Bug #227344 “bind-dlz and ldap api: invalid use of “%” character...” : Bugs : bind9 package : Ubuntu

Revision history for this message

In Debian Bug tracker #273440, Sam Morris (yrro) wrote on 2006-08-21: DLZ present in bind 9.4

#1

It seems the DLZ patches have been merged into bind 9.4, though it is
probably some way away from a final release and packaging.

--
Sam Morris
http://robots.org.uk/

PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078

Revision history for this message

In Debian Bug tracker #273440, Sam Morris (yrro) wrote on 2007-04-14: merging 273440 360639

#2

# Automatically generated email from bts, devscripts version 2.9.26
merge 273440 360639

Revision history for this message

In Debian Bug tracker #273440, Ross Vandegrift (ross-kallisti) wrote on 2007-08-06: DLZ integration patch

#3

Hello,

This patch to the Debian control and rules files provides what is
required to support DLZ for the bind9 package.

Please consider integrating!

diff -ur debian/control /usr/src/bind9-mine/debian/control
--- debian/control 2007-08-06 11:48:33.000000000 -0400
+++ /usr/src/bind9-mine/debian/control 2007-08-06 11:59:04.000000000
-0400
@@ -3,7 +3,7 @@
Priority: optional
Maintainer: LaMont Jones <email address hidden>
Uploaders: Bdale Garbee <email address hidden>
-Build-Depends: debhelper (>=5), libssl-dev, libtool, bison
+Build-Depends: debhelper (>=5), libssl-dev, libtool, bison, libpq-dev, unixodbc-dev, libmysqlclient-dev, libdb4.2-dev, libldap-dev
Standards-Version: 3.7.2.0

Package: bind9
diff -ur debian/rules /usr/src/bind9-mine/debian/rules
--- debian/rules 2007-08-06 11:48:33.000000000 -0400
+++ /usr/src/bind9-mine/debian/rules 2007-08-06 11:43:41.000000000
-0400
@@ -33,7 +33,14 @@
                --enable-static \
                --with-openssl=/usr \
                --with-gnu-ld \
- --enable-ipv6
+ --enable-ipv6 \
+ --with-dlz-odbc \
+ --with-dlz-stub \
+ --with-dlz-ldap \
+ --with-dlz-filesystem \
+ --with-dlz-bdb \
+ --with-dlz-mysql \
+ --with-dlz-postgres
        touch configure-stamp

build: configure-stamp build-stamp

--
Ross Vandegrift
<email address hidden>

"The good Christian should beware of mathematicians, and all those who
make empty prophecies. The danger already exists that the mathematicians
have made a covenant with the devil to darken the spirit and to confine
man in the bonds of Hell."
--St. Augustine, De Genesi ad Litteram, Book II, xviii, 37

Revision history for this message

In Debian Bug tracker #273440, LaMont Jones (lamont) wrote on 2007-08-06: Re: Bug#273440: DLZ integration patch

#4

On Mon, Aug 06, 2007 at 12:02:24PM -0400, Ross Vandegrift wrote:
> This patch to the Debian control and rules files provides what is
> required to support DLZ for the bind9 package.

I am not going to make every bind9 install force postgres to be
installed.

This needs to be split out as a separate package, preferably as a module
that bind9 can load, alternatively as a separate binary package
delivered by bind9 source.

lamont

Revision history for this message

In Debian Bug tracker #273440, Ross Vandegrift (ross-kallisti) wrote on 2007-08-06:

#5

On Mon, Aug 06, 2007 at 12:11:46PM -0600, LaMont Jones wrote:
> On Mon, Aug 06, 2007 at 12:02:24PM -0400, Ross Vandegrift wrote:
> > This patch to the Debian control and rules files provides what is
> > required to support DLZ for the bind9 package.
>
> I am not going to make every bind9 install force postgres to be
> installed.

Shouldn't adding libpq-dev to the build-dep only require the pgsql
libraries? I haven't had too much deb building experience: that was
my intention. The various DLZ backends are statically linked into
named at build-time, so seperate packages would be required.

