import Oracle_OSS bind-dyndb-ldap-11.3-1.module+el8.3.0+7868+2151076c

.bind-dyndb-ldap.metadata

@@ -1 +1 @@
-fa27009509513d06a65b5aa16b612824280221c6 SOURCES/bind-dyndb-ldap-11.6.tar.bz2
+93bf4817926ca4b9864a5f837841962cb2b88a13 SOURCES/bind-dyndb-ldap-11.3.tar.bz2

.gitignore

@@ -1 +1 @@
-SOURCES/bind-dyndb-ldap-11.6.tar.bz2
+SOURCES/bind-dyndb-ldap-11.3.tar.bz2

SOURCES/0001-Modify-empty-zone-conflicts-under-exclusive-mode_rhbz#2133036.patch

@@ -1,37 +0,0 @@
-From 7b4c1e28b3e64f7cd075599472e349510f8d33da Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
-Date: Wed, 14 Sep 2022 17:10:11 +0200
-Subject: [PATCH] Modify empty zone conflicts under exclusive mode
-
-Does not accept new request when exclusive mode is active. Zone table
-can be modified even after main fwd entries have been added. Ensure
-empty zones handling keeps exclusive mode active.
-
-Exclusive mode were mentioned as the only protection it had by bind
-maintainer:
-https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6637#note_308928
----
- src/fwd.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/src/fwd.c b/src/fwd.c
-index 24f6e53..0a3c673 100644
---- a/src/fwd.c
-+++ b/src/fwd.c
-@@ -595,10 +595,12 @@ fwd_configure_zone(const settings_set_t *set, ldap_instance_t *inst,
- 		  dns_result_totext(result));
- 
- 	/* Handle collisions with automatic empty zones. */
--	if (isconfigured == true)
-+	if (isconfigured == true) {
-+		run_exclusive_enter(inst, &lock_state);
- 		CHECK(empty_zone_handle_conflicts(name,
- 						  view->zonetable,
- 						  (fwdpolicy == dns_fwdpolicy_first)));
-+	}
- 
- cleanup:
- 	run_exclusive_exit(inst, lock_state);
--- 
-2.37.3
-

SOURCES/0002-add-rwlock-before-include-zt-h.patch

@@ -1,10 +0,0 @@
---- a/src/zone_register.h	2020-09-14 11:11:52.000000000 -0400
-+++ a/src/zone_register.h	2022-10-11 10:01:35.293730147 -0400
-@@ -5,6 +5,7 @@
- #ifndef _LD_ZONE_REGISTER_H_
- #define _LD_ZONE_REGISTER_H_
- 
-+#include <isc/rwlock.h>
- #include <dns/zt.h>
- 
- #include "settings.h"

SOURCES/0003-bind-dyndb-ldap-11.9-bind-CVE-2023-50387.patch

@@ -1,37 +0,0 @@
-From d2864db744849736243dd92c9cdb8a96cb4c26f1 Mon Sep 17 00:00:00 2001
-From: Petr Menšík <pemensik@redhat.com>
-Date: Thu, 22 Feb 2024 17:44:31 +0100
-Subject: Rebuild required for BIND changes for KeyTrap change
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-; Related: CVE-2023-50387 CVE-2023-50868
-Related: RHEL-25396 RHEL-25385
-
-Signed-off-by: Petr Menšík <pemensik@redhat.com>
-
-diff --git a/src/mldap.c b/src/mldap.c
-index 92a330c..79efddb 100644
---- a/src/mldap.c
-+++ b/src/mldap.c
-@@ -50,18 +50,7 @@
- static unsigned char uuid_rootname_ndata[]
- 	= { 4, 'u', 'u', 'i', 'd', 4, 'l', 'd', 'a', 'p', 0 };
- static unsigned char uuid_rootname_offsets[] = { 0, 5, 10 };
--static dns_name_t uuid_rootname =
--{
--	DNS_NAME_MAGIC,
--	uuid_rootname_ndata,
--	sizeof(uuid_rootname_ndata),
--	sizeof(uuid_rootname_offsets),
--	DNS_NAMEATTR_READONLY | DNS_NAMEATTR_ABSOLUTE,
--	uuid_rootname_offsets,
--	NULL,
--	{ (void *)-1, (void *)-1 },
--	{ NULL, NULL }
--};
-+static dns_name_t uuid_rootname = DNS_NAME_INITABSOLUTE(uuid_rootname_ndata, uuid_rootname_offsets);
- 
- struct mldapdb {
-	isc_mem_t	*mctx;

