From 0eafc57b29ad30438c04f8feeb32246f41dd6138 Mon Sep 17 00:00:00 2001
From: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Date: Tue, 17 Oct 2023 10:32:40 +0200
Subject: [PATCH] rec: prep rec-5.0.0-alpha2

---
 docs/secpoll.zone                             |   5 +-
 .../docs/appendices/yamlconversion.rst        |   3 +-
 pdns/recursordist/docs/changelog/5.0.rst      | 101 ++++++++++++++++++
 pdns/recursordist/docs/upgrade.rst            |  23 ++--
 4 files changed, 123 insertions(+), 9 deletions(-)

diff --git a/docs/secpoll.zone b/docs/secpoll.zone
index a734668c98e6..b8983a8cc42f 100644
--- a/docs/secpoll.zone
+++ b/docs/secpoll.zone
@@ -1,4 +1,4 @@
-@       86400   IN  SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2023101103 10800 3600 604800 10800
+@       86400   IN  SOA pdns-public-ns1.powerdns.com. peter\.van\.dijk.powerdns.com. 2023101701 10800 3600 604800 10800
 @       3600    IN  NS  pdns-public-ns1.powerdns.com.
 @       3600    IN  NS  pdns-public-ns2.powerdns.com.
 
@@ -359,7 +359,8 @@ recursor-4.9.0-beta1.security-status                    60 IN TXT "2 Unsupported
 recursor-4.9.0-rc1.security-status                      60 IN TXT "2 Unsupported pre-release"
 recursor-4.9.0.security-status                          60 IN TXT "1 OK"
 recursor-4.9.1.security-status                          60 IN TXT "1 OK"
-recursor-5.0.0-alpha1.security-status                   60 IN TXT "1 Unsupported pre-release"
+recursor-5.0.0-alpha1.security-status                   60 IN TXT "2 Unsupported pre-release"
+recursor-5.0.0-alpha2.security-status                   60 IN TXT "1 Unsupported pre-release"
 
 ; Recursor Debian
 recursor-3.6.2-2.debian.security-status                 60 IN TXT "3 Upgrade now, see https://doc.powerdns.com/3/security/powerdns-advisory-2015-01/ and https://doc.powerdns.com/3/security/powerdns-advisory-2016-02/"
diff --git a/pdns/recursordist/docs/appendices/yamlconversion.rst b/pdns/recursordist/docs/appendices/yamlconversion.rst
index ed2f83dbdb8e..3823ae11672f 100644
--- a/pdns/recursordist/docs/appendices/yamlconversion.rst
+++ b/pdns/recursordist/docs/appendices/yamlconversion.rst
@@ -59,7 +59,8 @@ API Managed Files
 The format of API managed files was also changed to use YAML format.
 Specifically, the list of API managed zones is now a single file containing a sequence of ``auth_zones`` and a sequence of ``forward_zones`` instead of a settings file per zone.
 The list of ACLs is a YAML sequence of subnets or IP addresses.
-When using YAML settings :ref:`setting-yaml-recursor.include-dir` and :ref:`setting-yaml-webservice.api-config-dir` must have a different value.
+
+When using YAML settings :ref:`setting-yaml-recursor.include_dir` and :ref:`setting-yaml-webservice.api_dir` must have a different value.
 When YAML settings are active the :program:`Recursor` will read old-style API managed files from the include directory on startup, convert them to the new format and write them into the API config directory.
 After conversion, it will inactivate the old-style API managed config files in the include directory by renaming them.
 
