| ... | ... | --- a/bind-9.11-fips-tests.patch |
| ... | ... | +++ b/bind-9.11-fips-tests.patch |
| ... | ... | @@ -95,11 +95,10 @@ Date: Wed Mar 7 10:44:23 2018 +0100 |
| 95 | 95 |
34 files changed, 163 insertions(+), 109 deletions(-)
|
| 96 | 96 |
create mode 100644 bin/tests/system/tsig/ns1/rndc5.conf.in
|
| 97 | 97 |
|
| 98 |
diff --git a/bin/tests/system/acl/ns2/named1.conf.in b/bin/tests/system/acl/ns2/named1.conf.in
|
|
| 99 |
index 60f22e1..249f672 100644
|
|
| 100 |
--- a/bin/tests/system/acl/ns2/named1.conf.in
|
|
| 101 |
+++ b/bin/tests/system/acl/ns2/named1.conf.in
|
|
| 102 |
@@ -33,12 +33,12 @@ options {
|
|
| 98 |
diff -ruN a/bin/tests/system/acl/ns2/named1.conf.in b/bin/tests/system/acl/ns2/named1.conf.in
|
|
| 99 |
--- a/bin/tests/system/acl/ns2/named1.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 100 |
+++ b/bin/tests/system/acl/ns2/named1.conf.in 2022-12-01 06:09:13.933835878 +0300
|
|
| 101 |
@@ -35,12 +35,12 @@
|
|
| 103 | 102 |
};
|
| 104 | 103 |
|
| 105 | 104 |
key one {
|
| ... | ... | @@ -114,11 +113,10 @@ index 60f22e1..249f672 100644 |
| … | … | |
| 113 | 113 |
secret "1234abcd8765";
|
| 114 | 114 |
};
|
| 115 | 115 |
|
| 116 |
diff --git a/bin/tests/system/acl/ns2/named2.conf.in b/bin/tests/system/acl/ns2/named2.conf.in
|
|
| 117 |
index ada97bc..f82d858 100644
|
|
| 118 |
--- a/bin/tests/system/acl/ns2/named2.conf.in
|
|
| 119 |
+++ b/bin/tests/system/acl/ns2/named2.conf.in
|
|
| 120 |
@@ -33,12 +33,12 @@ options {
|
|
| 116 |
diff -ruN a/bin/tests/system/acl/ns2/named2.conf.in b/bin/tests/system/acl/ns2/named2.conf.in
|
|
| 117 |
--- a/bin/tests/system/acl/ns2/named2.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 118 |
+++ b/bin/tests/system/acl/ns2/named2.conf.in 2022-12-01 06:09:13.933835878 +0300
|
|
| 119 |
@@ -35,12 +35,12 @@
|
|
| 121 | 120 |
};
|
| 122 | 121 |
|
| 123 | 122 |
key one {
|
| ... | ... | @@ -133,11 +131,10 @@ index ada97bc..f82d858 100644 |
| … | … | |
| 131 | 131 |
secret "1234abcd8765";
|
| 132 | 132 |
};
|
| 133 | 133 |
|
| 134 |
diff --git a/bin/tests/system/acl/ns2/named3.conf.in b/bin/tests/system/acl/ns2/named3.conf.in
|
|
| 135 |
index 97684e4..de6a2e9 100644
|
|
| 136 |
--- a/bin/tests/system/acl/ns2/named3.conf.in
|
|
| 137 |
+++ b/bin/tests/system/acl/ns2/named3.conf.in
|
|
| 138 |
@@ -33,17 +33,17 @@ options {
|
|
| 134 |
diff -ruN a/bin/tests/system/acl/ns2/named3.conf.in b/bin/tests/system/acl/ns2/named3.conf.in
|
|
| 135 |
--- a/bin/tests/system/acl/ns2/named3.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 136 |
+++ b/bin/tests/system/acl/ns2/named3.conf.in 2022-12-01 06:09:13.933835878 +0300
|
|
| 137 |
@@ -35,17 +35,17 @@
|
|
| 139 | 138 |
};
|
| 140 | 139 |
|
| 141 | 140 |
key one {
|
| ... | ... | @@ -158,11 +155,10 @@ index 97684e4..de6a2e9 100644 |
| … | … | |
| 155 | 155 |
secret "1234abcd8765";
|
| 156 | 156 |
};
|
| 157 | 157 |
|
| 158 |
diff --git a/bin/tests/system/acl/ns2/named4.conf.in b/bin/tests/system/acl/ns2/named4.conf.in
|
|
| 159 |
index 462b3fa..994b35c 100644
|
|
| 160 |
--- a/bin/tests/system/acl/ns2/named4.conf.in
|
|
| 161 |
+++ b/bin/tests/system/acl/ns2/named4.conf.in
|
|
| 162 |
@@ -33,12 +33,12 @@ options {
|
|
| 158 |
diff -ruN a/bin/tests/system/acl/ns2/named4.conf.in b/bin/tests/system/acl/ns2/named4.conf.in
|
|
| 159 |
--- a/bin/tests/system/acl/ns2/named4.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 160 |
+++ b/bin/tests/system/acl/ns2/named4.conf.in 2022-12-01 06:09:13.933835878 +0300
|
|
| 161 |
@@ -35,12 +35,12 @@
|
|
| 163 | 162 |
};
|
| 164 | 163 |
|
| 165 | 164 |
key one {
|
| ... | ... | @@ -177,11 +173,10 @@ index 462b3fa..994b35c 100644 |
| … | … | |
| 173 | 173 |
secret "1234abcd8765";
|
| 174 | 174 |
};
|
| 175 | 175 |
|
| 176 |
diff --git a/bin/tests/system/acl/ns2/named5.conf.in b/bin/tests/system/acl/ns2/named5.conf.in
|
|
| 177 |
index 728da58..8f00d09 100644
|
|
| 178 |
--- a/bin/tests/system/acl/ns2/named5.conf.in
|
|
| 179 |
+++ b/bin/tests/system/acl/ns2/named5.conf.in
|
|
| 180 |
@@ -35,12 +35,12 @@ options {
|
|
| 176 |
diff -ruN a/bin/tests/system/acl/ns2/named5.conf.in b/bin/tests/system/acl/ns2/named5.conf.in
|
|
| 177 |
--- a/bin/tests/system/acl/ns2/named5.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 178 |
+++ b/bin/tests/system/acl/ns2/named5.conf.in 2022-12-01 06:09:13.933835878 +0300
|
|
| 179 |
@@ -37,12 +37,12 @@
|
|
| 181 | 180 |
};
|
| 182 | 181 |
|
| 183 | 182 |
key one {
|
| ... | ... | @@ -196,11 +191,10 @@ index 728da58..8f00d09 100644 |
| … | … | |
| 191 | 191 |
secret "1234abcd8765";
|
| 192 | 192 |
};
|
| 193 | 193 |
|
| 194 |
diff --git a/bin/tests/system/acl/tests.sh b/bin/tests/system/acl/tests.sh
|
|
| 195 |
index be59d64..13d5bdc 100644
|
|
| 196 |
--- a/bin/tests/system/acl/tests.sh
|
|
| 197 |
+++ b/bin/tests/system/acl/tests.sh
|
|
| 198 |
@@ -22,14 +22,14 @@ echo_i "testing basic ACL processing"
|
|
| 194 |
diff -ruN a/bin/tests/system/acl/tests.sh b/bin/tests/system/acl/tests.sh
|
|
| 195 |
--- a/bin/tests/system/acl/tests.sh 2022-11-08 01:12:59.000000000 +0300
|
|
| 196 |
+++ b/bin/tests/system/acl/tests.sh 2022-12-01 06:09:13.934835884 +0300
|
|
| 197 |
@@ -24,14 +24,14 @@
|
|
| 199 | 198 |
# key "one" should fail
|
| 200 | 199 |
t=`expr $t + 1`
|
| 201 | 200 |
$DIG $DIGOPTS tsigzone. \
|
| ... | ... | @@ -217,7 +211,7 @@ index be59d64..13d5bdc 100644 |
| … | … | |
| 211 | 211 |
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; }
|
| 212 | 212 |
|
| 213 | 213 |
copy_setports ns2/named2.conf.in ns2/named.conf
|
| 214 |
@@ -39,18 +39,18 @@ sleep 5
|
|
| 214 |
@@ -41,18 +41,18 @@
|
|
| 215 | 215 |
# prefix 10/8 should fail
|
| 216 | 216 |
t=`expr $t + 1`
|
| 217 | 217 |
$DIG $DIGOPTS tsigzone. \
|
| ... | ... | @@ -239,7 +233,7 @@ index be59d64..13d5bdc 100644 |
| … | … | |
| 233 | 233 |
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; }
|
| 234 | 234 |
|
| 235 | 235 |
echo_i "testing nested ACL processing"
|
| 236 |
@@ -62,31 +62,31 @@ sleep 5
|
|
| 236 |
@@ -64,31 +64,31 @@
|
|
| 237 | 237 |
# should succeed
|
| 238 | 238 |
t=`expr $t + 1`
|
| 239 | 239 |
$DIG $DIGOPTS tsigzone. \
|
| ... | ... | @@ -276,7 +270,7 @@ index be59d64..13d5bdc 100644 |
| … | … | |
| 270 | 270 |
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
|
| 271 | 271 |
|
| 272 | 272 |
t=`expr $t + 1`
|
| 273 |
@@ -97,7 +97,7 @@ grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $tt failed" ; status=1
|
|
| 273 |
@@ -99,7 +99,7 @@
|
|
| 274 | 274 |
# and other values? right out
|
| 275 | 275 |
t=`expr $t + 1`
|
| 276 | 276 |
$DIG $DIGOPTS tsigzone. \
|
| ... | ... | @@ -285,7 +279,7 @@ index be59d64..13d5bdc 100644 |
| … | … | |
| 279 | 279 |
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
|
| 280 | 280 |
|
| 281 | 281 |
# now we only allow 10.53.0.1 *and* key one, or 10.53.0.2 *and* key two
|
| 282 |
@@ -108,31 +108,31 @@ sleep 5
|
|
| 282 |
@@ -110,31 +110,31 @@
|
|
| 283 | 283 |
# should succeed
|
| 284 | 284 |
t=`expr $t + 1`
|
| 285 | 285 |
$DIG $DIGOPTS tsigzone. \
|
| ... | ... | @@ -322,11 +316,10 @@ index be59d64..13d5bdc 100644 |
