76 lines
2.2 KiB
Diff
76 lines
2.2 KiB
Diff
From 33a671ebd0c4019c6ebb7e46a8329dbcdb4cc18d Mon Sep 17 00:00:00 2001
|
|
From: Petr Menšík <pemensik@redhat.com>
|
|
Date: Aug 07 2024 14:19:46 +0000
|
|
Subject: Detect presence of dns_zone_setmaxrrperset
|
|
|
|
|
|
Because it were backported into bind-9.16 branch by upstream and testing
|
|
of simpler variant fails in some cases. This assumes these call do not
|
|
appear only after 9.18.28, but may be backported into previous versions.
|
|
Tests just call presence and assumes dns_db_setmaxtypepername will be
|
|
present also.
|
|
|
|
---
|
|
configure.ac | 4 ++++
|
|
src/ldap_driver.c | 25 +++++++++++++++++++++++++
|
|
2 files changed, 29 insertions(+)
|
|
|
|
diff --git a/configure.ac b/configure.ac
|
|
index b4a85e2..5b6b975 100644
|
|
--- a/configure.ac
|
|
+++ b/configure.ac
|
|
@@ -137,6 +137,10 @@ AC_CHECK_LIB([dns], [dns_db_setservestalettl],
|
|
[AC_DEFINE([HAVE_DNS_SERVESTALE], 1, [Define if dns library provides dns_db_setservestalettl])]
|
|
)
|
|
|
|
+AC_CHECK_LIB([dns], [dns_db_setmaxrrperset],
|
|
+ [AC_DEFINE([HAVE_DNS_DB_SETMAXRRPERSET], 1, [Define if dns library provides dns_db_setmaxrrperset])]
|
|
+)
|
|
+
|
|
dnl Older autoconf (2.59, for example) doesn't define docdir
|
|
[[ ! -n "$docdir" ]] && docdir='${datadir}/doc/${PACKAGE_TARNAME}'
|
|
AC_SUBST([docdir])
|
|
diff --git a/src/ldap_driver.c b/src/ldap_driver.c
|
|
index 03d3162..10693fc 100644
|
|
--- a/src/ldap_driver.c
|
|
+++ b/src/ldap_driver.c
|
|
@@ -909,6 +909,27 @@ adjusthashsize(dns_db_t *db, size_t size) {
|
|
}
|
|
#endif
|
|
|
|
+#if HAVE_DNS_DB_SETMAXRRPERSET
|
|
+/* Calls added to fix CVE-2024-1737 in 9.18.28 */
|
|
+static void
|
|
+setmaxrrperset(dns_db_t *db, uint32_t value) {
|
|
+ ldapdb_t *ldapdb = (ldapdb_t *) db;
|
|
+
|
|
+ REQUIRE(VALID_LDAPDB(ldapdb));
|
|
+
|
|
+ return dns_db_setmaxrrperset(ldapdb->rbtdb, value);
|
|
+}
|
|
+
|
|
+static void
|
|
+setmaxtypepername(dns_db_t *db, uint32_t value) {
|
|
+ ldapdb_t *ldapdb = (ldapdb_t *) db;
|
|
+
|
|
+ REQUIRE(VALID_LDAPDB(ldapdb));
|
|
+
|
|
+ return dns_db_setmaxtypepername(ldapdb->rbtdb, value);
|
|
+}
|
|
+#endif
|
|
+
|
|
static dns_dbmethods_t ldapdb_methods = {
|
|
attach,
|
|
detach,
|
|
@@ -969,6 +990,10 @@ static dns_dbmethods_t ldapdb_methods = {
|
|
#if LIBDNS_VERSION_MAJOR >= 1606
|
|
adjusthashsize, /* adjusthashsize */
|
|
#endif
|
|
+#if HAVE_DNS_DB_SETMAXRRPERSET
|
|
+ setmaxrrperset, /* setmaxrrperset */
|
|
+ setmaxtypepername, /* setmaxtypepername */
|
|
+#endif
|
|
};
|
|
|
|
isc_result_t ATTR_NONNULLS
|