Merge branch 'prep-release' into v9_16_17-release

Prepare documentation for BIND 9.16.17

See merge request isc-private/bind9!300

CHANGES

@@ -1,60 +1,61 @@
-5652.	[bug]		Copy and paste error caused the socket option to
-			be enabled instead of disabled. [GL #2746]
+	--- 9.16.17 released ---
 
-5651.	[func]		Refactor zone dumping to be processed asynchronously
-			via the uv_work_t thread pool API. [GL #2732]
+5652.	[bug]		A copy-and-paste error in change 5584 caused the
+			IP_DONTFRAG socket option to be enabled instead of
+			disabled. This has been fixed. [GL #2746]
 
-5650.	[bug]		Prevent a crash that could occur if serve-stale
-			was enabled and a prefetch was triggered during a
-			query restart. [GL #2733]
+5651.	[func]		Refactor zone dumping to be processed asynchronously via
+			the uv_work_t thread pool API. [GL #2732]
 
-5649.	[bug]		If a query was answered with stale data on a server
-			with DNS64 enabled, an assertion could occur if a
-			non-stale answer arrived afterward. [GL #2731]
+5650.	[bug]		Prevent a crash that could occur if serve-stale was
+			enabled and a prefetch was triggered during a query
+			restart. [GL #2733]
 
-5648.	[bug]		The calculation of the estimated IXFR transaction
-			size by dns_journal_iter_init() was invalid. [GL #2685]
+5649.	[bug]		If a query was answered with stale data on a server with
+			DNS64 enabled, an assertion could occur if a non-stale
+			answer arrived afterward. [GL #2731]
+
+5648.	[bug]		The calculation of the estimated IXFR transaction size
+			in dns_journal_iter_init() was invalid. [GL #2685]
 
 5644.	[bug]		Fix a race condition in reading and writing key files
-			for KASP zones in multiple views. [GL #1875]
+			for zones using KASP and configured in multiple views.
+			[GL #1875]
 
 5643.	[cleanup]	"make install" no longer creates an empty
 			${localstatedir}/run directory. [GL #2709]
 
-5642.	[bug]		Check "key-directory" conflicts in "named.conf" for
-			zones in multiple views with different "dnssec-policy".
-			[GL #2463].
+5642.	[bug]		Zones which are configured in multiple views with
+			different values set for "dnssec-policy" and with
+			identical values set for "key-directory" are now
+			detected and treated as a configuration error.
+			[GL #2463]
 
-5641.	[bug]		Address potential memory leak in dst_key_fromnamedfile.
-			[GL #2689]
+5641.	[bug]		Address a potential memory leak in
+			dst_key_fromnamedfile(). [GL #2689]
 
-5639.	[bug]		Check that the first and last SOA record of an AXFR
-			are consistent. [GL #2528]
+5639.	[bug]		Check that the first and last SOA record of an AXFR are
+			consistent. [GL #2528]
 
-5638.	[bug]		Refactoring, performance and stability improvements
-			related to the network manager and task manager. This
-			rolls up several recent changes from the main branch:
-			- isc_task events now run within netmgr event loops.
-			- add isc_managers_create() and _destroy() functions
-			  to handle setup and teardown of netmgr and taskmgr,
-			  since these now require a precise order of
-			  operations.
-			- event queue processing is now quantized to prevent
+5638.	[bug]		Improvements related to network manager/task manager
+			integration:
+			- isc_managers_create() and isc_managers_destroy()
+			  functions were added to handle setup and teardown of
+			  netmgr, taskmgr, timermgr, and socketmgr, since these
+			  require a precise order of operations now.
+			- Event queue processing is now quantized to prevent
 			  infinite looping.
-			- the netmgr can now be paused from within a netmgr
+			- The netmgr can now be paused from within a netmgr
 			  thread.
-			- fixed deadlocks due to conflict between netmgr
-			  pause/resume and listen/stoplistening operations.
-			- allow recovery from read and connect timeout events
-			- ensure that calls to isc_nm_*connect() always
-			  return the connection status via a callback
-			  function.
-			[GL #2654] [GL #2638] [GL #2401]
+			- Deadlocks due to a conflict between netmgr's
+			  pause/resume and listen/stoplistening operations were
+			  fixed.
+			[GL #2654]
 
-5633.	[doc]		Inline-signing was incorrectly described as being
-			inherited from the options / view levels and was
+5633.	[doc]		The "inline-signing" option was incorrectly described as
+			being inherited from the "options"/"view" levels and was
 			incorrectly accepted at those levels without effect.
-			This has been corrected. [GL #2536]
+			This has been fixed. [GL #2536]
 
