summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-connectivity/bind')
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-9.8.1-CVE-2012-5166.patch119
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-CVE-2011-4313.patch89
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-CVE-2012-1667.patch92
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch40
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-CVE-2013-2266.patch41
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-Fix-CVE-2012-4244.patch141
-rw-r--r--meta/recipes-connectivity/bind/bind/conf.patch314
-rw-r--r--meta/recipes-connectivity/bind/bind/cross-build-fix.patch21
-rw-r--r--meta/recipes-connectivity/bind/bind/dont-test-on-host.patch13
-rw-r--r--meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch42
-rw-r--r--meta/recipes-connectivity/bind/bind/mips1-not-support-opcode.diff104
-rw-r--r--meta/recipes-connectivity/bind/bind_9.9.5.bb65
12 files changed, 1081 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind/bind-9.8.1-CVE-2012-5166.patch b/meta/recipes-connectivity/bind/bind/bind-9.8.1-CVE-2012-5166.patch
new file mode 100644
index 0000000000..0abb475adc
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-9.8.1-CVE-2012-5166.patch
@@ -0,0 +1,119 @@
1bind_Fix_for_CVE-2012-5166
2
3Upstream-Status: Backport
4
5Reference:http://launchpadlibrarian.net/119212498/bind9_1%3A9.7.3.dfsOBg
6-1ubuntu2.6_1%3A9.7.3.dfsg-1ubuntu2.7.diff.gz
7
8ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before
99.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows
10remote attackers to cause a denial of service (named daemon hang)
11via unspecified combinations of resource records.
12
13http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5166
14
15Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
16diff -urpN a/bin/named/query.c b/bin/named/query.c
17--- a/bin/named/query.c 2012-10-22 13:24:27.000000000 +0800
18+++ b/bin/named/query.c 2012-10-22 13:17:04.000000000 +0800
19@@ -1137,13 +1137,6 @@ query_isduplicate(ns_client_t *client, d
20 mname = NULL;
21 }
22
23- /*
24- * If the dns_name_t we're looking up is already in the message,
25- * we don't want to trigger the caller's name replacement logic.
26- */
27- if (name == mname)
28- mname = NULL;
29-
30 *mnamep = mname;
31
32 CTRACE("query_isduplicate: false: done");
33@@ -1341,6 +1334,7 @@ query_addadditional(void *arg, dns_name_
34 if (dns_rdataset_isassociated(rdataset) &&
35 !query_isduplicate(client, fname, type, &mname)) {
36 if (mname != NULL) {
37+ INSIST(mname != fname);
38 query_releasename(client, &fname);
39 fname = mname;
40 } else
41@@ -1401,11 +1395,13 @@ query_addadditional(void *arg, dns_name_
42 mname = NULL;
43 if (!query_isduplicate(client, fname,
44 dns_rdatatype_a, &mname)) {
45- if (mname != NULL) {
46- query_releasename(client, &fname);
47- fname = mname;
48- } else
49- need_addname = ISC_TRUE;
50+ if (mname != fname) {
51+ if (mname != NULL) {
52+ query_releasename(client, &fname);
53+ fname = mname;
54+ } else
55+ need_addname = ISC_TRUE;
56+ }
57 ISC_LIST_APPEND(fname->list, rdataset, link);
58 added_something = ISC_TRUE;
59 if (sigrdataset != NULL &&
60@@ -1444,11 +1440,13 @@ query_addadditional(void *arg, dns_name_
61 mname = NULL;
62 if (!query_isduplicate(client, fname,
63 dns_rdatatype_aaaa, &mname)) {
64- if (mname != NULL) {
65- query_releasename(client, &fname);
66- fname = mname;
67- } else
68- need_addname = ISC_TRUE;
69+ if (mname != fname) {
70+ if (mname != NULL) {
71+ query_releasename(client, &fname);
72+ fname = mname;
73+ } else
74+ need_addname = ISC_TRUE;
75+ }
76 ISC_LIST_APPEND(fname->list, rdataset, link);
77 added_something = ISC_TRUE;
78 if (sigrdataset != NULL &&
79@@ -1960,22 +1958,24 @@ query_addadditional2(void *arg, dns_name
80 crdataset->type == dns_rdatatype_aaaa) {
81 if (!query_isduplicate(client, fname, crdataset->type,
82 &mname)) {
83- if (mname != NULL) {
84- /*
85- * A different type of this name is
86- * already stored in the additional
87- * section. We'll reuse the name.
88- * Note that this should happen at most
89- * once. Otherwise, fname->link could
90- * leak below.
91- */
92- INSIST(mname0 == NULL);
93-
94- query_releasename(client, &fname);
95- fname = mname;
96- mname0 = mname;
97- } else
98- need_addname = ISC_TRUE;
99+ if (mname != fname) {
100+ if (mname != NULL) {
101+ /*
102+ * A different type of this name is
103+ * already stored in the additional
104+ * section. We'll reuse the name.
105+ * Note that this should happen at most
106+ * once. Otherwise, fname->link could
107+ * leak below.
108+ */
109+ INSIST(mname0 == NULL);
110+
111+ query_releasename(client, &fname);
112+ fname = mname;
113+ mname0 = mname;
114+ } else
115+ need_addname = ISC_TRUE;
116+ }
117 ISC_LIST_UNLINK(cfname.list, crdataset, link);
118 ISC_LIST_APPEND(fname->list, crdataset, link);
119 added_something = ISC_TRUE;
diff --git a/meta/recipes-connectivity/bind/bind/bind-CVE-2011-4313.patch b/meta/recipes-connectivity/bind/bind/bind-CVE-2011-4313.patch
new file mode 100644
index 0000000000..19d8df1c2d
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-CVE-2011-4313.patch
@@ -0,0 +1,89 @@
1The patch to fix CVE-2011-4313
2
3Upstream-Status: Backport
4
5Reference: https://www.redhat.com/security/data/cve/CVE-2011-4313.html
6
7query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV
8through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1
9through 9.9.0b1 allows remote attackers to cause a denial of service
10(assertion failure and named exit) via unknown vectors related to recursive DNS
11queries, error logging, and the caching of an invalid record by the resolver.
