rpms/kea
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c10s
Branches Tags
rpms:c10s
rpms:c10
rpms:imports/c10s/kea-3.0.2-5.el10
rpms:imports/c10s/kea-3.0.2-4.el10
rpms:imports/c10s/kea-3.0.2-2.el10
rpms:imports/c10/kea-3.0.1-2.el10_1
rpms:imports/c10s/kea-3.0.2-1.el10
rpms:imports/c10s/kea-3.0.1-1.el10
rpms:imports/c10s/kea-3.0.0-2.el10
rpms:imports/c10/kea-2.6.3-1.el10_0
rpms:imports/c10/kea-2.6.3-1.el10
rpms:imports/c10s/kea-2.6.3-1.el10
rpms:imports/c10s/kea-2.6.1-9.el10
rpms:imports/c10s/kea-2.6.1-8.el10
rpms:imports/c10s/kea-2.6.1-7.el10
rpms:imports/c10s/kea-2.6.1-6.el10
rpms:imports/c10s/kea-2.6.1-5.el10
rpms:imports/c10s/kea-2.6.1-1.el10
rpms:imports/c10s/kea-2.6.1-4.el10
rpms:imports/c10s/kea-2.6.1-3.el10
...
pull from: rpms:c10
Branches Tags
rpms:c10s
rpms:c10
rpms:imports/c10s/kea-3.0.2-5.el10
rpms:imports/c10s/kea-3.0.2-4.el10
rpms:imports/c10s/kea-3.0.2-2.el10
rpms:imports/c10/kea-3.0.1-2.el10_1
rpms:imports/c10s/kea-3.0.2-1.el10
rpms:imports/c10s/kea-3.0.1-1.el10
rpms:imports/c10s/kea-3.0.0-2.el10
rpms:imports/c10/kea-2.6.3-1.el10_0
rpms:imports/c10/kea-2.6.3-1.el10
rpms:imports/c10s/kea-2.6.3-1.el10
rpms:imports/c10s/kea-2.6.1-9.el10
rpms:imports/c10s/kea-2.6.1-8.el10
rpms:imports/c10s/kea-2.6.1-7.el10
rpms:imports/c10s/kea-2.6.1-6.el10
rpms:imports/c10s/kea-2.6.1-5.el10
rpms:imports/c10s/kea-2.6.1-1.el10
rpms:imports/c10s/kea-2.6.1-4.el10
rpms:imports/c10s/kea-2.6.1-3.el10

2 Commits
c10s ... c10

Author SHA1 Message Date
eabdullin
e06ae9f49f import OL kea-3.0.1-2.el10_1 2025-12-04 09:12:08 +00:00
eabdullin
193b4251f0 import CS kea-2.6.3-1.el10 2025-06-17 12:14:47 +00:00
17 changed files with 985 additions and 559 deletions
Show Stats Expand all files Collapse all files

1
.fmf/version
View File

@ -1 +0,0 @@
1

7
.gitignore vendored
View File

@ -1,5 +1,2 @@
/.*.swp kea-3.0.1.tar.xz
/kea-*.tar.gz keama-4.5.0.tar.gz
/kea-*.tar.gz.asc
/keama-*.tar.gz
/keama-*.tar.gz.asc

180
CVE-2025-11232.patch Normal file
View File

@ -0,0 +1,180 @@
diff --git a/src/bin/dhcp4/dhcp4_messages.mes b/src/bin/dhcp4/dhcp4_messages.mes
index 1deb2e6074..b359d09616 100644
--- a/src/bin/dhcp4/dhcp4_messages.mes
+++ b/src/bin/dhcp4/dhcp4_messages.mes
@@ -164,6 +164,20 @@ This debug message is issued when the server starts processing the Hostname
option sent in the client's query. The argument includes the client and
transaction identification information.
+% DHCP4_CLIENT_HOSTNAME_SCRUBBED_EMPTY %1: sanitizing client's Hostname option '%2' yielded an empty string
+Logged at debug log level 50.
+This debug message is issued when the result of sanitizing the
+hostname option(12) sent by the client is an empty string. When this occurs
+the server will ignore the hostname option. The arguments include the
+client and the hostname option it sent.
+
+% DHCP4_CLIENT_FQDN_SCRUBBED_EMPTY %1: sanitizing client's FQDN option '%2' yielded an empty string
+Logged at debug log level 50.
+This debug message is issued when the result of sanitizing the
+FQDN option(81) sent by the client is an empty string. When this occurs
+the server will ignore the FQDN option. The arguments include the
+client and the FQDN option it sent.
+
% DHCP4_CLIENT_NAME_PROC_FAIL %1: failed to process the fqdn or hostname sent by a client: %2
Logged at debug log level 55.
This debug message is issued when the DHCP server was unable to process the
diff --git a/src/bin/dhcp4/dhcp4_srv.cc b/src/bin/dhcp4/dhcp4_srv.cc
index 0701ed41e9..a6be662889 100644
--- a/src/bin/dhcp4/dhcp4_srv.cc
+++ b/src/bin/dhcp4/dhcp4_srv.cc
@@ -2714,8 +2714,15 @@ Dhcpv4Srv::processClientFqdnOption(Dhcpv4Exchange& ex) {
} else {
// Adjust the domain name based on domain name value and type sent by the
// client and current configuration.
- d2_mgr.adjustDomainName<Option4ClientFqdn>(*fqdn, *fqdn_resp,
- *(ex.getContext()->getDdnsParams()));
+ try {
+ d2_mgr.adjustDomainName<Option4ClientFqdn>(*fqdn, *fqdn_resp,
+ *(ex.getContext()->getDdnsParams()));
+ } catch (const FQDNScrubbedEmpty& scrubbed) {
+ LOG_DEBUG(ddns4_logger, DBG_DHCP4_DETAIL, DHCP4_CLIENT_FQDN_SCRUBBED_EMPTY)
+ .arg(ex.getQuery()->getLabel())
+ .arg(scrubbed.what());
+ return;
+ }
}
// Add FQDN option to the response message. Note that, there may be some
@@ -2857,7 +2864,15 @@ Dhcpv4Srv::processHostnameOption(Dhcpv4Exchange& ex) {
ex.getContext()->getDdnsParams()->getHostnameSanitizer();
if (sanitizer) {
- hostname = sanitizer->scrub(hostname);
+ auto tmp = sanitizer->scrub(hostname);
+ if (tmp.empty()) {
+ LOG_DEBUG(ddns4_logger, DBG_DHCP4_DETAIL, DHCP4_CLIENT_HOSTNAME_SCRUBBED_EMPTY)
+ .arg(ex.getQuery()->getLabel())
+ .arg(hostname);
+ return;
+ }
+
+ hostname = tmp;
}
// Convert hostname to lower case.
diff --git a/src/bin/dhcp6/dhcp6_messages.mes b/src/bin/dhcp6/dhcp6_messages.mes
index fff50ed367..79fc984ff5 100644
--- a/src/bin/dhcp6/dhcp6_messages.mes
+++ b/src/bin/dhcp6/dhcp6_messages.mes
@@ -1167,3 +1167,10 @@ such modification. The clients will remember previous server-id, and will
use it to extend their leases. As a result, they will have to go through
a rebinding phase to re-acquire their leases and associate them with a
new server id.
+
+% DHCP6_CLIENT_FQDN_SCRUBBED_EMPTY %1: sanitizing client's FQDN option '%2' yielded an empty string
+Logged at debug log level 50.
+This debug message is issued when the result of sanitizing the
+FQDN option(39) sent by the client is an empty string. When this occurs
+the server will ignore the FQDN option. The arguments include the
+client and the FQDN option it sent.
diff --git a/src/bin/dhcp6/dhcp6_srv.cc b/src/bin/dhcp6/dhcp6_srv.cc
index 417960b126..f999c3178f 100644
--- a/src/bin/dhcp6/dhcp6_srv.cc
+++ b/src/bin/dhcp6/dhcp6_srv.cc
@@ -2332,7 +2332,14 @@ Dhcpv6Srv::processClientFqdn(const Pkt6Ptr& question, const Pkt6Ptr& answer,
} else {
// Adjust the domain name based on domain name value and type sent by
// the client and current configuration.
- d2_mgr.adjustDomainName<Option6ClientFqdn>(*fqdn, *fqdn_resp, *ddns_params);
+ try {
+ d2_mgr.adjustDomainName<Option6ClientFqdn>(*fqdn, *fqdn_resp, *ddns_params);
+ } catch(const FQDNScrubbedEmpty& scrubbed) {
+ LOG_DEBUG(ddns6_logger, DBG_DHCP6_DETAIL, DHCP6_CLIENT_FQDN_SCRUBBED_EMPTY)
+ .arg(question->getLabel())
+ .arg(scrubbed.what());
+ return;
+ }
}
// Once we have the FQDN setup to use it for the lease hostname. This
diff --git a/src/lib/dhcpsrv/d2_client_mgr.cc b/src/lib/dhcpsrv/d2_client_mgr.cc
index 84ee11d9fb..54c815176e 100644
--- a/src/lib/dhcpsrv/d2_client_mgr.cc
+++ b/src/lib/dhcpsrv/d2_client_mgr.cc
@@ -186,10 +186,15 @@ std::string
D2ClientMgr::qualifyName(const std::string& partial_name,
const DdnsParams& ddns_params,
const bool trailing_dot) const {
+ if (partial_name.empty()) {
+ isc_throw(BadValue, "D2ClientMgr::qualifyName"
+ " - partial_name cannot be an empty string");
+ }
+
std::ostringstream gen_name;
gen_name << partial_name;
std::string suffix = ddns_params.getQualifyingSuffix();
- if (!suffix.empty() && partial_name.back() != '.') {
+ if (!suffix.empty() && (partial_name.back() != '.')) {
bool suffix_present = true;
std::string str = gen_name.str();
auto suffix_rit = suffix.rbegin();
@@ -241,7 +246,7 @@ D2ClientMgr::qualifyName(const std::string& partial_name,
// If the trailing dot should not be appended but it is present,
// remove it.
if ((len > 0) && (str[len - 1] == '.')) {
- gen_name.str(str.substr(0,len-1));
+ gen_name.str(str.substr(0, len-1));
}
}
diff --git a/src/lib/dhcpsrv/d2_client_mgr.h b/src/lib/dhcpsrv/d2_client_mgr.h
index 7344f19a40..238fd0a415 100644
--- a/src/lib/dhcpsrv/d2_client_mgr.h
+++ b/src/lib/dhcpsrv/d2_client_mgr.h
@@ -30,6 +30,14 @@
namespace isc {
namespace dhcp {
+/// @brief Exception thrown when host name sanitizing reduces
+/// the domain name to an empty string.
+class FQDNScrubbedEmpty : public Exception {
+public:
+ FQDNScrubbedEmpty(const char* file, size_t line, const char* what) :
+ isc::Exception(file, line, what) { }
+};
+
/// @brief Defines the type for D2 IO error handler.
/// This callback is invoked when a send to kea-dhcp-ddns completes with a
/// failed status. This provides the application layer (Kea) with a means to
@@ -197,6 +205,7 @@ public:
/// suffix itself is empty (i.e. "").
///
/// @return std::string containing the qualified name.
+ /// @throw BadValue if partial_name is empty.
std::string qualifyName(const std::string& partial_name,
const DdnsParams& ddns_params,
const bool trailing_dot) const;
@@ -264,6 +273,9 @@ public:
/// @param ddns_params DDNS behavioral configuration parameters
/// @tparam T FQDN Option class containing the FQDN data such as
/// dhcp::Option4ClientFqdn or dhcp::Option6ClientFqdn
+ ///
+ /// @throw FQDNScrubbedEmpty if hostname sanitizing reduces the input domain
+ /// name to an empty string.
template <class T>
void adjustDomainName(const T& fqdn, T& fqdn_resp,
const DdnsParams& ddns_params);
@@ -515,7 +527,12 @@ D2ClientMgr::adjustDomainName(const T& fqdn, T& fqdn_resp, const DdnsParams& ddn
ss << sanitizer->scrub(label);
}
- client_name = ss.str();
+ std::string clean_name = ss.str();
+ if (clean_name.empty() || clean_name == ".") {
+ isc_throw(FQDNScrubbedEmpty, client_name);
+ }
+
+ client_name = clean_name;
}
// If the supplied name is partial, qualify it by adding the suffix.