 	--- 9.16.16 released ---
 

configure

@@ -859,7 +859,6 @@ infodir
 docdir
 oldincludedir
 includedir
-runstatedir
 localstatedir
 sharedstatedir
 sysconfdir
@@ -1025,7 +1024,6 @@ datadir='${datarootdir}'
 sysconfdir='${prefix}/etc'
 sharedstatedir='${prefix}/com'
 localstatedir='${prefix}/var'
-runstatedir='${localstatedir}/run'
 includedir='${prefix}/include'
 oldincludedir='/usr/include'
 docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@@ -1278,15 +1276,6 @@ do
   | -silent | --silent | --silen | --sile | --sil)
     silent=yes ;;
 
-  -runstatedir | --runstatedir | --runstatedi | --runstated \
-  | --runstate | --runstat | --runsta | --runst | --runs \
-  | --run | --ru | --r)
-    ac_prev=runstatedir ;;
-  -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
-  | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
-  | --run=* | --ru=* | --r=*)
-    runstatedir=$ac_optarg ;;
-
   -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
     ac_prev=sbindir ;;
   -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@@ -1424,7 +1413,7 @@ fi
 for ac_var in	exec_prefix prefix bindir sbindir libexecdir datarootdir \
 		datadir sysconfdir sharedstatedir localstatedir includedir \
 		oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
-		libdir localedir mandir runstatedir
+		libdir localedir mandir
 do
   eval ac_val=\$$ac_var
   # Remove trailing slashes.
@@ -1577,7 +1566,6 @@ Fine tuning of the installation directories:
   --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
   --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
   --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
-  --runstatedir=DIR       modifiable per-process data [LOCALSTATEDIR/run]
   --libdir=DIR            object code libraries [EPREFIX/lib]
   --includedir=DIR        C header files [PREFIX/include]
   --oldincludedir=DIR     C header files for non-gcc [/usr/include]
@@ -4022,7 +4010,7 @@ else
     We can't simply define LARGE_OFF_T to be 9223372036854775807,
     since some C++ compilers masquerading as C compilers
     incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
   int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
 		       && LARGE_OFF_T % 2147483647 == 1)
 		      ? 1 : -1];
@@ -4068,7 +4056,7 @@ else
     We can't simply define LARGE_OFF_T to be 9223372036854775807,
     since some C++ compilers masquerading as C compilers
     incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
   int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
 		       && LARGE_OFF_T % 2147483647 == 1)
 		      ? 1 : -1];
@@ -4092,7 +4080,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
     We can't simply define LARGE_OFF_T to be 9223372036854775807,
     since some C++ compilers masquerading as C compilers
     incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
   int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
 		       && LARGE_OFF_T % 2147483647 == 1)
 		      ? 1 : -1];
@@ -4137,7 +4125,7 @@ else
     We can't simply define LARGE_OFF_T to be 9223372036854775807,
     since some C++ compilers masquerading as C compilers
     incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
   int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
 		       && LARGE_OFF_T % 2147483647 == 1)
 		      ? 1 : -1];
@@ -4161,7 +4149,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
     We can't simply define LARGE_OFF_T to be 9223372036854775807,
     since some C++ compilers masquerading as C compilers
     incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
   int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
 		       && LARGE_OFF_T % 2147483647 == 1)
 		      ? 1 : -1];
@@ -5419,7 +5407,7 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*)
   lt_cv_deplibs_check_method=pass_all
   ;;
 
-netbsd* | netbsdelf*-gnu)
+netbsd*)
   if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
     lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$'
   else
@@ -5781,7 +5769,7 @@ esac
 fi
 
 : ${AR=ar}
-: ${AR_FLAGS=cr}
+: ${AR_FLAGS=cru}
 
 
 
