rpms/bind
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Update to 9.16.25 (#2042504)

Browse Source 
- Reduced memory usage on machines with many CPU cores.
- Offline ZSK expired signatures would be signed by KSK instead
- Inline signed zone could be saved without serial, causing error after
  restart

https://downloads.isc.org/isc/bind9/9.16.25/doc/arm/html/notes.html#notes-for-bind-9-16-25
This commit is contained in:
Petr Menšík 2022-01-21 18:07:00 +01:00
parent 3bb763c2a7
commit 11207651f7
5 changed files with 9 additions and 263 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -164,3 +164,5 @@ bind-9.7.2b1.tar.gz
/bind-9.16.23.tar.xz.asc
/bind-9.16.24.tar.xz
/bind-9.16.24.tar.xz.asc
/bind-9.16.25.tar.xz
/bind-9.16.25.tar.xz.asc

199
bind-9.16-openldap-2.6-all.patch
View File

@ -1,199 +0,0 @@
From d02a805719d593863dd438798a29312a4177d207 Mon Sep 17 00:00:00 2001
From: Petr Mensik <pemensik@redhat.com>
Date: Wed, 22 Dec 2021 13:38:02 +0100
Subject: [PATCH 2/2] Change all internal functions to dlz_ldap prefix
To prevent any conflict in the future, avoid ldap_ prefix in any
internal functions. Keep it reserved for openldap only.
---
contrib/dlz/modules/ldap/dlz_ldap_dynamic.c | 52 ++++++++++-----------
1 file changed, 26 insertions(+), 26 deletions(-)
diff --git a/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c b/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
index 317a691..a653fac 100644
--- a/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
+++ b/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
@@ -128,7 +128,7 @@ b9_add_helper(ldap_instance_t *db, const char *helper_name, void *ptr);
/*% checks that the LDAP URL parameters make sense */
static isc_result_t
-ldap_checkURL(ldap_instance_t *db, char *URL, int attrCnt, const char *msg) {
+dlz_ldap_checkURL(ldap_instance_t *db, char *URL, int attrCnt, const char *msg) {
isc_result_t result = ISC_R_SUCCESS;
int ldap_result;
LDAPURLDesc *ldap_url = NULL;
@@ -248,7 +248,7 @@ cleanup:
* multithreaded operation.
*/
static void
-ldap_destroy_dblist(db_list_t *dblist) {
+dlz_ldap_destroy_dblist(db_list_t *dblist) {
dbinstance_t *ndbi = NULL;
dbinstance_t *dbi = NULL;
@@ -282,7 +282,7 @@ ldap_destroy_dblist(db_list_t *dblist) {
* multithreaded operation.
*/
static dbinstance_t *
-ldap_find_avail_conn(ldap_instance_t *ldap) {
+dlz_ldap_find_avail_conn(ldap_instance_t *ldap) {
dbinstance_t *dbi = NULL;
dbinstance_t *head;
int count = 0;
@@ -315,7 +315,7 @@ ldap_find_avail_conn(ldap_instance_t *ldap) {
#endif /* PTHREADS */
static isc_result_t
-ldap_process_results(ldap_instance_t *db, LDAP *dbc, LDAPMessage *msg,
+dlz_ldap_process_results(ldap_instance_t *db, LDAP *dbc, LDAPMessage *msg,
char **attrs, void *ptr, bool allnodes) {
isc_result_t result = ISC_R_SUCCESS;
int i = 0;
@@ -543,7 +543,7 @@ cleanup:
* obtain a result set.
*/
static isc_result_t
-ldap_get_results(const char *zone, const char *record, const char *client,
+dlz_ldap_get_results(const char *zone, const char *record, const char *client,
unsigned int query, void *dbdata, void *ptr) {
isc_result_t result;
ldap_instance_t *db = (ldap_instance_t *)dbdata;
@@ -558,7 +558,7 @@ ldap_get_results(const char *zone, const char *record, const char *client,
/* get db instance / connection */
#if PTHREADS
/* find an available DBI from the list */
- dbi = ldap_find_avail_conn(db);
+ dbi = dlz_ldap_find_avail_conn(db);
#else /* PTHREADS */
/*
* only 1 DBI - no need to lock instance lock either
@@ -667,7 +667,7 @@ ldap_get_results(const char *zone, const char *record, const char *client,
* screwed up!
*/
db->log(ISC_LOG_ERROR, "Incorrect query flag passed to "
- "ldap_get_results");
+ "dlz_ldap_get_results");
result = ISC_R_UNEXPECTED;
goto cleanup;
}
@@ -755,13 +755,13 @@ ldap_get_results(const char *zone, const char *record, const char *client,
