Package v11.2
This commit is contained in:
parent
02cb6b2351
commit
32c95c8c20
2
.gitignore
vendored
2
.gitignore
vendored
@ -43,3 +43,5 @@ bind-dyndb-ldap-0.1.0b.tar.bz2
|
||||
/bind-dyndb-ldap-11.0.tar.bz2.asc
|
||||
/bind-dyndb-ldap-11.1.tar.bz2
|
||||
/bind-dyndb-ldap-11.1.tar.bz2.asc
|
||||
/bind-dyndb-ldap-11.2.tar.bz2
|
||||
/bind-dyndb-ldap-11.2.tar.bz2.asc
|
||||
|
@ -1,116 +0,0 @@
|
||||
From e5c29893a318c0f1571c9918ab2c7c23dca3c952 Mon Sep 17 00:00:00 2001
|
||||
From: Tomas Krizek <tkrizek@redhat.com>
|
||||
Date: Mon, 27 Mar 2017 19:41:05 +0200
|
||||
Subject: [PATCH] Coverity: fix REVERSE_INULL for pevent->inst
|
||||
|
||||
With the DynDB API changes, the ldap instance is acquired
|
||||
differently. Previously, obtaining the instance could fail when
|
||||
LDAP was disconnecting, thus the NULL check was necessary in the
|
||||
cleanup part.
|
||||
|
||||
Now, inst is obtained directly from the API. I'm not sure what is
|
||||
the exact behaviour in edge cases such as LDAP disconnecting, so
|
||||
I perform the NULL check a bit earlier, just to be safe.
|
||||
---
|
||||
src/ldap_helper.c | 42 +++++++++++++++++++++---------------------
|
||||
1 file changed, 21 insertions(+), 21 deletions(-)
|
||||
|
||||
diff --git a/src/ldap_helper.c b/src/ldap_helper.c
|
||||
index 1fa0ec9adfa2b9ca589587244da03cc6f0584919..e0c4b76f0bd350eda2d81588e6efb67b5221d630 100644
|
||||
--- a/src/ldap_helper.c
|
||||
+++ b/src/ldap_helper.c
|
||||
@@ -3714,6 +3714,7 @@ update_zone(isc_task_t *task, isc_event_t *event)
|
||||
mctx = pevent->mctx;
|
||||
dns_name_init(&prevname, NULL);
|
||||
|
||||
+ REQUIRE(inst != NULL);
|
||||
INSIST(task == inst->task); /* For task-exclusive mode */
|
||||
|
||||
if (SYNCREPL_DEL(pevent->chgtype)) {
|
||||
@@ -3730,12 +3731,11 @@ update_zone(isc_task_t *task, isc_event_t *event)
|
||||
}
|
||||
|
||||
cleanup:
|
||||
- if (inst != NULL) {
|
||||
- sync_concurr_limit_signal(inst->sctx);
|
||||
- sync_event_signal(inst->sctx, pevent);
|
||||
- if (dns_name_dynamic(&prevname))
|
||||
- dns_name_free(&prevname, inst->mctx);
|
||||
- }
|
||||
+ sync_concurr_limit_signal(inst->sctx);
|
||||
+ sync_event_signal(inst->sctx, pevent);
|
||||
+ if (dns_name_dynamic(&prevname))
|
||||
+ dns_name_free(&prevname, inst->mctx);
|
||||
+
|
||||
if (result != ISC_R_SUCCESS)
|
||||
log_error_r("update_zone (syncrepl) failed for %s. "
|
||||
"Zones can be outdated, run `rndc reload`",
|
||||
@@ -3760,14 +3760,14 @@ update_config(isc_task_t * task, isc_event_t *event)
|
||||
|
||||
mctx = pevent->mctx;
|
||||
|
||||
+ REQUIRE(inst != NULL);
|
||||
INSIST(task == inst->task); /* For task-exclusive mode */
|
||||
CHECK(ldap_parse_configentry(entry, inst));
|
||||
|
||||
cleanup:
|
||||
- if (inst != NULL) {
|
||||
- sync_concurr_limit_signal(inst->sctx);
|
||||
- sync_event_signal(inst->sctx, pevent);
|
||||
- }
|
||||
+ sync_concurr_limit_signal(inst->sctx);
|
||||
+ sync_event_signal(inst->sctx, pevent);
|
||||
+
|
||||
if (result != ISC_R_SUCCESS)
|
||||
log_error_r("update_config (syncrepl) failed for %s. "
|
||||
"Configuration can be outdated, run `rndc reload`",
