- added new initscript option KEYTAB_FILE which specified where is located
kerberos .keytab file for named service
- obsolete temporary bind-9.5-spnego-memory_management.patch by
bind-9.5-gssapictx-free.patch which conforms BIND coding standards
(#251853)
This commit is contained in:
Adam Tkac
parent
0a58672414
commit
fb5bf17ee8
|
|
@ -0,0 +1,41 @@
|
|||
Written-by: Adam Tkac <atkac redhat com>
|
||||
diff -up bind-9.5.0a6/lib/dns/spnego.h.free bind-9.5.0a6/lib/dns/spnego.h
|
||||
--- bind-9.5.0a6/lib/dns/spnego.h.free 2007-06-20 01:47:16.000000000 +0200
|
||||
+++ bind-9.5.0a6/lib/dns/spnego.h 2007-08-22 14:32:13.000000000 +0200
|
||||
@@ -67,5 +67,9 @@ OM_uint32 gss_accept_sec_context_spnego(
|
||||
OM_uint32 *,
|
||||
gss_cred_id_t *);
|
||||
|
||||
+/*
|
||||
+ * We have to export this because we need to free memory allocated by spnego_malloc
|
||||
+ */
|
||||
+void spnego_free(void *ptr, const char *file, int line);
|
||||
|
||||
#endif
|
||||
diff -up bind-9.5.0a6/lib/dns/gssapictx.c.free bind-9.5.0a6/lib/dns/gssapictx.c
|
||||
--- bind-9.5.0a6/lib/dns/gssapictx.c.free 2007-06-20 01:47:16.000000000 +0200
|
||||
+++ bind-9.5.0a6/lib/dns/gssapictx.c 2007-08-22 14:44:46.000000000 +0200
|
||||
@@ -510,7 +510,11 @@ dst_gssapi_initctx(dns_name_t *name, isc
|
||||
RETERR(isc_buffer_copyregion(outtoken, &r));
|
||||
|
||||
(void)gss_release_name(&minor, &gname);
|
||||
+#ifdef USE_ISC_SPNEGO
|
||||
+ spnego_free (gouttoken.value, __FILE__, __LINE__);
|
||||
+#else
|
||||
(void)gss_release_buffer(&minor, &gouttoken);
|
||||
+#endif
|
||||
|
||||
if (gret == GSS_S_COMPLETE)
|
||||
result = ISC_R_SUCCESS;
|
||||
diff -up bind-9.5.0a6/lib/dns/spnego.c.free bind-9.5.0a6/lib/dns/spnego.c
|
||||
--- bind-9.5.0a6/lib/dns/spnego.c.free 2007-06-20 01:47:16.000000000 +0200
|
||||
+++ bind-9.5.0a6/lib/dns/spnego.c 2007-08-22 14:32:13.000000000 +0200
|
||||
@@ -201,7 +201,7 @@ spnego_malloc(size_t size, const char *f
|
||||
return (p);
|
||||
}
|
||||
|
||||
-static void
|
||||
+void
|
||||
spnego_free(void *ptr, const char *file, int line)
|
||||
{
|
||||
char *p = ptr;
|
||||
|
|
@ -1,92 +0,0 @@
|
|||
diff -up bind-9.5.0a6/lib/dns/spnego.c.memory_management bind-9.5.0a6/lib/dns/spnego.c
|
||||
--- bind-9.5.0a6/lib/dns/spnego.c.memory_management 2007-08-13 17:59:03.000000000 +0200
|
||||
+++ bind-9.5.0a6/lib/dns/spnego.c 2007-08-13 17:59:44.000000000 +0200
|
||||
@@ -169,88 +169,6 @@
|
||||
*/
|
||||
#include "spnego.h"
|
||||
|
||||
-/*
|
||||
- * The isc_mem function keep track of allocation sizes, but we can't
|
||||
- * get at that information, and we need to know sizes to implement a
|
||||
- * realloc() clone. So we use a little more memory to keep track of
|
||||
- * sizes allocated here.
|
||||
- *
|
||||
- * These functions follow Harbison & Steele, 4th edition, particularly
|
||||
- * with regard to realloc()'s behavior.