Thanks,

Ross

--
Ross Vandegrift
<email address hidden>

"The good Christian should beware of mathematicians, and all those who
make empty prophecies. The danger already exists that the mathematicians
have made a covenant with the devil to darken the spirit and to confine
man in the bonds of Hell."
--St. Augustine, De Genesi ad Litteram, Book II, xviii, 37

Revision history for this message

In Debian Bug tracker #273440, Florian Weimer (fw) wrote on 2007-08-08:

#6

* Ross Vandegrift:

> + --with-dlz-postgres

That code might suffer from CVE-2006-2313. It should be patched to
use the proper functions from libpq before shipping it in a Debian
package.

It's true that these features only pull in the client access
libraries, but they have got dependencies of their own, so the result
could still be rather heavy-weight in some configurations.

Revision history for this message

In Debian Bug tracker #273440, Michelle Konzack (linux4michelle) wrote on 2007-08-12:

#7

Am 2007-08-06 12:11:46, schrieb LaMont Jones:
> On Mon, Aug 06, 2007 at 12:02:24PM -0400, Ross Vandegrift wrote:
> > This patch to the Debian control and rules files provides what is
> > required to support DLZ for the bind9 package.
>
> I am not going to make every bind9 install force postgres to be
> installed.

you need only to add "libpq-dev"

> This needs to be split out as a separate package, preferably as a module
> that bind9 can load, alternatively as a separate binary package
> delivered by bind9 source.

And right, the source of bind9 should produce an extra binary like
"bind9-dlz" like to Bugsubmitter had already wriiten in 2004-09-26

Please add a new binary which support PostgreSQL.

Thanks, Greetings and nice Day
    Michelle Konzack
    Systemadministrator
    Tamay Dogan Network
    Debian GNU/Linux Consultant

--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSN LinuxMichi
0033/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)

Revision history for this message

In Debian Bug tracker #273440, LaMont Jones (lamont) wrote on 2008-01-06:

#8

On Mon, Aug 06, 2007 at 02:42:27PM -0400, Ross Vandegrift wrote:
> On Mon, Aug 06, 2007 at 12:11:46PM -0600, LaMont Jones wrote:
> > On Mon, Aug 06, 2007 at 12:02:24PM -0400, Ross Vandegrift wrote:
> Shouldn't adding libpq-dev to the build-dep only require the pgsql
> libraries? I haven't had too much deb building experience: that was
> my intention. The various DLZ backends are statically linked into
> named at build-time, so seperate packages would be required.

The backend access shared libs are linked into bind. If the backend
code were statically linked, that would be sufficient reason to reject
things out of hand.

With the change, 9.4.2 Depends on:
  libbind9-30, libc6 (>= 2.7-1), libdb4.2, libdns32, libisc32, libisccc30,
  libisccfg30, libldap2 (>= 2.1.17-1), liblwres30, libmysqlclient15off (>=
  5.0.27-1), libpq5, libssl0.9.8 (>= 0.9.8f-1), unixodbc (>= 2.2.11-1),
  zlib1g

which is much too heavy weight for the stock package. so the question
becomes, do we want to have one bind9-dlz package that scrapes all
those dependencies in, or do we want to additionally have some subset
that only scrape in certain pieces? (many admins have issues with "that
other SQL implementation", for example.)

lamont

Revision history for this message

In Debian Bug tracker #273440, Ross Vandegrift (ross-kallisti) wrote on 2008-01-06:

