- 9.5.1b1 release (CVE-2008-1447)
- dropped bind-9.5-recv-race.patch because upstream doesn't want it
This commit is contained in:
Adam Tkac
parent
02d976683f
commit
3471a1770a
@ -1,4 +1,4 @@
|
||||
bind-chroot.tar.bz2
|
||||
config-4.tar.bz2
|
||||
libbind-man.tar.gz
|
||||
bind-9.5.0.tar.gz
|
||||
bind-9.5.1b1.tar.gz
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/config.dlz.in
|
||||
--- bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit 2006-06-07 04:21:50.000000000 +0200
|
||||
+++ bind-9.5.0a5/contrib/dlz/config.dlz.in 2007-07-23 11:18:54.000000000 +0200
|
||||
diff -up bind-9.5.1b1/contrib/dlz/config.dlz.in.64bit bind-9.5.1b1/contrib/dlz/config.dlz.in
|
||||
--- bind-9.5.1b1/contrib/dlz/config.dlz.in.64bit 2008-06-17 06:03:31.000000000 +0200
|
||||
+++ bind-9.5.1b1/contrib/dlz/config.dlz.in 2008-07-11 12:08:43.000000000 +0200
|
||||
@@ -17,6 +17,13 @@
|
||||
#
|
||||
dlzdir='${DLZ_DRIVER_DIR}'
|
||||
@ -15,29 +15,19 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c
|
||||
#
|
||||
# Private autoconf macro to simplify configuring drivers:
|
||||
#
|
||||
@@ -83,7 +90,7 @@ then
|
||||
if test -f $d/include/libpq-fe.h
|
||||
@@ -135,9 +142,9 @@ then
|
||||
then
|
||||
use_dlz_postgres=$d/include
|
||||
- use_dlz_postgres_lib=$d/lib
|
||||
+ use_dlz_postgres_lib=$d/${target_lib}
|
||||
break
|
||||
fi
|
||||
done
|
||||
@@ -151,10 +158,10 @@ case "$use_dlz_mysql" in
|
||||
*)
|
||||
DLZ_ADD_DRIVER(MYSQL, dlz_mysql_driver,
|
||||
[-I$use_dlz_mysql/include/mysql],
|
||||
- [-L$use_dlz_mysql/lib/mysql -lmysqlclient -lz -lcrypt -lm])
|
||||
+ [-L$use_dlz_mysql/${target_lib}/mysql -lmysqlclient -lz -lcrypt -lm])
|
||||
|
||||
AC_MSG_RESULT(
|
||||
-[using mysql from $use_dlz_mysql/lib/mysql and $use_dlz_mysql/include/mysql])
|
||||
+[using mysql from $use_dlz_mysql/${target_lib}/mysql and $use_dlz_mysql/include/mysql])
|
||||
;;
|
||||
esac
|
||||
|
||||
@@ -232,11 +239,11 @@ case "$use_dlz_bdb" in
|
||||
use_dlz_mysql=$d
|
||||
mysql_include=$d/include/mysql
|
||||
- if test -d $d/lib/mysql
|
||||
+ if test -d $d/${target_lib}/mysql
|
||||
then
|
||||
- mysql_lib=$d/lib/mysql
|
||||
+ mysql_lib=$d/${target_lib}/mysql
|
||||
else
|
||||
mysql_lib=$d/lib
|
||||
fi
|
||||
@@ -274,11 +281,11 @@ case "$use_dlz_bdb" in
|
||||
bdb_libnames="db42 db-4.2 db41 db-4.1 db"
|
||||
for d in $bdb_libnames
|
||||
do
|
||||
@ -51,7 +41,7 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c
|
||||
else
|
||||
dlz_bdb_libs=""
|
||||
fi
|
||||
@@ -341,10 +348,10 @@ case "$use_dlz_ldap" in
|
||||
@@ -383,7 +390,7 @@ case "$use_dlz_ldap" in
|
||||
*)
|
||||
DLZ_ADD_DRIVER(LDAP, dlz_ldap_driver,
|
||||
[-I$use_dlz_ldap/include],
|
||||
@ -59,12 +49,8 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c
|
||||
+ [-L$use_dlz_ldap/${target_lib} -lldap -llber])
|
||||
|
||||
AC_MSG_RESULT(
|
||||
-[using LDAP from $use_dlz_ldap/lib and $use_dlz_ldap/include])
|
||||
+[using LDAP from $use_dlz_ldap/${target_lib} and $use_dlz_ldap/include])