@@ -6324,8 +6312,11 @@ _LT_EOF
   test $ac_status = 0; }; then
     # Now try to grab the symbols.
     nlist=conftest.nm
-    $ECHO "$as_me:$LINENO: $NM conftest.$ac_objext | $lt_cv_sys_global_symbol_pipe > $nlist" >&5
-    if eval "$NM" conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist 2>&5 && test -s "$nlist"; then
+    if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5
+  (eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && test -s "$nlist"; then
       # Try sorting and uniquifying the output.
       if sort "$nlist" | uniq > "$nlist"T; then
 	mv -f "$nlist"T "$nlist"
@@ -7544,8 +7535,8 @@ int forced_loaded() { return 2;}
 _LT_EOF
       echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5
       $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5
-      echo "$AR cr libconftest.a conftest.o" >&5
-      $AR cr libconftest.a conftest.o 2>&5
+      echo "$AR cru libconftest.a conftest.o" >&5
+      $AR cru libconftest.a conftest.o 2>&5
       echo "$RANLIB libconftest.a" >&5
       $RANLIB libconftest.a 2>&5
       cat > conftest.c << _LT_EOF
@@ -7572,16 +7563,11 @@ $as_echo "$lt_cv_ld_force_load" >&6; }
       _lt_dar_allow_undefined='$wl-undefined ${wl}suppress' ;;
     darwin1.*)
       _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
-    darwin*) # darwin 5.x on
-      # if running on 10.5 or later, the deployment target defaults
-      # to the OS version, if on x86, and 10.4, the deployment
-      # target defaults to 10.4. Don't you love it?
-      case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
-	10.0,*86*-darwin8*|10.0,*-darwin[912]*)
-	  _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
-	10.[012][,.]*)
+    darwin*)
+      case ${MACOSX_DEPLOYMENT_TARGET},$host in
+	10.[012],*|,*powerpc*)
 	  _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
-	10.*|11.*)
+	*)
 	  _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
       esac
     ;;
@@ -8407,12 +8393,6 @@ lt_prog_compiler_static=
 	lt_prog_compiler_pic='-KPIC'
 	lt_prog_compiler_static='-static'
         ;;
-      # flang / f18. f95 an alias for gfortran or flang on Debian
-      flang* | f18* | f95*)
-	lt_prog_compiler_wl='-Wl,'
-	lt_prog_compiler_pic='-fPIC'
-	lt_prog_compiler_static='-static'
-        ;;
       # icc used to be incompatible with GCC.
       # ICC 10 doesn't accept -KPIC any more.
       icc* | ifort*)
@@ -8889,9 +8869,6 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie
   openbsd* | bitrig*)
     with_gnu_ld=no
     ;;
-  linux* | k*bsd*-gnu | gnu*)
-    link_all_deplibs=no
-    ;;
   esac
 
   ld_shlibs=yes
@@ -9146,7 +9123,7 @@ _LT_EOF
       fi
       ;;
 
-    netbsd* | netbsdelf*-gnu)
+    netbsd*)
       if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
 	archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
 	wlarc=
@@ -9816,7 +9793,6 @@ $as_echo "$lt_cv_irix_exported_symbol" >&6; }
 	if test yes = "$lt_cv_irix_exported_symbol"; then
           archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations $wl-exports_file $wl$export_symbols -o $lib'
 	fi
-	link_all_deplibs=no
       else
 	archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib'
 	archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -exports_file $export_symbols -o $lib'
@@ -9838,7 +9814,7 @@ $as_echo "$lt_cv_irix_exported_symbol" >&6; }
       esac
       ;;
 
-    netbsd* | netbsdelf*-gnu)
+    netbsd*)
       if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
 	archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'  # a.out
       else
@@ -10953,18 +10929,6 @@ fi
   dynamic_linker='GNU/Linux ld.so'
   ;;
 
-netbsdelf*-gnu)
-  version_type=linux
-  need_lib_prefix=no
-  need_version=no
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  shlibpath_var=LD_LIBRARY_PATH
-  shlibpath_overrides_runpath=no
-  hardcode_into_libs=yes
-  dynamic_linker='NetBSD ld.elf_so'
-  ;;
-
 netbsd*)
   version_type=sunos
   need_lib_prefix=no
@@ -25754,6 +25718,7 @@ $as_echo "$as_me: executing $ac_file commands" >&6;}
     cat <<_LT_EOF >> "$cfgfile"
 #! $SHELL
 # Generated automatically by $as_me ($PACKAGE) $VERSION
+# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
 # NOTE: Changes made to this file will be lost: look at ltmain.sh.
 
 # Provide generalized library-building support services.

doc/arm/notes.rst

@@ -59,7 +59,7 @@ https://www.isc.org/download/. There you will find additional
 information about each release, source code, and pre-compiled versions
 for Microsoft Windows operating systems.
 
-.. include:: ../notes/notes-current.rst
+.. include:: ../notes/notes-9.16.17.rst
 .. include:: ../notes/notes-9.16.16.rst
 .. include:: ../notes/notes-9.16.15.rst
 .. include:: ../notes/notes-9.16.14.rst

