From eeeccec67cafb7a0ab863532ed631fbacc339a26 Mon Sep 17 00:00:00 2001
From: Evan Hunt <each@isc.org>
Date: Mon, 3 Jul 2023 16:34:22 -0700
Subject: [PATCH 1/2] deprecate "dialup" and "heartbeat-interval"

these options concentrate zone maintenance actions into
bursts for the benefit of servers with intermittent connections.
that's no longer something we really need to optimize.
---
 bin/tests/system/checkconf/deprecated.conf | 3 +++
 bin/tests/system/checkconf/tests.sh        | 2 ++
 doc/arm/reference.rst                      | 8 ++++++--
 doc/misc/options                           | 6 +++---
 doc/misc/primary.zoneopt                   | 2 +-
 doc/misc/secondary.zoneopt                 | 2 +-
 doc/misc/stub.zoneopt                      | 2 +-
 lib/isccfg/namedconf.c                     | 5 +++--
 8 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/bin/tests/system/checkconf/deprecated.conf b/bin/tests/system/checkconf/deprecated.conf
index 548b144d15..bdda4c80c0 100644
--- a/bin/tests/system/checkconf/deprecated.conf
+++ b/bin/tests/system/checkconf/deprecated.conf
@@ -19,6 +19,9 @@ options {
 	dnssec-validation yes;
 	max-zone-ttl 600;
 
+        dialup yes;
+        heartbeat-interval 60;
+
 	use-v4-udp-ports { range 1024 65535; };
 	use-v6-udp-ports { range 1024 65535; };
 	avoid-v4-udp-ports { range 1 1023; };
diff --git a/bin/tests/system/checkconf/tests.sh b/bin/tests/system/checkconf/tests.sh
index 6c18835c16..94a1d3a7f3 100644
--- a/bin/tests/system/checkconf/tests.sh
+++ b/bin/tests/system/checkconf/tests.sh
@@ -153,6 +153,8 @@ grep "option 'use-v4-udp-ports' is deprecated" < checkconf.out$n.1 > /dev/null |
 grep "option 'use-v6-udp-ports' is deprecated" < checkconf.out$n.1 > /dev/null || ret=1
 grep "option 'avoid-v4-udp-ports' is deprecated" < checkconf.out$n.1 > /dev/null || ret=1
 grep "option 'avoid-v6-udp-ports' is deprecated" < checkconf.out$n.1 > /dev/null || ret=1
+grep "option 'dialup' is deprecated" < checkconf.out$n.1 > /dev/null || ret=1
+grep "option 'heartbeat-interval' is deprecated" < checkconf.out$n.1 > /dev/null || ret=1
 grep "token 'port' is deprecated" < checkconf.out$n.1 > /dev/null || ret=1
 if [ $ret -ne 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst
index 96a7ebb6b0..2e131908e9 100644
--- a/doc/arm/reference.rst
+++ b/doc/arm/reference.rst
@@ -1973,9 +1973,11 @@ Boolean Options
    record <named -m>` is specified on the command line, in which case it is ``yes``.
 
 .. namedconf:statement:: dialup
-   :tags: transfer
+   :tags: deprecated
    :short: Concentrates zone maintenance so that all transfers take place once every :any:`heartbeat-interval`, ideally during a single call.
 
+   This option is deprecated and will be removed in a future release.
+
    If ``yes``, then the server treats all zones as if they are doing
    zone transfers across a dial-on-demand dialup link, which can be
    brought up by traffic originating from this server. Although this setting has
@@ -3793,7 +3795,7 @@ Periodic Task Intervals
 ^^^^^^^^^^^^^^^^^^^^^^^
 
 .. namedconf:statement:: heartbeat-interval
-   :tags: zone
+   :tags: deprecated
    :short: Sets the interval at which the server performs zone maintenance tasks for all zones marked as :any:`dialup`.
 
    The server performs zone maintenance tasks for all zones marked
@@ -3802,6 +3804,8 @@ Periodic Task Intervals
    maximum value is 28 days (40320 minutes). If set to 0, no zone
    maintenance for these zones occurs.
 
