diff --git a/bind-9.11-rt46047.patch b/bind-9.11-rt46047.patch index c5725f7..4f8181d 100644 --- a/bind-9.11-rt46047.patch +++ b/bind-9.11-rt46047.patch @@ -1,4 +1,4 @@ -From 55e649d82a1adc5209738fb8402624f03287ca87 Mon Sep 17 00:00:00 2001 +From ab9ee91f596c14cfc55a67ba3523b42a54e3e244 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Thu, 28 Sep 2017 10:09:22 -0700 Subject: [PATCH] completed and corrected the crypto-random change @@ -33,11 +33,11 @@ Subject: [PATCH] completed and corrected the crypto-random change bin/named/include/named/server.h | 2 + bin/named/interfacemgr.c | 1 + bin/named/query.c | 1 + - bin/named/server.c | 51 ++++++++++++++-------- + bin/named/server.c | 52 ++++++++++++++-------- bin/nsupdate/nsupdate.c | 4 +- bin/tests/system/pipelined/pipequeries.c | 4 +- bin/tests/system/tkey/keycreate.c | 4 +- - bin/tests/system/tkey/keydelete.c | 4 +- + bin/tests/system/tkey/keydelete.c | 5 +-- doc/arm/Bv9ARM-book.xml | 55 +++++++++++++++++------- doc/arm/notes.xml | 31 +++++++++++++ lib/dns/dst_api.c | 4 +- @@ -46,7 +46,7 @@ Subject: [PATCH] completed and corrected the crypto-random change lib/isc/include/isc/entropy.h | 50 +++++++++++++++------ lib/isc/include/isc/random.h | 28 +++++++----- lib/isccfg/namedconf.c | 2 +- - 22 files changed, 225 insertions(+), 107 deletions(-) + 22 files changed, 228 insertions(+), 106 deletions(-) diff --git a/bin/confgen/keygen.c b/bin/confgen/keygen.c index 295e16f..0f79aa8 100644 @@ -76,10 +76,10 @@ index 295e16f..0f79aa8 100644 &entropy_source, randomfile, diff --git a/bin/dnssec/dnssec-keygen.docbook b/bin/dnssec/dnssec-keygen.docbook -index ee6a489..17dddb6 100644 +index 0ae6b41..4562430 100644 --- a/bin/dnssec/dnssec-keygen.docbook +++ b/bin/dnssec/dnssec-keygen.docbook -@@ -350,15 +350,23 @@ +@@ -348,15 +348,23 @@ -r randomdev @@ -140,10 +140,10 @@ index 31a99e7..38c83ed 100644 usekeyboard); diff --git a/bin/named/client.c b/bin/named/client.c -index ce24670..0ce02a9 100644 +index 29fecad..a12623a 100644 --- a/bin/named/client.c +++ b/bin/named/client.c -@@ -1754,7 +1754,8 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, +@@ -1752,7 +1752,8 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, isc_buffer_init(&buf, cookie, sizeof(cookie)); isc_stdtime_get(&now); @@ -241,7 +241,7 @@ index f5ed2b7..b2c1d05 100644 struct ns_altsecret { diff --git a/bin/named/interfacemgr.c b/bin/named/interfacemgr.c -index d9f6df5..662eb6c 100644 +index 135533b..4546831 100644 --- a/bin/named/interfacemgr.c +++ b/bin/named/interfacemgr.c @@ -17,6 +17,7 @@ @@ -253,7 +253,7 @@ index d9f6df5..662eb6c 100644 #include #include diff --git a/bin/named/query.c b/bin/named/query.c -index 1d3edbc..193efde 100644 +index f85cc76..43a3661 100644 --- a/bin/named/query.c +++ b/bin/named/query.c @@ -19,6 +19,7 @@ @@ -265,10 +265,10 @@ index 1d3edbc..193efde 100644 #include #include diff --git a/bin/named/server.c b/bin/named/server.c -index 30e7eac..27ea3bf 100644 +index 405ff71..700f83d 100644 --- a/bin/named/server.c +++ b/bin/named/server.c -@@ -8203,21 +8203,30 @@ load_configuration(const char *filename, ns_server_t *server, +@@ -8203,21 +8203,32 @@ load_configuration(const char *filename, ns_server_t *server, * Open the source of entropy. */ if (first_time) { @@ -304,12 +304,13 @@ index 30e7eac..27ea3bf 100644 - isc_entropy_usehook(ns_g_entropy, true); -#else - int level = ISC_LOG_ERROR; -- result = isc_entropy_createfilesource(ns_g_entropy, + result = isc_entropy_createfilesource(ns_g_entropy, - randomdev); ++ randomdev); #ifdef PATH_RANDOMDEV if (ns_g_fallbackentropy != NULL) { level = ISC_LOG_INFO; -@@ -8228,8 +8237,8 @@ load_configuration(const char *filename, ns_server_t *server, +@@ -8228,8 +8239,8 @@ load_configuration(const char *filename, ns_server_t *server, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, level, @@ -320,7 +321,7 @@ index 30e7eac..27ea3bf 100644 