Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package pdns for openSUSE:Factory checked in at 2022-03-25 21:55:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pdns (Old) and /work/SRC/openSUSE:Factory/.pdns.new.1900 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pdns" Fri Mar 25 21:55:02 2022 rev:79 rq:964869 version:4.6.1 Changes: -------- --- /work/SRC/openSUSE:Factory/pdns/pdns.changes 2022-01-29 20:59:27.243734119 +0100 +++ /work/SRC/openSUSE:Factory/.pdns.new.1900/pdns.changes 2022-03-25 21:55:24.098319792 +0100 @@ -1,0 +2,10 @@ +Fri Mar 25 13:17:15 UTC 2022 - Adam Majer <adam.ma...@suse.de> + +- Update to 4.6.1 + * fixes incomplete validation of incoming IXFR transfer for + secondary zones for which IXFR transfers have been enabled and + the network path to the primary server is not trusted. Note that + IXFR transfers are not enabled by default. + (CVE-2022-27227, bsc#1197525) + +------------------------------------------------------------------- Old: ---- pdns-4.6.0.tar.bz2 pdns-4.6.0.tar.bz2.sig New: ---- pdns-4.6.1.tar.bz2 pdns-4.6.1.tar.bz2.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pdns.spec ++++++ --- /var/tmp/diff_new_pack.drHZkV/_old 2022-03-25 21:55:24.750320413 +0100 +++ /var/tmp/diff_new_pack.drHZkV/_new 2022-03-25 21:55:24.754320416 +0100 @@ -55,7 +55,7 @@ %endif Name: pdns -Version: 4.6.0 +Version: 4.6.1 Release: 0 Summary: Authoritative-only nameserver License: GPL-2.0-only ++++++ pdns-4.6.0.tar.bz2 -> pdns-4.6.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/configure new/pdns-4.6.1/configure --- old/pdns-4.6.0/configure 2022-01-24 14:23:55.000000000 +0100 +++ new/pdns-4.6.1/configure 2022-03-21 09:47:45.000000000 +0100 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for pdns 4.6.0. +# Generated by GNU Autoconf 2.69 for pdns 4.6.1. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -587,8 +587,8 @@ # Identity of this package. PACKAGE_NAME='pdns' PACKAGE_TARNAME='pdns' -PACKAGE_VERSION='4.6.0' -PACKAGE_STRING='pdns 4.6.0' +PACKAGE_VERSION='4.6.1' +PACKAGE_STRING='pdns 4.6.1' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1647,7 +1647,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures pdns 4.6.0 to adapt to many kinds of systems. +\`configure' configures pdns 4.6.1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1718,7 +1718,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of pdns 4.6.0:";; + short | recursive ) echo "Configuration of pdns 4.6.1:";; esac cat <<\_ACEOF @@ -1970,7 +1970,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -pdns configure 4.6.0 +pdns configure 4.6.1 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2687,7 +2687,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by pdns $as_me 4.6.0, which was +It was created by pdns $as_me 4.6.1, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3557,7 +3557,7 @@ # Define the identity of the package. PACKAGE='pdns' - VERSION='4.6.0' + VERSION='4.6.1' cat >>confdefs.h <<_ACEOF @@ -29342,7 +29342,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by pdns $as_me 4.6.0, which was +This file was extended by pdns $as_me 4.6.1, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -29408,7 +29408,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -pdns config.status 4.6.0 +pdns config.status 4.6.1 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/configure.ac new/pdns-4.6.1/configure.ac --- old/pdns-4.6.0/configure.ac 2022-01-24 14:23:43.000000000 +0100 +++ new/pdns-4.6.1/configure.ac 2022-03-21 09:47:35.000000000 +0100 @@ -1,6 +1,6 @@ AC_PREREQ([2.69]) -AC_INIT([pdns], [4.6.0]) +AC_INIT([pdns], [4.6.1]) AC_CONFIG_AUX_DIR([build-aux]) AM_INIT_AUTOMAKE([foreign dist-bzip2 no-dist-gzip tar-ustar -Wno-portability subdir-objects parallel-tests 1.11]) AM_SILENT_RULES([yes]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/calidns.1 new/pdns-4.6.1/docs/calidns.1 --- old/pdns-4.6.0/docs/calidns.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/calidns.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "CALIDNS" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "CALIDNS" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME calidns \- A DNS recursor testing tool .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/dnsbulktest.1 new/pdns-4.6.1/docs/dnsbulktest.1 --- old/pdns-4.6.0/docs/dnsbulktest.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/dnsbulktest.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "DNSBULKTEST" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "DNSBULKTEST" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME dnsbulktest \- A debugging tool for intermittent resolver failures .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/dnsgram.1 new/pdns-4.6.1/docs/dnsgram.1 --- old/pdns-4.6.0/docs/dnsgram.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/dnsgram.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "DNSGRAM" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "DNSGRAM" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME dnsgram \- A debugging tool for intermittent resolver failures .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/dnspcap2calidns.1 new/pdns-4.6.1/docs/dnspcap2calidns.1 --- old/pdns-4.6.0/docs/dnspcap2calidns.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/dnspcap2calidns.