packages/bind-dyndb-ldap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:d24925b3ba7f13239faa397eddf19aca2a67d185
Branches Tags
packages:main
...
compare: packages:eef913c941e158c8050d71b5c87309b2fc843483
Branches Tags
packages:main

10 Commits
d24925b3ba ... eef913c941

Author SHA1 Message Date
openeuler-ci-bot
eef913c941
!25 Fix build failure caused by bind update to 9.18.21-3 
From: @mmzzmm 
Reviewed-by: @sunsuwan 
Signed-off-by: @sunsuwan
 2024-08-12 08:11:37 +00:00
Zhao Mengmeng
13e62a7583 Fix build failure caused by bind update to 9.18.21-3 
After update to openEuler bind 9.18.21-3, those cves introduced
 new database interface change, backport upstream patch and modify
it to adapte openEuler bind version.
 2024-08-07 15:04:25 +08:00
openeuler-ci-bot
8c38e033a8
!21 [sync] PR-17: fix build failed 
From: @openeuler-sync-bot 
Reviewed-by: @robertxw 
Signed-off-by: @robertxw
 2024-03-20 07:39:24 +00:00
xinghe
afd680e451 fix build failed 
(cherry picked from commit 3aea08e97a4598f473677713b088572921788bdb)
 2024-03-20 14:38:37 +08:00
openeuler-ci-bot
d8de9b1067
!14 fix build error 
From: @xinghe_1 
Reviewed-by: @robertxw 
Signed-off-by: @robertxw
 2024-03-05 07:30:38 +00:00
xinghe
f2f508eb47 fix build error 2024-03-05 07:06:36 +00:00
openeuler-ci-bot
3c5fd7b762
!11 update to 11.10 
From: @xinghe_1 
Reviewed-by: @kircher 
Signed-off-by: @kircher
 2023-02-01 01:45:08 +00:00
xinghe
2495bf83ad update to 11.10 2023-01-31 01:42:46 +00:00
openeuler-ci-bot
ad451c6f8b
!10 add macros to control if need to eliminate bep differences 
From: @eaglegai 
Reviewed-by: @seuzw 
Signed-off-by: @seuzw
 2022-06-15 09:13:57 +00:00
eaglegai
954a845232 add macros to control if need to eliminate bep differences 2022-06-10 15:16:39 +08:00
15 changed files with 961 additions and 55 deletions
Show Stats Expand all files Collapse all files

56
backport-bind-dyndb-ldap-11.10-bind-9.18.13.patch Normal file
View File

@ -0,0 +1,56 @@
From 5d9a012e07578d1a813b385224ba53f77f06b026 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Wed, 22 Mar 2023 13:38:18 +0100
Subject: [PATCH] Remove rpz_attach for BIND 9.16+
rpz_attach is never supplied from BIND9 code both in 9.16 or 9.18.
Remove our custom function and pass NULL as well. It would be never
called anyway.
Modified to directly remove the function without db_registered fix.
---
src/ldap_driver.c | 20 ++++----------------
1 file changed, 4 insertions(+), 16 deletions(-)
diff --git a/src/ldap_driver.c b/src/ldap_driver.c
index e4aeeb2..20e12fc 100644
--- a/src/ldap_driver.c
+++ b/src/ldap_driver.c
@@ -804,22 +804,6 @@ rpz_attach(dns_db_t *db, dns_rpz_zones_t *rpzs, uint8_t rpz_num)
dns_db_rpz_attach(ldapdb->rbtdb, rpzs, rpz_num);
}
-#else
-void
-rpz_attach(dns_db_t *db, void *void_rpzs, uint8_t rpz_num)
-{
- ldapdb_t *ldapdb = (ldapdb_t *) db;
- dns_rpz_zones_t *rpzs = (dns_rpz_zones_t *) void_rpzs;
- isc_result_t result;
-
- REQUIRE(VALID_LDAPDB(ldapdb));
-
- rpzs->zones[rpz_num]->db_registered = true;
- result = dns_db_updatenotify_register(ldapdb->rbtdb,
- dns_rpz_dbupdate_callback,
- rpzs->zones[rpz_num]);
- REQUIRE(result == ISC_R_SUCCESS);
-}
#endif
/*
@@ -966,7 +950,11 @@ static dns_dbmethods_t ldapdb_methods = {
resigned,
isdnssec,
getrrsetstats,
+#if LIBDNS_VERSION_MAJOR < 1600
rpz_attach,
+#else
+ NULL,
+#endif
NULL, /* rpz_ready */
findnodeext,
findext,
--
2.39.2

