From 32c95c8c20302fdbbba5a3380fb8ecea203b4c51 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Tue, 5 Nov 2019 18:02:14 +0200 Subject: [PATCH] Package v11.2 --- .gitignore | 2 + ...ty-fix-REVERSE_INULL-for-pevent-inst.patch | 116 ------------- 0002-Add-empty-callback-for-getsize.patch | 30 ---- 0003-Support-for-BIND-9.11.3.patch | 137 ---------------- 0004-Support-for-BIND-9.11.5.patch | 123 -------------- 0005-Use-correct-dn-value.patch | 35 ---- ...ndb-ldap-template-attribute-defaults.patch | 154 ------------------ bind-dyndb-ldap.spec | 21 +-- sources | 4 +- 9 files changed, 10 insertions(+), 612 deletions(-) delete mode 100644 0001-Coverity-fix-REVERSE_INULL-for-pevent-inst.patch delete mode 100644 0002-Add-empty-callback-for-getsize.patch delete mode 100644 0003-Support-for-BIND-9.11.3.patch delete mode 100644 0004-Support-for-BIND-9.11.5.patch delete mode 100644 0005-Use-correct-dn-value.patch delete mode 100644 bind-dyndb-ldap-template-attribute-defaults.patch diff --git a/.gitignore b/.gitignore index d7de05a..6fe79c9 100644 --- a/.gitignore +++ b/.gitignore @@ -43,3 +43,5 @@ bind-dyndb-ldap-0.1.0b.tar.bz2 /bind-dyndb-ldap-11.0.tar.bz2.asc /bind-dyndb-ldap-11.1.tar.bz2 /bind-dyndb-ldap-11.1.tar.bz2.asc +/bind-dyndb-ldap-11.2.tar.bz2 +/bind-dyndb-ldap-11.2.tar.bz2.asc diff --git a/0001-Coverity-fix-REVERSE_INULL-for-pevent-inst.patch b/0001-Coverity-fix-REVERSE_INULL-for-pevent-inst.patch deleted file mode 100644 index 04b6cb8..0000000 --- a/0001-Coverity-fix-REVERSE_INULL-for-pevent-inst.patch +++ /dev/null @@ -1,116 +0,0 @@ -From e5c29893a318c0f1571c9918ab2c7c23dca3c952 Mon Sep 17 00:00:00 2001 -From: Tomas Krizek -Date: Mon, 27 Mar 2017 19:41:05 +0200 -Subject: [PATCH] Coverity: fix REVERSE_INULL for pevent->inst - -With the DynDB API changes, the ldap instance is acquired -differently. Previously, obtaining the instance could fail when -LDAP was disconnecting, thus the NULL check was necessary in the -cleanup part. - -Now, inst is obtained directly from the API. I'm not sure what is -the exact behaviour in edge cases such as LDAP disconnecting, so -I perform the NULL check a bit earlier, just to be safe. ---- - src/ldap_helper.c | 42 +++++++++++++++++++++--------------------- - 1 file changed, 21 insertions(+), 21 deletions(-) - -diff --git a/src/ldap_helper.c b/src/ldap_helper.c -index 1fa0ec9adfa2b9ca589587244da03cc6f0584919..e0c4b76f0bd350eda2d81588e6efb67b5221d630 100644 ---- a/src/ldap_helper.c -+++ b/src/ldap_helper.c -@@ -3714,6 +3714,7 @@ update_zone(isc_task_t *task, isc_event_t *event) - mctx = pevent->mctx; - dns_name_init(&prevname, NULL); - -+ REQUIRE(inst != NULL); - INSIST(task == inst->task); /* For task-exclusive mode */ - - if (SYNCREPL_DEL(pevent->chgtype)) { -@@ -3730,12 +3731,11 @@ update_zone(isc_task_t *task, isc_event_t *event) - } - - cleanup: -- if (inst != NULL) { -- sync_concurr_limit_signal(inst->sctx); -- sync_event_signal(inst->sctx, pevent); -- if (dns_name_dynamic(&prevname)) -- dns_name_free(&prevname, inst->mctx); -- } -+ sync_concurr_limit_signal(inst->sctx); -+ sync_event_signal(inst->sctx, pevent); -+ if (dns_name_dynamic(&prevname)) -+ dns_name_free(&prevname, inst->mctx); -+ - if (result != ISC_R_SUCCESS) - log_error_r("update_zone (syncrepl) failed for %s. " - "Zones can be outdated, run `rndc reload`", -@@ -3760,14 +3760,14 @@ update_config(isc_task_t * task, isc_event_t *event) - - mctx = pevent->mctx; - -+ REQUIRE(inst != NULL); - INSIST(task == inst->task); /* For task-exclusive mode */ - CHECK(ldap_parse_configentry(entry, inst)); - - cleanup: -- if (inst != NULL) { -- sync_concurr_limit_signal(inst->sctx); -- sync_event_signal(inst->sctx, pevent); -- } -+ sync_concurr_limit_signal(inst->sctx); -+ sync_event_signal(inst->sctx, pevent); -+ - if (result != ISC_R_SUCCESS) - log_error_r("update_config (syncrepl) failed for %s. " - "Configuration can be outdated, run `rndc reload`", -@@ -3790,14 +3790,14 @@ update_serverconfig(isc_task_t * task, isc_event_t *event) - - mctx = pevent->mctx; - -+ REQUIRE(inst != NULL); - INSIST(task == inst->task); /* For task-exclusive mode */ - CHECK(ldap_parse_serverconfigentry(entry, inst)); - - cleanup: -- if (inst != NULL) { -- sync_concurr_limit_signal(inst->sctx); -- sync_event_signal(inst->sctx, pevent); -- } -+ sync_concurr_limit_signal(inst->sctx); -+ sync_event_signal(inst->sctx, pevent); -+ - if (result != ISC_R_SUCCESS) - log_error_r("update_serverconfig (syncrepl) failed for %s. " - "Configuration can be outdated, run `rndc reload`", -@@ -3860,6 +3860,7 @@ update_record(isc_task_t *task, isc_event_t *event) - dns_name_init(&prevname, NULL); - dns_name_init(&prevorigin, NULL); - -+ REQUIRE(inst != NULL); - CHECK(zr_get_zone_ptr(inst->zone_register, &entry->zone_name, &raw, &secure)); - zone_found = ISC_TRUE; - -@@ -4020,13 +4021,12 @@ cleanup: - ldap_entry_logname(entry), pevent->chgtype); - } - -- if (inst != NULL) { -- sync_concurr_limit_signal(inst->sctx); -- if (dns_name_dynamic(&prevname)) -- dns_name_free(&prevname, inst->mctx); -- if (dns_name_dynamic(&prevorigin)) -- dns_name_free(&prevorigin, inst->mctx); -- } -+ sync_concurr_limit_signal(inst->sctx); -+ if (dns_name_dynamic(&prevname)) -+ dns_name_free(&prevname, inst->mctx); -+ if (dns_name_dynamic(&prevorigin)) -+ dns_name_free(&prevorigin, inst->mctx); -+ - if (raw != NULL) - dns_zone_detach(&raw); - if (secure != NULL) --- -2.9.3 - diff --git a/0002-Add-empty-callback-for-getsize.patch b/0002-Add-empty-callback-for-getsize.patch deleted file mode 100644 index 63f08b9..0000000 --- a/0002-Add-empty-callback-for-getsize.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 107c5ed7247788a04a23d6c65fca50f96c944345 Mon Sep 17 00:00:00 2001 -From: Tomas Krizek -Date: Tue, 27 Jun 2017 10:41:03 +0200 -Subject: [PATCH] Add empty callback for getsize - -BIND introduced getsize method in db.h. This is related to -CVE-2016-6170 and allows to set restriction of zone size limit. - -Signed-off-by: Tomas Krizek ---- - src/ldap_driver.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/src/ldap_driver.c b/src/ldap_driver.c -index 53ce1a9..38673b0 100644 ---- a/src/ldap_driver.c -+++ b/src/ldap_driver.c -@@ -867,7 +867,8 @@ static dns_dbmethods_t ldapdb_methods = { - findext, - setcachestats, - hashsize, -- nodefullname -+ nodefullname, -+ NULL, // getsize method not implemented (related BZ1353563) - }; - - isc_result_t ATTR_NONNULLS --- -2.9.4 - diff --git a/0003-Support-for-BIND-9.11.3.patch b/0003-Support-for-BIND-9.11.3.patch deleted file mode 100644 index 092e3c2..0000000 --- a/0003-Support-for-BIND-9.11.3.patch +++ /dev/null @@ -1,137 +0,0 @@ -From b533d722fa62232955aedfdf1bbc0179f48497eb Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= -Date: Thu, 1 Mar 2018 19:41:10 +0100 -Subject: [PATCH] Support for BIND 9.11.3. Include explicitly isc/util.h in - each file that uses REQUIRE(). Support stdatomic feature, do not use function - call in STATIC_ASSERT(). - ---- - src/bindcfg.c | 1 + - src/fwd_register.c | 1 + - src/ldap_entry.h | 11 +++++------ - src/mldap.c | 4 ++-- - src/rbt_helper.c | 1 + - src/types.h | 2 +- - 6 files changed, 11 insertions(+), 9 deletions(-) - -diff --git a/src/bindcfg.c b/src/bindcfg.c -index 9b429ba..5539dea 100644 ---- a/src/bindcfg.c -+++ b/src/bindcfg.c -@@ -6,6 +6,7 @@ - - #include "config.h" - -+#include - #include - #include - -diff --git a/src/fwd_register.c b/src/fwd_register.c -index 355d15f..7cc0c5a 100644 ---- a/src/fwd_register.c -+++ b/src/fwd_register.c -@@ -3,6 +3,7 @@ - */ - - #include -+#include - #include - - #include "rbt_helper.h" -diff --git a/src/ldap_entry.h b/src/ldap_entry.h -index 6498c79..88b1c42 100644 ---- a/src/ldap_entry.h -+++ b/src/ldap_entry.h -@@ -6,7 +6,6 @@ - #define _LD_LDAP_ENTRY_H_ - - #include --#include - #include - - #include "fwd_register.h" -@@ -19,15 +18,15 @@ - - /* Represents values associated with LDAP attribute */ - typedef struct ldap_value ldap_value_t; --typedef LIST(ldap_value_t) ldap_valuelist_t; -+typedef ISC_LIST(ldap_value_t) ldap_valuelist_t; - struct ldap_value { - char *value; -- LINK(ldap_value_t) link; -+ ISC_LINK(ldap_value_t) link; - }; - - /* Represents LDAP attribute and it's values */ - typedef struct ldap_attribute ldap_attribute_t; --typedef LIST(ldap_attribute_t) ldap_attributelist_t; -+typedef ISC_LIST(ldap_attribute_t) ldap_attributelist_t; - - /* Represents LDAP entry and it's attributes */ - typedef unsigned char ldap_entryclass_t; -@@ -41,7 +40,7 @@ struct ldap_entry { - - ldap_attribute_t *lastattr; - ldap_attributelist_t attrs; -- LINK(ldap_entry_t) link; -+ ISC_LINK(ldap_entry_t) link; - - /* Parsing. */ - isc_lex_t *lex; -@@ -59,7 +58,7 @@ struct ldap_attribute { - char **ldap_values; - ldap_value_t *lastval; - ldap_valuelist_t values; -- LINK(ldap_attribute_t) link; -+ ISC_LINK(ldap_attribute_t) link; - }; - - #define LDAP_ENTRYCLASS_NONE 0x0 -diff --git a/src/mldap.c b/src/mldap.c -index 143abce..304ba36 100644 ---- a/src/mldap.c -+++ b/src/mldap.c -@@ -119,13 +119,13 @@ void mldap_cur_generation_bump(mldapdb_t *mldap) { - * reference counter value. - */ - STATIC_ASSERT((isc_uint32_t) -- (typeof(isc_refcount_current((isc_refcount_t *)0))) -+ (typeof(((isc_refcount_t *)0)->refs)) - -1 - == 0xFFFFFFFF, \ - "negative isc_refcount_t cannot be properly shortened to 32 bits"); - - STATIC_ASSERT((isc_uint32_t) -- (typeof(isc_refcount_current((isc_refcount_t *)0))) -+ (typeof(((isc_refcount_t *)0)->refs)) - 0x90ABCDEF12345678 - == 0x12345678, \ - "positive isc_refcount_t cannot be properly shortened to 32 bits"); -diff --git a/src/rbt_helper.c b/src/rbt_helper.c -index 2a7e6cb..f610b07 100644 ---- a/src/rbt_helper.c -+++ b/src/rbt_helper.c -@@ -2,6 +2,7 @@ - * Copyright (C) 2013-2014 bind-dyndb-ldap authors; see COPYING for license - */ - -+#include - #include - - #include "util.h" -diff --git a/src/types.h b/src/types.h -index 