| … | … | |
| 316 | 316 |
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
|
| 317 | 317 |
|
| 318 | 318 |
echo_i "testing allow-query-on ACL processing"
|
| 319 |
diff --git a/bin/tests/system/allow-query/ns2/named10.conf.in b/bin/tests/system/allow-query/ns2/named10.conf.in
|
|
| 320 |
index 7d43e36..f7b25f9 100644
|
|
| 321 |
--- a/bin/tests/system/allow-query/ns2/named10.conf.in
|
|
| 322 |
+++ b/bin/tests/system/allow-query/ns2/named10.conf.in
|
|
| 323 |
@@ -10,7 +10,7 @@
|
|
| 319 |
diff -ruN a/bin/tests/system/allow-query/ns2/named10.conf.in b/bin/tests/system/allow-query/ns2/named10.conf.in
|
|
| 320 |
--- a/bin/tests/system/allow-query/ns2/named10.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 321 |
+++ b/bin/tests/system/allow-query/ns2/named10.conf.in 2022-12-01 06:09:13.934835884 +0300
|
|
| 322 |
@@ -12,7 +12,7 @@
|
|
| 324 | 323 |
*/
|
| 325 | 324 |
|
| 326 | 325 |
key one {
|
| ... | ... | @@ -335,11 +328,10 @@ index 7d43e36..f7b25f9 100644 |
| … | … | |
| 328 | 328 |
secret "1234abcd8765";
|
| 329 | 329 |
};
|
| 330 | 330 |
|
| 331 |
diff --git a/bin/tests/system/allow-query/ns2/named11.conf.in b/bin/tests/system/allow-query/ns2/named11.conf.in
|
|
| 332 |
index 2952518..121557e 100644
|
|
| 333 |
--- a/bin/tests/system/allow-query/ns2/named11.conf.in
|
|
| 334 |
+++ b/bin/tests/system/allow-query/ns2/named11.conf.in
|
|
| 335 |
@@ -10,12 +10,12 @@
|
|
| 331 |
diff -ruN a/bin/tests/system/allow-query/ns2/named11.conf.in b/bin/tests/system/allow-query/ns2/named11.conf.in
|
|
| 332 |
--- a/bin/tests/system/allow-query/ns2/named11.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 333 |
+++ b/bin/tests/system/allow-query/ns2/named11.conf.in 2022-12-01 06:09:13.934835884 +0300
|
|
| 334 |
@@ -12,12 +12,12 @@
|
|
| 336 | 335 |
*/
|
| 337 | 336 |
|
| 338 | 337 |
key one {
|
| ... | ... | @@ -354,11 +346,10 @@ index 2952518..121557e 100644 |
| … | … | |
| 346 | 346 |
secret "1234efgh8765";
|
| 347 | 347 |
};
|
| 348 | 348 |
|
| 349 |
diff --git a/bin/tests/system/allow-query/ns2/named12.conf.in b/bin/tests/system/allow-query/ns2/named12.conf.in
|
|
| 350 |
index 0c01071..ceabbb5 100644
|
|
| 351 |
--- a/bin/tests/system/allow-query/ns2/named12.conf.in
|
|
| 352 |
+++ b/bin/tests/system/allow-query/ns2/named12.conf.in
|
|
| 353 |
@@ -10,7 +10,7 @@
|
|
| 349 |
diff -ruN a/bin/tests/system/allow-query/ns2/named12.conf.in b/bin/tests/system/allow-query/ns2/named12.conf.in
|
|
| 350 |
--- a/bin/tests/system/allow-query/ns2/named12.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 351 |
+++ b/bin/tests/system/allow-query/ns2/named12.conf.in 2022-12-01 06:09:13.934835884 +0300
|
|
| 352 |
@@ -12,7 +12,7 @@
|
|
| 354 | 353 |
*/
|
| 355 | 354 |
|
| 356 | 355 |
key one {
|
| ... | ... | @@ -367,11 +358,10 @@ index 0c01071..ceabbb5 100644 |
| … | … | |
| 358 | 358 |
secret "1234abcd8765";
|
| 359 | 359 |
};
|
| 360 | 360 |
|
| 361 |
diff --git a/bin/tests/system/allow-query/ns2/named30.conf.in b/bin/tests/system/allow-query/ns2/named30.conf.in
|
|
| 362 |
index 4c17292..9cd9d1f 100644
|
|
| 363 |
--- a/bin/tests/system/allow-query/ns2/named30.conf.in
|
|
| 364 |
+++ b/bin/tests/system/allow-query/ns2/named30.conf.in
|
|
| 365 |
@@ -10,7 +10,7 @@
|
|
| 361 |
diff -ruN a/bin/tests/system/allow-query/ns2/named30.conf.in b/bin/tests/system/allow-query/ns2/named30.conf.in
|
|
| 362 |
--- a/bin/tests/system/allow-query/ns2/named30.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 363 |
+++ b/bin/tests/system/allow-query/ns2/named30.conf.in 2022-12-01 06:09:13.934835884 +0300
|
|
| 364 |
@@ -12,7 +12,7 @@
|
|
| 366 | 365 |
*/
|
| 367 | 366 |
|
| 368 | 367 |
key one {
|
| ... | ... | @@ -380,11 +370,10 @@ index 4c17292..9cd9d1f 100644 |
| … | … | |
| 370 | 370 |
secret "1234abcd8765";
|
| 371 | 371 |
};
|
| 372 | 372 |
|
| 373 |
diff --git a/bin/tests/system/allow-query/ns2/named31.conf.in b/bin/tests/system/allow-query/ns2/named31.conf.in
|
|
| 374 |
index a2690a4..f488730 100644
|
|
| 375 |
--- a/bin/tests/system/allow-query/ns2/named31.conf.in
|
|
| 376 |
+++ b/bin/tests/system/allow-query/ns2/named31.conf.in
|
|
| 377 |
@@ -10,12 +10,12 @@
|
|
| 373 |
diff -ruN a/bin/tests/system/allow-query/ns2/named31.conf.in b/bin/tests/system/allow-query/ns2/named31.conf.in
|
|
| 374 |
--- a/bin/tests/system/allow-query/ns2/named31.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 375 |
+++ b/bin/tests/system/allow-query/ns2/named31.conf.in 2022-12-01 06:09:13.934835884 +0300
|
|
| 376 |
@@ -12,12 +12,12 @@
|
|
| 378 | 377 |
*/
|
| 379 | 378 |
|
| 380 | 379 |
key one {
|
| ... | ... | @@ -399,11 +388,10 @@ index a2690a4..f488730 100644 |
| … | … | |
| 388 | 388 |
secret "1234efgh8765";
|
| 389 | 389 |
};
|
| 390 | 390 |
|
| 391 |
diff --git a/bin/tests/system/allow-query/ns2/named32.conf.in b/bin/tests/system/allow-query/ns2/named32.conf.in
|
|
| 392 |
index a0708c8..51fa457 100644
|
|
| 393 |
--- a/bin/tests/system/allow-query/ns2/named32.conf.in
|
|
| 394 |
+++ b/bin/tests/system/allow-query/ns2/named32.conf.in
|
|
| 395 |
@@ -10,7 +10,7 @@
|
|
| 391 |
diff -ruN a/bin/tests/system/allow-query/ns2/named32.conf.in b/bin/tests/system/allow-query/ns2/named32.conf.in
|
|
| 392 |
--- a/bin/tests/system/allow-query/ns2/named32.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 393 |
+++ b/bin/tests/system/allow-query/ns2/named32.conf.in 2022-12-01 06:09:13.935835890 +0300
|
|
| 394 |
@@ -12,7 +12,7 @@
|
|
| 396 | 395 |
*/
|
| 397 | 396 |
|
| 398 | 397 |
key one {
|
| ... | ... | @@ -412,11 +400,10 @@ index a0708c8..51fa457 100644 |
| … | … | |
| 400 | 400 |
secret "1234abcd8765";
|
| 401 | 401 |
};
|
| 402 | 402 |
|
| 403 |
diff --git a/bin/tests/system/allow-query/ns2/named40.conf.in b/bin/tests/system/allow-query/ns2/named40.conf.in
|
|
| 404 |
index 687768e..d24d6d2 100644
|
|
| 405 |
--- a/bin/tests/system/allow-query/ns2/named40.conf.in
|
|
| 406 |
+++ b/bin/tests/system/allow-query/ns2/named40.conf.in
|
|
| 407 |
@@ -14,12 +14,12 @@ acl accept { 10.53.0.2; };
|
|
| 403 |
diff -ruN a/bin/tests/system/allow-query/ns2/named40.conf.in b/bin/tests/system/allow-query/ns2/named40.conf.in
|
|
| 404 |
--- a/bin/tests/system/allow-query/ns2/named40.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 405 |
+++ b/bin/tests/system/allow-query/ns2/named40.conf.in 2022-12-01 06:09:13.935835890 +0300
|
|
| 406 |
@@ -16,12 +16,12 @@
|
|
| 408 | 407 |
acl badaccept { 10.53.0.1; };
|
| 409 | 408 |
|
| 410 | 409 |
key one {
|
| ... | ... | @@ -431,11 +418,10 @@ index 687768e..d24d6d2 100644 |
| … | … | |
| 418 | 418 |
secret "1234efgh8765";
|
| 419 | 419 |
};
|
| 420 | 420 |
|
| 421 |
diff --git a/bin/tests/system/allow-query/tests.sh b/bin/tests/system/allow-query/tests.sh
|
|
| 422 |
index fe40635..543c663 100644
|
|
| 423 |
--- a/bin/tests/system/allow-query/tests.sh
|
|
| 424 |
+++ b/bin/tests/system/allow-query/tests.sh
|
|
| 425 |
@@ -182,7 +182,7 @@ rndc_reload ns2 10.53.0.2
|
|
| 421 |
diff -ruN a/bin/tests/system/allow-query/tests.sh b/bin/tests/system/allow-query/tests.sh
|
|
| 422 |