328
changelog
View File

@ -1,328 +0,0 @@
* Thu Aug 10 2023 Martin Osvald <mosvald@redhat.com> - 2.4.0-4
- Rebuilt for log4cplus 2.1.0
- kea.spec: do not use %%{name} to allow different package name
- kea.spec: do not use glob on %%{_libdir}, %%{_mandir} and %%{_sbindir}
to conform with packaging guidelines
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jul 06 2023 Martin Osvald <mosvald@redhat.com> - 2.4.0-1
- New version 2.4.0
- Migrated to SPDX license
- Do not export CXXFLAGS with -std=gnu++11 to stop boost warning messages
* Thu Jun 15 2023 Python Maint <python-maint@redhat.com> - 2.2.0-5
- Rebuilt for Python 3.12
* Mon Feb 20 2023 Jonathan Wakely <jwakely@redhat.com> - 2.2.0-4
- Rebuilt for Boost 1.81
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Nov 16 2022 Ondřej Sloup <osloup@redhat.com> - 2.2.0-2
- Rebuild for new PostgreSQL 15
* Wed Jul 27 2022 Martin Osvald <mosvald@redhat.com> - 2.2.0-1
- New version 2.2.0
- Add source code signature verification
* Thu Jul 21 2022 Martin Osvald <mosvald@redhat.com> - 2.0.2-4
- kea fails to build docs with Sphinx 5+ (#2105931)
* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 2.0.2-3
- Rebuilt for Python 3.11
* Wed May 04 2022 Thomas Rodgers <trodgers@redhat.com> - 2.0.2-2
- Rebuilt for Boost 1.78
* Thu Mar 03 2022 Martin Osvald <mosvald@redhat.com> - 2.0.2-1
- New version 2.0.2
* Mon Feb 07 2022 Martin Osvald <mosvald@redhat.com> - 2.0.1-1
- New version 2.0.1
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.8-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jan 06 2022 Filip Januš <fjanus@redhat.com> - 1.9.8-6
- Rebuild for Postgresql 14
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 1.9.8-5
- Rebuilt with OpenSSL 3.0.0
* Fri Aug 06 2021 Jonathan Wakely <jwakely@redhat.com> - 1.9.8-4
- Rebuilt for Boost 1.76
* Tue Jul 27 2021 Filip Januš <fjanus@redhat.com> - 1.9.8-3
- Remove libpq-devel requirement, it conflicts with postgresql-server-devel
dependencies
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Wed Jun 23 2021 Pavel Zhukov <pzhukov@redhat.com> - 1.9.8-1
- New version 1.9.8
* Wed Jun 23 2021 Pavel Zhukov <pzhukov@redhat.com> - 1.9.6-2
- Make compatible with spinx 4.0
* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 1.9.6-2
- Rebuilt for Python 3.10
* Sun Apr 04 2021 Pavel Zhukov <pzhukov@redhat.com> - 1.9.6-1
- New version v1.9.6
* Thu Mar 11 2021 Pavel Zhukov <pzhukov@redhat.com> - 1.9.5-1
- New version v1.9.5
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.9.4-3
- Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
* Tue Feb 09 2021 Pavel Raiskup <praiskup@redhat.com> - 1.9.4-2
- rebuild all postgresql deps once more, for libpq ABI fix rhbz#1908268
* Mon Feb 08 2021 Pavel Zhukov pzhukov@redhat.com> - 1.9.4-1
- Update to 1.9.4
* Mon Feb 08 2021 Pavel Raiskup <praiskup@redhat.com> - 1.9.3-5
- rebuild for libpq ABI fix rhbz#1908268
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Jan 25 2021 Pavel Zhukov pzhukov@redhat.com> - 1.9.3-3
- Update to 1.9.3
- Fix Werror bug
* Fri Jan 22 2021 Jonathan Wakely <jwakely@redhat.com> - 1.9.2-3
- Rebuilt for Boost 1.75
* Sat Dec 05 2020 Jeff Law <law@redhat.com> - 1.9.2-2
- Fix more missing includes for gcc-11
* Thu Nov 26 2020 Pavel Zhukov <pzhukov@redhat.com> - 1.9.2-1
- new version v1.9.2
* Fri Nov 20 2020 Pavel Zhukov <pzhukov@redhat.com> - 1.9.1-3
- Rebuild with new log4cplus
* Thu Oct 15 2020 Jeff Law <law@redhat.com> - 1.8.0-2
- Fix missing #includes for gcc-11
* Wed Sep 16 2020 Pavel Zhukov <pzhukov@redhat.com> - 1.8.0-1
- New version v1.8.0
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri May 29 2020 Jonathan Wakely <jwakely@redhat.com> - 1.6.0-4
- Rebuilt for Boost 1.73
* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 1.6.0-3
- Rebuilt for Python 3.9
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Wed Sep 11 2019 Kenneth Topp <toppk@bllue.org> - 1.6.0-1
- update to 1.6.0
- includes fixes for CVE-2019-6472, CVE-2019-6473 and CVE-2019-6474
* Tue Jul 30 2019 Pavel Zhukov <pzhukov@redhat.com> - 1.5.0-8
- Do not specify openssl version
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.0-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed May 22 2019 Felix Kaechele <heffer@fedoraproject.org> - 1.5.0-4
- Update to 1.3.0 release version
- fix PID file path in service files
- clean up spec file
- switched to openssl-devel, now builds with openssl 1.1
- install systemd units manually instead of patching the souce to do it
- enable kea-shell
- add boost patch
- add kea-ctrl-agent unit
- change postgresql-devel to postgresql-server-devel
- update to 1.4.0
* Sun Dec 16 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.5.0-3
- Update to released version
* Tue Dec 11 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.5.0-beta2.2%{?dist}
- Do not require -connectors on RHEL
* Tue Dec 4 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.5.0-beta2.1%{?dist}
- update to beta2
* Tue Nov 20 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.5.0-2
- Update to 1.5.0 beta
* Mon Aug 27 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.3.0-12
- Disable tests again.
* Mon Aug 27 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.3.0-11
- Do not use compat verion of openssl
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu May 17 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.3.0-9
- Fix config files names (#1579298)
* Mon Feb 19 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.3.0-8
- Add gcc-c++ BR
* Wed Feb 14 2018 Pavel Zhukov <landgraf@fedoraproject.org> - 1.3.0-7
- Package released version (#1545096)
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Pavel Zhukov <landgraf@fedoraproject.org> - 1.3.0-4
- Fix build with boost 1.66 (#1540331)
* Thu Nov 2 2017 Pavel Zhukov <pzhukov@redhat.com> - 1.3.0-3
- Add openssl-devel requires
- Do not force pkgconfig(openssl) version
* Mon Oct 23 2017 Pavel Zhukov <pzhukov@redhat.com> - 1.2.0-8
- Require openssl102
* Sun Oct 22 2017 Pavel Zhukov <pzhukov@redhat.com> - 1.2.0-7
- Rebuild with new openssl
* Thu Oct 12 2017 Pavel Zhukov <pzhukov@redhat.com> - 1.2.0-6
- Use mariadb-connector-c-devel instead of mysql-devel (#1493628)
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Mon Jul 03 2017 Jonathan Wakely <jwakely@redhat.com> - 1.2.0-3
- Rebuilt for Boost 1.64
* Fri May 26 2017 Pavel Zhukov <landgraf@fedoraproject.org> - 1.2.0-2
- New release 1.2.0 (#1440348)
* Tue Apr 04 2017 Pavel Zhukov <landgraf@fedoraproject.org> - 1.1.0-3
- Add patch for OpenSSL 1.1. Fix FTBFS (#1423812)
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Oct 04 2016 Jiri Popelka <jpopelka@redhat.com> - 1.1.0-1
- 1.1.0
* Thu Sep 01 2016 Jiri Popelka <jpopelka@redhat.com> - 1.1.0-0.1
- 1.1.0-beta
* Fri Aug 12 2016 Michal Toman <mtoman@fedoraproject.org> - 1.0.0-11
- No valgrind on MIPS
* Wed Aug 03 2016 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-10
- %%{_defaultdocdir}/kea/ -> %%{_pkgdocdir}
* Fri May 13 2016 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-9
- devel subpackage Requires: boost-devel
* Wed Mar 23 2016 Zdenek Dohnal <zdohnal@redhat.com> - 1.0.0-8
- Rebuild for log4cplus-1.2.0-2
* Wed Mar 23 2016 Zdenek Dohnal <zdohnal@redhat.com> - 1.0.0-7
- Rebuilding kea for log4cplus-1.2.0
* Wed Mar 16 2016 Zdenek Dohnal <zdohnal@redhat.com> - 1.0.0-6
- Editing pgsql_lease_mgr.cc according to upstream
* Fri Mar 11 2016 Zdenek Dohnal <zdohnal@redhat.com> - 1.0.0-4
- Fixing bugs created from new C++ standard
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Fri Jan 15 2016 Jonathan Wakely <jwakely@redhat.com> - 1.0.0-2
- Rebuilt for Boost 1.60
* Tue Dec 29 2015 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-1
- 1.0.0
* Wed Dec 23 2015 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-0.3.beta2
- fix compile error
* Wed Dec 23 2015 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-0.2.beta2
- 1.0.0-beta2
* Wed Dec 09 2015 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-0.1.beta
- 1.0.0-beta
* Mon Aug 24 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.2-3
- fix valgrind-devel availability
* Wed Jul 29 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.2-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/F23Boost159
* Tue Jul 28 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.2-1
- 0.9.2
* Wed Jul 22 2015 David Tardon <dtardon@redhat.com> - 0.9.2-0.2.beta
- rebuild for Boost 1.58
* Thu Jul 02 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.2-0.1.beta
- 0.9.2-beta
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 0.9.1-2
- Rebuilt for GCC 5 C++11 ABI change
* Wed Apr 01 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.1-1
- 0.9.1
* Fri Feb 20 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.1-0.2.beta
- /run/kea/ (for logger_lockfile)
* Thu Feb 19 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.1-0.1.beta
- 0.9.1-beta
* Tue Jan 27 2015 Petr Machata <pmachata@redhat.com> - 0.9-4
- Rebuild for boost 1.57.0
* Tue Nov 04 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-3
- do not override @localstatedir@ globally
- include latest upstream kea.conf
* Wed Sep 24 2014 Dan Horák <dan[at]danny.cz> - 0.9-2
- valgrind available only on selected arches
* Mon Sep 01 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-1
- 0.9
* Thu Aug 21 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-0.5.beta1
- fix building with PostgreSQL on i686
- redefine localstatedir to sharedstatedir (kea#3523)
* Wed Aug 20 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-0.4.beta1
- install systemd service units with a proper patch that we can send upstream
- build with MySQL & PostgreSQL & Google Test
- no need to copy sample configuration, /etc/kea/kea.conf already contains one
* Tue Aug 19 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-0.3.beta1
- comment patches
- use --preserve-timestamps with install
* Mon Aug 18 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-0.2.beta1
- make it build on armv7
- BuildRequires procps-ng for %%check
- use install instead of cp
- configure.ac: AC_PROG_LIBTOOL -> LT_INIT
- move license files to -libs
* Thu Aug 14 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-0.1.beta1
- initial spec

