[#3686] release changesKea-2.7.5

17 files changed, 184 insertions, 49 deletions

diff --git a/ChangeLog b/ChangeLog
index 97e4e477f5..304fbcf3ec 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,25 @@
+Kea 2.7.5 (development) released on December 11, 2024
+
+2313.	[doc]		marcin
+	Clarified that the FLQ allocator should not be used with shared
+	lease database.
+	(Gitlab #3577)
+
+2312.	[doc]		fdupont
+	Made clear that when a HTTP control channel is reconfigured
+	with the same address and port the listener socket is reused
+	so any TLS setup change is ignored.
+	(Gitlab #3255)
+
+2311.	[doc]		piotrek
+	Added a more extensive definition of the tuple DHCP option
+	type in the ARM documentation.
+	(Gitlab #3661)
+
+2310.	[bug]		andrei
+	Kea servers no longer increase in memory when being reconfigured.
+	(Gitlab #3652)
+
 2309.	[build]		mgodzina
 	The library version numbers have been bumped up for the Kea 2.7.5
 	development release.
diff --git a/changelog_unreleased/3255-https-reconfig b/changelog_unreleased/3255-https-reconfig
deleted file mode 100644
index 404f08f030..0000000000
--- a/changelog_unreleased/3255-https-reconfig
+++ /dev/null
@@ -1,5 +0,0 @@
-[doc]		fdupont
-	Made clear that when a HTTP control channel is reconfigured
-	with the same address and port the listener socket is reused
-	so any TLS setup change is ignored.
-	(Gitlab #3255)
diff --git a/changelog_unreleased/3577-flq-not-suitable-for-shared-db b/changelog_unreleased/3577-flq-not-suitable-for-shared-db
deleted file mode 100644
index 10364d2cc9..0000000000
--- a/changelog_unreleased/3577-flq-not-suitable-for-shared-db
+++ /dev/null
@@ -1,4 +0,0 @@
-[doc]		marcin
-	Clarified that the FLQ allocator should not be used with shared
-	lease database.
-	(Gitlab #3577)
diff --git a/changelog_unreleased/3652-memory-usage-when-continually-reconfiguring-kea-with-sighup b/changelog_unreleased/3652-memory-usage-when-continually-reconfiguring-kea-with-sighup
deleted file mode 100644
index ab072e3980..0000000000
--- a/changelog_unreleased/3652-memory-usage-when-continually-reconfiguring-kea-with-sighup
+++ /dev/null
@@ -1,3 +0,0 @@
-[bug]		andrei
-	Kea servers no longer increase in memory when being reconfigured.
-	(Gitlab #3652)
diff --git a/changelog_unreleased/3661-arm-update-tuple-definition b/changelog_unreleased/3661-arm-update-tuple-definition
deleted file mode 100644
index 42ca0c4395..0000000000
--- a/changelog_unreleased/3661-arm-update-tuple-definition
+++ /dev/null
@@ -1,4 +0,0 @@
-[doc]		piotrek
-	Added a more extensive definition of the tuple DHCP option
-	type in the ARM documentation.
-	(Gitlab #3661)
diff --git a/doc/sphinx/grammar/grammar-ca-parser.rst b/doc/sphinx/grammar/grammar-ca-parser.rst
index e7d35ce472..2637fb5a17 100644
--- a/doc/sphinx/grammar/grammar-ca-parser.rst
+++ b/doc/sphinx/grammar/grammar-ca-parser.rst
@@ -60,6 +60,7 @@ This grammar is generated from ``agent_parser.yy``. See :ref:`kea-ctrl-agent` fo
 
      global_param ::= http_host
                  | http_port
+                 | http_headers
                  | trust_anchor
                  | cert_file
                  | key_file
@@ -88,6 +89,31 @@ This grammar is generated from ``agent_parser.yy``. See :ref:`kea-ctrl-agent` fo
 
