diff --git a/doc/arm/changelog.rst b/doc/arm/changelog.rst index 0c49bbbda5..22439522bd 100644 --- a/doc/arm/changelog.rst +++ b/doc/arm/changelog.rst @@ -18,6 +18,7 @@ Changelog development. Regular users should refer to :ref:`Release Notes ` for changes relevant to them. +.. include:: ../changelog/changelog-9.21.2.rst .. include:: ../changelog/changelog-9.21.1.rst .. include:: ../changelog/changelog-9.21.0.rst .. include:: ../changelog/changelog-history.rst diff --git a/doc/arm/notes.rst b/doc/arm/notes.rst index f776b382b3..73494039f4 100644 --- a/doc/arm/notes.rst +++ b/doc/arm/notes.rst @@ -39,6 +39,7 @@ https://www.isc.org/download/. There you will find additional information about each release, and source code. .. include:: ../notes/notes-known-issues.rst +.. include:: ../notes/notes-9.21.2.rst .. include:: ../notes/notes-9.21.1.rst .. include:: ../notes/notes-9.21.0.rst diff --git a/doc/changelog/changelog-9.21.2.rst b/doc/changelog/changelog-9.21.2.rst new file mode 100644 index 0000000000..af52aefef1 --- /dev/null +++ b/doc/changelog/changelog-9.21.2.rst @@ -0,0 +1,300 @@ +.. Copyright (C) Internet Systems Consortium, Inc. ("ISC") +.. +.. SPDX-License-Identifier: MPL-2.0 +.. +.. This Source Code Form is subject to the terms of the Mozilla Public +.. License, v. 2.0. If a copy of the MPL was not distributed with this +.. file, you can obtain one at https://mozilla.org/MPL/2.0/. +.. +.. See the COPYRIGHT file distributed with this work for additional +.. information regarding copyright ownership. + +BIND 9.21.2 +----------- + +New Features +~~~~~~~~~~~~ + +- Log query response status to the query log. ``a4b9625196d`` + + Log a query response summary using the new category `responses`. + Logging can be controlled by the option `responselog` and `rndc + responselog`. :gl:`#459` :gl:`!9449` + +- Added WALLET type. ``d0d4c6dae72`` + + Add the new record type WALLET (262). This provides a mapping from a + domain name to a cryptographic currency wallet. Multiple mappings can + exist if multiple records exist. :gl:`#4947` :gl:`!9521` + +- Support ISO timestamps with timezone information. ``e618cdddf8f`` + + The configuration option `print-time` can now be set to + `iso8601-tzinfo` in order to use the ISO 8601 timestamp with timezone + information when logging. This is used as a default for `named -g`. + :gl:`#4963` :gl:`!9563` + +- Add flag to named-checkconf to ignore "not configured" errors. + ``0d2482c62e9`` + + `named-checkconf` now takes "-n" to ignore "not configured" errors. + This allows named-checkconf to check the syntax of configurations from + other builds which have support for more options. :gl:`!9446` + +- Implement the ForwardOnlyFail statistics channel counter. + ``3efa17ee014`` + + The new ForwardOnlyFail statistics channel counter indicates the + number of queries failed due to bad forwarders for 'forward only' + zones. + + Related to #1793 :gl:`!9498` + +Removed Features +~~~~~~~~~~~~~~~~ + +- Remove "port" from source address options. ``dc3578ee84c`` + + Remove the use of "port" when configuring query-source(-v6), transfer- + source(-v6), notify-source(-v6), parental-source(-v6), etc. Remove the + use of source ports for parental-agents. + + Also remove the deprecated options use-{v4,v6}-udp-ports and + avoid-{v4,v6}udp-ports. :gl:`#3843` :gl:`!9469` + +- Remove DNSRPS implementation from the open-source version. + ``20024a28c01`` + + DNSRPS was the API for a commercial implementation of Response-Policy + Zones that was supposedly better. However, it was never open-sourced + and has only ever been available from a single vendor. This goes + against the principle that the open-source edition of BIND 9 should + contain only features that are generally available and universal. + + This commit removes the DNSRPS implementation from BIND 9. It may be + reinstated in the subscription edition if there's enough interest from + customers, but it would have to be rewritten as a plugin (hook) + instead of hard-wiring it again in so many places. :gl:`!9358` + +- Remove unused function