1
ci.fmf
View File

@ -1 +0,0 @@
resultsdb-testcase: separate

25
gating.yaml
View File

@ -1,25 +0,0 @@
--- !Policy
product_versions:
- fedora-*
decision_context: bodhi_update_push_testing
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
#Rawhide
--- !Policy
product_versions:
- fedora-*
decision_context: bodhi_update_push_stable
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
#gating rhel
--- !Policy
product_versions:
- rhel-*
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-public.functional}
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional}

16
kea-3.0.1.tar.xz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEAlmjO19aOkRmzzRcel4ITKylGIQFAmil4+0ACgkQel4ITKyl
GIRxlg//f+A5yEQ6RKl0DOJfQIKKPZ9SL/2a04q6Gcay2ghUl8LZOiiO98RYicyV
PmrsY/5/nuJmLPRSPKt/pmosfgZUbWK9yuKOoBrfu0KZfQWMX+1ZJIfagY47PCvU
RKtT50+iPOsYZAtuRw8faO8g/rdgl1vMreSIjCPZTG1R4qZkQXNnwhNRV7O3pzsr
wSndDINLvjQoYYbklKpUszoBNppXzBCegzVFjcIjNOSta2U8xEPGQ7sv2JvKkaYf
bVjzKuoEVn0YkkAdf7C7vLotl4UZESNo/w+DcRbrbq/FYpT1R8YWzVAJtqJCVNFI
q0WqlK5/G2/4giAveSWzuX0dnk+OZ5kQrd323Ol6MlM/O4ymkHK7OJrcxLLrEyIC
OnRNWQqVzJddmUTOntvoLk90wJ9yF1jrdM+S3xTpOJzhnfRoFuioZ7njjfGTyskR
Nlt4DX3wGsg0quDQfQJAf1z1qk651/OIF27KThj5jNOPB5eWz4YjJBht9T+eHlcS
kOsNwnKtdZe+KiGeFCsfWU7wOR65w4kQXoH1ruFqVa44ZZKUvzDi4fiJYYfJLedJ
FfBx3c65B0COk+3kOWjAV1F+Zaf0PlrEnb75zbN0O4BrztPL12HhDtjF+CbAuOG2
k4ZpogxZ0Q6MhiQjGFiFMs2PN2FlgiaL2zbKKG/KIjUzPnog60c=
=1ZFT
-----END PGP SIGNATURE-----

1
kea-dhcp4.service
View File

@ -6,6 +6,7 @@ After=network-online.target
After=time-sync.target After=time-sync.target
[Service] [Service]
Type=notify
User=kea User=kea
AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW
Environment="KEA_PIDFILE_DIR=/run/kea" Environment="KEA_PIDFILE_DIR=/run/kea"

1
kea-dhcp6.service
View File

@ -6,6 +6,7 @@ After=network-online.target
After=time-sync.target After=time-sync.target
[Service] [Service]
Type=notify
User=kea User=kea
AmbientCapabilities=CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_BIND_SERVICE
Environment="KEA_PIDFILE_DIR=/run/kea" Environment="KEA_PIDFILE_DIR=/run/kea"

30
kea-gtest.patch
View File

@ -1,30 +0,0 @@
diff --git a/m4macros/ax_gtest.m4 b/m4macros/ax_gtest.m4
index 138a03f..80ebb98 100644
--- a/m4macros/ax_gtest.m4
+++ b/m4macros/ax_gtest.m4
@@ -173,9 +173,9 @@ if test "x$enable_gtest" = "xyes" ; then
for dir in $GTEST_PATHS; do
if test -f "$dir/include/gtest/gtest.h"; then
if test -f "$dir/lib/libgtest.a" || \
- test -f "$dir/lib/libgtest.so"; then
+ test -f "$dir/lib64/libgtest.so"; then
GTEST_INCLUDES="-I$dir/include"
- GTEST_LDFLAGS="-L$dir/lib"
+ GTEST_LDFLAGS="-L$dir/lib64"
GTEST_LDADD="-lgtest"
GTEST_FOUND="true"
AC_MSG_RESULT([$dir/lib])
diff --git a/src/lib/util/tests/pid_file_unittest.cc b/src/lib/util/tests/pid_file_unittest.cc
index 5f00d72..583a35b 100644
--- a/src/lib/util/tests/pid_file_unittest.cc
+++ b/src/lib/util/tests/pid_file_unittest.cc
@@ -181,7 +181,8 @@ TEST_F(PIDFileTest, pidGarbage) {
}
/// @brief Test failing to write a file.
-TEST_F(PIDFileTest, pidWriteFail) {
+/// Fails to fail for root, it doesn't throw PIDFileError exception.
+TEST_F(PIDFileTest, DISABLED_pidWriteFail) {
PIDFile pid_file(absolutePath(TESTNAME));
// Create the test file and change it's permission bits

13
kea-openssl-version.patch
View File

@ -1,13 +0,0 @@
diff --git a/m4macros/ax_crypto.m4 b/m4macros/ax_crypto.m4
index e1b43f8..a3a2c84 100644
--- a/m4macros/ax_crypto.m4
+++ b/m4macros/ax_crypto.m4
@@ -258,7 +258,7 @@ then
else
CRYPTO_NAME="OpenSSL"
DISABLED_CRYPTO="Botan"
- CRYPTO_PACKAGE="openssl-1.1.0"
+ CRYPTO_PACKAGE="openssl"
DISTCHECK_CRYPTO_CONFIGURE_FLAG="--with-openssl=${use_openssl}"
AC_DEFINE_UNQUOTED([WITH_OPENSSL], [], [Compile with OpenSSL crypto])
AC_MSG_CHECKING(for OpenSSL library)