|
||||
;;
|
||||
esac
|
||||
|
||||
@@ -365,7 +372,7 @@ then
|
||||
[using LDAP from $use_dlz_ldap/lib and $use_dlz_ldap/include])
|
||||
@@ -407,7 +414,7 @@ then
|
||||
odbcdirs="/usr /usr/local /usr/pkg"
|
||||
for d in $odbcdirs
|
||||
do
|
||||
@ -73,7 +59,7 @@ diff -up bind-9.5.0a5/contrib/dlz/config.dlz.in.64bit bind-9.5.0a5/contrib/dlz/c
|
||||
then
|
||||
use_dlz_odbc=$d
|
||||
break
|
||||
@@ -385,7 +392,7 @@ case "$use_dlz_odbc" in
|
||||
@@ -427,7 +434,7 @@ case "$use_dlz_odbc" in
|
||||
*)
|
||||
DLZ_ADD_DRIVER(ODBC, dlz_odbc_driver,
|
||||
[-I$use_dlz_odbc/include],
|
||||
|
||||
@ -1,172 +0,0 @@
|
||||
diff -up bind-9.5.0b2/lib/isc/unix/socket.c.recv bind-9.5.0b2/lib/isc/unix/socket.c
|
||||
--- bind-9.5.0b2/lib/isc/unix/socket.c.recv 2008-04-10 16:45:33.000000000 +0200
|
||||
+++ bind-9.5.0b2/lib/isc/unix/socket.c 2008-04-10 17:00:46.000000000 +0200
|
||||
@@ -261,10 +261,10 @@ static isc_result_t allocate_socket(isc_
|
||||
static void destroy(isc_socket_t **);
|
||||
static void internal_accept(isc_task_t *, isc_event_t *);
|
||||
static void internal_connect(isc_task_t *, isc_event_t *);
|
||||
-static void internal_recv(isc_task_t *, isc_event_t *);
|
||||
+static void internal_recv(isc_event_t *);
|
||||
static void internal_send(isc_task_t *, isc_event_t *);
|
||||
static void internal_fdwatch_write(isc_task_t *, isc_event_t *);
|
||||
-static void internal_fdwatch_read(isc_task_t *, isc_event_t *);
|
||||
+static void internal_fdwatch_read(isc_event_t *);
|
||||
static void process_cmsg(isc_socket_t *, struct msghdr *, isc_socketevent_t *);
|
||||
static void build_msghdr_send(isc_socket_t *, isc_socketevent_t *,
|
||||
struct msghdr *, struct iovec *, size_t *);
|
||||
@@ -1830,7 +1830,7 @@ isc_socket_detach(isc_socket_t **socketp
|
||||
*
|
||||
* The socket and manager must be locked before calling this function.
|
||||
*/
|
||||
-static void
|
||||
+static isc_boolean_t
|
||||
dispatch_recv(isc_socket_t *sock) {
|
||||
intev_t *iev;
|
||||
isc_socketevent_t *ev;
|
||||
@@ -1841,7 +1841,7 @@ dispatch_recv(isc_socket_t *sock) {
|
||||
if (sock->type != isc_sockettype_fdwatch) {
|
||||
ev = ISC_LIST_HEAD(sock->recv_list);
|
||||
if (ev == NULL)
|
||||
- return;
|
||||
+ return ISC_FALSE;
|
||||
socket_log(sock, NULL, EVENT, NULL, 0, 0,
|
||||
"dispatch_recv: event %p -> task %p",
|
||||
ev, ev->ev_sender);
|
||||
@@ -1855,13 +1855,16 @@ dispatch_recv(isc_socket_t *sock) {
|
||||
|
||||
sock->references++;
|
||||
iev->ev_sender = sock;
|
||||
+ iev->ev_arg = sock;
|
||||
if (sock->type == isc_sockettype_fdwatch)
|
||||
- iev->ev_action = internal_fdwatch_read;
|
||||
+ internal_fdwatch_read (iev);
|
||||
else
|
||||
- iev->ev_action = internal_recv;
|
||||
- iev->ev_arg = sock;
|
||||
+ internal_recv (iev);
|
||||
|
||||
- isc_task_send(sender, (isc_event_t **)&iev);
|
||||
+ if (sock->references == 0)
|
||||
+ return ISC_TRUE;
|
||||
+
|
||||
+ return ISC_FALSE;
