pool/bind
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 611520 from network

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/611520
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bind?expand=0&rev=135
This commit is contained in:
Dominique Leuenberger 2018-05-23 14:08:09 +00:00 committed by Git OBS Bridge
commit 28ed4dee3a
4 changed files with 70 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
bind.changes
View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Mon May 21 11:57:47 UTC 2018 - scabrero@suse.de
- Add bug-4697-Restore-workaround-for-Microsoft-Windows-T.patch
Fixes dynamic DNS updates against samba and Microsoft DNS servers
(bsc#1094236).
-------------------------------------------------------------------
Thu May 17 14:28:29 UTC 2018 - navin.kukreja@suse.com
- Move chroot related files from bind to bind-chrootenv
(bsc#1093338)
-------------------------------------------------------------------
Wed May 16 10:22:25 UTC 2018 - navin.kukreja@suse.com
- Remove rndc.key generation from bind.spec file because bind
should create it on first boot (bsc#1092283)
- Add misisng rndc.key check and generation code is lwresd.init
script
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Feb 26 19:26:17 UTC 2018 - sweet_f_a@gmx.de Mon Feb 26 19:26:17 UTC 2018 - sweet_f_a@gmx.de

28
bind.spec
View File

@ -78,6 +78,7 @@ Patch51: pie_compile.diff
Patch52: named-bootconf.diff Patch52: named-bootconf.diff
Patch53: bind-sdb-ldap.patch Patch53: bind-sdb-ldap.patch
Patch54: bind-CVE-2017-3145.patch Patch54: bind-CVE-2017-3145.patch
Patch55: bug-4697-Restore-workaround-for-Microsoft-Windows-T.patch
BuildRequires: libcap-devel BuildRequires: libcap-devel
BuildRequires: libmysqlclient-devel BuildRequires: libmysqlclient-devel
BuildRequires: libopenssl-devel BuildRequires: libopenssl-devel
@ -308,6 +309,7 @@ This package provides a module which allows commands to be sent to rndc directly
%patch52 %patch52
%patch53 %patch53
%patch54 -p1 %patch54 -p1
%patch55 -p1
# use the year from source gzip header instead of current one to make reproducible rpms # use the year from source gzip header instead of current one to make reproducible rpms
year=$(perl -e 'sysread(STDIN, $h, 8); print (1900+(gmtime(unpack("l",substr($h,4))))[5])' < %{SOURCE0}) year=$(perl -e 'sysread(STDIN, $h, 8); print (1900+(gmtime(unpack("l",substr($h,4))))[5])' < %{SOURCE0})
@ -394,7 +396,7 @@ rm -f %{buildroot}/%{_libdir}/lib*.{la,a}
mv vendor-files/config/named.conf %{buildroot}/%{_sysconfdir} mv vendor-files/config/named.conf %{buildroot}/%{_sysconfdir}
mv vendor-files/config/bind.reg %{buildroot}/%{_sysconfdir}/slp.reg.d mv vendor-files/config/bind.reg %{buildroot}/%{_sysconfdir}/slp.reg.d
mv vendor-files/config/rndc-access.conf %{buildroot}/%{_sysconfdir}/named.d mv vendor-files/config/rndc-access.conf %{buildroot}/%{_sysconfdir}/named.d
for file in lwresd.conf named.conf.include rndc.key; do for file in lwresd.conf named.conf.include; do
touch %{buildroot}/%{_sysconfdir}/${file} touch %{buildroot}/%{_sysconfdir}/${file}
done done
@ -486,11 +488,6 @@ echo "NAMED_RUN_CHROOTED=\"${NAMED_RUN_CHROOTED}\"" >${TEMP_SYSCONFIG_FILE}
%{fillup_and_insserv -nf named} %{fillup_and_insserv -nf named}
%endif %endif
%{fillup_only -nsa named named} %{fillup_only -nsa named named}
if [ ! -f etc/rndc.key ]; then
usr/sbin/rndc-confgen -a -b 512 -r dev/urandom
chmod 0640 etc/rndc.key
chown root:named etc/rndc.key
fi
TEMP_SYSCONFIG_FILE="var/adm/named-chroot" TEMP_SYSCONFIG_FILE="var/adm/named-chroot"
# Are we in update mode? # Are we in update mode?
if [ ${FIRST_ARG:-0} -gt 1 ]; then if [ ${FIRST_ARG:-0} -gt 1 ]; then
@ -645,12 +642,6 @@ fi
%endif %endif
%post lwresd %post lwresd
# Create a key if usr/sbin/rndc-confgen is installed.
if [ -x usr/sbin/rndc-confgen -a ! -f etc/rndc.key ]; then
usr/sbin/rndc-confgen -a -b 512 -r dev/urandom
chmod 0640 etc/rndc.key
chown root:named etc/rndc.key
fi
# delete an emtpy lwresd.conf file # delete an emtpy lwresd.conf file
if [ ! -s etc/lwresd.conf ]; then if [ ! -s etc/lwresd.conf ]; then
rm -f etc/lwresd.conf rm -f etc/lwresd.conf
@ -680,19 +671,12 @@ fi
%endif %endif
%post utils %post utils
# Create a key if lwresd is installed.
if [ -x %{_sbindir}/lwresd -a ! -f %{_sysconfdir}/rndc.key ]; then
%{_sbindir}/rndc-confgen -a -b 512 -r dev/urandom
chmod 0640 %{_sysconfdir}/rndc.key
chown root:named %{_sysconfdir}/rndc.key
fi
%files %files
%attr(0644,root,named) %config(noreplace) /%{_sysconfdir}/named.conf %attr(0644,root,named) %config(noreplace) /%{_sysconfdir}/named.conf
%dir %{_sysconfdir}/slp.reg.d %dir %{_sysconfdir}/slp.reg.d
%attr(0644,root,root) /%{_sysconfdir}/slp.reg.d/bind.reg %attr(0644,root,root) /%{_sysconfdir}/slp.reg.d/bind.reg
%attr(0644,root,named) %ghost /%{_sysconfdir}/named.conf.include %attr(0644,root,named) %ghost /%{_sysconfdir}/named.conf.include
%attr(0640,root,named) %ghost %config(noreplace) /%{_sysconfdir}/rndc.key
%if %{with_systemd} %if %{with_systemd}
%config %{_unitdir}/named.service %config %{_unitdir}/named.service
%{_sbindir}/named.init %{_sbindir}/named.init
@ -726,9 +710,6 @@ fi
%config %{_var}/lib/named/127.0.0.zone %config %{_var}/lib/named/127.0.0.zone
%config %{_var}/lib/named/localhost.zone %config %{_var}/lib/named/localhost.zone
%config %{_var}/lib/named/named.root.key %config %{_var}/lib/named/named.root.key
%ghost %{_var}/lib/named%{_sysconfdir}/localtime
%attr(0644,root,named) %ghost %{_var}/lib/named%{_sysconfdir}/named.conf.include
%attr(-,named,named) %dir %{_var}/lib/named%{_localstatedir}/run/named
%dir %{_libexecdir}/bind %dir %{_libexecdir}/bind
%files -n %{libbind9} %files -n %{libbind9}
@ -773,6 +754,9 @@ fi
%{_var}/lib/named%{_localstatedir}/log %{_var}/lib/named%{_localstatedir}/log
%{_fillupdir}/sysconfig.named-common %{_fillupdir}/sysconfig.named-common
%{_fillupdir}/sysconfig.syslog-named %{_fillupdir}/sysconfig.syslog-named
%ghost %{_var}/lib/named%{_sysconfdir}/localtime
%attr(0644,root,named) %ghost %{_var}/lib/named%{_sysconfdir}/named.conf.include
%attr(-,named,named) %dir %{_var}/lib/named%{_localstatedir}/run/named
%files devel %files devel
%dir %{_includedir}/isc %dir %{_includedir}/isc

