diff --git a/bind.spec b/bind.spec index f805839..e9b247b 100644 --- a/bind.spec +++ b/bind.spec @@ -22,7 +22,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: ISC Version: 9.8.1 -Release: 0.1.%{PREVER}%{?dist} +Release: 0.2.%{PREVER}%{?dist} Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -62,6 +62,10 @@ Patch110:bind97-rh570851.patch Patch111:bind97-exportlib.patch Patch112:bind97-rh645544.patch Patch117:bind98-rh725741.patch +Patch118:bind97-rh699951.patch +Patch119:bind97-rh693982.patch +Patch120:bind97-rh700097.patch +Patch121:bind97-rh714049.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -298,6 +302,10 @@ mkdir m4 %patch110 -p1 -b .rh570851 %patch111 -p1 -b .exportlib %patch112 -p1 -b .rh645544 +%patch118 -p1 -b .rh699951 +%patch119 -p1 -b .rh693982 +%patch120 -p1 -b .rh700097 +%patch121 -p1 -b .rh714049 # Sparc and s390 arches need to use -fPIE %ifarch sparcv9 sparc64 s390 s390x @@ -766,6 +774,15 @@ rm -rf ${RPM_BUILD_ROOT} %endif %changelog +* Wed Aug 31 2011 Adam Tkac 32:9.8.1-0.2.rc1 +- fix rare race condition in request.c +- print "the working directory is not writable" as debug message +- re-add configtest target to initscript +- initscript: sybsys name is always named, not named-sdb +- nsupdate returned zero when target zone didn't exist (#700097) +- nsupdate could have failed if server has multiple IPs and the first + was unreachable (#714049) + * Wed Aug 31 2011 Adam Tkac 32:9.8.1-0.1.rc1 - update to 9.8.1rc1 - patches merged diff --git a/bind97-rh693982.patch b/bind97-rh693982.patch new file mode 100644 index 0000000..57bf812 --- /dev/null +++ b/bind97-rh693982.patch @@ -0,0 +1,35 @@ +diff -up bind-9.7.3-P3/bin/named/server.c.rh693982 bind-9.7.3-P3/bin/named/server.c +--- bind-9.7.3-P3/bin/named/server.c.rh693982 2011-08-12 17:18:55.611978110 +0200 ++++ bind-9.7.3-P3/bin/named/server.c 2011-08-12 17:19:36.009975303 +0200 +@@ -4444,15 +4444,6 @@ load_configuration(const char *filename, + ns_os_changeuser(); + + /* +- * Check that the working directory is writable. +- */ +- if (access(".", W_OK) != 0) { +- isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, +- NS_LOGMODULE_SERVER, ISC_LOG_ERROR, +- "the working directory is not writable"); +- } +- +- /* + * Configure the logging system. + * + * Do this after changing UID to make sure that any log +@@ -4498,6 +4489,15 @@ load_configuration(const char *filename, + } + + /* ++ * Check that the working directory is writable. ++ */ ++ if (access(".", W_OK) != 0) { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, ++ NS_LOGMODULE_SERVER, ISC_LOG_DEBUG(1), ++ "the working directory is not writable"); ++ } ++ ++ /* + * Set the default value of the query logging flag depending + * whether a "queries" category has been defined. This is + * a disgusting hack, but we need to do this for BIND 8 diff --git a/bind97-rh699951.patch b/bind97-rh699951.patch new file mode 100644 index 0000000..77a807f --- /dev/null +++ b/bind97-rh699951.patch @@ -0,0 +1,46 @@ +--- bind-9.8.0-P4/lib/dns/request.c.test 