12
13Signed-off-by Ming Liu <ming.liu@windriver.com>
14---
15 bin/named/query.c | 19 ++++++++-----------
16 lib/dns/rbtdb.c | 4 ++--
17 2 files changed, 10 insertions(+), 13 deletions(-)
18
19--- a/bin/named/query.c
20+++ b/bin/named/query.c
21@@ -1393,11 +1393,9 @@ query_addadditional(void *arg, dns_name_
22 goto addname;
23 if (result == DNS_R_NCACHENXRRSET) {
24 dns_rdataset_disassociate(rdataset);
25- /*
26- * Negative cache entries don't have sigrdatasets.
27- */
28- INSIST(sigrdataset == NULL ||
29- ! dns_rdataset_isassociated(sigrdataset));
30+ if (sigrdataset != NULL &&
31+ dns_rdataset_isassociated(sigrdataset))
32+ dns_rdataset_disassociate(sigrdataset);
33 }
34 if (result == ISC_R_SUCCESS) {
35 mname = NULL;
36@@ -1438,8 +1436,9 @@ query_addadditional(void *arg, dns_name_
37 goto addname;
38 if (result == DNS_R_NCACHENXRRSET) {
39 dns_rdataset_disassociate(rdataset);
40- INSIST(sigrdataset == NULL ||
41- ! dns_rdataset_isassociated(sigrdataset));
42+ if (sigrdataset != NULL &&
43+ dns_rdataset_isassociated(sigrdataset))
44+ dns_rdataset_disassociate(sigrdataset);
45 }
46 if (result == ISC_R_SUCCESS) {
47 mname = NULL;
48@@ -1889,10 +1888,8 @@ query_addadditional2(void *arg, dns_name
49 goto setcache;
50 if (result == DNS_R_NCACHENXRRSET) {
51 dns_rdataset_disassociate(rdataset);
52- /*
53- * Negative cache entries don't have sigrdatasets.
54- */
55- INSIST(! dns_rdataset_isassociated(sigrdataset));
56+ if (dns_rdataset_isassociated(sigrdataset))
57+ dns_rdataset_disassociate(sigrdataset);
58 }
59 if (result == ISC_R_SUCCESS) {
60 /* Remember the result as a cache */
61--- a/lib/dns/rbtdb.c
62+++ b/lib/dns/rbtdb.c
63@@ -5053,7 +5053,7 @@ cache_find(dns_db_t *db, dns_name_t *nam
64 rdataset);
65 if (need_headerupdate(found, search.now))
66 update = found;
67- if (foundsig != NULL) {
68+ if (!NEGATIVE(found) && foundsig != NULL) {
69 bind_rdataset(search.rbtdb, node, foundsig, search.now,
70 sigrdataset);
71 if (need_headerupdate(foundsig, search.now))
72@@ -5596,7 +5596,7 @@ zone_findrdataset(dns_db_t *db, dns_dbno
73 }
74 if (found != NULL) {
75 bind_rdataset(rbtdb, rbtnode, found, now, rdataset);
76- if (foundsig != NULL)
77+ if (!NEGATIVE(found) && foundsig != NULL)
78 bind_rdataset(rbtdb, rbtnode, foundsig, now,
79 sigrdataset);
80 }
81@@ -5685,7 +5685,7 @@ cache_findrdataset(dns_db_t *db, dns_dbn
82 }
83 if (found != NULL) {
84 bind_rdataset(rbtdb, rbtnode, found, now, rdataset);
85- if (foundsig != NULL)
86+ if (!NEGATIVE(found) && foundsig != NULL)
87 bind_rdataset(rbtdb, rbtnode, foundsig, now,
88 sigrdataset);
89 }
diff --git a/meta/recipes-connectivity/bind/bind/bind-CVE-2012-1667.patch b/meta/recipes-connectivity/bind/bind/bind-CVE-2012-1667.patch
new file mode 100644
index 0000000000..c441eab65d
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-CVE-2012-1667.patch
@@ -0,0 +1,92 @@
1bind CVE-2012-1667
2
3Upstream-Status: Backport
4
5ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1,
6and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource
7records with a zero-length RDATA section, which allows remote DNS servers to
8cause a denial of service (daemon crash or data corruption) or obtain
9sensitive information from process memory via a crafted record.
10
11http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1667
12
13The cve patch comes from bind97-9.7.0-10.P2.el5_8.1.src.rpm package.
14
15Signed-off-by: Li Wang <li.wang@windriver.com>
16---
17 lib/dns/rdata.c | 8 ++++----
18 lib/dns/rdataslab.c | 11 ++++++++---
19 2 files changed, 12 insertions(+), 7 deletions(-)
20
21diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c
22index 063b1f6..9337a80 100644
23--- a/lib/dns/rdata.c
24+++ b/lib/dns/rdata.c
25@@ -325,8 +325,8 @@ dns_rdata_compare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2) {
26
27 REQUIRE(rdata1 != NULL);
28 REQUIRE(rdata2 != NULL);
29- REQUIRE(rdata1->data != NULL);
30- REQUIRE(rdata2->data != NULL);
31+ REQUIRE(rdata1->length == 0 || rdata1->data != NULL);
32+ REQUIRE(rdata2->length == 0 || rdata2->data != NULL);
33 REQUIRE(DNS_RDATA_VALIDFLAGS(rdata1));
34 REQUIRE(DNS_RDATA_VALIDFLAGS(rdata2));
35
36@@ -356,8 +356,8 @@ dns_rdata_casecompare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2) {
37
38 REQUIRE(rdata1 != NULL);
39 REQUIRE(rdata2 != NULL);
40- REQUIRE(rdata1->data != NULL);
41- REQUIRE(rdata2->data != NULL);
42+ REQUIRE(rdata1->length == 0 || rdata1->data != NULL);
43+ REQUIRE(rdata2->length == 0 || rdata2->data != NULL);
44 REQUIRE(DNS_RDATA_VALIDFLAGS(rdata1));
45 REQUIRE(DNS_RDATA_VALIDFLAGS(rdata2));
46
47diff --git a/lib/dns/rdataslab.c b/lib/dns/rdataslab.c
48index a41f16f..ed13b30 100644
49--- a/lib/dns/rdataslab.c
50+++ b/lib/dns/rdataslab.c
51@@ -125,6 +125,11 @@ isc_result_t
52 dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
53 isc_region_t *region, unsigned int reservelen)
54 {
55+ /*
56+ * Use &removed as a sentinal pointer for duplicate
57+ * rdata as rdata.data == NULL is valid.
