Subject: Re: Problem applying Security Advisory 2007-003 fix
To: None <jgw@tx0.org>
From: David H. Gutteridge <dhgutteridge@sympatico.ca>
List: netbsd-help
Date: 03/14/2007 16:30:21
>Well, not really but thanks just the same. :)
>
>Updating ../forward.h still fails in the same place with the same error.
Yes, that'll teach me to respond to emails at three in the morning.
At a minimum, you would have needed to update dist/bind/lib/dns/forward.c
as well, since that's where the function is actually defined. (Details,
details...) But I'd agree it was safer to update the whole tree anyway.
>I then updated all of ../src/dist/bind and tried rebuilding. It too
>failed,
>but it's something different:
>
>...
># compile libisc/entropy.o
>cc -O2 -Wall -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith
>-Wno-sign-compare -W
>no-traditional -Wno-uninitialized -Werror
>-I/usr/src/usr.sbin/bind/include -I/usr/src/dist/bind/lib/dns/include
>-I/usr/src/dist/bind/lib/dns/unix/include
>-I/usr/src/dist/bind/lib/isc/include
>-I/usr/src/dist/bind/lib/isc/unix/include
>-I/usr/src/dist/bind/lib/bind9/include
>-I/usr/src/dist/bind/lib/isccfg/include
>-I/usr/src/dist/bind/lib/isccc/include
>-I/usr/src/dist/bind/lib/lwres/include
>-I/usr/src/dist/bind/lib/lwres/unix/include
>-I/usr/src/dist/bind/lib/dns/sec/dst/include -DNS_LOCALSTATEDIR=\"/var\"
>-DNS_SYSCONFDIR=\"/etc\" -DVERSION=\"9.3.2nb1\" -DWANT_IPV6
>-DLIBINTERFACE=11 -DLIBREVISION=1 -DLIBAGE=0 -DISC_PLATFORM_USETHREADS
>-I/usr/src/dist/bind/lib/isc/pthreads/include -c
>/usr/src/dist/bind/lib/isc/unix/entropy.c -o entropy.o.tmp
>/usr/src/dist/bind/lib/isc/unix/entropy.c: In function `make_nonblock':
>/usr/src/dist/bind/lib/isc/unix/entropy.c:457: error: `PORT_NONBLOCK'
>undeclared (first use in this function)
>/usr/src/dist/bind/lib/isc/unix/entropy.c:457: error: (Each undeclared
>identifier is reported only once
>/usr/src/dist/bind/lib/isc/unix/entropy.c:457: error: for each function it
>appears in.)
>/usr/src/dist/bind/lib/isc/unix/entropy.c: In function
>`isc_entropy_createfilesource':
>/usr/src/dist/bind/lib/isc/unix/entropy.c:515: error: `PORT_NONBLOCK'
>undeclared (first use in this function)
>*** Error code 1
>
>Stop.
>make: stopped in /usr/src/usr.sbin/bind/libisc
>*** Error code 1
>
>Stop.
>make: stopped in /usr/src/usr.sbin/bind/libisc
>*** Error code 1
>
>Stop.
>make: stopped in /usr/src/usr.sbin/bind
>
>--
>
>Near the top of /usr/src/dist/bind/lib/isc/unix/entropy.c is this message:
>
>...
>/*
> * There is only one variable in the entropy data structures that is not
> * system independent, but pulling the structure that uses it into this
>file
> * ultimately means pulling several other independent structures here also
>to
> * resolve their interdependencies. Thus only the problem variable's type
> * is defined here.
> */
>#define FILESOURCE_HANDLE_TYPE int
>
>typedef struct {
> int handle;
> enum {
> isc_usocketsource_disconnected,
> isc_usocketsource_connecting,
> isc_usocketsource_connected,
> isc_usocketsource_ndesired,
> isc_usocketsource_wrote,
> isc_usocketsource_reading
> } status;
> size_t sz_to_recv;
>} isc_entropyusocketsource_t;
>
>#include "../entropy.c"
>...
>
>Don't know if it's relevant but given the error message it seems possible.
>Maybe I should just wait until the next system upgrade (4.0 ought to be
>out sometime this year...).
The macro PORT_NONBLOCK isn't getting defined anywhere for some
reason. What version of dist/bind/lib/bind/configure.in is in your tree?
(The correct one should include a definition of that macro. If you
updated everything, it should have got pulled in, but give it a grep.)
Certainly 3.1 updates correctly without incident, as I've done it on
more than one machine.
Regards,
Dave