Bug 9820

Summary: Slave server uses wrong TTL value on SOA record
Product: [Retired] Red Hat Linux Reporter: richards
Component: bindAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.1   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-02-28 15:28:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description richards 2000-02-27 23:26:18 UTC 
BIND uses the SOA minimum instead of the record's explicit TTL on the SOA
record on the slave server.  This will prevent (for example), an attempt to
delegate an IN-ADDR.ARPA. zone from APNIC, as the SOA records will not
match on master and slave.  Patch supplied by Mark Andrews of the ISC
(works against 8.2.2P3 and 8.2.2P5, pity about the line wrapping in the web
form):

diff -u -r8.98 db_load.c
--- src/bin/named/db_load.c     2000/02/21 21:27:41     8.98
+++ src/bin/named/db_load.c     2000/02/25 04:26:41
@@ -294,6 +294,7 @@
                default_warn = 1;
                clev = nlabels(in_origin);
                filenames = NULL;
+               zp->z_minimum = USE_MINIMUM;
        }
        ttl = default_ttl;

@@ -744,7 +746,7 @@
                                        zp->z_minimum = 0;
                                } else
                                        zp->z_minimum = n;
-                               if (default_ttl == USE_MINIMUM)
+                               if (ttl == USE_MINIMUM)
                                        ttl = n;
                                n = cp - (char *)data;
                                if (multiline) {
@@ -752,6 +754,7 @@
                                        buf[1] = '\0';
                                        if (buf[0] != ')')
                                                ERRTO("SOA \")\"");
+                                       multiline = 0;
                                        endline(fp);
                                }
                                 read_soa++;
@@ -973,7 +981,10 @@
                        case ns_t_cert:
                        case ns_t_sig: {
                                char *errmsg = NULL;
-                               int ret = parse_sec_rdata(buf, sizeof(buf),
0,
+                               int ret;
+                               if (ttl == USE_MINIMUM) /* no ttl set */
+                                       ttl = 0;
+                               ret = parse_sec_rdata(buf, sizeof(buf), 0,
                                                          data,
sizeof(data),
                                                          fp, zp, domain,
ttl,
                                                          type, domain_ctx,
@@ -1024,6 +1035,8 @@
                                        zp->z_origin);
                                continue;
                        }
+                       if (ttl == USE_MINIMUM) /* no ttl set */
+                               ttl = 0;
                        dp = savedata(class, type, (u_int32_t)ttl,
                                      (u_char *)data, (int)n);
                        dp->d_zone = zp - zones;
Comment 1 Bernhard Rosenkraenzer 2000-02-28 15:28:59 UTC 
Thanks, fixed.
Comment 2 openshift-github-bot 2018-08-29 19:31:06 UTC 
Commit pushed to master at https://github.com/openshift/openshift-ansible

https://github.com/openshift/openshift-ansible/commit/60640eac06a87a69e0858c8f8ecebdc3feb6c265
issue #9820