405
backport-bind-dyndb-ldap-11.10-bind-9.18.19.patch Normal file
View File

@ -0,0 +1,405 @@
From 131ddb918a5e80bfac2ce97d994f75d42fdf4546 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Mon, 25 Sep 2023 12:33:42 +0200
Subject: [PATCH] Detect and propagate atomic libraries like bind9
BIND9 headers expect atomic definitions are configured before they are
included. It needs adding atomic libraries detection in configure AND
including config.h before any ISC headers are included.
Move dyndb-config.h before isc headers anywhere where needed.
---
configure.ac | 72 +++++++++++++++++++++++++++++++++++++++++++++
src/empty_zones.c | 3 +-
src/fs.c | 2 ++
src/fwd_register.c | 3 +-
src/krb5_helper.c | 1 +
src/ldap_convert.c | 3 +-
src/ldap_entry.c | 4 ++-
src/lock.c | 2 ++
src/log.c | 2 ++
src/metadb.c | 2 ++
src/mldap.c | 5 ++--
src/rbt_helper.c | 3 +-
src/semaphore.c | 2 ++
src/settings.c | 3 +-
src/str.c | 2 ++
src/syncptr.c | 3 +-
src/zone.c | 2 ++
src/zone_register.c | 3 +-
18 files changed, 107 insertions(+), 10 deletions(-)
diff --git a/configure.ac b/configure.ac
index 9f7f3640c..c30f105db 100644
--- a/configure.ac
+++ b/configure.ac
@@ -145,6 +145,78 @@ AC_RUN_IFELSE([AC_LANG_PROGRAM([
], [AC_MSG_ERROR([Cross compiling is not supported.])]
)
+# Following atomic checks taken from bind9 configure
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+ISC_ATOMIC_LIBS=""
+AC_CHECK_HEADERS(
+ [stdatomic.h],
+ [AC_MSG_CHECKING([for memory model aware atomic operations])
+ AC_COMPILE_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[#include <stdatomic.h>]],
+ [[atomic_int_fast32_t val = 0; atomic_fetch_add_explicit(&val, 1, memory_order_relaxed);]]
+ )],
+ [AC_MSG_RESULT([stdatomic.h])
+ AC_MSG_CHECKING([whether -latomic is needed for 64-bit stdatomic.h functions])
+ AC_LINK_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[#include <stdatomic.h>]],
+ [[atomic_int_fast64_t val = 0; atomic_fetch_add_explicit(&val, 1, memory_order_relaxed);]]
+ )],
+ [AC_MSG_RESULT([no])],
+ [ISC_ATOMIC_LIBS="-latomic"
+ AX_SAVE_FLAGS([atomic])
+ LIBS="$LIBS $ISC_ATOMIC_LIBS"
+ AC_LINK_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[#include <stdatomic.h>]],
+ [[atomic_int_fast64_t val = 0; atomic_fetch_add_explicit(&val, 1, memory_order_relaxed);]]
+ )],
+ [AC_MSG_RESULT([yes])],
+ [AC_MSG_FAILURE([libatomic needed, but linking with -latomic failed, please fix your toolchain.])])
+ AX_RESTORE_FLAGS([atomic])
+ ])
+ ],
+ [AC_MSG_FAILURE([stdatomic.h header found, but compilation failed, please fix your toolchain.])]
+ )],
+ [AC_MSG_CHECKING([for memory model aware atomic operations])
+ AC_COMPILE_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[#include <inttypes.h>]],
+ [[int32_t val = 0; __atomic_fetch_add(&val, 1, __ATOMIC_RELAXED);]]
+ )],
+ [AC_MSG_RESULT([__atomic builtins])
+ AC_DEFINE([HAVE___ATOMIC], [1], [define if __atomic builtins are not available])
+ AC_MSG_CHECKING([whether -latomic is needed for 64-bit __atomic builtins])
+ AC_LINK_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[#include <inttypes.h>]],
+ [[int64_t val = 0; __atomic_fetch_add(&val, 1, __ATOMIC_RELAXED);]]
+ )],
+ [AC_MSG_RESULT([no])],
+ [ISC_ATOMIC_LIBS="-latomic"
+ AX_SAVE_FLAGS([atomic])
+ LIBS="$LIBS $ISC_ATOMIC_LIBS"
+ AC_LINK_IFELSE(
+ [AC_LANG_PROGRAM(
+ [[#include <inttypes.h>]],
+ [[int64_t val = 0; __atomic_fetch_add(&val, 1, __ATOMIC_RELAXED);]]
+ )],
+ [AC_MSG_RESULT([yes])],
+ [AC_MSG_FAILURE([libatomic needed, but linking with -latomic failed, please fix your toolchain.])])
+ AX_RESTORE_FLAGS([atomic])
+ ])
+ ],
+ [AC_MSG_FAILURE([not found])
+ ])
+ ])
+LIBS="$LIBS $ISC_ATOMIC_LIBS"
+
dnl isc_errno_toresult() was not available in older header files
AC_MSG_CHECKING([isc_errno_toresult availability])
AC_TRY_RUN([
diff --git a/src/empty_zones.c b/src/empty_zones.c
index 4e14a804a..f818046d4 100644
--- a/src/empty_zones.c
+++ b/src/empty_zones.c
@@ -1,5 +1,7 @@
#include <stdio.h>
+#include "dyndb-config.h"
+
#include <isc/result.h>
#include <isc/types.h>
#include <isc/util.h>
@@ -8,7 +10,6 @@
#include <dns/zone.h>
#include <dns/zt.h>
-#include "dyndb-config.h"
#include "empty_zones.h"
#include "util.h"
#include "zone_register.h"
diff --git a/src/fs.c b/src/fs.c
index 09df5842a..4f3c9c069 100644
--- a/src/fs.c
+++ b/src/fs.c
@@ -8,6 +8,8 @@
#include <sys/stat.h>
+#include "dyndb-config.h"
+
#include <isc/dir.h>
#include <isc/file.h>
#include <isc/errno.h>
diff --git a/src/fwd_register.c b/src/fwd_register.c
index 5a3d4e2c2..85792d52e 100644
--- a/src/fwd_register.c
+++ b/src/fwd_register.c
@@ -2,11 +2,12 @@
* Copyright (C) 2013-2014 bind-dyndb-ldap authors; see COPYING for license
*/
+#include "dyndb-config.h"
+
#include <isc/rwlock.h>
#include <isc/util.h>
#include <dns/name.h>
-#include "dyndb-config.h"
#include "rbt_helper.h"
#include "fwd_register.h"
#include "util.h"
diff --git a/src/krb5_helper.c b/src/krb5_helper.c
index 5d7ee6a9a..92412304b 100644
--- a/src/krb5_helper.c
+++ b/src/krb5_helper.c