dns_zonemgr_resumexfrs() ``4d759a251b9`` + + :gl:`!9565` + +Feature Changes +~~~~~~~~~~~~~~~ + +- Set logging category for notify/xfer-in related messages. + ``796f8861735`` + + Some 'notify' and 'xfer-in' related log messages were logged at the + 'general' category instead of their own category. This has been fixed. + :gl:`#2730` :gl:`!9451` + +- Restore the number of threadpool threads back to original value. + ``28badd8ed48`` + + The issue of long-running operations potentially blocking query + resolution has been fixed. Revert this temporary workaround and + restore the number of threadpool threads. :gl:`#4898` :gl:`!9530` + +- Allow IXFR-to-AXFR fallback on DNS_R_TOOMANYRECORDS. ``b343484ddb6`` + + This change allows fallback from an IXFR failure to AXFR when the + reason is `DNS_R_TOOMANYRECORDS`. This is because this error condition + could be temporary only in an intermediate version of IXFR + transactions and it's possible that the latest version of the zone + doesn't have that condition. In such a case, the secondary would never + be able to update the zone (even if it could) without this fallback. + + This fallback behavior is particularly useful with the recently + introduced `max-records-per-type` and `max-types-per-name` options: + the primary may not have these limitations and may temporarily + introduce "too many" records, breaking IXFR. If the primary side + subsequently deletes these records, this fallback will help recover + the zone transfer failure automatically; without it, the secondary + side would first need to increase the limit, which requires more + operational overhead and has its own adverse effect. :gl:`#4928` + :gl:`!9333` + +- Remove statslock from dnssec-signzone. ``f466e32fdb1`` + + Silence Coverity CID 468757 and 468767 (DATA RACE read not locked) by + converting dnssec-signzone to use atomics for statistics counters + rather than using a lock. :gl:`#4939` :gl:`!9496` + +- Honour the Control Group memory contraints on Linux. ``f48b86871f4`` + + On Linux, the system administrator can use Control Group ``cgroup`` + mechanism to limit the amount of available memory to the process. + This limit will be honoured when calculating the percentage-based + values. :gl:`!9556` + +- Use libuv functions to get memory available to BIND 9. ``aed7f552d54`` + + This change uses uv_get_available_memory() if available with fallback + to uv_get_constrained_memory() with fallback to uv_get_total_memory(). + :gl:`!9527` + +- Use release memory ordering when incrementing reference counter. + ``b1be0145a5a`` + + As the relaxed memory ordering doesn't ensure any memory + synchronization, it is possible that the increment will succeed even + in the case when it should not - there is a race between + atomic_fetch_sub(..., acq_rel) and atomic_fetch_add(..., relaxed). + Only the result is consistent, but the previous value for both calls + could be same when both calls are executed at the same time. + :gl:`!9460` + +- Use uv_available_parallelism() if available. ``59e85a022da`` + + Instead of cooking up our own code for getting the number of available + CPUs for named to use, make use of uv_available_parallelism() from + libuv >= 1.44.0. :gl:`!9524` + +Bug Fixes +~~~~~~~~~ + +- Fix a statistics channel counter bug when 'forward only' zones are + used. ``b82957376dc`` + + When resolving a zone with a 'forward only' policy, and finding out + that all the forwarders are marked as "bad", the 'ServerQuota' counter + of the statistics channel was incorrectly increased. This has been + fixed. :gl:`#1793` :gl:`!9493` + +- Fix a bug in the static-stub implementation. ``3304e1dc769`` + + Static-stub addresses and addresses from other sources were being + mixed together, resulting in static-stub queries going to addresses + not specified in the configuration, or alternatively, static-stub + addresses being used instead of the correct server addresses. + :gl:`#4850` :gl:`!9314` + +- Don't allow statistics-channel if libxml2 and libjson-c are + unsupported. ``0d4accd07f4`` + + When the libxml2 and libjson-c libraries are