Fix queries for TKEY in nsupdate, when using GSSAPI (#1236087)
This commit is contained in:
parent
09e4b5788e
commit
19b1efe0bb
46
bind-9.11-rh1236087.patch
Normal file
46
bind-9.11-rh1236087.patch
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
From 66b71679b78ad6cf2c4e5c8c1216b602e0fe1e9b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Evan Hunt <each@isc.org>
|
||||||
|
Date: Thu, 20 Apr 2017 09:28:37 -0700
|
||||||
|
Subject: [PATCH] [master] nsupdate: send tkey queries to the right server
|
||||||
|
|
||||||
|
4588. [bug] nsupdate could send queries for TKEY to the wrong
|
||||||
|
server when using GSSAPI. Thanks to Tomas Hozza.
|
||||||
|
[RT #39893]
|
||||||
|
---
|
||||||
|
bin/nsupdate/nsupdate.c | 10 ++++------
|
||||||
|
1 file changed, 4 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c
|
||||||
|
index 9572fd8..8fc5b20 100644
|
||||||
|
--- a/bin/nsupdate/nsupdate.c
|
||||||
|
+++ b/bin/nsupdate/nsupdate.c
|
||||||
|
@@ -2799,10 +2799,8 @@ start_gssrequest(dns_name_t *master) {
|
||||||
|
if (kserver == NULL)
|
||||||
|
fatal("out of memory");
|
||||||
|
}
|
||||||
|
- if (servers == NULL)
|
||||||
|
- get_addresses(namestr, dnsport, kserver, 1);
|
||||||
|
- else
|
||||||
|
- memmove(kserver, &servers[ns_inuse], sizeof(isc_sockaddr_t));
|
||||||
|
+
|
||||||
|
+ memmove(kserver, &master_servers[master_inuse], sizeof(isc_sockaddr_t));
|
||||||
|
|
||||||
|
dns_fixedname_init(&fname);
|
||||||
|
servname = dns_fixedname_name(&fname);
|
||||||
|
@@ -2947,11 +2945,11 @@ recvgss(isc_task_t *task, isc_event_t *event) {
|
||||||
|
}
|
||||||
|
|
||||||
|
if (eresult != ISC_R_SUCCESS) {
|
||||||
|
- next_server("recvgss", addr, eresult);
|
||||||
|
+ next_master("recvgss", addr, eresult);
|
||||||
|
ddebug("Destroying request [%p]", request);
|
||||||
|
dns_request_destroy(&request);
|
||||||
|
dns_message_renderreset(tsigquery);
|
||||||
|
- sendrequest(&servers[ns_inuse], tsigquery, &request);
|
||||||
|
+ sendrequest(&master_servers[master_inuse], tsigquery, &request);
|
||||||
|
isc_mem_put(gmctx, reqinfo, sizeof(nsu_gssinfo_t));
|
||||||
|
isc_event_free(&event);
|
||||||
|
return;
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
@ -25,7 +25,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
|
|||||||
Name: bind
|
Name: bind
|
||||||
License: MPLv2.0
|
License: MPLv2.0
|
||||||
Version: 9.11.0
|
Version: 9.11.0
|
||||||
Release: 7%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
|
Release: 8%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
|
||||||
Epoch: 32
|
Epoch: 32
|
||||||
Url: http://www.isc.org/products/BIND/
|
Url: http://www.isc.org/products/BIND/
|
||||||
Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
@ -82,6 +82,7 @@ Patch137:bind-9.10-use-of-strlcat.patch
|
|||||||
Patch138:bind-9.10-openssl-1.1.patch
|
Patch138:bind-9.10-openssl-1.1.patch
|
||||||
Patch139:bind-9.11-docbook-xsl.patch
|
Patch139:bind-9.11-docbook-xsl.patch
|
||||||
Patch140:bind-9.11-rh1410433.patch
|
Patch140:bind-9.11-rh1410433.patch
|
||||||
|
Patch141:bind-9.11-rh1236087.patch
|
||||||
|
|
||||||
# SDB patches
|
# SDB patches
|
||||||
Patch11: bind-9.3.2b2-sdbsrc.patch
|
Patch11: bind-9.3.2b2-sdbsrc.patch
|
||||||
@ -322,6 +323,7 @@ This package provides a module which allows commands to be sent to rndc directly
|
|||||||
%patch138 -p1 -b .rh1390238
|
%patch138 -p1 -b .rh1390238
|
||||||
%patch139 -p1 -b .rh1397186
|
%patch139 -p1 -b .rh1397186
|
||||||
%patch140 -p1 -b .rh1410433
|
%patch140 -p1 -b .rh1410433
|
||||||
|
%patch141 -p1 -b .rh1236087
|
||||||
|
|
||||||
%if %{PKCS11}
|
%if %{PKCS11}
|
||||||
cp -r bin/named{,-pkcs11}
|
cp -r bin/named{,-pkcs11}
|
||||||
@ -1024,6 +1026,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
|||||||
%{python3_sitelib}/isc/__pycache__/*py*
|
%{python3_sitelib}/isc/__pycache__/*py*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Apr 21 2017 Petr Menšík <pemensik@redhat.com> - 32:9.11.0-8.P5
|
||||||
|
- Fix queries for TKEY in nsupdate, when using GSSAPI (#1236087)
|
||||||
|
|
||||||
* Thu Apr 13 2017 Petr Menšík <pemensik@redhat.com> - 32:9.11.0-7.P5
|
* Thu Apr 13 2017 Petr Menšík <pemensik@redhat.com> - 32:9.11.0-7.P5
|
||||||
- Update to 9.11.0-P5
|
- Update to 9.11.0-P5
|
||||||
- Use BINDVERSION for upstream version
|
- Use BINDVERSION for upstream version
|
||||||
|
Loading…
Reference in New Issue
Block a user