58+ */
59+ static unsigned char removed;
60 struct xrdata *x;
61 unsigned char *rawbuf;
62 #if DNS_RDATASET_FIXED
63@@ -168,6 +173,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
64 INSIST(result == ISC_R_SUCCESS);
65 dns_rdata_init(&x[i].rdata);
66 dns_rdataset_current(rdataset, &x[i].rdata);
67+ INSIST(x[i].rdata.data != &removed);
68 #if DNS_RDATASET_FIXED
69 x[i].order = i;
70 #endif
71@@ -200,8 +206,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
72 */
73 for (i = 1; i < nalloc; i++) {
74 if (compare_rdata(&x[i-1].rdata, &x[i].rdata) == 0) {
75- x[i-1].rdata.data = NULL;
76- x[i-1].rdata.length = 0;
77+ x[i-1].rdata.data = &removed;
78 #if DNS_RDATASET_FIXED
79 /*
80 * Preserve the least order so A, B, A -> A, B
81@@ -291,7 +296,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
82 #endif
83
84 for (i = 0; i < nalloc; i++) {
85- if (x[i].rdata.data == NULL)
86+ if (x[i].rdata.data == &removed)
87 continue;
88 #if DNS_RDATASET_FIXED
89 offsettable[x[i].order] = rawbuf - offsetbase;
90--
911.7.0.5
92
diff --git a/meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch b/meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch
new file mode 100644
index 0000000000..1e159bd2f8
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch
@@ -0,0 +1,40 @@
1bind: fix for CVE-2012-3817
2
3Upstream-Status: Backport
4
5ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2;
69.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation
7is enabled, does not properly initialize the failing-query cache, which allows
8remote attackers to cause a denial of service (assertion failure and daemon exit)
9by sending many queries.
10
11http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3817
12
13This patch is back-ported from bind-9.3.6-20.P1.el5_8.2.src.rpm package.
14
15Signed-off-by: Ming Liu <ming.liu@windriver.com>
16---
17 resolver.c | 5 +++--
18 1 file changed, 3 insertions(+), 2 deletions(-)
19
20--- a/lib/dns/resolver.c
21+++ b/lib/dns/resolver.c
22@@ -8318,6 +8318,7 @@ dns_resolver_addbadcache(dns_resolver_t
23 goto cleanup;
24 bad->type = type;
25 bad->hashval = hashval;
26+ bad->expire = *expire;
27 isc_buffer_init(&buffer, bad + 1, name->length);
28 dns_name_init(&bad->name, NULL);
29 dns_name_copy(name, &bad->name, &buffer);
30@@ -8329,8 +8330,8 @@ dns_resolver_addbadcache(dns_resolver_t
31 if (resolver->badcount < resolver->badhash * 2 &&
32 resolver->badhash > DNS_BADCACHE_SIZE)
33 resizehash(resolver, &now, ISC_FALSE);
34- }
35- bad->expire = *expire;
36+ } else
37+ bad->expire = *expire;
38 cleanup:
39 UNLOCK(&resolver->lock);
40 }
diff --git a/meta/recipes-connectivity/bind/bind/bind-CVE-2013-2266.patch b/meta/recipes-connectivity/bind/bind/bind-CVE-2013-2266.patch
new file mode 100644
index 0000000000..7ec6deb714
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-CVE-2013-2266.patch
@@ -0,0 +1,41 @@
1bind: fix for CVE-2013-2266
2
3Upstream-Status: Backport
4
5libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2,
69.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows
7remote attackers to cause a denial of service (memory consumption) via a
8crafted regular expression, as demonstrated by a memory-exhaustion attack
9against a machine running a named process.
10
11http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2266
12
13Signed-off-by Ming Liu <ming.liu@windriver.com>
14---
15 config.h.in | 3 ---
16 configure.in | 2 +-
17 2 files changed, 1 insertion(+), 4 deletions(-)
18
19--- a/config.h.in
20+++ b/config.h.in
21@@ -277,9 +277,6 @@ int sigwait(const unsigned int *set, int
22 /* Define if your OpenSSL version supports GOST. */
23 #undef HAVE_OPENSSL_GOST
24
25-/* Define to 1 if you have the <regex.h> header file. */
26-#undef HAVE_REGEX_H
27-
28 /* Define to 1 if you have the `setegid' function. */
29 #undef HAVE_SETEGID
30
31--- a/configure.in
32+++ b/configure.in
33@@ -279,7 +279,7 @@ esac
34
35 AC_HEADER_STDC
36
37-AC_CHECK_HEADERS(fcntl.h regex.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,,
38+AC_CHECK_HEADERS(fcntl.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,,
39 [$ac_includes_default
40 #ifdef HAVE_SYS_PARAM_H
41 # include <sys/param.h>
diff --git a/meta/recipes-connectivity/bind/bind/bind-Fix-CVE-2012-4244.patch b/meta/recipes-connectivity/bind/bind/bind-Fix-CVE-2012-4244.patch
new file mode 100644
index 0000000000..5dd6f69e45
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-Fix-CVE-2012-4244.patch
@@ -0,0 +1,141 @@
1bind_Fix_for_CVE-2012-4244
2
3Upstream-Status: Backport
4
5Reference:https://bugzilla.novell.com/attachment.cgi?id=505661&action=edit
6
7ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3,
8 and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to
9cause a denial of service (assertion failure and named daemon exit) via
10a query for a long resource record.
11
12Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
13
14diff -urpN a/lib/dns/include/dns/rdata.h b/lib/dns/include/dns/rdata.h
15--- a/lib/dns/include/dns/rdata.h 2012-10-08 12:19:42.000000000 +0800
16+++ b/lib/dns/include/dns/rdata.h 2012-10-08 11:26:43.000000000 +0800
17@@ -147,6 +147,17 @@ struct dns_rdata {
18 (((rdata)->flags & ~(DNS_RDATA_UPDATE|DNS_RDATA_OFFLINE)) == 0)
19
20 /*
21+ * The maximum length of a RDATA that can be sent on the wire.
22+ * Max packet size (65535) less header (12), less name (1), type (2),
23+ * class (2), ttl(4), length (2).
24+ *
25+ * None of the defined types that support name compression can exceed
26+ * this and all new types are to be sent uncompressed.
27+ */
28+
29+#define DNS_RDATA_MAXLENGTH 65512U
30+
31+/*
32 * Flags affecting rdata formatting style. Flags 0xFFFF0000
33 * are used by masterfile-level formatting and defined elsewhere.
34 * See additional comments at dns_rdata_tofmttext().
35diff -urpN a/lib/dns/master.c b/lib/dns/master.c
36--- a/lib/dns/master.c 2012-10-08 12:19:42.000000000 +0800
37+++ b/lib/dns/master.c 2012-10-08 11:27:06.000000000 +0800
38@@ -75,7 +75,7 @@
39 /*%
40 * max message size - header - root - type - class - ttl - rdlen
41 */
42-#define MINTSIZ (65535 - 12 - 1 - 2 - 2 - 4 - 2)
43+#define MINTSIZ DNS_RDATA_MAXLENGTH
44 /*%
45 * Size for tokens in the presentation format,
46 * The largest tokens are the base64 blocks in KEY and CERT records,
47diff -urpN a/lib/dns/rdata.c b/lib/dns/rdata.c
48--- a/lib/dns/rdata.c 2012-10-08 12:19:42.000000000 +0800
49+++ b/lib/dns/rdata.c 2012-10-08 11:27:27.000000000 +0800
50@@ -425,6 +425,7 @@ dns_rdata_fromwire(dns_rdata_t *rdata, d
51 isc_buffer_t st;
52 isc_boolean_t use_default = ISC_FALSE;
53 isc_uint32_t activelength;
54+ size_t length;
55
56 REQUIRE(dctx != NULL);
57 if (rdata != NULL) {
58@@ -455,6 +456,14 @@ dns_rdata_fromwire(dns_rdata_t *rdata, d
59 }
60
61 /*
62+ * Reject any rdata that expands out to more than DNS_RDATA_MAXLENGTH
63+ * as we cannot transmit it.
64+ */
65+ length = isc_buffer_usedlength(target) - isc_buffer_usedlength(&st);
66+ if (result == ISC_R_SUCCESS && length > DNS_RDATA_MAXLENGTH)
67+ result = DNS_R_FORMERR;
68+
69+ /*
70 * We should have consumed all of our buffer.
71 */
72 if (result == ISC_R_SUCCESS && !buffer_empty(source))
73@@ -462,8 +471,7 @@ dns_rdata_fromwire(dns_rdata_t *rdata, d
74
75 if (rdata != NULL && result == ISC_R_SUCCESS) {
76 region.base = isc_buffer_used(&st);
77- region.length = isc_buffer_usedlength(target) -
78- isc_buffer_usedlength(&st);
79+ region.length = length;
80 dns_rdata_fromregion(rdata, rdclass, type, &region);
81 }
82
83@@ -598,6 +606,7 @@ dns_rdata_fromtext(dns_rdata_t *rdata, d
84 unsigned long line;
85 void (*callback)(dns_rdatacallbacks_t *, const char *, ...);
86 isc_result_t tresult;
87+ size_t length;
88
89 REQUIRE(origin == NULL || dns_name_isabsolute(origin) == ISC_TRUE);
90 if (rdata != NULL) {
91@@ -670,10 +679,13 @@ dns_rdata_fromtext(dns_rdata_t *rdata, d
92 }
93 } while (1);
94
95+ length = isc_buffer_usedlength(target) - isc_buffer_usedlength(&st);
96+ if (result == ISC_R_SUCCESS && length > DNS_RDATA_MAXLENGTH)
97+ result = ISC_R_NOSPACE;
98+
99 if (rdata != NULL && result == ISC_R_SUCCESS) {
100 region.base = isc_buffer_used(&st);
101- region.length = isc_buffer_usedlength(target) -
102- isc_buffer_usedlength(&st);
103+ region.length = length;
104 dns_rdata_fromregion(rdata, rdclass, type, &region);
105 }
106 if (result != ISC_R_SUCCESS) {
107@@ -781,6 +793,7 @@ dns_rdata_fromstruct(dns_rdata_t *rdata,
108 isc_buffer_t st;
109 isc_region_t region;
110 isc_boolean_t use_default = ISC_FALSE;
111+ size_t length;
112
113 REQUIRE(source != NULL);
114 if (rdata != NULL) {
115@@ -795,10 +808,13 @@ dns_rdata_fromstruct(dns_rdata_t *rdata,
116 if (use_default)
117 (void)NULL;
118
119+ length = isc_buffer_usedlength(target) - isc_buffer_usedlength(&st);
120+ if (result == ISC_R_SUCCESS && length > DNS_RDATA_MAXLENGTH)
121+ result = ISC_R_NOSPACE;
122+
123 if (rdata != NULL && result == ISC_R_SUCCESS) {
124 region.base = isc_buffer_used(&st);
125- region.length = isc_buffer_usedlength(target) -
126- isc_buffer_usedlength(&st);
127+ region.length = length;
128 dns_rdata_fromregion(rdata, rdclass, type, &region);
129 }
130 if (result != ISC_R_SUCCESS)
131diff -urpN a/lib/dns/rdataslab.c b/lib/dns/rdataslab.c
132--- a/lib/dns/rdataslab.c 2012-10-08 12:19:42.000000000 +0800
133+++ b/lib/dns/rdataslab.c 2012-10-08 11:27:54.000000000 +0800
134@@ -304,6 +304,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_
135 length = x[i].rdata.length;
136 if (rdataset->type == dns_rdatatype_rrsig)
137 length++;
138+ INSIST(length <= 0xffff);
139 *rawbuf++ = (length & 0xff00) >> 8;
140 *rawbuf++ = (length & 0x00ff);
141 #if DNS_RDATASET_FIXED
diff --git a/meta/recipes-connectivity/bind/bind/conf.patch b/meta/recipes-connectivity/bind/bind/conf.patch
new file mode 100644
index 0000000000..2785c6a22f
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/conf.patch
@@ -0,0 +1,314 @@
1Upstream-Status: Inappropriate [configuration]
2
3the patch is imported from openembedded project
4
511/30/2010 - Qing He <qing.he@intel.com>
6
7diff -urN bind-9.3.1.orig/conf/db.0 bind-9.3.1/conf/db.0
8--- bind-9.3.1.orig/conf/db.0 1970-01-01 01:00:00.000000000 +0100
9+++ bind-9.3.1/conf/db.0 2005-07-10 22:14:00.000000000 +0200
10@@ -0,0 +1,12 @@
11+;
12+; BIND reverse data file for broadcast zone
13+;
14+$TTL 604800
15+@ IN SOA localhost. root.localhost. (
16+ 1 ; Serial
17+ 604800 ; Refresh
18+ 86400 ; Retry
19+ 2419200 ; Expire
20+ 604800 ) ; Negative Cache TTL
21+;
22+@ IN NS localhost.
23diff -urN bind-9.3.1.orig/conf/db.127 bind-9.3.1/conf/db.127
24--- bind-9.3.1.orig/conf/db.127 1970-01-01 01:00:00.000000000 +0100
25+++ bind-9.3.1/conf/db.127 2005-07-10 22:14:00.000000000 +0200
26@@ -0,0 +1,13 @@
27+;
28+; BIND reverse data file for local loopback interface
29+;
30+$TTL 604800
31+@ IN SOA localhost. root.localhost. (
32+ 1 ; Serial
33+ 604800 ; Refresh
34+ 86400 ; Retry
35+ 2419200 ; Expire
36+ 604800 ) ; Negative Cache TTL
37+;
38+@ IN NS localhost.
39+1.0.0 IN PTR localhost.
40diff -urN bind-9.3.1.orig/conf/db.empty bind-9.3.1/conf/db.empty
41--- bind-9.3.1.orig/conf/db.empty 1970-01-01 01:00:00.000000000 +0100
42+++ bind-9.3.1/conf/db.empty 2005-07-10 22:14:00.000000000 +0200
43@@ -0,0 +1,14 @@
44+; BIND reverse data file for empty rfc1918 zone
45+;
46+; DO NOT EDIT THIS FILE - it is used for multiple zones.
47+; Instead, copy it, edit named.conf, and use that copy.
48+;
49+$TTL 86400
50+@ IN SOA localhost. root.localhost. (
51+ 1 ; Serial
52+ 604800 ; Refresh
53+ 86400 ; Retry
54+ 2419200 ; Expire
55+ 86400 ) ; Negative Cache TTL
56+;
57+@ IN NS localhost.
58diff -urN bind-9.3.1.orig/conf/db.local bind-9.3.1/conf/db.local
59--- bind-9.3.1.orig/conf/db.local 1970-01-01 01:00:00.000000000 +0100
60+++ bind-9.3.1/conf/db.local 2005-07-10 22:14:00.000000000 +0200
61@@ -0,0 +1,13 @@
62+;
63+; BIND data file for local loopback interface
64+;
65+$TTL 604800
66+@ IN SOA localhost. root.localhost. (
67+ 1 ; Serial
68+ 604800 ; Refresh
69+ 86400 ; Retry
70+ 2419200 ; Expire
71+ 604800 ) ; Negative Cache TTL
72+;
73+@ IN NS localhost.
74+@ IN A 127.0.0.1
75diff -urN bind-9.3.1.orig/conf/db.root bind-9.3.1/conf/db.root
76--- bind-9.3.1.orig/conf/db.root 1970-01-01 01:00:00.000000000 +0100
77+++ bind-9.3.1/conf/db.root 2005-07-10 22:14:00.000000000 +0200
78@@ -0,0 +1,45 @@
79+
80+; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net.
81+;; global options: printcmd
82+;; Got answer:
83+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944
84+;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
85+
86+;; QUESTION SECTION:
87+;. IN NS
88+
89+;; ANSWER SECTION:
90+. 518400 IN NS A.ROOT-SERVERS.NET.
91+. 518400 IN NS B.ROOT-SERVERS.NET.
92+. 518400 IN NS C.ROOT-SERVERS.NET.
93+. 518400 IN NS D.ROOT-SERVERS.NET.
94+. 518400 IN NS E.ROOT-SERVERS.NET.
95+. 518400 IN NS F.ROOT-SERVERS.NET.
96+. 518400 IN NS G.ROOT-SERVERS.NET.
97+. 518400 IN NS H.ROOT-SERVERS.NET.
98+. 518400 IN NS I.ROOT-SERVERS.NET.
99+. 518400 IN NS J.ROOT-SERVERS.NET.
100+. 518400 IN NS K.ROOT-SERVERS.NET.
101+. 518400 IN NS L.ROOT-SERVERS.NET.
102+. 518400 IN NS M.ROOT-SERVERS.NET.
103+
104+;; ADDITIONAL SECTION:
105+A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
106+B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
107+C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
108+D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
109+E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
110+F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
111+G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
112+H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
113+I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
114+J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
115+K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
116+L.ROOT-SERVERS.NET. 3600000 IN A 198.32.64.12
117+M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33
118+
119+;; Query time: 81 msec
120+;; SERVER: 198.41.0.4#53(a.root-servers.net.)