@@ -4,6 +4,7 @@
#define _POSIX_C_SOURCE 200112L /* setenv */
+#include "dyndb-config.h"
#include <isc/util.h>
#include <string.h>
#include <stdlib.h>
diff --git a/src/ldap_convert.c b/src/ldap_convert.c
index 87f635f79..0a946c421 100644
--- a/src/ldap_convert.c
+++ b/src/ldap_convert.c
@@ -2,6 +2,8 @@
* Copyright (C) 2009-2015 bind-dyndb-ldap authors; see COPYING for license
*/
+#include "dyndb-config.h"
+
#include <isc/buffer.h>
#include <isc/hex.h>
#include <isc/mem.h>
@@ -20,7 +22,6 @@
#include <strings.h>
#include <ctype.h>
-#include "dyndb-config.h"
#include "str.h"
#include "ldap_convert.h"
#include "log.h"
diff --git a/src/ldap_entry.c b/src/ldap_entry.c
index cdf26d858..a29797b1c 100644
--- a/src/ldap_entry.c
+++ b/src/ldap_entry.c
@@ -2,12 +2,14 @@
* Copyright (C) 2011-2014 bind-dyndb-ldap authors; see COPYING for license
*/
#include <uuid/uuid.h>
+#include <inttypes.h>
+
+#include "dyndb-config.h"
#include <dns/rdata.h>
#include <dns/ttl.h>
#include <dns/types.h>
-#include <inttypes.h>
#include <isc/region.h>
#include <isc/types.h>
#include <isc/util.h>
diff --git a/src/lock.c b/src/lock.c
index df6e5ccba..abb5fe0d7 100644
--- a/src/lock.c
+++ b/src/lock.c
@@ -2,6 +2,8 @@
* Copyright (C) 2014 bind-dyndb-ldap authors; see COPYING for license
*/
+#include "dyndb-config.h"
+
#include <isc/task.h>
#include <isc/util.h>
diff --git a/src/log.c b/src/log.c
index 1eba3cde2..78f9e68b5 100644
--- a/src/log.c
+++ b/src/log.c
@@ -4,6 +4,8 @@
#include <stdio.h>
+#include "dyndb-config.h"
+
#include <isc/formatcheck.h>
#include <isc/util.h>
diff --git a/src/metadb.c b/src/metadb.c
index 276de244f..f035269d2 100644
--- a/src/metadb.c
+++ b/src/metadb.c
@@ -4,6 +4,8 @@
* Meta-database for information which are not represented in DNS data.
*/
+#include "dyndb-config.h"
+
#include <isc/mutex.h>
#include <isc/util.h>
diff --git a/src/mldap.c b/src/mldap.c
index 0bc2d332f..92a330ccb 100644
--- a/src/mldap.c
+++ b/src/mldap.c
@@ -8,8 +8,10 @@
#include <ldap.h>
#include <stddef.h>
#include <uuid/uuid.h>
-
#include <inttypes.h>
+
+#include "dyndb-config.h"
+
#include <isc/net.h>
#include <isc/refcount.h>
#include <isc/result.h>
@@ -27,7 +29,6 @@
#include "metadb.h"
#include "mldap.h"
#include "util.h"
-#include "dyndb-config.h"
#if LIBDNS_VERSION_MAJOR < 1600
#define REFCOUNT_CAST(n) ((typeof(((isc_refcount_t *)0)->refs)) (n))
diff --git a/src/rbt_helper.c b/src/rbt_helper.c
index 6009553bf..d918801c6 100644
--- a/src/rbt_helper.c
+++ b/src/rbt_helper.c
@@ -2,12 +2,13 @@
* Copyright (C) 2013-2014 bind-dyndb-ldap authors; see COPYING for license
*/
+#include "dyndb-config.h"
+
#include <isc/util.h>
#include <dns/rbt.h>
#include "util.h"
#include "rbt_helper.h"
-#include "dyndb-config.h"
#define LDAPDB_RBTITER_MAGIC ISC_MAGIC('L', 'D', 'P', 'I')
diff --git a/src/semaphore.c b/src/semaphore.c
index b6d02ffac..8b549b8a4 100644
--- a/src/semaphore.c
+++ b/src/semaphore.c
@@ -8,6 +8,8 @@
* own signal. However, for our purposes, this shouldn't be needed.
*/
+#include "dyndb-config.h"
+
#include <isc/condition.h>
#include <isc/result.h>
#include <isc/util.h>
diff --git a/src/settings.c b/src/settings.c
index 2a0bb1982..2c9d18238 100644
--- a/src/settings.c
+++ b/src/settings.c
@@ -2,6 +2,8 @@
* Copyright (C) 2009-2014 bind-dyndb-ldap authors; see COPYING for license
*/
+#include "dyndb-config.h"
+
#include <isc/util.h>
#include <isc/mem.h>
#include <isc/task.h>
@@ -24,7 +26,6 @@
#include "types.h"
#include "ldap_helper.h"
#include "zone_register.h"
-#include "dyndb-config.h"
#if LIBDNS_VERSION_MAJOR < 1600
#define cfg_parse_buffer cfg_parse_buffer4
diff --git a/src/str.c b/src/str.c
index 6797eded0..a68f66c73 100644
--- a/src/str.c
+++ b/src/str.c
@@ -9,6 +9,8 @@
* Review all the REQUIRE() macros.
*/
+#include "dyndb-config.h"
+
#include <isc/buffer.h>
#include <isc/mem.h>
#include <isc/mutex.h>
diff --git a/src/syncptr.c b/src/syncptr.c
index f7b8c02bc..7fab14a9e 100644
--- a/src/syncptr.c
+++ b/src/syncptr.c
@@ -6,6 +6,8 @@
#include <arpa/inet.h>
#include <sys/socket.h>
+#include "dyndb-config.h"
+
#include <isc/event.h>
#include <isc/netaddr.h>
#include <isc/task.h>
@@ -18,7 +20,6 @@
#include <dns/zone.h>
#include <dns/zt.h>
-#include "dyndb-config.h"
#include "util.h"
#include "ldap_convert.h"
#include "ldap_entry.h"
diff --git a/src/zone.c b/src/zone.c
index 0180ba8ea..899f612c3 100644
--- a/src/zone.c
+++ b/src/zone.c
@@ -3,6 +3,8 @@
*/
#include <inttypes.h>
+#include "dyndb-config.h"
+
#include <isc/types.h>
#include <isc/util.h>
diff --git a/src/zone_register.c b/src/zone_register.c
index 504aa9be2..4db5e02c7 100644
--- a/src/zone_register.c
+++ b/src/zone_register.c
@@ -2,6 +2,8 @@
* Copyright (C) 2009-2014 bind-dyndb-ldap authors; see COPYING for license
*/
+#include "dyndb-config.h"
+
#include <isc/mem.h>
#include <isc/rwlock.h>
#include <isc/util.h>
@@ -12,7 +14,6 @@
#include <dns/result.h>
#include <dns/zone.h>
-#include "dyndb-config.h"
#include "fs.h"
#include "ldap_driver.h"
#include "log.h"
--
2.41.0