#9

On Sun, Jan 06, 2008 at 11:04:42AM -0700, LaMont Jones wrote:
> On Mon, Aug 06, 2007 at 02:42:27PM -0400, Ross Vandegrift wrote:
> > On Mon, Aug 06, 2007 at 12:11:46PM -0600, LaMont Jones wrote:
> > > On Mon, Aug 06, 2007 at 12:02:24PM -0400, Ross Vandegrift wrote:
> > Shouldn't adding libpq-dev to the build-dep only require the pgsql
> > libraries? I haven't had too much deb building experience: that was
> > my intention. The various DLZ backends are statically linked into
> > named at build-time, so seperate packages would be required.
>
> The backend access shared libs are linked into bind. If the backend
> code were statically linked, that would be sufficient reason to reject
> things out of hand.
>
> With the change, 9.4.2 Depends on:
> libbind9-30, libc6 (>= 2.7-1), libdb4.2, libdns32, libisc32, libisccc30,
> libisccfg30, libldap2 (>= 2.1.17-1), liblwres30, libmysqlclient15off (>=
> 5.0.27-1), libpq5, libssl0.9.8 (>= 0.9.8f-1), unixodbc (>= 2.2.11-1),
> zlib1g
>
> which is much too heavy weight for the stock package. so the question
> becomes, do we want to have one bind9-dlz package that scrapes all
> those dependencies in, or do we want to additionally have some subset
> that only scrape in certain pieces? (many admins have issues with "that
> other SQL implementation", for example.)

In all honestly, this isn't too relevant for me anymore - my
installation is on a long-term track toward powerDNS. DLZ isn't too
long for my world :-)

Ross

Revision history for this message

In Debian Bug tracker #273440, LaMont Jones (lamont) wrote on 2008-02-24: merging 360639 273440

#10

# Automatically generated email from bts, devscripts version 2.10.7ubuntu5
merge 360639 273440

Revision history for this message

Daniel Paufler (d-paufler-ergomedia) wrote on 2008-05-06: bind-dlz und ldap api

#11

Binary package hint: bind9

I was running bind 9.4.1-P1-3 with DLZ and openldap 2.3.35-1 with ubuntu
7.10 (gutsy)

Now i updated to bind 9.4.2 and openldap 2.4.7. My previous config
stopped working with "lookup query must specify a search base" error.

It seems, that it caused by the ldap API change regarding "%" sign.

I emailed with the bind-dlz guys. They changed their configuration to not use "%" but "$". I applied the patch, dpkg-build the package again and it is working. Can you please put the patch to your binary package and give out e new version for hardy.

------------------------------------------

--- bind-9.4.2/contrib/dlz/drivers/sdlz_helper.c.orig
+++ bind-9.4.2/contrib/dlz/drivers/sdlz_helper.c
@@ -166,12 +166,12 @@
ISC_LIST_APPEND(*tql, tseg, link);

   /*
- * split string at the first "%". set query segment to
+ * split string at the first "$". set query segment to
    * left portion
    */
   tseg->sql = isc_mem_strdup(mctx,
         isc_string_separate(&right_str,
- "%"));
+ "$"));
   if (tseg->sql == NULL) {
    /* no memory, clean everything up. */
    result = ISC_R_NOMEMORY;

-----------------------------

My System:
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 8.04
Release: 8.04
Codename: hardy

bind9:
  Installed: 1:9.4.2-10
  Candidate: 1:9.4.2-10
  Version table:
     1:9.4.2-10 0
        500 http://de.archive.ubuntu.com hardy/main Packages
*** 1:9.4.2-10 0
        100 /var/lib/dpkg/status

slapd:
  Installed: 2.4.7-6ubuntu3
  Candidate: 2.4.7-6ubuntu3
  Version table:
*** 2.4.7-6ubuntu3 0
        500 http://de.archive.ubuntu.com hardy/main Packages
        100 /var/lib/dpkg/status

libldap-2.4-2:
  Installed: 2.4.7-6ubuntu3
  Candidate: 2.4.7-6ubuntu3
  Version table:
*** 2.4.7-6ubuntu3 0
        500 http://de.archive.ubuntu.com hardy/main Packages
        100 /var/lib/dpkg/status

Revision history for this message

Daniel Paufler (d-paufler-ergomedia) wrote on 2008-05-06:

#12

See email thread at http://comments.gmane.org/gmane.network.dns.bind9.dlz/1901

Revision history for this message

LaMont Jones (lamont) wrote on 2008-05-26:

#13

The plan is to include DLZ support in bind9 once bind 9.5.0 is out.

