diff --git a/.gitignore b/.gitignore index 17431f7..8652366 100644 --- a/.gitignore +++ b/.gitignore @@ -57,3 +57,4 @@ bind-9.7.2b1.tar.gz /bind-9.10.2-P1.tar.gz /bind-9.10.2-P2.tar.gz /bind-9.10.2-P3.tar.gz +/bind-9.10.3rc1.tar.gz diff --git a/bind-9.10-ISC-Bugs-38710.patch b/bind-9.10-ISC-Bugs-38710.patch deleted file mode 100644 index 65f37bc..0000000 --- a/bind-9.10-ISC-Bugs-38710.patch +++ /dev/null @@ -1,28 +0,0 @@ -From b987e8221e4eb9c9bae24821534164779f644395 Mon Sep 17 00:00:00 2001 -From: Tomas Hozza -Date: Wed, 25 Feb 2015 12:29:08 +0100 -Subject: [PATCH] Python3 issue: print used as statement in dnssec-coverage.py - -When using Python3, the tool would not print extra newlines - -Signed-off-by: Tomas Hozza ---- - bin/python/dnssec-coverage.py.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/bin/python/dnssec-coverage.py.in b/bin/python/dnssec-coverage.py.in -index 0f352c1..58af516 100755 ---- a/bin/python/dnssec-coverage.py.in -+++ b/bin/python/dnssec-coverage.py.in -@@ -326,7 +326,7 @@ def vspace(): - if _firstline: - _firstline = False - else: -- print -+ print() - - ############################################################################ - # vreset: --- -2.1.0 - diff --git a/bind-9.10-dyndb.patch b/bind-9.10-dyndb.patch index 96c2824..fec6e4d 100644 --- a/bind-9.10-dyndb.patch +++ b/bind-9.10-dyndb.patch @@ -1,26 +1,5 @@ -From 9b40e9166ee28f2d00424248fe303045e42b1c93 Mon Sep 17 00:00:00 2001 -From: Tomas Hozza -Date: Tue, 29 Jul 2014 15:16:10 +0200 -Subject: [PATCH] Dynamic DB database for BIND 9.10 - -Signed-off-by: Tomas Hozza ---- - bin/named/main.c | 1 + - bin/named/server.c | 100 +++++++++++ - lib/dns/Makefile.in | 10 +- - lib/dns/dynamic_db.c | 367 +++++++++++++++++++++++++++++++++++++++ - lib/dns/include/dns/Makefile.in | 2 +- - lib/dns/include/dns/dynamic_db.h | 51 ++++++ - lib/dns/include/dns/log.h | 1 + - lib/dns/include/dns/types.h | 1 + - lib/dns/log.c | 1 + - lib/isccfg/namedconf.c | 36 ++++ - 10 files changed, 567 insertions(+), 3 deletions(-) - create mode 100644 lib/dns/dynamic_db.c - create mode 100644 lib/dns/include/dns/dynamic_db.h - diff --git a/bin/named/main.c b/bin/named/main.c -index 8ee9bd8..8f7c7ee 100644 +index d951ef5..306295f 100644 --- a/bin/named/main.c +++ b/bin/named/main.c @@ -43,6 +43,7 @@ @@ -32,10 +11,10 @@ index 8ee9bd8..8f7c7ee 100644 #include #include diff --git a/bin/named/server.c b/bin/named/server.c -index 789ca8a..8e05650 100644 +index 19e064f..960d4bb 100644 --- a/bin/named/server.c +++ b/bin/named/server.c -@@ -70,6 +70,7 @@ +@@ -68,6 +68,7 @@ #include #include #include @@ -43,7 +22,7 @@ index 789ca8a..8e05650 100644 #include #include #include -@@ -1294,6 +1295,70 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { +@@ -1308,6 +1309,70 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { return (result); } @@ -114,15 +93,15 @@ index 789ca8a..8e05650 100644 static isc_result_t disable_algorithms(const cfg_obj_t *disabled, dns_resolver_t *resolver) { isc_result_t result; -@@ -2314,6 +2379,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, +@@ -2344,6 +2409,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, const