SOURCES/bind-dyndb-ldap-11.3.tar.bz2.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEhAodHH8+xLL+UwQ1RxniuKu/YhoFAl7eZOEACgkQRxniuKu/
+YhqWrg//S+qgy+mv0H1cdKsBMFax0PK3hWAmS6/8eZPFOXIfZnx9Q0yCD/EYr2GA
+tdyNo71Jxnk9cnvIIDVttFgscnDDVAMKjGTtvlkgjqbRhr1jNxTeR2A9V6XZWU4m
+cq4+mJya72mnLZH0dA2kb0aeQEggSBu1aD/xxooWO4vt91aUf6ma5+OBnkGHiRfn
+zKzPx9pZeNigZuEIb3dyheymSe7zTbWUa/Ny51zv0XJdIotR+KWAzgHrt7/h5i75
+tQCkS/jxYH6vz3f6nrEkNg5UmW16PMFQcQQKSeCM2Dre3PxpRQyzXMi/YDwCx8ns
+HPjZ3hBDbCpiylsYbwNWnGtHQGsEUXphGyGV/bPyu3ls017m3hcpkokYWwA80RXt
+vLZtTwJIUtWiUBiecOF00TSURHlQ5YkGLIat2Eh1vdLXk3UfXBOVeA30Tjvuqumy
+DCZSgy6VEx0pWL3aXjWzom3UZPEbVkHoXZz+hVk7SxLrvarXKc4GwhBzSioMYhHX
+1gt/CFXT1nglH41RzucxFxLpp7VwqjP30uUeKh2dCBdfLJiiXD9AzQfdYsqCf3FH
+bQ9QHKvHz5JIJGyfU/J4UR0Nt+qELrp0kG6isgl0JCr6Z8l54ykJBCQL/rgr4CJw
+0lMTxSBhDQmQV0eiBe0Dri1DCkpH39saWPtaJfNTsy+nG/7NfWA=
+=2sD+
+-----END PGP SIGNATURE-----

SOURCES/bind-dyndb-ldap-11.6.tar.bz2.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEhAodHH8+xLL+UwQ1RxniuKu/YhoFAl+7wQUACgkQRxniuKu/
-YhrK4Q/7B3njZOLSN1nor1ftoGGgXHvOvAGZTH+S0aI/u2bGfMIy3iT6NCcXZaVy
-LftvbYUKZ1zT92LYyTng7d8qgc8B7fmIAHPKye2uuxfPgwYkqdBLLKOMoAjbijjI
-P3Qkoee9bAF89wjnEnyfE9beJ9Vwe6PQLuCovIIauYEfhXjazOhSt7aDpYQ1X5Ui
-WyUKMhbO9WZ+TokW6wMTLGC8eCJdIJz0OXrROsLp6KZW4Y4wxf/zcU/XztDmEcOm
-DIeDir1ohp8xyssfBYr9tmamD+FzoU9+oR1+WjQav/pxFBqezzm7U3cvq9PrQ7SK
-Q5jpmeNOTvoUjnEMBW/AXPxth0yXVX3XlIYjhVX3R4r/ZXwmK1g6hqsT2kSbCvAS
-/DR7yfou2SQLuH1z6qs6vd+IdTYVpsHMBBdQtHSeZ5701fyJgIABI98oMMV/KplL
-bwfL/uhTPjuH1nett7h7NuINiVET0Yy63/CRicQs199ORGLVBaQ+AVCxj33m5NH/
-ggMKhA5VNmMSSvyI/TiytLbqhjw29kjRo4/vDEqv1co9fB2J2MBdTCtSF4gixB0n
-da/W6PnKiS45f0NdqpU5oUxLDTni+hYrQV1GXavdnx8lpnab9jlJO6vOZSCodSS+
-0eMJRH7knFDrY7EEjbUD7/pPZphPQUamvecmYhgn+La4SHkf2wA=
-=cGu/
------END PGP SIGNATURE-----