189
kea-sd-daemon.patch Normal file
View File

@ -0,0 +1,189 @@
diff --git a/config-report.sh.in b/config-report.sh.in
index 1af984e..ddd4b62 100755
--- a/config-report.sh.in
+++ b/config-report.sh.in
@@ -105,6 +105,18 @@ Netconf: no
HERE_DOCUMENT
fi
+if test '@HAVE_LIBSYSTEMD_DAEMON@' != 'no'; then
+add_to_report <<HERE_DOCUMENT
+Systemd: yes
+
+HERE_DOCUMENT
+else
+add_to_report <<HERE_DOCUMENT
+Systemd: no
+
+HERE_DOCUMENT
+fi
+
if test '@HAVE_GTEST@' != 'no'; then
add_to_report <<HERE_DOCUMENT
Google Test: @GTEST_VERSION@
diff --git a/config.h.in b/config.h.in
index 42ccf28..cc6354a 100644
--- a/config.h.in
+++ b/config.h.in
@@ -52,6 +52,9 @@
/* Check valgrind headers */
#mesondefine HAVE_VALGRIND_HEADERS
+/* Support for systemd notification through sd_notify() enabled */
+#mesondefine HAVE_LIBSYSTEMD_DAEMON
+
/* Whether libc is musl */
#mesondefine LIBC_MUSL
diff --git a/meson.build b/meson.build
index 66e7fd0..dc86d89 100644
--- a/meson.build
+++ b/meson.build
@@ -100,6 +100,7 @@ krb5_opt = get_option('krb5')
mysql_opt = get_option('mysql')
netconf_opt = get_option('netconf')
postgresql_opt = get_option('postgresql')
+systemd_opt = get_option('systemd')
FUZZ_OPT = get_option('fuzz')
TESTS_OPT = get_option('tests')
@@ -297,6 +298,13 @@ if netconf_opt.allowed()
endif
endif
+# Systemd
+SYSTEMD_DEP = disabler()
+if systemd_opt.enabled()
+ SYSTEMD_DEP = dependency('libsystemd')
+ conf_data.set('HAVE_LIBSYSTEMD_DAEMON', true)
+endif
+
# Google Test
GTEST_DEP = dependency(
'gtest',
@@ -867,6 +875,11 @@ else
report_conf_data.set('SYSREPOCPP_VERSION', 'no')
report_conf_data.set('SYSREPOCPP_PREFIX', 'no')
endif
+if SYSTEMD_DEP.found()
+ report_conf_data.set('HAVE_LIBSYSTEMD_DAEMON', 'yes')
+else
+ report_conf_data.set('HAVE_LIBSYSTEMD_DAEMON', 'no')
+endif
if FUZZ_OPT.enabled() or TESTS_OPT.enabled()
report_conf_data.set('HAVE_GTEST', 'yes')
version = GTEST_DEP.version()
diff --git a/meson.options b/meson.options
index 5c222d5..3ecd2e1 100644
--- a/meson.options
+++ b/meson.options
@@ -27,6 +27,7 @@ option(
type: 'feature',
description: 'Support for PostgreSQL backends.',
)
+option('systemd', type: 'feature', description: 'Support for systemd notification through sd_notify().')
# Options for enabling testing code (not real features).
option(
diff --git a/src/bin/dhcp4/main.cc b/src/bin/dhcp4/main.cc
index 4f88e29..5581b7a 100644
--- a/src/bin/dhcp4/main.cc
+++ b/src/bin/dhcp4/main.cc
@@ -24,6 +24,10 @@
#include <iostream>
+#ifdef HAVE_LIBSYSTEMD_DAEMON
+#include <systemd/sd-daemon.h>
+#endif
+
using namespace isc::data;
using namespace isc::dhcp;
using namespace isc::process;
@@ -290,6 +294,13 @@ main(int argc, char* argv[]) {
// Tell the admin we are ready to process packets
LOG_INFO(dhcp4_logger, DHCP4_STARTED).arg(VERSION);
+#ifdef HAVE_LIBSYSTEMD_DAEMON
+ // Notify systemd about the same
+ sd_notifyf(0, "READY=1\n"
+ "STATUS=Dispatching packets...\n"
+ "MAINPID=%lu",
+ (unsigned long) getpid());
+#endif
// And run the main loop of the server.
ret = server.run();
diff --git a/src/bin/dhcp4/meson.build b/src/bin/dhcp4/meson.build
index 3dac320..e8cacb9 100644
--- a/src/bin/dhcp4/meson.build
+++ b/src/bin/dhcp4/meson.build
@@ -1,3 +1,8 @@
+kea_dhcp4_dependencies = [CRYPTO_DEP]
+if SYSTEMD_DEP.found()
+ kea_dhcp4_dependencies += [SYSTEMD_DEP]
+endif
+
dhcp4_lib = static_library(
'dhcp4',
'client_handler.cc',
@@ -16,7 +21,7 @@ dhcp4_lib = static_library(
kea_dhcp4 = executable(
'kea-dhcp4',
'main.cc',
- dependencies: [CRYPTO_DEP],
+ dependencies: kea_dhcp4_dependencies,
include_directories: [include_directories('.')] + INCLUDES,
install: true,
install_dir: SBINDIR,
diff --git a/src/bin/dhcp6/main.cc b/src/bin/dhcp6/main.cc
index 7ab1999..abac799 100644
--- a/src/bin/dhcp6/main.cc
+++ b/src/bin/dhcp6/main.cc
@@ -24,6 +24,10 @@
#include <iostream>
+#ifdef HAVE_LIBSYSTEMD_DAEMON
+#include <systemd/sd-daemon.h>
+#endif
+
using namespace isc::data;
using namespace isc::dhcp;
using namespace isc::process;
@@ -290,6 +294,13 @@ main(int argc, char* argv[]) {
// Tell the admin we are ready to process packets
LOG_INFO(dhcp6_logger, DHCP6_STARTED).arg(VERSION);
+#ifdef HAVE_LIBSYSTEMD_DAEMON
+ // Notify systemd about the same
+ sd_notifyf(0, "READY=1\n"
+ "STATUS=Dispatching packets...\n"
+ "MAINPID=%lu",
+ (unsigned long) getpid());
+#endif
// And run the main loop of the server.
ret = server.run();
diff --git a/src/bin/dhcp6/meson.build b/src/bin/dhcp6/meson.build
index de60fbf..04a22a9 100644
--- a/src/bin/dhcp6/meson.build
+++ b/src/bin/dhcp6/meson.build
@@ -1,3 +1,8 @@
+kea_dhcp6_dependencies = [CRYPTO_DEP]
+if SYSTEMD_DEP.found()
+ kea_dhcp6_dependencies += [SYSTEMD_DEP]
+endif
+
dhcp6_lib = static_library(
'dhcp6',
'client_handler.cc',
@@ -17,7 +22,7 @@ dhcp6_lib = static_library(
kea_dhcp6 = executable(
'kea-dhcp6',
'main.cc',
- dependencies: [CRYPTO_DEP],
+ dependencies: kea_dhcp6_dependencies,
include_directories: [include_directories('.')] + INCLUDES,
install: true,
install_dir: SBINDIR,