--- a/bin/tests/system/allow-query/tests.sh 2022-11-08 01:12:59.000000000 +0300
|
|
| 423 |
+++ b/bin/tests/system/allow-query/tests.sh 2022-12-01 06:09:13.935835890 +0300
|
|
| 424 |
@@ -184,7 +184,7 @@
|
|
| 426 | 425 |
|
| 427 | 426 |
echo_i "test $n: key allowed - query allowed"
|
| 428 | 427 |
ret=0
|
| ... | ... | @@ -444,7 +430,7 @@ index fe40635..543c663 100644 |
| … | … | |
| 430 | 430 |
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
| 431 | 431 |
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
| 432 | 432 |
if [ $ret != 0 ]; then echo_i "failed"; fi
|
| 433 |
@@ -195,7 +195,7 @@ rndc_reload ns2 10.53.0.2
|
|
| 433 |
@@ -197,7 +197,7 @@
|
|
| 434 | 434 |
|
| 435 | 435 |
echo_i "test $n: key not allowed - query refused"
|
| 436 | 436 |
ret=0
|
| ... | ... | @@ -453,7 +439,7 @@ index fe40635..543c663 100644 |
| … | … | |
| 439 | 439 |
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
| 440 | 440 |
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
| 441 | 441 |
if [ $ret != 0 ]; then echo_i "failed"; fi
|
| 442 |
@@ -208,7 +208,7 @@ rndc_reload ns2 10.53.0.2
|
|
| 442 |
@@ -210,7 +210,7 @@
|
|
| 443 | 443 |
|
| 444 | 444 |
echo_i "test $n: key disallowed - query refused"
|
| 445 | 445 |
ret=0
|
| ... | ... | @@ -462,7 +448,7 @@ index fe40635..543c663 100644 |
| … | … | |
| 448 | 448 |
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
| 449 | 449 |
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
| 450 | 450 |
if [ $ret != 0 ]; then echo_i "failed"; fi
|
| 451 |
@@ -341,7 +341,7 @@ rndc_reload ns2 10.53.0.2
|
|
| 451 |
@@ -343,7 +343,7 @@
|
|
| 452 | 452 |
|
| 453 | 453 |
echo_i "test $n: views key allowed - query allowed"
|
| 454 | 454 |
ret=0
|
| ... | ... | @@ -471,7 +457,7 @@ index fe40635..543c663 100644 |
| … | … | |
| 457 | 457 |
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
| 458 | 458 |
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
| 459 | 459 |
if [ $ret != 0 ]; then echo_i "failed"; fi
|
| 460 |
@@ -354,7 +354,7 @@ rndc_reload ns2 10.53.0.2
|
|
| 460 |
@@ -356,7 +356,7 @@
|
|
| 461 | 461 |
|
| 462 | 462 |
echo_i "test $n: views key not allowed - query refused"
|
| 463 | 463 |
ret=0
|
| ... | ... | @@ -480,7 +466,7 @@ index fe40635..543c663 100644 |
| … | … | |
| 466 | 466 |
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
| 467 | 467 |
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
| 468 | 468 |
if [ $ret != 0 ]; then echo_i "failed"; fi
|
| 469 |
@@ -367,7 +367,7 @@ rndc_reload ns2 10.53.0.2
|
|
| 469 |
@@ -369,7 +369,7 @@
|
|
| 470 | 470 |
|
| 471 | 471 |
echo_i "test $n: views key disallowed - query refused"
|
| 472 | 472 |
ret=0
|
| ... | ... | @@ -489,7 +475,7 @@ index fe40635..543c663 100644 |
| … | … | |
| 475 | 475 |
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
| 476 | 476 |
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
| 477 | 477 |
if [ $ret != 0 ]; then echo_i "failed"; fi
|
| 478 |
@@ -500,7 +500,7 @@ status=`expr $status + $ret`
|
|
| 478 |
@@ -502,7 +502,7 @@
|
|
| 479 | 479 |
n=`expr $n + 1`
|
| 480 | 480 |
echo_i "test $n: zone key allowed - query allowed"
|
| 481 | 481 |
ret=0
|
| ... | ... | @@ -498,7 +484,7 @@ index fe40635..543c663 100644 |
| … | … | |
| 484 | 484 |
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
| 485 | 485 |
grep '^a.keyallow.example' dig.out.ns2.$n > /dev/null || ret=1
|
| 486 | 486 |
if [ $ret != 0 ]; then echo_i "failed"; fi
|
| 487 |
@@ -510,7 +510,7 @@ status=`expr $status + $ret`
|
|
| 487 |
@@ -512,7 +512,7 @@
|
|
| 488 | 488 |
n=`expr $n + 1`
|
| 489 | 489 |
echo_i "test $n: zone key not allowed - query refused"
|
| 490 | 490 |
ret=0
|
| ... | ... | @@ -507,7 +493,7 @@ index fe40635..543c663 100644 |
| … | … | |
| 493 | 493 |
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
| 494 | 494 |
grep '^a.keyallow.example' dig.out.ns2.$n > /dev/null && ret=1
|
| 495 | 495 |
if [ $ret != 0 ]; then echo_i "failed"; fi
|
| 496 |
@@ -520,7 +520,7 @@ status=`expr $status + $ret`
|
|
| 496 |
@@ -522,7 +522,7 @@
|
|
| 497 | 497 |
n=`expr $n + 1`
|
| 498 | 498 |
echo_i "test $n: zone key disallowed - query refused"
|
| 499 | 499 |
ret=0
|
| ... | ... | @@ -516,44 +502,44 @@ index fe40635..543c663 100644 |
| … | … | |
| 502 | 502 |
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
| 503 | 503 |
grep '^a.keydisallow.example' dig.out.ns2.$n > /dev/null && ret=1
|
| 504 | 504 |
if [ $ret != 0 ]; then echo_i "failed"; fi
|
| 505 |
diff --git a/bin/tests/system/catz/ns1/named.conf.in b/bin/tests/system/catz/ns1/named.conf.in
|
|
| 506 |
index 1218669..e62715e 100644
|
|
| 507 |
--- a/bin/tests/system/catz/ns1/named.conf.in
|
|
| 508 |
+++ b/bin/tests/system/catz/ns1/named.conf.in
|
|
| 509 |
@@ -61,5 +61,5 @@ zone "catalog4.example" {
|
|
| 505 |
diff -ruN a/bin/tests/system/catz/ns1/named.conf.in b/bin/tests/system/catz/ns1/named.conf.in
|
|
| 506 |
--- a/bin/tests/system/catz/ns1/named.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 507 |
+++ b/bin/tests/system/catz/ns1/named.conf.in 2022-12-01 06:09:13.935835890 +0300
|
|
| 508 |
@@ -63,7 +63,7 @@
|
|
| 510 | 509 |
|
| 511 | 510 |
key tsig_key. {
|
| 512 | 511 |
secret "LSAnCU+Z";
|
| 513 | 512 |
- algorithm hmac-md5;
|
| 514 | 513 |
+ algorithm hmac-sha256;
|
| 515 | 514 |
};
|
| 516 |
diff --git a/bin/tests/system/catz/ns2/named1.conf.in b/bin/tests/system/catz/ns2/named1.conf.in
|
|
| 517 |
index 30333e6..4005152 100644
|
|
| 518 |
--- a/bin/tests/system/catz/ns2/named1.conf.in
|
|
| 519 |
+++ b/bin/tests/system/catz/ns2/named1.conf.in
|
|
| 520 |
@@ -70,5 +70,5 @@ zone "catalog4.example" {
|
|
| 515 |
|
|
| 516 |
key next_key. {
|
|
| 517 |
diff -ruN a/bin/tests/system/catz/ns2/named1.conf.in b/bin/tests/system/catz/ns2/named1.conf.in
|
|
| 518 |
--- a/bin/tests/system/catz/ns2/named1.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 519 |
+++ b/bin/tests/system/catz/ns2/named1.conf.in 2022-12-01 06:09:13.936835896 +0300
|
|
| 520 |
@@ -80,7 +80,7 @@
|
|
| 521 | 521 |
|
| 522 | 522 |
key tsig_key. {
|
| 523 | 523 |
secret "LSAnCU+Z";
|
| 524 | 524 |
- algorithm hmac-md5;
|
| 525 | 525 |
+ algorithm hmac-sha256;
|
| 526 | 526 |
};
|
| 527 |
diff --git a/bin/tests/system/catz/ns2/named2.conf.in b/bin/tests/system/catz/ns2/named2.conf.in
|
|
| 528 |
index fcd99ca..84c97ca 100644
|
|
| 529 |
--- a/bin/tests/system/catz/ns2/named2.conf.in
|
|
| 530 |
+++ b/bin/tests/system/catz/ns2/named2.conf.in
|
|
| 531 |
@@ -56,5 +56,5 @@ zone "catalog4.example" {
|
|
| 527 |
|
|
| 528 |
key next_key. {
|
|
| 529 |
diff -ruN a/bin/tests/system/catz/ns2/named2.conf.in b/bin/tests/system/catz/ns2/named2.conf.in
|
|
| 530 |
--- a/bin/tests/system/catz/ns2/named2.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 531 |
+++ b/bin/tests/system/catz/ns2/named2.conf.in 2022-12-01 06:09:13.936835896 +0300
|
|
| 532 |
@@ -58,5 +58,5 @@
|
|
| 532 | 533 |
|
| 533 | 534 |
key tsig_key. {
|
| 534 | 535 |
secret "LSAnCU+Z";
|
| 535 | 536 |
- algorithm hmac-md5;
|
| 536 | 537 |
+ algorithm hmac-sha256;
|
| 537 | 538 |
};
|
| 538 |
