diff --git a/CHANGES b/CHANGES index bd72ded702..2de7d25c5b 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +6368. [func] The 'sortlist' option has been marked and documented + as deprecated. [GL #4593] + 6367. [bug] Since the dns_validator_destroy() function doesn't guarantee that it destroys the validator, rename it to dns_validator_shutdown() and require explicit diff --git a/bin/tests/system/checkconf/deprecated.conf b/bin/tests/system/checkconf/deprecated.conf index 15d719d6a4..71ea50eb6c 100644 --- a/bin/tests/system/checkconf/deprecated.conf +++ b/bin/tests/system/checkconf/deprecated.conf @@ -28,6 +28,8 @@ options { avoid-v6-udp-ports { range 1 1023; }; dnssec-must-be-secure mustbesecure.example yes; + + sortlist { }; }; trusted-keys { diff --git a/bin/tests/system/checkconf/tests.sh b/bin/tests/system/checkconf/tests.sh index 74361fa9cb..76b2986d8d 100644 --- a/bin/tests/system/checkconf/tests.sh +++ b/bin/tests/system/checkconf/tests.sh @@ -179,6 +179,7 @@ grep "option 'avoid-v6-udp-ports' is deprecated" /dev/null | grep "option 'dialup' is deprecated" /dev/null || ret=1 grep "option 'heartbeat-interval' is deprecated" /dev/null || ret=1 grep "option 'dnssec-must-be-secure' is deprecated" /dev/null || ret=1 +grep "option 'sortlist' is deprecated" /dev/null || ret=1 grep "token 'port' is deprecated" /dev/null || ret=1 if [ $ret -ne 0 ]; then echo_i "failed"; fi status=$((status + ret)) diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index e4f1b1cc7a..dc11db525e 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -4014,9 +4014,11 @@ client's address. This only requires configuring the name servers, not all the clients. .. namedconf:statement:: sortlist - :tags: query + :tags: query, deprecated :short: Controls the ordering of RRs returned to the client, based on the client's IP address. + This option is deprecated and will be removed in a future release. + The :any:`sortlist` statement (see below) takes an :term:`address_match_list` and interprets it in a special way. Each top-level statement in the :any:`sortlist` must itself be an explicit :term:`address_match_list` with one or two elements. The diff --git a/doc/misc/options b/doc/misc/options index 31efabbc15..1142bb6f18 100644 --- a/doc/misc/options +++ b/doc/misc/options @@ -274,7 +274,7 @@ options { sig-signing-signatures ; sig-signing-type ; sig-validity-interval [ ]; // obsolete - sortlist { ; ... }; + sortlist { ; ... }; // deprecated stale-answer-client-timeout ( disabled | off | ); stale-answer-enable ; stale-answer-ttl ; @@ -569,7 +569,7 @@ view [ ] { sig-signing-signatures ; sig-signing-type ; sig-validity-interval [ ]; // obsolete - sortlist { ; ... }; + sortlist { ; ... }; // deprecated stale-answer-client-timeout ( disabled | off | ); stale-answer-enable ; stale-answer-ttl ; diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index baf7840df2..e9effb3afe 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -32,6 +32,10 @@ Feature Changes - None. +- The ``sortlist`` option has been deprecated and will be removed + in a future BIND 9.21.x release. Please don't rely on a specific + order of resource records in the DNS messages. :gl:`#4593` + Bug Fixes ~~~~~~~~~ diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index d5e09149e3..5c50c586f1 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -2199,7 +2199,7 @@ static cfg_clausedef_t view_clauses[] = { { "rrset-order", &cfg_type_rrsetorder, 0 }, { "send-cookie", &cfg_type_boolean, 0 }, { "servfail-ttl", &cfg_type_duration, 0 }, - { "sortlist", &cfg_type_bracketed_aml, 0 }, + { "sortlist", &cfg_type_bracketed_aml, CFG_CLAUSEFLAG_DEPRECATED }, { "stale-answer-enable", &cfg_type_boolean, 0 }, { "stale-answer-client-timeout", &cfg_type_staleanswerclienttimeout, 0 },