+   This option is deprecated and will be removed in a future release.
+
 .. namedconf:statement:: interface-interval
    :tags: server
    :short: Sets the interval at which the server scans the network interface list.
diff --git a/doc/misc/options b/doc/misc/options
index 537da0fe24..edb8e86290 100644
--- a/doc/misc/options
+++ b/doc/misc/options
@@ -96,7 +96,7 @@ options {
 	cookie-secret <string>; // may occur multiple times
 	deny-answer-addresses { <address_match_element>; ... } [ except-from { <string>; ... } ];
 	deny-answer-aliases { <string>; ... } [ except-from { <string>; ... } ];
-	dialup ( notify | notify-passive | passive | refresh | <boolean> );
+	dialup ( notify | notify-passive | passive | refresh | <boolean> ); // deprecated
 	directory <quoted_string>;
 	disable-algorithms <string> { <string>; ... }; // may occur multiple times
 	disable-ds-digests <string> { <string>; ... }; // may occur multiple times
@@ -147,7 +147,7 @@ options {
 	fstrm-set-output-queue-size <integer>; // not configured
 	fstrm-set-reopen-interval <duration>; // not configured
 	geoip-directory ( <quoted_string> | none );
-	heartbeat-interval <integer>;
+	heartbeat-interval <integer>; // deprecated
 	hostname ( <quoted_string> | none );
 	http-listener-clients <integer>;
 	http-port <integer>;
@@ -392,7 +392,7 @@ view <string> [ <class> ] {
 	clients-per-query <integer>;
 	deny-answer-addresses { <address_match_element>; ... } [ except-from { <string>; ... } ];
 	deny-answer-aliases { <string>; ... } [ except-from { <string>; ... } ];
-	dialup ( notify | notify-passive | passive | refresh | <boolean> );
+	dialup ( notify | notify-passive | passive | refresh | <boolean> ); // deprecated
 	disable-algorithms <string> { <string>; ... }; // may occur multiple times
 	disable-ds-digests <string> { <string>; ... }; // may occur multiple times
 	disable-empty-zone <string>; // may occur multiple times
diff --git a/doc/misc/primary.zoneopt b/doc/misc/primary.zoneopt
index a7be8839e7..e3c6ef69d5 100644
--- a/doc/misc/primary.zoneopt
+++ b/doc/misc/primary.zoneopt
@@ -17,7 +17,7 @@ zone <string> [ <class> ] {
 	check-wildcard <boolean>;
 	checkds ( explicit | <boolean> );
 	database <string>;
-	dialup ( notify | notify-passive | passive | refresh | <boolean> );
+	dialup ( notify | notify-passive | passive | refresh | <boolean> ); // deprecated
 	dlz <string>;
 	dnskey-sig-validity <integer>; // obsolete
 	dnssec-dnskey-kskonly <boolean>; // obsolete
diff --git a/doc/misc/secondary.zoneopt b/doc/misc/secondary.zoneopt
index 2f7c1b049f..26eca8e20a 100644
--- a/doc/misc/secondary.zoneopt
+++ b/doc/misc/secondary.zoneopt
@@ -9,7 +9,7 @@ zone <string> [ <class> ] {
 	check-names ( fail | warn | ignore );
 	checkds ( explicit | <boolean> );
 	database <string>;
-	dialup ( notify | notify-passive | passive | refresh | <boolean> );
+	dialup ( notify | notify-passive | passive | refresh | <boolean> ); // deprecated
 	dlz <string>;
 	dnskey-sig-validity <integer>; // obsolete
 	dnssec-dnskey-kskonly <boolean>; // obsolete
diff --git a/doc/misc/stub.zoneopt b/doc/misc/stub.zoneopt
index c7ee0ed75c..6d7c98cb45 100644
--- a/doc/misc/stub.zoneopt
+++ b/doc/misc/stub.zoneopt
@@ -4,7 +4,7 @@ zone <string> [ <class> ] {
 	allow-query-on { <address_match_element>; ... };
 	check-names ( fail | warn | ignore );
 	database <string>;
-	dialup ( notify | notify-passive | passive | refresh | <boolean> );
+	dialup ( notify | notify-passive | passive | refresh | <boolean> ); // deprecated
 	file <quoted_string>;
 	forward ( first | only );
 	forwarders [ port <integer> ] [ tls <string> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ] [ tls <string> ]; ... };
diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c
index 23da61eb61..97ed56c515 100644
--- a/lib/isccfg/namedconf.c
+++ b/lib/isccfg/namedconf.c
@@ -1260,7 +1260,7 @@ static cfg_clausedef_t options_clauses[] = {
 #endif /* HAVE_GEOIP2 */
 	{ "geoip-use-ecs", NULL, CFG_CLAUSEFLAG_ANCIENT },
 	{ "has-old-clients", NULL, CFG_CLAUSEFLAG_ANCIENT },
-	{ "heartbeat-interval", &cfg_type_uint32, 0 },
+	{ "heartbeat-interval", &cfg_type_uint32, CFG_CLAUSEFLAG_DEPRECATED },
 	{ "host-statistics", NULL, CFG_CLAUSEFLAG_ANCIENT },
 	{ "host-statistics-max", NULL, CFG_CLAUSEFLAG_ANCIENT },
 	{ "hostname", &cfg_type_qstringornone, 0 },
@@ -2274,7 +2274,8 @@ static cfg_clausedef_t zone_clauses[] = {
 	{ "check-svcb", &cfg_type_boolean, CFG_ZONE_PRIMARY },
 	{ "check-wildcard", &cfg_type_boolean, CFG_ZONE_PRIMARY },
 	{ "dialup", &cfg_type_dialuptype,
-	  CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_STUB },
+	  CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_ZONE_STUB |
+		  CFG_CLAUSEFLAG_DEPRECATED },
 	{ "dnssec-dnskey-kskonly", &cfg_type_boolean,
 	  CFG_ZONE_PRIMARY | CFG_ZONE_SECONDARY | CFG_CLAUSEFLAG_OBSOLETE },
 	{ "dnssec-loadkeys-interval", &cfg_type_uint32,