|
||||
@@ -3790,14 +3790,14 @@ update_serverconfig(isc_task_t * task, isc_event_t *event)
|
||||
|
||||
mctx = pevent->mctx;
|
||||
|
||||
+ REQUIRE(inst != NULL);
|
||||
INSIST(task == inst->task); /* For task-exclusive mode */
|
||||
CHECK(ldap_parse_serverconfigentry(entry, inst));
|
||||
|
||||
cleanup:
|
||||
- if (inst != NULL) {
|
||||
- sync_concurr_limit_signal(inst->sctx);
|
||||
- sync_event_signal(inst->sctx, pevent);
|
||||
- }
|
||||
+ sync_concurr_limit_signal(inst->sctx);
|
||||
+ sync_event_signal(inst->sctx, pevent);
|
||||
+
|
||||
if (result != ISC_R_SUCCESS)
|
||||
log_error_r("update_serverconfig (syncrepl) failed for %s. "
|
||||
"Configuration can be outdated, run `rndc reload`",
|
||||
@@ -3860,6 +3860,7 @@ update_record(isc_task_t *task, isc_event_t *event)
|
||||
dns_name_init(&prevname, NULL);
|
||||
dns_name_init(&prevorigin, NULL);
|
||||
|
||||
+ REQUIRE(inst != NULL);
|
||||
CHECK(zr_get_zone_ptr(inst->zone_register, &entry->zone_name, &raw, &secure));
|
||||
zone_found = ISC_TRUE;
|
||||
|
||||
@@ -4020,13 +4021,12 @@ cleanup:
|
||||
ldap_entry_logname(entry), pevent->chgtype);
|
||||
}
|
||||
|
||||
- if (inst != NULL) {
|
||||
- sync_concurr_limit_signal(inst->sctx);
|
||||
- if (dns_name_dynamic(&prevname))
|
||||
- dns_name_free(&prevname, inst->mctx);
|
||||
- if (dns_name_dynamic(&prevorigin))
|
||||
- dns_name_free(&prevorigin, inst->mctx);
|
||||
- }
|
||||
+ sync_concurr_limit_signal(inst->sctx);
|
||||
+ if (dns_name_dynamic(&prevname))
|
||||
+ dns_name_free(&prevname, inst->mctx);
|
||||
+ if (dns_name_dynamic(&prevorigin))
|
||||
+ dns_name_free(&prevorigin, inst->mctx);
|
||||
+
|
||||
if (raw != NULL)
|
||||
dns_zone_detach(&raw);
|
||||
if (secure != NULL)
|
||||
--
|
||||
2.9.3
|
||||
|
@ -1,30 +0,0 @@
|
||||
From 107c5ed7247788a04a23d6c65fca50f96c944345 Mon Sep 17 00:00:00 2001
|
||||
From: Tomas Krizek <tkrizek@redhat.com>
|
||||
Date: Tue, 27 Jun 2017 10:41:03 +0200
|
||||
Subject: [PATCH] Add empty callback for getsize
|
||||
|
||||
BIND introduced getsize method in db.h. This is related to
|
||||
CVE-2016-6170 and allows to set restriction of zone size limit.
|
||||
|
||||
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
|
||||
---
|
||||
src/ldap_driver.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/ldap_driver.c b/src/ldap_driver.c
|
||||
index 53ce1a9..38673b0 100644
|
||||
--- a/src/ldap_driver.c
|
||||
+++ b/src/ldap_driver.c
|
||||
@@ -867,7 +867,8 @@ static dns_dbmethods_t ldapdb_methods = {
|
||||
findext,
|
||||
setcachestats,
|
||||
hashsize,
|
||||
- nodefullname
|
||||
+ nodefullname,
|
||||
+ NULL, // getsize method not implemented (related BZ1353563)
|
||||
};
|
||||
|
||||
isc_result_t ATTR_NONNULLS
|
||||
--
|
||||
2.9.4
|
||||
|
@ -1,137 +0,0 @@
|
||||
From b533d722fa62232955aedfdf1bbc0179f48497eb Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
|
||||
Date: Thu, 1 Mar 2018 19:41:10 +0100
|
||||
Subject: [PATCH] Support for BIND 9.11.3. Include explicitly isc/util.h in
|
||||
each file that uses REQUIRE(). Support stdatomic feature, do not use function
|
||||
call in STATIC_ASSERT().
