pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/net/bind910



Module Name:    pkgsrc
Committed By:   taca
Date:           Sun Sep 23 14:27:07 UTC 2018

Modified Files:
        pkgsrc/net/bind910: Makefile distinfo
Added Files:
        pkgsrc/net/bind910/patches: patch-bin_named_server.c
            patch-bin_named_zoneconf.c patch-lib_dns_zone.c

Log Message:
net/bind910: backport from bind911

Backport changes between BIND 9.11.4-P1 and 9.11.4-P2.

Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -u -r1.46 -r1.47 pkgsrc/net/bind910/Makefile
cvs rdiff -u -r1.36 -r1.37 pkgsrc/net/bind910/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/net/bind910/patches/patch-bin_named_server.c \
    pkgsrc/net/bind910/patches/patch-bin_named_zoneconf.c \
    pkgsrc/net/bind910/patches/patch-lib_dns_zone.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/net/bind910/Makefile
diff -u pkgsrc/net/bind910/Makefile:1.46 pkgsrc/net/bind910/Makefile:1.47
--- pkgsrc/net/bind910/Makefile:1.46    Thu Sep 20 02:56:45 2018
+++ pkgsrc/net/bind910/Makefile Sun Sep 23 14:27:07 2018
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.46 2018/09/20 02:56:45 taca Exp $
+# $NetBSD: Makefile,v 1.47 2018/09/23 14:27:07 taca Exp $
 
 DISTNAME=      bind-${BIND_VERSION}
 PKGNAME=       ${DISTNAME:S/-P/pl/}
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    net
 MASTER_SITES=  ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/
 

Index: pkgsrc/net/bind910/distinfo
diff -u pkgsrc/net/bind910/distinfo:1.36 pkgsrc/net/bind910/distinfo:1.37
--- pkgsrc/net/bind910/distinfo:1.36    Mon Aug 13 13:41:49 2018
+++ pkgsrc/net/bind910/distinfo Sun Sep 23 14:27:07 2018
@@ -1,16 +1,19 @@
-$NetBSD: distinfo,v 1.36 2018/08/13 13:41:49 maya Exp $
+$NetBSD: distinfo,v 1.37 2018/09/23 14:27:07 taca Exp $
 
 SHA1 (bind-9.10.8-P1.tar.gz) = 70505825897b78868eb5f38ebf1a7b9fd3a7b588
 RMD160 (bind-9.10.8-P1.tar.gz) = 6cea25616dc1e0a280db3ea9784afe109f68db5c
 SHA512 (bind-9.10.8-P1.tar.gz) = 1b4d871b7baddf0552b56f1f667974f29684b1a85e1cf7cbe9c62c72f113337bf3cf4c4d806b565b551c8eca45bbc8290b173de6b0188b7e17f648e2a0986ce8
 Size (bind-9.10.8-P1.tar.gz) = 9247135 bytes
 SHA1 (patch-bin_dig_dighost.c) = 983e23a30d519982cbe88ed2277fcffc9cad616e
+SHA1 (patch-bin_named_server.c) = ee015eb38c174e0f559218b4435a9925b7474d77
+SHA1 (patch-bin_named_zoneconf.c) = b1a5510a5ef80187103a43b1236663e840d21371
 SHA1 (patch-bin_tests_system_Makefile.in) = ba368204f8eeaa12be366a532c75a2e3cc8fae98
 SHA1 (patch-bin_tests_system_metadata_tests.sh) = f18aa93a93cadd5d9da4bba75a512b5c599fb4dd
 SHA1 (patch-config.threads.in) = 227b83efe9cb3e301aaac9b97cf42f1fb8ad06b2
 SHA1 (patch-configure) = ac796249d34884e87d51602762df1f29cd1fe0bd
 SHA1 (patch-contrib_dlz_config.dlz.in) = f18bec63fbfce7cb2cd72929058ce3770fce458f
 SHA1 (patch-lib_dns_rbt.c) = 7e37f411d084e5363c6a5023e1915d224321c3e3
+SHA1 (patch-lib_dns_zone.c) = d876680089f6ebedf2c9af96057088fc1c37c378
 SHA1 (patch-lib_isc_unix_socket.c) = b2ab2d914c6be15639ca4fc63255f928d318704c
 SHA1 (patch-lib_lwres_getaddrinfo.c) = 69e9c8049fedcb93bd219c6053163f21ce3b2535
 SHA1 (patch-lib_lwres_getnameinfo.c) = 418ad349cf52925c9e8051b5c71d9d51ea8d2fb1

Added files:

Index: pkgsrc/net/bind910/patches/patch-bin_named_server.c
diff -u /dev/null pkgsrc/net/bind910/patches/patch-bin_named_server.c:1.1
--- /dev/null   Sun Sep 23 14:27:07 2018
+++ pkgsrc/net/bind910/patches/patch-bin_named_server.c Sun Sep 23 14:27:07 2018
@@ -0,0 +1,114 @@
+$NetBSD: patch-bin_named_server.c,v 1.1 2018/09/23 14:27:07 taca Exp $
+
+* Backport change between BIND 9.11.4-P1 and 9.11.4-P2.
+
+--- bin/named/server.c.orig    2018-07-24 17:26:47.000000000 +0000
++++ bin/named/server.c
+@@ -9345,7 +9345,7 @@ ns_server_freeze(ns_server_t *server, is
+                isc_lex_t *lex, isc_buffer_t *text)
+ {
+       isc_result_t result, tresult;
+-      dns_zone_t *zone = NULL, *raw = NULL;
++      dns_zone_t *mayberaw = NULL, *raw = NULL;
+       dns_zonetype_t type;
+       char classstr[DNS_RDATACLASS_FORMATSIZE];
+       char zonename[DNS_NAME_FORMATSIZE];
+@@ -9354,11 +9354,11 @@ ns_server_freeze(ns_server_t *server, is
+       isc_boolean_t frozen;
+       const char *msg = NULL;
+ 
+-      result = zone_from_args(server, lex, NULL, &zone, NULL,
++      result = zone_from_args(server, lex, NULL, &mayberaw, NULL,
+                               text, ISC_TRUE);
+       if (result != ISC_R_SUCCESS)
+               return (result);
+-      if (zone == NULL) {
++      if (mayberaw == NULL) {
+               result = isc_task_beginexclusive(server->task);
+               RUNTIME_CHECK(result == ISC_R_SUCCESS);
+               tresult = ISC_R_SUCCESS;
+@@ -9378,26 +9378,26 @@ ns_server_freeze(ns_server_t *server, is
+                             isc_result_totext(tresult));
+               return (tresult);
+       }
+-      dns_zone_getraw(zone, &raw);
++      dns_zone_getraw(mayberaw, &raw);
+       if (raw != NULL) {
+-              dns_zone_detach(&zone);
+-              dns_zone_attach(raw, &zone);
++              dns_zone_detach(&mayberaw);
++              dns_zone_attach(raw, &mayberaw);
+               dns_zone_detach(&raw);
+       }
+-      type = dns_zone_gettype(zone);
++      type = dns_zone_gettype(mayberaw);
+       if (type != dns_zone_master) {
+-              dns_zone_detach(&zone);
++              dns_zone_detach(&mayberaw);
+               return (DNS_R_NOTMASTER);
+       }
+ 
+-      if (freeze && !dns_zone_isdynamic(zone, ISC_TRUE)) {
+-              dns_zone_detach(&zone);
++      if (freeze && !dns_zone_isdynamic(mayberaw, ISC_TRUE)) {
++              dns_zone_detach(&mayberaw);
+               return (DNS_R_NOTDYNAMIC);
+       }
+ 
+       result = isc_task_beginexclusive(server->task);
+       RUNTIME_CHECK(result == ISC_R_SUCCESS);
+-      frozen = dns_zone_getupdatedisabled(zone);
++      frozen = dns_zone_getupdatedisabled(mayberaw);
+       if (freeze) {
+               if (frozen) {
+                       msg = "WARNING: The zone was already frozen.\n"
+@@ -9406,16 +9406,16 @@ ns_server_freeze(ns_server_t *server, is
+                       result = DNS_R_FROZEN;
+               }
+               if (result == ISC_R_SUCCESS) {
+-                      result = dns_zone_flush(zone);
++                      result = dns_zone_flush(mayberaw);
+                       if (result != ISC_R_SUCCESS)
+                               msg = "Flushing the zone updates to "
+                                     "disk failed.";
+               }
+               if (result == ISC_R_SUCCESS)
+-                      dns_zone_setupdatedisabled(zone, freeze);
++                      dns_zone_setupdatedisabled(mayberaw, freeze);
+       } else {
+               if (frozen) {
+-                      result = dns_zone_loadandthaw(zone);
++                      result = dns_zone_loadandthaw(mayberaw);
+                       switch (result) {
+                       case ISC_R_SUCCESS:
+                       case DNS_R_UPTODATE:
+@@ -9437,7 +9437,7 @@ ns_server_freeze(ns_server_t *server, is
+               isc_buffer_putmem(text, (const unsigned char *)msg,
+                                 strlen(msg) + 1);
+ 
+-      view = dns_zone_getview(zone);
++      view = dns_zone_getview(mayberaw);
+       if (strcmp(view->name, "_default") == 0 ||
+           strcmp(view->name, "_bind") == 0)
+       {
+@@ -9447,9 +9447,9 @@ ns_server_freeze(ns_server_t *server, is
+               vname = view->name;
+               sep = " ";
+       }
+-      dns_rdataclass_format(dns_zone_getclass(zone), classstr,