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -2228,7 +2231,7 @@ internal_accept(isc_task_t *me, isc_even
|
||||
}
|
||||
|
||||
static void
|
||||
-internal_recv(isc_task_t *me, isc_event_t *ev) {
|
||||
+internal_recv(isc_event_t *ev) {
|
||||
isc_socketevent_t *dev;
|
||||
isc_socket_t *sock;
|
||||
|
||||
@@ -2237,21 +2240,13 @@ internal_recv(isc_task_t *me, isc_event_
|
||||
sock = ev->ev_sender;
|
||||
INSIST(VALID_SOCKET(sock));
|
||||
|
||||
- LOCK(&sock->lock);
|
||||
- socket_log(sock, NULL, IOEVENT,
|
||||
- isc_msgcat, ISC_MSGSET_SOCKET, ISC_MSG_INTERNALRECV,
|
||||
- "internal_recv: task %p got event %p", me, ev);
|
||||
-
|
||||
INSIST(sock->pending_recv == 1);
|
||||
sock->pending_recv = 0;
|
||||
|
||||
INSIST(sock->references > 0);
|
||||
sock->references--; /* the internal event is done with this socket */
|
||||
- if (sock->references == 0) {
|
||||
- UNLOCK(&sock->lock);
|
||||
- destroy(&sock);
|
||||
+ if (sock->references == 0)
|
||||
return;
|
||||
- }
|
||||
|
||||
/*
|
||||
* Try to do as much I/O as possible on this socket. There are no
|
||||
@@ -2289,7 +2284,6 @@ internal_recv(isc_task_t *me, isc_event_
|
||||
if (!ISC_LIST_EMPTY(sock->recv_list))
|
||||
select_poke(sock->manager, sock->fd, SELECT_POKE_READ);
|
||||
|
||||
- UNLOCK(&sock->lock);
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -2388,7 +2382,7 @@ internal_fdwatch_write(isc_task_t *me, i
|
||||
}
|
||||
|
||||
static void
|
||||
-internal_fdwatch_read(isc_task_t *me, isc_event_t *ev) {
|
||||
+internal_fdwatch_read(isc_event_t *ev) {
|
||||
isc_socket_t *sock;
|
||||
int more_data;
|
||||
|
||||
@@ -2400,31 +2394,19 @@ internal_fdwatch_read(isc_task_t *me, is
|
||||
sock = (isc_socket_t *)ev->ev_sender;
|
||||
INSIST(VALID_SOCKET(sock));
|
||||
|
||||
- LOCK(&sock->lock);
|
||||
- socket_log(sock, NULL, IOEVENT,
|
||||
- isc_msgcat, ISC_MSGSET_SOCKET, ISC_MSG_INTERNALRECV,
|
||||
- "internal_fdwatch_read: task %p got event %p", me, ev);
|
||||
-
|
||||
INSIST(sock->pending_recv == 1);
|
||||
|
||||
- UNLOCK(&sock->lock);
|
||||
- more_data = (sock->fdwatchcb)(me, sock, sock->fdwatcharg);
|
||||
- LOCK(&sock->lock);
|
||||
+ INSIST(0); /* We should not be here */
|
||||
|
||||
sock->pending_recv = 0;
|
||||
|
||||
INSIST(sock->references > 0);
|
||||
sock->references--; /* the internal event is done with this socket */
|
||||
- if (sock->references == 0) {
|
||||
- UNLOCK(&sock->lock);
|
||||
- destroy(&sock);
|
||||
+ if (sock->references == 0)
|
||||
return;
|
||||
- }
|
||||
|
||||
if (more_data)
|
||||
select_poke(sock->manager, sock->fd, SELECT_POKE_READ);
|
||||
-
|
||||
- UNLOCK(&sock->lock);
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -2434,6 +2416,7 @@ process_fds(isc_socketmgr_t *manager, in
|
||||
int i;
|
||||
isc_socket_t *sock;
|
||||
isc_boolean_t unlock_sock;
|
||||
+ isc_boolean_t destroy_sock;
|
||||
|
||||
REQUIRE(maxfd <= (int)FD_SETSIZE);
|
||||
|
||||
@@ -2462,6 +2445,7 @@ process_fds(isc_socketmgr_t *manager, in
|
||||
|
||||
sock = manager->fds[i];