diff --git a/bin/tests/system/checkconf/bad-tsig.conf b/bin/tests/system/checkconf/bad-tsig.conf
|
|
| 539 |
index 21be03e..e57c308 100644
|
|
| 540 |
--- a/bin/tests/system/checkconf/bad-tsig.conf
|
|
| 541 |
+++ b/bin/tests/system/checkconf/bad-tsig.conf
|
|
| 542 |
@@ -11,7 +11,7 @@
|
|
| 539 |
diff -ruN a/bin/tests/system/checkconf/bad-tsig.conf b/bin/tests/system/checkconf/bad-tsig.conf
|
|
| 540 |
--- a/bin/tests/system/checkconf/bad-tsig.conf 2022-11-08 01:12:59.000000000 +0300
|
|
| 541 |
+++ b/bin/tests/system/checkconf/bad-tsig.conf 2022-12-01 06:09:13.936835896 +0300
|
|
| 542 |
@@ -13,7 +13,7 @@
|
|
| 543 | 543 |
|
| 544 | 544 |
/* Bad secret */
|
| 545 | 545 |
key "badtsig" {
|
| ... | ... | @@ -562,11 +548,10 @@ index 21be03e..e57c308 100644 |
| … | … | |
| 548 | 548 |
secret "jEdD+BPKg==";
|
| 549 | 549 |
};
|
| 550 | 550 |
|
| 551 |
diff --git a/bin/tests/system/checkconf/good.conf b/bin/tests/system/checkconf/good.conf
|
|
| 552 |
index 616a544..e3a59a5 100644
|
|
| 553 |
--- a/bin/tests/system/checkconf/good.conf
|
|
| 554 |
+++ b/bin/tests/system/checkconf/good.conf
|
|
| 555 |
@@ -268,6 +268,6 @@ dyndb "name" "library.so" {
|
|
| 551 |
diff -ruN a/bin/tests/system/checkconf/good.conf b/bin/tests/system/checkconf/good.conf
|
|
| 552 |
--- a/bin/tests/system/checkconf/good.conf 2022-11-08 01:12:59.000000000 +0300
|
|
| 553 |
+++ b/bin/tests/system/checkconf/good.conf 2022-12-01 06:09:13.936835896 +0300
|
|
| 554 |
@@ -283,6 +283,6 @@
|
|
| 556 | 555 |
system;
|
| 557 | 556 |
};
|
| 558 | 557 |
key "mykey" {
|
| ... | ... | @@ -574,11 +559,10 @@ index 616a544..e3a59a5 100644 |
| … | … | |
| 559 | 559 |
+ algorithm "hmac-sha256";
|
| 560 | 560 |
secret "qwertyuiopasdfgh";
|
| 561 | 561 |
};
|
| 562 |
diff --git a/bin/tests/system/feature-test.c b/bin/tests/system/feature-test.c
|
|
| 563 |
index 877504f..577660a 100644
|
|
| 564 |
--- a/bin/tests/system/feature-test.c
|
|
| 565 |
+++ b/bin/tests/system/feature-test.c
|
|
| 566 |
@@ -14,6 +14,7 @@
|
|
| 562 |
diff -ruN a/bin/tests/system/feature-test.c b/bin/tests/system/feature-test.c
|
|
| 563 |
--- a/bin/tests/system/feature-test.c 2022-11-08 01:12:59.000000000 +0300
|
|
| 564 |
+++ b/bin/tests/system/feature-test.c 2022-12-01 06:09:13.936835896 +0300
|
|
| 565 |
@@ -17,6 +17,7 @@
|
|
| 567 | 566 |
#include <string.h>
|
| 568 | 567 |
#include <unistd.h>
|
| 569 | 568 |
|
| ... | ... | @@ -586,7 +570,7 @@ index 877504f..577660a 100644 |
| … | … | |
| 570 | 570 |
#include <isc/net.h>
|
| 571 | 571 |
#include <isc/print.h>
|
| 572 | 572 |
#include <isc/util.h>
|
| 573 |
@@ -186,6 +187,19 @@ main(int argc, char **argv) {
|
|
| 573 |
@@ -185,6 +186,19 @@
|
|
| 574 | 574 |
#endif /* ifdef DLZ_FILESYSTEM */
|
| 575 | 575 |
}
|
| 576 | 576 |
|
| ... | ... | @@ -606,11 +590,10 @@ index 877504f..577660a 100644 |
| … | … | |
| 590 | 590 |
if (strcmp(argv[1], "--with-idn") == 0) {
|
| 591 | 591 |
#ifdef HAVE_LIBIDN2
|
| 592 | 592 |
return (0);
|
| 593 |
diff --git a/bin/tests/system/notify/ns5/named.conf.in b/bin/tests/system/notify/ns5/named.conf.in
|
|
| 594 |
index 1ee8df4..2b75d9a 100644
|
|
| 595 |
--- a/bin/tests/system/notify/ns5/named.conf.in
|
|
| 596 |
+++ b/bin/tests/system/notify/ns5/named.conf.in
|
|
| 597 |
@@ -10,17 +10,17 @@
|
|
| 593 |
diff -ruN a/bin/tests/system/notify/ns5/named.conf.in b/bin/tests/system/notify/ns5/named.conf.in
|
|
| 594 |
--- a/bin/tests/system/notify/ns5/named.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 595 |
+++ b/bin/tests/system/notify/ns5/named.conf.in 2022-12-01 06:09:13.936835896 +0300
|
|
| 596 |
@@ -12,17 +12,17 @@
|
|
| 598 | 597 |
*/
|
| 599 | 598 |
|
| 600 | 599 |
key "a" {
|
| ... | ... | @@ -631,11 +614,10 @@ index 1ee8df4..2b75d9a 100644 |
| … | … | |
| 614 | 614 |
secret "cccccccccccccccccccc";
|
| 615 | 615 |
};
|
| 616 | 616 |
|
| 617 |
diff --git a/bin/tests/system/notify/tests.sh b/bin/tests/system/notify/tests.sh
|
|
| 618 |
index 3d7e0b7..ec4d9a7 100644
|
|
| 619 |
--- a/bin/tests/system/notify/tests.sh
|
|
| 620 |
+++ b/bin/tests/system/notify/tests.sh
|
|
| 621 |
@@ -212,16 +212,16 @@ ret=0
|
|
| 617 |
diff -ruN a/bin/tests/system/notify/tests.sh b/bin/tests/system/notify/tests.sh
|
|
| 618 |
--- a/bin/tests/system/notify/tests.sh 2022-11-08 01:12:59.000000000 +0300
|
|
| 619 |
+++ b/bin/tests/system/notify/tests.sh 2022-12-01 06:09:13.937835902 +0300
|
|
| 620 |
@@ -214,16 +214,16 @@
|
|
| 622 | 621 |
$NSUPDATE << EOF
|
| 623 | 622 |
server 10.53.0.5 ${PORT}
|
| 624 | 623 |
zone x21
|
| ... | ... | @@ -655,11 +637,10 @@ index 3d7e0b7..ec4d9a7 100644 |
| … | … | |
| 637 | 637 |
txt > dig.out.c.ns5.test$n || ret=1
|
| 638 | 638 |
grep "test string" dig.out.b.ns5.test$n > /dev/null &&
|
| 639 | 639 |
grep "test string" dig.out.c.ns5.test$n > /dev/null &&
|
| 640 |
diff --git a/bin/tests/system/nsupdate/ns1/named.conf.in b/bin/tests/system/nsupdate/ns1/named.conf.in
|
|
| 641 |
index b51e700..436c97d 100644
|
|
| 642 |
--- a/bin/tests/system/nsupdate/ns1/named.conf.in
|
|
| 643 |
+++ b/bin/tests/system/nsupdate/ns1/named.conf.in
|
|
| 644 |
@@ -37,7 +37,7 @@ controls {
|
|
| 640 |
diff -ruN a/bin/tests/system/nsupdate/ns1/named.conf.in b/bin/tests/system/nsupdate/ns1/named.conf.in
|
|
| 641 |
--- a/bin/tests/system/nsupdate/ns1/named.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 642 |
+++ b/bin/tests/system/nsupdate/ns1/named.conf.in 2022-12-01 06:09:13.937835902 +0300
|
|
| 643 |
@@ -39,7 +39,7 @@
|
|
| 645 | 644 |
};
|
| 646 | 645 |
|
| 647 | 646 |
key altkey {
|
| ... | ... | @@ -668,11 +649,10 @@ index b51e700..436c97d 100644 |
| … | … | |
| 649 | 649 |
secret "1234abcd8765";
|
| 650 | 650 |
};
|
| 651 | 651 |
|
| 652 |
diff --git a/bin/tests/system/nsupdate/ns2/named.conf.in b/bin/tests/system/nsupdate/ns2/named.conf.in
|
|
| 653 |
index da6b3b4..c547e47 100644
|
|
| 654 |
--- a/bin/tests/system/nsupdate/ns2/named.conf.in
|
|
| 655 |
+++ b/bin/tests/system/nsupdate/ns2/named.conf.in
|
|
| 656 |
@@ -32,7 +32,7 @@ controls {
|
|
| 652 |
diff -ruN a/bin/tests/system/nsupdate/ns2/named.conf.in b/bin/tests/system/nsupdate/ns2/named.conf.in
|
|
| 653 |
--- a/bin/tests/system/nsupdate/ns2/named.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 654 |
+++ b/bin/tests/system/nsupdate/ns2/named.conf.in 2022-12-01 06:09:13.937835902 +0300
|
|
| 655 |
@@ -34,7 +34,7 @@
|
|
| 657 | 656 |
};
|
| 658 | 657 |
|
| 659 | 658 |
key altkey {
|
| ... | ... | @@ -681,11 +661,10 @@ index da6b3b4..c547e47 100644 |
| … | … | |
| 661 | 661 |
secret "1234abcd8765";
|
| 662 | 662 |
};
|
| 663 | 663 |
|
| 664 |
diff --git a/bin/tests/system/nsupdate/setup.sh b/bin/tests/system/nsupdate/setup.sh
|
|
| 665 |
index 5593a2e..7cd1a74 100644
|
|
| 666 |
--- a/bin/tests/system/nsupdate/setup.sh
|
|
| 667 |
+++ b/bin/tests/system/nsupdate/setup.sh
|
|
| 668 |
@@ -71,7 +71,11 @@ EOF
|
|
| 664 |
diff -ruN a/bin/tests/system/nsupdate/setup.sh b/bin/tests/system/nsupdate/setup.sh
|
|
| 665 |
--- a/bin/tests/system/nsupdate/setup.sh 2022-11-08 01:12:59.000000000 +0300
|
|
| 666 |
+++ b/bin/tests/system/nsupdate/setup.sh 2022-12-01 06:09:13.937835902 +0300