Bug Watch Updater (bug-watch-updater) on 2008-05-26

Changed in bind9:
status:	Unknown → New

Revision history for this message

Launchpad Janitor (janitor) wrote on 2008-05-29:

#14

This bug was fixed in the package bind9 - 1:9.5.0~rc1-2~0ubuntu2

---------------
bind9 (1:9.5.0~rc1-2~0ubuntu2) intrepid; urgency=low

* build: use the correct directories in dh_shlibdeps invocation
* build: turn on dlz. LP: #227344

-- LaMont Jones <email address hidden> Tue, 27 May 2008 21:43:06 -0600

Changed in bind9:
status:	New → Fix Released

Revision history for this message

In Debian Bug tracker #273440, Ondřej Surý (ondrej) wrote on 2009-01-26: Re: Bug#513113: bind9 and ldapbackend woun't work with Lenny

#15

Download full text (6.5 KiB)

severity 513113 wishlist
retitle 513113 Compile Bind9 with support for DLZ backends
forcemerge 273440 513113
thank you

Stefan,

Bind9 in Debian is not compiled with support for DLZ backends.
Fact that Bind9 is linked with ldap libraries doesn't mean it
supports DLZ LDAP backend.

Ondrej.

On Mon, Jan 26, 2009 at 4:46 PM, stka <email address hidden> wrote:
> Package: bind9
> Version: 1:9.5.0.dfsg.P2-5.1
> Severity: normal
>
>
>
> -- System Information:
> Debian Release: 5.0
> APT prefers testing
> APT policy: (500, 'testing')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
>
> Versions of packages bind9 depends on:
> ii adduser 3.110 add and remove users and groups
> ii bind9utils 1:9.5.0.dfsg.P2-5.1 Utilities for BIND
> ii debconf [debconf-2.0 1.5.24 Debian configuration management sy
> ii libbind9-40 1:9.5.0.dfsg.P2-5.1 BIND9 Shared Library used by BIND
> ii libc6 2.7-18 GNU C Library: Shared libraries
> ii libcap2 2.11-2 support for getting/setting POSIX.
> ii libdb4.6 4.6.21-11 Berkeley v4.6 Database Libraries [
> ii libdns43 1:9.5.0.dfsg.P2-5.1 DNS Shared Library used by BIND
> ii libisc44 1:9.5.0.dfsg.P2-5.1 ISC Shared Library used by BIND
> ii libisccc40 1:9.5.0.dfsg.P2-5.1 Command Channel Library used by BI
> ii libisccfg40 1:9.5.0.dfsg.P2-5.1 Config File Handling Library used
> ii libkrb53 1.6.dfsg.4~beta1-5 MIT Kerberos runtime libraries
> ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries
> ii liblwres40 1:9.5.0.dfsg.P2-5.1 Lightweight Resolver Library used
> ii libssl0.9.8 0.9.8g-15 SSL shared libraries
> ii libxml2 2.6.32.dfsg-5 GNOME XML library
> ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip
> ii net-tools 1.60-22 The NET-3 networking toolkit
> ii netbase 4.34 Basic TCP/IP networking system
>
> bind9 recommends no packages.
>
> Versions of packages bind9 suggests:
> ii bind9-doc 1:9.5.0.dfsg.P2-5.1 Documentation for BIND
> ii dnsutils 1:9.5.0.dfsg.P2-5.1 Clients provided with BIND
> ii resolvconf 1.42 name server information handler
> pn ufw <none> (no description available)
>
> -- debconf information:
> bind9/different-configuration-file:
> bind9/run-resolvconf: true
> bind9/start-as-user: bind
>
>
> I try to user bind9 together with openLDAP. But everytime I try to start bind9 I get the following error:
> --------------------------------
> Jan 26 16:15:47 ldapserver named[3211]: zone 127.in-addr.arpa/IN: loaded serial 1
> Jan 26 16:15:47 ldapserver named[3211]: unsupported database type 'ldap'
> Jan 26 16:15:47 ldapserver named[3211]: zone 123.168.192.in-addr.arpa/IN: loading zone: creating database: not found
> Jan 26 16:15:47 ldapserver named[3211]: zone 255.i...