      comment ::= "comment" ":" STRING
 
+     http_headers ::= "http-headers" ":" "[" http_header_list "]"
+
+     http_header_list ::= 
+                     | not_empty_http_header_list
+
+     not_empty_http_header_list ::= http_header
+                               | not_empty_http_header_list "," http_header
+                               | not_empty_http_header_list ","
+
+     http_header ::= "{" http_header_params "}"
+
+     http_header_params ::= http_header_param
+                       | http_header_params "," http_header_param
+                       | http_header_params ","
+
+     http_header_param ::= name
+                      | header_value
+                      | user_context
+                      | comment
+                      | unknown_map_entry
+
+     name ::= "name" ":" STRING
+
+     header_value ::= "value" ":" STRING
+
      hooks_libraries ::= "hooks-libraries" ":" "[" hooks_libraries_list "]"
 
      hooks_libraries_list ::= 
@@ -217,8 +243,6 @@ This grammar is generated from ``agent_parser.yy``. See :ref:`kea-ctrl-agent` fo
                  | comment
                  | unknown_map_entry
 
-     name ::= "name" ":" STRING
-
      debuglevel ::= "debuglevel" ":" INTEGER
 
      severity ::= "severity" ":" STRING
diff --git a/doc/sphinx/grammar/grammar-dhcp4-parser.rst b/doc/sphinx/grammar/grammar-dhcp4-parser.rst
index 256bb72138..d20fc595e9 100644
--- a/doc/sphinx/grammar/grammar-dhcp4-parser.rst
+++ b/doc/sphinx/grammar/grammar-dhcp4-parser.rst
@@ -504,6 +504,7 @@ This grammar is generated from ``dhcp4_parser.yy``. See :ref:`dhcp4` for more de
                   | interface
                   | id
                   | client_class
+                  | network_client_classes
                   | require_client_classes
                   | evaluate_additional_classes
                   | reservations
@@ -555,6 +556,8 @@ This grammar is generated from ``dhcp4_parser.yy``. See :ref:`dhcp4` for more de
 
      client_class ::= "client-class" ":" STRING
 
+     network_client_classes ::= "client-classes" ":" list_strings
+
      require_client_classes ::= "require-client-classes" ":" list_strings
 
      evaluate_additional_classes ::= "evaluate-additional-classes" ":" list_strings
@@ -598,6 +601,7 @@ This grammar is generated from ``dhcp4_parser.yy``. See :ref:`dhcp4` for more de
                          | reservations_in_subnet
                          | reservations_out_of_pool
                          | client_class
+                         | network_client_classes
                          | require_client_classes
                          | evaluate_additional_classes
                          | valid_lifetime
@@ -747,6 +751,7 @@ This grammar is generated from ``dhcp4_parser.yy``. See :ref:`dhcp4` for more de
                | pool_id
                | option_data_list
                | client_class
+               | network_client_classes
                | require_client_classes
                | evaluate_additional_classes
                | user_context
@@ -896,6 +901,7 @@ This grammar is generated from ``dhcp4_parser.yy``. See :ref:`dhcp4` for more de
                          | cert_file
                          | key_file
                          | cert_required
+                         | http_headers
                          | user_context
                          | comment
                          | unknown_map_entry
@@ -914,6 +920,29 @@ This grammar is generated from ``dhcp4_parser.yy``. See :ref:`dhcp4` for more de
 
      cert_required ::= "cert-required" ":" BOOLEAN
 
+     http_headers ::= "http-headers" ":" "[" http_header_list "]"
+
+     http_header_list ::= 
+                     | not_empty_http_header_list
+
+     not_empty_http_header_list ::= http_header
+                               | not_empty_http_header_list "," http_header
+                               | not_empty_http_header_list ","
+
+     http_header ::= "{" http_header_params "}"
+
+     http_header_params ::= http_header_param
+                       | http_header_params "," http_header_param
+                       | http_header_params ","
+
+     http_header_param ::= name
+                      | header_value
+                      | user_context
+                      | comment
+                      | unknown_map_entry
+
+     header_value ::= "value" ":" STRING
+
      authentication ::= "authentication" ":" "{" auth_params "}"
 
      auth_params ::= auth_param
diff --git a/doc/sphinx/grammar/grammar-dhcp6-parser.rst b/doc/sphinx/grammar/grammar-dhcp6-parser.rst
index 63c33e391a..53f6bdc2ee 100644
--- a/doc/sphinx/grammar/grammar-dhcp6-parser.rst
+++ b/doc/sphinx/grammar/grammar-dhcp6-parser.rst
@@ -507,6 +507,7 @@ This grammar is generated from ``dhcp6_parser.yy``. See :ref:`dhcp6` for more de
                   | id
                   | rapid_commit
                   | client_class
+                  | network_client_classes
                   | require_client_classes
                   | evaluate_additional_classes
                   | reservations
@@ -546,6 +547,8 @@ This grammar is generated from ``dhcp6_parser.yy``. See :ref:`dhcp6` for more de
 
      client_class ::= "client-class" ":" STRING
 
+     network_client_classes ::= "client-classes" ":" list_strings
+
      require_client_classes ::= "require-client-classes" ":" list_strings
 
      evaluate_additional_classes ::= "evaluate-additional-classes" ":" list_strings
@@ -587,6 +590,7 @@ This grammar is generated from ``dhcp6_parser.yy``. See :ref:`dhcp6` for more de
                          | reservations_in_subnet
                          | reservations_out_of_pool
                          | client_class
+                         | network_client_classes
                          | require_client_classes
                          | evaluate_additional_classes
                          | preferred_lifetime
@@ -740,6 +744,7 @@ This grammar is generated from ``dhcp6_parser.yy``. See :ref:`dhcp6` for more de
                | pool_id
                | option_data_list
                | client_class
+               | network_client_classes
                | require_client_classes
                | evaluate_additional_classes
                | user_context
@@ -777,6 +782,7 @@ This grammar is generated from ``dhcp6_parser.yy``. See :ref:`dhcp6` for more de
                   | pool_id
                   | option_data_list
                   | client_class
+                  | network_client_classes
                   | require_client_classes
                   | evaluate_additional_classes
                   | excluded_prefix
@@ -947,6 +953,7 @@ This grammar is generated from ``dhcp6_parser.yy``. See :ref:`dhcp6` for more de
                          | cert_file
                          | key_file
                          | cert_required
+                         | http_headers
                          | user_context
                          | comment
                          | unknown_map_entry
@@ -965,6 +972,29 @@ This grammar is generated from ``dhcp6_parser.yy``. See :ref:`dhcp6` for more de
 
      cert_required ::= "cert-required" ":" BOOLEAN
 
+     http_headers ::= "http-headers" ":" "[" http_header_list "]"
+
+     http_header_list ::= 
+                     | not_empty_http_header_list
+
+     not_empty_http_header_list ::= http_header
+                               | not_empty_http_header_list "," http_header
+                               | not_empty_http_header_list ","
+
+     http_header ::= "{" http_header_params "}"
+
+     http_header_params ::= http_header_param
+                       | http_header_params "," http_header_param
+                       | http_header_params ","
+
+     http_header_param ::= name
+                      | header_value
+                      | user_context
+                      | comment
+                      | unknown_map_entry
+
+     header_value ::= "value" ":" STRING
+
      authentication ::= "authentication" ":" "{" auth_params "}"
 
      auth_params ::= auth_param
diff --git a/doc/sphinx/kea-messages.rst b/doc/sphinx/kea-messages.rst
index 12b49cfd61..68cc7aceff 100644
--- a/doc/sphinx/kea-messages.rst
+++ b/doc/sphinx/kea-messages.rst
@@ -2948,6 +2948,17 @@ CTRL_AGENT_FAILED
 This is a fatal error message issued when the Control Agent application
 encounters an unrecoverable error from within the event loop.
 
+CTRL_AGENT_HTTPS_SERVICE_REUSED
+===============================
+
+.. code-block:: text
+
+    reused HTTPS service bound to address %1:%2
+
+This informational message indicates that the server has reused existing
+HTTPS service on the specified address and port. Note that any change in
+the TLS setup was ignored.
+
 CTRL_AGENT_HTTPS_SERVICE_STARTED
 ================================
 
@@ -2959,6 +2970,16 @@ This informational message indicates that the server has started HTTPS service
 on the specified address and port. All control commands should be sent to this
 address and port over a TLS channel.
 
+CTRL_AGENT_HTTP_SERVICE_REUSED
+==============================
+
+.. code-block:: text
+
+    reused HTTP service bound to address %1:%2
+
+This informational message indicates that the server has reused existing
+HTTPS service on the specified address and port.
+
 CTRL_AGENT_HTTP_SERVICE_STARTED
 ===============================
 
@@ -8524,6 +8545,32 @@ DHCPSRV_CFGMGR_USE_UNICAST
 An info message issued when configuring the DHCP server to listen on the unicast
 address on the specific interface.
 
+DHCPSRV_CLASS_WITH_ADDITIONAL_AND_LIFETIMES
+===========================================
+
+.. code-block:: text
+
+    class: %1 has 'only-in-additional-list' true while specifying one or more lease life time values. Life time values will be ignored.
+
+This warning is emitted whenever a class is configured with
+'only-in-addition-list' true as well as specifying one or
+more lease life time parameters (e.g. 'valid-lifetime',
+'preferred-lifetime', or 'offer-lifetime'). Additional list classes
+are evaluated after lease assignment, thus parameters that would otherwise
+impact lease life times will have no affect.
+
+DHCPSRV_CLIENT_CLASS_DEPRECATED
+===============================
+
+.. code-block:: text
+
+    The parameter 'client-class' is deprecated. Use 'client-classes' list parameter instead
+
+This warning message is emitted when configuration parsing detects
+the use of the deprecated 'client-class' parameter. It has
+been replaced by 'client-classes'.  Users should migrate
+to the new list parameter.
+
 DHCPSRV_CLOSE_DB
 ================
 
diff --git a/src/bin/agent/location.hh b/src/bin/agent/location.hh
index 90d309323c..3f820cc25f 100644
--- a/src/bin/agent/location.hh
+++ b/src/bin/agent/location.hh
@@ -1,4 +1,3 @@
-// Generated 202411151018
 // A Bison parser, made by GNU Bison 3.8.2.
 
 // Locations for Bison parsers in C++
diff --git a/src/bin/agent/tests/ca_cfg_mgr_unittests.cc b/src/bin/agent/tests/ca_cfg_mgr_unittests.cc
index 7c9a6364f1..c225ff948a 100644
--- a/src/bin/agent/tests/ca_cfg_mgr_unittests.cc
+++ b/src/bin/agent/tests/ca_cfg_mgr_unittests.cc
@@ -1,4 +1,4 @@
-// Copyright (C) 2016-2022 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2016-2024 Internet Systems Consortium, Inc. ("ISC")
 //
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this
diff --git a/src/bin/dhcp4/dhcp4_lexer.cc b/src/bin/dhcp4/dhcp4_lexer.cc
index 97ae42c8f5..d002fc5b40 100644
--- a/src/bin/dhcp4/dhcp4_lexer.cc
+++ b/src/bin/dhcp4/dhcp4_lexer.cc
@@ -1,6 +1,6 @@
-#line 2 "dhcp4_lexer.cc"
+#line 1 "dhcp4_lexer.cc"
 
-#line 4 "dhcp4_lexer.cc"
+#line 3 "dhcp4_lexer.cc"
 
 #define  YY_INT_ALIGNED short int
 
@@ -2272,7 +2272,7 @@ using namespace isc::dhcp;
 