|
|
| 667 |
@@ -73,7 +73,11 @@
|
|
| 669 | 668 |
|
| 670 | 669 |
$DDNSCONFGEN -q -z example.nil > ns1/ddns.key
|
| 671 | 670 |
|
| ... | ... | @@ -698,12 +677,11 @@ index 5593a2e..7cd1a74 100644 |
| … | … | |
| 677 | 677 |
$DDNSCONFGEN -q -a hmac-sha1 -k sha1-key -z keytests.nil > ns1/sha1.key
|
| 678 | 678 |
$DDNSCONFGEN -q -a hmac-sha224 -k sha224-key -z keytests.nil > ns1/sha224.key
|
| 679 | 679 |
$DDNSCONFGEN -q -a hmac-sha256 -k sha256-key -z keytests.nil > ns1/sha256.key
|
| 680 |
diff --git a/bin/tests/system/nsupdate/tests.sh b/bin/tests/system/nsupdate/tests.sh
|
|
| 681 |
index 8839131..fde6135 100755
|
|
| 682 |
--- a/bin/tests/system/nsupdate/tests.sh
|
|
| 683 |
+++ b/bin/tests/system/nsupdate/tests.sh
|
|
| 684 |
@@ -824,7 +824,14 @@ fi
|
|
| 685 |
n=`expr $n + 1`
|
|
| 680 |
diff -ruN a/bin/tests/system/nsupdate/tests.sh b/bin/tests/system/nsupdate/tests.sh
|
|
| 681 |
--- a/bin/tests/system/nsupdate/tests.sh 2022-11-08 01:12:59.000000000 +0300
|
|
| 682 |
+++ b/bin/tests/system/nsupdate/tests.sh 2022-12-01 06:09:13.938835909 +0300
|
|
| 683 |
@@ -852,7 +852,14 @@
|
|
| 684 |
n=$((n + 1))
|
|
| 686 | 685 |
ret=0
|
| 687 | 686 |
echo_i "check TSIG key algorithms (nsupdate -k) ($n)"
|
| 688 | 687 |
-for alg in md5 sha1 sha224 sha256 sha384 sha512; do
|
| ... | ... | @@ -718,7 +696,7 @@ index 8839131..fde6135 100755 |
| … | … | |
| 696 | 696 |
$NSUPDATE -k ns1/${alg}.key <<END > /dev/null || ret=1
|
| 697 | 697 |
server 10.53.0.1 ${PORT}
|
| 698 | 698 |
update add ${alg}.keytests.nil. 600 A 10.10.10.3
|
| 699 |
@@ -832,7 +839,7 @@ send
|
|
| 699 |
@@ -860,7 +867,7 @@
|
|
| 700 | 700 |
END
|
| 701 | 701 |
done
|
| 702 | 702 |
sleep 2
|
| ... | ... | @@ -727,8 +705,8 @@ index 8839131..fde6135 100755 |
| … | … | |
| 705 | 705 |
$DIG $DIGOPTS +short @10.53.0.1 ${alg}.keytests.nil | grep 10.10.10.3 > /dev/null 2>&1 || ret=1
|
| 706 | 706 |
done
|
| 707 | 707 |
if [ $ret -ne 0 ]; then
|
| 708 |
@@ -843,7 +850,7 @@ fi
|
|
| 709 |
n=`expr $n + 1`
|
|
| 708 |
@@ -871,7 +878,7 @@
|
|
| 709 |
n=$((n + 1))
|
|
| 710 | 710 |
ret=0
|
| 711 | 711 |
echo_i "check TSIG key algorithms (nsupdate -y) ($n)"
|
| 712 | 712 |
-for alg in md5 sha1 sha224 sha256 sha384 sha512; do
|
| ... | ... | @@ -736,7 +714,7 @@ index 8839131..fde6135 100755 |
| … | … | |
| 714 | 714 |
secret=$(sed -n 's/.*secret "\(.*\)";.*/\1/p' ns1/${alg}.key)
|
| 715 | 715 |
$NSUPDATE -y "hmac-${alg}:${alg}-key:$secret" <<END > /dev/null || ret=1
|
| 716 | 716 |
server 10.53.0.1 ${PORT}
|
| 717 |
@@ -852,7 +859,7 @@ send
|
|
| 717 |
@@ -880,7 +887,7 @@
|
|
| 718 | 718 |
END
|
| 719 | 719 |
done
|
| 720 | 720 |
sleep 2
|
| ... | ... | @@ -745,11 +723,10 @@ index 8839131..fde6135 100755 |
| … | … | |
| 723 | 723 |
$DIG $DIGOPTS +short @10.53.0.1 ${alg}.keytests.nil | grep 10.10.10.50 > /dev/null 2>&1 || ret=1
|
| 724 | 724 |
done
|
| 725 | 725 |
if [ $ret -ne 0 ]; then
|
| 726 |
diff --git a/bin/tests/system/rndc/setup.sh b/bin/tests/system/rndc/setup.sh
|
|
| 727 |
index 225722f..63ac938 100644
|
|
| 728 |
--- a/bin/tests/system/rndc/setup.sh
|
|
| 729 |
+++ b/bin/tests/system/rndc/setup.sh
|
|
| 730 |
@@ -38,7 +38,7 @@ make_key () {
|
|
| 726 |
diff -ruN a/bin/tests/system/rndc/setup.sh b/bin/tests/system/rndc/setup.sh
|
|
| 727 |
--- a/bin/tests/system/rndc/setup.sh 2022-11-08 01:12:59.000000000 +0300
|
|
| 728 |
+++ b/bin/tests/system/rndc/setup.sh 2022-12-01 06:09:13.938835909 +0300
|
|
| 729 |
@@ -40,7 +40,7 @@
|
|
| 731 | 730 |
sed 's/allow { 10.53.0.4/allow { any/' >> ns4/named.conf
|
| 732 | 731 |
}
|
| 733 | 732 |
|
| ... | ... | @@ -758,11 +735,10 @@ index 225722f..63ac938 100644 |
| … | … | |
| 735 | 735 |
make_key 2 ${EXTRAPORT2} hmac-sha1
|
| 736 | 736 |
make_key 3 ${EXTRAPORT3} hmac-sha224
|
| 737 | 737 |
make_key 4 ${EXTRAPORT4} hmac-sha256
|
| 738 |
diff --git a/bin/tests/system/rndc/tests.sh b/bin/tests/system/rndc/tests.sh
|
|
| 739 |
index 9bf86c6..b8a7a1f 100644
|
|
| 740 |
--- a/bin/tests/system/rndc/tests.sh
|
|
| 741 |
+++ b/bin/tests/system/rndc/tests.sh
|
|
| 742 |
@@ -349,15 +349,20 @@ if [ $ret != 0 ]; then echo_i "failed"; fi
|
|
| 738 |
diff -ruN a/bin/tests/system/rndc/tests.sh b/bin/tests/system/rndc/tests.sh
|
|
| 739 |
--- a/bin/tests/system/rndc/tests.sh 2022-11-08 01:12:59.000000000 +0300
|
|
| 740 |
+++ b/bin/tests/system/rndc/tests.sh 2022-12-01 06:09:13.938835909 +0300
|
|
| 741 |
@@ -351,15 +351,20 @@
|
|
| 743 | 742 |
status=`expr $status + $ret`
|
| 744 | 743 |
|
| 745 | 744 |
n=`expr $n + 1`
|
| ... | ... | @@ -792,11 +768,10 @@ index 9bf86c6..b8a7a1f 100644 |
| … | … | |
| 768 | 768 |
|
| 769 | 769 |
n=`expr $n + 1`
|
| 770 | 770 |
echo_i "testing rndc with hmac-sha1 ($n)"
|
| 771 |
diff --git a/bin/tests/system/tsig/ns1/named.conf.in b/bin/tests/system/tsig/ns1/named.conf.in
|
|
| 772 |
index 3470c4f..cf539cd 100644
|
|
| 773 |
--- a/bin/tests/system/tsig/ns1/named.conf.in
|
|
| 774 |
+++ b/bin/tests/system/tsig/ns1/named.conf.in
|
|
| 775 |
@@ -21,10 +21,7 @@ options {
|
|
| 771 |
diff -ruN a/bin/tests/system/tsig/ns1/named.conf.in b/bin/tests/system/tsig/ns1/named.conf.in
|
|
| 772 |
--- a/bin/tests/system/tsig/ns1/named.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 773 |
+++ b/bin/tests/system/tsig/ns1/named.conf.in 2022-12-01 06:09:13.938835909 +0300
|
|
| 774 |
@@ -23,10 +23,7 @@
|
|
| 776 | 775 |
notify no;
|
| 777 | 776 |
};
|
| 778 | 777 |
|
| ... | ... | @@ -808,7 +783,7 @@ index 3470c4f..cf539cd 100644 |
| … | … | |
| 783 | 783 |
|
| 784 | 784 |
key "sha1" {
|
| 785 | 785 |
secret "FrSt77yPTFx6hTs4i2tKLB9LmE0=";
|
| 786 |
@@ -51,10 +48,7 @@ key "sha512" {
|
|
| 786 |
@@ -53,10 +50,7 @@
|
|
| 787 | 787 |
algorithm hmac-sha512;
|
| 788 | 788 |
};
|
| 789 | 789 |
|
| ... | ... | @@ -820,11 +795,9 @@ index 3470c4f..cf539cd 100644 |
| … | … | |
| 795 | 795 |
|
| 796 | 796 |
key "sha1-trunc" {
|
| 797 | 797 |
secret "FrSt77yPTFx6hTs4i2tKLB9LmE0=";
|
| 798 |
diff --git a/bin/tests/system/tsig/ns1/rndc5.conf.in b/bin/tests/system/tsig/ns1/rndc5.conf.in
|
|
| 799 |
new file mode 100644
|
|
| 800 |
index 0000000..0682194
|
|
| 801 |
--- /dev/null
|
|
| 802 |
+++ b/bin/tests/system/tsig/ns1/rndc5.conf.in
|
|
| 798 |
diff -ruN a/bin/tests/system/tsig/ns1/rndc5.conf.in b/bin/tests/system/tsig/ns1/rndc5.conf.in
|
|
| 799 |
--- a/bin/tests/system/tsig/ns1/rndc5.conf.in 1970-01-01 03:00:00.000000000 +0300
|
|
| 800 |
+++ b/bin/tests/system/tsig/ns1/rndc5.conf.in 2022-12-01 06:09:13.938835909 +0300
|
|
| 803 | 801 |
@@ -0,0 +1,10 @@
|
| 804 | 802 |
+# Conditionally included when support for MD5 is available
|
| 805 | 803 |
+key "md5" {
|
| ... | ... | @@ -836,11 +809,10 @@ index 0000000..0682194 |
| … | … | |
| 809 | 809 |
+ secret "97rnFx24Tfna4mHPfgnerA==";
|
| 810 | 810 |
+ algorithm hmac-md5-80;
|
| 811 | 811 |
+};
|
| 812 |
diff --git a/bin/tests/system/tsig/setup.sh b/bin/tests/system/tsig/setup.sh
|
|
| 813 |
index e3b4a45..ae21d04 100644
|
|
| 814 |
--- a/bin/tests/system/tsig/setup.sh
|
|
| 815 |
+++ b/bin/tests/system/tsig/setup.sh
|
|
| 816 |
@@ -15,3 +15,8 @@ SYSTEMTESTTOP=..
