development. Regular users should refer to :ref:`Release Notes <relnotes>`
for changes relevant to them.
+(-dev)
+------
+
+New Features
+~~~~~~~~~~~~
+
+- Tighten 'max-recursion-queries' and add 'max-query-restarts' option.
+ ``42e70b0f0e``
+
+ There were cases in resolver.c when the `max-recursion-queries` quota
+ was ineffective. It was possible to craft zones that would cause a
+ resolver to waste resources by sending excessive queries while
+ attempting to resolve a name. This has been addressed by correcting
+ errors in the implementation of `max-recursion-queries`, and by
+ reducing the default value from 100 to 32.
+
+ In addition, a new `max-query-restarts` option has been added which
+ limits the number of times a recursive server will follow CNAME or
+ DNAME records before terminating resolution. This was previously a
+ hard-coded limit of 16, and now defaults to 11. :gl:`#4741`
+ :gl:`!9282`
+
+- Implement rndc retransfer -force. ``008bfb6249``
+
+ A new optional argument '-force' has been added to the command channel
+ command 'rndc retransfer'. When it is specified, named aborts the
+ ongoing zone transfer (if there is one), and starts a new transfer.
+ :gl:`#2299` :gl:`!9219`
+
+- Generate changelog from git log. ``cf60eb2738``
+
+ Use a single source of truth, the git log, to generate the list of
+ CHANGES. Use the .rst format and include it in the ARM for a quick
+ reference with proper gitlab links to issues and merge requests.
+ :gl:`#75` :gl:`!9180`
+
+Feature Changes
+~~~~~~~~~~~~~~~
+
+- Call rcu_barrier() in the isc_mem_destroy() just once. ``e00b13ac6e``
+
+ The previous work in this area was led by the belief that we might be
+ calling call_rcu() from within call_rcu() callbacks. After carefully
+ checking all the current callback, it became evident that this is not
+ the case and the problem isn't enough rcu_barrier() calls, but
+ something entirely else.
+
+ Call the rcu_barrier() just once as that's enough and the multiple
+ rcu_barrier() calls will not hide the real problem anymore, so we can
+ find it. :gl:`!9247`
+
+- Don't open route socket if we don't need it. ``4f369af51e``
+
+ When automatic-interface-scan is disabled, the route socket was still
+ being opened. Add new API to connect / disconnect from the route
+ socket only as needed.
+
+ Additionally, move the block that disables periodic interface rescans
+ to a place where it actually have access to the configuration values.
+ Previously, the values were being checked before the configuration was
+ loaded. :gl:`!9239`
+
+- Allow shorter resolver-query-timeout configuration. ``840e56a979``
+
+ The minimum allowed value of 'resolver-query-timeout' was lowered to
+ 301 milliseconds instead of the earlier 10000 milliseconds (which is
+ the default). As earlier, values less than or equal to 300 are
+ converted to seconds before applying the limit. :gl:`#4320`
+ :gl:`!9220`
+
+- Replace #define DNS_GETDB_ with struct of bools. ``6d1fdb8505``
+
+ Replace #define DNS_GETDB_ with struct of bools to make it easier to
+ pretty-print the attributes in a debugger. :gl:`#4559` :gl:`!9205`
+
+- Fix data race in clean_finds_at_name. ``be1e649974``
+
+ Stop updating `find.result_v4` and `find.result_v4` in
+ `clean_finds_at_name`. The values are supposed to be
+ static. :gl:`#4118` :gl:`!9197`
+
+Bug Fixes
+~~~~~~~~~
+
+- Reconfigure catz member zones during named reconfiguration.
+ ``9a0c59c89a``
+
+ During a reconfiguration named wasn't reconfiguring catalog zones'
+ member zones. This has been fixed. :gl:`#4733`
+
+- Disassociate the SSL object from the cached SSL_SESSION.
+ ``54b24fb015``
+
+ When the SSL object was destroyed, it would invalidate all SSL_SESSION
+ objects including the cached, but not yet used, TLS session objects.
+
+ Properly disassociate the SSL object from the SSL_SESSION before we
+ store it in the TLS session cache, so we can later destroy it without
+ invalidating the cached TLS sessions. :gl:`#4834` :gl:`!9274`
+
+- Attach/detach to the listening child socket when accepting TLS.