severity 513113 wishlist
retitle 513113 Compile Bind9 with support for DLZ backends
forcemerge 273440 513113
thank you

Stefan,

Bind9 in Debian is not compiled with support for DLZ backends.
Fact that Bind9 is linked with ldap libraries doesn't mean it
supports DLZ LDAP backend.

Ondrej.

On Mon, Jan 26, 2009 at 4:46 PM, stka <stefan@kania-online.de> wrote:
> Package: bind9
> Version: 1:9.5.0.dfsg.P2-5.1
> Severity: normal
>
>
>
> -- System Information:
> Debian Release: 5.0
>  APT prefers testing
>  APT policy: (500, 'testing')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
>
> Versions of packages bind9 depends on:
> ii  adduser              3.110               add and remove users and groups
> ii  bind9utils           1:9.5.0.dfsg.P2-5.1 Utilities for BIND
> ii  debconf [debconf-2.0 1.5.24              Debian configuration management sy
> ii  libbind9-40          1:9.5.0.dfsg.P2-5.1 BIND9 Shared Library used by BIND
> ii  libc6                2.7-18              GNU C Library: Shared libraries
> ii  libcap2              2.11-2              support for getting/setting POSIX.
> ii  libdb4.6             4.6.21-11           Berkeley v4.6 Database Libraries [
> ii  libdns43             1:9.5.0.dfsg.P2-5.1 DNS Shared Library used by BIND
> ii  libisc44             1:9.5.0.dfsg.P2-5.1 ISC Shared Library used by BIND
> ii  libisccc40           1:9.5.0.dfsg.P2-5.1 Command Channel Library used by BI
> ii  libisccfg40          1:9.5.0.dfsg.P2-5.1 Config File Handling Library used
> ii  libkrb53             1.6.dfsg.4~beta1-5  MIT Kerberos runtime libraries
> ii  libldap-2.4-2        2.4.11-1            OpenLDAP libraries
> ii  liblwres40           1:9.5.0.dfsg.P2-5.1 Lightweight Resolver Library used
> ii  libssl0.9.8          0.9.8g-15           SSL shared libraries
> ii  libxml2              2.6.32.dfsg-5       GNOME XML library
> ii  lsb-base             3.2-20              Linux Standard Base 3.2 init scrip
> ii  net-tools            1.60-22             The NET-3 networking toolkit
> ii  netbase              4.34                Basic TCP/IP networking system
>
> bind9 recommends no packages.
>
> Versions of packages bind9 suggests:
> ii  bind9-doc            1:9.5.0.dfsg.P2-5.1 Documentation for BIND
> ii  dnsutils             1:9.5.0.dfsg.P2-5.1 Clients provided with BIND
> ii  resolvconf           1.42                name server information handler
> pn  ufw                  <none>              (no description available)
>
> -- debconf information:
>  bind9/different-configuration-file:
>  bind9/run-resolvconf: true
>  bind9/start-as-user: bind
>
>
> I try to user bind9 together with openLDAP. But everytime I try to start bind9 I get the following error:
> --------------------------------
> Jan 26 16:15:47 ldapserver named[3211]: zone 127.in-addr.arpa/IN: loaded serial 1
> Jan 26 16:15:47 ldapserver named[3211]: unsupported database type 'ldap'
> Jan 26 16:15:47 ldapserver named[3211]: zone 123.168.192.in-addr.arpa/IN: loading zone: creating database: not found
> Jan 26 16:15:47 ldapserver named[3211]: zone 255.in-addr.arpa/IN: loaded serial 1
> Jan 26 16:15:47 ldapserver named[3211]: zone localhost/IN: loaded serial 2
> Jan 26 16:15:47 ldapserver named[3211]: unsupported database type 'ldap'
