Bug 249701 - bind/named fails to start using tsig keys
Summary: bind/named fails to start using tsig keys
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: bind   
(Show other bugs)
Version: 7
Hardware: All Linux
low
urgent
Target Milestone: ---
Assignee: Adam Tkac
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-07-26 15:12 UTC by Anthony Messina
Modified: 2013-04-30 23:36 UTC (History)
1 user (show)

Fixed In Version: 9.4.1-8.P1.fc7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-07-27 05:57:00 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Anthony Messina 2007-07-26 15:12:03 UTC
Description of problem:
bind fails to start with the following error:
view.c:1196: REQUIRE(keyp != ((void *)0) && *keyp == ((void *)0))

Version-Release number of selected component (if applicable):
bind-9.4.1-P1

How reproducible:
Every time

Steps to Reproduce:
1. Try to start bind after having configured tsig keys

Actual results:
bind fails to start

Expected results:
bind should start and initiate a transfer if necessary

Additional info:
Apparently, this is know, but it is critical for anyone who uses keys to
transfer data between master/slave servers.

Here is a link to what I found on this:
http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/thread/99dc9ae77b4e0d49/0b49aaa959a9eada

Comment 1 Adam Tkac 2007-07-26 15:48:59 UTC
Yes, I know about this problem but I think we could wait to 9.4.2 when noone
reports it. Update will be avaliable very soon (also on
http://people.redhat.com/atkac/bind/ )

Adam

Comment 2 Anthony Messina 2007-07-26 15:57:02 UTC
Thanks for the update. When you say "we could wait"...  How long do you
anticipate?  I have a backup server in a remote location that depends on these
updates from the master.  Now that network is non-functional in terms of name
resolution.

If the wait will be more than a day, what are the alternatives that I can
implement for zone transfers in the mean time?  Would switching to IP based
transfers work?

Also, if I needed to rool-my-own from the src rpm, would I need to specify any
modifyers to the rpmbuild command, or could I just patch using the patch
supplied in the above link and do an rpmbuild without modifiers/conditionals to
mimic the default fedora install of bind?

Again, thanks for your help.  

Comment 3 Adam Tkac 2007-07-26 16:11:10 UTC
With "we could wait" I though when noone reports this problem that means that
nobody uses TSIGs so I don't have to backport patch :) But now, when report
exists I'm going to release it. Update will be avaliable tomorrow

Adam

Comment 4 Anthony Messina 2007-07-26 16:18:40 UTC
Thanks a lot.  How do people do transfers then?  Am I  using an old method or
something?

Comment 5 Adam Tkac 2007-07-26 16:22:00 UTC
People often think that Internet is security so do transfers without any
protection because they don't want waste time with correct setup :) Your method
is recommended and modern

Comment 6 Anthony Messina 2007-07-26 19:07:44 UTC
thanks.  glad to hear i'm doing something right :) anyway, your .8 release works
 (i rolled my own rpm) so test #1 is good! i appreciate the quick replies.

Comment 7 Fedora Update System 2007-07-27 05:56:46 UTC
bind-9.4.1-8.P1.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.