bind-dyndb-ldap/bind-dyndb-ldap-11.6-bind-9.16.10.patch

From 2ddd4bf55e325071566aa1c78e3681c3239895da Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Mon, 11 Jan 2021 21:39:25 +0100
Subject: [PATCH] Add compatibility with BIND 9.16.10 API change

One parameter was added to function used internally by plugin. Nothing
like -nsec3param auto is supported by LDAP plugin. It is safe to set
resalt false always. Salt can be changed via LDAP, but has to be
specified manually.
---
 src/ldap_helper.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/ldap_helper.c b/src/ldap_helper.c
index a81a9d228..3b4ae5c67 100644
--- a/src/ldap_helper.c
+++ b/src/ldap_helper.c
@@ -1792,10 +1792,17 @@ zone_master_reconfigure_nsec3param(settings_set_t *zone_settings,
 			  dns_rdatatype_nsec3param, origin, nsec3p_str,
 			  &nsec3p_rdata));
 	CHECK(dns_rdata_tostruct(nsec3p_rdata, &nsec3p_rr, NULL));
+#if LIBDNS_VERSION_MAJOR > 1609
+	CHECK(dns_zone_setnsec3param(secure, nsec3p_rr.hash, nsec3p_rr.flags,
+				     nsec3p_rr.iterations,
+				     nsec3p_rr.salt_length, nsec3p_rr.salt,
+				     true, false));
+#else
 	CHECK(dns_zone_setnsec3param(secure, nsec3p_rr.hash, nsec3p_rr.flags,
 				     nsec3p_rr.iterations,
 				     nsec3p_rr.salt_length, nsec3p_rr.salt,
 				     true));
+#endif
 
 cleanup:
 	if (nsec3p_rdata != NULL) {
-- 
2.26.2