cfg_obj_t *dlz; unsigned int dlzargc; char **dlzargv; + const cfg_obj_t *dynamic_db_list; const cfg_obj_t *disabled; const cfg_obj_t *obj; - const cfg_listelt_t *element; -@@ -3599,6 +3665,37 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, + #ifdef ENABLE_FETCHLIMIT +@@ -3698,6 +3764,37 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, dns_view_setrootdelonly(view, ISC_FALSE); /* @@ -160,7 +139,7 @@ index 789ca8a..8e05650 100644 * Setup automatic empty zones. If recursion is off then * they are disabled by default. */ -@@ -5365,6 +5462,7 @@ load_configuration(const char *filename, ns_server_t *server, +@@ -5443,6 +5540,7 @@ load_configuration(const char *filename, ns_server_t *server, cfg_aclconfctx_detach(&ns_g_aclconfctx); CHECK(cfg_aclconfctx_create(ns_g_mctx, &ns_g_aclconfctx)); @@ -168,7 +147,7 @@ index 789ca8a..8e05650 100644 /* * Parse the global default pseudo-config file. */ -@@ -6571,6 +6669,8 @@ shutdown_server(isc_task_t *task, isc_event_t *event) { +@@ -6671,6 +6769,8 @@ shutdown_server(isc_task_t *task, isc_event_t *event) { dns_view_detach(&view); } @@ -178,7 +157,7 @@ index 789ca8a..8e05650 100644 ISC_LIST_UNLINK(server->cachelist, nsc, link); dns_cache_detach(&nsc->cache); diff --git a/lib/dns/Makefile.in b/lib/dns/Makefile.in -index 046abdb..8b62873 100644 +index 6dfd146..4fb7c6e 100644 --- a/lib/dns/Makefile.in +++ b/lib/dns/Makefile.in @@ -65,7 +65,7 @@ GEOIPLINKOBJS = geoip.@O@ @@ -213,9 +192,8 @@ index 046abdb..8b62873 100644 ${LIBTOOL_MODE_LINK} \ ${CC} ${ALL_CFLAGS} ${LDFLAGS} -o libdns.la -rpath ${libdir} \ diff --git a/lib/dns/dynamic_db.c b/lib/dns/dynamic_db.c -new file mode 100644 -index 0000000..e32a3c8 ---- /dev/null +index e69de29..e32a3c8 100644 +--- a/lib/dns/dynamic_db.c +++ b/lib/dns/dynamic_db.c @@ -0,0 +1,367 @@ +/* @@ -599,9 +577,8 @@ index 667db71..0661291 100644 ecdb.h events.h fixedname.h forward.h geoip.h iptable.h \ journal.h keydata.h keyflags.h keytable.h keyvalues.h \ diff --git a/lib/dns/include/dns/dynamic_db.h b/lib/dns/include/dns/dynamic_db.h -new file mode 100644 -index 0000000..719fa0f ---- /dev/null +index e69de29..719fa0f 100644 +--- a/lib/dns/include/dns/dynamic_db.h +++ b/lib/dns/include/dns/dynamic_db.h @@ -0,0 +1,51 @@ +/* @@ -656,7 +633,7 @@ index 0000000..719fa0f +#endif + diff --git a/lib/dns/include/dns/log.h b/lib/dns/include/dns/log.h -index 15f3976..2fb3fed 100644 +index 845be49..7b94ec6 100644 --- a/lib/dns/include/dns/log.h +++ b/lib/dns/include/dns/log.h @@ -78,6 +78,7 @@ LIBDNS_EXTERNAL_DATA extern isc_logmodule_t dns_modules[]; @@ -668,7 +645,7 @@ index 15f3976..2fb3fed 100644 ISC_LANG_BEGINDECLS diff --git a/lib/dns/include/dns/types.h b/lib/dns/include/dns/types.h -index 7324a97..ba02423 100644 +index 00ba58e..b7fdead 100644 --- a/lib/dns/include/dns/types.h +++ b/lib/dns/include/dns/types.h @@ -64,6 +64,7 @@ typedef struct dns_dlzimplementation dns_dlzimplementation_t; @@ -680,7 +657,7 @@ index 7324a97..ba02423 100644 typedef struct dns_dispatch dns_dispatch_t; typedef struct dns_dispatchevent dns_dispatchevent_t; diff --git a/lib/dns/log.c b/lib/dns/log.c -index 56b6161..a10c44e 100644 +index 