From 25b398b4e2bf35e06d892923206c00b18e3e809b Mon Sep 17 00:00:00 2001
From: Petr Menšík <pemensik@redhat.com>
Date: Dec 15 2021 19:58:57 +0000
Subject: Update to 9.16.24


https://downloads.isc.org/isc/bind9/9.16.24/RELEASE-NOTES-bind-9.16.24.html

---

diff --git a/bind-9.11-fips-tests.patch b/bind-9.11-fips-tests.patch
index 51927a4..651db2a 100644
--- a/bind-9.11-fips-tests.patch
+++ b/bind-9.11-fips-tests.patch
@@ -1,4 +1,4 @@
-From 3f04cf343dbeb8819197702ce1be737e26e0638a Mon Sep 17 00:00:00 2001
+From 9575852be2344244ac182d7d019869406d3bd963 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
 Date: Thu, 2 Aug 2018 23:46:45 +0200
 Subject: [PATCH] FIPS tests changes
@@ -73,7 +73,8 @@ Date:   Wed Mar 7 10:44:23 2018 +0100
  .../system/allow-query/ns2/named40.conf.in    |  4 +-
  bin/tests/system/allow-query/tests.sh         | 18 ++---
  bin/tests/system/catz/ns1/named.conf.in       |  2 +-
- bin/tests/system/catz/ns2/named.conf.in       |  2 +-
+ bin/tests/system/catz/ns2/named1.conf.in      |  2 +-
+ bin/tests/system/catz/ns2/named2.conf.in      |  2 +-
  bin/tests/system/checkconf/bad-tsig.conf      |  2 +-
  bin/tests/system/checkconf/good.conf          |  2 +-
  bin/tests/system/feature-test.c               | 14 ++++
@@ -91,7 +92,7 @@ Date:   Wed Mar 7 10:44:23 2018 +0100
  bin/tests/system/tsig/tests.sh                | 65 ++++++++++++-------
  bin/tests/system/upforwd/ns1/named.conf.in    |  2 +-
  bin/tests/system/upforwd/tests.sh             |  2 +-
- 33 files changed, 162 insertions(+), 108 deletions(-)
+ 34 files changed, 163 insertions(+), 109 deletions(-)
  create mode 100644 bin/tests/system/tsig/ns1/rndc5.conf.in
 
 diff --git a/bin/tests/system/acl/ns2/named1.conf.in b/bin/tests/system/acl/ns2/named1.conf.in
@@ -526,10 +527,10 @@ index 1218669..e62715e 100644
 -	algorithm hmac-md5;
 +	algorithm hmac-sha256;
  };
-diff --git a/bin/tests/system/catz/ns2/named.conf.in b/bin/tests/system/catz/ns2/named.conf.in
+diff --git a/bin/tests/system/catz/ns2/named1.conf.in b/bin/tests/system/catz/ns2/named1.conf.in
 index 30333e6..4005152 100644
---- a/bin/tests/system/catz/ns2/named.conf.in
-+++ b/bin/tests/system/catz/ns2/named.conf.in
+--- a/bin/tests/system/catz/ns2/named1.conf.in
++++ b/bin/tests/system/catz/ns2/named1.conf.in
 @@ -70,5 +70,5 @@ zone "catalog4.example" {
  
  key tsig_key. {
@@ -537,6 +538,17 @@ index 30333e6..4005152 100644
 -	algorithm hmac-md5;
 +	algorithm hmac-sha256;
  };
+diff --git a/bin/tests/system/catz/ns2/named2.conf.in b/bin/tests/system/catz/ns2/named2.conf.in
+index fcd99ca..84c97ca 100644
+--- a/bin/tests/system/catz/ns2/named2.conf.in
++++ b/bin/tests/system/catz/ns2/named2.conf.in
+@@ -56,5 +56,5 @@ zone "catalog4.example" {
+ 
+ key tsig_key. {
+ 	secret "LSAnCU+Z";
+-	algorithm hmac-md5;
++	algorithm hmac-sha256;
+ };
 diff --git a/bin/tests/system/checkconf/bad-tsig.conf b/bin/tests/system/checkconf/bad-tsig.conf
 index 21be03e..e57c308 100644
 --- a/bin/tests/system/checkconf/bad-tsig.conf
@@ -551,10 +563,10 @@ index 21be03e..e57c308 100644
  };
  
 diff --git a/bin/tests/system/checkconf/good.conf b/bin/tests/system/checkconf/good.conf
-index e09b9e8..2e824b3 100644
+index 616a544..e3a59a5 100644
 --- a/bin/tests/system/checkconf/good.conf
 +++ b/bin/tests/system/checkconf/good.conf
-@@ -210,6 +210,6 @@ dyndb "name" "library.so" {
+@@ -268,6 +268,6 @@ dyndb "name" "library.so" {
  	system;
  };
  key "mykey" {
@@ -670,10 +682,10 @@ index da6b3b4..c547e47 100644
  };
  
 diff --git a/bin/tests/system/nsupdate/setup.sh b/bin/tests/system/nsupdate/setup.sh
-index c055da3..4e1242b 100644
+index 5593a2e..7cd1a74 100644
 --- a/bin/tests/system/nsupdate/setup.sh
 +++ b/bin/tests/system/nsupdate/setup.sh
-@@ -56,7 +56,11 @@ EOF
+@@ -71,7 +71,11 @@ EOF
  