|
|
| 812 |
diff -ruN a/bin/tests/system/tsig/setup.sh b/bin/tests/system/tsig/setup.sh
|
|
| 813 |
--- a/bin/tests/system/tsig/setup.sh 2022-11-08 01:12:59.000000000 +0300
|
|
| 814 |
+++ b/bin/tests/system/tsig/setup.sh 2022-12-01 06:09:13.938835909 +0300
|
|
| 815 |
@@ -17,3 +17,8 @@
|
|
| 817 | 816 |
$SHELL clean.sh
|
| 818 | 817 |
|
| 819 | 818 |
copy_setports ns1/named.conf.in ns1/named.conf
|
| ... | ... | @@ -849,11 +821,10 @@ index e3b4a45..ae21d04 100644 |
| … | … | |
| 821 | 821 |
+then
|
| 822 | 822 |
+ cat ns1/rndc5.conf.in >> ns1/named.conf
|
| 823 | 823 |
+fi
|
| 824 |
diff --git a/bin/tests/system/tsig/tests.sh b/bin/tests/system/tsig/tests.sh
|
|
| 825 |
index 38d842a..668aa6f 100644
|
|
| 826 |
--- a/bin/tests/system/tsig/tests.sh
|
|
| 827 |
+++ b/bin/tests/system/tsig/tests.sh
|
|
| 828 |
@@ -26,20 +26,25 @@ sha512="jI/Pa4qRu96t76Pns5Z/Ndxbn3QCkwcxLOgt9vgvnJw5wqTRvNyk3FtD6yIMd1dWVlqZ+Y4f
|
|
| 824 |
diff -ruN a/bin/tests/system/tsig/tests.sh b/bin/tests/system/tsig/tests.sh
|
|
| 825 |
--- a/bin/tests/system/tsig/tests.sh 2022-11-08 01:12:59.000000000 +0300
|
|
| 826 |
+++ b/bin/tests/system/tsig/tests.sh 2022-12-01 06:09:13.939835915 +0300
|
|
| 827 |
@@ -28,20 +28,25 @@
|
|
| 829 | 828 |
|
| 830 | 829 |
status=0
|
| 831 | 830 |
|
| ... | ... | @@ -864,6 +835,13 @@ index 38d842a..668aa6f 100644 |
| … | … | |
| 835 | 835 |
-if [ $ret -eq 1 ] ; then
|
| 836 | 836 |
- echo_i "failed"; status=1
|
| 837 | 837 |
-fi
|
| 838 |
-
|
|
| 839 |
-echo_i "fetching using hmac-md5 (new form)"
|
|
| 840 |
-ret=0
|
|
| 841 |
-$DIG $DIGOPTS example.nil. -y "hmac-md5:md5:$md5" @10.53.0.1 soa > dig.out.md5.new || ret=1
|
|
| 842 |
-grep -i "md5.*TSIG.*NOERROR" dig.out.md5.new > /dev/null || ret=1
|
|
| 843 |
-if [ $ret -eq 1 ] ; then
|
|
| 844 |
- echo_i "failed"; status=1
|
|
| 838 | 845 |
+if $FEATURETEST --md5
|
| 839 | 846 |
+then
|
| 840 | 847 |
+ echo_i "fetching using hmac-md5 (old form)"
|
| ... | ... | @@ -873,13 +851,7 @@ index 38d842a..668aa6f 100644 |
| … | … | |
| 851 | 851 |
+ if [ $ret -eq 1 ] ; then
|
| 852 | 852 |
+ echo_i "failed"; status=1
|
| 853 | 853 |
+ fi
|
| 854 |
|
|
| 855 |
-echo_i "fetching using hmac-md5 (new form)"
|
|
| 856 |
-ret=0
|
|
| 857 |
-$DIG $DIGOPTS example.nil. -y "hmac-md5:md5:$md5" @10.53.0.1 soa > dig.out.md5.new || ret=1
|
|
| 858 |
-grep -i "md5.*TSIG.*NOERROR" dig.out.md5.new > /dev/null || ret=1
|
|
| 859 |
-if [ $ret -eq 1 ] ; then
|
|
| 860 |
- echo_i "failed"; status=1
|
|
| 854 |
+
|
|
| 861 | 855 |
+ echo_i "fetching using hmac-md5 (new form)"
|
| 862 | 856 |
+ ret=0
|
| 863 | 857 |
+ $DIG $DIGOPTS example.nil. -y "hmac-md5:md5:$md5" @10.53.0.1 soa > dig.out.md5.new || ret=1
|
| ... | ... | @@ -892,7 +864,7 @@ index 38d842a..668aa6f 100644 |
| … | … | |
| 864 | 864 |
fi
|
| 865 | 865 |
|
| 866 | 866 |
echo_i "fetching using hmac-sha1"
|
| 867 |
@@ -87,12 +92,17 @@ fi
|
|
| 867 |
@@ -89,12 +94,17 @@
|
|
| 868 | 868 |
# Truncated TSIG
|
| 869 | 869 |
#
|
| 870 | 870 |
#
|
| ... | ... | @@ -916,7 +888,7 @@ index 38d842a..668aa6f 100644 |
| … | … | |
| 888 | 888 |
fi
|
| 889 | 889 |
|
| 890 | 890 |
echo_i "fetching using hmac-sha1 (trunc)"
|
| 891 |
@@ -141,12 +151,17 @@ fi
|
|
| 891 |
@@ -143,12 +153,17 @@
|
|
| 892 | 892 |
# Check for bad truncation.
|
| 893 | 893 |
#
|
| 894 | 894 |
#
|
| ... | ... | @@ -940,11 +912,10 @@ index 38d842a..668aa6f 100644 |
| … | … | |
| 912 | 912 |
fi
|
| 913 | 913 |
|
| 914 | 914 |
echo_i "fetching using hmac-sha1-80 (BADTRUNC)"
|
| 915 |
diff --git a/bin/tests/system/upforwd/ns1/named.conf.in b/bin/tests/system/upforwd/ns1/named.conf.in
|
|
| 916 |
index 3873c7c..b359a5a 100644
|
|
| 917 |
--- a/bin/tests/system/upforwd/ns1/named.conf.in
|
|
| 918 |
+++ b/bin/tests/system/upforwd/ns1/named.conf.in
|
|
| 919 |
@@ -10,7 +10,7 @@
|
|
| 915 |
diff -ruN a/bin/tests/system/upforwd/ns1/named.conf.in b/bin/tests/system/upforwd/ns1/named.conf.in
|
|
| 916 |
--- a/bin/tests/system/upforwd/ns1/named.conf.in 2022-11-08 01:12:59.000000000 +0300
|
|
| 917 |
+++ b/bin/tests/system/upforwd/ns1/named.conf.in 2022-12-01 06:09:13.939835915 +0300
|
|
| 918 |
@@ -12,7 +12,7 @@
|
|
| 920 | 919 |
*/
|
| 921 | 920 |
|
| 922 | 921 |
key "update.example." {
|
| ... | ... | @@ -953,11 +924,10 @@ index 3873c7c..b359a5a 100644 |
| … | … | |
| 924 | 924 |
secret "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
|
| 925 | 925 |
};
|
| 926 | 926 |
|
| 927 |
diff --git a/bin/tests/system/upforwd/tests.sh b/bin/tests/system/upforwd/tests.sh
|
|
| 928 |
index a50c896..8062d68 100644
|
|
| 929 |
--- a/bin/tests/system/upforwd/tests.sh
|
|
| 930 |
+++ b/bin/tests/system/upforwd/tests.sh
|
|
| 931 |
@@ -79,7 +79,7 @@ if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi
|
|
| 927 |
diff -ruN a/bin/tests/system/upforwd/tests.sh b/bin/tests/system/upforwd/tests.sh
|
|
| 928 |
--- a/bin/tests/system/upforwd/tests.sh 2022-11-08 01:12:59.000000000 +0300
|
|
| 929 |
+++ b/bin/tests/system/upforwd/tests.sh 2022-12-01 06:09:13.939835915 +0300
|
|
| 930 |
@@ -81,7 +81,7 @@
|
|
| 932 | 931 |
|
| 933 | 932 |
echo_i "updating zone (signed) ($n)"
|
| 934 | 933 |
ret=0
|
| ... | ... | @@ -966,6 +936,3 @@ index a50c896..8062d68 100644 |
| … | … | |
| 936 | 936 |
server 10.53.0.3 ${PORT}
|
| 937 | 937 |
update add updated.example. 600 A 10.10.10.1
|
| 938 | 938 |
update add updated.example. 600 TXT Foo
|
| ... | ... | --- |
| 939 |
2.31.1
|
|
| 940 |
|
| ... | ... | --- a/bind-9.16-openldap-2.6-all.patch |
| ... | ... | +++ /dev/null |
| ... | ... | @@ -1,199 +0,0 @@ |
| 0 |
From d02a805719d593863dd438798a29312a4177d207 Mon Sep 17 00:00:00 2001
|
|
| 1 |
From: Petr Mensik <pemensik@redhat.com>
|
|
| 2 |
Date: Wed, 22 Dec 2021 13:38:02 +0100
|
|
| 3 |
Subject: [PATCH 2/2] Change all internal functions to dlz_ldap prefix
|
|
| 4 |
|
|
| 5 |
To prevent any conflict in the future, avoid ldap_ prefix in any
|
|
| 6 |
internal functions. Keep it reserved for openldap only.