randomdev, isc_result_totext(result)); } -@@ -8249,7 +8258,6 @@ load_configuration(const char *filename, ns_server_t *server, +@@ -8249,7 +8260,6 @@ load_configuration(const char *filename, ns_server_t *server, } isc_entropy_detach(&ns_g_fallbackentropy); } @@ -328,7 +329,15 @@ index 30e7eac..27ea3bf 100644 #endif } } -@@ -9040,6 +9048,9 @@ ns_server_create(isc_mem_t *mctx, ns_server_t **serverp) { +@@ -9014,6 +9024,7 @@ ns_server_create(isc_mem_t *mctx, ns_server_t **serverp) { + server->in_roothints = NULL; + server->blackholeacl = NULL; + server->keepresporder = NULL; ++ server->rngctx = NULL; + + /* Must be first. */ + CHECKFATAL(dst_lib_init2(ns_g_mctx, ns_g_entropy, +@@ -9040,6 +9051,9 @@ ns_server_create(isc_mem_t *mctx, ns_server_t **serverp) { CHECKFATAL(dns_tkeyctx_create(ns_g_mctx, ns_g_entropy, &server->tkeyctx), "creating TKEY context"); @@ -338,7 +347,7 @@ index 30e7eac..27ea3bf 100644 /* * Setup the server task, which is responsible for coordinating -@@ -9246,7 +9257,8 @@ ns_server_destroy(ns_server_t **serverp) { +@@ -9246,7 +9260,8 @@ ns_server_destroy(ns_server_t **serverp) { if (server->zonemgr != NULL) dns_zonemgr_detach(&server->zonemgr); @@ -348,7 +357,7 @@ index 30e7eac..27ea3bf 100644 if (server->tkeyctx != NULL) dns_tkeyctx_destroy(&server->tkeyctx); -@@ -13197,10 +13209,10 @@ newzone_cfgctx_destroy(void **cfgp) { +@@ -13197,10 +13212,10 @@ newzone_cfgctx_destroy(void **cfgp) { static isc_result_t generate_salt(unsigned char *salt, size_t saltlen) { @@ -361,7 +370,7 @@ index 30e7eac..27ea3bf 100644 } rnd; unsigned char text[512 + 1]; isc_region_t r; -@@ -13210,9 +13222,10 @@ generate_salt(unsigned char *salt, size_t saltlen) { +@@ -13210,9 +13225,10 @@ generate_salt(unsigned char *salt, size_t saltlen) { if (saltlen > 256U) return (ISC_R_RANGE); @@ -376,7 +385,7 @@ index 30e7eac..27ea3bf 100644 memmove(salt, rnd.rnd, saltlen); diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c -index 6d7a02e..626b1cf 100644 +index 0286987..0376377 100644 --- a/bin/nsupdate/nsupdate.c +++ b/bin/nsupdate/nsupdate.c @@ -283,9 +283,7 @@ setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) { @@ -421,10 +430,18 @@ index fe8698e..937fcc3 100644 } #endif diff --git a/bin/tests/system/tkey/keydelete.c b/bin/tests/system/tkey/keydelete.c -index 2146f9b..ac2c311 100644 +index 2146f9b..64b8e74 100644 --- a/bin/tests/system/tkey/keydelete.c +++ b/bin/tests/system/tkey/keydelete.c -@@ -182,9 +182,7 @@ main(int argc, char **argv) { +@@ -171,6 +171,7 @@ main(int argc, char **argv) { + randomfile = argv[2]; + argv += 2; + argc -= 2; ++ POST(argc); + } + keyname = argv[1]; + +@@ -182,9 +183,7 @@ main(int argc, char **argv) { ectx = NULL; RUNCHECK(isc_entropy_create(mctx, &ectx)); #ifdef ISC_PLATFORM_CRYPTORANDOM @@ -436,7 +453,7 @@ index 2146f9b..ac2c311 100644 } #endif diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml -index bb79723..888959c 100644 +index b40cb05..8a81438 100644 --- a/doc/arm/Bv9ARM-book.xml +++ b/doc/arm/Bv9ARM-book.xml @@ -5071,22 +5071,45 @@ badresp:1,adberr:0,findfail:0,valfail:0] @@ -502,10 +519,10 @@ index bb79723..888959c 100644 diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml -index ba9a7cf..c0256f1 100644 +index 00ce8f1..527135a 100644 --- a/doc/arm/notes.xml +++ b/doc/arm/notes.xml -@@ -117,6 +117,37 @@ +@@ -124,6 +124,37 @@ diff --git a/bind.spec b/bind.spec index 5bcff7f..dea5440 100644 --- a/bind.spec +++ b/bind.spec @@ -53,7 +53,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: MPLv2.0 Version: 9.11.7 -Release: 1%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} +Release: 2%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} Epoch: 32 Url: https://www.isc.org/downloads/bind/ # @@ -1511,6 +1511,9 @@ fi; %changelog +* Mon Jun 17 2019 Petr Menšík - 32:9.11.7-2 +- Fix OpenSSL random generator initialization + * Mon Jun 10 2019 Petr Menšík - 32:9.11.7-1 - Update to 9.11.7