38
backport-bind-dyndb-ldap-11.10-dns_name_init.patch Normal file
View File

@ -0,0 +1,38 @@
From dbbcc2f07ea6955c6b0b5a719f8058c54b1d750c Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Wed, 14 Feb 2024 14:29:00 +0200
Subject: [PATCH] use BIND macros when defining DNS names
Fixes: https://pagure.io/bind-dyndb-ldap/issue/228
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
---
src/mldap.c | 13 +------------
1 file changed, 1 insertion(+), 12 deletions(-)
diff --git a/src/mldap.c b/src/mldap.c
index 92a330c..79efddb 100644
--- a/src/mldap.c
+++ b/src/mldap.c
@@ -50,18 +50,7 @@
static unsigned char uuid_rootname_ndata[]
= { 4, 'u', 'u', 'i', 'd', 4, 'l', 'd', 'a', 'p', 0 };
static unsigned char uuid_rootname_offsets[] = { 0, 5, 10 };
-static dns_name_t uuid_rootname =
-{
- DNS_NAME_MAGIC,
- uuid_rootname_ndata,
- sizeof(uuid_rootname_ndata),
- sizeof(uuid_rootname_offsets),
- DNS_NAMEATTR_READONLY | DNS_NAMEATTR_ABSOLUTE,
- uuid_rootname_offsets,
- NULL,
- { (void *)-1, (void *)-1 },
- { NULL, NULL }
-};
+static dns_name_t uuid_rootname = DNS_NAME_INITABSOLUTE(uuid_rootname_ndata, uuid_rootname_offsets);
struct mldapdb {
isc_mem_t *mctx;
--
2.43.0

35
backport-bind-dyndb-ldap-11.10-support-for-bind-9.18.21.3.patch Normal file
View File

@ -0,0 +1,35 @@
From e81a47bd0b8bb5b3d50b233a802e9930c08a98fa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Wed, 31 Jul 2024 16:21:52 +0000
Subject: [PATCH] Support for bind 9.18.28
New CVEs introduced new database interface change. Do just minimal
change to allow fast rebuild of plugin.
Fixes #233.
Notice: openEuler's bind majar version is still 9.18.21, but contains
CVE fixed in upstream 9.18.28, so change LIBDNS_VERSION_MAJOR from
1828 to 1821.
---
src/ldap_driver.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/ldap_driver.c b/src/ldap_driver.c
index 20e12fc..63e7a72 100644
--- a/src/ldap_driver.c
+++ b/src/ldap_driver.c
@@ -976,6 +976,10 @@ static dns_dbmethods_t ldapdb_methods = {
#if LIBDNS_VERSION_MAJOR >= 1606 && LIBDNS_VERSION_MAJOR < 1720
adjusthashsize, /* adjusthashsize */
#endif
+#if LIBDNS_VERSION_MAJOR >= 1821
+ NULL, /* setmaxrrperset */
+ NULL, /* setmaxtypepername */
+#endif
};
isc_result_t ATTR_NONNULLS
--
2.43.0

34
backport-bind-dyndb-ldap-11.9-bind-9.16.17.patch
View File

@ -1,34 +0,0 @@
From d7d3032de7f5d3dd3cffea6064549b63a9ad7d59 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Thu, 17 Jun 2021 17:57:52 +0200
Subject: [PATCH] Skip isc_bind9 check on BIND 9.16.17+
Reference variable refvar from dns_dyndbctx_t were removed. Removed was
also flag requesting different namespace. Skip that check on last stable
version, it should eval to false on all versions anyway.
---
src/ldap_driver.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/ldap_driver.c b/src/ldap_driver.c
index e9f1005ee..5f9e00af1 100644
--- a/src/ldap_driver.c
+++ b/src/ldap_driver.c
@@ -1156,6 +1156,7 @@ dyndb_init(isc_mem_t *mctx, const char *name, const char *parameters,
RUNTIME_CHECK(isc_once_do(&library_init_once, library_init)
== ISC_R_SUCCESS);
+#if LIBDNS_VERSION_MAJOR < 1617
/*
* Depending on how dlopen() was called, we may not have
* access to named's global namespace, in which case we need
@@ -1168,6 +1169,7 @@ dyndb_init(isc_mem_t *mctx, const char *name, const char *parameters,
isc_hash_set_initializer(dctx->hashinit);
log_debug(5, "registering library from dynamic ldap driver, %p != %p.", dctx->refvar, &isc_bind9);
}
+#endif
log_debug(2, "registering dynamic ldap driver for %s.", name);
--
2.31.1

