Generate changelog for BIND 9.21.9

2025-08-28 13:08:06 +00:00 · 2025-06-05 11:58:49 +02:00 · 2025-06-05 11:58:49 +02:00 · 26f3f74c6c
commit 26f3f74c6c
parent 59585e2294
2 changed files with 226 additions and 0 deletions
--- a/doc/arm/changelog.rst
+++ b/doc/arm/changelog.rst
@ -18,6 +18,7 @@ Changelog
   development. Regular users should refer to :ref:`Release Notes <relnotes>`
   for changes relevant to them.
 .. include:: ../changelog/changelog-9.21.9.rst
 .. include:: ../changelog/changelog-9.21.8.rst
 .. include:: ../changelog/changelog-9.21.7.rst
 .. include:: ../changelog/changelog-9.21.6.rst
--- a/doc/changelog/changelog-9.21.9.rst
+++ b/doc/changelog/changelog-9.21.9.rst
@ -0,0 +1,225 @@
 .. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 ..
 .. SPDX-License-Identifier: MPL-2.0
 ..
 .. This Source Code Form is subject to the terms of the Mozilla Public
 .. License, v. 2.0.  If a copy of the MPL was not distributed with this
 .. file, you can obtain one at https://mozilla.org/MPL/2.0/.
 ..
 .. See the COPYRIGHT file distributed with this work for additional
 .. information regarding copyright ownership.
 BIND 9.21.9
 -----------
 New Features
 ~~~~~~~~~~~~
 - Add support for zone templates. ``93c44ba551c``
  To simplify the configuration of multiple similar zones, BIND now
  supports a zone template mechanism. `template` blocks containing zone
  options can be defined at the top level of the configuration file;
  they can then be referenced in `zone` statements. A zone referencing a
  template will use the options in the specified `template` block as
  defaults. (Options locally defined in the `zone` statement override
  the template.)
  The filename for a zone can now be generated parametrically from a
  format specified in the `file` option. The first occurrences of
  `$name`, `$type` and `$view` in `file` are replaced with the zone
  origin, the zone type (i.e., primary, secondary, etc), and the view
  name, respectively.
  Primary zones can now take an `initial-file` option, specifying the
  path to a generic zone file that will be copied into the zone's `file`
  path when the zone is first loaded, if the `file` does not already
  exist.
  For example, the following template can be used for primary zones: ```
  template primary {                 type primary;                 file
  "$name.db";                 initial-file "generic.db";         }; ```
  With this template in place, a new primary zone could be added using a
  single `rndc addzone` command:
  ```         $ rndc addzone example.com '{ template primary; };' ```
  The zone would be created using the filename `example.com.db`, which
  would be copied into place from `generic.db`. :gl:`#2964` :gl:`!10407`
 - Redesign the unreachable primaries cache. ``b8144348362``
  Previously, the cache for the unreachable primary servers was limited
  to 10 entries (LRU) and a fixed 10 minutes delay for each entry,
  unless removed forcibly by a new entry. The cache is now redesigned to
  remove the 10 entry limitation and to introduce delay values with
  exponential backoff time - initially an unreachable primary server is
  cached as being unreachable for 10 seconds, but each time the cache
  entry is expired and the same server is added again during the
  eligibility period of the next 120 seconds, the delay time is doubled
  up until to the maximum of 640 seconds. :gl:`#3992` :gl:`!10393`
 - Implement a new 'notify-defer' configuration option. ``10a02e84ebf``
  This new option sets a delay (in seconds) to wait before sending a set
  of NOTIFY messages for a zone. Whenever a NOTIFY message is ready to
  be sent, sending will be deferred for this duration. This option is
  not to be confused with the :any:`notify-delay` option. The default is
  0 seconds. :gl:`#5259` :gl:`!10419`
 Removed Features
 ~~~~~~~~~~~~~~~~
 - Clean up the DST cryptographic API. ``43f19763b32``
  The DST API has been cleaned up, duplicate functions has been squashed
  into single call (verify and verify2 functions), and couple of unused
  functions have been completely removed (createctx2, computesecret,
  paramcompare, and cleanup). :gl:`!10345`
 Feature Changes
 ~~~~~~~~~~~~~~~
 - Adaptive memory allocation strategy for qp-tries. ``dc3a1bde658``
  qp-tries allocate their nodes (twigs) in chunks to reduce allocator
  pressure and improve memory locality. The choice of chunk size
  presents a tradeoff: larger chunks benefit qp-tries with many values
  (as seen in large zones and resolvers) but waste memory in smaller use
  cases.
  Previously, our fixed chunk size of 2^10 twigs meant that even an
  empty qp-trie would consume 12KB of memory, while reducing this size
  would negatively impact resolver performance.
  This commit implements an adaptive chunking strategy that:  - Tracks
  the size of the most recently allocated chunk.  - Doubles the chunk
  size for each new allocation until reaching a    predefined maximum.