++      dns_rdataclass_format(dns_zone_getclass(mayberaw), classstr,
+                             sizeof(classstr));
+-      dns_name_format(dns_zone_getorigin(zone),
++      dns_name_format(dns_zone_getorigin(mayberaw),
+                       zonename, sizeof(zonename));
+       isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
+                     NS_LOGMODULE_SERVER, ISC_LOG_INFO,
+@@ -9457,7 +9457,7 @@ ns_server_freeze(ns_server_t *server, is
+                     freeze ? "freezing" : "thawing",
+                     zonename, classstr, sep, vname,
+                     isc_result_totext(result));
+-      dns_zone_detach(&zone);
++      dns_zone_detach(&mayberaw);
+       return (result);
+ }
+ 
Index: pkgsrc/net/bind910/patches/patch-bin_named_zoneconf.c
diff -u /dev/null pkgsrc/net/bind910/patches/patch-bin_named_zoneconf.c:1.1
--- /dev/null   Sun Sep 23 14:27:07 2018
+++ pkgsrc/net/bind910/patches/patch-bin_named_zoneconf.c       Sun Sep 23 14:27:07 2018
@@ -0,0 +1,15 @@
+$NetBSD: patch-bin_named_zoneconf.c,v 1.1 2018/09/23 14:27:07 taca Exp $
+
+* Backport change between BIND 9.11.4-P1 and 9.11.4-P2.
+
+--- bin/named/zoneconf.c.orig  2018-07-24 17:26:47.000000000 +0000
++++ bin/named/zoneconf.c
+@@ -1214,7 +1214,7 @@ ns_zone_configure(const cfg_obj_t *confi
+                       dns_zone_setoption(raw, DNS_ZONEOPT_IXFRFROMDIFFS,
+                                          ISC_TRUE);
+                       dns_zone_setoption(zone, DNS_ZONEOPT_IXFRFROMDIFFS,
+-                                         ISC_TRUE);
++                                         ISC_FALSE);
+               } else
+                       dns_zone_setoption(zone, DNS_ZONEOPT_IXFRFROMDIFFS,
+                                          ixfrdiff);
Index: pkgsrc/net/bind910/patches/patch-lib_dns_zone.c
diff -u /dev/null pkgsrc/net/bind910/patches/patch-lib_dns_zone.c:1.1
--- /dev/null   Sun Sep 23 14:27:07 2018
+++ pkgsrc/net/bind910/patches/patch-lib_dns_zone.c     Sun Sep 23 14:27:07 2018
@@ -0,0 +1,143 @@
+$NetBSD: patch-lib_dns_zone.c,v 1.1 2018/09/23 14:27:07 taca Exp $
+
+* Backport change between BIND 9.11.4-P1 and 9.11.4-P2.
+
+--- lib/dns/zone.c.orig        2018-07-24 17:26:47.000000000 +0000
++++ lib/dns/zone.c
+@@ -1725,6 +1725,10 @@ dns_zone_isdynamic(dns_zone_t *zone, isc
+           (zone->type == dns_zone_redirect && zone->masters != NULL))
+               return (ISC_TRUE);
+ 
++      /* Inline zones are always dynamic. */
++      if (zone->type == dns_zone_master && zone->raw != NULL)
++              return (ISC_TRUE);
++
+       /* If !ignore_freeze, we need check whether updates are disabled.  */
+       if (zone->type == dns_zone_master &&
+           (!zone->update_disabled || ignore_freeze) &&
+@@ -1737,6 +1741,11 @@ dns_zone_isdynamic(dns_zone_t *zone, isc
+ }
+ 
+ /*
++ * Note: when dealing with inline-signed zones, external callers will always
++ * call zone_load() for the secure zone; zone_load() calls itself recursively
++ * in order to load the raw zone.
++ */
++/*
+  * Set the response policy index and information for a zone.
+  */
+ isc_result_t
+@@ -1830,6 +1839,28 @@ zone_load(dns_zone_t *zone, unsigned int
+       INSIST(zone != zone->raw);
+       hasraw = inline_secure(zone);
+       if (hasraw) {
++              /*
++               * We are trying to load an inline-signed zone.  First call
++               * self recursively to try loading the raw version of the zone.
++               * Assuming the raw zone file is readable, there are two
++               * possibilities:
++               *
++               *  a) the raw zone was not yet loaded and thus it will be
++               *     loaded now, synchronously; if this succeeds, a
++               *     subsequent attempt to load the signed zone file will
++               *     take place and thus zone_postload() will be called
++               *     twice: first for the raw zone and then for the secure
++               *     zone; the latter call will take care of syncing the raw
++               *     version with the secure version,
++               *
++               *  b) the raw zone was already loaded and we are trying to
++               *     reload it, which will happen asynchronously; this means
++               *     zone_postload() will only be called for the raw zone