diff --git a/pdns/recursordist/docs/changelog/5.0.rst b/pdns/recursordist/docs/changelog/5.0.rst
index 3532e8b63161..c079e08a50e6 100644
--- a/pdns/recursordist/docs/changelog/5.0.rst
+++ b/pdns/recursordist/docs/changelog/5.0.rst
@@ -1,5 +1,106 @@
 Changelogs for 5.0.X
 ====================
+.. changelog::
+  :version: 5.0.0-alpha2
+  :released: 17th of October 2023
+
+  .. change::
+    :tags:  Improvements
+    :pullreq: 13362
+    :tickets: 13233, 12679
+
+    Convert API managed config from old style to YAML if YAML settings are active.
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 13364
+
+    If we miss glue--but not for all NS records--try to resolve the missing address records.
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 13353
+    :tickets: 12395
+
+    If serving stale, wipe CNAME records from cache when we get a NODATA negative response for them.
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 13363
+
+    Fix Coverity 1522436 potential dereference of null return value.
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 13296
+
+    Make QName Minimization parameters from :rfc:`9156` settable.
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 13312
+
+    Conform to :rfc:`2181` 10.3: don't allow NS records to point to aliases.
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 13303,13311
+
+    Fix log messages text and levels.
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 13295
+    :tickets: 8646
+
+    Do not use Qname Minimization for infra-queries.
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 13289
+
+    Implement probabilistic un-throttle.
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 13290
+
+    Put files generated by settings/generate.py into tarball so package builds do not have to run it.
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 13278
+    :tickets: 13266
+
+    Fix packetcache submit refresh task logic.
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 13276
+    :tickets: 13259
+
+    Fix sysconfdir handling in new settings code.
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 13277
+    :tickets: 13264
+
+    Allow loglevel to be set to levels < 3.
+
+  .. change::
+    :tags: Improvements
+    :pullreq: 13195
+    :tickets: 8394
+
+    Move tcp-in processing to dedicated thread(s).
+
+  .. change::
+    :tags: Bug Fixes
+    :pullreq: 13250
+
+    Fix Coverity 1519054: Using invalid iterator.
+
 .. changelog::
   :version: 5.0.0-alpha1
   :released: 13th of September 2023
diff --git a/pdns/recursordist/docs/upgrade.rst b/pdns/recursordist/docs/upgrade.rst
index a786699a99cb..9da78abea32e 100644
--- a/pdns/recursordist/docs/upgrade.rst
+++ b/pdns/recursordist/docs/upgrade.rst
@@ -7,23 +7,34 @@ When upgrading several versions, please read **all** notes applying to the upgra
 4.9.0 to 5.0.0 and master
 --------------------------
 
-YAML setings
-------------
+YAML settings
+^^^^^^^^^^^^^
 Starting with version 5.0.0-alpha1 the settings file(s) can be specified using YAML syntax.
 The old-style settings files are still accepted but will be unsupported in a future release.
 When a ``recursor.yml`` settings file is encountered it will be processed instead of a ``recursor.conf`` file.
 Refer to :doc:`yamlsettings` for details and the :doc:`appendices/yamlconversion` guide for how to convert old-style settings to the new YAML format.
 
 Rust
-----
+^^^^
 Some parts of the Recursor code are now written in Rust.
 This has impact if you do local builds or are third-package maintainer.
 According to `cargo msrv` the minimum version to compile the Rust code and its dependencies is 1.64.
 Some distributions ship with an older Rust compiler, see `Rustup <https://rustup.rs/>`__ for a way to install a more recent one.
 For our package builds, we install a Rust compiler from the ``Standalone`` section of `Other Rust Installation Methods <https://forge.rust-lang.org/infra/other-installation-methods.html>`__.
 
+New settings
+^^^^^^^^^^^^
+- The :ref:`setting-bypass-server-throttling-probability` setting has been introduced to try throttled servers once in a while.
+- The :ref:`setting-tcp-threads` setting has been introduced to set the number of threads dedicated to processing incoming queries over TCP.
+  Previously either the distributor thread(s) or the general worker threads would process TCP queries.
+- The :ref:`setting-qname-max-minimize-count` and :ref:`setting-qname-minimize-one-label` have been introduced to allow tuning of the parameters specified in :rfc:`9156`.
+
+Changed settings
+^^^^^^^^^^^^^^^^
+- The :ref:`setting-loglevel` can now be set to a level below 3 (error).
+
 4.8.0 to 4.9.0
--------------- 
+--------------
 
 Metrics
 ^^^^^^^
@@ -34,7 +45,7 @@ This affects the results shown by ``rec_control get-qtypelist`` and the ``respon
 Additionally, most ``RCodes`` and ``QTypes`` that are marked ``Unassigned``, ``Reserved`` or ``Obsolete`` by IANA are not accounted, to reduce the memory consumed by these metrics.
 
 New settings
-~~~~~~~~~~~~
+^^^^^^^^^^^^
 - The :ref:`setting-packetcache-negative-ttl` settings to control the TTL of negative (NxDomain or NoData) answers in the packet cache has been introduced.
 - The :ref:`setting-stack-cache-size` setting to  control the number of allocated mthread stacks has been introduced.
 - The :ref:`setting-packetcache-shards` settings to control the number of shards in the packet cache has been introduced.
@@ -46,7 +57,7 @@ New settings
 - The setting ``includeSOA`` was added to the :func:`rpzPrimary` and :func:`rpzFile` Lua functions to include the SOA of the RPZ the responses modified by the RPZ.
 
 Changed settings
-~~~~~~~~~~~~~~~~
+^^^^^^^^^^^^^^^^
 The first two settings below have effect on the way the recursor distributes queries over threads.
 In some cases, this can lead to imbalance of the number of queries process per thread.
 See :doc:`performance`, in particular the :ref:`worker_imbalance` section.