688
kea.spec
View File

@ -1,16 +1,24 @@
## START: Set by rpmautospec
## (rpmautospec version 0.6.5)
## RPMAUTOSPEC: autorelease, autochangelog
%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
release_number = 2;
base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
print(release_number + base_release_number - 1);
}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
## END: Set by rpmautospec
Name: kea Name: kea
Version: 2.6.3 Version: 3.0.1
Release: %autorelease Release: %autorelease
Summary: DHCPv4, DHCPv6 and DDNS server from ISC Summary: DHCPv4, DHCPv6 and DDNS server from ISC
License: MPL-2.0 AND BSL-1.0 License: MPL-2.0 AND BSL-1.0
URL: http://kea.isc.org URL: http://kea.isc.org
# TODO: no support for netconf/sysconf yet # Support for netconf is not enabled
%bcond_with sysrepo %bcond_with sysrepo
%bcond_with gtest %bcond_with tests
#%%global prever P1
%global keama_version 4.5.0 %global keama_version 4.5.0
# Bundled version of Bind libraries linked into Keama # Bundled version of Bind libraries linked into Keama
%global bind_version 9.11.36 %global bind_version 9.11.36
@ -23,8 +31,8 @@ Provides: %1 = %{version}-%{release} \
Conflicts: %1 \ Conflicts: %1 \
%endif %endif
Source0: https://downloads.isc.org/isc/kea/%{version}%{?prever:-%{prever}}/kea-%{version}%{?prever:-%{prever}}.tar.gz Source0: https://downloads.isc.org/isc/kea/%{version}/kea-%{version}.tar.xz
Source1: https://downloads.isc.org/isc/kea/%{version}%{?prever:-%{prever}}/kea-%{version}%{?prever:-%{prever}}.tar.gz.asc Source1: https://downloads.isc.org/isc/kea/%{version}/kea-%{version}.tar.xz.asc
Source2: https://downloads.isc.org/isc/keama/%{keama_version}/keama-%{keama_version}.tar.gz Source2: https://downloads.isc.org/isc/keama/%{keama_version}/keama-%{keama_version}.tar.gz
Source3: https://downloads.isc.org/isc/keama/%{keama_version}/keama-%{keama_version}.tar.gz.asc Source3: https://downloads.isc.org/isc/keama/%{keama_version}/keama-%{keama_version}.tar.gz.asc
Source10: https://www.isc.org/docs/isc-keyblock.asc Source10: https://www.isc.org/docs/isc-keyblock.asc
@ -35,54 +43,55 @@ Source14: kea-ctrl-agent.service
Source15: systemd-tmpfiles.conf Source15: systemd-tmpfiles.conf
Source16: systemd-sysusers.conf Source16: systemd-sysusers.conf
Patch1: kea-openssl-version.patch Patch1: kea-sd-daemon.patch
Patch2: kea-gtest.patch # https://issues.redhat.com/browse/RHEL-125048
# Based on: https://gitlab.isc.org/isc-projects/kea/-/commit/92b65b2345e07d826b56ffd65cf47538f1c7a271
Patch2: CVE-2025-11232.patch
# autoreconf
BuildRequires: autoconf automake libtool
BuildRequires: boost-devel BuildRequires: boost-devel
BuildRequires: gcc-c++ # %%meson -D crypto=openssl
# %%configure --with-openssl
BuildRequires: openssl-devel BuildRequires: openssl-devel
%if 0%{?fedora} %if 0%{?fedora}
# https://bugzilla.redhat.com/show_bug.cgi?id=2300868#c4 # https://bugzilla.redhat.com/show_bug.cgi?id=2300868#c4
BuildRequires: openssl-devel-engine BuildRequires: openssl-devel-engine
%endif %endif
# %%configure --with-pgsql # %%meson -D krb5=enabled
BuildRequires: krb5-devel
# %%meson -D mysql=enabled
BuildRequires: mariadb-connector-c-devel
# %%meson -D postgresql=enabled
%if 0%{?fedora} || 0%{?rhel} > 9 %if 0%{?fedora} || 0%{?rhel} > 9
BuildRequires: libpq-devel BuildRequires: libpq-devel
%else %else
BuildRequires: postgresql-server-devel BuildRequires: postgresql-server-devel
%endif %endif
# %%configure --with-mysql # %%meson -D systemd=enabled
BuildRequires: mariadb-connector-c-devel BuildRequires: systemd-devel
BuildRequires: log4cplus-devel
%if %{with sysrepo} %if %{with sysrepo}
# %%configure --with-sysrepo # %%meson -D netconf=enabled
BuildRequires: sysrepo-devel BuildRequires: sysrepo-devel
%endif %endif
%if %{with tests}
# %%meson -D tests=enabled
%ifarch %{valgrind_arches} %ifarch %{valgrind_arches}
BuildRequires: valgrind-devel BuildRequires: valgrind-devel
%endif %endif
%if %{with gtest}
# %%configure --enable-gtest
BuildRequires: gtest-devel BuildRequires: gtest-devel
# src/lib/testutils/dhcp_test_lib.sh
BuildRequires: procps-ng BuildRequires: procps-ng
%endif %endif
# %%configure --enable-generate-parser BuildRequires: log4cplus-devel
BuildRequires: python3-devel
BuildRequires: gcc-c++
BuildRequires: autoconf automake libtool
BuildRequires: make
BuildRequires: meson
BuildRequires: bison BuildRequires: bison
BuildRequires: flex BuildRequires: flex
# %%configure --enable-shell
BuildRequires: python3-devel
# in case you ever wanted to use %%configure --enable-generate-docs
#BuildRequires: elinks asciidoc plantuml
BuildRequires: systemd BuildRequires: systemd
BuildRequires: systemd-rpm-macros BuildRequires: systemd-rpm-macros
BuildRequires: python3-sphinx BuildRequires: python3-sphinx
BuildRequires: python3-sphinx_rtd_theme BuildRequires: python3-sphinx_rtd_theme
BuildRequires: make
BuildRequires: gnupg2 BuildRequires: gnupg2
Requires: %{name}-libs%{?_isa} = %{version}-%{release} Requires: %{name}-libs%{?_isa} = %{version}-%{release}
@ -91,7 +100,6 @@ Requires: coreutils util-linux
%{?systemd_requires} %{?systemd_requires}
%{?sysusers_requires_compat} %{?sysusers_requires_compat}
%description %description
DHCP implementation from Internet Systems Consortium, Inc. that features fully DHCP implementation from Internet Systems Consortium, Inc. that features fully
functional DHCPv4, DHCPv6 and Dynamic DNS servers. functional DHCPv4, DHCPv6 and Dynamic DNS servers.
@ -99,7 +107,6 @@ Both DHCP servers fully support server discovery, address assignment, renewal,
rebinding and release. The DHCPv6 server supports prefix delegation. Both rebinding and release. The DHCPv6 server supports prefix delegation. Both
servers support DNS Update mechanism, using stand-alone DDNS daemon. servers support DNS Update mechanism, using stand-alone DDNS daemon.
%package doc %package doc
Summary: Documentation for Kea DHCP server Summary: Documentation for Kea DHCP server
BuildArch: noarch BuildArch: noarch
@ -107,7 +114,6 @@ BuildArch: noarch
%description doc %description doc
Documentation and example configuration for Kea DHCP server. Documentation and example configuration for Kea DHCP server.
%package devel %package devel
Summary: Development headers and libraries for Kea DHCP server Summary: Development headers and libraries for Kea DHCP server
Requires: %{name}-libs%{?_isa} = %{version}-%{release} Requires: %{name}-libs%{?_isa} = %{version}-%{release}
@ -119,7 +125,6 @@ Requires: pkgconfig
%description devel %description devel
Header files and API documentation. Header files and API documentation.
%package hooks %package hooks
Summary: Hooks libraries for kea Summary: Hooks libraries for kea
Requires: %{name}-libs%{?_isa} = %{version}-%{release} Requires: %{name}-libs%{?_isa} = %{version}-%{release}
@ -130,7 +135,6 @@ Hooking mechanism allow Kea to load one or more dynamically-linked libraries
("hook points"), call functions in them. Those functions perform whatever ("hook points"), call functions in them. Those functions perform whatever
custom processing is required. custom processing is required.
%package libs %package libs
Summary: Shared libraries used by Kea DHCP server Summary: Shared libraries used by Kea DHCP server
%upstream_name_compat %{upstream_name}-libs %upstream_name_compat %{upstream_name}-libs
@ -138,7 +142,6 @@ Summary: Shared libraries used by Kea DHCP server
%description libs %description libs
This package contains shared libraries used by Kea DHCP server. This package contains shared libraries used by Kea DHCP server.
%package keama %package keama
Summary: Experimental migration assistant for Kea Summary: Experimental migration assistant for Kea
Provides: bundled(bind-libs) = %{bind_version} Provides: bundled(bind-libs) = %{bind_version}
@ -147,7 +150,6 @@ Provides: bundled(bind-libs) = %{bind_version}
The KEA Migration Assistant is an experimental tool which helps to translate The KEA Migration Assistant is an experimental tool which helps to translate
ISC DHCP configurations to Kea. ISC DHCP configurations to Kea.
%prep %prep
%if 0%{?fedora} || 0%{?rhel} > 8 %if 0%{?fedora} || 0%{?rhel} > 8
%{gpgverify} --keyring='%{S:10}' --signature='%{S:1}' --data='%{S:0}' %{gpgverify} --keyring='%{S:10}' --signature='%{S:1}' --data='%{S:0}'
@ -155,42 +157,34 @@ ISC DHCP configurations to Kea.
%endif %endif
%autosetup -T -b2 -N -n keama-%{keama_version} %autosetup -T -b2 -N -n keama-%{keama_version}
%autosetup -p1 -n kea-%{version}%{?prever:-%{prever}} %autosetup -p1 -n kea-%{version}
rm -rf doc/sphinx/_build
# to be able to build on ppc64(le)
# https://sourceforge.net/p/flex/bugs/197
# https://lists.isc.org/pipermail/kea-dev/2016-January/000599.html
sed -i -e 's|ECHO|YYECHO|g' src/lib/eval/lexer.cc
%build %build
autoreconf --verbose --force --install # This removes RPATH from binaries
export KEA_PKG_TYPE_IN_CONFIGURE="rpm"
%configure \ %meson \
--disable-dependency-tracking \ --install-umask 0022 \
--disable-rpath \
--disable-silent-rules \
--disable-static \
--enable-generate-docs \
--enable-generate-messages \
--enable-generate-parser \
--enable-shell \
--enable-perfdhcp \
%if %{with gtest}
--with-gtest \
%endif
--with-mysql \
--with-pgsql \
--with-gnu-ld \
--with-log4cplus \
%if %{with sysrepo} %if %{with sysrepo}
--with-sysrepo \ -D netconf=enabled \
%else
-D netconf=disabled \
%endif %endif
--with-openssl %if %{with tests}
-D tests=enabled \
%else
-D tests=disabled \
%endif
-D crypto=openssl \
-D krb5=enabled \
-D mysql=enabled \
-D postgresql=enabled \
-D systemd=enabled
%make_build # Messages need to be regenerated by kea-msg-compiler for CVE-2025-11232.patch
%meson_build messages
%meson_build
%meson_build doc
# Configure & build Keama # Configure & build Keama
pushd ../keama-%{keama_version} pushd ../keama-%{keama_version}
@ -220,15 +214,13 @@ autoreconf --verbose --force --install
%make_build %make_build
popd popd
%if %{with tests}
%if %{with gtest}
%check %check
make check %meson_test
%endif %endif
%install %install
%make_install docdir=%{_pkgdocdir} %meson_install
# Install Keama # Install Keama
pushd ../keama-%{keama_version} pushd ../keama-%{keama_version}
@ -236,20 +228,23 @@ pushd ../keama-%{keama_version}
popd popd
# Remove Keama's static library, dhcp headers and man pages # Remove Keama's static library, dhcp headers and man pages
rm -f %{buildroot}/%{_libdir}/libdhcp.a rm %{buildroot}/%{_libdir}/libdhcp.a
rm -rf %{buildroot}/%{_includedir}/omapip/ rm -rf %{buildroot}/%{_includedir}/omapip/
rm -rf %{buildroot}%{_mandir}/man5/ rm -rf %{buildroot}%{_mandir}/man5/
# Get rid of .la files # Remove keactrl
find %{buildroot} -type f -name "*.la" -delete -print rm %{buildroot}%{_sysconfdir}/kea/keactrl.conf
rm %{buildroot}%{_sbindir}/keactrl
rm %{buildroot}%{_mandir}/man8/keactrl.8*
%if %{without sysrepo} %if %{without sysrepo}
# Remove netconf files # Remove netconf files
rm %{buildroot}%{_mandir}/man8/kea-netconf.8 rm %{buildroot}%{_mandir}/man8/kea-netconf.8
%endif %endif
rm -f %{buildroot}%{_pkgdocdir}/COPYING rm %{buildroot}%{_pkgdocdir}/COPYING
rm -f %{buildroot}%{_pkgdocdir}/html/.buildinfo
rm -rf %{buildroot}/usr/share/kea/meson-info/
# Create empty password file for the Kea Control Agent # Create empty password file for the Kea Control Agent
install -m 0640 /dev/null %{buildroot}%{_sysconfdir}/kea/kea-api-password install -m 0640 /dev/null %{buildroot}%{_sysconfdir}/kea/kea-api-password
@ -275,7 +270,6 @@ install -dm 0750 %{buildroot}%{_rundir}/kea/
mkdir -p %{buildroot}%{_localstatedir}/log mkdir -p %{buildroot}%{_localstatedir}/log
install -dm 0750 %{buildroot}%{_localstatedir}/log/kea/ install -dm 0750 %{buildroot}%{_localstatedir}/log/kea/
%pre %pre
%sysusers_create_compat %{S:16} %sysusers_create_compat %{S:16}
@ -294,7 +288,7 @@ install -dm 0750 %{buildroot}%{_localstatedir}/log/kea/
&& chown root:kea %{_sysconfdir}/kea/kea*.conf && chmod 0640 %{_sysconfdir}/kea/kea*.conf && chown root:kea %{_sysconfdir}/kea/kea*.conf && chmod 0640 %{_sysconfdir}/kea/kea*.conf
# Remove /tmp/ from socket-name for existing configurations to fix CVE-2025-32802 # Remove /tmp/ from socket-name for existing configurations to fix CVE-2025-32802
for i in kea-ctrl-agent.conf keactrl.conf kea-dhcp4.conf kea-dhcp6.conf kea-dhcp-ddns.conf; do for i in kea-ctrl-agent.conf kea-dhcp4.conf kea-dhcp6.conf kea-dhcp-ddns.conf; do
if [ -n "`grep '\"socket-name\": \"/tmp/' %{_sysconfdir}/kea/$i`" ]; then if [ -n "`grep '\"socket-name\": \"/tmp/' %{_sysconfdir}/kea/$i`" ]; then
sed -i.CVE-2025-32802.bak 's#\("socket-name": "/tmp/\)\(.*\)#"socket-name": "\2#g' %{_sysconfdir}/kea/$i sed -i.CVE-2025-32802.bak 's#\("socket-name": "/tmp/\)\(.*\)#"socket-name": "\2#g' %{_sysconfdir}/kea/$i
fi fi
@ -311,13 +305,10 @@ fi
%postun %postun
%systemd_postun_with_restart kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service kea-ctrl-agent.service %systemd_postun_with_restart kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service kea-ctrl-agent.service
%ldconfig_scriptlets libs %ldconfig_scriptlets libs
%files %files
%license COPYING %license COPYING
%{_bindir}/kea-msg-compiler
%{_sbindir}/kea-admin %{_sbindir}/kea-admin
%{_sbindir}/kea-ctrl-agent %{_sbindir}/kea-ctrl-agent
%{_sbindir}/kea-dhcp-ddns %{_sbindir}/kea-dhcp-ddns
@ -325,7 +316,6 @@ fi
%{_sbindir}/kea-dhcp6 %{_sbindir}/kea-dhcp6
%{_sbindir}/kea-lfc %{_sbindir}/kea-lfc
%{_sbindir}/kea-shell %{_sbindir}/kea-shell
%{_sbindir}/keactrl
%{_sbindir}/perfdhcp %{_sbindir}/perfdhcp
%{_unitdir}/kea*.service %{_unitdir}/kea*.service
%{_datarootdir}/kea %{_datarootdir}/kea
@ -347,7 +337,6 @@ fi
%{_mandir}/man8/kea-netconf.8* %{_mandir}/man8/kea-netconf.8*
%endif %endif
%{_mandir}/man8/kea-shell.8* %{_mandir}/man8/kea-shell.8*
%{_mandir}/man8/keactrl.8*
%{_mandir}/man8/perfdhcp.8* %{_mandir}/man8/perfdhcp.8*
%{_tmpfilesdir}/kea.conf %{_tmpfilesdir}/kea.conf
%{_sysusersdir}/kea.conf %{_sysusersdir}/kea.conf
@ -365,46 +354,527 @@ fi
%doc %{_pkgdocdir}/SECURITY.md %doc %{_pkgdocdir}/SECURITY.md
%files devel %files devel
%{_bindir}/kea-msg-compiler
%{_includedir}/kea %{_includedir}/kea
%{_libdir}/libkea-*.so %{_libdir}/libkea-asiodns.so
%{_libdir}/libkea-asiolink.so
%{_libdir}/libkea-cc.so
%{_libdir}/libkea-cfgrpt.so
%{_libdir}/libkea-config.so
%{_libdir}/libkea-cryptolink.so
%{_libdir}/libkea-d2srv.so
%{_libdir}/libkea-database.so
%{_libdir}/libkea-dhcp_ddns.so
%{_libdir}/libkea-dhcp.so
%{_libdir}/libkea-dhcpsrv.so
%{_libdir}/libkea-dns.so
%{_libdir}/libkea-eval.so
%{_libdir}/libkea-exceptions.so
%{_libdir}/libkea-hooks.so
%{_libdir}/libkea-http.so
%{_libdir}/libkea-log-interprocess.so
%{_libdir}/libkea-log.so
%{_libdir}/libkea-mysql.so
%{_libdir}/libkea-pgsql.so
%{_libdir}/libkea-process.so
%{_libdir}/libkea-stats.so
%{_libdir}/libkea-tcp.so
%{_libdir}/libkea-util-io.so
%{_libdir}/libkea-util.so
%{_libdir}/pkgconfig/kea.pc
%files hooks %files hooks
%dir %{_sysconfdir}/kea/radius
%{_sysconfdir}/kea/radius/dictionary
%dir %{_libdir}/kea %dir %{_libdir}/kea
%{_libdir}/kea/hooks %dir %{_libdir}/kea/hooks
%{_libdir}/kea/hooks/libddns_gss_tsig.so
%{_libdir}/kea/hooks/libdhcp_bootp.so
%{_libdir}/kea/hooks/libdhcp_class_cmds.so
%{_libdir}/kea/hooks/libdhcp_ddns_tuning.so
%{_libdir}/kea/hooks/libdhcp_flex_id.so
%{_libdir}/kea/hooks/libdhcp_flex_option.so
%{_libdir}/kea/hooks/libdhcp_ha.so
%{_libdir}/kea/hooks/libdhcp_host_cache.so
%{_libdir}/kea/hooks/libdhcp_host_cmds.so
%{_libdir}/kea/hooks/libdhcp_lease_cmds.so
%{_libdir}/kea/hooks/libdhcp_lease_query.so
%{_libdir}/kea/hooks/libdhcp_legal_log.so
%{_libdir}/kea/hooks/libdhcp_limits.so
%{_libdir}/kea/hooks/libdhcp_mysql.so
%{_libdir}/kea/hooks/libdhcp_perfmon.so
%{_libdir}/kea/hooks/libdhcp_pgsql.so
%{_libdir}/kea/hooks/libdhcp_ping_check.so
%{_libdir}/kea/hooks/libdhcp_radius.so
%{_libdir}/kea/hooks/libdhcp_run_script.so
%{_libdir}/kea/hooks/libdhcp_stat_cmds.so
%{_libdir}/kea/hooks/libdhcp_subnet_cmds.so
%files libs %files libs
%license COPYING %license COPYING