 /* To avoid the call to exit... oops! */
 #define YY_FATAL_ERROR(msg) isc::dhcp::Parser4Context::fatal(msg)
-#line 2276 "dhcp4_lexer.cc"
+#line 2275 "dhcp4_lexer.cc"
 /* noyywrap disables automatic rewinding for the next file to parse. Since we
    always parse only a single string, there's no need to do any wraps. And
    using yywrap requires linking with -lfl, which provides the default yywrap
@@ -2298,8 +2298,8 @@ using namespace isc::dhcp;
    by moving it ahead by yyleng bytes. yyleng specifies the length of the
    currently matched token. */
 #define YY_USER_ACTION  driver.loc_.columns(yyleng);
+#line 2301 "dhcp4_lexer.cc"
 #line 2302 "dhcp4_lexer.cc"
-#line 2303 "dhcp4_lexer.cc"
 
 #define INITIAL 0
 #define COMMENT 1
@@ -2627,7 +2627,7 @@ YY_DECL
     }
 
 
-#line 2631 "dhcp4_lexer.cc"
+#line 2630 "dhcp4_lexer.cc"
 
 	while ( /*CONSTCOND*/1 )		/* loops until end-of-file is reached */
 		{
@@ -5825,7 +5825,7 @@ YY_RULE_SETUP
 #line 2528 "dhcp4_lexer.ll"
 ECHO;
 	YY_BREAK
-#line 5829 "dhcp4_lexer.cc"
+#line 5828 "dhcp4_lexer.cc"
 
 	case YY_END_OF_BUFFER:
 		{
diff --git a/src/bin/dhcp6/dhcp6_lexer.cc b/src/bin/dhcp6/dhcp6_lexer.cc
index 551e7b7956..094e24bfee 100644
--- a/src/bin/dhcp6/dhcp6_lexer.cc
+++ b/src/bin/dhcp6/dhcp6_lexer.cc
@@ -1,6 +1,6 @@
-#line 2 "dhcp6_lexer.cc"
+#line 1 "dhcp6_lexer.cc"
 
-#line 4 "dhcp6_lexer.cc"
+#line 3 "dhcp6_lexer.cc"
 
 #define  YY_INT_ALIGNED short int
 
@@ -2246,7 +2246,7 @@ using namespace isc::dhcp;
 
 /* To avoid the call to exit... oops! */
 #define YY_FATAL_ERROR(msg) isc::dhcp::Parser6Context::fatal(msg)
-#line 2250 "dhcp6_lexer.cc"
+#line 2249 "dhcp6_lexer.cc"
 /* noyywrap disables automatic rewinding for the next file to parse. Since we
    always parse only a single string, there's no need to do any wraps. And
    using yywrap requires linking with -lfl, which provides the default yywrap
@@ -2272,8 +2272,8 @@ using namespace isc::dhcp;
    by moving it ahead by yyleng bytes. yyleng specifies the length of the
    currently matched token. */
 #define YY_USER_ACTION  driver.loc_.columns(yyleng);
+#line 2275 "dhcp6_lexer.cc"
 #line 2276 "dhcp6_lexer.cc"
-#line 2277 "dhcp6_lexer.cc"
 
 #define INITIAL 0
 #define COMMENT 1
@@ -2603,7 +2603,7 @@ YY_DECL
     }
 
 
-#line 2607 "dhcp6_lexer.cc"
+#line 2606 "dhcp6_lexer.cc"
 
 	while ( /*CONSTCOND*/1 )		/* loops until end-of-file is reached */
 		{
@@ -5841,7 +5841,7 @@ YY_RULE_SETUP
 #line 2561 "dhcp6_lexer.ll"
 ECHO;
 	YY_BREAK
-#line 5845 "dhcp6_lexer.cc"
+#line 5844 "dhcp6_lexer.cc"
 
