,80 @@
+.. 
+   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+   
+   This Source Code Form is subject to the terms of the Mozilla Public
+   License, v. 2.0. If a copy of the MPL was not distributed with this
+   file, You can obtain one at http://mozilla.org/MPL/2.0/.
+   
+   See the COPYRIGHT file distributed with this work for additional
+   information regarding copyright ownership.
+
+Notes for BIND 9.17.3
+---------------------
+
+New Features
+~~~~~~~~~~~~
+
+- New ``rndc`` command ``rndc dnssec -status`` shows the current DNSSEC
+  policy and keys in use, the key states, and rollover status.
+  [GL #1612]
+
+- Added support in the network manager for initiating outgoing TCP
+  connections. [GL #1958]
+
+Feature Changes
+~~~~~~~~~~~~~~~
+
+- Disable and disallow static linking of BIND 9 binaries and libraries
+  as BIND 9 modules require ``dlopen()`` support and static linking also
+  prevents using security features like read-only relocations (RELRO) or
+  address space layout randomization (ASLR) which are important for
+  programs that interact with the network and process arbitrary user
+  input. [GL #1933]
+
+- As part of an ongoing effort to use RFC 8499 terminology,
+  ``primaries`` can now be used as a synonym for ``masters`` in
+  ``named.conf``. Similarly, ``notify primary-only`` can now be used as
+  a synonym for ``notify master-only``. The output of ``rndc
+  zonestatus`` now uses ``primary`` and ``secondary`` terminology.
+  [GL #1948]
+
+Bug Fixes
+~~~~~~~~~
+
+- A race condition could occur if a TCP socket connection was closed
+  while ``named`` was waiting for a recursive response. The attempt to
+  send a response over the closing connection triggered an assertion
+  failure in the function ``isc__nm_tcpdns_send()``. [GL #1937]
+
+- A race condition could occur when ``named`` attempted to use a UDP
+  interface that was shutting down. This triggered an assertion failure
+  in ``uv__udp_finish_close()``. [GL #1938]
+
+- Fix assertion failure when server was under load and root zone had not
+  yet been loaded. [GL #1862]
+
+- ``named`` could crash when cleaning dead nodes in ``lib/dns/rbtdb.c``
+  that were being reused. [GL #1968]
+
+- ``named`` crashed on shutdown when a new ``rndc`` connection was
+  received during shutdown. This has been fixed. [GL #1747]
+
+- The DS RRset returned by ``dns_keynode_dsset()`` was used in a
+  non-thread-safe manner. This could result in an INSIST being
+  triggered. [GL #1926]
+
+- The ``primary`` and ``secondary`` keywords, when used as parameters
+  for ``check-names``, were not processed correctly and were being
+  ignored. [GL #1949]
+
+- ``rndc dnstap -roll <value>`` did not limit the number of saved files
+  to ``<value>``. [GL !3728]
+
+- The validator could fail to accept a properly signed RRset if an
+  unsupported algorithm appeared earlier in the DNSKEY RRset than a
+  supported algorithm. It could also stop if it detected a malformed
+  public key. [GL #1689]
+
+- The ``blackhole`` ACL was inadvertently disabled for client queries.
+  Blocked IP addresses were not used for upstream queries but queries
+  from those addresses could still be answered. [GL #1936]