SPECS/bind-dyndb-ldap.spec

@@ -1,17 +1,10 @@
 %define VERSION %{version}
 
-%define bind_version 32:9.11.36-14
-
-%if 0%{?fedora} >= 31 || 0%{?rhel} >= 9
-    %global openssl_pkcs11_version 0.4.10-2
-    %global softhsm_version 2.6.0
-%else
-    %global with_bind_pkcs11 1
-%endif
+%define bind_version 32:9.11.18-1
 
 Name:           bind-dyndb-ldap
-Version:        11.6
-Release:        6%{?dist}
+Version:        11.3
+Release:        1%{?dist}
 Summary:        LDAP back-end plug-in for BIND
 
 Group:          System Environment/Libraries
@@ -20,22 +13,14 @@ URL:            https://releases.pagure.org/bind-dyndb-ldap
 Source0:        https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2
 Source1:        https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2.asc
 
-Patch0001:      0001-Modify-empty-zone-conflicts-under-exclusive-mode_rhbz#2133036.patch
-Patch0002:      0002-add-rwlock-before-include-zt-h.patch
-Patch0003:      0003-bind-dyndb-ldap-11.9-bind-CVE-2023-50387.patch
-
 BuildRequires:  bind-devel >= %{bind_version}, bind-lite-devel >= %{bind_version}, bind-pkcs11-devel >= %{bind_version}
 BuildRequires:  krb5-devel
 BuildRequires:  openldap-devel
 BuildRequires:  libuuid-devel
 BuildRequires:  automake, autoconf, libtool
 
-%if %{with bind_pkcs11}
 Requires:       bind-pkcs11 >= %{bind_version}, bind-pkcs11-utils >= %{bind_version}
-%else
-Requires: softhsm >= %{softhsm_version}
-Requires: openssl-pkcs11 >= %{openssl_pkcs11_version}
-%endif
+
 
 %description
 This package provides an LDAP back-end plug-in for BIND. It features
@@ -44,7 +29,7 @@ off of your LDAP server.
 
 
 %prep
-%autosetup -n %{name}-%{VERSION} -p1
+%setup -q -n %{name}-%{VERSION}
 
 %build
 autoreconf -fiv
@@ -111,30 +96,6 @@ sed -i.bak -e "$SEDSCRIPT" /etc/named.conf
 
 
 %changelog
-* Thu Apr 03 2025 Rafael Jeffman <rjeffman@redhat.com> - 11.6-6
-- Fix rpminspect warnings
-  Resolves: RHEL-22497
-
-* Tue Apr 02 2024 Rafael Jeffman <rjeffman@redhat.com> - 11.6-5
-- Rebuild due to Bind ABI changes.
-  Resolves: RHEL-28842
-
-* Thu Oct 13 2022 Rafael Jeffman <rjeffman@redhat.com> - 11.6-4
-- Modify empty zone conflicts under exclusive mode
-  Resolves: rhbz#2126877
-
-* Wed Dec 22 2021 Alexander Bokovoy <abokovoy@redhat.com> - 11.6-3
-- Rebuild against bind 9.11.36
-- Resolves: rhbz#2022762
-
-* Thu Jan 07 2021 Rob Crittenden <rcritten@redhat.com> - 11.6-2
-- Rebuild against bind 9.11.26
-- Resolves: rhbz#1904612
-
-* Mon Nov 23 2020 Alexander Bokovoy <abokovoy@redhat.com> - 11.6-1
-- New upstream release
-- Resolves: rhbz#1891735
-
 * Mon Jun 08 2020 Alexander Bokovoy <abokovoy@redhat.com> - 11.3-1
 - New upstream release
 - Resolves: rhbz#1845211