377b03c..acef9e6 100644 --- a/lib/dns/log.c +++ b/lib/dns/log.c @@ -84,6 +84,7 @@ LIBDNS_EXTERNAL_DATA isc_logmodule_t dns_modules[] = { @@ -692,10 +669,10 @@ index 56b6161..a10c44e 100644 }; diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c -index 911612f..0e499af 100644 +index 780ab46..48f166a 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c -@@ -107,6 +107,7 @@ static cfg_type_t cfg_type_controls; +@@ -105,6 +105,7 @@ static cfg_type_t cfg_type_controls; static cfg_type_t cfg_type_controls_sockaddr; static cfg_type_t cfg_type_destinationlist; static cfg_type_t cfg_type_dialuptype; @@ -703,7 +680,7 @@ index 911612f..0e499af 100644 static cfg_type_t cfg_type_ixfrdifftype; static cfg_type_t cfg_type_key; static cfg_type_t cfg_type_logfile; -@@ -935,6 +936,7 @@ namedconf_or_view_clauses[] = { +@@ -962,6 +963,7 @@ namedconf_or_view_clauses[] = { { "key", &cfg_type_key, CFG_CLAUSEFLAG_MULTI }, { "zone", &cfg_type_zone, CFG_CLAUSEFLAG_MULTI }, { "dlz", &cfg_type_dlz, CFG_CLAUSEFLAG_MULTI }, @@ -711,7 +688,7 @@ index 911612f..0e499af 100644 { "server", &cfg_type_server, CFG_CLAUSEFLAG_MULTI }, { "trusted-keys", &cfg_type_dnsseckeys, CFG_CLAUSEFLAG_MULTI }, { "managed-keys", &cfg_type_managedkeys, CFG_CLAUSEFLAG_MULTI }, -@@ -2155,6 +2157,40 @@ static cfg_type_t cfg_type_dialuptype = { +@@ -2188,6 +2190,40 @@ static cfg_type_t cfg_type_dialuptype = { &cfg_rep_string, dialup_enums }; @@ -752,6 +729,3 @@ index 911612f..0e499af 100644 static const char *notify_enums[] = { "explicit", "master-only", NULL }; static isc_result_t parse_notify_type(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { --- -1.9.3 - diff --git a/bind-9.10-sdb.patch b/bind-9.10-sdb.patch index e654f16..3938b4b 100644 --- a/bind-9.10-sdb.patch +++ b/bind-9.10-sdb.patch @@ -1,18 +1,3 @@ -From dc6de005ec4b5488ca4a8db8203b3ce582b62e00 Mon Sep 17 00:00:00 2001 -From: Tomas Hozza -Date: Mon, 24 Nov 2014 13:44:55 +0100 -Subject: [PATCH] distribute SDB - -Signed-off-by: Tomas Hozza ---- - bin/Makefile.in | 4 +-- - bin/named-sdb/Makefile.in | 22 +++++-------- - bin/named-sdb/main.c | 83 +++++++++++++++++++++++++++++++++++++++++++++++ - bin/named/Makefile.in | 16 ++++----- - bin/sdb_tools/Makefile.in | 10 ++++-- - configure.in | 3 ++ - 6 files changed, 109 insertions(+), 29 deletions(-) - diff --git a/bin/Makefile.in b/bin/Makefile.in index 7654169..b4c9c03 100644 --- a/bin/Makefile.in @@ -84,10 +69,10 @@ index ba5ec3c..d7ac259 100644 @DLZ_DRIVER_RULES@ diff --git a/bin/named-sdb/main.c b/bin/named-sdb/main.c -index 8f7c7ee..d603506 100644 +index 306295f..a7f3327 100644 --- a/bin/named-sdb/main.c +++ b/bin/named-sdb/main.c -@@ -86,6 +86,10 @@ +@@ -91,6 +91,10 @@ * Include header files for database drivers here. */ /* #include "xxdb.h" */ @@ -98,7 +83,7 @@ index 8f7c7ee..d603506 100644 #ifdef CONTRIB_DLZ /* -@@ -926,6 +930,11 @@ setup(void) { +@@ -985,6 +989,11 @@ setup(void) { ns_main_earlyfatal("isc_app_start() failed: %s", isc_result_totext(result)); @@ -108,9 +93,9 @@ index 8f7c7ee..d603506 100644 + sqlitedb_clear(); + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, - ISC_LOG_NOTICE, "starting %s %s%s", ns_g_product, - ns_g_version, saved_command_line); -@@ -1038,6 +1047,75 @@ setup(void) { + ISC_LOG_NOTICE, "starting %s %s%s%s %s", + ns_g_product, ns_g_version, +@@ -1099,6 +1108,75 @@ setup(void) { isc_result_totext(result)); #endif @@ -186,7 +171,7 @@ index 8f7c7ee..d603506 100644 ns_server_create(ns_g_mctx, &ns_g_server); #ifdef HAVE_LIBSECCOMP -@@ -1073,6 +1151,11 @@ cleanup(void) { +@@ -1138,6 +1216,11 @@ cleanup(void) { dns_name_destroy(); @@ -292,10 +277,10 @@ index 7f3c5e2..b1bca66 100644 + ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} zone2sqlite@EXEEXT@ ${DESTDIR}${sbindir} ${INSTALL_DATA} ${srcdir}/zone2ldap.1 ${DESTDIR}${mandir}/man1/zone2ldap.1 diff --git a/configure.in b/configure.in -index 8f3b8f4..b50aa00 100644 +index 6dab9dc..f84d161 100644 --- a/configure.in +++ b/configure.in -@@ -4477,12 +4477,15 @@ AC_CONFIG_FILES([ +@@ -4686,12 +4686,15 @@ AC_CONFIG_FILES([ bin/named/unix/Makefile bin/named-pkcs11/Makefile bin/named-pkcs11/unix/Makefile @@ -311,6 +296,3 @@ index 8f3b8f4..b50aa00 100644 bin/tests/Makefile bin/tests/atomic/Makefile bin/tests/db/Makefile --- -1.9.3 - diff --git a/bind-9.9.1-P2-multlib-conflict.patch b/bind-9.9.1-P2-multlib-conflict.patch index 7724749..90eb995 100644 --- a/bind-9.9.1-P2-multlib-conflict.patch +++ b/bind-9.9.1-P2-multlib-conflict.patch @@ -1,8 +1,8 @@ diff --git a/config.h.in b/config.h.in -index ff72235..bce1a24 100644 +index 0c340db..dbeecd7 100644 --- a/config.h.in +++ b/config.h.in -@@ -513,7 +513,7 @@ int sigwait(const unsigned int *set, int *sig); +@@ -520,7 +520,7 @@ int sigwait(const unsigned int *set, int *sig); #undef PREFER_GOSTASN1 /* The size of `void *', as computed by sizeof. */ @@ -12,10 +12,10 @@ index ff72235..bce1a24 100644 /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS diff --git a/configure.in b/configure.in -index 10c98c3..d54b036 100644 +index 6b875ba..c39477c 100644 --- a/configure.in +++ b/configure.in -@@ -3048,8 +3048,11 @@ int getnameinfo(const struct sockaddr *, size_t, char *, +@@ -3065,8 +3065,11 @@ int getnameinfo(const struct sockaddr *, size_t, char *, size_t, char *, size_t, int);], [ return (0);], [AC_MSG_RESULT(size_t for buflen; int for flags) @@ -30,7 +30,7 @@ index 10c98c3..d54b036 100644 [AC_MSG_RESULT(not match any subspecies; assume standard definition) AC_DEFINE(IRS_GETNAMEINFO_SOCKLEN_T, socklen_t) diff --git a/isc-config.sh.in b/isc-config.sh.in -index 10df275..5215eb0 100644 +index 04a9e5c..67400d8 100644 --- a/isc-config.sh.in +++ b/isc-config.sh.in @@ -21,7 +21,18 @@ prefix=@prefix@ @@ -53,9 +53,9 @@ index 10df275..5215eb0 100644 usage() { -@@ -133,6 +144,16 @@ if test x"$echo_libs" = x"true"; then +@@ -140,6 +151,16 @@ if test x"$echo_libs" = x"true"; then if test x"${exec_prefix_set}" = x"true"; then - includes="-L${exec_prefix}/lib" + libs="-L${exec_prefix}/lib" else + if [ ! -x $libdir/libisc.so ] ; then + if [ ! -x $sec_libdir/libisc.so ] ; then @@ -69,4 +69,4 @@ index 10df275..5215eb0 100644 + fi libs="-L${libdir}" fi - if test x"$liblwres" = x"true" ; then + if test x"$libirs" = x"true" ; then diff --git a/bind.spec b/bind.spec index 123098a..44df726 100644 --- a/bind.spec +++ b/bind.spec @@ -2,8 +2,8 @@ # Red Hat BIND package .spec file # -%global PATCHVER P3 -#%%global PREVER rc2 +#%%global PATCHVER P3 +%global PREVER rc1 %global VERSION %{version}%{?PREVER}%{?PATCHVER:-%{PATCHVER}} %{?!SDB: %global SDB 1} @@ -23,8 +23,8 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server Name: bind License: ISC -Version: 9.10.2 -Release: 9%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} +Version: 9.10.3 +Release: 0.1%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -77,8 +77,6 @@ Patch133:bind99-rh640538.patch Patch134:bind97-rh669163.patch # Fedora specific patch to distribute native-pkcs#11 functionality Patch136:bind-9.10-dist-native-pkcs11.patch -# [ISC-Bugs #38710] Python3 issue: print used as a statement in dnssec-coverage.py -Patch137:bind-9.10-ISC-Bugs-38710.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -309,7 +307,6 @@ Based on the code from Jan "Yenya" Kasprzak %patch125 -p1 -b .buildfix %patch130 -p1 -b .libdb %patch131 -p1 -b .multlib-conflict -%patch137 -p1 -b .ISC-Bugs-38710 %if %{PKCS11} cp -r bin/named{,-pkcs11} @@ -835,7 +832,7 @@ rm -rf ${RPM_BUILD_ROOT} %defattr(-,root,root,-) %{_libdir}/libdns.so.161* %{_libdir}/libirs.so.141* -%{_libdir}/libisc.so.148* +%{_libdir}/libisc.so.160* %{_libdir}/libisccfg.so.140* %files license @@ -984,7 +981,7 @@ rm -rf ${RPM_BUILD_ROOT} %files pkcs11-libs %defattr(-,root,root,-) %{_libdir}/libdns-pkcs11.so.161* -%{_libdir}/libisc-pkcs11.so.148* +%{_libdir}/libisc-pkcs11.so.160* %files pkcs11-devel %defattr(-,root,root,-) @@ -996,6 +993,9 @@ rm -rf ${RPM_BUILD_ROOT} %changelog +* Thu Sep 03 2015 Tomas Hozza +- Update to 9.10.3rc1 + * Wed Jul 29 2015 Tomas Hozza - 32:9.10.2-9.P3 - Update to 9.10.2-P3 to fix CVE-2015-5477 diff --git a/bind99-buildfix.patch b/bind99-buildfix.patch index 5064534..8ff5c44 100644 --- a/bind99-buildfix.patch +++ b/bind99-buildfix.patch @@ -1,12 +1,13 @@ -diff -up bind-9.9.4b1/bin/tests/system/Makefile.in.buildfix bind-9.9.4b1/bin/tests/system/Makefile.in ---- bind-9.9.4b1/bin/tests/system/Makefile.in.buildfix 2013-07-15 11:02:23.354667876 +0200 -+++ bind-9.9.4b1/bin/tests/system/Makefile.in 2013-07-15 11:04:19.109587522 +0200 -@@ -21,7 +21,7 @@ top_srcdir = @top_srcdir@ +diff --git a/bin/tests/system/Makefile.in b/bin/tests/system/Makefile.in +index bdfd72a..706290c 100644 +--- a/bin/tests/system/Makefile.in ++++ b/bin/tests/system/Makefile.in +@@ -19,7 +19,7 @@ top_srcdir = @top_srcdir@ @BIND9_MAKE_INCLUDES@ --SUBDIRS = builtin dlzexternal filter-aaaa geoip lwresd rpz rsabigexponent tkey tsiggss -+SUBDIRS = builtin filter-aaaa geoip lwresd rpz rsabigexponent tkey tsiggss +-SUBDIRS = builtin dlzexternal fetchlimit filter-aaaa geoip lwresd rpz rsabigexponent statistics tkey tsiggss ++SUBDIRS = builtin fetchlimit filter-aaaa geoip lwresd rpz rsabigexponent statistics tkey tsiggss TARGETS = @BIND9_MAKE_RULES@ diff --git a/sources b/sources index 9c11850..f1ee19f 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ dd419c3869c9bb1d73e044177ec1623c config-14.tar.bz2 -a810d5d65fbdcf28dcda80d646913c3a bind-9.10.2-P3.tar.gz +9d4c4dd068f92ae76a5f579751509e62 bind-9.10.3rc1.tar.gz