From d10b6a4b3913235d7178746e918a15956d7a00ad Mon Sep 17 00:00:00 2001
From: Evan Hunt <each@isc.org>
Date: Mon, 3 Jul 2023 16:40:56 -0700
Subject: [PATCH 2/2] CHANGES and release note for [GL #3700]

---
 CHANGES                     | 3 +++
 doc/notes/notes-current.rst | 9 ++++++---
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index a5e1482b85..e2dd7d298d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+6220.	[func]		Deprecate the 'dialup' and 'heartbeat-interval'
+			options. [GL #3700]
+
 6219.	[bug]		Ignore 'max-zone-ttl' on 'dnssec-policy insecure'.
 			[GL #4032]
 
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index 6901989603..312e07bfff 100644
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -27,9 +27,12 @@ Removed Features
 
 - The 'auto-dnssec' configuration option has now been removed. Please
   use :any:`dnssec-policy` or manual signing instead. The following options
-  have become obsolete: :any:`dnskey-sig-validity`, :any:`dnssec-dnskey-kskonly`,
-  :any:`dnssec-update-mode`, :any:`sig-validity-interval`, and
-  :any:`update-check-ksk`. :gl:`#3672`.
+  have become obsolete: :any:`dnskey-sig-validity`,
+  :any:`dnssec-dnskey-kskonly`, :any:`dnssec-update-mode`,
+  :any:`sig-validity-interval`, and :any:`update-check-ksk`. :gl:`#3672`.
+
+- The :any:`dialup` and :any:`heartbeat-interval` options have been
+  deprecated and will be removed in a future release. :gl:`#3700`
 
 Feature Changes
 ~~~~~~~~~~~~~~~