Reenable IDN output but allow turning it off
Remove invalid downstream patch that disabled IDN output by default. Dig could enable it, but it could not be enabled in nslookup and host. Fix instead broken disable. Resolves: #1580200
This commit is contained in:
Petr Menšík
parent
135784d7f2
commit
e665b7deb0
100
bind-9.11-host-idn-disable.patch
Normal file
100
bind-9.11-host-idn-disable.patch
Normal file
@ -0,0 +1,100 @@
|
||||
From 145fac914bf47128307aea702fed7eb74b65cadd Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
|
||||
Date: Tue, 25 Sep 2018 18:08:46 +0200
|
||||
Subject: [PATCH] Disable IDN from environment as documented
|
||||
|
||||
Manual page of host contained instructions to disable IDN processing
|
||||
when it was built with libidn2. When refactoring IDN support however,
|
||||
support for disabling IDN in host and nslookup was lost. Use also
|
||||
environment variable and document it for nslookup, host and dig.
|
||||
|
||||
Support variable CHARSET=ASCII to disable IDN, supported in downstream
|
||||
RH patch since RHEL 5.
|
||||
---
|
||||
bin/dig/dig.docbook | 4 +++-
|
||||
bin/dig/dighost.c | 9 +++++++--
|
||||
bin/dig/host.docbook | 2 +-
|
||||
bin/dig/nslookup.docbook | 15 +++++++++++++++
|
||||
4 files changed, 26 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/bin/dig/dig.docbook b/bin/dig/dig.docbook
|
||||
index fedd288..d5dba72 100644
|
||||
--- a/bin/dig/dig.docbook
|
||||
+++ b/bin/dig/dig.docbook
|
||||
@@ -1288,7 +1288,9 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
|
||||
reply from the server.
|
||||
If you'd like to turn off the IDN support for some reason, use
|
||||
parameters <parameter>+noidnin</parameter> and
|
||||
- <parameter>+noidnout</parameter>.
|
||||
+ <parameter>+noidnout</parameter> or define
|
||||
+ the <envar>IDN_DISABLE</envar> environment variable.
|
||||
+
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c
|
||||
index 7408193..d46379d 100644
|
||||
--- a/bin/dig/dighost.c
|
||||
+++ b/bin/dig/dighost.c
|
||||
@@ -822,12 +822,17 @@ make_empty_lookup(void) {
|
||||
looknew->seenbadcookie = ISC_FALSE;
|
||||
looknew->badcookie = ISC_TRUE;
|
||||
#ifdef WITH_IDN_SUPPORT
|
||||
- looknew->idnin = ISC_TRUE;
|
||||
+ looknew->idnin = (getenv("IDN_DISABLE") == NULL);
|
||||
+ if (looknew->idnin) {
|
||||
+ const char *charset = getenv("CHARSET");
|
||||
+ if (charset && !strcmp(charset, "ASCII"))
|
||||
+ looknew->idnin = ISC_FALSE;
|
||||
+ }
|
||||
#else
|
||||
looknew->idnin = ISC_FALSE;
|
||||
#endif
|
||||
#ifdef WITH_IDN_OUT_SUPPORT
|
||||
- looknew->idnout = ISC_TRUE;
|
||||
+ looknew->idnout = looknew->idnin;
|
||||
#else
|
||||
looknew->idnout = ISC_FALSE;
|
||||
#endif
|
||||
diff --git a/bin/dig/host.docbook b/bin/dig/host.docbook
|
||||
index 9c3aeaa..42cbbf9 100644
|
||||
--- a/bin/dig/host.docbook
|
||||
+++ b/bin/dig/host.docbook
|
||||
@@ -378,7 +378,7 @@
|
||||
<command>host</command> appropriately converts character encoding of
|
||||
domain name before sending a request to DNS server or displaying a
|
||||
reply from the server.
|
||||
- If you'd like to turn off the IDN support for some reason, defines
|
||||
+ If you'd like to turn off the IDN support for some reason, define
|
||||
the <envar>IDN_DISABLE</envar> environment variable.
|
||||
The IDN support is disabled if the variable is set when
|
||||
<command>host</command> runs.
|
||||
diff --git a/bin/dig/nslookup.docbook b/bin/dig/nslookup.docbook
|
||||
index 3aff4e9..86a09c6 100644
|
||||
--- a/bin/dig/nslookup.docbook
|
||||
+++ b/bin/dig/nslookup.docbook
|
||||
@@ -478,6 +478,21 @@ nslookup -query=hinfo -timeout=10
|
||||
</para>
|
||||
</refsection>
|
||||
|
||||
+ <refsection><info><title>IDN SUPPORT</title></info>
|
||||
+
|
||||
+ <para>
|
||||
+ If <command>nslookup</command> has been built with IDN (internationalized
|
||||
+ domain name) support, it can accept and display non-ASCII domain names.