|
||||
unlock_sock = ISC_FALSE;
|
||||
+ destroy_sock = ISC_FALSE;
|
||||
if (FD_ISSET(i, readfds)) {
|
||||
if (sock == NULL) {
|
||||
FD_CLR(i, &manager->read_fds);
|
||||
@@ -2473,7 +2457,7 @@ process_fds(isc_socketmgr_t *manager, in
|
||||
if (sock->listener)
|
||||
dispatch_accept(sock);
|
||||
else
|
||||
- dispatch_recv(sock);
|
||||
+ destroy_sock = dispatch_recv(sock);
|
||||
}
|
||||
FD_CLR(i, &manager->read_fds);
|
||||
}
|
||||
@@ -2497,6 +2481,8 @@ process_fds(isc_socketmgr_t *manager, in
|
||||
}
|
||||
if (unlock_sock)
|
||||
UNLOCK(&sock->lock);
|
||||
+ if (destroy_sock)
|
||||
+ destroy(&sock);
|
||||
}
|
||||
}
|
||||
|
||||
16
bind.spec
16
bind.spec
@ -2,6 +2,8 @@
|
||||
# Red Hat BIND package .spec file
|
||||
#
|
||||
|
||||
%define PREVER b1
|
||||
|
||||
%{?!SDB: %define SDB 1}
|
||||
%{?!LIBBIND: %define LIBBIND 1}
|
||||
%{?!test: %define test 0}
|
||||
@ -15,14 +17,14 @@
|
||||
Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
|
||||
Name: bind
|
||||
License: ISC
|
||||
Version: 9.5.0
|
||||
Release: 37.1%{?dist}
|
||||
Version: 9.5.1
|
||||
Release: 0.1.%{PREVER}%{?dist}
|
||||
Epoch: 32
|
||||
Url: http://www.isc.org/products/BIND/
|
||||
Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
Group: System Environment/Daemons
|
||||
#
|
||||
Source: ftp://ftp.isc.org/isc/bind9/%{version}/bind-%{version}.tar.gz
|
||||
Source: ftp://ftp.isc.org/isc/bind9/%{version}/bind-%{version}%{PREVER}.tar.gz
|
||||
Source1: named.sysconfig
|
||||
Source2: named.init
|
||||
Source3: named.logrotate
|
||||
@ -54,7 +56,6 @@ Patch63: bind-9.4.0-dnssec-directory.patch
|
||||
Patch71: bind-9.5-overflow.patch
|
||||
Patch72: bind-9.5-dlz-64bit.patch
|
||||
Patch87: bind-9.5-parallel-build.patch
|
||||
Patch89: bind-9.5-recv-race.patch
|
||||
Patch90: bind-9.5-edns.patch
|
||||
Patch91: bind95-rh450995.patch
|
||||
|
||||
@ -173,7 +174,7 @@ chroot(2) jail for the named(8) program from the BIND package.
|
||||
Based on the code from Jan "Yenya" Kasprzak <kas@fi.muni.cz>
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%setup -q -n %{name}-%{version}%{PREVER}
|
||||
|
||||
# Common patches
|
||||
%patch -p1 -b .varrun
|
||||
@ -237,7 +238,6 @@ cp -fp contrib/dbus/{dbus_mgr.h,dbus_service.h} bin/named/include/named
|
||||
%patch83 -p1 -b .libidn2
|
||||
%patch85 -p1 -b .libidn3
|
||||
%patch87 -p1 -b .parallel
|
||||
%patch89 -p1 -b .recv-race
|
||||
%patch90 -p1 -b .edns
|
||||
%patch91 -p1 -b .rh450995
|
||||
:;
|
||||
@ -636,6 +636,10 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
%{_sbindir}/bind-chroot-admin
|
||||
|
||||
%changelog
|
||||
* Tue Jul 08 2008 Adam Tkac <atkac redhat com> 32:9.5.1-0.1.b1
|
||||
- 9.5.1b1 release (CVE-2008-1447)
|
||||
- dropped bind-9.5-recv-race.patch because upstream doesn't want it
|
||||
|
||||
* Mon Jun 30 2008 Adam Tkac <atkac redhat com> 32:9.5.0-37.1
|
||||
- update default named.conf statements (#452708)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user