From 7a958a2a9f9461e4d789cf15fd0bfac005a8e491 Mon Sep 17 00:00:00 2001 From: Petr Menšík Date: Feb 07 2019 09:46:05 +0000 Subject: Disable dig IDN output into scripts Dig could be used to receive zone via AXFR. If IDN data are inside and are decoded, it cannot be used as named zone file. Disable +idnout if stdin is not a tty. --- diff --git a/bind-9.11-rh1647829-2.patch b/bind-9.11-rh1647829-2.patch new file mode 100644 index 0000000..bb8b3e9 --- /dev/null +++ b/bind-9.11-rh1647829-2.patch @@ -0,0 +1,28 @@ +From 58e1af6ca75d035b6391708be2c2272bb8d04620 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= +Date: Sun, 4 Nov 2018 02:20:41 +0700 +Subject: [PATCH] Enable IDN processing (both idnin and idnout) only on tty, + disable it when the stdout is not a tty + +(cherry picked from commit 0e1bf7d017e4f6d787cbeb72cc2aa74e7f30122e) +(cherry picked from commit 8e1cc95c943b7dfaaaaf2d9a4971861735cc3fb2) +--- + bin/dig/dighost.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c +index 74791d671e..3b722ba0ff 100644 +--- a/bin/dig/dighost.c ++++ b/bin/dig/dighost.c +@@ -825,7 +825,7 @@ make_empty_lookup(void) { + looknew->seenbadcookie = false; + looknew->badcookie = true; + #ifdef WITH_IDN_SUPPORT +- looknew->idnin = (getenv("IDN_DISABLE") == NULL); ++ looknew->idnin = isatty(1)?(getenv("IDN_DISABLE") == NULL):false; + if (looknew->idnin) { + const char *charset = getenv("CHARSET"); + if (charset && !strcmp(charset, "ASCII")) +-- +2.20.1 + diff --git a/bind.spec b/bind.spec index a3023ea..4cf4e14 100644 --- a/bind.spec +++ b/bind.spec @@ -135,6 +135,8 @@ Patch163:bind-9.11-rh1663318.patch Patch164:bind-9.11-rh1666814.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1647829 Patch165:bind-9.11-rh1647829.patch +# commit 8e1cc95c943b7dfaaaaf2d9a4971861735cc3fb2 +Patch166:bind-9.11-rh1647829-2.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -513,6 +515,7 @@ are used for building ISC DHCP. %patch163 -p1 -b .rh1663318 %patch164 -p1 -b .rh1666814 %patch165 -p1 -b .rh1647829 +%patch166 -p1 -b .rh1647829-2 mkdir lib/dns/tests/testdata/dstrandom cp -a %{SOURCE50} lib/dns/tests/testdata/dstrandom/random.data @@ -1517,6 +1520,8 @@ fi; %changelog * Thu Jan 31 2019 Petr Menšík - 32:9.11.5-9.P1 - dig prints ASCII name instead of failure (#1647829) +- disable IDN output from scripts + * Thu Jan 31 2019 Fedora Release Engineering - 32:9.11.5-8.P1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild