diff options
| -rw-r--r-- | bind-9.5-gssapictx-free.patch | 41 | ||||
| -rw-r--r-- | bind-9.5-spnego-memory_management.patch | 92 | ||||
| -rw-r--r-- | bind.spec | 15 | ||||
| -rwxr-xr-x | named.init | 1 | ||||
| -rw-r--r-- | named.sysconfig | 1 |
5 files changed, 55 insertions, 95 deletions
diff --git a/bind-9.5-gssapictx-free.patch b/bind-9.5-gssapictx-free.patch new file mode 100644 index 0000000..35f1b40 --- /dev/null +++ b/bind-9.5-gssapictx-free.patch @@ -0,0 +1,41 @@ +Written-by: Adam Tkac <atkac redhat com> +diff -up bind-9.5.0a6/lib/dns/spnego.h.free bind-9.5.0a6/lib/dns/spnego.h +--- bind-9.5.0a6/lib/dns/spnego.h.free 2007-06-20 01:47:16.000000000 +0200 ++++ bind-9.5.0a6/lib/dns/spnego.h 2007-08-22 14:32:13.000000000 +0200 +@@ -67,5 +67,9 @@ OM_uint32 gss_accept_sec_context_spnego( + OM_uint32 *, + gss_cred_id_t *); + ++/* ++ * We have to export this because we need to free memory allocated by spnego_malloc ++ */ ++void spnego_free(void *ptr, const char *file, int line); + + #endif +diff -up bind-9.5.0a6/lib/dns/gssapictx.c.free bind-9.5.0a6/lib/dns/gssapictx.c +--- bind-9.5.0a6/lib/dns/gssapictx.c.free 2007-06-20 01:47:16.000000000 +0200 ++++ bind-9.5.0a6/lib/dns/gssapictx.c 2007-08-22 14:44:46.000000000 +0200 +@@ -510,7 +510,11 @@ dst_gssapi_initctx(dns_name_t *name, isc + RETERR(isc_buffer_copyregion(outtoken, &r)); + + (void)gss_release_name(&minor, &gname); ++#ifdef USE_ISC_SPNEGO ++ spnego_free (gouttoken.value, __FILE__, __LINE__); ++#else + (void)gss_release_buffer(&minor, &gouttoken); ++#endif + + if (gret == GSS_S_COMPLETE) + result = ISC_R_SUCCESS; +diff -up bind-9.5.0a6/lib/dns/spnego.c.free bind-9.5.0a6/lib/dns/spnego.c +--- bind-9.5.0a6/lib/dns/spnego.c.free 2007-06-20 01:47:16.000000000 +0200 ++++ bind-9.5.0a6/lib/dns/spnego.c 2007-08-22 14:32:13.000000000 +0200 +@@ -201,7 +201,7 @@ spnego_malloc(size_t size, const char *f + return (p); + } + +-static void ++void + spnego_free(void *ptr, const char *file, int line) + { + char *p = ptr; diff --git a/bind-9.5-spnego-memory_management.patch b/bind-9.5-spnego-memory_management.patch deleted file mode 100644 index 6ce486c..0000000 --- a/bind-9.5-spnego-memory_management.patch +++ /dev/null @@ -1,92 +0,0 @@ -diff -up bind-9.5.0a6/lib/dns/spnego.c.memory_management bind-9.5.0a6/lib/dns/spnego.c ---- bind-9.5.0a6/lib/dns/spnego.c.memory_management 2007-08-13 17:59:03.000000000 +0200 -+++ bind-9.5.0a6/lib/dns/spnego.c 2007-08-13 17:59:44.000000000 +0200 -@@ -169,88 +169,6 @@ - */ - #include "spnego.h" - --/* -- * The isc_mem function keep track of allocation sizes, but we can't -- * get at that information, and we need to know sizes to implement a -- * realloc() clone. So we use a little more memory to keep track of -- * sizes allocated here. -- * -- * These functions follow Harbison & Steele, 4th edition, particularly -- * with regard to realloc()'s behavior. -- */ -- --static void * --spnego_malloc(size_t size, const char *file, int line) --{ -- char *p; -- -- if (size == 0) -- return (NULL); -- p = isc_mem_allocate(dst__memory_pool, size + sizeof(size_t)); -- if (p == NULL) -- return NULL; -- *(size_t *)p = size; -- p += sizeof(size_t); --#ifdef SPNEGO_ALLOC_DEBUG -- printf("spnego_malloc(%lu) %lx %s %u\n", -- (unsigned long) size, (unsigned long) p, file, line); --#else -- (void)file; -- (void)line; --#endif -- return (p); --} -- --static void --spnego_free(void *ptr, const char *file, int line) --{ -- char *p = ptr; -- -- if (p == NULL) -- return; --#ifdef SPNEGO_ALLOC_DEBUG -- printf("spnego_free(%lx) %s %u\n", -- (unsigned long) p, file, line); --#else -- (void)file; -- (void)line; --#endif -- p -= sizeof(size_t); -- isc_mem_free(dst__memory_pool, p); --} -- --static void * --spnego_realloc(void *old_ptr, size_t new_size, const char *file, int line) --{ -- size_t *old_size; -- void *new_ptr; -- -- if (old_ptr == NULL) -- return (spnego_malloc(new_size, file, line)); -- -- if (new_size == 0) { -- spnego_free(old_ptr, file, line); -- return (NULL); -- } -- -- old_size = old_ptr; -- old_size--; -- if (*old_size >= new_size) -- return (old_ptr); -- -- new_ptr = spnego_malloc(new_size, file, line); -- if (new_ptr == NULL) -- return (NULL); -- -- memcpy(new_ptr, old_ptr, *old_size); -- spnego_free(old_ptr, file, line); -- return (new_ptr); --} -- --#define malloc(x) spnego_malloc(x, __FILE__, __LINE__) --#define free(x) spnego_free(x, __FILE__, __LINE__) --#define realloc(x,y) spnego_realloc(x, y, __FILE__, __LINE__) -- - /* asn1_err.h */ - /* Generated from ../../../lib/asn1/asn1_err.et */ - @@ -21,7 +21,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: ISC Version: 9.5.0 -Release: 10.%{RELEASEVER}%{?dist} +Release: 10.2.%{RELEASEVER}%{?dist} Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -64,8 +64,9 @@ Patch63: bind-9.4.0-dnssec-directory.patch Patch69: bind-9.5.0-generate-xml.patch Patch71: bind-9.5-overflow.patch Patch72: bind-9.5-dlz-64bit.patch -Patch74: bind-9.5-spnego-memory_management.patch Patch75: bind-9.5-update.patch +Patch76: bind-9.5-gssapictx-free.patch +Patch77: bind-9.5-memory-leaks.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -246,8 +247,9 @@ cp -fp contrib/dbus/{dbus_mgr.h,dbus_service.h} bin/named/include/named %patch72 -p1 -b .64bit %endif %patch73 -p1 -b .libidn -%patch74 -p1 -b .memory %patch75 -p1 -b .update +%patch76 -p1 -b .free +%patch77 -p1 -b .leaks :; @@ -643,6 +645,13 @@ rm -rf ${RPM_BUILD_ROOT} %{_sbindir}/bind-chroot-admin %changelog +* Wed Aug 22 2007 Adam Tkac <atkac redhat com> 32:9.5.0-10.2.a6 +- added new initscript option KEYTAB_FILE which specified where + is located kerberos .keytab file for named service +- obsolete temporary bind-9.5-spnego-memory_management.patch by + bind-9.5-gssapictx-free.patch which conforms BIND coding standards + (#251853) + * Tue Aug 21 2007 Adam Tkac <atkac redhat com> 32:9.5.0-10.a6 - dropped direct dependency to /etc/openldap/schema directory - changed hardcoded paths to marcros @@ -24,6 +24,7 @@ [ -r /etc/sysconfig/named ] && . /etc/sysconfig/named RETVAL=0 +export KRB5_KTNAME=${KEYTAB_FILE:-/etc/named.keytab} # Don't kill named during clean-up NAMED_SHUTDOWN_TIMEOUT=${NAMED_SHUTDOWN_TIMEOUT:-100} diff --git a/named.sysconfig b/named.sysconfig index cec6b8a..622b691 100644 --- a/named.sysconfig +++ b/named.sysconfig @@ -15,3 +15,4 @@ # support with the named -D option. This setting disables # this behavior. # +# KEYTAB_FILE="/dir/file" -- Specify named service keytab file (for GSS-TSIG) |