|
||||
|
||||
---
|
||||
src/bindcfg.c | 1 +
|
||||
src/fwd_register.c | 1 +
|
||||
src/ldap_entry.h | 11 +++++------
|
||||
src/mldap.c | 4 ++--
|
||||
src/rbt_helper.c | 1 +
|
||||
src/types.h | 2 +-
|
||||
6 files changed, 11 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/src/bindcfg.c b/src/bindcfg.c
|
||||
index 9b429ba..5539dea 100644
|
||||
--- a/src/bindcfg.c
|
||||
+++ b/src/bindcfg.c
|
||||
@@ -6,6 +6,7 @@
|
||||
|
||||
#include "config.h"
|
||||
|
||||
+#include <isc/util.h>
|
||||
#include <isccfg/grammar.h>
|
||||
#include <isccfg/namedconf.h>
|
||||
|
||||
diff --git a/src/fwd_register.c b/src/fwd_register.c
|
||||
index 355d15f..7cc0c5a 100644
|
||||
--- a/src/fwd_register.c
|
||||
+++ b/src/fwd_register.c
|
||||
@@ -3,6 +3,7 @@
|
||||
*/
|
||||
|
||||
#include <isc/rwlock.h>
|
||||
+#include <isc/util.h>
|
||||
#include <dns/name.h>
|
||||
|
||||
#include "rbt_helper.h"
|
||||
diff --git a/src/ldap_entry.h b/src/ldap_entry.h
|
||||
index 6498c79..88b1c42 100644
|
||||
--- a/src/ldap_entry.h
|
||||
+++ b/src/ldap_entry.h
|
||||
@@ -6,7 +6,6 @@
|
||||
#define _LD_LDAP_ENTRY_H_
|
||||
|
||||
#include <isc/lex.h>
|
||||
-#include <isc/util.h>
|
||||
#include <dns/types.h>
|
||||
|
||||
#include "fwd_register.h"
|
||||
@@ -19,15 +18,15 @@
|
||||
|
||||
/* Represents values associated with LDAP attribute */
|
||||
typedef struct ldap_value ldap_value_t;
|
||||
-typedef LIST(ldap_value_t) ldap_valuelist_t;
|
||||
+typedef ISC_LIST(ldap_value_t) ldap_valuelist_t;
|
||||
struct ldap_value {
|
||||
char *value;
|
||||
- LINK(ldap_value_t) link;
|
||||
+ ISC_LINK(ldap_value_t) link;
|
||||
};
|
||||
|
||||
/* Represents LDAP attribute and it's values */
|
||||
typedef struct ldap_attribute ldap_attribute_t;
|
||||
-typedef LIST(ldap_attribute_t) ldap_attributelist_t;
|
||||
+typedef ISC_LIST(ldap_attribute_t) ldap_attributelist_t;
|
||||
|
||||
/* Represents LDAP entry and it's attributes */
|
||||
typedef unsigned char ldap_entryclass_t;
|
||||
@@ -41,7 +40,7 @@ struct ldap_entry {
|
||||
|
||||
ldap_attribute_t *lastattr;
|
||||
ldap_attributelist_t attrs;
|
||||
- LINK(ldap_entry_t) link;
|
||||
+ ISC_LINK(ldap_entry_t) link;
|
||||
|
||||
/* Parsing. */
|
||||
isc_lex_t *lex;
|
||||
@@ -59,7 +58,7 @@ struct ldap_attribute {
|
||||
char **ldap_values;
|
||||
ldap_value_t *lastval;
|
||||
ldap_valuelist_t values;
|
||||
- LINK(ldap_attribute_t) link;
|
||||
+ ISC_LINK(ldap_attribute_t) link;
|
||||
};
|
||||
|
||||
#define LDAP_ENTRYCLASS_NONE 0x0
|
||||
diff --git a/src/mldap.c b/src/mldap.c
|
||||
index 143abce..304ba36 100644
|
||||
--- a/src/mldap.c
|
||||
+++ b/src/mldap.c
|
||||
@@ -119,13 +119,13 @@ void mldap_cur_generation_bump(mldapdb_t *mldap) {
|
||||
* reference counter value.