# older: find `rpm --eval %%{_topdir}`/BUILDROOT/kea-*/usr/lib64/ -type f | grep /usr/lib64/libkea | sed -e 's#.*/usr/lib64\(.*\.so\.[0-9]\+\)\.[0-9]\+\.[0-9]\+#%%{_libdir}\1*#' | sort # older: find `rpm --eval %%{_topdir}`/BUILDROOT/kea-*/usr/lib64/ -type f | grep /usr/lib64/libkea | sed -e 's#.*/usr/lib64\(.*\.so\.[0-9]\+\)\.[0-9]\+\.[0-9]\+#%%{_libdir}\1*#' | sort
# >=f41: find `rpm --eval %%{_topdir}`/BUILD/kea-*/BUILDROOT/usr/lib64/ -type f | grep /usr/lib64/libkea | sed -e 's#.*/usr/lib64\(.*\.so\.[0-9]\+\)\.[0-9]\+\.[0-9]\+#%%{_libdir}\1*#' | sort # >=f41: find `rpm --eval %%{_topdir}`/BUILD/kea-*/BUILDROOT/usr/lib64/ -type f | grep /usr/lib64/libkea | sed -e 's#.*/usr/lib64\(.*\.so\.[0-9]\+\)\.[0-9]\+\.[0-9]\+#%%{_libdir}\1*#' | sort
%{_libdir}/libkea-asiodns.so.49* %{_libdir}/libkea-asiodns.so.62*
%{_libdir}/libkea-asiolink.so.72* %{_libdir}/libkea-asiolink.so.88*
%{_libdir}/libkea-cc.so.68* %{_libdir}/libkea-cc.so.82*
%{_libdir}/libkea-cfgclient.so.66* %{_libdir}/libkea-cfgrpt.so.3*
%{_libdir}/libkea-cryptolink.so.50* %{_libdir}/libkea-config.so.83*
%{_libdir}/libkea-d2srv.so.47* %{_libdir}/libkea-cryptolink.so.64*
%{_libdir}/libkea-database.so.62* %{_libdir}/libkea-d2srv.so.63*
%{_libdir}/libkea-dhcp_ddns.so.57* %{_libdir}/libkea-database.so.76*
%{_libdir}/libkea-dhcp++.so.92* %{_libdir}/libkea-dhcp_ddns.so.68*
%{_libdir}/libkea-dhcpsrv.so.111* %{_libdir}/libkea-dhcp.so.109*
%{_libdir}/libkea-dns++.so.57* %{_libdir}/libkea-dhcpsrv.so.130*
%{_libdir}/libkea-eval.so.69* %{_libdir}/libkea-dns.so.71*
%{_libdir}/libkea-exceptions.so.33* %{_libdir}/libkea-eval.so.84*
%{_libdir}/libkea-hooks.so.100* %{_libdir}/libkea-exceptions.so.45*
%{_libdir}/libkea-http.so.72* %{_libdir}/libkea-hooks.so.119*
%{_libdir}/libkea-log.so.61* %{_libdir}/libkea-http.so.87*
%{_libdir}/libkea-mysql.so.71* %{_libdir}/libkea-log-interprocess.so.3*
%{_libdir}/libkea-pgsql.so.71* %{_libdir}/libkea-log.so.75*
%{_libdir}/libkea-process.so.74* %{_libdir}/libkea-mysql.so.88*
%{_libdir}/libkea-stats.so.41* %{_libdir}/libkea-pgsql.so.88*
%{_libdir}/libkea-tcp.so.19* %{_libdir}/libkea-process.so.90*
%{_libdir}/libkea-util-io.so.0* %{_libdir}/libkea-stats.so.53*
%{_libdir}/libkea-util.so.86* %{_libdir}/libkea-tcp.so.33*
%{_libdir}/libkea-util-io.so.12*
%{_libdir}/libkea-util.so.101*
%files keama %files keama
%license COPYING %license COPYING
%{_bindir}/keama %{_bindir}/keama
%{_mandir}/man8/keama.8* %{_mandir}/man8/keama.8*
%changelog %changelog
%autochangelog ## START: Generated by rpmautospec
* Thu Oct 30 2025 Martin Osvald <mosvald@redhat.com> - 3.0.1-2
- Fixes CVE-2025-11232
* Tue Sep 02 2025 Martin Osvald <mosvald@redhat.com> - 3.0.1-1
- New version 3.0.1
- Fixes CVE-2025-40779
* Fri Aug 01 2025 Martin Osvald <mosvald@redhat.com> - 3.0.0-2
- Support for sending startup notifications to systemd
* Wed Jul 30 2025 Martin Osvald <mosvald@redhat.com> - 3.0.0-1
- New version 3.0.0
- Remove broken keactrl in favor of systemd unit files
- kea.spec: General cleanup and removal of lines that have no effect
- kea-msg-compiler was moved from kea to kea-devel
* Sun Jun 08 2025 Martin Osvald <mosvald@redhat.com> - 2.6.3-1
- New version 2.6.3
- Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803
- kea.conf: Remove /tmp/ from socket-name for existing configurations
- kea.conf: Set pseudo-random password for default config to secure fresh
install and allow CA startup without user intervention
- kea.conf: Restrict directory permissions
- Sync service files with upstream
- Fix leases ownership when switching from root to kea user
* Tue May 13 2025 František Hrdina <fhrdina@redhat.com> - 2.6.1-9
- Update location of fmf plans
* Wed May 07 2025 David Abdurachmanov <davidlt@rivosinc.com> - 2.6.1-8
- Properly check valgrind arches
* Fri Mar 14 2025 Andrea Bolognani <abologna@redhat.com> - 2.6.1-7
- Use autoreconf more (fixes riscv64 build)
* Mon Feb 17 2025 Martin Osvald <mosvald@redhat.com> - 2.6.1-6
- Kea can not create log files (RHEL-78206)
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.6.1-5
- Bump release for October 2024 mass rebuild:
* Mon Aug 19 2024 Martin Osvald <mosvald@redhat.com> - 2.6.1-4
- Add missing changes to service files so kea starts as non-root
- Fix startup failures during upgrade due to wrong permissions and
ownership
* Tue Aug 06 2024 Martin Osvald <mosvald@redhat.com> - 2.6.1-3
- Fix /run/kea ownership
* Tue Aug 06 2024 Martin Osvald <mosvald@redhat.com> - 2.6.1-2
- Do not run as root and restrict file access
* Tue Aug 06 2024 Martin Osvald <mosvald@redhat.com> - 2.6.1-1
- New version 2.6.1
* Tue Jun 25 2024 Martin Osvald <mosvald@redhat.com> - 2.6.0-6
- Keactrl is using rev without dependency on util-linux
* Tue Jun 25 2024 Martin Osvald <mosvald@redhat.com> - 2.6.0-5
- Require libpq-devel instead of postgresql-server-devel
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.6.0-4
- Bump release for June 2024 mass rebuild
* Fri Jun 21 2024 František Hrdina <fhrdina@redhat.com> - 2.6.0-3
- Update of fmf plans and gating for c10s
* Thu Jun 20 2024 Martin Osvald <mosvald@redhat.com> - 2.6.0-2
- Add gating.yaml
* Wed Jun 19 2024 Martin Osvald <mosvald@redhat.com> - 2.6.0-1
- New version 2.6.0
* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jan 18 2024 Jonathan Wakely <jwakely@redhat.com> - 2.4.1-3
- Rebuilt for Boost 1.83
* Thu Dec 07 2023 Martin Osvald <mosvald@redhat.com> - 2.4.1-2
- kea.spec: Fix missing _pkgdocdir ownership and other small fixes
* Thu Nov 30 2023 Martin Osvald <mosvald@redhat.com> - 2.4.1-1
- New version 2.4.1 (rhbz#2251930)
* Thu Nov 30 2023 Lukas Javorsky <ljavorsk@redhat.com> - 2.4.0-7
- Rebuild for PostgreSQL 16 (BZ#2251109)
* Tue Aug 22 2023 Martin Osvald <mosvald@redhat.com> - 2.4.0-6
- Various spec file improvements
- Remove _hardened_build variable as it is no longer needed
- Clean up numbering of sources
- Further %%{name} changes to allow different package name
- Move documentation into sub-package
- Move tpmfiles.d configuration into separate file
- Start using %%autorelease and %%autochangelog
- Remove %%license COPYING for devel due to lib dependency
* Thu Aug 10 2023 Martin Osvald <mosvald@redhat.com> - 2.4.0-4
- Rebuilt for log4cplus 2.1.0
- kea.spec: do not use %%{name} to allow different package name
- kea.spec: do not use glob on %%{_libdir}, %%{_mandir} and %%{_sbindir}
to conform with packaging guidelines
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jul 06 2023 Martin Osvald <mosvald@redhat.com> - 2.4.0-1
- New version 2.4.0
- Migrated to SPDX license
- Do not export CXXFLAGS with -std=gnu++11 to stop boost warning messages
* Thu Jun 15 2023 Python Maint <python-maint@redhat.com> - 2.2.0-5
- Rebuilt for Python 3.12
* Mon Feb 20 2023 Jonathan Wakely <jwakely@redhat.com> - 2.2.0-4
- Rebuilt for Boost 1.81
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Nov 16 2022 Ondřej Sloup <osloup@redhat.com> - 2.2.0-2
- Rebuild for new PostgreSQL 15
* Wed Jul 27 2022 Martin Osvald <mosvald@redhat.com> - 2.2.0-1
- New version 2.2.0
- Add source code signature verification
* Thu Jul 21 2022 Martin Osvald <mosvald@redhat.com> - 2.0.2-4
- kea fails to build docs with Sphinx 5+ (#2105931)
* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 2.0.2-3
- Rebuilt for Python 3.11
* Wed May 04 2022 Thomas Rodgers <trodgers@redhat.com> - 2.0.2-2
- Rebuilt for Boost 1.78
* Thu Mar 03 2022 Martin Osvald <mosvald@redhat.com> - 2.0.2-1
- New version 2.0.2
* Mon Feb 07 2022 Martin Osvald <mosvald@redhat.com> - 2.0.1-1
- New version 2.0.1
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.8-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jan 06 2022 Filip Januš <fjanus@redhat.com> - 1.9.8-6
- Rebuild for Postgresql 14
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 1.9.8-5
- Rebuilt with OpenSSL 3.0.0
* Fri Aug 06 2021 Jonathan Wakely <jwakely@redhat.com> - 1.9.8-4
- Rebuilt for Boost 1.76
* Tue Jul 27 2021 Filip Januš <fjanus@redhat.com> - 1.9.8-3
- Remove libpq-devel requirement, it conflicts with postgresql-server-devel
dependencies
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Wed Jun 23 2021 Pavel Zhukov <pzhukov@redhat.com> - 1.9.8-1
- New version 1.9.8
* Wed Jun 23 2021 Pavel Zhukov <pzhukov@redhat.com> - 1.9.6-2
- Make compatible with spinx 4.0
* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 1.9.6-2
- Rebuilt for Python 3.10
* Sun Apr 04 2021 Pavel Zhukov <pzhukov@redhat.com> - 1.9.6-1
- New version v1.9.6
* Thu Mar 11 2021 Pavel Zhukov <pzhukov@redhat.com> - 1.9.5-1
- New version v1.9.5
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.9.4-3
- Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
* Tue Feb 09 2021 Pavel Raiskup <praiskup@redhat.com> - 1.9.4-2
- rebuild all postgresql deps once more, for libpq ABI fix rhbz#1908268
* Mon Feb 08 2021 Pavel Zhukov pzhukov@redhat.com> - 1.9.4-1
- Update to 1.9.4
* Mon Feb 08 2021 Pavel Raiskup <praiskup@redhat.com> - 1.9.3-5
- rebuild for libpq ABI fix rhbz#1908268
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Jan 25 2021 Pavel Zhukov pzhukov@redhat.com> - 1.9.3-3
- Update to 1.9.3
- Fix Werror bug
* Fri Jan 22 2021 Jonathan Wakely <jwakely@redhat.com> - 1.9.2-3
- Rebuilt for Boost 1.75
* Sat Dec 05 2020 Jeff Law <law@redhat.com> - 1.9.2-2
- Fix more missing includes for gcc-11
* Thu Nov 26 2020 Pavel Zhukov <pzhukov@redhat.com> - 1.9.2-1
- new version v1.9.2
* Fri Nov 20 2020 Pavel Zhukov <pzhukov@redhat.com> - 1.9.1-3
- Rebuild with new log4cplus
* Thu Oct 15 2020 Jeff Law <law@redhat.com> - 1.8.0-2
- Fix missing #includes for gcc-11
* Wed Sep 16 2020 Pavel Zhukov <pzhukov@redhat.com> - 1.8.0-1
- New version v1.8.0
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.9-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri May 29 2020 Jonathan Wakely <jwakely@redhat.com> - 1.6.0-4
- Rebuilt for Boost 1.73
* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 1.6.0-3
- Rebuilt for Python 3.9
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Wed Sep 11 2019 Kenneth Topp <toppk@bllue.org> - 1.6.0-1
- update to 1.6.0
- includes fixes for CVE-2019-6472, CVE-2019-6473 and CVE-2019-6474
* Tue Jul 30 2019 Pavel Zhukov <pzhukov@redhat.com> - 1.5.0-8
- Do not specify openssl version
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.0-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed May 22 2019 Felix Kaechele <heffer@fedoraproject.org> - 1.5.0-4
- Update to 1.3.0 release version
- fix PID file path in service files
- clean up spec file
- switched to openssl-devel, now builds with openssl 1.1
- install systemd units manually instead of patching the souce to do it
- enable kea-shell
- add boost patch
- add kea-ctrl-agent unit
- change postgresql-devel to postgresql-server-devel
- update to 1.4.0
* Sun Dec 16 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.5.0-3
- Update to released version
* Tue Dec 11 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.5.0-beta2.2%{?dist}
- Do not require -connectors on RHEL
* Tue Dec 4 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.5.0-beta2.1%{?dist}
- update to beta2
* Tue Nov 20 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.5.0-2
- Update to 1.5.0 beta
* Mon Aug 27 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.3.0-12
- Disable tests again.
* Mon Aug 27 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.3.0-11
- Do not use compat verion of openssl
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu May 17 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.3.0-9
- Fix config files names (#1579298)
* Mon Feb 19 2018 Pavel Zhukov <pzhukov@redhat.com> - 1.3.0-8
- Add gcc-c++ BR
* Wed Feb 14 2018 Pavel Zhukov <landgraf@fedoraproject.org> - 1.3.0-7
- Package released version (#1545096)
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jan 31 2018 Pavel Zhukov <landgraf@fedoraproject.org> - 1.3.0-4
- Fix build with boost 1.66 (#1540331)
* Thu Nov 2 2017 Pavel Zhukov <pzhukov@redhat.com> - 1.3.0-3
- Add openssl-devel requires
- Do not force pkgconfig(openssl) version
* Mon Oct 23 2017 Pavel Zhukov <pzhukov@redhat.com> - 1.2.0-8
- Require openssl102
* Sun Oct 22 2017 Pavel Zhukov <pzhukov@redhat.com> - 1.2.0-7
- Rebuild with new openssl
* Thu Oct 12 2017 Pavel Zhukov <pzhukov@redhat.com> - 1.2.0-6
- Use mariadb-connector-c-devel instead of mysql-devel (#1493628)
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Mon Jul 03 2017 Jonathan Wakely <jwakely@redhat.com> - 1.2.0-3
- Rebuilt for Boost 1.64
* Fri May 26 2017 Pavel Zhukov <landgraf@fedoraproject.org> - 1.2.0-2
- New release 1.2.0 (#1440348)
* Tue Apr 04 2017 Pavel Zhukov <landgraf@fedoraproject.org> - 1.1.0-3
- Add patch for OpenSSL 1.1. Fix FTBFS (#1423812)
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Oct 04 2016 Jiri Popelka <jpopelka@redhat.com> - 1.1.0-1
- 1.1.0
* Thu Sep 01 2016 Jiri Popelka <jpopelka@redhat.com> - 1.1.0-0.1
- 1.1.0-beta
* Fri Aug 12 2016 Michal Toman <mtoman@fedoraproject.org> - 1.0.0-11
- No valgrind on MIPS
* Wed Aug 03 2016 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-10
- %%{_defaultdocdir}/kea/ -> %%{_pkgdocdir}
* Fri May 13 2016 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-9
- devel subpackage Requires: boost-devel
* Wed Mar 23 2016 Zdenek Dohnal <zdohnal@redhat.com> - 1.0.0-8
- Rebuild for log4cplus-1.2.0-2
* Wed Mar 23 2016 Zdenek Dohnal <zdohnal@redhat.com> - 1.0.0-7
- Rebuilding kea for log4cplus-1.2.0
* Wed Mar 16 2016 Zdenek Dohnal <zdohnal@redhat.com> - 1.0.0-6
- Editing pgsql_lease_mgr.cc according to upstream
* Fri Mar 11 2016 Zdenek Dohnal <zdohnal@redhat.com> - 1.0.0-4
- Fixing bugs created from new C++ standard
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Fri Jan 15 2016 Jonathan Wakely <jwakely@redhat.com> - 1.0.0-2
- Rebuilt for Boost 1.60
* Tue Dec 29 2015 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-1
- 1.0.0
* Wed Dec 23 2015 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-0.3.beta2
- fix compile error
* Wed Dec 23 2015 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-0.2.beta2
- 1.0.0-beta2
* Wed Dec 09 2015 Jiri Popelka <jpopelka@redhat.com> - 1.0.0-0.1.beta
- 1.0.0-beta
* Mon Aug 24 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.2-3
- fix valgrind-devel availability
* Wed Jul 29 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.2-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/F23Boost159
* Tue Jul 28 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.2-1
- 0.9.2
* Wed Jul 22 2015 David Tardon <dtardon@redhat.com> - 0.9.2-0.2.beta
- rebuild for Boost 1.58
* Thu Jul 02 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.2-0.1.beta
- 0.9.2-beta
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 0.9.1-2
- Rebuilt for GCC 5 C++11 ABI change
* Wed Apr 01 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.1-1
- 0.9.1
* Fri Feb 20 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.1-0.2.beta
- /run/kea/ (for logger_lockfile)
* Thu Feb 19 2015 Jiri Popelka <jpopelka@redhat.com> - 0.9.1-0.1.beta
- 0.9.1-beta
* Tue Jan 27 2015 Petr Machata <pmachata@redhat.com> - 0.9-4
- Rebuild for boost 1.57.0
* Tue Nov 04 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-3
- do not override @localstatedir@ globally
- include latest upstream kea.conf
* Wed Sep 24 2014 Dan Horák <dan[at]danny.cz> - 0.9-2
- valgrind available only on selected arches
* Mon Sep 01 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-1
- 0.9
* Thu Aug 21 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-0.5.beta1
- fix building with PostgreSQL on i686
- redefine localstatedir to sharedstatedir (kea#3523)
* Wed Aug 20 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-0.4.beta1
- install systemd service units with a proper patch that we can send upstream
- build with MySQL & PostgreSQL & Google Test
- no need to copy sample configuration, /etc/kea/kea.conf already contains one
* Tue Aug 19 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-0.3.beta1
- comment patches
- use --preserve-timestamps with install
* Mon Aug 18 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-0.2.beta1
- make it build on armv7
- BuildRequires procps-ng for %%check
- use install instead of cp
- configure.ac: AC_PROG_LIBTOOL -> LT_INIT
- move license files to -libs
* Thu Aug 14 2014 Jiri Popelka <jpopelka@redhat.com> - 0.9-0.1.beta1
- initial spec
## END: Generated by rpmautospec