41
bug-4697-Restore-workaround-for-Microsoft-Windows-T.patch Normal file
View File

@ -0,0 +1,41 @@
From 4985b5001d4f2f64bbee7e9d6ee32058caf67252 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Fri, 1 Sep 2017 11:17:59 +1000
Subject: [PATCH] 4697. [bug] Restore workaround for Microsoft
Windows TSIG hash computation bug. [RT #45854]
(cherry picked from commit a8a20462b516b0cc39e9b1fb1a8dd514eb1aed29)
(cherry picked from commit b301c4293c082fcce4ec26218e6fad346976eb9e)
---
CHANGES | 3 +++
lib/dns/rdataset.c | 3 +++
2 files changed, 6 insertions(+)
diff --git a/CHANGES b/CHANGES
index 5aa505345c..13b60473b5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4697. [bug] Restore workaround for Microsoft Windows TSIG hash
+ computation bug. [RT #45854]
+
--- 9.11.2-P1 released ---
4858. [security] Addresses could be referenced after being freed
diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c
index a8e75d6caf..7eb394c8c4 100644
--- a/lib/dns/rdataset.c
+++ b/lib/dns/rdataset.c
@@ -467,6 +467,9 @@ towiresorted(dns_rdataset_t *rdataset, const dns_name_t *owner_name,
dns_name_copy(owner_name, name, NULL);
dns_rdataset_getownercase(rdataset, name);
+ if ((owner_name->attributes & DNS_NAMEATTR_NOCOMPRESS) != 0)
+ name->attributes |= DNS_NAMEATTR_NOCOMPRESS;
+
do {
/*
* Copy out the name, type, class, ttl.
--
2.16.3

4
vendor-files.tar.bz2
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1 version https://git-lfs.github.com/spec/v1
oid sha256:fe5609bed079427793fef2bdc22a16d397b2dd358fd986e7e5315f567de2dc1e oid sha256:c2fb9236d4a9a16da076a8843be35378e7749f210548ea4e5d33e7f872e01775
size 23552 size 23419