 	case YY_END_OF_BUFFER:
 		{
diff --git a/src/bin/dhcp6/tests/host_unittest.cc b/src/bin/dhcp6/tests/host_unittest.cc
index 5c7d79fc9e..9e356ea831 100644
--- a/src/bin/dhcp6/tests/host_unittest.cc
+++ b/src/bin/dhcp6/tests/host_unittest.cc
@@ -1,4 +1,4 @@
-// Copyright (C) 2015-2023 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2015-2024 Internet Systems Consortium, Inc. ("ISC")
 //
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this
diff --git a/src/lib/dhcpsrv/dhcpsrv_messages.mes b/src/lib/dhcpsrv/dhcpsrv_messages.mes
index 88c05fc78f..fe79223afd 100644
--- a/src/lib/dhcpsrv/dhcpsrv_messages.mes
+++ b/src/lib/dhcpsrv/dhcpsrv_messages.mes
@@ -245,6 +245,20 @@ for a subnet.
 An info message issued when configuring the DHCP server to listen on the unicast
 address on the specific interface.
 
+% DHCPSRV_CLASS_WITH_ADDITIONAL_AND_LIFETIMES class: %1 has 'only-in-additional-list' true while specifying one or more lease life time values. Life time values will be ignored.
+This warning is emitted whenever a class is configured with
+'only-in-addition-list' true as well as specifying one or
+more lease life time parameters (e.g. 'valid-lifetime',
+'preferred-lifetime', or 'offer-lifetime'). Additional list classes
+are evaluated after lease assignment, thus parameters that would otherwise
+impact lease life times will have no affect.
+
+% DHCPSRV_CLIENT_CLASS_DEPRECATED The parameter 'client-class' is deprecated. Use 'client-classes' list parameter instead
+This warning message is emitted when configuration parsing detects
+the use of the deprecated 'client-class' parameter. It has
+been replaced by 'client-classes'.  Users should migrate
+to the new list parameter.
+
 % DHCPSRV_CLOSE_DB closing currently open %1 database
 Logged at debug log level 40.
 This is a debug message, issued when the DHCP server closes the currently
@@ -957,17 +971,3 @@ included in the message.
 % DHCPSRV_UNKNOWN_DB unknown database type: %1
 The database access string specified a database type (given in the
 message) that is unknown to the software. This is a configuration error.
-
-% DHCPSRV_CLASS_WITH_ADDITIONAL_AND_LIFETIMES class: %1 has 'only-in-additional-list' true while specifying one or more lease life time values. Life time values will be ignored.
-This warning is emitted whenever a class is configured with
-'only-in-addition-list' true as well as specifying one or
-more lease life time parameters (e.g. 'valid-lifetime',
-'preferred-lifetime', or 'offer-lifetime'). Additional list classes
-are evaluated after lease assignment, thus parameters that would otherwise
-impact lease life times will have no affect.
-
-% DHCPSRV_CLIENT_CLASS_DEPRECATED The parameter 'client-class' is deprecated. Use 'client-classes' list parameter instead
-This warning message is emitted when configuration parsing detects
-the use of the deprecated 'client-class' parameter. It has
-been replaced by 'client-classes'.  Users should migrate
-to the new list parameter.
diff --git a/src/lib/http/request_context.h b/src/lib/http/request_context.h
index 22aae21c6c..da6425981a 100644
--- a/src/lib/http/request_context.h
+++ b/src/lib/http/request_context.h
@@ -1,4 +1,4 @@
-// Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2016-2024 Internet Systems Consortium, Inc. ("ISC")
 //
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this
diff --git a/src/lib/http/response_context.h b/src/lib/http/response_context.h
index e241f0e7fd..226ec0573d 100644
--- a/src/lib/http/response_context.h
+++ b/src/lib/http/response_context.h
@@ -1,4 +1,4 @@
-// Copyright (C) 2017 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2017-2024 Internet Systems Consortium, Inc. ("ISC")
 //
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this