121+;; WHEN: Sun Feb 1 11:27:14 2004
122+;; MSG SIZE rcvd: 436
123+
124diff -urN bind-9.3.1.orig/conf/named.conf bind-9.3.1/conf/named.conf
125--- bind-9.3.1.orig/conf/named.conf 1970-01-01 01:00:00.000000000 +0100
126+++ bind-9.3.1/conf/named.conf 2005-07-10 22:33:46.000000000 +0200
127@@ -0,0 +1,49 @@
128+// This is the primary configuration file for the BIND DNS server named.
129+//
130+// If you are just adding zones, please do that in /etc/bind/named.conf.local
131+
132+include "/etc/bind/named.conf.options";
133+
134+// prime the server with knowledge of the root servers
135+zone "." {
136+ type hint;
137+ file "/etc/bind/db.root";
138+};
139+
140+// be authoritative for the localhost forward and reverse zones, and for
141+// broadcast zones as per RFC 1912
142+
143+zone "localhost" {
144+ type master;
145+ file "/etc/bind/db.local";
146+};
147+
148+zone "127.in-addr.arpa" {
149+ type master;
150+ file "/etc/bind/db.127";
151+};
152+
153+zone "0.in-addr.arpa" {
154+ type master;
155+ file "/etc/bind/db.0";
156+};
157+
158+zone "255.in-addr.arpa" {
159+ type master;
160+ file "/etc/bind/db.255";
161+};
162+
163+// zone "com" { type delegation-only; };
164+// zone "net" { type delegation-only; };
165+
166+// From the release notes:
167+// Because many of our users are uncomfortable receiving undelegated answers
168+// from root or top level domains, other than a few for whom that behaviour
169+// has been trusted and expected for quite some length of time, we have now
170+// introduced the "root-delegations-only" feature which applies delegation-only
171+// logic to all top level domains, and to the root domain. An exception list
172+// should be specified, including "MUSEUM" and "DE", and any other top level
173+// domains from whom undelegated responses are expected and trusted.
174+// root-delegation-only exclude { "DE"; "MUSEUM"; };
175+
176+include "/etc/bind/named.conf.local";
177diff -urN bind-9.3.1.orig/conf/named.conf.local bind-9.3.1/conf/named.conf.local
178--- bind-9.3.1.orig/conf/named.conf.local 1970-01-01 01:00:00.000000000 +0100
179+++ bind-9.3.1/conf/named.conf.local 2005-07-10 22:14:06.000000000 +0200
180@@ -0,0 +1,8 @@
181+//
182+// Do any local configuration here
183+//
184+
185+// Consider adding the 1918 zones here, if they are not used in your
186+// organization
187+//include "/etc/bind/zones.rfc1918";
188+
189diff -urN bind-9.3.1.orig/conf/named.conf.options bind-9.3.1/conf/named.conf.options
190--- bind-9.3.1.orig/conf/named.conf.options 1970-01-01 01:00:00.000000000 +0100
191+++ bind-9.3.1/conf/named.conf.options 2005-07-10 22:14:06.000000000 +0200
192@@ -0,0 +1,24 @@
193+options {
194+ directory "/var/cache/bind";
195+
196+ // If there is a firewall between you and nameservers you want
197+ // to talk to, you might need to uncomment the query-source
198+ // directive below. Previous versions of BIND always asked
199+ // questions using port 53, but BIND 8.1 and later use an unprivileged
200+ // port by default.
201+
202+ // query-source address * port 53;
203+
204+ // If your ISP provided one or more IP addresses for stable
205+ // nameservers, you probably want to use them as forwarders.
206+ // Uncomment the following block, and insert the addresses replacing
207+ // the all-0's placeholder.
208+
209+ // forwarders {
210+ // 0.0.0.0;
211+ // };
212+
213+ auth-nxdomain no; # conform to RFC1035
214+
215+};
216+
217diff -urN bind-9.3.1.orig/conf/zones.rfc1918 bind-9.3.1/conf/zones.rfc1918
218--- bind-9.3.1.orig/conf/zones.rfc1918 1970-01-01 01:00:00.000000000 +0100
219+++ bind-9.3.1/conf/zones.rfc1918 2005-07-10 22:14:10.000000000 +0200
220@@ -0,0 +1,20 @@
221+zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
222+
223+zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
224+zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
225+zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
226+zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
227+zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
228+zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
229+zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
230+zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
231+zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
232+zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
233+zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
234+zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
235+zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
236+zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
237+zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
238+zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
239+
240+zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
241diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d
242--- bind-9.3.1.orig/init.d 1970-01-01 01:00:00.000000000 +0100
243+++ bind-9.3.1/init.d 2005-07-10 23:09:58.000000000 +0200
244@@ -0,0 +1,70 @@
245+#!/bin/sh
246+
247+PATH=/sbin:/bin:/usr/sbin:/usr/bin
248+
249+# for a chrooted server: "-u bind -t /var/lib/named"
250+# Don't modify this line, change or create /etc/default/bind9.
251+OPTIONS=""
252+
253+test -f /etc/default/bind9 && . /etc/default/bind9
254+
255+test -x /usr/sbin/rndc || exit 0
256+
257+case "$1" in
258+ start)
259+ echo -n "Starting domain name service: named"
260+
261+ modprobe capability >/dev/null 2>&1 || true
262+ if [ ! -f /etc/bind/rndc.key ]; then
263+ /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom
264+ chown 0640 /etc/bind/rndc.key
265+ fi
266+ if [ -f /var/run/named/named.pid ]; then
267+ ps `cat /var/run/named/named.pid` > /dev/null && exit 1
268+ fi
269+
270+ # dirs under /var/run can go away on reboots.