|
||||
+ <command>nslookup</command> appropriately converts character encoding of
|
||||
+ domain name before sending a request to DNS server or displaying a
|
||||
+ reply from the server.
|
||||
+ If you'd like to turn off the IDN support for some reason, define
|
||||
+ the <envar>IDN_DISABLE</envar> environment variable.
|
||||
+ The IDN support is disabled if the variable is set when
|
||||
+ <command>nslookup</command> runs.
|
||||
+ </para>
|
||||
+ </refsection>
|
||||
+
|
||||
<refsection><info><title>FILES</title></info>
|
||||
|
||||
<para><filename>/etc/resolv.conf</filename>
|
||||
--
|
||||
2.14.4
|
||||
|
||||
@ -1,16 +0,0 @@
|
||||
diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c
|
||||
index c179b62..cdf8826 100644
|
||||
--- a/bin/dig/dighost.c
|
||||
+++ b/bin/dig/dighost.c
|
||||
@@ -823,11 +823,7 @@ make_empty_lookup(void) {
|
||||
#else
|
||||
looknew->idnin = ISC_FALSE;
|
||||
#endif
|
||||
-#ifdef WITH_IDN_OUT_SUPPORT
|
||||
- looknew->idnout = ISC_TRUE;
|
||||
-#else
|
||||
looknew->idnout = ISC_FALSE;
|
||||
-#endif
|
||||
#ifdef DIG_SIGCHASE
|
||||
looknew->sigchase = ISC_FALSE;
|
||||
#if DIG_SIGCHASE_TD
|
||||
12
bind.spec
12
bind.spec
@ -52,7 +52,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
|
||||
Name: bind
|
||||
License: MPLv2.0
|
||||
Version: 9.11.4
|
||||
Release: 9%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
|
||||
Release: 10%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist}
|
||||
Epoch: 32
|
||||
Url: http://www.isc.org/products/BIND/
|
||||
#
|
||||
@ -123,6 +123,7 @@ Patch159:bind-9.11-rt46047.patch
|
||||
# commit b105ccee68ccc3c18e6ea530063b3c8e5a42571c
|
||||
# commit 083461d3329ff6f2410745848a926090586a9846
|
||||
Patch160:bind-9.11-rh1624100.patch
|
||||
Patch161:bind-9.11-host-idn-disable.patch
|
||||
|
||||
# SDB patches
|
||||
Patch11: bind-9.3.2b2-sdbsrc.patch
|
||||
@ -131,10 +132,6 @@ Patch12: bind-9.10-sdb.patch
|
||||
# needs inpection
|
||||
Patch17: bind-9.3.2b1-fix_sdb_ldap.patch
|
||||
|
||||
# make +noidnout default
|
||||
Patch74: bind-9.11-libidn2-noout.patch
|
||||
|
||||
|
||||
Requires(post): systemd
|
||||
Requires(preun): systemd
|
||||
Requires(postun): systemd
|
||||
@ -447,7 +444,6 @@ are used for building ISC DHCP.
|
||||
%ifnarch alpha ia64
|
||||
%patch72 -p1 -b .64bit
|
||||
%endif
|
||||
%patch74 -p1 -b .idn-noout
|
||||
%patch102 -p1 -b .rh452060
|
||||
%patch106 -p0 -b .rh490837
|
||||
%patch109 -p1 -b .rh478718
|
||||
@ -464,6 +460,7 @@ are used for building ISC DHCP.
|
||||
%patch158 -p1 -b .rt31459
|
||||
%patch159 -p1 -b .rt46047
|
||||
%patch160 -p1 -b .rh1624100
|
||||
%patch161 -p1 -b .host-idn-disable
|
||||
|
||||
mkdir lib/dns/tests/testdata/dstrandom
|
||||
cp -a %{SOURCE50} lib/dns/tests/testdata/dstrandom/random.data
|
||||
@ -1440,6 +1437,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Sep 26 2018 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-10.P2
|
||||
- Reenable IDN output but allow turning it off (#1580200)
|
||||
|
||||
* Thu Sep 20 2018 Petr Menšík <pemensik@redhat.com> - 32:9.11.4-9.P2
|
||||
- Update to bind-9.11.4-P2
|
||||
- Add /dev/urandom to chroot (#1631515)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user