32
backport-bind-dyndb-ldap-bind-9.18.24.patch Normal file
View File

@ -0,0 +1,32 @@
From 628db201764a0dc76f8e48c1524850de64e2f2fe Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Wed, 14 Feb 2024 15:45:57 +0200
Subject: [PATCH] Include dydnb-config.h prior to any BIND headers
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
---
src/syncrepl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/syncrepl.c b/src/syncrepl.c
index f94379c..4725bb8 100644
--- a/src/syncrepl.c
+++ b/src/syncrepl.c
@@ -4,6 +4,7 @@
#include <unistd.h>
+#include "dyndb-config.h"
#include <isc/condition.h>
#include <isc/event.h>
#include <isc/mutex.h>
@@ -11,7 +12,6 @@
#include <isc/time.h>
#include <isc/util.h>
-#include "dyndb-config.h"
#include "ldap_helper.h"
#include "util.h"
#include "semaphore.h"
--
2.43.0

37
bind-dyndb-ldap-11.10-bind-9.18.11.patch Normal file
View File

@ -0,0 +1,37 @@
From 282b1c9ea58cc0f2337a72912808505e5f540d5a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Sat, 28 Jan 2023 11:32:05 +0100
Subject: [PATCH] Minimal change to compile with BIND 9.18.11
DSCP codes are not working and their support were removed from BIND9. Do
not require them to be present.
---
src/fwd.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/fwd.c b/src/fwd.c
index 24f6e53..10ec848 100644
--- a/src/fwd.c
+++ b/src/fwd.c
@@ -198,7 +198,9 @@ fwd_print_list_buff(isc_mem_t *mctx, dns_forwarders_t *fwdrs,
INSIST((fwdr_int == NULL) == (fwdr_cfg == NULL)), fwdr_int != NULL;
fwdr_int = ISC_LIST_NEXT(fwdr_int, link), fwdr_cfg = cfg_list_next(fwdr_cfg)) {
fwdr_cfg->obj->value.sockaddrdscp.sockaddr = fwdr_int->addr;
+#if LIBDNS_VERSION_MAJOR < 1811
fwdr_cfg->obj->value.sockaddrdscp.dscp = fwdr_int->dscp;
+#endif
}
cfg_print(faddresses, buffer_append_str, &tmp_buf);
@@ -281,7 +283,9 @@ fwd_parse_str(const char *fwdrs_str, isc_mem_t *mctx,
isc_sockaddr_setport(&addr, port);
fwdr = isc_mem_get(mctx, sizeof(*(fwdr)));
fwdr->addr = addr;
+#if LIBDNS_VERSION_MAJOR < 1811
fwdr->dscp = cfg_obj_getdscp(fwdr_cfg);
+#endif
ISC_LINK_INIT(fwdr, link);
ISC_LIST_APPEND(*fwdrs, fwdr, link);
}
--
2.39.1

BIN
bind-dyndb-ldap-11.10.tar.bz2 Normal file
View File

Binary file not shown.

16
bind-dyndb-ldap-11.10.tar.bz2.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEhAodHH8+xLL+UwQ1RxniuKu/YhoFAmKxbw8ACgkQRxniuKu/
YhpvSQ/+ONhrsgo9PS5Lbe7gpQcBIWlzat2TnceeeDNE7ybB4iXSFaAjYFwysGQ0
5/WJGIjzA4r+fl7o5JxBhn8HAxN3TM13xhzM/91sFAlNDrnO6QameulIEr8vAJTW
HNuQ/+rwZKfyGWJn32Ztex/7lX+GAQKnMqZ90TdHibMMawk2rP5617N1hgUMDkao
9bCVZ8ezzrKeECaJDygi8VT/3z0wffksnL/Elj5NVRJD1T9J2cNEwxj9oklnccOc
dK7C/zzv9k2mH4CssVZsZxk0JDO8McuzquSgBWJy4n6Jxz6tunykmGAjQDS/UizI
DuC6tCnDZL2kN0krMe0wXyayT+D13jUPjsj8/GKxz7QbIPu6sK6EXj/FEwH+LscG
xud7v79puMJ76CO+/mhLg7qTV+erAuy0HjGcS7cGX/l4X9lMpesrDwOD17/MpfFL
6+6aAf8ypzo2gxRW0x4Xb8vrJwYyt4+l9u+ipm8RfYRXcT6dMwuhjkXr3AE9Np1g
Hh/Ya5EwgICiCzO5J9Q7xvU8kqzXvMpwd+FY/3lnGXg982UmTTYZBixVU8BuXFqi
aXo73b6+zXr9sT/Dclz8ZA/UX60GyQ7qTFYGSPa5ZPts4DL8IgWliXJaalDG5XvW
VtfeMOfH9Q2mAPrBa0BTVmHwItzDgjGCVGeSAdN8g1tFpq48rxQ=
=2rGI
-----END PGP SIGNATURE-----

BIN
bind-dyndb-ldap-11.9.tar.bz2
View File

Binary file not shown.