271+ mkdir -p /var/run/named
272+ mkdir -p /var/cache/bind
273+ chmod 775 /var/run/named
274+ chown root:bind /var/run/named >/dev/null 2>&1 || true
275+
276+ if [ ! -x /usr/sbin/named ]; then
277+ echo "named binary missing - not starting"
278+ exit 1
279+ fi
280+ if start-stop-daemon --start --quiet --exec /usr/sbin/named \
281+ --pidfile /var/run/named/named.pid -- $OPTIONS; then
282+ if [ -x /sbin/resolvconf ] ; then
283+ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo
284+ fi
285+ fi
286+ echo "."
287+ ;;
288+
289+ stop)
290+ echo -n "Stopping domain name service: named"
291+ if [ -x /sbin/resolvconf ]; then
292+ /sbin/resolvconf -d lo
293+ fi
294+ /usr/sbin/rndc stop >/dev/null 2>&1
295+ echo "."
296+ ;;
297+
298+ reload)
299+ /usr/sbin/rndc reload
300+ ;;
301+
302+ restart|force-reload)
303+ $0 stop
304+ sleep 2
305+ $0 start
306+ ;;
307+
308+ *)
309+ echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2
310+ exit 1
311+ ;;
312+esac
313+
314+exit 0
diff --git a/meta/recipes-connectivity/bind/bind/cross-build-fix.patch b/meta/recipes-connectivity/bind/bind/cross-build-fix.patch
new file mode 100644
index 0000000000..4c37b6b00c
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/cross-build-fix.patch
@@ -0,0 +1,21 @@
1Upstream-Status: Inappropriate [configuration]
2
311/30/2010
4gen.c should be build by ${BUILD_CC}
5
6Signed-off-by: Qing He <qing.he@intel.com>
7
8diff --git a/lib/export/dns/Makefile.in b/lib/export/dns/Makefile.in
9index aeadf57..d3fae74 100644
10--- a/lib/export/dns/Makefile.in
11+++ b/lib/export/dns/Makefile.in
12@@ -166,7 +166,8 @@ code.h: gen
13 ./gen -s ${srcdir} > code.h
14
15 gen: ${srcdir}/gen.c
16- ${CC} ${ALL_CFLAGS} ${LDFLAGS} -o $@ ${srcdir}/gen.c ${LIBS}
17+ ${BUILD_CC} ${BUILD_CFLAGS} -I${top_srcdir}/lib/isc/include \
18+ ${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} -o $@ ${srcdir}/gen.c ${BUILD_LIBS}
19
20 #We don't need rbtdb64 for this library
21 #rbtdb64.@O@: rbtdb.c
diff --git a/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch b/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch
new file mode 100644
index 0000000000..89207404b5
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch
@@ -0,0 +1,13 @@
1Index: bind-9.9.5/bin/Makefile.in
2===================================================================
3--- bind-9.9.5.orig/bin/Makefile.in
4+++ bind-9.9.5/bin/Makefile.in
5@@ -19,7 +19,7 @@ srcdir = @srcdir@
6 VPATH = @srcdir@
7 top_srcdir = @top_srcdir@
8
9-SUBDIRS = named rndc dig dnssec tools tests nsupdate \
10+SUBDIRS = named rndc dig dnssec tools nsupdate \
11 check confgen @PYTHON_TOOLS@ @PKCS11_TOOLS@
12 TARGETS =
13
diff --git a/meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch b/meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch
new file mode 100644
index 0000000000..146f3e35db
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch
@@ -0,0 +1,42 @@
1bind: make "/etc/init.d/bind stop" work
2
3Upstream-Status: Inappropriate [configuration]
4
5Add some configurations, make rndc command be able to controls
6the named daemon.
7
8Signed-off-by: Roy Li <rongqing.li@windriver.com>
9---
10 conf/named.conf | 5 +++++
11 conf/rndc.conf | 5 +++++
12 2 files changed, 10 insertions(+), 0 deletions(-)
13 create mode 100644 conf/rndc.conf
14
15diff --git a/conf/named.conf b/conf/named.conf
16index 95829cf..c8899e7 100644
17--- a/conf/named.conf
18+++ b/conf/named.conf
19@@ -47,3 +47,8 @@ zone "255.in-addr.arpa" {
20 // root-delegation-only exclude { "DE"; "MUSEUM"; };
21
22 include "/etc/bind/named.conf.local";
23+include "/etc/bind/rndc.key" ;
24+controls {
25+ inet 127.0.0.1 allow { localhost; }
26+ keys { rndc-key; };
27+};
28diff --git a/conf/rndc.conf b/conf/rndc.conf
29new file mode 100644
30index 0000000..a0b481d
31--- /dev/null
32+++ b/conf/rndc.conf
33@@ -0,0 +1,5 @@
34+include "/etc/bind/rndc.key";
35+options {
36+ default-server localhost;
37+ default-key rndc-key;
38+};
39
40--
411.7.5.4
42
diff --git a/meta/recipes-connectivity/bind/bind/mips1-not-support-opcode.diff b/meta/recipes-connectivity/bind/bind/mips1-not-support-opcode.diff
new file mode 100644
index 0000000000..2930796b6a
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/mips1-not-support-opcode.diff
@@ -0,0 +1,104 @@
1bind: port a patch to fix a build failure
2
3mips1 does not support ll and sc instructions, and lead to below error, now
4we port a patch from debian to fix it
5[http://security.debian.org/debian-security/pool/updates/main/b/bind9/bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1.diff.gz]
6
7| {standard input}: Assembler messages:
8| {standard input}:47: Error: Opcode not supported on this processor: mips1 (mips1) `ll $3,0($6)'