  $DDNSCONFGEN -q -z example.nil > ns1/ddns.key
  
@@ -687,10 +699,10 @@ index c055da3..4e1242b 100644
  $DDNSCONFGEN -q -a hmac-sha224 -k sha224-key -z keytests.nil > ns1/sha224.key
  $DDNSCONFGEN -q -a hmac-sha256 -k sha256-key -z keytests.nil > ns1/sha256.key
 diff --git a/bin/tests/system/nsupdate/tests.sh b/bin/tests/system/nsupdate/tests.sh
-index b35d797..41c128e 100755
+index 8839131..fde6135 100755
 --- a/bin/tests/system/nsupdate/tests.sh
 +++ b/bin/tests/system/nsupdate/tests.sh
-@@ -797,7 +797,14 @@ fi
+@@ -824,7 +824,14 @@ fi
  n=`expr $n + 1`
  ret=0
  echo_i "check TSIG key algorithms (nsupdate -k) ($n)"
@@ -706,7 +718,7 @@ index b35d797..41c128e 100755
      $NSUPDATE -k ns1/${alg}.key <<END > /dev/null || ret=1
  server 10.53.0.1 ${PORT}
  update add ${alg}.keytests.nil. 600 A 10.10.10.3
-@@ -805,7 +812,7 @@ send
+@@ -832,7 +839,7 @@ send
  END
  done
  sleep 2
@@ -715,7 +727,7 @@ index b35d797..41c128e 100755
      $DIG $DIGOPTS +short @10.53.0.1 ${alg}.keytests.nil | grep 10.10.10.3 > /dev/null 2>&1 || ret=1
  done
  if [ $ret -ne 0 ]; then
-@@ -816,7 +823,7 @@ fi
+@@ -843,7 +850,7 @@ fi
  n=`expr $n + 1`
  ret=0
  echo_i "check TSIG key algorithms (nsupdate -y) ($n)"
@@ -724,7 +736,7 @@ index b35d797..41c128e 100755
      secret=$(sed -n 's/.*secret "\(.*\)";.*/\1/p' ns1/${alg}.key)
      $NSUPDATE -y "hmac-${alg}:${alg}-key:$secret" <<END > /dev/null || ret=1
  server 10.53.0.1 ${PORT}
-@@ -825,7 +832,7 @@ send
+@@ -852,7 +859,7 @@ send
  END
  done
  sleep 2
@@ -734,10 +746,10 @@ index b35d797..41c128e 100755
  done
  if [ $ret -ne 0 ]; then
 diff --git a/bin/tests/system/rndc/setup.sh b/bin/tests/system/rndc/setup.sh
-index b59e7a7..04d5f5a 100644
+index 225722f..63ac938 100644
 --- a/bin/tests/system/rndc/setup.sh
 +++ b/bin/tests/system/rndc/setup.sh
-@@ -33,7 +33,7 @@ make_key () {
+@@ -38,7 +38,7 @@ make_key () {
              sed 's/allow { 10.53.0.4/allow { any/' >> ns4/named.conf
  }
  
@@ -747,10 +759,10 @@ index b59e7a7..04d5f5a 100644
  make_key 3 ${EXTRAPORT3} hmac-sha224
  make_key 4 ${EXTRAPORT4} hmac-sha256
 diff --git a/bin/tests/system/rndc/tests.sh b/bin/tests/system/rndc/tests.sh
-index 9fd84ed..d0b188f 100644
+index 9bf86c6..b8a7a1f 100644
 --- a/bin/tests/system/rndc/tests.sh
 +++ b/bin/tests/system/rndc/tests.sh
-@@ -348,15 +348,20 @@ if [ $ret != 0 ]; then echo_i "failed"; fi
+@@ -349,15 +349,20 @@ if [ $ret != 0 ]; then echo_i "failed"; fi
  status=`expr $status + $ret`
  
  n=`expr $n + 1`
@@ -955,5 +967,5 @@ index a50c896..8062d68 100644
  update add updated.example. 600 A 10.10.10.1
  update add updated.example. 600 TXT Foo
 -- 
-2.26.2
+2.31.1
 
diff --git a/bind.spec b/bind.spec
index b762d8c..347cdfc 100644
--- a/bind.spec
+++ b/bind.spec
@@ -52,8 +52,8 @@
 Summary:  The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
 Name:     bind
 License:  MPLv2.0
-Version:  9.16.23
-Release:  2%{?dist}
+Version:  9.16.24
+Release:  1%{?dist}
 Epoch:    32
 Url:      https://www.isc.org/downloads/bind/
 #
@@ -1122,6 +1122,9 @@ fi;
 %endif
 
 %changelog
+* Wed Dec 15 2021 Petr Menšík <pemensik@redhat.com> - 32:9.16.24-1
+- Update to 9.16.24 (#2032934)
+
 * Fri Nov 26 2021 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-2
 - Correct with GEOIP2 condition (#2026823)