16
keama-4.5.0.tar.gz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEECQoqB5I/kltXZ4A6QuXfeMgycdsFAmUK7TEACgkQQuXfeMgy
cduepw/+IuAOJbO0qM8AcskDJvq3rwIOu/rCXHOlYHBGIQm9jpecQBzpevCw5Cq+
nvx3ugr5k4BKdbfBi5/fswunOID/XIom/BbXExzWi+goJzZqVFp71OyzG3Mz6JFD
F4+5Ib4rF8anj848eBZEry4Exe1ohZ85ZGCAgIJnXCYFwwNRKQ1rftl1YFbmwHy5
DnYLs0qnvxTrxuD8K/kqeSTIf161tfrVE9uz4qrIga3+Sju2/0Ul9s9epMiW9l4g
YZRJXYt4XL/iUF4heZ4VczOTsNmkd6R5GAlkIJpHFwEVm4POgy4JhNxwg48zmp2Y
NBZmci/mxy+l8WU/oxQ4GhG4ZIONmb9H04jCYkoNRkxz7SW8cH5kTwg235quaS/E
kSXbnjtVpo8rwqga14ojDmXsv5m5hbjatFtUKZpotvOuFzcUBnCd1y/P/21liasI
AnXv7UUXZAaQzAymX7V+JlCEB2O74O6pV1W1ihLLVCM+wgUE13QU8C7btZZgB51w
7Aoia+kJ8BPx9aKezlUcZGxVVhH09bP2oIbsiPaGHOL6SYF5546t6EGPOwvUaQys
2Jg/LtM14LwVCJNSiL0Sm7gHK53lAzTiDME+lH6+tKjEqrdDlG1tuVih6//Zr54W
OiIXLkqx7h/z5blew4oMRbh3j4xfufuu6LWlOK4BDX5YsMSyEYo=
=lhWX
-----END PGP SIGNATURE-----

36
plans.fmf
View File

@ -1,36 +0,0 @@
/tier1-internal:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/kea.git
name: /plans/tier1/internal
/tier1-public:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/kea.git
name: /plans/tier1/public
/tier2-tier3-internal:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/kea.git
name: /plans/tier2-tier3/internal
/tier2-tier3-public:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/kea.git
name: /plans/tier2-tier3/public
/others-internal:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/kea.git
name: /plans/others/internal
/others-public:
plan:
import:
url: https://gitlab.com/redhat/centos-stream/tests/kea.git
name: /plans/others/public

8
rpminspect.yaml
View File

@ -1,8 +0,0 @@
---
badfuncs:
# Keama converts old ISC dhcpd configuration to a new Kea format.
# It is not multi-threaded so it is safe to use.
allowed:
/usr/bin/keama:
- gethostbyname

4
sources
View File

@ -1,4 +1,2 @@
SHA512 (kea-2.6.3.tar.gz) = d7781c0b95529bfe89c19615c1dd5952fd4c4b60274e187a641992dad81ef5af921dfb15050ec43169a0c2ad267639642b2e294c5d43405f85a5fb11bb1a939a SHA512 (kea-3.0.1.tar.xz) = 84e2164aa91c95b2e6e65994a2327fa1233c82b06af69312f55464119d4edc6151a4662a54f4a3ae83e0487dac7b25c5e59e60bcbed653fd30fb32ae7cacddf3
SHA512 (kea-2.6.3.tar.gz.asc) = ceb5771c7e8533ed93103a6d3ed9a616ffeec0c8d4feb697e3514d1be90993f8a3255c96990be96b2698b708abadbe7a42cd87a80326f376a1d450dc226a12e0
SHA512 (keama-4.5.0.tar.gz) = 2e48987e21999718be7ceb5b604be672c84666b07dde9545285ff7146ab6825e81af1ec3b5a4b50f20e61b40ed11b0254e3705cc580bb85de24b77ee8cbca162 SHA512 (keama-4.5.0.tar.gz) = 2e48987e21999718be7ceb5b604be672c84666b07dde9545285ff7146ab6825e81af1ec3b5a4b50f20e61b40ed11b0254e3705cc580bb85de24b77ee8cbca162
SHA512 (keama-4.5.0.tar.gz.asc) = 8ec416e44e143037a6936682d1e11b96c1a48be05f3e747e7a26b190e1f11c75104ef16c23eda9b257433b8de5a73c081b65fd903b611d8faa9c4b3b47702763