9| {standard input}:50: Error: Opcode not supported on this processor: mips1 (mips1) `sc $3,0($6)'
10
11Upstream-Status: Pending
12
13Signed-off-by: Roy Li <rongqing.li@windriver.com>
14
15--- bind9-9.8.4.dfsg.P1.orig/lib/isc/mips/include/isc/atomic.h
16+++ bind9-9.8.4.dfsg.P1/lib/isc/mips/include/isc/atomic.h
17@@ -31,18 +31,20 @@
18 isc_atomic_xadd(isc_int32_t *p, int val) {
19 isc_int32_t orig;
20
21- /* add is a cheat, since MIPS has no mov instruction */
22- __asm__ volatile (
23- "1:"
24- "ll $3, %1\n"
25- "add %0, $0, $3\n"
26- "add $3, $3, %2\n"
27- "sc $3, %1\n"
28- "beq $3, 0, 1b"
29- : "=&r"(orig)
30- : "m"(*p), "r"(val)
31- : "memory", "$3"
32- );
33+ __asm__ __volatile__ (
34+ " .set push \n"
35+ " .set mips2 \n"
36+ " .set noreorder \n"
37+ " .set noat \n"
38+ "1: ll $1, %1 \n"
39+ " addu %0, $1, %2 \n"
40+ " sc %0, %1 \n"
41+ " beqz %0, 1b \n"
42+ " move %0, $1 \n"
43+ " .set pop \n"
44+ : "=&r" (orig), "+R" (*p)
45+ : "r" (val)
46+ : "memory");
47
48 return (orig);
49 }
50@@ -52,16 +54,7 @@
51 */
52 static inline void
53 isc_atomic_store(isc_int32_t *p, isc_int32_t val) {
54- __asm__ volatile (
55- "1:"
56- "ll $3, %0\n"
57- "add $3, $0, %1\n"
58- "sc $3, %0\n"
59- "beq $3, 0, 1b"
60- :
61- : "m"(*p), "r"(val)
62- : "memory", "$3"
63- );
64+ *p = val;
65 }
66
67 /*
68@@ -72,20 +65,23 @@
69 static inline isc_int32_t
70 isc_atomic_cmpxchg(isc_int32_t *p, int cmpval, int val) {
71 isc_int32_t orig;
72+ isc_int32_t tmp;
73
74- __asm__ volatile(
75- "1:"
76- "ll $3, %1\n"
77- "add %0, $0, $3\n"
78- "bne $3, %2, 2f\n"
79- "add $3, $0, %3\n"
80- "sc $3, %1\n"
81- "beq $3, 0, 1b\n"
82- "2:"
83- : "=&r"(orig)
84- : "m"(*p), "r"(cmpval), "r"(val)
85- : "memory", "$3"
86- );
87+ __asm__ __volatile__ (
88+ " .set push \n"
89+ " .set mips2 \n"
90+ " .set noreorder \n"
91+ " .set noat \n"
92+ "1: ll $1, %1 \n"
93+ " bne $1, %3, 2f \n"
94+ " move %2, %4 \n"
95+ " sc %2, %1 \n"
96+ " beqz %2, 1b \n"
97+ "2: move %0, $1 \n"
98+ " .set pop \n"
99+ : "=&r"(orig), "+R" (*p), "=r" (tmp)
100+ : "r"(cmpval), "r"(val)
101+ : "memory");
102
103 return (orig);
104 }
diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb
new file mode 100644
index 0000000000..604deb6236
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb
@@ -0,0 +1,65 @@
1SUMMARY = "ISC Internet Domain Name Server"
2HOMEPAGE = "http://www.isc.org/sw/bind/"
3SECTION = "console/network"
4
5LICENSE = "ISC & BSD"
6LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=a3df5f651469919a0e6cb42f84fb6ff1"
7
8DEPENDS = "openssl libcap"
9
10SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
11 file://conf.patch \
12 file://cross-build-fix.patch \
13 file://make-etc-initd-bind-stop-work.patch \
14 file://mips1-not-support-opcode.diff \
15 file://dont-test-on-host.patch \
16 "
17
18SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e"
19SRC_URI[sha256sum] = "d4b64c1dde442145a316679acff2df4008aa117ae52dfa3a6bc69efecc7840d1"
20
21# --enable-exportlib is necessary for building dhcp
22ENABLE_IPV6 = "--enable-ipv6=${@base_contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}"
23EXTRA_OECONF = " ${ENABLE_IPV6} --with-randomdev=/dev/random --disable-threads \
24 --disable-devpoll --disable-epoll --with-gost=no \
25 --with-gssapi=no --with-ecdsa=yes \
26 --sysconfdir=${sysconfdir}/bind \
27 --with-openssl=${STAGING_LIBDIR}/.. --with-libxml2=${STAGING_LIBDIR}/.. \
28 --enable-exportlib --with-export-includedir=${includedir} --with-export-libdir=${libdir} \
29 "
30inherit autotools-brokensep update-rc.d
31
32INITSCRIPT_NAME = "bind"
33INITSCRIPT_PARAMS = "defaults"
34
35PARALLEL_MAKE = ""
36
37RDEPENDS_${PN} = "python-core"
38
39PACKAGES_prepend = " ${PN}-utils "
40FILES_${PN}-utils = "${bindir}/host ${bindir}/dig"
41FILES_${PN}-dev += "${bindir}/isc-config.h"
42
43do_install_append() {
44 rm "${D}${bindir}/nslookup"
45 rm "${D}${mandir}/man1/nslookup.1"
46 rmdir "${D}${localstatedir}/run"
47 rmdir --ignore-fail-on-non-empty "${D}${localstatedir}"
48 install -d "${D}${sysconfdir}/bind"
49 install -d "${D}${sysconfdir}/init.d"
50 install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/"
51 install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind"
52 sed -i -e '1s,#!.*python,#! /usr/bin/env python,' ${D}${sbindir}/dnssec-coverage ${D}${sbindir}/dnssec-checkds
53}
54
55CONFFILES_${PN} = " \
56 ${sysconfdir}/bind/named.conf \
57 ${sysconfdir}/bind/named.conf.local \
58 ${sysconfdir}/bind/named.conf.options \
59 ${sysconfdir}/bind/db.0 \
60 ${sysconfdir}/bind/db.127 \
61 ${sysconfdir}/bind/db.empty \
62 ${sysconfdir}/bind/db.local \
63 ${sysconfdir}/bind/db.root \
64 "
65