doc/notes/notes-current.rst

@@ -1,79 +0,0 @@
-.. 
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-   
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, You can obtain one at http://mozilla.org/MPL/2.0/.
-   
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-Notes for BIND 9.17.3
----------------------
-
-Security Fixes
-~~~~~~~~~~~~~~
-
-- None.
-
-Known Issues
-~~~~~~~~~~~~
-
-- None.
-
-New Features
-~~~~~~~~~~~~
-
-- None.
-
-Feature Changes
-~~~~~~~~~~~~~~~
-
-- New ``rndc`` command ``rndc dnssec -status`` that shows the current
-  DNSSEC policy and keys in use, the key states and rollover status.
-  [GL #1612]
-
-- Disable and disallow static linking of BIND 9 binaries and libraries
-  as BIND 9 modules require ``dlopen()`` support and static linking also
-  prevents using security features like read-only relocations (RELRO) or
-  address space layout randomization (ASLR) which are important for
-  programs that interact with the network and process arbitrary user
-  input. [GL #1933]
-
-- As part of an ongoing effort to use RFC 8499 terminology, ``primaries``
-  can now be used as a synonym for ``masters`` in ``named.conf``.
-  Similarly, ``notify priamry-only`` can now be used as a synonym
-  for ``notify master-only``. The output of ``rndc zonestatus`` now
-  uses ``primary`` and ``secondary`` terminology. [GL #1948]
-
-Bug Fixes
-~~~~~~~~~
-
-- The DS set returned by ``dns_keynode_dsset()`` was not thread-safe.
-  This could result in an INSIST being triggered. [GL #1926]
-
-- The ``primary`` and ``secondary`` keywords, when used as parameters for
-  ``check-names``, were not processed correctly and were being ignored.
-  [GL #1949]
-
-- 'rndc dnstap -roll <value>' was not limiting the number of saved
-  files to <value>. [GL !3728]
-
-- The validator could fail to accept a properly signed RRset if an
-  unsupported algorithm appeared earlier in the DNSKEY RRset than a
-  supported algorithm.  It could also stop if it detected a malformed
-  public key. [GL #1689]
-
-- The ``blackhole`` ACL was inadvertently disabled with respect to
-  client queries. Blocked IP addresses were not used for upstream
-  queries but queries from those addresses could still be answered.
-  [GL #1936]
-
-- ``named`` would crash on shutdown when new ``rndc`` connection is received at
-  the same time as shutting down. [GL #1747]
-
-- Fix assertion failure when server is under load and root zone is not yet
-  loaded. [GL #1862]
-
-- ``named`` could crash when cleaning dead nodes in ``lib/dns/rbtdb.c`` that
-  have been reused meanwhile.  [GL #1968]

lib/bind9/api

@@ -12,5 +12,5 @@
 # 9.15/9.16: 1500-1699
 # 9.17/9.18: 1700-1899
 LIBINTERFACE = 1701
-LIBREVISION = 0
+LIBREVISION = 1
 LIBAGE = 0

lib/dns/api

@@ -11,6 +11,6 @@
 # 9.13/9.14: 1300-1499
 # 9.15/9.16: 1500-1699
 # 9.17/9.18: 1700-1899
-LIBINTERFACE = 1702
+LIBINTERFACE = 1703
 LIBREVISION = 0
 LIBAGE = 0

lib/isc/api

@@ -11,6 +11,6 @@
 # 9.13/9.14: 1300-1499
 # 9.15/9.16: 1500-1699
 # 9.17/9.18: 1700-1899
-LIBINTERFACE = 1702
+LIBINTERFACE = 1703
 LIBREVISION = 0
 LIBAGE = 0

lib/isccfg/api

@@ -12,5 +12,5 @@
 # 9.15/9.16: 1500-1699
 # 9.17/9.18: 1700-1899
 LIBINTERFACE = 1701
-LIBREVISION = 0
+LIBREVISION = 1
 LIBAGE = 0

lib/ns/api

@@ -11,6 +11,6 @@
 # 9.13/9.14: 1300-1499
 # 9.15/9.16: 1500-1699
 # 9.17/9.18: 1700-1899
-LIBINTERFACE = 1702
+LIBINTERFACE = 1703
 LIBREVISION = 0
 LIBAGE = 0

util/copyrights

@@ -1231,7 +1231,7 @@
 ./doc/notes/notes-9.17.0.rst			RST	2020
 ./doc/notes/notes-9.17.1.rst			RST	2020
 ./doc/notes/notes-9.17.2.rst			RST	2020
-./doc/notes/notes-current.rst			RST	2020
+./doc/notes/notes-9.17.3.rst			RST	2020
 ./docutil/HTML_COPYRIGHT			X	2001,2004,2016,2018,2019,2020
 ./docutil/MAN_COPYRIGHT				X	2001,2004,2016,2018,2019,2020
 ./docutil/patch-db2latex-duplicate-template-bug	X	2007,2018,2019,2020