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "DNSPCAP2CALIDNS" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "DNSPCAP2CALIDNS" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME dnspcap2calidns \- A tool to convert PCAPs of DNS traffic to calidns input .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/dnspcap2protobuf.1 new/pdns-4.6.1/docs/dnspcap2protobuf.1 --- old/pdns-4.6.0/docs/dnspcap2protobuf.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/dnspcap2protobuf.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "DNSPCAP2PROTOBUF" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "DNSPCAP2PROTOBUF" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME dnspcap2protobuf \- A tool to convert PCAPs of DNS traffic to PowerDNS Protobuf .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/dnsreplay.1 new/pdns-4.6.1/docs/dnsreplay.1 --- old/pdns-4.6.0/docs/dnsreplay.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/dnsreplay.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "DNSREPLAY" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "DNSREPLAY" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME dnsreplay \- A PowerDNS nameserver debugging tool .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/dnsscan.1 new/pdns-4.6.1/docs/dnsscan.1 --- old/pdns-4.6.0/docs/dnsscan.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/dnsscan.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "DNSSCAN" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "DNSSCAN" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME dnsscan \- List the amount of queries per qtype in a pcap .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/dnsscope.1 new/pdns-4.6.1/docs/dnsscope.1 --- old/pdns-4.6.0/docs/dnsscope.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/dnsscope.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "DNSSCOPE" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "DNSSCOPE" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME dnsscope \- A PowerDNS nameserver debugging tool .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/dnstcpbench.1 new/pdns-4.6.1/docs/dnstcpbench.1 --- old/pdns-4.6.0/docs/dnstcpbench.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/dnstcpbench.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "DNSTCPBENCH" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "DNSTCPBENCH" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME dnstcpbench \- tool to perform TCP benchmarking of nameservers .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/dnswasher.1 new/pdns-4.6.1/docs/dnswasher.1 --- old/pdns-4.6.0/docs/dnswasher.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/dnswasher.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "DNSWASHER" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "DNSWASHER" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME dnswasher \- A PowerDNS nameserver debugging tool .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/dumresp.1 new/pdns-4.6.1/docs/dumresp.1 --- old/pdns-4.6.0/docs/dumresp.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/dumresp.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "DUMRESP" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "DUMRESP" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME dumresp \- A dumb DNS responder .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/ixfrdist.1 new/pdns-4.6.1/docs/ixfrdist.1 --- old/pdns-4.6.0/docs/ixfrdist.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/ixfrdist.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "IXFRDIST" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "IXFRDIST" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME ixfrdist \- An IXFR/AXFR-only server that re-distributes zones .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/ixfrdist.yml.5 new/pdns-4.6.1/docs/ixfrdist.yml.5 --- old/pdns-4.6.0/docs/ixfrdist.yml.5 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/ixfrdist.yml.5 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "IXFRDIST.YML" "5" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "IXFRDIST.YML" "5" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME ixfrdist.yml \- The ixfrdist configuration file .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/ixplore.1 new/pdns-4.6.1/docs/ixplore.1 --- old/pdns-4.6.0/docs/ixplore.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/ixplore.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "IXPLORE" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "IXPLORE" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME ixplore \- A tool that provides insights into IXFRs .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/nproxy.1 new/pdns-4.6.1/docs/nproxy.1 --- old/pdns-4.6.0/docs/nproxy.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/nproxy.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "NPROXY" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "NPROXY" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME nproxy \- DNS notification proxy .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/nsec3dig.1 new/pdns-4.6.1/docs/nsec3dig.1 --- old/pdns-4.6.0/docs/nsec3dig.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/nsec3dig.