From c026c365eb66dc85e6eee3fa477222c4da3a0ca8 Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Sun, 1 Jul 2018 15:53:20 -0700 Subject: dhcp: update 4.4.1 include several CVE fixes. CVE: CVE-2018-5733 CVE: CVE-2018-5732 LIC_CHKSUM_FILE updated to SPFX format https://kb.isc.org/article/AA-01571 remove several patches now included in update. Shared libarary support is now enabled in configure+lt, use it and revert to autotools-brokensep Refresh patches Aligns support with bind 9.11.x Add libxml2 support to configure.ac+lt (From OE-Core rev: 7cb42ae87ef929bf7e08c559f09dc224c6e3d314) Signed-off-by: Armin Kuster Signed-off-by: Richard Purdie --- ...all-to-isc_app_ctxstart-to-not-get-signal.patch | 81 ---------------------- 1 file changed, 81 deletions(-) delete mode 100644 meta/recipes-connectivity/dhcp/dhcp/0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch (limited to 'meta/recipes-connectivity/dhcp/dhcp/0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch') diff --git a/meta/recipes-connectivity/dhcp/dhcp/0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch b/meta/recipes-connectivity/dhcp/dhcp/0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch deleted file mode 100644 index 67bb4631ae..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch +++ /dev/null @@ -1,81 +0,0 @@ -From 37725f3e22edb50e0ca2d1fff971321a5a4d5112 Mon Sep 17 00:00:00 2001 -From: Hongxu Jia -Date: Wed, 12 Jul 2017 03:05:13 -0400 -Subject: [PATCH 11/11] Moved the call to isc_app_ctxstart() to not get signal - block by all threads - -Signed-off-by: Francis Dupont - -In https://source.isc.org/git/bind9.git, since the following -commit applied: -... -commit b99bfa184bc9375421b5df915eea7dfac6a68a99 -Author: Evan Hunt -Date: Wed Apr 10 13:49:57 2013 -0700 - - [master] unify internal and export libraries - - 3550. [func] Unified the internal and export versions of the - BIND libraries, allowing external clients to use - the same libraries as BIND. [RT #33131] -... -(git show b99bfa184bc9375421b5df915eea7dfac6a68a99 -- ./lib/isc/unix/app.c) - -In this commit, if bind9 enable threads(ISC_PLATFORM_USETHREADS), -it blocks signal SIGHUP, SIGINT and SIGTERM in isc__app_ctxstart. -Which caused dhclient/dhcpd could not be stopped by SIGTERM. - -It caused systemd's reboot hung which send SIGTERM by default. - -Upstream-Status: Backport [https://source.isc.org/git/dhcp.git] -Signed-off-by: Hongxu Jia ---- - omapip/isclib.c | 25 +++++++++++++++---------- - 1 file changed, 15 insertions(+), 10 deletions(-) - -diff --git a/omapip/isclib.c b/omapip/isclib.c -index ce86490..6a04345 100644 ---- a/omapip/isclib.c -+++ b/omapip/isclib.c -@@ -185,16 +185,6 @@ dhcp_context_create(int flags, - if (result != ISC_R_SUCCESS) - goto cleanup; - -- result = isc_app_ctxstart(dhcp_gbl_ctx.actx); -- if (result != ISC_R_SUCCESS) -- return (result); -- dhcp_gbl_ctx.actx_started = ISC_TRUE; -- -- /* Not all OSs support suppressing SIGPIPE through socket -- * options, so set the sigal action to be ignore. This allows -- * broken connections to fail gracefully with EPIPE on writes */ -- handle_signal(SIGPIPE, SIG_IGN); -- - result = isc_taskmgr_createinctx(dhcp_gbl_ctx.mctx, - dhcp_gbl_ctx.actx, - 1, 0, -@@ -217,6 +207,21 @@ dhcp_context_create(int flags, - result = isc_task_create(dhcp_gbl_ctx.taskmgr, 0, &dhcp_gbl_ctx.task); - if (result != ISC_R_SUCCESS) - goto cleanup; -+ -+ result = isc_app_ctxstart(dhcp_gbl_ctx.actx); -+ if (result != ISC_R_SUCCESS) -+ return (result); -+ dhcp_gbl_ctx.actx_started = ISC_TRUE; -+ -+ /* Not all OSs support suppressing SIGPIPE through socket -+ * options, so set the sigal action to be ignore. This allows -+ * broken connections to fail gracefully with EPIPE on writes */ -+ handle_signal(SIGPIPE, SIG_IGN); -+ -+ /* Reset handlers installed by isc_app_ctxstart() -+ * to default for control-c and kill */ -+ handle_signal(SIGINT, SIG_DFL); -+ handle_signal(SIGTERM, SIG_DFL); - } - - #if defined (NSUPDATE) --- -1.8.3.1 - -- cgit v1.2.3-54-g00ecf