++               *     because "result" returned by the zone_load() call below
++               *     will not be ISC_R_SUCCESS but rather DNS_R_CONTINUE;
++               *     zone_postload() called for the raw zone will take care
++               *     of syncing the raw version with the secure version.
++               */
+               result = zone_load(zone->raw, flags, ISC_FALSE);
+               if (result != ISC_R_SUCCESS) {
+                       if (!locked)
+@@ -1869,7 +1900,7 @@ zone_load(dns_zone_t *zone, unsigned int
+                * zone being reloaded.  Do nothing - the database
+                * we already have is guaranteed to be up-to-date.
+                */
+-              if (zone->type == dns_zone_master)
++              if (zone->type == dns_zone_master && !hasraw)
+                       result = DNS_R_DYNAMIC;
+               else
+                       result = ISC_R_SUCCESS;
+@@ -1912,7 +1943,6 @@ zone_load(dns_zone_t *zone, unsigned int
+                       goto cleanup;
+               }
+ 
+-
+               /*
+                * If the file modification time is in the past
+                * set loadtime to that value.
+@@ -4401,11 +4431,13 @@ zone_postload(dns_zone_t *zone, dns_db_t
+           ! DNS_ZONE_OPTION(zone, DNS_ZONEOPT_NOMERGE) &&
+           ! DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED))
+       {
+-              if (zone->type == dns_zone_master &&
+-                  (zone->update_acl != NULL || zone->ssutable != NULL))
++              if (zone->type == dns_zone_master && (inline_secure(zone) ||
++                  (zone->update_acl != NULL || zone->ssutable != NULL)))
++              {
+                       options = DNS_JOURNALOPT_RESIGN;
+-              else
++              } else {
+                       options = 0;
++              }
+               result = dns_journal_rollforward(zone->mctx, db, options,
+                                                zone->journal);
+               if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND &&
+@@ -4547,14 +4579,14 @@ zone_postload(dns_zone_t *zone, dns_db_t
+                           !isc_serial_gt(serial, oldserial)) {
+                               isc_uint32_t serialmin, serialmax;
+ 
+-                              INSIST(zone->type == dns_zone_master);
++                              INSIST(zone->raw == NULL);
+ 
+                               if (serial == oldserial &&
+                                   zone_unchanged(zone->db, db, zone->mctx)) {
+                                       dns_zone_log(zone, ISC_LOG_INFO,
+                                                    "ixfr-from-differences: "
+                                                    "unchanged");
+-                                      return(ISC_R_SUCCESS);
++                                      goto done;
+                               }
+ 
+                               serialmin = (oldserial + 1) & 0xffffffffU;
+@@ -4778,8 +4810,7 @@ zone_postload(dns_zone_t *zone, dns_db_t
+                            dns_db_issecure(db) ? " (DNSSEC signed)" : "");
+ 
+       zone->loadtime = loadtime;
+-      DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_LOADPENDING);
+-      return (result);
++      goto done;
+ 
+  cleanup:
+       for (inc = ISC_LIST_HEAD(zone->newincludes);
+@@ -4816,6 +4847,23 @@ zone_postload(dns_zone_t *zone, dns_db_t
+                       result = ISC_R_SUCCESS;
+       }
+ 
++ done:
++      DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_LOADPENDING);
++      /*
++       * If this is an inline-signed zone and we were called for the raw
++       * zone, we need to clear DNS_ZONEFLG_LOADPENDING for the secure zone
++       * as well, but only if this is a reload, not an initial zone load: in
++       * the former case, zone_postload() will not be run for the secure
++       * zone; in the latter case, it will be.  Check which case we are
++       * dealing with by consulting the DNS_ZONEFLG_LOADED flag for the
++       * secure zone: if it is set, this must be a reload.
++       */
++      if (inline_raw(zone) &&
++          DNS_ZONE_FLAG(zone->secure, DNS_ZONEFLG_LOADED))
++      {
++              DNS_ZONE_CLRFLAG(zone->secure, DNS_ZONEFLG_LOADPENDING);
++      }
++
+       return (result);
+ }
+ 



Home | Main Index | Thread Index | Old Index