|
||||
*/
|
||||
STATIC_ASSERT((isc_uint32_t)
|
||||
- (typeof(isc_refcount_current((isc_refcount_t *)0)))
|
||||
+ (typeof(((isc_refcount_t *)0)->refs))
|
||||
-1
|
||||
== 0xFFFFFFFF, \
|
||||
"negative isc_refcount_t cannot be properly shortened to 32 bits");
|
||||
|
||||
STATIC_ASSERT((isc_uint32_t)
|
||||
- (typeof(isc_refcount_current((isc_refcount_t *)0)))
|
||||
+ (typeof(((isc_refcount_t *)0)->refs))
|
||||
0x90ABCDEF12345678
|
||||
== 0x12345678, \
|
||||
"positive isc_refcount_t cannot be properly shortened to 32 bits");
|
||||
diff --git a/src/rbt_helper.c b/src/rbt_helper.c
|
||||
index 2a7e6cb..f610b07 100644
|
||||
--- a/src/rbt_helper.c
|
||||
+++ b/src/rbt_helper.c
|
||||
@@ -2,6 +2,7 @@
|
||||
* Copyright (C) 2013-2014 bind-dyndb-ldap authors; see COPYING for license
|
||||
*/
|
||||
|
||||
+#include <isc/util.h>
|
||||
#include <dns/rbt.h>
|
||||
|
||||
#include "util.h"
|
||||
diff --git a/src/types.h b/src/types.h
|
||||
index 25ef3b9..01d627c 100644
|
||||
--- a/src/types.h
|
||||
+++ b/src/types.h
|
||||
@@ -24,7 +24,7 @@
|
||||
* rdata1 -> rdata2 -> rdata3 rdata4 -> rdata5
|
||||
* next_rdatalist -> next_rdatalist ...
|
||||
*/
|
||||
-typedef LIST(dns_rdatalist_t) ldapdb_rdatalist_t;
|
||||
+typedef ISC_LIST(dns_rdatalist_t) ldapdb_rdatalist_t;
|
||||
|
||||
typedef struct enum_txt_assoc {
|
||||
int value;
|
||||
--
|
||||
2.14.3
|
||||
|
@ -1,123 +0,0 @@
|
||||
From 925159b0e3757e650d9dbdb7888f6d66dde6d62f Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 5 Nov 2018 19:49:03 +0100
|
||||
Subject: [PATCH] Adjust to changes in bind 9.11.5
|
||||
|
||||
Custom types like isc_boolean_t and isc_uint32_t were removed from bind
|
||||
headers. Compatibility headers are included, but have to be manually
|
||||
used. Better change would be to start using uint32_t and bool types,
|
||||
but that changes too much of code for now.
|
||||
---
|
||||
src/fwd.c | 2 ++
|
||||
src/ldap_entry.c | 1 +
|
||||
src/ldap_helper.c | 1 +
|
||||
src/ldap_helper.h | 1 +
|
||||
src/mldap.c | 1 +
|
||||
src/settings.h | 2 ++
|
||||
src/types.h | 2 ++
|
||||
src/zone.c | 1 +
|
||||
8 files changed, 11 insertions(+)
|
||||
|
||||
diff --git a/src/fwd.c b/src/fwd.c
|
||||
index 840f0e8..f1ab60c 100644
|
||||
--- a/src/fwd.c
|
||||
+++ b/src/fwd.c
|
||||
@@ -6,6 +6,8 @@
|
||||
|
||||
#include "config.h"
|
||||
|
||||
+#include <isc/boolean.h>
|
||||
+
|
||||
#include <isccfg/grammar.h>
|
||||
|
||||
#include <dns/forward.h>
|
||||
diff --git a/src/ldap_entry.c b/src/ldap_entry.c
|
||||
index 96a6ef8..00a7e89 100644
|
||||
--- a/src/ldap_entry.c
|
||||
+++ b/src/ldap_entry.c
|
||||
@@ -7,6 +7,7 @@
|
||||
