netbsd-help: Re: Problem applying Security Advisory 2007-003 fix

Subject: Re: Problem applying Security Advisory 2007-003 fix
To: None <netbsd-help@netbsd.org>
From: Jeff_W <jgw@tx0.org>
List: netbsd-help
Date: 03/14/2007 19:08:08
"David H. Gutteridge" <dhgutteridge@sympatico.ca> wrote:

> >Well, not really but thanks just the same. :)
> >
> >Updating ../forward.h still fails in the same place with the same error.
>
> Yes, that'll teach me to respond to emails at three in the morning.
> At a minimum, you would have needed to update dist/bind/lib/dns/forward.c
> as well, since that's where the function is actually defined.  (Details,
> details...)  But I'd agree it was safer to update the whole tree anyway.
>
> >I then updated all of ../src/dist/bind and tried rebuilding.  It too 
> >failed,
> >but it's something different:
> >
> >...
> >#   compile  libisc/entropy.o
> >cc -O2 -Wall -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith 
> >-Wno-sign-compare -W
> >no-traditional -Wno-uninitialized  -Werror    
> >-I/usr/src/usr.sbin/bind/include  -I/usr/src/dist/bind/lib/dns/include 
> >-I/usr/src/dist/bind/lib/dns/unix/include  
> >-I/usr/src/dist/bind/lib/isc/include 
> >-I/usr/src/dist/bind/lib/isc/unix/include  
> >-I/usr/src/dist/bind/lib/bind9/include  
> >-I/usr/src/dist/bind/lib/isccfg/include  
> >-I/usr/src/dist/bind/lib/isccc/include  
> >-I/usr/src/dist/bind/lib/lwres/include 
> >-I/usr/src/dist/bind/lib/lwres/unix/include  
> >-I/usr/src/dist/bind/lib/dns/sec/dst/include  -DNS_LOCALSTATEDIR=\"/var\"  
> >-DNS_SYSCONFDIR=\"/etc\"  -DVERSION=\"9.3.2nb1\" -DWANT_IPV6 
> >-DLIBINTERFACE=11  -DLIBREVISION=1 -DLIBAGE=0 -DISC_PLATFORM_USETHREADS 
> >-I/usr/src/dist/bind/lib/isc/pthreads/include    -c    
> >/usr/src/dist/bind/lib/isc/unix/entropy.c -o entropy.o.tmp
> >/usr/src/dist/bind/lib/isc/unix/entropy.c: In function `make_nonblock':
> >/usr/src/dist/bind/lib/isc/unix/entropy.c:457: error: `PORT_NONBLOCK' 
> >undeclared (first use in this function)
> >/usr/src/dist/bind/lib/isc/unix/entropy.c:457: error: (Each undeclared 
> >identifier is reported only once
> >/usr/src/dist/bind/lib/isc/unix/entropy.c:457: error: for each function it 
> >appears in.)
> >/usr/src/dist/bind/lib/isc/unix/entropy.c: In function 
> >`isc_entropy_createfilesource':
> >/usr/src/dist/bind/lib/isc/unix/entropy.c:515: error: `PORT_NONBLOCK' 
> >undeclared (first use in this function)
> >*** Error code 1
> >
> >Stop.
> >make: stopped in /usr/src/usr.sbin/bind/libisc
> >*** Error code 1
> >
> >Stop.
> >make: stopped in /usr/src/usr.sbin/bind/libisc
> >*** Error code 1
> >
> >Stop.
> >make: stopped in /usr/src/usr.sbin/bind
> >
> >--
> >
> >Near the top of /usr/src/dist/bind/lib/isc/unix/entropy.c  is this message:
> >
> >...
> >/*
> >  * There is only one variable in the entropy data structures that is not
> >  * system independent, but pulling the structure that uses it into this 
> >file
> >  * ultimately means pulling several other independent structures here also 
> >to
> >  * resolve their interdependencies.  Thus only the problem variable's type
> >  * is defined here.
> >  */
> >#define FILESOURCE_HANDLE_TYPE  int
> >
> >typedef struct {
> >         int     handle;
> >         enum    {
> >                 isc_usocketsource_disconnected,
> >                 isc_usocketsource_connecting,
> >                 isc_usocketsource_connected,
> >                 isc_usocketsource_ndesired,
> >                 isc_usocketsource_wrote,
> >                 isc_usocketsource_reading
> >         } status;
> >         size_t  sz_to_recv;
> >} isc_entropyusocketsource_t;
> >
> >#include "../entropy.c"
> >...
> >
> >Don't know if it's relevant but given the error message it seems possible.
> >Maybe I should just wait until the next system upgrade (4.0 ought to be
> >out sometime this year...).
>
> The macro PORT_NONBLOCK isn't getting defined anywhere for some
> reason.  What version of dist/bind/lib/bind/configure.in is in your tree?
> (The correct one should include a definition of that macro.  If you
> updated everything, it should have got pulled in, but give it a grep.)

from my copy of /usr/src/dist/bind/lib/bind/configure.in:
...
AC_REVISION($Revision: 1.1.1.2.4.1 $)

AC_INIT(resolv/herror.c)
AC_PREREQ(2.13)
...
PORT_NONBLOCK="#define PORT_NONBLOCK O_NONBLOCK"
...

So it is getting defined here but not coming into the build process prior
to /usr/src/dist/bind/lib/isc/unix/entropy.c .  Weird.  Maybe I'll just
update the whole src tree and try again, and if it still fails I'll wait
until 4.0 comes out; the risk of this issue is almost nil for me.

Thanks though for all your help; trying to figure out these sort of things
really helps me learn about the system.

Cheers,
Jeff