> Jan 26 16:15:47 ldapserver named[3211]: zone home.stka/IN: loading zone: creating database: not found
> Jan 26 16:15:47 ldapserver named[3211]: running
> --------------------------------
> Here is my named.conf.local:
> --------------------------------
> zone "home.stka" in {
> type master;
> database "ldap ldap://192.168.123.170/ou=home.stka,ou=forward,ou=zone.master,ou=dns,dc=home,dc=stka????!bindname=uid=ldapbindaccount%2cou=dns%2cdc=home%2cdc=stka,!x-bindpw=bind9,x-tls 172800";
> };
>
> zone "123.168.192.in-addr.arpa" in {
> type master;
> database "ldap ldap://192.168.123.170/ou=123.168.192.in-addr.arpa,ou=reverse,ou=zone.master,ou=dns,dc=home,dc=stka????!bindname=uid=ldapbindaccount%2cou=dns%2cdc=home%2cdc=stka,!x-bindpw=bind9,x-tls 172800";
> };
> --------------------------------
> I use this configuration with opensuse and it works. The bind9 is build with libldap as "ldd /usr/sbin/named" shows:
>
> --------------------------------
> ldapserver:~/vorlagen/ldapserver/dns# ldd /usr/sbin/named
>        linux-gate.so.1 =>  (0xb7e9f000)
>        liblwres.so.40 => /usr/lib/liblwres.so.40 (0xb7e85000)
>        libdns.so.43 => /usr/lib/libdns.so.43 (0xb7d38000)
>        libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0xb7d0d000)
>        libcrypto.so.0.9.8 => /usr/lib/i686/cmov/libcrypto.so.0.9.8 (0xb7bba000)
>        libbind9.so.40 => /usr/lib/libbind9.so.40 (0xb7bae000)
>        libisccfg.so.40 => /usr/lib/libisccfg.so.40 (0xb7b99000)
>        libisccc.so.40 => /usr/lib/libisccc.so.40 (0xb7b90000)
>        libisc.so.44 => /usr/lib/libisc.so.44 (0xb7b40000)
>        libdb-4.6.so => /usr/lib/libdb-4.6.so (0xb7a0c000)
>        libldap_r-2.4.so.2 => /usr/lib/libldap_r-2.4.so.2 (0xb79c9000)
>        liblber-2.4.so.2 => /usr/lib/liblber-2.4.so.2 (0xb79bc000)
>        libcap.so.2 => /lib/libcap.so.2 (0xb79b8000)
>        libnsl.so.1 => /lib/i686/cmov/libnsl.so.1 (0xb799f000)
>        libpthread.so.0 => /lib/i686/cmov/libpthread.so.0 (0xb7986000)
>        libxml2.so.2 => /usr/lib/libxml2.so.2 (0xb784c000)
>        libc.so.6 => /lib/i686/cmov/libc.so.6 (0xb76f1000)
>        libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0xb765d000)
>        libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0xb7639000)
>        libcom_err.so.2 => /lib/libcom_err.so.2 (0xb7636000)
>        libkrb5support.so.0 => /usr/lib/libkrb5support.so.0 (0xb762d000)
>        libdl.so.2 => /lib/i686/cmov/libdl.so.2 (0xb7629000)
>        libkeyutils.so.1 => /lib/libkeyutils.so.1 (0xb7626000)
>        libresolv.so.2 => /lib/i686/cmov/libresolv.so.2 (0xb7612000)
>        libz.so.1 => /usr/lib/libz.so.1 (0xb75fd000)
>        libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb75e5000)
>        libgnutls.so.26 => /usr/lib/libgnutls.so.26 (0xb7548000)
>        libattr.so.1 => /lib/libattr.so.1 (0xb7543000)
>        /lib/ld-linux.so.2 (0xb7ea0000)
>        libm.so.6 => /lib/i686/cmov/libm.so.6 (0xb751d000)
>        libtasn1.so.3 => /usr/lib/libtasn1.so.3 (0xb750d000)
>        libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0xb7508000)
>        libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0xb74a0000)
> -----------------------------------------
> So I think bind9 should work with LDAP.
>
> --
> Stefan
>
>
>
>