+ ``24ac7a7cd2``
+
+ When TLS connection (TLSstream) connection was accepted, the children
+ listening socket was not attached to sock->server and thus it could
+ have been freed before all the accepted connections were actually
+ closed.
+
+ In turn, this would cause us to call isc_tls_free() too soon - causing
+ cascade errors in pending SSL_read_ex() in the accepted connections.
+
+ Properly attach and detach the children listening socket when
+ accepting and closing the server connections. :gl:`#4833` :gl:`!9273`
+
+- Fix --enable-tracing build on systems without dtrace. ``d8d49c9340``
+
+ Missing file util/dtrace.sh prevented builds on system without dtrace
+ utility. This has been corrected.
+
+- Make hypothesis optional for system tests. ``c5f1cb8a04``
+
+ Ensure that system tests can be executed without Python hypothesis
+ package. :gl:`#4831` :gl:`!9267`
+
+- Dig now reports missing query section for opcode QUERY. ``b277a6f1f0``
+
+ Query responses should contain the question section with some
+ exceptions. Dig was not reporting this. :gl:`#4808` :gl:`!9269`
+
+- Fix assertion failure in the glue cache. ``f8a0c0bed6``
+
+ Fix an assertion failure that could happen as a result of data race
+ between free_gluetable() and addglue() on the same headers.
+ :gl:`#4691` :gl:`!9256`
+
+- Don't use 'create' flag unnecessarily in findnode() ``4281aaab45``
+
+ when searching the cache for a node so that we can delete an rdataset,
+ it isn't necessary to set the 'create' flag. if the node doesn't exist
+ yet, we won't be able to delete anything from it anyway. :gl:`!9253`
+
+- Raise the log level of priming failures. ``074c7cc12c``
+
+ When a priming query is complete, it's currently logged at level
+ ISC_LOG_DEBUG(1), regardless of success or failure. We are now raising
+ it to ISC_LOG_NOTICE in the case of failure. [GL #3516] :gl:`#3516`
+ :gl:`!9250`
+
+- Fix assertion failure when checking named-checkconf version.
+ ``42e84e4b97``
+
+ Checking the version of `named-checkconf` would end with assertion
+ failure. This has been fixed. :gl:`#4827` :gl:`!9246`
+
+- Valid TSIG signatures with invalid time cause crash. ``2438db2eae``
+
+ An assertion failure triggers when the TSIG has valid cryptographic
+ signature, but the time is invalid. This can happen when the times
+ between the primary and secondary servers are not synchronised.
+ :gl:`#4811` :gl:`!9245`
+
+- Don't skip the counting if fcount_incr() is called with force==true.
+ ``9cd2880a82``
+
+ The fcount_incr() was incorrectly skipping the accounting for the
+ fetches-per-zone if the force argument was set to true. We want to
+ skip the accounting only when the fetches-per-zone is completely
+ disabled, but for individual names we need to do the accounting even
+ if we are forcing the result to be success. :gl:`!9241`
+
+- Fix PTHREAD_MUTEX_ADAPTIVE_NP and PTHREAD_MUTEX_ERRORCHECK_NP usage.
+ ``46caf5f4a4``
+
+ The PTHREAD_MUTEX_ADAPTIVE_NP and PTHREAD_MUTEX_ERRORCHECK_NP are
+ usually not defines, but enum values, so simple preprocessor check
+ doesn't work.
+
+ Check for PTHREAD_MUTEX_ADAPTIVE_NP from the autoconf
+ AS_COMPILE_IFELSE block and define HAVE_PTHREAD_MUTEX_ADAPTIVE_NP.
+ This should enable adaptive mutex on Linux and FreeBSD.
+
+ As PTHREAD_MUTEX_ERRORCHECK actually comes from POSIX and Linux glibc
+ does define it when compatibility macros are being set, we can just
+ use PTHREAD_MUTEX_ERRORCHECK instead of PTHREAD_MUTEX_ERRORCHECK_NP.