doc/notes/notes-9.16.17.rst

@@ -0,0 +1,59 @@
+.. 
+   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+   
+   This Source Code Form is subject to the terms of the Mozilla Public
+   License, v. 2.0. If a copy of the MPL was not distributed with this
+   file, you can obtain one at https://mozilla.org/MPL/2.0/.
+   
+   See the COPYRIGHT file distributed with this work for additional
+   information regarding copyright ownership.
+
+Notes for BIND 9.16.17
+----------------------
+
+Feature Changes
+~~~~~~~~~~~~~~~
+
+- After the network manager was introduced to ``named`` to handle
+  incoming traffic, it was discovered that recursive performance had
+  degraded compared to previous BIND 9 versions. This has now been
+  fixed by processing internal tasks inside network manager worker
+  threads, preventing resource contention among two sets of threads.
+  :gl:`#2638`
+
+- Zone dumping tasks are now run on separate asynchronous thread pools.
+  This change prevents zone dumping from blocking network I/O.
+  :gl:`#2732`
+
+- ``inline-signing`` was incorrectly described as being inherited from
+  the ``options``/``view`` levels and was incorrectly accepted at those
+  levels without effect. This has been fixed; ``named.conf`` files with
+  ``inline-signing`` at those levels no longer load. :gl:`#2536`
+
+Bug Fixes
+~~~~~~~~~
+
+- The calculation of the estimated IXFR transaction size in
+  ``dns_journal_iter_init()`` was invalid. This resulted in excessive
+  AXFR-style IXFR responses. :gl:`#2685`
+
+- Fixed an assertion failure that could occur if stale data was used to
+  answer a query, and then a prefetch was triggered after the query was
+  restarted (for example, to follow a CNAME). :gl:`#2733`
+
+- If a query was answered with stale data on a server with DNS64
+  enabled, an assertion could occur if a non-stale answer arrived
+  afterward. This has been fixed. :gl:`#2731`
+
+- Fixed an error which caused the ``IP_DONTFRAG`` socket option to be
+  enabled instead of disabled, leading to errors when sending oversized
+  UDP packets. :gl:`#2746`
+
+- Zones which are configured in multiple views, with different values
+  set for ``dnssec-policy`` and with identical values set for
+  ``key-directory``, are now detected and treated as a configuration
+  error. :gl:`#2463`
+
+- A race condition could occur when reading and writing key files for
+  zones using KASP and configured in multiple views. This has been
+  fixed. :gl:`#1875`

doc/notes/notes-current.rst

@@ -1,77 +0,0 @@
-.. 
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-   
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, you can obtain one at https://mozilla.org/MPL/2.0/.
-   
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-Notes for BIND 9.16.17
-----------------------
-
-Security Fixes
-~~~~~~~~~~~~~~
-
-- None.
-
-Known Issues
-~~~~~~~~~~~~
-
-- None.
-
-New Features
-~~~~~~~~~~~~
-
-- None.
-
-- Run zone dumping tasks on separate asynchronous thread pools.  This change
-  makes zone dumping no longer block networking I/O. :gl:`#2732`
-
-Removed Features
-~~~~~~~~~~~~~~~~
-
-- None.
-
-Feature Changes
-~~~~~~~~~~~~~~~
-
-- After the network manager was introduced to ``named`` to handle
-  incoming traffic, it was discovered that recursive performance had
-  degraded compared to previous BIND 9 versions. This has now been
-  fixed by processing internal tasks inside network manager worker
-  threads, preventing resource contention among two sets of threads.
-  :gl:`#2638`
-
-- ``inline-signing`` was incorrectly described as being inherited from the
-  ``options`` or ``view`` levels and was incorrectly accepted at those levels
-  without effect.  This has been corrected, ``named.conf`` files with
-  ``inline-signing`` at those levels will no longer load with this fix applied.
-  :gl:`#2536`
-
-Bug Fixes
-~~~~~~~~~
-
-- Fix a race condition in reading and writing key files for KASP zones in
-  multiple views. :gl:`#1875`
-
-- Check ``key-directory`` conflicts in ``named.conf`` for zones in multiple
-  views with different ``dnssec-policy``. Using the same ``key-directory`` for
-  such zones is not allowed. :gl:`#2463`
-
-- The calculation of the estimated IXFR transaction size by
-  `dns_journal_iter_init()` was invalid.  This resulted in excessive
-  AXFR-style-IXFR responses. :gl:`#2685`
-
-- If a query was answered with stale data on a server with DNS64 enabled,
-  an assertion could occur if a non-stale answer arrived afterward. This
-  has been fixed. :gl:`#2731`
-
-- Fixed an assertion failure that could occur if stale data was used
-  to answer a query, and then a prefetch was triggered after the query
-  was restarted (for example, to follow a CNAME). :gl:`#2733`
-
-- Fix an error that would enable don't fragment socket option instead
-  of disabling it leading to errors when sending the oversized UDP
-  packets. [GL #2746]

version

@@ -5,7 +5,7 @@ PRODUCT=BIND
 DESCRIPTION="(Stable Release)"
 MAJORVER=9
 MINORVER=16
-PATCHVER=16
+PATCHVER=17
 RELEASETYPE=
 RELEASEVER=
 EXTENSIONS=