#include <dns/ttl.h>
|
||||
#include <dns/types.h>
|
||||
|
||||
+#include <isc/int.h>
|
||||
#include <isc/region.h>
|
||||
#include <isc/types.h>
|
||||
#include <isc/util.h>
|
||||
diff --git a/src/ldap_helper.c b/src/ldap_helper.c
|
||||
index e0c4b76..74c0afe 100644
|
||||
--- a/src/ldap_helper.c
|
||||
+++ b/src/ldap_helper.c
|
||||
@@ -26,6 +26,7 @@
|
||||
|
||||
#include <isc/buffer.h>
|
||||
#include <isc/dir.h>
|
||||
+#include <isc/int.h>
|
||||
#include <isc/mem.h>
|
||||
#include <isc/mutex.h>
|
||||
#include <isc/region.h>
|
||||
diff --git a/src/ldap_helper.h b/src/ldap_helper.h
|
||||
index 6cfece5..fc21bb3 100644
|
||||
--- a/src/ldap_helper.h
|
||||
+++ b/src/ldap_helper.h
|
||||
@@ -7,6 +7,7 @@
|
||||
|
||||
#include "types.h"
|
||||
|
||||
+#include <isc/boolean.h>
|
||||
#include <isc/eventclass.h>
|
||||
#include <isc/util.h>
|
||||
#include <isccfg/cfg.h>
|
||||
diff --git a/src/mldap.c b/src/mldap.c
|
||||
index 304ba36..8b90921 100644
|
||||
--- a/src/mldap.c
|
||||
+++ b/src/mldap.c
|
||||
@@ -10,6 +10,7 @@
|
||||
#include <uuid/uuid.h>
|
||||
|
||||
#include <isc/boolean.h>
|
||||
+#include <isc/int.h>
|
||||
#include <isc/net.h>
|
||||
#include <isc/refcount.h>
|
||||
#include <isc/result.h>
|
||||
diff --git a/src/settings.h b/src/settings.h
|
||||
index 16a1e63..6585d8b 100644
|
||||
--- a/src/settings.h
|
||||
+++ b/src/settings.h
|
||||
@@ -6,6 +6,8 @@
|
||||
#define _LD_SETTINGS_H_
|
||||
|
||||
#include <isc/types.h>
|
||||
+#include <isc/boolean.h>
|
||||
+#include <isc/int.h>
|
||||
|
||||
#include <isccfg/grammar.h>
|
||||
|
||||
diff --git a/src/types.h b/src/types.h
|
||||
index 01d627c..41ef476 100644
|
||||
--- a/src/types.h
|
||||
+++ b/src/types.h
|
||||
@@ -5,7 +5,9 @@
|
||||
#ifndef _LD_TYPES_H_
|
||||
#define _LD_TYPES_H_
|
||||
|
||||
+#include <isc/boolean.h>
|
||||
#include <isc/event.h>
|
||||
+#include <isc/int.h>
|
||||
#include <isc/refcount.h>
|
||||
#include <dns/name.h>
|
||||
|
||||
diff --git a/src/zone.c b/src/zone.c
|
||||
index 284136e..b9c9936 100644
|
||||
--- a/src/zone.c
|
||||
+++ b/src/zone.c
|
||||
@@ -2,6 +2,7 @@
|
||||
* Copyright (C) 2014-2015 bind-dyndb-ldap authors; see COPYING for license
|
||||
*/
|
||||
|
||||
+#include <isc/int.h>
|
||||
#include <isc/types.h>
|
||||
#include <isc/util.h>
|
||||
|
||||
--
|
||||
2.14.5
|
||||
|
@ -1,35 +0,0 @@
|
||||
From ef1c4b7833de663549e9520e06e2b9f457b5fbec Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Mon, 28 Jan 2019 00:21:31 +0100
|
||||
Subject: [PATCH] Use correct dn value
|
||||
|
||||
New GCC correctly reports error, NULL is always passed in case of
|
||||
invalid objectclass.