|
|
| 7 |
---
|
|
| 8 |
contrib/dlz/modules/ldap/dlz_ldap_dynamic.c | 52 ++++++++++-----------
|
|
| 9 |
1 file changed, 26 insertions(+), 26 deletions(-)
|
|
| 10 |
|
|
| 11 |
diff --git a/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c b/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
|
|
| 12 |
index 317a691..a653fac 100644
|
|
| 13 |
--- a/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
|
|
| 14 |
+++ b/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
|
|
| 15 |
@@ -128,7 +128,7 @@ b9_add_helper(ldap_instance_t *db, const char *helper_name, void *ptr);
|
|
| 16 |
|
|
| 17 |
/*% checks that the LDAP URL parameters make sense */
|
|
| 18 |
static isc_result_t
|
|
| 19 |
-ldap_checkURL(ldap_instance_t *db, char *URL, int attrCnt, const char *msg) {
|
|
| 20 |
+dlz_ldap_checkURL(ldap_instance_t *db, char *URL, int attrCnt, const char *msg) {
|
|
| 21 |
isc_result_t result = ISC_R_SUCCESS;
|
|
| 22 |
int ldap_result;
|
|
| 23 |
LDAPURLDesc *ldap_url = NULL;
|
|
| 24 |
@@ -248,7 +248,7 @@ cleanup:
|
|
| 25 |
* multithreaded operation.
|
|
| 26 |
*/
|
|
| 27 |
static void
|
|
| 28 |
-ldap_destroy_dblist(db_list_t *dblist) {
|
|
| 29 |
+dlz_ldap_destroy_dblist(db_list_t *dblist) {
|
|
| 30 |
dbinstance_t *ndbi = NULL;
|
|
| 31 |
dbinstance_t *dbi = NULL;
|
|
| 32 |
|
|
| 33 |
@@ -282,7 +282,7 @@ ldap_destroy_dblist(db_list_t *dblist) {
|
|
| 34 |
* multithreaded operation.
|
|
| 35 |
*/
|
|
| 36 |
static dbinstance_t *
|
|
| 37 |
-ldap_find_avail_conn(ldap_instance_t *ldap) {
|
|
| 38 |
+dlz_ldap_find_avail_conn(ldap_instance_t *ldap) {
|
|
| 39 |
dbinstance_t *dbi = NULL;
|
|
| 40 |
dbinstance_t *head;
|
|
| 41 |
int count = 0;
|
|
| 42 |
@@ -315,7 +315,7 @@ ldap_find_avail_conn(ldap_instance_t *ldap) {
|
|
| 43 |
#endif /* PTHREADS */
|
|
| 44 |
|
|
| 45 |
static isc_result_t
|
|
| 46 |
-ldap_process_results(ldap_instance_t *db, LDAP *dbc, LDAPMessage *msg,
|
|
| 47 |
+dlz_ldap_process_results(ldap_instance_t *db, LDAP *dbc, LDAPMessage *msg,
|
|
| 48 |
char **attrs, void *ptr, bool allnodes) {
|
|
| 49 |
isc_result_t result = ISC_R_SUCCESS;
|
|
| 50 |
int i = 0;
|
|
| 51 |
@@ -543,7 +543,7 @@ cleanup:
|
|
| 52 |
* obtain a result set.
|
|
| 53 |
*/
|
|
| 54 |
static isc_result_t
|
|
| 55 |
-ldap_get_results(const char *zone, const char *record, const char *client,
|
|
| 56 |
+dlz_ldap_get_results(const char *zone, const char *record, const char *client,
|
|
| 57 |
unsigned int query, void *dbdata, void *ptr) {
|
|
| 58 |
isc_result_t result;
|
|
| 59 |
ldap_instance_t *db = (ldap_instance_t *)dbdata;
|
|
| 60 |
@@ -558,7 +558,7 @@ ldap_get_results(const char *zone, const char *record, const char *client,
|
|
| 61 |
/* get db instance / connection */
|
|
| 62 |
#if PTHREADS
|
|
| 63 |
/* find an available DBI from the list */
|
|
| 64 |
- dbi = ldap_find_avail_conn(db);
|
|
| 65 |
+ dbi = dlz_ldap_find_avail_conn(db);
|
|
| 66 |
#else /* PTHREADS */
|
|
| 67 |
/*
|
|
| 68 |
* only 1 DBI - no need to lock instance lock either
|
|
| 69 |
@@ -667,7 +667,7 @@ ldap_get_results(const char *zone, const char *record, const char *client,
|
|
| 70 |
* screwed up!
|
|
| 71 |
*/
|
|
| 72 |
db->log(ISC_LOG_ERROR, "Incorrect query flag passed to "
|
|
| 73 |
- "ldap_get_results");
|
|
| 74 |
+ "dlz_ldap_get_results");
|
|
| 75 |
result = ISC_R_UNEXPECTED;
|
|
| 76 |
goto cleanup;
|
|
| 77 |
}
|
|
| 78 |
@@ -755,13 +755,13 @@ ldap_get_results(const char *zone, const char *record, const char *client,
|
|
| 79 |
|
|
| 80 |
switch (query) {
|
|
| 81 |
case ALLNODES:
|
|
| 82 |
- result = ldap_process_results(db, (LDAP *)dbi->dbconn, ldap_msg,
|
|
| 83 |
- ldap_url->lud_attrs, ptr, true);
|
|
| 84 |
+ result = dlz_ldap_process_results(db, (LDAP *)dbi->dbconn, ldap_msg,
|
|
| 85 |
+ ldap_url->lud_attrs, ptr, true);
|
|
| 86 |
break;
|
|
| 87 |
case AUTHORITY:
|
|
| 88 |
case LOOKUP:
|
|
| 89 |
- result = ldap_process_results(db, (LDAP *)dbi->dbconn, ldap_msg,
|
|
| 90 |
- ldap_url->lud_attrs, ptr, false);
|
|
| 91 |
+ result = dlz_ldap_process_results(db, (LDAP *)dbi->dbconn, ldap_msg,
|
|
| 92 |
+ ldap_url->lud_attrs, ptr, false);
|
|
| 93 |
break;
|
|
| 94 |
case ALLOWXFR:
|
|
| 95 |
entries = ldap_count_entries((LDAP *)dbi->dbconn, ldap_msg);
|
|
| 96 |
@@ -789,7 +789,7 @@ ldap_get_results(const char *zone, const char *record, const char *client,
|
|
| 97 |
* screwed up!