+ :gl:`!9240`
+
+- Remove extra newline from yaml output. ``53738634c3``
+
+ I split this into two commits, one for the actual newline removal, and
+ one for issues I found, ruining the yaml output when some errors were
+ outputted.
+
+- CID 498025 and CID 498031: Overflowed constant INTEGER_OVERFLOW.
+ ``b6298b394e``
+
+ Add INSIST to fail if the multiplication would cause the variables to
+ overflow. :gl:`#4798` :gl:`!9229`
+
+- Remove unnecessary operations. ``067f87f158``
+
+ Decrementing optlen immediately before calling continue is unneccesary
+ and inconsistent with the rest of dns_message_pseudosectiontoyaml and
+ dns_message_pseudosectiontotext. Coverity was also reporting an
+ impossible false positive overflow of optlen (CID 499061).
+
+ 4176 } else if (optcode == DNS_OPT_CLIENT_TAG)
+ { 4177 uint16_t id; 4178
+ ADD_STRING(target, "; CLIENT-TAG:"); 4179
+ if (optlen == 2U) { 4180 id
+ = isc_buffer_getuint16(&optbuf); 4181
+ snprintf(buf, sizeof(buf), " %u ", id); 4182
+ ADD_STRING(target, buf);
+
+ CID 499061: (#1 of 1): Overflowed constant (INTEGER_OVERFLOW)
+ overflow_const: Expression optlen, which is equal to 65534, underflows
+ the type that receives it, an unsigned integer 16 bits wide. 4183
+ optlen -= 2; 4184
+ POST(optlen); 4185
+ continue; 4186 } 4187
+ } else if (optcode == DNS_OPT_SERVER_TAG) { :gl:`!9223`
+
+- Fix generation of 6to4-self name expansion from IPv4 address.
+ ``00ce93a69c``
+
+ The period between the most significant nibble of the encoded IPv4
+ address and the 2.0.0.2.IP6.ARPA suffix was missing resulting in the
+ wrong name being checked. Add system test for 6to4-self
+ implementation. :gl:`#4766` :gl:`!9217`
+
+- Fix false QNAME minimisation error being reported. ``fb07c38697``
+
+ Remove the false positive "success resolving" log message when QNAME
+ minimisation is in effect and the final result is NXDOMAIN.
+ :gl:`#4784` :gl:`!9215`
+
+- Dig +yaml was producing unexpected and/or invalid YAML output.
+ ``a42afbce2e``
+
+ :gl:`#4796` :gl:`!9213`
+
+- SVBC alpn text parsing failed to reject zero length alpn.
+ ``1a1413ff59``
+
+ :gl:`#4775` :gl:`!9209`
+
+- Return SERVFAIL for a too long CNAME chain. ``d7e5f7903d``
+
+ When cutting a long CNAME chain, named was returning NOERROR instead
+ of SERVFAIL (alongside with a partial answer). This has been fixed.
+ :gl:`#4449` :gl:`!9203`
+
+- Properly calculate the amount of system memory. ``c63b7fad49``
+
+ On 32 bit machines isc_meminfo_totalphys could return an incorrect
+ value. :gl:`#4799` :gl:`!9199`
+
+- Update key lifetime and metadata after dnssec-policy reconfig.
+ ``a5f554959e``
+
+ Adjust key state and timing metadata if dnssec-policy key lifetime
+ configuration is updated, so that it also affects existing keys.
+ :gl:`#4677` :gl:`!9191`
+
+
Changes prior to 9.20.0
-----------------------
--- /dev/null
+(-dev)
+------
+
+New Features
+~~~~~~~~~~~~
+
+- Tighten 'max-recursion-queries' and add 'max-query-restarts' option.
+
+ There were cases in resolver.c when the `max-recursion-queries` quota
+ was ineffective. It was possible to craft zones that would cause a
+ resolver to waste resources by sending excessive queries while
+ attempting to resolve a name. This has been addressed by correcting
+ errors in the implementation of `max-recursion-queries`, and by
+ reducing the default value from 100 to 32.
+
+ In addition, a new `max-query-restarts` option has been added which
+ limits the number of times a recursive server will follow CNAME or
+ DNAME records before terminating resolution. This was previously a
+ hard-coded limit of 16, and now defaults to 11. :gl:`#4741`
+ :gl:`!9282`
+
+- Implement rndc retransfer -force.