2011-08-04 19:13:34.300999355 +0200 ++++ bind-9.8.0-P4/lib/dns/request.c 2011-08-04 19:37:40.347002723 +0200 +@@ -97,6 +97,7 @@ struct dns_request { + synchronously canceled */ + #define DNS_REQUEST_F_TIMEDOUT 0x0008 /*%< canceled due to a timeout */ + #define DNS_REQUEST_F_TCP 0x0010 /*%< This request used TCP */ ++#define DNS_REQUEST_F_RESPONSE 0x0020 /*%< We got response */ + #define DNS_REQUEST_CANCELED(r) \ + (((r)->flags & DNS_REQUEST_F_CANCELED) != 0) + #define DNS_REQUEST_CONNECTING(r) \ +@@ -105,6 +106,8 @@ struct dns_request { + (((r)->flags & DNS_REQUEST_F_SENDING) != 0) + #define DNS_REQUEST_TIMEDOUT(r) \ + (((r)->flags & DNS_REQUEST_F_TIMEDOUT) != 0) ++#define DNS_REQUEST_RESPONSE(r) \ ++ (((r)->flags & DNS_REQUEST_F_RESPONSE) != 0) + + + /*** +@@ -1312,9 +1315,15 @@ req_senddone(isc_task_t *task, isc_event + + if (DNS_REQUEST_CANCELED(request)) { + /* +- * Send delayed event. ++ * Response can arrive before we proccess ++ * req_senddone which means we received cancellation ++ * request from req_response(). If we successfully ++ * fetched response, send success. Otherwise ++ * indicate failure. + */ +- if (DNS_REQUEST_TIMEDOUT(request)) ++ if (DNS_REQUEST_RESPONSE(request)) ++ send_if_done(request, ISC_R_SUCCESS); ++ else if (DNS_REQUEST_TIMEDOUT(request)) + send_if_done(request, ISC_R_TIMEDOUT); + else + send_if_done(request, ISC_R_CANCELED); +@@ -1367,6 +1376,8 @@ req_response(isc_task_t *task, isc_event + /* + * Send completion event. + */ ++ if (result == ISC_R_SUCCESS) ++ request->flags |= DNS_REQUEST_F_RESPONSE; + send_if_done(request, result); + UNLOCK(&request->requestmgr->locks[request->hash]); + } diff --git a/bind97-rh700097.patch b/bind97-rh700097.patch new file mode 100644 index 0000000..60db2af --- /dev/null +++ b/bind97-rh700097.patch @@ -0,0 +1,11 @@ +diff -up bind-9.7.3-P3/bin/nsupdate/nsupdate.c.rh700097 bind-9.7.3-P3/bin/nsupdate/nsupdate.c +--- bind-9.7.3-P3/bin/nsupdate/nsupdate.c.rh700097 2011-08-12 16:24:18.730205763 +0200 ++++ bind-9.7.3-P3/bin/nsupdate/nsupdate.c 2011-08-12 16:24:27.833205103 +0200 +@@ -2298,6 +2298,7 @@ recvsoa(isc_task_t *task, isc_event_t *e + dns_message_destroy(&soaquery); + ddebug("Out of recvsoa"); + done_update(); ++ seenerror = ISC_TRUE; + return; + } + diff --git a/bind97-rh714049.patch b/bind97-rh714049.patch new file mode 100644 index 0000000..77ed806 --- /dev/null +++ b/bind97-rh714049.patch @@ -0,0 +1,160 @@ +diff -up bind-9.7.3-P3/bin/nsupdate/nsupdate.c.rh714049 bind-9.7.3-P3/bin/nsupdate/nsupdate.c +--- bind-9.7.3-P3/bin/nsupdate/nsupdate.c.rh714049 2011-08-12 14:17:39.520175003 +0200 ++++ bind-9.7.3-P3/bin/nsupdate/nsupdate.c 2011-08-12 15:11:01.812173573 +0200 +@@ -109,6 +109,13 @@ extern int h_errno; + + #define DNSDEFAULTPORT 53 + ++/* ++ * Assume that bind9_getaddresses returns IPv6 and IPv4 addrs ++ * so when master server is not reachable via IPv6 ++ * we can switch to IPv4. ++ */ ++#define MAX_SERVERADDRS 4 ++ + static isc_uint16_t dnsport = DNSDEFAULTPORT; + + #ifndef RESOLV_CONF +@@ -151,6 +158,8 @@ static isc_sockaddr_t *servers; + static int ns_inuse = 0; + static int ns_total = 0; + static isc_sockaddr_t *userserver = NULL; ++static int curserver = 0; ++static int userservers = 0; + static isc_sockaddr_t *localaddr = NULL; + static isc_sockaddr_t *serveraddr = NULL; + static isc_sockaddr_t tempaddr; +@@ -703,7 +712,8 @@ doshutdown(void) { + isc_task_detach(&global_task); + + if (userserver != NULL) +- isc_mem_put(mctx, userserver, sizeof(isc_sockaddr_t)); ++ isc_mem_put(mctx, userserver, ++ MAX_SERVERADDRS * sizeof(isc_sockaddr_t)); + + if (localaddr != NULL) + isc_mem_put(mctx, localaddr, sizeof(isc_sockaddr_t)); +@@ -914,17 +924,21 @@ setup_system(void) { + } + + static void +-get_address(char *host, in_port_t port, isc_sockaddr_t *sockaddr) { ++get_addresses(char *host, in_port_t port, isc_sockaddr_t *sockaddr, int *naddrs) { + int count; + isc_result_t result; + + isc_app_block(); +- result = bind9_getaddresses(host, port, sockaddr, 1, &count); ++ result = bind9_getaddresses(host, port, sockaddr, ++ (naddrs == NULL) ? 1 : MAX_SERVERADDRS, &count); + isc_app_unblock(); + if (result != ISC_R_SUCCESS) + fatal("couldn't get address for '%s': %s", + host, isc_result_totext(result)); +- INSIST(count == 1); ++ if (naddrs == NULL) ++ INSIST(count == 1); ++ else ++ *naddrs = count; + } + + #define PARSE_ARGS_FMT "dDML:y:ghlovk:p:rR::t:u:" +@@ -1364,12 +1378,14 @@ evaluate_server(char *cmdline) { + } + + if (userserver == NULL) { +- userserver = isc_mem_get(mctx, sizeof(isc_sockaddr_t)); ++ userserver = isc_mem_get(mctx, ++ MAX_SERVERADDRS * sizeof(isc_sockaddr_t)); + if (userserver == NULL) + fatal("out of memory"); + } + +- get_address(server, (in_port_t)port, userserver); ++ memset(userserver, 0, MAX_SERVERADDRS * sizeof(isc_sockaddr_t)); ++ get_addresses(server, (in_port_t)port, userserver, &userservers); + + return (STATUS_MORE); + } +@@ -2207,19 +2223,25 @@ recvsoa(isc_task_t *task, isc_event_t *e + + if (eresult != ISC_R_SUCCESS) { + char addrbuf[ISC_SOCKADDR_FORMATSIZE]; ++ isc_sockaddr_t *server; + + isc_sockaddr_format(addr, addrbuf, sizeof(addrbuf)); + fprintf(stderr, "; Communication with %s failed: %s\n", + addrbuf, isc_result_totext(eresult)); +- if (userserver != NULL) +- fatal("could not talk to specified name server"); +- else if (++ns_inuse >= lwconf->nsnext) ++ if (userserver != NULL) { ++ if (++curserver == MAX_SERVERADDRS) ++ fatal("could not talk to specified name server"); ++ else ++ ddebug("recvsoa: trying next server"); ++ } else if (++ns_inuse >= lwconf->nsnext) + fatal("could not talk to any default name server"); + ddebug("Destroying request [%p]", request); + dns_request_destroy(&request); + dns_message_renderreset(soaquery); + dns_message_settsigkey(soaquery, NULL); +- sendrequest(localaddr, &servers[ns_inuse], soaquery, &request); ++ server = (userserver != NULL) ? &userserver[curserver] : ++ &servers[ns_inuse]; ++ sendrequest(localaddr, server, soaquery, &request); + isc_mem_put(mctx, reqinfo, sizeof(nsu_requestinfo_t)); + isc_event_free(&event); + setzoneclass(dns_rdataclass_none); +@@ -2351,7 +2373,7 @@ recvsoa(isc_task_t *task, isc_event_t *e + } + + if (userserver != NULL) +- serveraddr = userserver; ++ serveraddr = &userserver[curserver]; + else { + char serverstr[DNS_NAME_MAXTEXT+1]; + isc_buffer_t buf; +@@ -2360,7 +2382,7 @@ recvsoa(isc_task_t *task, isc_event_t *e + result = dns_name_totext(&master, ISC_TRUE, &buf); + check_result(result, "dns_name_totext"); + serverstr[isc_buffer_usedlength(&buf)] = 0; +- get_address(serverstr, dnsport, &tempaddr); ++ get_addresses(serverstr, dnsport, &tempaddr, NULL); + serveraddr = &tempaddr; + } + dns_rdata_freestruct(&soa); +@@ -2464,9 +2486,9 @@ start_gssrequest(dns_name_t *master) + fatal("out of memory"); + } + if (userserver == NULL) +- get_address(namestr, dnsport, kserver); ++ get_addresses(namestr, dnsport, kserver, NULL); + else +- (void)memcpy(kserver, userserver, sizeof(isc_sockaddr_t)); ++ (void)memcpy(kserver, &userserver[curserver], sizeof(isc_sockaddr_t)); + + dns_fixedname_init(&fname); + servname = dns_fixedname_name(&fname); +@@ -2594,15 +2616,17 @@ recvgss(isc_task_t *task, isc_event_t *e + isc_sockaddr_format(addr, addrbuf, sizeof(addrbuf)); + fprintf(stderr, "; Communication with %s failed: %s\n", + addrbuf, isc_result_totext(eresult)); +- if (userserver != NULL) ++ if (userserver != NULL) { + fatal("could not talk to specified name server"); +- else if (++ns_inuse >= lwconf->nsnext) ++ } else if (++ns_inuse >= lwconf->nsnext) + fatal("could not talk to any default name server"); + ddebug("Destroying request [%p]", request); + dns_request_destroy(&request); + dns_message_renderreset(tsigquery); +- sendrequest(localaddr, &servers[ns_inuse], tsigquery, +- &request); ++ sendrequest(localaddr, ++ (userserver != NULL) ? &userserver[curserver] : ++ &servers[ns_inuse], ++ tsigquery, &request); + isc_mem_put(mctx, reqinfo, sizeof(nsu_gssinfo_t)); + isc_event_free(&event); + return; diff --git a/named.init b/named.init index 26d0360..cd0504d 100755 --- a/named.init +++ b/named.init @@ -217,7 +217,7 @@ stop() { rhstatus() { [ -x /usr/sbin/rndc ] && /usr/sbin/rndc status; - status -p "$ROOTDIR/$PIDFILE" /usr/sbin/"$named"; + status -p "$ROOTDIR/$PIDFILE" -l named /usr/sbin/"$named"; return $? } restart() { @@ -239,6 +239,21 @@ reload() { return $RETVAL } +checkconfig() { + ckcf_options='-z'; + if [ -n "${ROOTDIR}" -a "x${ROOTDIR}" != "x/" ]; then + ckcf_options="$ckcf_options -t ${ROOTDIR}"; + mount_chroot_conf + fi; + if [ -x /usr/sbin/named-checkconf ] && [ -x /usr/sbin/named-checkzone ] && /usr/sbin/named-checkconf $ckcf_options ${named_conf} ; then + umount_chroot_conf + return 0; + else + umount_chroot_conf + return 1; + fi +} + # See how we were called. case "$1" in start) @@ -263,6 +278,9 @@ case "$1" in force-reload) if ! reload; then restart; fi ;; + checkconfig|configtest|check|test) + checkconfig + ;; *) echo $"Usage: $0 {start|stop|status|restart|try-restart|reload|force-reload}" [ "x$1" = "x" ] && exit 0