upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-26 16:47:31 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

deprecate resolver-retry-interval and resolver-nonbackoff-tries

Browse source 
these options control default timing of retries in the resolver
for experimental purposes; they are not known to useful in production
environments.  they will be removed in the future; for now, we
only log a warning if they are used.

(cherry picked from commit 4aaa4f7dca)
This commit is contained in:
Evan Hunt 2023-10-31 15:09:05 +01:00
parent 4ee01a8b5a
commit 374b4d6258
7 changed files with 28 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
CHANGES
View file

@ -1,3 +1,7 @@
6296. [func] The "resolver-nonbackoff-tries" and
"resolver-retry-interval" options are deprecated;
a warning will be logged if they are used. [GL #4405]
6294. [bug] BIND might sometimes crash after startup or
re-configuration when one 'tls' entry is used multiple
times to connect to remote servers due to initialisation

3
bin/tests/system/checkconf/deprecated.conf
View file

@ -31,6 +31,9 @@ options {
tkey-dhkey "server" 12345;
root-delegation-only exclude { "them"; };
resolver-nonbackoff-tries 3;
resolver-retry-interval 800;
};
trusted-keys {

2
bin/tests/system/checkconf/tests.sh
View file

@ -192,6 +192,8 @@ grep "option 'root-delegation-only' is deprecated" <checkconf.out$n.1 >/dev/null
grep "'type delegation-only' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
grep "option 'dialup' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
grep "option 'heartbeat-interval' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
grep "option 'resolver-nonbackoff-tries' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
grep "option 'resolver-retry-interval' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
grep "option 'dnssec-must-be-secure' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
grep "token 'port' is deprecated" <checkconf.out$n.1 >/dev/null || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi

12
doc/arm/reference.rst
View file

@ -4370,18 +4370,22 @@ Tuning
has no effect, the value of :any:`max-cache-ttl` will be ``0`` in such case.
.. namedconf:statement:: resolver-nonbackoff-tries
:tags: server
:tags: deprecated.
:short: Specifies the number of retries before exponential backoff.
This specifies how many retries occur before exponential backoff kicks in. The
default is ``3``.
This specifies how many retries occur before exponential backoff kicks in.
The default is ``3``.
This option is deprecated and will be removed in a future release.
.. namedconf:statement:: resolver-retry-interval
:tags: server, query
:tags: deprecated
:short: Sets the base retry interval (in milliseconds).
This sets the base retry interval in milliseconds. The default is ``800``.
This option is deprecated and will be removed in a future release.
.. namedconf:statement:: sig-validity-interval
:tags: dnssec
:short: Specifies the maximum number of days that RRSIGs generated by :iscman:`named` are valid.

8
doc/misc/options
View file

@ -252,9 +252,9 @@ options {
request-nsid <boolean>;
require-server-cookie <boolean>;
reserved-sockets <integer>; // deprecated
resolver-nonbackoff-tries <integer>;
resolver-nonbackoff-tries <integer>; // deprecated
resolver-query-timeout <integer>;
resolver-retry-interval <integer>;
resolver-retry-interval <integer>; // deprecated
response-padding { <address_match_element>; ... } block-size <integer>;
response-policy { zone <string> [ add-soa <boolean> ] [ log <boolean> ] [ max-policy-ttl <duration> ] [ min-update-interval <duration> ] [ policy ( cname | disabled | drop | given | no-op | nodata | nxdomain | passthru | tcp-only <quoted_string> ) ] [ recursive-only <boolean> ] [ nsip-enable <boolean> ] [ nsdname-enable <boolean> ]; ... } [ add-soa <boolean> ] [ break-dnssec <boolean> ] [ max-policy-ttl <duration> ] [ min-update-interval <duration> ] [ min-ns-dots <integer> ] [ nsip-wait-recurse <boolean> ] [ nsdname-wait-recurse <boolean> ] [ qname-wait-recurse <boolean> ] [ recursive-only <boolean> ] [ nsip-enable <boolean> ] [ nsdname-enable <boolean> ] [ dnsrps-enable <boolean> ] [ dnsrps-options { <unspecified-text> } ];
reuseport <boolean>;
@ -532,9 +532,9 @@ view <string> [ <class> ] {
request-ixfr <boolean>;
request-nsid <boolean>;
require-server-cookie <boolean>;
resolver-nonbackoff-tries <integer>;
resolver-nonbackoff-tries <integer>; // deprecated
resolver-query-timeout <integer>;
resolver-retry-interval <integer>;
resolver-retry-interval <integer>; // deprecated
response-padding { <address_match_element>; ... } block-size <integer>;
response-policy { zone <string> [ add-soa <boolean> ] [ log <boolean> ] [ max-policy-ttl <duration> ] [ min-update-interval <duration> ] [ policy ( cname | disabled | drop | given | no-op | nodata | nxdomain | passthru | tcp-only <quoted_string> ) ] [ recursive-only <boolean> ] [ nsip-enable <boolean> ] [ nsdname-enable <boolean> ]; ... } [ add-soa <boolean> ] [ break-dnssec <boolean> ] [ max-policy-ttl <duration> ] [ min-update-interval <duration> ] [ min-ns-dots <integer> ] [ nsip-wait-recurse <boolean> ] [ nsdname-wait-recurse <boolean> ] [ qname-wait-recurse <boolean> ] [ recursive-only <boolean> ] [ nsip-enable <boolean> ] [ nsdname-enable <boolean> ] [ dnsrps-enable <boolean> ] [ dnsrps-options { <unspecified-text> } ];
root-delegation-only [ exclude { <string>; ... } ]; // deprecated

3
doc/notes/notes-current.rst
View file

@ -28,6 +28,9 @@ Removed Features
- The support for AES algorithm for DNS cookies has been deprecated.
:gl:`#4421`
- The ``resolver-nonbackoff-tries`` and ``resolver-retry-interval`` options
are now deprecated. A warning will be logged if they are used. :gl:`#4405`
Feature Changes
~~~~~~~~~~~~~~~

6
lib/isccfg/namedconf.c
View file

@ -2137,9 +2137,11 @@ static cfg_clausedef_t view_clauses[] = {
{ "request-nsid", &cfg_type_boolean, 0 },
{ "request-sit", NULL, CFG_CLAUSEFLAG_ANCIENT },
{ "require-server-cookie", &cfg_type_boolean, 0 },
{ "resolver-nonbackoff-tries", &cfg_type_uint32, 0 },
{ "resolver-nonbackoff-tries", &cfg_type_uint32,
CFG_CLAUSEFLAG_DEPRECATED },
{ "resolver-query-timeout", &cfg_type_uint32, 0 },
{ "resolver-retry-interval", &cfg_type_uint32, 0 },
{ "resolver-retry-interval", &cfg_type_uint32,
CFG_CLAUSEFLAG_DEPRECATED },
{ "response-padding", &cfg_type_resppadding, 0 },
{ "response-policy", &cfg_type_rpz, 0 },
{ "rfc2308-type1", NULL, CFG_CLAUSEFLAG_ANCIENT },