switch (query) {
case ALLNODES:
- result = ldap_process_results(db, (LDAP *)dbi->dbconn, ldap_msg,
- ldap_url->lud_attrs, ptr, true);
+ result = dlz_ldap_process_results(db, (LDAP *)dbi->dbconn, ldap_msg,
+ ldap_url->lud_attrs, ptr, true);
break;
case AUTHORITY:
case LOOKUP:
- result = ldap_process_results(db, (LDAP *)dbi->dbconn, ldap_msg,
- ldap_url->lud_attrs, ptr, false);
+ result = dlz_ldap_process_results(db, (LDAP *)dbi->dbconn, ldap_msg,
+ ldap_url->lud_attrs, ptr, false);
break;
case ALLOWXFR:
entries = ldap_count_entries((LDAP *)dbi->dbconn, ldap_msg);
@@ -789,7 +789,7 @@ ldap_get_results(const char *zone, const char *record, const char *client,
* screwed up!
*/
db->log(ISC_LOG_ERROR, "Incorrect query flag passed to "
- "ldap_get_results");
+ "dlz_ldap_get_results");
result = ISC_R_UNEXPECTED;
}
@@ -847,18 +847,18 @@ dlz_allowzonexfr(void *dbdata, const char *name, const char *client) {
}
/* get all the zone data */
- result = ldap_get_results(name, NULL, client, ALLOWXFR, dbdata, NULL);
+ result = dlz_ldap_get_results(name, NULL, client, ALLOWXFR, dbdata, NULL);
return (result);
}
isc_result_t
dlz_allnodes(const char *zone, void *dbdata, dns_sdlzallnodes_t *allnodes) {
- return (ldap_get_results(zone, NULL, NULL, ALLNODES, dbdata, allnodes));
+ return (dlz_ldap_get_results(zone, NULL, NULL, ALLNODES, dbdata, allnodes));
}
isc_result_t
dlz_authority(const char *zone, void *dbdata, dns_sdlzlookup_t *lookup) {
- return (ldap_get_results(zone, NULL, NULL, AUTHORITY, dbdata, lookup));
+ return (dlz_ldap_get_results(zone, NULL, NULL, AUTHORITY, dbdata, lookup));
}
#if DLZ_DLOPEN_VERSION < 3
@@ -874,7 +874,7 @@ dlz_findzonedb(void *dbdata, const char *name, dns_clientinfomethods_t *methods,
UNUSED(methods);
UNUSED(clientinfo);
#endif /* if DLZ_DLOPEN_VERSION >= 3 */
- return (ldap_get_results(name, NULL, NULL, FINDZONE, dbdata, NULL));
+ return (dlz_ldap_get_results(name, NULL, NULL, FINDZONE, dbdata, NULL));
}
#if DLZ_DLOPEN_VERSION == 1
@@ -896,11 +896,11 @@ dlz_lookup(const char *zone, const char *name, void *dbdata,
#endif /* if DLZ_DLOPEN_VERSION >= 2 */
if (strcmp(name, "*") == 0) {
- result = ldap_get_results(zone, "~", NULL, LOOKUP, dbdata,
- lookup);
+ result = dlz_ldap_get_results(zone, "~", NULL, LOOKUP, dbdata,
+ lookup);
} else {
- result = ldap_get_results(zone, name, NULL, LOOKUP, dbdata,
- lookup);
+ result = dlz_ldap_get_results(zone, name, NULL, LOOKUP, dbdata,
+ lookup);
}
return (result);
}
@@ -1000,29 +1000,29 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata,
/* check that LDAP URL parameters make sense */
switch (argc) {
case 12:
- result = ldap_checkURL(ldap, argv[11], 0,
+ result = dlz_ldap_checkURL(ldap, argv[11], 0,
"allow zone transfer");
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
case 11:
- result = ldap_checkURL(ldap, argv[10], 3, "all nodes");
+ result = dlz_ldap_checkURL(ldap, argv[10], 3, "all nodes");
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
case 10:
if (strlen(argv[9]) > 0) {
- result = ldap_checkURL(ldap, argv[9], 3, "authority");
+ result = dlz_ldap_checkURL(ldap, argv[9], 3, "authority");
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
}
case 9:
- result = ldap_checkURL(ldap, argv[8], 3, "lookup");
+ result = dlz_ldap_checkURL(ldap, argv[8], 3, "lookup");
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
- result = ldap_checkURL(ldap, argv[7], 0, "find zone");
+ result = dlz_ldap_checkURL(ldap, argv[7], 0, "find zone");
if (result != ISC_R_SUCCESS) {
goto cleanup;
}
@@ -1199,7 +1199,7 @@ dlz_destroy(void *dbdata) {
#if PTHREADS
/* cleanup the list of DBI's */
if (db->db != NULL) {
- ldap_destroy_dblist((db_list_t *)(db->db));
+ dlz_ldap_destroy_dblist((db_list_t *)(db->db));
}
#else /* PTHREADS */
if (db->db->dbconn != NULL) {
--
2.31.1

