diff --git a/doc/arm/changelog.rst b/doc/arm/changelog.rst index 0f68889b60..3109532212 100644 --- a/doc/arm/changelog.rst +++ b/doc/arm/changelog.rst @@ -18,6 +18,7 @@ Changelog development. Regular users should refer to :ref:`Release Notes ` for changes relevant to them. +.. include:: ../changelog/changelog-9.20.17.rst .. include:: ../changelog/changelog-9.20.16.rst .. include:: ../changelog/changelog-9.20.15.rst .. include:: ../changelog/changelog-9.20.14.rst diff --git a/doc/changelog/changelog-9.20.17.rst b/doc/changelog/changelog-9.20.17.rst new file mode 100644 index 0000000000..e92eeb7f46 --- /dev/null +++ b/doc/changelog/changelog-9.20.17.rst @@ -0,0 +1,140 @@ +.. Copyright (C) Internet Systems Consortium, Inc. ("ISC") +.. +.. SPDX-License-Identifier: MPL-2.0 +.. +.. This Source Code Form is subject to the terms of the Mozilla Public +.. License, v. 2.0. If a copy of the MPL was not distributed with this +.. file, you can obtain one at https://mozilla.org/MPL/2.0/. +.. +.. See the COPYRIGHT file distributed with this work for additional +.. information regarding copyright ownership. + +BIND 9.20.17 +------------ + +New Features +~~~~~~~~~~~~ + +- Add spatch to detect implicit bool/int/result cast. ``02be363d1f`` + + Detection of implicit cast from a boolean into an int, or an + isc_result_t into a boolean (either in an assignement or return + position). + + If such pattern is found, a warning comment is added into the code + (and the CI will fails) so the error can be spotted and manually + fixed. :gl:`!11237` + +Feature Changes +~~~~~~~~~~~~~~~ + +- Use atomics for CMM_{LOAD,STORE}_SHARED with ThreadSanitizer. + ``94fa721705`` + + Upstream has removed the atomics implementation of CMM_LOAD_SHARED and + CMM_STORE_SHARED as these can be used also with non-stdatomics types. + As we only use the CMM api with stdatomics types, we can restore the + previous behaviour to prevent ThreadSanitizer warnings. :gl:`#5660` + :gl:`!11290` + +- Provide more information when the memory allocation fails. + ``6749725610`` + + Provide more information about the failure when the memory allocation + fails. :gl:`!11304` + +- Reduce the number of outgoing queries. ``457b470e96`` + + Reduces the number of outgoing queries when resolving the nameservers + for delegation points. This helps the DNS resolver with cold cache + resolve client queries with complex delegation chains and + redirections. :gl:`!11258` + +Bug Fixes +~~~~~~~~~ + +- Fix the spurious timeouts while resolving names. ``d96cf874fb`` + + Sometimes the loops in the resolving (e.g. to resolve or validate + ns1.example.com we need to resolve ns1.example.com) were not properly + detected leading to spurious 10 seconds delay. This has been fixed + and such loops are properly detected. :gl:`#3033`, #5578 :gl:`!11298` + +- Fix bug where zone switches from NSEC3 to NSEC after retransfer. + ``3b40ffbf83`` + + When a zone is re-transferred, but the zone journal on an + inline-signing secondary is out of sync, the zone could fall back to + using NSEC records instead of NSEC3. This has been fixed. :gl:`#5527` + :gl:`!11274` + +- Attach socket before async streamdns_resume_processing. ``bb9451c73f`` + + Call to `streamdns_resume_processing` is asynchronous but the socket + passed as argument is not attached when scheduling the call. + + While there is no reproducible way (so far) to make the socket + reference number down to 0 before `streamdns_resume_processing` is + called, attach the socket before scheduling the call. This guard + against an hypothetic case where, for some reasons, the socket + refcount would reach 0, and be freed from memory when + `streamdns_resume_processing` is called. :gl:`#5620` :gl:`!11260` + +- AMTRELAY type 0 presentation format handling was wrong. ``adf104a063`` + + RFC 8777 specifies a placeholder value of "." for the gateway field + when the gateway type is 0 (no gateway). This was not being checked + for nor emitted when displaying the record. This has been corrected. + + Instances of this record will need the placeholder period added to + them when upgrading. :gl:`#5639` :gl:`!11255` + +- Fix parsing bug in remote-servers with key or tls. ``d9400c5967`` + + The :any:`remote-servers` clause enable the following pattern using a + named ``server-list``: + + remote-servers a { 1.2.3.4; ... }; remote-servers b { a key + foo; }; + + However, such configuration was wrongly rejected, with an "unexpected + token 'foo'" error. Such configuration is now accepted. :gl:`#5646` + :gl:`!11300` + +- Fix TLS contexts cache object usage bug in the resolver. + ``13adf94006`` + + :iscman:`named` could terminate unexpectedly when reconfiguring or + reloading, and if client-side TLS transport was in use (for example, + when forwarding queries to a DoT server). This has been fixed. + :gl:`#5653` :gl:`!11299` + +- Fix unitiailized pointer check on getipandkeylist. ``5ed0cf091b`` + + Function `named_config_getipandkeylist` could, in case of error in the + early code attempting to get the `port` or `tls-port`, make a pointer + check on a non-initialized value. This is now fixed. :gl:`!11306` + +- Standardize CHECK and RETERR macros. ``ef714e91ac`` + + previously, there were over 40 separate definitions of CHECK macros, + of which most used "goto cleanup", and the rest "goto failure" or + "goto out". there were another 10 definitions of RETERR, of which most + were identical to CHECK, but some simply returned a result code + instead of jumping to a cleanup label. + + this has now been standardized throughout the code base: RETERR is for + returning an error code in the case of an error, and CHECK is for + jumping to a cleanup tag, which is now always called "cleanup". both + macros are defined in isc/util.h. :gl:`!11069` + +- Adding NSEC3 opt-out records could leave invalid records in + chain. ``1d83a8ad46`` + + When creating an NSEC3 opt-out chain, a node in the chain could be + removed too soon, causing the previous NSEC3 being unable to be found, + resulting in invalid NSEC3 records to be left in the zone. This has + been fixed. + + Closes [#5671](#5671) +