|
||||
---
|
||||
src/ldap_helper.c | 3 +--
|
||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/ldap_helper.c b/src/ldap_helper.c
|
||||
index 74c0afe..0f6184d 100644
|
||||
--- a/src/ldap_helper.c
|
||||
+++ b/src/ldap_helper.c
|
||||
@@ -4102,7 +4102,6 @@ syncrepl_update(ldap_instance_t *inst, ldap_entry_t **entryp, int chgtype)
|
||||
ldap_entry_t *entry = NULL;
|
||||
dns_name_t *zone_name = NULL;
|
||||
dns_zone_t *zone_ptr = NULL;
|
||||
- char *dn = NULL;
|
||||
isc_taskaction_t action = NULL;
|
||||
isc_task_t *task = NULL;
|
||||
isc_boolean_t synchronous;
|
||||
@@ -4155,7 +4154,7 @@ syncrepl_update(ldap_instance_t *inst, ldap_entry_t **entryp, int chgtype)
|
||||
else if ((entry->class & LDAP_ENTRYCLASS_RR) != 0)
|
||||
action = update_record;
|
||||
else {
|
||||
- log_error("unsupported objectClass: dn '%s'", dn);
|
||||
+ log_error("unsupported objectClass: dn '%s'", entry->dn);
|
||||
result = ISC_R_NOTIMPLEMENTED;
|
||||
goto cleanup;
|
||||
}
|
||||
--
|
||||
2.20.1
|
||||
|
@ -1,154 +0,0 @@
|
||||
From 88096745d1ef1798854e0c8319b5ae015f045fe3 Mon Sep 17 00:00:00 2001
|
||||
From: Alexander Bokovoy <abokovoy@redhat.com>
|
||||
Date: Wed, 1 May 2019 09:24:24 +0300
|
||||
Subject: [PATCH] Move recognition of a templated attribute to
|
||||
ldap_attribute_to_rdatatype
|
||||
|
||||
When substitution of a templated entry attribute fails, we need to fall
|
||||
back to a static definition of the attribute from the same entry. This
|
||||
means, however, that ldap_attribute_to_rdatatype() will attempt to parse
|
||||
an attribute value anyway and will be confused by the templating prefix,
|
||||
thus reporting in named's logs:
|
||||
|
||||
unsupported operation: object class in resource record template DN
|
||||
'idnsname=$NAME,idnsname=$ZONE.,cn=dns,$BASEDN' changed:
|
||||
rndc reload might be necessary
|
||||
|
||||
Move recognition of a template attribute name to
|
||||
ldap_attribute_to_rdatatype() so that a proper attribute class is
|
||||
correctly derived and ignore templated attribute in the fallback code
|
||||
if case that template expansion is failed.
|
||||
|
||||
Resolves: rhbz#1705072
|
||||
---
|
||||
src/ldap_convert.c | 33 +++++++++++++++++++++++++--------
|
||||
src/ldap_convert.h | 2 ++
|
||||
src/ldap_helper.c | 21 ++++++++++++++-------
|
||||
3 files changed, 41 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/src/ldap_convert.c b/src/ldap_convert.c
|
||||
index 002a679..6e24c81 100644
|
||||
--- a/src/ldap_convert.c
|
||||
+++ b/src/ldap_convert.c
|
||||
@@ -372,23 +372,40 @@ ldap_attribute_to_rdatatype(const char *ldap_attribute, dns_rdatatype_t *rdtype)
|
||||
{
|
||||
isc_result_t result;
|
||||
unsigned len;
|
||||
+ const char *attribute = NULL;
|
||||
isc_consttextregion_t region;
|
||||
|
||||
len = strlen(ldap_attribute);
|
||||
if (len <= LDAP_RDATATYPE_SUFFIX_LEN)
|
||||
return ISC_R_UNEXPECTEDEND;
|
||||
|
||||
+
|
||||
+ /* Before looking up rdtype, we need to see if rdtype is
|
||||
+ * an LDAP subtype (type;subtype) and if so, strip one of
|
||||
+ * the known prefixes. We also need to remove 'record' suffix
|
||||
+ * if it exists. The resulting rdtype text name should have no
|
||||
+ * 'extra' details: A, AAAA, CNAME, etc. */
|
||||
+ attribute = ldap_attribute;
|
||||
+
|
||||
+ /* Does attribute name start with with TEMPLATE_PREFIX? */
|
||||
+ if (strncasecmp(LDAP_RDATATYPE_TEMPLATE_PREFIX,
|
||||
+ ldap_attribute,
|
||||
+ LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN) == 0) {
|
||||
+ attribute = ldap_attribute + LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN;