|
|
| 98 |
*/
|
|
| 99 |
db->log(ISC_LOG_ERROR, "Incorrect query flag passed to "
|
|
| 100 |
- "ldap_get_results");
|
|
| 101 |
+ "dlz_ldap_get_results");
|
|
| 102 |
result = ISC_R_UNEXPECTED;
|
|
| 103 |
}
|
|
| 104 |
|
|
| 105 |
@@ -847,18 +847,18 @@ dlz_allowzonexfr(void *dbdata, const char *name, const char *client) {
|
|
| 106 |
}
|
|
| 107 |
|
|
| 108 |
/* get all the zone data */
|
|
| 109 |
- result = ldap_get_results(name, NULL, client, ALLOWXFR, dbdata, NULL);
|
|
| 110 |
+ result = dlz_ldap_get_results(name, NULL, client, ALLOWXFR, dbdata, NULL);
|
|
| 111 |
return (result);
|
|
| 112 |
}
|
|
| 113 |
|
|
| 114 |
isc_result_t
|
|
| 115 |
dlz_allnodes(const char *zone, void *dbdata, dns_sdlzallnodes_t *allnodes) {
|
|
| 116 |
- return (ldap_get_results(zone, NULL, NULL, ALLNODES, dbdata, allnodes));
|
|
| 117 |
+ return (dlz_ldap_get_results(zone, NULL, NULL, ALLNODES, dbdata, allnodes));
|
|
| 118 |
}
|
|
| 119 |
|
|
| 120 |
isc_result_t
|
|
| 121 |
dlz_authority(const char *zone, void *dbdata, dns_sdlzlookup_t *lookup) {
|
|
| 122 |
- return (ldap_get_results(zone, NULL, NULL, AUTHORITY, dbdata, lookup));
|
|
| 123 |
+ return (dlz_ldap_get_results(zone, NULL, NULL, AUTHORITY, dbdata, lookup));
|
|
| 124 |
}
|
|
| 125 |
|
|
| 126 |
#if DLZ_DLOPEN_VERSION < 3
|
|
| 127 |
@@ -874,7 +874,7 @@ dlz_findzonedb(void *dbdata, const char *name, dns_clientinfomethods_t *methods,
|
|
| 128 |
UNUSED(methods);
|
|
| 129 |
UNUSED(clientinfo);
|
|
| 130 |
#endif /* if DLZ_DLOPEN_VERSION >= 3 */
|
|
| 131 |
- return (ldap_get_results(name, NULL, NULL, FINDZONE, dbdata, NULL));
|
|
| 132 |
+ return (dlz_ldap_get_results(name, NULL, NULL, FINDZONE, dbdata, NULL));
|
|
| 133 |
}
|
|
| 134 |
|
|
| 135 |
#if DLZ_DLOPEN_VERSION == 1
|
|
| 136 |
@@ -896,11 +896,11 @@ dlz_lookup(const char *zone, const char *name, void *dbdata,
|
|
| 137 |
#endif /* if DLZ_DLOPEN_VERSION >= 2 */
|
|
| 138 |
|
|
| 139 |
if (strcmp(name, "*") == 0) {
|
|
| 140 |
- result = ldap_get_results(zone, "~", NULL, LOOKUP, dbdata,
|
|
| 141 |
- lookup);
|
|
| 142 |
+ result = dlz_ldap_get_results(zone, "~", NULL, LOOKUP, dbdata,
|
|
| 143 |
+ lookup);
|
|
| 144 |
} else {
|
|
| 145 |
- result = ldap_get_results(zone, name, NULL, LOOKUP, dbdata,
|
|
| 146 |
- lookup);
|
|
| 147 |
+ result = dlz_ldap_get_results(zone, name, NULL, LOOKUP, dbdata,
|
|
| 148 |
+ lookup);
|
|
| 149 |
}
|
|
| 150 |
return (result);
|
|
| 151 |
}
|
|
| 152 |
@@ -1000,29 +1000,29 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata,
|
|
| 153 |
/* check that LDAP URL parameters make sense */
|
|
| 154 |
switch (argc) {
|
|
| 155 |
case 12:
|
|
| 156 |
- result = ldap_checkURL(ldap, argv[11], 0,
|
|
| 157 |
+ result = dlz_ldap_checkURL(ldap, argv[11], 0,
|
|
| 158 |
"allow zone transfer");
|
|
| 159 |
if (result != ISC_R_SUCCESS) {
|
|
| 160 |
goto cleanup;
|
|
| 161 |
}
|
|
| 162 |
case 11:
|
|
| 163 |
- result = ldap_checkURL(ldap, argv[10], 3, "all nodes");
|
|
| 164 |
+ result = dlz_ldap_checkURL(ldap, argv[10], 3, "all nodes");
|
|
| 165 |
if (result != ISC_R_SUCCESS) {
|
|
| 166 |
goto cleanup;
|
|
| 167 |
}
|
|
| 168 |
case 10:
|
|
| 169 |
if (strlen(argv[9]) > 0) {
|
|
| 170 |
- result = ldap_checkURL(ldap, argv[9], 3, "authority");
|
|
| 171 |
+ result = dlz_ldap_checkURL(ldap, argv[9], 3, "authority");
|
|
| 172 |
if (result != ISC_R_SUCCESS) {
|
|
| 173 |
goto cleanup;
|
|
| 174 |
}
|
|
| 175 |
}
|
|
| 176 |
case 9:
|
|
| 177 |
- result = ldap_checkURL(ldap, argv[8], 3, "lookup");
|
|
| 178 |
+ result = dlz_ldap_checkURL(ldap, argv[8], 3, "lookup");
|
|
| 179 |
if (result != ISC_R_SUCCESS) {
|
|
| 180 |
goto cleanup;
|
|
| 181 |
}
|
|
| 182 |
- result = ldap_checkURL(ldap, argv[7], 0, "find zone");
|
|
| 183 |
+ result = dlz_ldap_checkURL(ldap, argv[7], 0, "find zone");
|
|
| 184 |
if (result != ISC_R_SUCCESS) {
|
|
| 185 |
goto cleanup;
|
|
| 186 |
}
|
|
| 187 |
@@ -1199,7 +1199,7 @@ dlz_destroy(void *dbdata) {
|
|
| 188 |
#if PTHREADS
|
|
| 189 |
/* cleanup the list of DBI's */
|
|
| 190 |
if (db->db != NULL) {
|
|
| 191 |
- ldap_destroy_dblist((db_list_t *)(db->db));
|
|
| 192 |
+ dlz_ldap_destroy_dblist((db_list_t *)(db->db));
|
|
| 193 |
}
|
|
| 194 |
#else /* PTHREADS */
|
|
| 195 |
if (db->db->dbconn != NULL) {
|
|
| ... | ... | --- |
| 196 |
2.31.1
|
|
| 197 |
|
| ... | ... | --- a/bind-9.16-openldap-2.6.patch |
| ... | ... | +++ /dev/null |
| ... | ... | @@ -1,55 +0,0 @@ |
| 0 |
From e6ed26c98ebac9313ce531a366f96ff9912e84af Mon Sep 17 00:00:00 2001
|
|
| 1 |
From: Petr Mensik <pemensik@redhat.com>
|
|
| 2 |
Date: Wed, 22 Dec 2021 13:36:39 +0100
|
|
| 3 |
Subject: [PATCH 1/2] Avoid conflict with ldap_connect function of openldap
|
|
| 4 |
|
|
| 5 |
ldap_connect is defined by OpenLDAP 2.6. Compiler complains there are
|
|
| 6 |
conflicting declarations. Use dlz_ldap prefix instead of ldap to avoid
|
|
| 7 |
conflict.
|
|
| 8 |
---
|
|
| 9 |
contrib/dlz/modules/ldap/dlz_ldap_dynamic.c | 8 ++++----
|
|
| 10 |
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
| 11 |
|
|
| 12 |
diff --git a/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c b/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
|
|
| 13 |
index 543a95d..317a691 100644
|
|
| 14 |
--- a/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
|
|
| 15 |
+++ b/contrib/dlz/modules/ldap/dlz_ldap_dynamic.c
|
|
| 16 |
@@ -193,7 +193,7 @@ cleanup:
|
|
| 17 |
|
|
| 18 |
/*% Connects / reconnects to LDAP server */
|
|
| 19 |
static isc_result_t
|
|
| 20 |
-ldap_connect(ldap_instance_t *dbi, dbinstance_t *dbc) {
|
|
| 21 |
+dlz_ldap_connect(ldap_instance_t *dbi, dbinstance_t *dbc) {
|
|
| 22 |
isc_result_t result;
|
|
| 23 |
int ldap_result;
|
|
| 24 |
|
|
| 25 |
@@ -700,7 +700,7 @@ ldap_get_results(const char *zone, const char *record, const char *client,
|
|
| 26 |
db->log(ISC_LOG_INFO, "LDAP driver attempting to "
|
|
| 27 |
"re-connect");
|
|
| 28 |
|
|
| 29 |
- result = ldap_connect((ldap_instance_t *)dbdata, dbi);
|
|
| 30 |
+ result = dlz_ldap_connect((ldap_instance_t *)dbdata, dbi);
|
|
| 31 |
if (result != ISC_R_SUCCESS) {
|
|
| 32 |
result = ISC_R_FAILURE;
|
|
| 33 |
continue;
|
|
| 34 |
@@ -731,7 +731,7 @@ ldap_get_results(const char *zone, const char *record, const char *client,
|
|
| 35 |
case LDAP_SERVER_DOWN:
|
|
| 36 |
db->log(ISC_LOG_INFO, "LDAP driver attempting to "
|
|
| 37 |
"re-connect");
|
|
| 38 |
- result = ldap_connect((ldap_instance_t *)dbdata, dbi);
|
|
| 39 |
+ result = dlz_ldap_connect((ldap_instance_t *)dbdata, dbi);
|
|
| 40 |
if (result != ISC_R_SUCCESS) {
|
|
| 41 |
result = ISC_R_FAILURE;
|
|
| 42 |
}
|
|
| 43 |
@@ -1117,7 +1117,7 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata,
|
|
| 44 |
ldap->db = dbi;
|
|
| 45 |
#endif /* if PTHREADS */
|
|
| 46 |
/* attempt to connect */
|
|
| 47 |
- result = ldap_connect(ldap, dbi);
|
|
| 48 |
+ result = dlz_ldap_connect(ldap, dbi);
|
|
| 49 |
|
|
| 50 |
/*
|
|
| 51 |
* if db connection cannot be created, log err msg and
|
|
| ... | ... | --- |
| 52 |
2.31.1
|
|
| 53 |
|
| ... | ... | --- a/bind.spec |
| ... | ... | +++ b/bind.spec |
| ... | ... | @@ -55,7 +55,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv |
| 55 | 55 |
Group: System/Servers
|
| 56 | 56 |
Name: bind
|
| 57 | 57 |
License: MPLv2.0
|
| 58 |
Version: 9.16.24
|
|
| 58 |
Version: 9.16.35
|
|
| 59 | 59 |
Release: 1
|
| 60 | 60 |
Epoch: 1
|
| 61 | 61 |
Url: https://www.isc.org/downloads/bind/
|
| ... | ... | @@ -104,9 +104,6 @@ Patch149:bind-9.11-kyua-pkcs11.patch |
| … | … | |
| 104 | 104 |
Patch157:bind-9.11-fips-tests.patch
|
| 105 | 105 |
# https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/2689
|
| 106 | 106 |
Patch164:bind-9.11-rh1666814.patch
|
| 107 |
# https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/5665
|
|
| 108 |
Patch165:bind-9.16-openldap-2.6.patch
|
|
| 109 |
Patch166:bind-9.16-openldap-2.6-all.patch
|
|
| 110 | 107 |
|
| 111 | 108 |
%{?systemd_ordering}
|
| 112 | 109 |
Requires: coreutils
|
| ... | ... | @@ -431,8 +428,6 @@ in HTML and PDF format. |
| … | … | |
| 428 | 428 |
%patch130 -p1 -b .libdb
|
| 429 | 429 |
%patch157 -p1 -b .fips-tests
|
| 430 | 430 |
%patch164 -p1 -b .rh1666814
|
| 431 |
%patch165 -p1 -b .rh2032704
|
|
| 432 |
%patch166 -p1 -b .rh2032704-2
|
|
| 433 | 431 |
|
| 434 | 432 |
%if %{with PKCS11}
|
| 435 | 433 |
%patch135 -p1 -b .config-pkcs11
|
New comment