From e001c1a0663326dffac1ee7d65598550e4b2f70a Mon Sep 17 00:00:00 2001 From: Tomas Hozza Date: Fri, 12 Dec 2014 14:17:08 +0100 Subject: [PATCH] Drop downstream patch for nslookup/host rejected by upstream Upstream response: 26337 nslookup fails to get answer from non-recursive auth server There has been a lot of email back and forth with Adam on this. We have decided we cannot accept it, we disagree on the appropriate DNS behavior. Signed-off-by: Tomas Hozza --- bind.spec | 9 ++++----- nslookup-norec.patch | 28 ---------------------------- 2 files changed, 4 insertions(+), 33 deletions(-) delete mode 100644 nslookup-norec.patch diff --git a/bind.spec b/bind.spec index eb69cd8..2800db8 100644 --- a/bind.spec +++ b/bind.spec @@ -24,7 +24,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: ISC Version: 9.9.6 -Release: 5%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} +Release: 6%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -72,7 +72,6 @@ Patch111:bind97-exportlib.patch Patch112:bind97-rh645544.patch Patch119:bind97-rh693982.patch Patch123:bind98-rh735103.patch -Patch124:nslookup-norec.patch Patch125:bind99-buildfix.patch Patch130:bind-9.9.1-P2-dlz-libdb.patch Patch131:bind-9.9.1-P2-multlib-conflict.patch @@ -312,9 +311,6 @@ Based on the code from Jan "Yenya" Kasprzak %patch112 -p1 -b .rh645544 %patch119 -p1 -b .rh693982 %patch123 -p1 -b .rh735103 -pushd bin/dig -%patch124 -p0 -b .nslookup-norec -popd %patch125 -p1 -b .buildfix %patch130 -p1 -b .libdb %patch131 -p1 -b .multlib-conflict @@ -1022,6 +1018,9 @@ rm -rf ${RPM_BUILD_ROOT} %endif %changelog +* Fri Dec 12 2014 Tomas Hozza - 32:9.9.6-6.P1 +- Drop downstream patch for nslookup/host rejected by upstream + * Tue Dec 09 2014 Tomas Hozza - 32:9.9.6-5.P1 - Update to 9.9.6-P1 (CVE-2014-8500) diff --git a/nslookup-norec.patch b/nslookup-norec.patch deleted file mode 100644 index 77350ad..0000000 --- a/nslookup-norec.patch +++ /dev/null @@ -1,28 +0,0 @@ ---- dighost.c.orig 2011-03-11 07:46:58.000000000 +0100 -+++ dighost.c 2011-10-28 14:31:29.806591603 +0200 -@@ -2619,8 +2619,13 @@ connect_timeout(isc_task_t *task, isc_ev - } - } else { - fputs(l->cmdline, stdout); -- printf(";; connection timed out; no servers could be " -- "reached\n"); -+ if (!next_origin(ISC_LIST_HEAD(l->q))) { -+ printf(";; connection timed out; no servers could be " -+ "reached\n"); -+ } else { -+ printf(";; connection timed out; trying next " -+ "origin\n"); -+ } - cancel_lookup(l); - check_next_lookup(l); - if (exitcode < 9) -@@ -3270,7 +3275,8 @@ recv_done(isc_task_t *task, isc_event_t - return; - } - if ((msg->rcode == dns_rcode_servfail && !l->servfail_stops) || -- (check_ra && (msg->flags & DNS_MESSAGEFLAG_RA) == 0 && l->recurse)) -+ (check_ra && (msg->flags & DNS_MESSAGEFLAG_RA) == 0 && -+ msg->rcode != dns_rcode_noerror && l->recurse)) - { - dig_query_t *next = ISC_LIST_NEXT(query, link); - if (l->current_query == query)