diff options
| author |   Alexander Kanavin <alex.kanavin@gmail.com> | 2022-05-05 07:04:57 +0200 |
|---|---|---|
| committer |   Steve Sakoman <steve@sakoman.com> | 2022-05-16 13:59:44 -1000 |
| commit | 297215735613b1c9512780580da2f84cf013a603 (patch) | |
| tree | b9609ee85b63ea3664cbd51416eb1c7c878d605e /meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch | |
| parent | 34f6d4763fc3bad1382551fd863f96e556b5f6cc (diff) | |
| download | openembedded-core-contrib-297215735613b1c9512780580da2f84cf013a603.tar.gz | |
bind: upgrade 9.18.1 -> 9.18.2
Update to latest stable branch release
Bug Fixes
- Previously, zone maintenance DNS queries retried forever if the destination
server was unreachable. These queries included outgoing NOTIFY messages,
refresh SOA queries, parental DS checks, and stub zone NS queries. For example,
if a zone had any nameservers with IPv6 addresses and a secondary server without
IPv6 connectivity, that server would keep trying to send a growing amount of
NOTIFY traffic over IPv6. This futile traffic was not logged. This excessive
retry behavior has been fixed. [GL #3242]
- A number of crashes and hangs which could be triggered in dig were identified and
addressed. [GL #3020] [GL #3128] [GL #3145] [GL #3184] [GL #3205] [GL #3244] [GL #3248]
- Invalid dnssec-policy definitions, where the defined keys did not cover both KSK
and ZSK roles for a given algorithm, were being accepted. These are now checked,
and the dnssec-policy is rejected if both roles are not present for all algorithms
in use. [GL #3142]
- Handling of TCP write timeouts has been improved to track the timeout for each TCP
write separately, leading to a faster connection teardown in case the other party
is not reading the data. [GL #3200]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5398263c8e070110a045a5f8999712ba4be628de)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch')
| -rw-r--r-- | meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch b/meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch new file mode 100644 index 0000000000..146f3e35db --- /dev/null +++ b/meta/recipes-connectivity/bind/bind-9.18.2/make-etc-initd-bind-stop-work.patch @@ -0,0 +1,42 @@ +bind: make "/etc/init.d/bind stop" work + +Upstream-Status: Inappropriate [configuration] + +Add some configurations, make rndc command be able to controls +the named daemon. + +Signed-off-by: Roy Li <rongqing.li@windriver.com> +--- + conf/named.conf | 5 +++++ + conf/rndc.conf | 5 +++++ + 2 files changed, 10 insertions(+), 0 deletions(-) + create mode 100644 conf/rndc.conf + +diff --git a/conf/named.conf b/conf/named.conf +index 95829cf..c8899e7 100644 +--- a/conf/named.conf ++++ b/conf/named.conf +@@ -47,3 +47,8 @@ zone "255.in-addr.arpa" { + // root-delegation-only exclude { "DE"; "MUSEUM"; }; + + include "/etc/bind/named.conf.local"; ++include "/etc/bind/rndc.key" ; ++controls { ++ inet 127.0.0.1 allow { localhost; } ++ keys { rndc-key; }; ++}; +diff --git a/conf/rndc.conf b/conf/rndc.conf +new file mode 100644 +index 0000000..a0b481d +--- /dev/null ++++ b/conf/rndc.conf +@@ -0,0 +1,5 @@ ++include "/etc/bind/rndc.key"; ++options { ++ default-server localhost; ++ default-key rndc-key; ++}; + +-- +1.7.5.4 + |