not supported, the + statistics channel can't return anything useful, so it is now + disabled. Use of `statistics-channel` in `named.conf` is a fatal + error. :gl:`#4895` :gl:`!9423` + +- Separate DNSSEC validation from the long-running tasks. + ``23b2ce56e5d`` + + As part of the KeyTrap \[CVE-2023-50387\] mitigation, the DNSSEC CPU- + intensive operations were offloaded to a separate threadpool that we + use to run other tasks that could affect the networking latency. + + If that threadpool is running some long-running tasks like RPZ, + catalog zone processing, or zone file operations, it would delay + DNSSEC validations to a point where the resolving signed DNS records + would fail. + + Split the CPU-intensive and long-running tasks into separate + threadpools in a way that the long-running tasks don't block the CPU- + intensive operations. :gl:`#4898` :gl:`!9473` + +- Fix assertion failure when processing access control lists. + ``6bb4070685c`` + + The named process could terminate unexpectedly when processing ACL. + This has been fixed. :gl:`#4908` :gl:`!9458` + +- Fix bug in Offline KSK that is using ZSK with unlimited lifetime. + ``3e11c4a8733`` + + If the ZSK has unlimited lifetime, the timing metadata "Inactive" and + "Delete" cannot be found and is treated as an error, preventing the + zone to be signed. This has been fixed. :gl:`#4914` :gl:`!9447` + +- Fix data race in offloaded dns_message_checksig() ``3808567de1a`` + + When verifying a message in an offloaded thread there is a race with + the worker thread which writes to the same buffer. Clone the message + buffer before offloading. :gl:`#4929` :gl:`!9481` + +- Limit the outgoing UDP send queue size. ``3b26732781c`` + + If the operating system UDP queue gets full and the outgoing UDP + sending starts to be delayed, BIND 9 could exhibit memory spikes as it + tries to enqueue all the outgoing UDP messages. Try a bit harder to + deliver the outgoing UDP messages synchronously and if that fails, + drop the outgoing DNS message that would get queued up and then + timeout on the client side. :gl:`#4930` :gl:`!9506` + +- Do not set SO_INCOMING_CPU. ``f93934dea76`` + + We currently set SO_INCOMING_CPU incorrectly, and testing by Ondrej + shows that fixing the issue by setting affinities is worse than + letting the kernel schedule threads without constraints. So we should + not set SO_INCOMING_CPU anymore. :gl:`#4936` :gl:`!9497` + +- Fix the 'rndc dumpdb' command's error reporting. ``4498c0216f1`` + + The 'rndc dumpdb' command wasn't reporting errors which occurred when + starting up the database dump process by named, like, for example, a + permission denied error for the 'dump-file' file. This has been fixed. + Note, however, that 'rndc dumpdb' performs asynchronous writes, so + errors can also occur during the dumping process, which will not be + reported back to 'rndc', but which will still be logged by named. + :gl:`#4944` :gl:`!9547` + +- Fix long-running incoming transfers. ``f0accc8f617`` + + Incoming transfers that took longer than 30 seconds would stop reading + from the TCP stream and the incoming transfer would be indefinitely + stuck causing BIND 9 to hang during shutdown. + + This has been fixed and the `max-transfer-time-in` and `max-transfer- + idle-in` timeouts are now honoured. :gl:`#4949` :gl:`!9531` + +- Fix assertion failure when receiving DNS responses over TCP. + ``fe305f96c9c`` + + When matching the received Query ID in the TCP connection, an invalid + received Query ID can very rarely cause assertion failure. :gl:`#4952` + :gl:`!9580` + +- Null clausedefs for ancient options. ``474398a5a99`` + + This commit nulls all type fields for the clausedef lists that are + declared ancient, and removes the corresponding cfg_type_t and parsing + functions when they are found to be unused after the change. + + Among others, it removes some leftovers from #1913. :gl:`#4962` + :gl:`!9552` + +- Don't ignore the local port number in dns_dispatch_add() for TCP. + ``41f4c620c2e`` + + The dns_dispatch_add() function registers the 'resp' entry in + 'disp->mgr->qids' hash table with 'resp->port' being 0, but in + tcp_recv_success(), when looking up an entry in the hash table after a + successfully received data the port is used, so if the local port was + set (i.e. it was not 0) it fails to find the entry and results in an + unexpected error. + + Set the 'resp->port' to the given local port value extracted from + 'disp->local'. :gl:`#4969` :gl:`!9576` + +- Add a missing rcu_read_unlock() call on exit path. ``d7d1804f16e`` + + An exit path in the dns_dispatch_add() function fails to get out of + the RCU critical section when returning early. Add the missing + rcu_read_unlock() call. :gl:`!9561` + +- Clean up DNSRPS. ``4187ef28e2c`` + + Addressed several build and test errors when DNSRPS is enabled. + :gl:`!9374` + +- Don't enable REUSEADDR on outgoing UDP sockets. ``27c4d7ef6d9`` + + The outgoing UDP sockets enabled `SO_REUSEADDR` that allows sharing of + the UDP sockets, but with one big caveat - the socket that was opened + the last would get all traffic. The dispatch code would ignore the + invalid responses in the dns_dispatch, but this could lead to + unexpected results. :gl:`!9569` + + diff --git a/doc/notes/notes-9.21.2.rst b/doc/notes/notes-9.21.2.rst new file mode 100644 index 0000000000..4870769310 --- /dev/null +++ b/doc/notes/notes-9.21.2.rst @@ -0,0 +1,181 @@ +.. Copyright (C) Internet Systems Consortium, Inc. ("ISC") +.. +.. SPDX-License-Identifier: MPL-2.0 +.. +.. This Source Code Form is subject to the terms of the Mozilla Public +.. License, v. 2.0. If a copy of the MPL was not distributed with this +.. file, you can obtain one at https://mozilla.org/MPL/2.0/. +.. +.. See the COPYRIGHT file distributed with this work for additional +.. information regarding copyright ownership. + +Notes for BIND 9.21.2 +--------------------- + +New Features +~~~~~~~~~~~~ + +- Log query response status to the query log. + + Log a query response summary using the new ``responses`` category. + Logging can be controlled via the :any:`responselog` option and via + :option:`rndc responselog`. :gl:`#459` + +- Added WALLET type. + + Add the new record type WALLET (262). This provides a mapping from a + domain name to a cryptographic currency wallet. Multiple mappings can + exist if multiple records exist. :gl:`#4947` + +- Support ISO timestamps with timezone information. + + The configuration option :any:`print-time` can now be set to + ``iso8601-tzinfo``, to use the ISO 8601 timestamp with timezone + information when logging. This is used as a default for :option:`named + -g`. :gl:`#4963` + +- Add flag to :iscman:`named-checkconf` to ignore "not configured" + errors. + + :iscman:`named-checkconf` now takes the :option:`named-checkconf -n` + option to ignore "not configured" errors. This allows + :iscman:`named-checkconf` to check the syntax of configurations from + other builds that have support for options not present in the + :iscman:`named-checkconf` build. :gl:`!9446` + +- Implement the ForwardOnlyFail statistics channel counter. + + The new ForwardOnlyFail statistics channel counter indicates the + number of queries that failed due to bad forwarders for "forward only" + zones. Related to :gl:`#1793`. + +Removed Features +~~~~~~~~~~~~~~~~ + +- Remove ``port`` from source address options. + + Remove the use of ``port`` when configuring :any:`query-source`, + :any:`transfer-source`, :any:`notify-source`, :any:`parental-source`, + etc., and their ``-v6`` counterparts. Also, remove the use of source + ports for :any:`parental-agents`. + + Also remove the deprecated options ``use-v4-udp-ports``, + ``use-v6-udp-ports``, ``avoid-v4-udp-ports``, and + ``avoid-v6-udp-ports``. :gl:`#3843` + +- Remove DNSRPS implementation from the open source version of BIND 9. + + DNSRPS was a reputedly improved API for a commercial implementation of + Response Policy Zones; however, it was never open-sourced and has only + ever been available from a single vendor. This goes against the + principle that the open source edition of BIND 9 should contain only + features that are