16
bind-dyndb-ldap-11.9.tar.bz2.asc
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEhAodHH8+xLL+UwQ1RxniuKu/YhoFAmCtCAoACgkQRxniuKu/
YhptNQ//QvGsnJsvlhZddT1EnoiiNhmKyW6HAV7f/0z4L/1RE9sng930mLhRD5mI
wFPzeJBBYVTM82hZwjboaa8r5hpAHiq29Q6o7cBCIcOEN6YhNZePoO7RmU1TaF57
6LGIzmUuEHfHaajV7fvYUY/kW0mJrxLwu58IJX7wi8OsJi+Exx8EqjVIVPJYkj3n
hen17jJmxnPyjI3fhwZt+ON3X3yfocLgsg08Zl4dtB6MTHMeb0a6gxZ2MQwpCGrq
zmo+Qv3OkvxJHPtpKO46je4GHZ3JYSNfCu8fVSqFiZfqu0Zv1DF6YUjxsHHU1BVk
64CCEN1vNal1rIblwz447oEAwBWQ0ky0r+EtAYfUggSHZ/Lwjh8LX44VYISa/4Io
R3aq3Egz8YwttXoH1PEGqv6ag9O7S8dVqKRm2+UmC6ajKtDtQimvWfyiInAjAsm4
ngwiWoqfYVYvs38YSc9oL/VFc0N7NglNGTVOKzgrkUlG8RF2GEdeMqXBcPflIL16
+R8AEgaFOcFmyrv1DMTglK6Mq2EjSDlfxVb8Rv1jiBmglB1z0hzLi0yVLNIAobPF
eOgi5Aq7UYWnT7oE8t6m1PWomVBObNFtC7OgMTdXt0lT7ZdqbRkxaW0CCY1+e645
4NlyEvwONUGPKzl7jlSNH/5eE0GuYp6Qi68b+LkBf5wfK4axfdY=
=OlUq
-----END PGP SIGNATURE-----

103
bind-dyndb-ldap-bind-9.18.10-db-options.patch Normal file
View File

@ -0,0 +1,103 @@
From 5dd2fefa0bc7cd7689004cec64304c3a02be9eab Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Thu, 12 Jan 2023 13:25:10 +0200
Subject: [PATCH] Support bind 9.18.10 or later
dns_db_allrdatasets() gained a new parameter. Adopt the code to allow
injecting 0 options if building against 9.18.10.
Fixes: https://pagure.io/bind-dyndb-ldap/issue/216
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
---
src/ldap_driver.c | 7 ++++---
src/ldap_helper.c | 4 ++--
src/metadb.c | 3 ++-
src/util.h | 6 ++++++
4 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/src/ldap_driver.c b/src/ldap_driver.c
index 7367493..e4aeeb2 100644
--- a/src/ldap_driver.c
+++ b/src/ldap_driver.c
@@ -465,13 +465,14 @@ findrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
static isc_result_t
allrdatasets(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
- isc_stdtime_t now, dns_rdatasetiter_t **iteratorp)
+ DNS_DB_ALLRDATASETS_OPTIONS(unsigned int options, isc_stdtime_t now),
+ dns_rdatasetiter_t **iteratorp)
{
ldapdb_t *ldapdb = (ldapdb_t *) db;
REQUIRE(VALID_LDAPDB(ldapdb));
- return dns_db_allrdatasets(ldapdb->rbtdb, node, version, now, iteratorp);
+ return dns_db_allrdatasets(ldapdb->rbtdb, node, version, DNS_DB_ALLRDATASETS_OPTIONS(options, now), iteratorp);
}
/* TODO: Add 'tainted' flag to the LDAP instance if something went wrong. */
@@ -514,7 +515,7 @@ node_isempty(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
CHECK(ldapdb_name_fromnode(node, dns_fixedname_initname(&fname)));
- result = dns_db_allrdatasets(db, node, version, now, &rds_iter);
+ result = dns_db_allrdatasets(db, node, version, DNS_DB_ALLRDATASETS_OPTIONS(0, now), &rds_iter);
if (result == ISC_R_NOTFOUND) {
*isempty = true;
} else if (result == ISC_R_SUCCESS) {
diff --git a/src/ldap_helper.c b/src/ldap_helper.c
index 7ea3df9..7ac3d91 100644
--- a/src/ldap_helper.c
+++ b/src/ldap_helper.c
@@ -2005,7 +2005,7 @@ zone_sync_apex(const ldap_instance_t * const inst,
zone_settings, &rdatalist));
CHECK(dns_db_getoriginnode(rbtdb, &node));
- result = dns_db_allrdatasets(rbtdb, node, version, 0,
+ result = dns_db_allrdatasets(rbtdb, node, version, DNS_DB_ALLRDATASETS_OPTIONS(0, 0),
&rbt_rds_iterator);
if (result == ISC_R_SUCCESS) {
CHECK(diff_ldap_rbtdb(inst->mctx, &name, &rdatalist,
@@ -3929,7 +3929,7 @@ update_restart:
CHECK(dns_db_newversion(ldapdb, &version));
CHECK(dns_db_findnode(rbtdb, &entry->fqdn, true, &node));
- result = dns_db_allrdatasets(rbtdb, node, version, 0, &rbt_rds_iterator);
+ result = dns_db_allrdatasets(rbtdb, node, version, DNS_DB_ALLRDATASETS_OPTIONS(0, 0), &rbt_rds_iterator);
if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND)
goto cleanup;
diff --git a/src/metadb.c b/src/metadb.c
index f469a30..276de24 100644
--- a/src/metadb.c
+++ b/src/metadb.c
@@ -217,7 +217,8 @@ metadb_node_delete(metadb_node_t **nodep) {
node = *nodep;
dns_rdataset_init(&rdataset);
- CHECK(dns_db_allrdatasets(node->rbtdb, node->dbnode, node->version, 0,
+ CHECK(dns_db_allrdatasets(node->rbtdb, node->dbnode, node->version,
+ DNS_DB_ALLRDATASETS_OPTIONS(0, 0),
&iter));
for (result = dns_rdatasetiter_first(iter);
diff --git a/src/util.h b/src/util.h
index 5088ff3..e4620ff 100644
--- a/src/util.h
+++ b/src/util.h
@@ -29,6 +29,12 @@ extern bool verbose_checks; /* from settings.c */
#define dns_name_copynf(src, dst) dns_name_copy((src), (dst))
#endif
+#if LIBDNS_VERSION_MAJOR >= 1810
+#define DNS_DB_ALLRDATASETS_OPTIONS(options, tstamp) options, tstamp
+#else
+#define DNS_DB_ALLRDATASETS_OPTIONS(options, tstamp) tstamp
+#endif
+
#define CLEANUP_WITH(result_code) \
do { \
result = (result_code); \
--
2.39.0

