From cfba145ce53e0c6dccf09fd93d72487ec0a16b4e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Mon, 19 Feb 2024 22:19:31 +0100
Subject: [PATCH] Define variables used for test variants

Patch171 introduces undefined variables, which may fail some tests.
Define them to empty values. Also required python3-dns with SYSTEMTEST
feature enabled.

Related: RHEL-25342
; Related: CVE-2023-4408
---
 bind-9.16-system-test-cds.patch | 33 +++++++++++++++++++++++++++++++++
 bind.spec                       |  4 ++++
 2 files changed, 37 insertions(+)
 create mode 100644 bind-9.16-system-test-cds.patch

diff --git a/bind-9.16-system-test-cds.patch b/bind-9.16-system-test-cds.patch
new file mode 100644
index 0000000..cf8fcbb
--- /dev/null
+++ b/bind-9.16-system-test-cds.patch
@@ -0,0 +1,33 @@
+From 7cc9fd1870e5264abd885ed2c419034945121d0f Mon Sep 17 00:00:00 2001
+From: Petr Mensik <pemensik@redhat.com>
+Date: Mon, 19 Feb 2024 22:13:52 +0100
+Subject: [PATCH] Define variants to empty values
+
+DNSSEC_VARIANT and NAMED_VARIANT are special Red Hat modifications to
+allow testing or alternative rebuilds, with support for pkcs11 or sdb.
+But undefined value breaks some tests, so define them to empty values.
+That means normal build variant.
+
+Required to pass upstream test suite cds test correctly.
+---
+ bin/tests/system/conf.sh.in | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in
+index 7b2b309..c2d6526 100644
+--- a/bin/tests/system/conf.sh.in
++++ b/bin/tests/system/conf.sh.in
+@@ -24,6 +24,10 @@ TMPDIR=${TMPDIR:-/tmp}
+ # This is not the windows build.
+ CYGWIN=""
+ 
++# RH specific, allow variants testing
++: ${DNSSEC_VARIANT:=}
++: ${NAMED_VARIANT:=}
++
+ # Load common values shared between windows and unix/linux.
+ . $TOP/bin/tests/system/conf.sh.common
+ 
+-- 
+2.43.2
+
diff --git a/bind.spec b/bind.spec
index 76c2c48..90d7770 100644
--- a/bind.spec
+++ b/bind.spec
@@ -144,6 +144,8 @@ Patch198: bind-9.16-CVE-2023-50387.patch
 Patch199: bind-9.16-CVE-2023-4408-test1.patch
 # https://gitlab.isc.org/isc-projects/bind9/commit/b9c10a194da3358204f5ba7d91e55332db435614
 Patch200: bind-9.16-CVE-2023-4408-test2.patch
+# Downstream only change, fixes patch 171
+Patch201: bind-9.16-system-test-cds.patch
 
 %{?systemd_ordering}
 Requires:       coreutils
@@ -183,6 +185,7 @@ BuildRequires:  softhsm
 %if %{with SYSTEMTEST}
 # bin/tests/system dependencies
 BuildRequires:  perl(Net::DNS) perl(Net::DNS::Nameserver) perl(Time::HiRes) perl(Getopt::Long)
+BuildRequires:  python-dns
 # manual configuration requires this tool
 BuildRequires:  iproute
 %endif
@@ -472,6 +475,7 @@ in HTML and PDF format.
 %patch198 -p1 -b .CVE-2023-50387
 %patch199 -p1
 %patch200 -p1
+%patch201 -p1 -b .test-variant-def
 
 %if %{with PKCS11}
 %patch135 -p1 -b .config-pkcs11