generally available and universal. :gl:`!9358` + +Feature Changes +~~~~~~~~~~~~~~~ + +- Set logging category for ``notify``/``xfer-in``-related messages. + + Some ``notify`` and ``xfer-in``-related log messages were logged at + the "general" category level instead of their own category. This has + been fixed. :gl:`#2730` + +- Allow IXFR-to-AXFR fallback on ``DNS_R_TOOMANYRECORDS``. + + This change allows fallback from an IXFR failure to AXFR when the + reason is ``DNS_R_TOOMANYRECORDS``. :gl:`#4928` + +- Honor the Control Group memory contraints on Linux. + + On Linux, the system administrator can use the Control Group + (``cgroup``) mechanism to limit the amount of memory available to the + process. This limit is now honored when calculating the + percentage-based values. :gl:`!9556` + +Bug Fixes +~~~~~~~~~ + +- Fix a statistics channel counter bug when "forward only" zones are + used. + + When resolving a zone with a "forward only" policy, and finding out + that all the forwarders were marked as "bad", the "ServerQuota" + counter of the statistics channel was incorrectly increased. This has + been fixed. :gl:`#1793` + +- Fix a bug in the static-stub implementation. + + Static-stub addresses and addresses from other sources were being + mixed together, resulting in static-stub queries going to addresses + not specified in the configuration, or alternatively, static-stub + addresses being used instead of the correct server addresses. + :gl:`#4850` + +- Don't allow :any:`statistics-channels` if libxml2 and libjson-c are + not configured. + + When BIND 9 is not configured with the libxml2 and libjson-c + libraries, the use of the :any:`statistics-channels` option is a fatal + error. :gl:`#4895` + +- Separate DNSSEC validation from long-running tasks. + + Split CPU-intensive and long-running tasks into separate threadpools + in a way that the long-running tasks - like RPZ, catalog zone + processing, or zone file operations - don't block CPU-intensive + operations like DNSSEC validations. :gl:`#4898` + +- Fix an assertion failure when processing access control lists. + + The :iscman:`named` process could terminate unexpectedly when + processing ACLs. This has been fixed. :gl:`#4908` + +- Fix a bug in Offline KSK using a ZSK with an unlimited lifetime. + + If the ZSK had an unlimited lifetime, the timing metadata ``Inactive`` + and ``Delete`` could not be found and were treated as an error, + preventing the zone from being signed. This has been fixed. + :gl:`#4914` + +- Limit the outgoing UDP send queue size. + + If the operating system UDP queue got full and the outgoing UDP + sending started to be delayed, BIND 9 could exhibit memory spikes as + it tried to enqueue all the outgoing UDP messages. It now tries to + deliver the outgoing UDP messages synchronously; if that fails, it + drops the outgoing DNS message that would get queued up and then + timeout on the client side. :gl:`#4930` + +- Do not set ``SO_INCOMING_CPU``. + + Remove the ``SO_INCOMING_CPU`` setting as kernel scheduling performs + better without constraints. :gl:`#4936` + +- Fix the :option:`rndc dumpdb` command's error reporting. + + The :option:`rndc dumpdb` command was not reporting errors that + occurred when :iscman:`named` started up the database dump process. + This has been fixed. :gl:`#4944` + +- Fix long-running incoming transfers. + + Incoming transfers that took longer than 30 seconds would stop reading + from the TCP stream and the incoming transfer would be indefinitely + stuck, causing BIND 9 to hang during shutdown. + + This has been fixed, and the :any:`max-transfer-time-in` and + :any:`max-transfer-idle-in` timeouts are now honored. :gl:`#4949` + +- Fix an assertion failure when receiving DNS responses over TCP. + + When matching the received Query ID in the TCP connection, an invalid + Query ID could cause an assertion failure. This has been fixed. + :gl:`#4952` + + +Known Issues +~~~~~~~~~~~~ + +- There are no new known issues with this release. See :ref:`above + ` for a list of all known issues affecting this + BIND 9 branch.