Fix queries for TKEY in nsupdate, when using GSSAPI (#1236087)
This commit is contained in:
parent
09e4b5788e
commit
19b1efe0bb
46
bind-9.11-rh1236087.patch
Normal file
46
bind-9.11-rh1236087.patch
Normal file
@ -0,0 +1,46 @@
|
||||
From 66b71679b78ad6cf2c4e5c8c1216b602e0fe1e9b Mon Sep 17 00:00:00 2001
|
||||
From: Evan Hunt <each@isc.org>
|
||||
Date: Thu, 20 Apr 2017 09:28:37 -0700
|
||||
Subject: [PATCH] [master] nsupdate: send tkey queries to the right server
|
||||
|
||||
4588. [bug] nsupdate could send queries for TKEY to the wrong
|
||||
server when using GSSAPI. Thanks to Tomas Hozza.
|
||||
[RT #39893]
|
||||
---
|
||||
bin/nsupdate/nsupdate.c | 10 ++++------
|
||||
1 file changed, 4 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c
|
||||
index 9572fd8..8fc5b20 100644
|
||||
--- a/bin/nsupdate/nsupdate.c
|
||||
+++ b/bin/nsupdate/nsupdate.c
|
||||
@@ -2799,10 +2799,8 @@ start_gssrequest(dns_name_t *master) {
|
||||
if (kserver == NULL)
|
||||
fatal("out of memory");
|
||||
}
|
||||
- if (servers == NULL)
|
||||
- get_addresses(namestr, dnsport, kserver, 1);
|
||||
- else
|
||||
- memmove(kserver, &servers[ns_inuse], sizeof(isc_sockaddr_t));
|
||||
+
|
||||
+ memmove(kserver, &master_servers[master_inuse], sizeof(isc_sockaddr_t));
|
||||
|
||||
dns_fixedname_init(&fname);
|
||||
servname = dns_fixedname_name(&fname);
|
||||
@@ -2947,11 +2945,11 @@ recvgss(isc_task_t *task, isc_event_t *event) {
|
||||
}
|
||||
|
||||
if (eresult != ISC_R_SUCCESS) {
|
||||
- next_server("recvgss", addr, eresult);
|
||||
+ next_master("recvgss", addr, eresult);
|
||||
ddebug("Destroying request [%p]", request);
|
||||
dns_request_destroy(&request);
|
||||
dns_message_renderreset(tsigquery);
|
||||
- sendrequest(&servers[ns_inuse], tsigquery, &request);
|
||||
+ sendrequest(&master_servers[master_inuse], tsigquery, &request);
|
||||
isc_mem_put(gmctx, reqinfo, sizeof(nsu_gssinfo_t));
|
||||
isc_event_free(&event);
|
||||
return;
|
||||
--
|
||||
2.9.3
|
||||
|
@ -25,7 +25,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
|
||||
Name: bind
|
||||
License: MPLv2.0
|
||||
Version: 9.11.0
|
||||
Release: 7%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
|
||||
Release: 8%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
|
||||
Epoch: 32
|
||||
Url: http://www.isc.org/products/BIND/
|
||||
Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
@ -82,6 +82,7 @@ Patch137:bind-9.10-use-of-strlcat.patch
|
||||
Patch138:bind-9.10-openssl-1.1.patch
|
||||
Patch139:bind-9.11-docbook-xsl.patch
|
||||
Patch140:bind-9.11-rh1410433.patch
|
||||
Patch141:bind-9.11-rh1236087.patch
|
||||
|
||||
# SDB patches
|
||||
Patch11: bind-9.3.2b2-sdbsrc.patch
|
||||
@ -322,6 +323,7 @@ This package provides a module which allows commands to be sent to rndc directly
|
||||
%patch138 -p1 -b .rh1390238
|
||||
%patch139 -p1 -b .rh1397186
|
||||
%patch140 -p1 -b .rh1410433
|
||||
%patch141 -p1 -b .rh1236087
|
||||
|
||||
%if %{PKCS11}
|
||||
cp -r bin/named{,-pkcs11}
|
||||
@ -1024,6 +1026,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
%{python3_sitelib}/isc/__pycache__/*py*
|
||||
|
||||
%changelog
|
||||
* Fri Apr 21 2017 Petr Menšík <pemensik@redhat.com> - 32:9.11.0-8.P5
|
||||
- Fix queries for TKEY in nsupdate, when using GSSAPI (#1236087)
|
||||
|
||||
* Thu Apr 13 2017 Petr Menšík <pemensik@redhat.com> - 32:9.11.0-7.P5
|
||||
- Update to 9.11.0-P5
|
||||
- Use BINDVERSION for upstream version
|
||||
|
Loading…
Reference in New Issue
Block a user