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "NSEC3DIG" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "NSEC3DIG" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME nsec3dig \- Show and validate NSEC3 proofs .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/pdns_control.1 new/pdns-4.6.1/docs/pdns_control.1 --- old/pdns-4.6.0/docs/pdns_control.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/pdns_control.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "PDNS_CONTROL" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "PDNS_CONTROL" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME pdns_control \- Control the PowerDNS nameserver .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/pdns_notify.1 new/pdns-4.6.1/docs/pdns_notify.1 --- old/pdns-4.6.0/docs/pdns_notify.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/pdns_notify.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "PDNS_NOTIFY" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "PDNS_NOTIFY" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME pdns_notify \- A simple DNS NOTIFY sender .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/pdns_server.1 new/pdns-4.6.1/docs/pdns_server.1 --- old/pdns-4.6.0/docs/pdns_server.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/pdns_server.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "PDNS_SERVER" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "PDNS_SERVER" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME pdns_server \- The PowerDNS Authoritative Nameserver .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/pdnsutil.1 new/pdns-4.6.1/docs/pdnsutil.1 --- old/pdns-4.6.0/docs/pdnsutil.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/pdnsutil.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "PDNSUTIL" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "PDNSUTIL" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME pdnsutil \- PowerDNS record and DNSSEC command and control .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/saxfr.1 new/pdns-4.6.1/docs/saxfr.1 --- old/pdns-4.6.0/docs/saxfr.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/saxfr.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SAXFR" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "SAXFR" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME saxfr \- Perform AXFRs and show information about it .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/sdig.1 new/pdns-4.6.1/docs/sdig.1 --- old/pdns-4.6.0/docs/sdig.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/sdig.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SDIG" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "SDIG" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME sdig \- Perform a DNS query and show the results .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/zone2json.1 new/pdns-4.6.1/docs/zone2json.1 --- old/pdns-4.6.0/docs/zone2json.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/zone2json.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "ZONE2JSON" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "ZONE2JSON" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME zone2json \- convert BIND zones to JSON .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/zone2ldap.1 new/pdns-4.6.1/docs/zone2ldap.1 --- old/pdns-4.6.0/docs/zone2ldap.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/zone2ldap.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "ZONE2LDAP" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "ZONE2LDAP" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME zone2ldap \- convert zonefiles to ldif .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/docs/zone2sql.1 new/pdns-4.6.1/docs/zone2sql.1 --- old/pdns-4.6.0/docs/zone2sql.1 2022-01-24 14:25:50.000000000 +0100 +++ new/pdns-4.6.1/docs/zone2sql.1 2022-03-21 09:49:19.000000000 +0100 @@ -27,7 +27,7 @@ .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "ZONE2SQL" "1" "Jan 24, 2022" "" "PowerDNS Authoritative Server" +.TH "ZONE2SQL" "1" "Mar 21, 2022" "" "PowerDNS Authoritative Server" .SH NAME zone2sql \- convert BIND zones to SQL .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/pdns/credentials.cc new/pdns-4.6.1/pdns/credentials.cc --- old/pdns-4.6.0/pdns/credentials.cc 2022-01-24 12:02:05.000000000 +0100 +++ new/pdns-4.6.1/pdns/credentials.cc 2022-03-21 09:46:56.000000000 +0100 @@ -31,6 +31,7 @@ #ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT #include <openssl/evp.h> #include <openssl/kdf.h> +#include <openssl/opensslv.h> #include <openssl/rand.h> #endif @@ -105,8 +106,13 @@ throw std::runtime_error("Error intializing the scrypt context to hash the supplied password"); } - // OpenSSL 3.0 changed the string arg to const unsigned char*, other versions use const char *, so cast to const void * to satisfy both - if (EVP_PKEY_CTX_set1_pbe_pass(pctx.get(), reinterpret_cast<const void*>(password.data()), password.size()) <= 0) { + // OpenSSL 3.0 changed the string arg to const unsigned char*, other versions use const char * +#if OPENSSL_VERSION_MAJOR >= 3 + auto passwordData = reinterpret_cast<const char*>(password.data()); +#else + auto passwordData = reinterpret_cast<const unsigned char*>(password.data()); +#endif + if (EVP_PKEY_CTX_set1_pbe_pass(pctx.get(), passwordData, password.size()) <= 0) { throw std::runtime_error("Error adding the password to the scrypt context to hash the supplied password"); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/pdns/dnsname.hh new/pdns-4.6.1/pdns/dnsname.hh --- old/pdns-4.6.0/pdns/dnsname.hh 2022-01-24 12:02:05.000000000 +0100 +++ new/pdns-4.6.1/pdns/dnsname.hh 2022-03-21 09:46:56.000000000 +0100 @@ -237,7 +237,7 @@ } -struct CanonDNSNameCompare: public std::binary_function<DNSName, DNSName, bool> +struct CanonDNSNameCompare { bool operator()(const DNSName&a, const DNSName& b) const { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/pdns/dnssecinfra.hh new/pdns-4.6.1/pdns/dnssecinfra.hh --- old/pdns-4.6.0/pdns/dnssecinfra.hh 2022-01-24 12:02:05.000000000 +0100 +++ new/pdns-4.6.1/pdns/dnssecinfra.hh 2022-03-21 09:46:56.000000000 +0100 @@ -137,7 +137,7 @@ -struct CanonicalCompare: public std::binary_function<string, string, bool> +struct CanonicalCompare { bool operator()(const std::string& a, const std::string& b) { std::vector<std::string> avect, bvect; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/pdns/iputils.hh new/pdns-4.6.1/pdns/iputils.hh --- old/pdns-4.6.0/pdns/iputils.hh 2022-01-24 12:02:05.000000000 +0100 +++ new/pdns-4.6.1/pdns/iputils.hh 2022-03-21 09:46:56.000000000 +0100 @@ -143,7 +143,7 @@ } }; - struct addressOnlyLessThan: public std::binary_function<ComboAddress, ComboAddress, bool> + struct addressOnlyLessThan { bool operator()(const ComboAddress& a, const ComboAddress& b) const { @@ -158,7 +158,7 @@ } }; - struct addressOnlyEqual: public std::binary_function<ComboAddress, ComboAddress, bool> + struct addressOnlyEqual { bool operator()(const ComboAddress& a, const ComboAddress& b) const { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/pdns/ixfr.cc new/pdns-4.6.1/pdns/ixfr.cc --- old/pdns-4.6.0/pdns/ixfr.cc 2022-01-20 13:47:26.000000000 +0100 +++ new/pdns-4.6.1/pdns/ixfr.cc 2022-03-21 09:46:56.000000000 +0100 @@ -174,13 +174,21 @@ std::shared_ptr<SOARecordContent> primarySOA = nullptr; vector<DNSRecord> records; size_t receivedBytes = 0; - int8_t ixfrInProgress = -2; std::string reply; + enum transferStyle { Unknown, AXFR, IXFR } style = Unknown; + const unsigned int expectedSOAForAXFR = 2; + const unsigned int expectedSOAForIXFR = 3; + unsigned int primarySOACount = 0; + for(;;) { - // IXFR end - if (ixfrInProgress >= 0) + // IXFR or AXFR style end reached? We don't want to process trailing data after the closing SOA + if (style == AXFR && primarySOACount == expectedSOAForAXFR) { + break; + } + else if (style == IXFR && primarySOACount == expectedSOAForIXFR) { break; + } if(s.read((char*)&len, sizeof(len)) != sizeof(len)) break; @@ -225,16 +233,31 @@ return ret; } primarySOA = sr; + ++primarySOACount; } else if (r.first.d_type == QType::SOA) { auto sr = getRR<SOARecordContent>(r.first); if (!sr) { throw std::runtime_error("Error getting the content of SOA record of IXFR answer for zone '"+zone.toLogString()+"' from primary '"+primary.toStringWithPort()+"'"); } - // we hit the last SOA record - // IXFR is considered to be done if we hit the last SOA record twice + // we hit a marker SOA record if (primarySOA->d_st.serial == sr->d_st.serial) { - ixfrInProgress++; + ++primarySOACount; + } + } + // When we see the 2nd record, we can decide what the style is + if (records.size() == 1 && style == Unknown) { + if (r.first.d_type != QType::SOA) { + // Non-empty AXFR style has a non-SOA record following the first SOA + style = AXFR; + } + else if (primarySOACount == expectedSOAForAXFR) { + // Empty zone AXFR style: start SOA is immediately followed by end marker SOA + style = AXFR; + } + else { + // IXFR has a 2nd SOA (with different serial) following the first + style = IXFR; } } @@ -253,7 +276,21 @@ } } - // cout<<"Got "<<records.size()<<" records"<<endl; + switch (style) { + case IXFR: + if (primarySOACount != expectedSOAForIXFR) { + throw std::runtime_error("Incomplete IXFR transfer for '" + zone.toLogString() + "' from primary '" + primary.toStringWithPort()); + } + break; + case AXFR: + if (primarySOACount != expectedSOAForAXFR){ + throw std::runtime_error("Incomplete AXFR style transfer for '" + zone.toLogString() + "' from primary '" + primary.toStringWithPort()); + } + break; + case Unknown: + throw std::runtime_error("Incomplete XFR for '" + zone.toLogString() + "' from primary '" + primary.toStringWithPort()); + break; + } return processIXFRRecords(primary, zone, records, primarySOA); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pdns-4.6.0/pdns/misc.hh new/pdns-4.6.1/pdns/misc.hh --- old/pdns-4.6.0/pdns/misc.hh 2022-01-24 12:02:05.000000000 +0100 +++ new/pdns-4.6.1/pdns/misc.hh 2022-03-21 09:46:56.000000000 +0100 @@ -381,7 +381,7 @@ typedef std::atomic<AtomicCounterInner> AtomicCounter ; // FIXME400 this should probably go? -struct CIStringCompare: public std::binary_function<string, string, bool> +struct CIStringCompare { bool operator()(const string& a, const string& b) const { @@ -405,7 +405,7 @@ } }; -struct CIStringPairCompare: public std::binary_function<pair<string, uint16_t>, pair<string,uint16_t>, bool> +struct CIStringPairCompare { bool operator()(const pair<string, uint16_t>& a, const pair<string, uint16_t>& b) const {