|
||||
- */
|
||||
-
|
||||
-static void *
|
||||
-spnego_malloc(size_t size, const char *file, int line)
|
||||
-{
|
||||
- char *p;
|
||||
-
|
||||
- if (size == 0)
|
||||
- return (NULL);
|
||||
- p = isc_mem_allocate(dst__memory_pool, size + sizeof(size_t));
|
||||
- if (p == NULL)
|
||||
- return NULL;
|
||||
- *(size_t *)p = size;
|
||||
- p += sizeof(size_t);
|
||||
-#ifdef SPNEGO_ALLOC_DEBUG
|
||||
- printf("spnego_malloc(%lu) %lx %s %u\n",
|
||||
- (unsigned long) size, (unsigned long) p, file, line);
|
||||
-#else
|
||||
- (void)file;
|
||||
- (void)line;
|
||||
-#endif
|
||||
- return (p);
|
||||
-}
|
||||
-
|
||||
-static void
|
||||
-spnego_free(void *ptr, const char *file, int line)
|
||||
-{
|
||||
- char *p = ptr;
|
||||
-
|
||||
- if (p == NULL)
|
||||
- return;
|
||||
-#ifdef SPNEGO_ALLOC_DEBUG
|
||||
- printf("spnego_free(%lx) %s %u\n",
|
||||
- (unsigned long) p, file, line);
|
||||
-#else
|
||||
- (void)file;
|
||||
- (void)line;
|
||||
-#endif
|
||||
- p -= sizeof(size_t);
|
||||
- isc_mem_free(dst__memory_pool, p);
|
||||
-}
|
||||
-
|
||||
-static void *
|
||||
-spnego_realloc(void *old_ptr, size_t new_size, const char *file, int line)
|
||||
-{
|
||||
- size_t *old_size;
|
||||
- void *new_ptr;
|
||||
-
|
||||
- if (old_ptr == NULL)
|
||||
- return (spnego_malloc(new_size, file, line));
|
||||
-
|
||||
- if (new_size == 0) {
|
||||
- spnego_free(old_ptr, file, line);
|
||||
- return (NULL);
|
||||
- }
|
||||
-
|
||||
- old_size = old_ptr;
|
||||
- old_size--;
|
||||
- if (*old_size >= new_size)
|
||||
- return (old_ptr);
|
||||
-
|
||||
- new_ptr = spnego_malloc(new_size, file, line);
|
||||
- if (new_ptr == NULL)
|
||||
- return (NULL);
|
||||
-
|
||||
- memcpy(new_ptr, old_ptr, *old_size);
|
||||
- spnego_free(old_ptr, file, line);
|
||||
- return (new_ptr);
|
||||
-}
|
||||
-
|
||||
-#define malloc(x) spnego_malloc(x, __FILE__, __LINE__)
|
||||
-#define free(x) spnego_free(x, __FILE__, __LINE__)
|
||||
-#define realloc(x,y) spnego_realloc(x, y, __FILE__, __LINE__)
|
||||
-
|
||||
/* asn1_err.h */
|
||||
/* Generated from ../../../lib/asn1/asn1_err.et */
|
||||
|
||||
15
bind.spec
15
bind.spec
|
|
@ -21,7 +21,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
|
|||
Name: bind
|
||||
License: ISC
|
||||
Version: 9.5.0
|
||||
Release: 10.%{RELEASEVER}%{?dist}
|
||||
Release: 10.2.%{RELEASEVER}%{?dist}
|
||||
Epoch: 32
|
||||
Url: http://www.isc.org/products/BIND/
|
||||
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
|
|
@ -64,8 +64,9 @@ Patch63: bind-9.4.0-dnssec-directory.patch
|
|||
Patch69: bind-9.5.0-generate-xml.patch
|
||||
Patch71: bind-9.5-overflow.patch
|
||||
Patch72: bind-9.5-dlz-64bit.patch
|
||||
Patch74: bind-9.5-spnego-memory_management.patch
|
||||
Patch75: bind-9.5-update.patch
|
||||
Patch76: bind-9.5-gssapictx-free.patch
|
||||
Patch77: bind-9.5-memory-leaks.patch
|
||||
|
||||
# SDB patches
|
||||
Patch11: bind-9.3.2b2-sdbsrc.patch
|
||||
|
|
@ -246,8 +247,9 @@ cp -fp contrib/dbus/{dbus_mgr.h,dbus_service.h} bin/named/include/named
|
|||
%patch72 -p1 -b .64bit
|
||||
%endif
|
||||
%patch73 -p1 -b .libidn
|
||||
%patch74 -p1 -b .memory
|
||||
%patch75 -p1 -b .update
|
||||
%patch76 -p1 -b .free
|
||||
%patch77 -p1 -b .leaks
|
||||
:;
|
||||
|
||||
|
||||
|
|
@ -643,6 +645,13 @@ rm -rf ${RPM_BUILD_ROOT}
|
|||
%{_sbindir}/bind-chroot-admin
|
||||
|
||||
%changelog
|
||||
* Wed Aug 22 2007 Adam Tkac <atkac redhat com> 32:9.5.0-10.2.a6
|
||||
- added new initscript option KEYTAB_FILE which specified where
|
||||
is located kerberos .keytab file for named service
|
||||
- obsolete temporary bind-9.5-spnego-memory_management.patch by
|
||||
bind-9.5-gssapictx-free.patch which conforms BIND coding standards
|
||||
(#251853)
|
||||
|
||||
* Tue Aug 21 2007 Adam Tkac <atkac redhat com> 32:9.5.0-10.a6
|
||||
- dropped direct dependency to /etc/openldap/schema directory
|
||||
- changed hardcoded paths to marcros
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@
|
|||
[ -r /etc/sysconfig/named ] && . /etc/sysconfig/named
|
||||
|
||||
RETVAL=0
|
||||
export KRB5_KTNAME=${KEYTAB_FILE:-/etc/named.keytab}
|
||||
|
||||
# Don't kill named during clean-up
|
||||
NAMED_SHUTDOWN_TIMEOUT=${NAMED_SHUTDOWN_TIMEOUT:-100}
|
||||
|
|
|
|||
|
|
@ -15,3 +15,4 @@
|
|||
# support with the named -D option. This setting disables
|
||||
# this behavior.
|
||||
#
|
||||
# KEYTAB_FILE="/dir/file" -- Specify named service keytab file (for GSS-TSIG)
|
||||
|
|
|
|||
Loading…
Reference in New Issue