-- 
Ondřej Surý <ondrej@sury.org>

Revision history for this message

In Debian Bug tracker #273440, LaMont Jones (lamont) wrote on 2009-01-27: Re: Bug#246680: Status?

#16

tags 246680 + wontfix
--

On Tue, Jan 27, 2009 at 07:50:22PM +0100, Michael Tautschnig wrote:
> Hi Turbo, hi bind9 maintainers,
> I was just wondering what the status of this bug/patch was. Could it be updated
> to latest bind9, or is it entirely superseeded by DLZ?

IDN support? when upstream or some one else reputable promises security
support for it.

with DLZ ldap, I'm disinclined to bother trying to figure out how to
support two different types of ldap backend.

lamont

Revision history for this message

Sebastian Hasait (shasait) wrote on 2009-03-09: Re: bind-dlz und ldap api

#17

This bug is still in the current bind9-package for ubuntu-intrepid.
I checked the source (apt-get source bind9) and the "%" was not replaced with a "$" in contrib/dlz/drivers/sdlz_helper.c.
So it's not possible to get bind9-dl-ldap to work.

Thank you

Bug Watch Updater (bug-watch-updater) on 2009-03-10

Changed in bind9:
status:	New → Won't Fix

Revision history for this message

Torsten Rehn (trehn) wrote on 2009-07-16:

#18

Still not fixed in jaunty either.

lamont: this bug has been closed prematurely as it is not about just enabling DLZ, but fixing the %-issue, which renders DLZ broken and useless for LDAP use atm. Please fix this asap. It's a 2-byte change.

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2009-09-11:

#19

This is not fixed in Karmic.

Changed in bind9 (Ubuntu):
status:	Fix Released → Confirmed
summary:	- bind-dlz und ldap api + bind-dlz and ldap api: invalid use of "%" character

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2009-09-11:

#20

I just downloaded DLZ 0.7.0 from sourceforge and they don't have this change applied either. What has it been, more than a year now? Has upstream stopped developing this?

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2009-09-11:

#21

Just to clarify, the comment about it being a year is about the fix going into upstream, not about this bug report. I'm worried why upstream hasn't released a fixed version yet, that's all.

LaMont Jones (lamont) on 2010-03-12

Changed in bind9 (Ubuntu):
status:	Confirmed → Fix Committed

Revision history for this message

robs (roberto-sebastiano) wrote on 2010-05-24:

#22

This means that now Lucid uses $zone$ syntax, while karmic was fine with %zone% (at least, with dlz-mysql)

Also, http://bind-dlz.sourceforge.net/mysql_driver.html still reports %% as the correct way to write the config file.

I cannot find any reference anywhere of this syntax change, it took me a few hours to understand what was wrong.
Proper documentation should be included in the ubuntu package.

Thank you,
Roberto Sebastiano

Bug Watch Updater (bug-watch-updater) on 2012-05-06

Changed in bind9 (Debian):
status:	Won't Fix → New

Bug Watch Updater (bug-watch-updater) on 2017-10-22

Changed in bind9 (Debian):
status:	New → Fix Released

Affects		Status	Importance	Assigned to	Milestone
	bind9 (Debian)	Fix Released	Unknown	debbugs #273440
	bind9 (Ubuntu)	Fix Committed	Undecided	Unassigned

Ubuntu
bind9 package

bind-dlz and ldap api: invalid use of "%" character

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches

Ubuntubind9 package

bind-dlz and ldap api: invalid use of "%" character

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
bind9 package