151
bind-dyndb-ldap-bind-9.18.10-logs.patch Normal file
View File

@ -0,0 +1,151 @@
From 00131b7b72daa953ab2bf5e6a4fd5508052debb0 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Thu, 12 Jan 2023 14:33:07 +0200
Subject: [PATCH] adopt to bind 9.18.9+ loggers
Fixes: https://pagure.io/bind-dyndb-ldap/issues/216
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
---
src/ldap_helper.c | 12 ++++--------
src/log.h | 9 +++++++++
src/settings.c | 12 ++++--------
src/syncrepl.c | 6 ++----
4 files changed, 19 insertions(+), 20 deletions(-)
diff --git a/src/ldap_helper.c b/src/ldap_helper.c
index 7ac3d91..acabd31 100644
--- a/src/ldap_helper.c
+++ b/src/ldap_helper.c
@@ -1317,8 +1317,7 @@ configure_zone_acl(isc_mem_t *mctx, dns_zone_t *zone,
dns_zone_logc(zone, DNS_LOGCATEGORY_SECURITY, ISC_LOG_CRITICAL,
"cannot configure restrictive %s policy: %s",
type_txt, isc_result_totext(result2));
- FATAL_ERROR(__FILE__, __LINE__,
- "insecure state detected");
+ fatal_error("insecure state detected");
}
}
acl_setter(zone, acl);
@@ -1365,8 +1364,7 @@ configure_zone_ssutable(dns_zone_t *zone, const char *update_str)
dns_zone_logc(zone, DNS_LOGCATEGORY_SECURITY, ISC_LOG_CRITICAL,
"cannot disable all updates: %s",
isc_result_totext(result2));
- FATAL_ERROR(__FILE__, __LINE__,
- "insecure state detected");
+ fatal_error("insecure state detected");
}
}
@@ -2951,8 +2949,7 @@ force_reconnect:
ldap_inst);
break;
case AUTH_INVALID:
- UNEXPECTED_ERROR(__FILE__, __LINE__,
- "invalid auth_method_enum value %u",
+ unexpected_error("invalid auth_method_enum value %u",
auth_method_enum);
break;
@@ -3782,8 +3779,7 @@ update_zone(isc_task_t *task, isc_event_t *event)
else if (entry->class & LDAP_ENTRYCLASS_FORWARD)
CHECK(ldap_parse_fwd_zoneentry(entry, inst));
else
- FATAL_ERROR(__FILE__, __LINE__,
- "update_zone: unexpected entry class");
+ fatal_error("update_zone: unexpected entry class");
}
cleanup:
diff --git a/src/log.h b/src/log.h
index da71f8b..844ac46 100644
--- a/src/log.h
+++ b/src/log.h
@@ -17,8 +17,17 @@
#define GET_LOG_LEVEL(level) (level)
#endif
+#if LIBDNS_VERSION_MAJOR >= 1809
+#define fatal_error(...) \
+ isc_error_fatal(__FILE__, __LINE__, __func__, __VA_ARGS__)
+#define unexpected_error(...) \
+ isc_error_unexpected(__FILE__, __LINE__, __func__, __VA_ARGS__)
+#else
#define fatal_error(...) \
isc_error_fatal(__FILE__, __LINE__, __VA_ARGS__)
+#define unexpected_error(...) \
+ isc_error_unexpected(__FILE__, __LINE__, __VA_ARGS__)
+#endif
#define log_bug(fmt, ...) \
log_error("bug in %s(): " fmt, __func__,##__VA_ARGS__)
diff --git a/src/settings.c b/src/settings.c
index def60d7..2a0bb19 100644
--- a/src/settings.c
+++ b/src/settings.c
@@ -178,8 +178,7 @@ setting_get(const char *const name, const setting_type_t type,
*(bool *)target = setting->value.value_boolean;
break;
default:
- UNEXPECTED_ERROR(__FILE__, __LINE__,
- "invalid setting_type_t value %u", type);
+ unexpected_error("invalid setting_type_t value %u", type);
break;
}
@@ -278,8 +277,7 @@ set_value(isc_mem_t *mctx, const settings_set_t *set, setting_t *setting,
CLEANUP_WITH(ISC_R_IGNORE);
break;
default:
- UNEXPECTED_ERROR(__FILE__, __LINE__,
- "invalid setting_type_t value %u", setting->type);
+ unexpected_error("invalid setting_type_t value %u", setting->type);
break;
}
@@ -304,8 +302,7 @@ set_value(isc_mem_t *mctx, const settings_set_t *set, setting_t *setting,
setting->value.value_boolean = numeric_value;
break;
default:
- UNEXPECTED_ERROR(__FILE__, __LINE__,
- "invalid setting_type_t value %u", setting->type);
+ unexpected_error("invalid setting_type_t value %u", setting->type);
break;
}
setting->filled = 1;
@@ -389,8 +386,7 @@ setting_unset(const char *const name, const settings_set_t *set)
case ST_BOOLEAN:
break;
default:
- UNEXPECTED_ERROR(__FILE__, __LINE__,
- "invalid setting_type_t value %u", setting->type);
+ unexpected_error("invalid setting_type_t value %u", setting->type);
break;
}
setting->filled = 0;
diff --git a/src/syncrepl.c b/src/syncrepl.c
index 0bee09a..f94379c 100644
--- a/src/syncrepl.c
+++ b/src/syncrepl.c
@@ -148,8 +148,7 @@ finish(isc_task_t *task, isc_event_t *event) {
case sync_datainit:
case sync_finished:
default:
- FATAL_ERROR(__FILE__, __LINE__,
- "sync_barrier_wait(): invalid state "
+ fatal_error("sync_barrier_wait(): invalid state "
"%u", bev->sctx->state);
}
sync_state_change(bev->sctx, new_state, false);
@@ -518,8 +517,7 @@ sync_barrier_wait(sync_ctx_t *sctx, ldap_instance_t *inst) {
case sync_databarrier:
case sync_finished:
default:
- FATAL_ERROR(__FILE__, __LINE__,
- "sync_barrier_wait(): invalid state "
+ fatal_error("sync_barrier_wait(): invalid state "
"%u", sctx->state);
}
--
2.39.0