25ef3b9..01d627c 100644 ---- a/src/types.h -+++ b/src/types.h -@@ -24,7 +24,7 @@ - * rdata1 -> rdata2 -> rdata3 rdata4 -> rdata5 - * next_rdatalist -> next_rdatalist ... - */ --typedef LIST(dns_rdatalist_t) ldapdb_rdatalist_t; -+typedef ISC_LIST(dns_rdatalist_t) ldapdb_rdatalist_t; - - typedef struct enum_txt_assoc { - int value; --- -2.14.3 - diff --git a/0004-Support-for-BIND-9.11.5.patch b/0004-Support-for-BIND-9.11.5.patch deleted file mode 100644 index 8bc1abc..0000000 --- a/0004-Support-for-BIND-9.11.5.patch +++ /dev/null @@ -1,123 +0,0 @@ -From 925159b0e3757e650d9dbdb7888f6d66dde6d62f Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Mon, 5 Nov 2018 19:49:03 +0100 -Subject: [PATCH] Adjust to changes in bind 9.11.5 - -Custom types like isc_boolean_t and isc_uint32_t were removed from bind -headers. Compatibility headers are included, but have to be manually -used. Better change would be to start using uint32_t and bool types, -but that changes too much of code for now. ---- - src/fwd.c | 2 ++ - src/ldap_entry.c | 1 + - src/ldap_helper.c | 1 + - src/ldap_helper.h | 1 + - src/mldap.c | 1 + - src/settings.h | 2 ++ - src/types.h | 2 ++ - src/zone.c | 1 + - 8 files changed, 11 insertions(+) - -diff --git a/src/fwd.c b/src/fwd.c -index 840f0e8..f1ab60c 100644 ---- a/src/fwd.c -+++ b/src/fwd.c -@@ -6,6 +6,8 @@ - - #include "config.h" - -+#include -+ - #include - - #include -diff --git a/src/ldap_entry.c b/src/ldap_entry.c -index 96a6ef8..00a7e89 100644 ---- a/src/ldap_entry.c -+++ b/src/ldap_entry.c -@@ -7,6 +7,7 @@ - #include - #include - -+#include - #include - #include - #include -diff --git a/src/ldap_helper.c b/src/ldap_helper.c -index e0c4b76..74c0afe 100644 ---- a/src/ldap_helper.c -+++ b/src/ldap_helper.c -@@ -26,6 +26,7 @@ - - #include - #include -+#include - #include - #include - #include -diff --git a/src/ldap_helper.h b/src/ldap_helper.h -index 6cfece5..fc21bb3 100644 ---- a/src/ldap_helper.h -+++ b/src/ldap_helper.h -@@ -7,6 +7,7 @@ - - #include "types.h" - -+#include - #include - #include - #include -diff --git a/src/mldap.c b/src/mldap.c -index 304ba36..8b90921 100644 ---- a/src/mldap.c -+++ b/src/mldap.c -@@ -10,6 +10,7 @@ - #include - - #include -+#include - #include - #include - #include -diff --git a/src/settings.h b/src/settings.h -index 16a1e63..6585d8b 100644 ---- a/src/settings.h -+++ b/src/settings.h -@@ -6,6 +6,8 @@ - #define _LD_SETTINGS_H_ - - #include -+#include -+#include - - #include - -diff --git a/src/types.h b/src/types.h -index 01d627c..41ef476 100644 ---- a/src/types.h -+++ b/src/types.h -@@ -5,7 +5,9 @@ - #ifndef _LD_TYPES_H_ - #define _LD_TYPES_H_ - -+#include - #include -+#include - #include - #include - -diff --git a/src/zone.c b/src/zone.c -index 284136e..b9c9936 100644 ---- a/src/zone.c -+++ b/src/zone.c -@@ -2,6 +2,7 @@ - * Copyright (C) 2014-2015 bind-dyndb-ldap authors; see COPYING for license - */ - -+#include - #include - #include - --- -2.14.5 - diff --git a/0005-Use-correct-dn-value.patch b/0005-Use-correct-dn-value.patch deleted file mode 100644 index f0c23c5..0000000 --- a/0005-Use-correct-dn-value.patch +++ /dev/null @@ -1,35 +0,0 @@ -From ef1c4b7833de663549e9520e06e2b9f457b5fbec Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Mon, 28 Jan 2019 00:21:31 +0100 -Subject: [PATCH] Use correct dn value - -New GCC correctly reports error, NULL is always passed in case of -invalid objectclass. ---- - src/ldap_helper.