+
+ A new optional argument '-force' has been added to the command channel
+ command 'rndc retransfer'. When it is specified, named aborts the
+ ongoing zone transfer (if there is one), and starts a new transfer.
+ :gl:`#2299` :gl:`!9219`
+
+Feature Changes
+~~~~~~~~~~~~~~~
+
+- Allow shorter resolver-query-timeout configuration.
+
+ The minimum allowed value of 'resolver-query-timeout' was lowered to
+ 301 milliseconds instead of the earlier 10000 milliseconds (which is
+ the default). As earlier, values less than or equal to 300 are
+ converted to seconds before applying the limit. :gl:`#4320`
+ :gl:`!9220`
+
+Bug Fixes
+~~~~~~~~~
+
+- Reconfigure catz member zones during named reconfiguration.
+
+ During a reconfiguration named wasn't reconfiguring catalog zones'
+ member zones. This has been fixed. :gl:`#4733`
+
+- Fix --enable-tracing build on systems without dtrace.
+
+ Missing file util/dtrace.sh prevented builds on system without dtrace
+ utility. This has been corrected.
+
+- Dig now reports missing query section for opcode QUERY.
+
+ Query responses should contain the question section with some
+ exceptions. Dig was not reporting this. :gl:`#4808` :gl:`!9269`
+
+- Fix assertion failure in the glue cache.
+
+ Fix an assertion failure that could happen as a result of data race
+ between free_gluetable() and addglue() on the same headers.
+ :gl:`#4691` :gl:`!9256`
+
+- Raise the log level of priming failures.
+
+ When a priming query is complete, it's currently logged at level
+ ISC_LOG_DEBUG(1), regardless of success or failure. We are now raising
+ it to ISC_LOG_NOTICE in the case of failure. [GL #3516] :gl:`#3516`
+ :gl:`!9250`
+
+- Fix assertion failure when checking named-checkconf version.
+
+ Checking the version of `named-checkconf` would end with assertion
+ failure. This has been fixed. :gl:`#4827` :gl:`!9246`
+
+- Valid TSIG signatures with invalid time cause crash.
+
+ An assertion failure triggers when the TSIG has valid cryptographic
+ signature, but the time is invalid. This can happen when the times
+ between the primary and secondary servers are not synchronised.
+ :gl:`#4811` :gl:`!9245`
+
+- Remove extra newline from yaml output.
+
+ I split this into two commits, one for the actual newline removal, and
+ one for issues I found, ruining the yaml output when some errors were
+ outputted.
+
+- Fix generation of 6to4-self name expansion from IPv4 address.
+
+ The period between the most significant nibble of the encoded IPv4
+ address and the 2.0.0.2.IP6.ARPA suffix was missing resulting in the
+ wrong name being checked. Add system test for 6to4-self
+ implementation. :gl:`#4766` :gl:`!9217`
+
+- Fix false QNAME minimisation error being reported.
+
+ Remove the false positive "success resolving" log message when QNAME
+ minimisation is in effect and the final result is NXDOMAIN.
+ :gl:`#4784` :gl:`!9215`
+
+- Dig +yaml was producing unexpected and/or invalid YAML output.
+
+ :gl:`#4796` :gl:`!9213`
+
+- SVBC alpn text parsing failed to reject zero length alpn.
+
+ :gl:`#4775` :gl:`!9209`
+
+- Return SERVFAIL for a too long CNAME chain.
+
+ When cutting a long CNAME chain, named was returning NOERROR instead
+ of SERVFAIL (alongside with a partial answer). This has been fixed.
+ :gl:`#4449` :gl:`!9203`
+
+- Properly calculate the amount of system memory.
+
+ On 32 bit machines isc_meminfo_totalphys could return an incorrect
+ value. :gl:`#4799` :gl:`!9199`
+
+- Update key lifetime and metadata after dnssec-policy reconfig.
+
+ Adjust key state and timing metadata if dnssec-policy key lifetime
+ configuration is updated, so that it also affects existing keys.
+ :gl:`#4677` :gl:`!9191`
projects / thirdparty / bind9.git / commitdiff