37
bind-dyndb-ldap-bind-9.18.10-staleok.patch Normal file
View File

@ -0,0 +1,37 @@
From 47902df23bf637e6c7ece67b928339e0fda58ae0 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Mon, 16 Jan 2023 11:03:24 +0200
Subject: [PATCH] Handle dns_db_allrdatasets() backports too
With https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7189 the
changes were also backported to 9.16.36+ as well. Instead of checking
version, check if an additional define is present.
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
---
src/util.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/util.h b/src/util.h
index e4620ff..5da0f5c 100644
--- a/src/util.h
+++ b/src/util.h
@@ -13,6 +13,7 @@
#include <dns/types.h>
#include <dns/name.h>
#include <dns/result.h>
+#include <dns/db.h>
#include "log.h"
#include "dyndb-config.h"
@@ -29,7 +30,7 @@ extern bool verbose_checks; /* from settings.c */
#define dns_name_copynf(src, dst) dns_name_copy((src), (dst))
#endif
-#if LIBDNS_VERSION_MAJOR >= 1810
+#ifdef DNS_DB_STALEOK
#define DNS_DB_ALLRDATASETS_OPTIONS(options, tstamp) options, tstamp
#else
#define DNS_DB_ALLRDATASETS_OPTIONS(options, tstamp) tstamp
--
2.39.0

56
bind-dyndb-ldap.spec
View File

@ -4,24 +4,33 @@
%global with_bind_pkcs11 0
Name: bind-dyndb-ldap
Version: 11.9
Release: 1
Version: 11.10
Release: 4
Summary: LDAP back-end plug-in for BIND
License: GPLv2+
URL: https://releases.pagure.org/bind-dyndb-ldap
Source0: https://releases.pagure.org/%{name}/%{name}-%{version}.tar.bz2
Source1: https://releases.pagure.org/%{name}/%{name}-%{version}.tar.bz2.asc
Patch1: backport-bind-dyndb-ldap-11.9-bind-9.16.17.patch
Patch1: bind-dyndb-ldap-bind-9.18.10-db-options.patch
Patch2: bind-dyndb-ldap-bind-9.18.10-logs.patch
Patch3: bind-dyndb-ldap-bind-9.18.10-staleok.patch
Patch4: bind-dyndb-ldap-11.10-bind-9.18.11.patch
Patch5: backport-bind-dyndb-ldap-11.10-bind-9.18.13.patch
Patch6: backport-bind-dyndb-ldap-11.10-bind-9.18.19.patch
Patch7: backport-bind-dyndb-ldap-11.10-dns_name_init.patch
Patch8: backport-bind-dyndb-ldap-bind-9.18.24.patch
Patch9: backport-bind-dyndb-ldap-11.10-support-for-bind-9.18.21.3.patch
BuildRequires: bind-devel >= %{bind_version}
BuildRequires: krb5-devel
BuildRequires: openldap-devel
BuildRequires: libuuid-devel
BuildRequires: automake, autoconf, libtool
BuildRequires: automake, autoconf, libtool, make
BuildRequires: openssl-devel
BuildRequires: autoconf-archive
%if %{with bind_pkcs11}
%if %{with_bind_pkcs11}
BuildRequires: bind-pkcs11-devel >= %{bind_version}
Requires(pre): bind-pkcs11 >= %{bind_version}
Requires: bind-pkcs11 >= %{bind_version}, bind-pkcs11-utils >= %{bind_version}
@ -41,7 +50,14 @@ a plug-in for BIND that provides an LDAP database back-end capabilities.
autoreconf -fiv
export BIND9_CFLAGS='-I /usr/include/bind9 -DHAVE_TLS -DHAVE_THREAD_LOCAL'
%configure
%if %{?openEuler:1}0
%make_build
%else
# unset SOURCE_DATE_EPOCH eliminate bep differences
unset SOURCE_DATE_EPOCH
%make_build
set SOURCE_DATE_EPOCH
%endif
%install
rm -rf %{buildroot}
@ -86,6 +102,36 @@ sed -i.bak -e "$SEDSCRIPT" /etc/named.conf
%changelog
* Wed Aug 07 2024 Zhao Mengmeng <zhaomengmeng@kylinos.cn> - 11.10-4
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC: fix build failure caused by bind update to 9.18.21-3
* Wed Mar 20 2024 xinghe <xinghe2@h-partners.com> - 11.10-3
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix build failed
* Tue Mar 05 2024 xinghe <xinghe2@h-partners.com> - 11.10-2
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix build error
* Sun Jan 29 2023 xinghe <xinghe2@h-partners.com> - 11.10-1
- Type:requirement
- CVE:NA
- SUG:NA
- DESC:update to 11.10
* Fri Jun 10 2022 gaihuiying <eaglegai@163.com> - 11.9-2
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:add macros to control if need to eliminate bep differences
* Mon Mar 21 2022 xihaochen <xihaochen@h-partners.com> - 11.9-1
- Type:requirement
- ID:NA