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/src/ldap_helper.c b/src/ldap_helper.c -index 74c0afe..0f6184d 100644 ---- a/src/ldap_helper.c -+++ b/src/ldap_helper.c -@@ -4102,7 +4102,6 @@ syncrepl_update(ldap_instance_t *inst, ldap_entry_t **entryp, int chgtype) - ldap_entry_t *entry = NULL; - dns_name_t *zone_name = NULL; - dns_zone_t *zone_ptr = NULL; -- char *dn = NULL; - isc_taskaction_t action = NULL; - isc_task_t *task = NULL; - isc_boolean_t synchronous; -@@ -4155,7 +4154,7 @@ syncrepl_update(ldap_instance_t *inst, ldap_entry_t **entryp, int chgtype) - else if ((entry->class & LDAP_ENTRYCLASS_RR) != 0) - action = update_record; - else { -- log_error("unsupported objectClass: dn '%s'", dn); -+ log_error("unsupported objectClass: dn '%s'", entry->dn); - result = ISC_R_NOTIMPLEMENTED; - goto cleanup; - } --- -2.20.1 - diff --git a/bind-dyndb-ldap-template-attribute-defaults.patch b/bind-dyndb-ldap-template-attribute-defaults.patch deleted file mode 100644 index 6be7139..0000000 --- a/bind-dyndb-ldap-template-attribute-defaults.patch +++ /dev/null @@ -1,154 +0,0 @@ -From 88096745d1ef1798854e0c8319b5ae015f045fe3 Mon Sep 17 00:00:00 2001 -From: Alexander Bokovoy -Date: Wed, 1 May 2019 09:24:24 +0300 -Subject: [PATCH] Move recognition of a templated attribute to - ldap_attribute_to_rdatatype - -When substitution of a templated entry attribute fails, we need to fall -back to a static definition of the attribute from the same entry. This -means, however, that ldap_attribute_to_rdatatype() will attempt to parse -an attribute value anyway and will be confused by the templating prefix, -thus reporting in named's logs: - -unsupported operation: object class in resource record template DN -'idnsname=$NAME,idnsname=$ZONE.,cn=dns,$BASEDN' changed: -rndc reload might be necessary - -Move recognition of a template attribute name to -ldap_attribute_to_rdatatype() so that a proper attribute class is -correctly derived and ignore templated attribute in the fallback code -if case that template expansion is failed. - -Resolves: rhbz#1705072 ---- - src/ldap_convert.c | 33 +++++++++++++++++++++++++-------- - src/ldap_convert.h | 2 ++ - src/ldap_helper.c | 21 ++++++++++++++------- - 3 files changed, 41 insertions(+), 15 deletions(-) - -diff --git a/src/ldap_convert.c b/src/ldap_convert.c -index 002a679..6e24c81 100644 ---- a/src/ldap_convert.c -+++ b/src/ldap_convert.c -@@ -372,23 +372,40 @@ ldap_attribute_to_rdatatype(const char *ldap_attribute, dns_rdatatype_t *rdtype) - { - isc_result_t result; - unsigned len; -+ const char *attribute = NULL; - isc_consttextregion_t region; - - len = strlen(ldap_attribute); - if (len <= LDAP_RDATATYPE_SUFFIX_LEN) - return ISC_R_UNEXPECTEDEND; - -+ -+ /* Before looking up rdtype, we need to see if rdtype is -+ * an LDAP subtype (type;subtype) and if so, strip one of -+ * the known prefixes. We also need to remove 'record' suffix -+ * if it exists. The resulting rdtype text name should have no -+ * 'extra' details: A, AAAA, CNAME, etc. */ -+ attribute = ldap_attribute; -+ -+ /* Does attribute name start with with TEMPLATE_PREFIX? */ -+ if (strncasecmp(LDAP_RDATATYPE_TEMPLATE_PREFIX, -+ ldap_attribute, -+ LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN) == 0) { -+ attribute = ldap_attribute + LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN; -+ len -= LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN; -+ /* Does attribute name start with with UNKNOWN_PREFIX? */ -+ } else if (strncasecmp(LDAP_RDATATYPE_UNKNOWN_PREFIX, -+ ldap_attribute, -+ LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN) == 0) { -+ attribute = ldap_attribute + LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN; -+ len -= LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN; -+ } -+ - /* Does attribute name end with RECORD_SUFFIX? */ -- if (strcasecmp(ldap_attribute + len - LDAP_RDATATYPE_SUFFIX_LEN, -+ if (strcasecmp(attribute + len - LDAP_RDATATYPE_SUFFIX_LEN, - LDAP_RDATATYPE_SUFFIX) == 0) { -- region.base = ldap_attribute; -+ region.base = attribute; - region.length = len - LDAP_RDATATYPE_SUFFIX_LEN; -- /* Does attribute name start with with UNKNOWN_PREFIX? */ -- } else if (strncasecmp(ldap_attribute, -- LDAP_RDATATYPE_UNKNOWN_PREFIX, -- LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN) == 0) { -- region.base = ldap_attribute + LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN; -- region.length = len - LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN; - } else - return ISC_R_UNEXPECTED; - -diff --git a/src/ldap_convert.h b/src/ldap_convert.h -index 47ac947..fcd575b 100644 ---- a/src/ldap_convert.h -+++ b/src/ldap_convert.h -@@ -17,6 +17,8 @@ - #define LDAP_RDATATYPE_SUFFIX_LEN (sizeof(LDAP_RDATATYPE_SUFFIX) - 1) - #define LDAP_RDATATYPE_UNKNOWN_PREFIX "UnknownRecord;" - #define LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN (sizeof(LDAP_RDATATYPE_UNKNOWN_PREFIX) - 1) -+#define LDAP_RDATATYPE_TEMPLATE_PREFIX "idnsTemplateAttribute;" -+#define LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN (sizeof(LDAP_RDATATYPE_TEMPLATE_PREFIX) - 1) - - /* - * Convert LDAP DN 'dn', to dns_name_t 'target'. 'target' needs to be -diff --git a/src/ldap_helper.c b/src/ldap_helper.c -index 8b486ae..7f70ee3 100644 ---- a/src/ldap_helper.c -+++ b/src/ldap_helper.c -@@ -2396,7 +2396,7 @@ ldap_substitute_rr_template(isc_mem_t *mctx, const settings_set_t * set, - result = setting_find(setting_name, set, isc_boolean_true, - isc_boolean_true, &setting); - if (result != ISC_R_SUCCESS) { -- log_debug(3, "setting '%s' is not defined so it " -+ log_debug(5, "setting '%s' is not defined so it " - "cannot be substituted into template '%s'", - setting_name, str_buf(orig_val)); - CLEANUP_WITH(ISC_R_IGNORE); -@@ -2459,23 +2459,22 @@ ldap_parse_rrentry_template(isc_mem_t *mctx, ldap_entry_t *entry, - dns_rdatatype_t rdtype; - dns_rdatalist_t *rdlist = NULL; - isc_boolean_t did_something = ISC_FALSE; -- static const char prefix[] = "idnsTemplateAttribute;"; -- static const char prefix_len = sizeof(prefix) - 1; - - CHECK(str_new(mctx, &orig_val)); - rdclass = ldap_entry_getrdclass(entry); - ttl = ldap_entry_getttl(entry, settings); - - while ((attr = ldap_entry_nextattr(entry)) != NULL) { -- if (strncasecmp(prefix, attr->name, prefix_len) != 0) -+ if (strncasecmp(LDAP_RDATATYPE_TEMPLATE_PREFIX, -+ attr->name, -+ LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN) != 0) - continue; - -- result = ldap_attribute_to_rdatatype(attr->name + prefix_len, -- &rdtype); -+ result = ldap_attribute_to_rdatatype(attr->name, &rdtype); - if (result != ISC_R_SUCCESS) { - log_bug("%s: substitution into '%s' is not supported", - ldap_entry_logname(entry), -- attr->name + prefix_len); -+ attr->name + LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN); - continue; - } - -@@ -2559,6 +2558,14 @@ ldap_parse_rrentry(isc_mem_t *mctx, ldap_entry_t *entry, dns_name_t *origin, - for (result = ldap_entry_firstrdtype(entry, &attr, &rdtype); - result == ISC_R_SUCCESS; - result = ldap_entry_nextrdtype(entry, &attr, &rdtype)) { -+ /* If we reached this point and found a template attribute, -+ * skip it because it was not translated above due to missing -+ * defaults or some other errors. */ -+ if (((entry->class & LDAP_ENTRYCLASS_TEMPLATE) != 0) && -+ strncasecmp(LDAP_RDATATYPE_TEMPLATE_PREFIX, -+ attr->name, -+ LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN) == 0) -+ continue; - - CHECK(findrdatatype_or_create(mctx, rdatalist, rdclass, - rdtype, ttl, &rdlist)); --- -2.21.0 - diff --git a/bind-dyndb-ldap.spec b/bind-dyndb-ldap.spec index 56a1fa1..4a51a80 100644 --- a/bind-dyndb-ldap.spec +++ b/bind-dyndb-ldap.spec @@ -1,22 +1,16 @@ %define VERSION %{version} -%define bind_version 32:9.11.3-5 +%define bind_version 32:9.11.11-1 Name: bind-dyndb-ldap -Version: 11.1 -Release: 20%{?dist} +Version: 11.2 +Release: 1%{?dist} Summary: LDAP back-end plug-in for BIND License: GPLv2+ URL: https://releases.pagure.org/bind-dyndb-ldap Source0: https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2 Source1: https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2.asc -Patch1: 0001-Coverity-fix-REVERSE_INULL-for-pevent-inst.patch -Patch2: 0002-Add-empty-callback-for-getsize.patch -Patch3: 0003-Support-for-BIND-9.11.3.patch -Patch4: 0004-Support-for-BIND-9.11.5.patch -Patch5: 0005-Use-correct-dn-value.patch -Patch6: bind-dyndb-ldap-template-attribute-defaults.patch BuildRequires: bind-devel >= %{bind_version}, bind-lite-devel >= %{bind_version}, bind-pkcs11-devel >= %{bind_version} BuildRequires: krb5-devel @@ -35,12 +29,6 @@ off of your LDAP server. %prep %setup -q -n %{name}-%{VERSION} -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 %build autoreconf -fiv @@ -106,6 +94,9 @@ sed -i.bak -e "$SEDSCRIPT" /etc/named.conf %changelog +* Tue Nov 05 2019 Alexander Bokovoy - 11.2-1 +- New upstream release v11.2 + * Tue Aug 27 2019 Petr Menšík - 11.1-20 - Rebuilt for bind 9.11.10 diff --git a/sources b/sources index adc2a11..e0e3c0c 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (bind-dyndb-ldap-11.1.tar.bz2) = 72e3298bfe6e1880a1d30d30f9a77b55bdee86aed10872f924abc8926bfd8d66bb436182936b1b1efb5080ee0248b2513c3344c8242d4b7fe31168ad61c6d74d -SHA512 (bind-dyndb-ldap-11.1.tar.bz2.asc) = 1e9ec5e5c0e0e2908fb428a5ae8ec4cdb64dc4083232e8c8622e0fea10c6f88134b07b6a379099532d14a3c6022f97b87b207dcab15803975864881e025fbf6b +SHA512 (bind-dyndb-ldap-11.2.tar.bz2) = f4129f332829c41f72a42e03aa414aa31b4581796a071e5dc630cd8202896b53253a03aa4b842ca5dc409552df214ee08426ee90402e7fd3f7779aa8faed7e06 +SHA512 (bind-dyndb-ldap-11.2.tar.bz2.asc) = 43b1ac011ae80d387bbefba9e2443d666e56d3ce947d1781b7fd049518306ace68cc512304f479b48fd3e883e373b0ba9daa4e1f3ccc482503bc6e78599740cc