|
||||
+ len -= LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN;
|
||||
+ /* Does attribute name start with with UNKNOWN_PREFIX? */
|
||||
+ } else if (strncasecmp(LDAP_RDATATYPE_UNKNOWN_PREFIX,
|
||||
+ ldap_attribute,
|
||||
+ LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN) == 0) {
|
||||
+ attribute = ldap_attribute + LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN;
|
||||
+ len -= LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN;
|
||||
+ }
|
||||
+
|
||||
/* Does attribute name end with RECORD_SUFFIX? */
|
||||
- if (strcasecmp(ldap_attribute + len - LDAP_RDATATYPE_SUFFIX_LEN,
|
||||
+ if (strcasecmp(attribute + len - LDAP_RDATATYPE_SUFFIX_LEN,
|
||||
LDAP_RDATATYPE_SUFFIX) == 0) {
|
||||
- region.base = ldap_attribute;
|
||||
+ region.base = attribute;
|
||||
region.length = len - LDAP_RDATATYPE_SUFFIX_LEN;
|
||||
- /* Does attribute name start with with UNKNOWN_PREFIX? */
|
||||
- } else if (strncasecmp(ldap_attribute,
|
||||
- LDAP_RDATATYPE_UNKNOWN_PREFIX,
|
||||
- LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN) == 0) {
|
||||
- region.base = ldap_attribute + LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN;
|
||||
- region.length = len - LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN;
|
||||
} else
|
||||
return ISC_R_UNEXPECTED;
|
||||
|
||||
diff --git a/src/ldap_convert.h b/src/ldap_convert.h
|
||||
index 47ac947..fcd575b 100644
|
||||
--- a/src/ldap_convert.h
|
||||
+++ b/src/ldap_convert.h
|
||||
@@ -17,6 +17,8 @@
|
||||
#define LDAP_RDATATYPE_SUFFIX_LEN (sizeof(LDAP_RDATATYPE_SUFFIX) - 1)
|
||||
#define LDAP_RDATATYPE_UNKNOWN_PREFIX "UnknownRecord;"
|
||||
#define LDAP_RDATATYPE_UNKNOWN_PREFIX_LEN (sizeof(LDAP_RDATATYPE_UNKNOWN_PREFIX) - 1)
|
||||
+#define LDAP_RDATATYPE_TEMPLATE_PREFIX "idnsTemplateAttribute;"
|
||||
+#define LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN (sizeof(LDAP_RDATATYPE_TEMPLATE_PREFIX) - 1)
|
||||
|
||||
/*
|
||||
* Convert LDAP DN 'dn', to dns_name_t 'target'. 'target' needs to be
|
||||
diff --git a/src/ldap_helper.c b/src/ldap_helper.c
|
||||
index 8b486ae..7f70ee3 100644
|
||||
--- a/src/ldap_helper.c
|
||||
+++ b/src/ldap_helper.c
|
||||
@@ -2396,7 +2396,7 @@ ldap_substitute_rr_template(isc_mem_t *mctx, const settings_set_t * set,
|
||||
result = setting_find(setting_name, set, isc_boolean_true,
|
||||
isc_boolean_true, &setting);
|
||||
if (result != ISC_R_SUCCESS) {
|
||||
- log_debug(3, "setting '%s' is not defined so it "
|
||||
+ log_debug(5, "setting '%s' is not defined so it "
|
||||
"cannot be substituted into template '%s'",
|
||||
setting_name, str_buf(orig_val));
|
||||
CLEANUP_WITH(ISC_R_IGNORE);
|
||||
@@ -2459,23 +2459,22 @@ ldap_parse_rrentry_template(isc_mem_t *mctx, ldap_entry_t *entry,
|
||||
dns_rdatatype_t rdtype;
|
||||
dns_rdatalist_t *rdlist = NULL;
|
||||
isc_boolean_t did_something = ISC_FALSE;
|
||||
- static const char prefix[] = "idnsTemplateAttribute;";
|
||||
- static const char prefix_len = sizeof(prefix) - 1;
|
||||
|
||||
CHECK(str_new(mctx, &orig_val));
|
||||
rdclass = ldap_entry_getrdclass(entry);
|
||||
ttl = ldap_entry_getttl(entry, settings);
|
||||
|
||||
while ((attr = ldap_entry_nextattr(entry)) != NULL) {
|
||||
- if (strncasecmp(prefix, attr->name, prefix_len) != 0)
|
||||
+ if (strncasecmp(LDAP_RDATATYPE_TEMPLATE_PREFIX,
|
||||
+ attr->name,
|
||||
+ LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN) != 0)
|
||||
continue;
|
||||
|
||||
- result = ldap_attribute_to_rdatatype(attr->name + prefix_len,
|
||||