  This approach effectively balances memory efficiency for small tries
  while maintaining the performance benefits of larger chunk sizes for
  bigger data structures. :gl:`!10245`
 - Set name for all the isc_mem context from isc_mem_create()
  ``ccf7a7dd7ea``
  Instead of giving the memory context names with an explicit call to
  isc_mem_setname(), add the name to isc_mem_create() call to have all
  the memory contexts an unconditional name. :gl:`!10426`
 - Unify handling of the program name in all the utilities.
  ``33f17c23848``
  There were several methods how we used 'argv[0]'.  Some programs had a
  static value, some programs did use isc_file_progname(), some programs
  stripped 'lt-' from the beginning of the name.  And some used argv[0]
  directly.
  Unify the handling and all the variables into isc_commandline_progname
  that gets populated by the new isc_commandline_init(argc, argv) call.
  :gl:`!10502`
 Bug Fixes
 ~~~~~~~~~
 - Fix zone deletion issue. ``bc4a19acff7``
  A secondary zone could initiate a new zone transfer from the primary
  server after it had been already deleted from the secondary server,
  and before the internal garbage collection was activated to clean it
  up completely. This has been fixed. :gl:`#5291` :gl:`!10449`
 - Fix a zone refresh bug. ``610825ebc14``
  A secondary zone could fail to further refresh with new versions of
  the zone from a primary server if named was reconfigured during the
  SOA request step of an ongoing zone transfer. This has been fixed.
  :gl:`#5307` :gl:`!10468`
 - Allow keystore.c to compile on Solaris. ``9b7c19a3400``
  keystore.c failed to compile on Solaris because NAME_MAX was
  undefined.  Include 'isc/dir.h' which defines NAME_MAX for platforms
  that don't define it. :gl:`#5327` :gl:`!10522`
 - Call zone syntax checks when running rndc addzone/modzone.
  ``2ad9516a72a``
  The function that checks zone syntax in libisccfg was previously only
  called when loading `named.conf`, not when parsing an an `rndc
  addzone` or `rndc modzone` command. This has been corrected.
  :gl:`#5338` :gl:`!10520`
 - Add more iteration macros. ``a988ffcede7``
  Add more macros for iteration: `DNS_RDATASET_FOREACH`,
  `CFG_LIST_FOREACH`, `DNS_DBITERATOR_FOREACH`, and
  `DNS_RDATASETITER_FOREACH`. :gl:`!10350`
 - Allow commandline.c to compile on Solaris. ``ead7b480034``
  commandline.c failed to compile on Solaris because NAME_MAX was
  undefined.  Include 'isc/dir.h' which defines NAME_MAX for platforms
  that don't define it.
  In file included from commandline.c:54:
  ./include/isc/commandline.h:31:38: error: 'NAME_MAX' undeclared here
  (not in a function)        31 | extern char
  isc_commandline_progname[NAME_MAX];           |
  ^~~~~~~~ :gl:`!10524`
 - Debug level was ignored when logging to stderr. ``870c9b6a910``
  The debug level (set with the `-d` option) was ignored when running
  `named` with the `-g` and `-u` options. :gl:`!10453`
 - Fix builds for the OSS-Fuzz project. ``bf6caadd676``
  Add the `size` argument to the fuzzing version of the
  `chunk_get_raw()` function. :gl:`!10553`
 - Initialize queryonacl dns_view_t property. ``bb1458460b3``
  A dns_view_t has a queryonacl property, which is supposed to hold the
  ACL matching the configuration "allow-query-on". However the code
  parsing this configuration ACL was missing (or removed by mistake?),
  hence this property was always NULL. The ACL was still built but
  individually for each zone (which checks if the property exists in the
  zone definition, view definition, and finally options definition).
  We now create the ACL instance at the view level, enabling zones to
  share the same (identical) ACL instead of having their own copies.
  :gl:`!10551`
 - Make all ISC_LIST_FOREACH calls safe. ``b045726f8f4``
  Previously, `ISC_LIST_FOREACH` and `ISC_LIST_FOREACH_SAFE` were two
  separate macros, with the _SAFE version allowing entries to be
  unlinked during the loop. `ISC_LIST_FOREACH` is now also safe, and the
  separate `_SAFE` macro has been removed.
  Similarly, the `ISC_LIST_FOREACH_REV` macro is now safe, and
  `ISC_LIST_FOREACH_REV_SAFE` has also been removed. :gl:`!10479`
 - Set name for all the isc_mem contexts. ``87ad1624634``
  :gl:`!10425`
 - Try to skip lock on fully lower names. ``59585e22947``
  If the name is fully lowercase, we don't need to access the case
  bitmap in order to set the case. Therefore, we can check for the
  FULLYLOWERCASE flag using only atomic operations, and skip a lock in
  the hot path, provided we clear the FULLYLOWERCASE flag before
  changing the case bitmap. :gl:`!10497`
 - Use proper flexible arrays in rrl. ``e8f3ce70aa8``
  The single-element array hack can trip newer sanitizers or
  fortification levels.
  Found with UBSAN triggering the RRL system test with meson.
  :gl:`!10509`