55
bind-9.16-openldap-2.6.patch
View File

@ -1,55 +0,0 @@
From e6ed26c98ebac9313ce531a366f96ff9912e84af Mon Sep 17 00:00:00 2001
From: Petr Mensik <pemensik@redhat.com>
Date: Wed, 22 Dec 2021 13:36:39 +0100
Subject: [PATCH 1/2] Avoid conflict with ldap_connect function of openldap
ldap_connect is defined by OpenLDAP 2.6. Compiler complains there are
conflicting declarations. Use dlz_ldap prefix instead of ldap to avoid
conflict.
---
contrib/dlz/modules/ldap/dlz_ldap_dynamic.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c b/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
index 543a95d..317a691 100644
--- a/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
+++ b/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
@@ -193,7 +193,7 @@ cleanup:
/*% Connects / reconnects to LDAP server */
static isc_result_t
-ldap_connect(ldap_instance_t *dbi, dbinstance_t *dbc) {
+dlz_ldap_connect(ldap_instance_t *dbi, dbinstance_t *dbc) {
isc_result_t result;
int ldap_result;
@@ -700,7 +700,7 @@ ldap_get_results(const char *zone, const char *record, const char *client,
db->log(ISC_LOG_INFO, "LDAP driver attempting to "
"re-connect");
- result = ldap_connect((ldap_instance_t *)dbdata, dbi);
+ result = dlz_ldap_connect((ldap_instance_t *)dbdata, dbi);
if (result != ISC_R_SUCCESS) {
result = ISC_R_FAILURE;
continue;
@@ -731,7 +731,7 @@ ldap_get_results(const char *zone, const char *record, const char *client,
case LDAP_SERVER_DOWN:
db->log(ISC_LOG_INFO, "LDAP driver attempting to "
"re-connect");
- result = ldap_connect((ldap_instance_t *)dbdata, dbi);
+ result = dlz_ldap_connect((ldap_instance_t *)dbdata, dbi);
if (result != ISC_R_SUCCESS) {
result = ISC_R_FAILURE;
}
@@ -1117,7 +1117,7 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata,
ldap->db = dbi;
#endif /* if PTHREADS */
/* attempt to connect */
- result = ldap_connect(ldap, dbi);
+ result = dlz_ldap_connect(ldap, dbi);
/*
* if db connection cannot be created, log err msg and
--
2.31.1

12
bind.spec
View File

@ -52,8 +52,8 @@
Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
Name: bind
License: MPLv2.0
Version: 9.16.24
Release: 3%{?dist}
Version: 9.16.25
Release: 1%{?dist}
Epoch: 32
Url: https://www.isc.org/downloads/bind/
#
@ -102,9 +102,6 @@ Patch149:bind-9.11-kyua-pkcs11.patch
Patch157:bind-9.11-fips-tests.patch
# https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/2689
Patch164:bind-9.11-rh1666814.patch
# https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/5665
Patch165:bind-9.16-openldap-2.6.patch
Patch166:bind-9.16-openldap-2.6-all.patch
%{?systemd_ordering}
Requires: coreutils
@ -403,8 +400,6 @@ in HTML and PDF format.
%patch130 -p1 -b .libdb
%patch157 -p1 -b .fips-tests
%patch164 -p1 -b .rh1666814
%patch165 -p1 -b .rh2032704
%patch166 -p1 -b .rh2032704-2
%if %{with PKCS11}
%patch135 -p1 -b .config-pkcs11
@ -1127,6 +1122,9 @@ fi;
%endif
%changelog
* Fri Jan 21 2022 Petr Menšík <pemensik@redhat.com> - 32:9.16.25-1
- Update to 9.16.25 (#2042504)
* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 32:9.16.24-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

4
sources
View File

@ -1,2 +1,2 @@
SHA512 (bind-9.16.24.tar.xz) = a982bcad8c517dbcb81e768486e1a8b92e495efcf45c4961170c3bc7fac837903605dcd05cfb9b9e1074599b90be1b9c3dbca4162ede0a32fe4c3405ad92816b
SHA512 (bind-9.16.24.tar.xz.asc) = 60afa2b2646fc761d85d15bc236fc700399478dfc8a9376bd591f1a3df4c0f26e029d6e8818cce3cdcd04600fd9d7b4d0092ac11a7c322159d15795165af3c79
SHA512 (bind-9.16.25.tar.xz) = e43c0e59159d3a5642db051f3982d8767fb726426380c32960fefe4b9afd05708ed8f7e80a98b803a580b048e1a368c888e2dd5695fa5fcd7b8b75574a27cb62
SHA512 (bind-9.16.25.tar.xz.asc) = ceb0af75619f2a2da4f183bb7d367f5a302ee41e140bc710b47aefedc3717b9cd7452f988e480a8798734f532338f3c03252a704e45b9d0a31f46ea499d1d572