- &rdtype);
|
||||
+ result = ldap_attribute_to_rdatatype(attr->name, &rdtype);
|
||||
if (result != ISC_R_SUCCESS) {
|
||||
log_bug("%s: substitution into '%s' is not supported",
|
||||
ldap_entry_logname(entry),
|
||||
- attr->name + prefix_len);
|
||||
+ attr->name + LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN);
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -2559,6 +2558,14 @@ ldap_parse_rrentry(isc_mem_t *mctx, ldap_entry_t *entry, dns_name_t *origin,
|
||||
for (result = ldap_entry_firstrdtype(entry, &attr, &rdtype);
|
||||
result == ISC_R_SUCCESS;
|
||||
result = ldap_entry_nextrdtype(entry, &attr, &rdtype)) {
|
||||
+ /* If we reached this point and found a template attribute,
|
||||
+ * skip it because it was not translated above due to missing
|
||||
+ * defaults or some other errors. */
|
||||
+ if (((entry->class & LDAP_ENTRYCLASS_TEMPLATE) != 0) &&
|
||||
+ strncasecmp(LDAP_RDATATYPE_TEMPLATE_PREFIX,
|
||||
+ attr->name,
|
||||
+ LDAP_RDATATYPE_TEMPLATE_PREFIX_LEN) == 0)
|
||||
+ continue;
|
||||
|
||||
CHECK(findrdatatype_or_create(mctx, rdatalist, rdclass,
|
||||
rdtype, ttl, &rdlist));
|
||||
--
|
||||
2.21.0
|
||||
|
@ -1,22 +1,16 @@
|
||||
%define VERSION %{version}
|
||||
|
||||
%define bind_version 32:9.11.3-5
|
||||
%define bind_version 32:9.11.11-1
|
||||
|
||||
Name: bind-dyndb-ldap
|
||||
Version: 11.1
|
||||
Release: 20%{?dist}
|
||||
Version: 11.2
|
||||
Release: 1%{?dist}
|
||||
Summary: LDAP back-end plug-in for BIND
|
||||
|
||||
License: GPLv2+
|
||||
URL: https://releases.pagure.org/bind-dyndb-ldap
|
||||
Source0: https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2
|
||||
Source1: https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2.asc
|
||||
Patch1: 0001-Coverity-fix-REVERSE_INULL-for-pevent-inst.patch
|
||||
Patch2: 0002-Add-empty-callback-for-getsize.patch
|
||||
Patch3: 0003-Support-for-BIND-9.11.3.patch
|
||||
Patch4: 0004-Support-for-BIND-9.11.5.patch
|
||||
Patch5: 0005-Use-correct-dn-value.patch
|
||||
Patch6: bind-dyndb-ldap-template-attribute-defaults.patch
|
||||
|
||||
BuildRequires: bind-devel >= %{bind_version}, bind-lite-devel >= %{bind_version}, bind-pkcs11-devel >= %{bind_version}
|
||||
BuildRequires: krb5-devel
|
||||
@ -35,12 +29,6 @@ off of your LDAP server.
|
||||
|
||||
%prep
|
||||
%setup -q -n %{name}-%{VERSION}
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
|
||||
%build
|
||||
autoreconf -fiv
|
||||
@ -106,6 +94,9 @@ sed -i.bak -e "$SEDSCRIPT" /etc/named.conf
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Nov 05 2019 Alexander Bokovoy <abokovoy@redhat.com> - 11.2-1
|
||||
- New upstream release v11.2
|
||||
|
||||
* Tue Aug 27 2019 Petr Menšík <pemensik@redhat.com> - 11.1-20
|
||||
- Rebuilt for bind 9.11.10
|
||||
|
||||
|
4
sources
4
sources
@ -1,2 +1,2 @@
|
||||
SHA512 (bind-dyndb-ldap-11.1.tar.bz2) = 72e3298bfe6e1880a1d30d30f9a77b55bdee86aed10872f924abc8926bfd8d66bb436182936b1b1efb5080ee0248b2513c3344c8242d4b7fe31168ad61c6d74d
|
||||
SHA512 (bind-dyndb-ldap-11.1.tar.bz2.asc) = 1e9ec5e5c0e0e2908fb428a5ae8ec4cdb64dc4083232e8c8622e0fea10c6f88134b07b6a379099532d14a3c6022f97b87b207dcab15803975864881e025fbf6b
|
||||
SHA512 (bind-dyndb-ldap-11.2.tar.bz2) = f4129f332829c41f72a42e03aa414aa31b4581796a071e5dc630cd8202896b53253a03aa4b842ca5dc409552df214ee08426ee90402e7fd3f7779aa8faed7e06
|
||||
SHA512 (bind-dyndb-ldap-11.2.tar.bz2.asc) = 43b1ac011ae80d387bbefba9e2443d666e56d3ce947d1781b7fd049518306ace68cc512304f479b48fd3e883e373b0ba9daa4e1f3ccc482503bc6e78599740cc
|
||||
|
Loading…
Reference in New Issue
Block a user