Bug 249701 - bind/named fails to start using tsig keys
bind/named fails to start using tsig keys
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: bind (Show other bugs)
7
All Linux
low Severity urgent
: ---
: ---
Assigned To: Adam Tkac
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-07-26 11:12 EDT by Anthony Messina
Modified: 2013-04-30 19:36 EDT (History)
1 user (show)

See Also:
Fixed In Version: 9.4.1-8.P1.fc7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-07-27 01:57:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Anthony Messina 2007-07-26 11:12:03 EDT
Description of problem:
bind fails to start with the following error:
view.c:1196: REQUIRE(keyp != ((void *)0) && *keyp == ((void *)0))

Version-Release number of selected component (if applicable):
bind-9.4.1-P1

How reproducible:
Every time

Steps to Reproduce:
1. Try to start bind after having configured tsig keys

Actual results:
bind fails to start

Expected results:
bind should start and initiate a transfer if necessary

Additional info:
Apparently, this is know, but it is critical for anyone who uses keys to
transfer data between master/slave servers.

Here is a link to what I found on this:
http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/thread/99dc9ae77b4e0d49/0b49aaa959a9eada
Comment 1 Adam Tkac 2007-07-26 11:48:59 EDT
Yes, I know about this problem but I think we could wait to 9.4.2 when noone
reports it. Update will be avaliable very soon (also on
http://people.redhat.com/atkac/bind/ )

Adam
Comment 2 Anthony Messina 2007-07-26 11:57:02 EDT
Thanks for the update. When you say "we could wait"...  How long do you
anticipate?  I have a backup server in a remote location that depends on these
updates from the master.  Now that network is non-functional in terms of name
resolution.

If the wait will be more than a day, what are the alternatives that I can
implement for zone transfers in the mean time?  Would switching to IP based
transfers work?

Also, if I needed to rool-my-own from the src rpm, would I need to specify any
modifyers to the rpmbuild command, or could I just patch using the patch
supplied in the above link and do an rpmbuild without modifiers/conditionals to
mimic the default fedora install of bind?

Again, thanks for your help.  
Comment 3 Adam Tkac 2007-07-26 12:11:10 EDT
With "we could wait" I though when noone reports this problem that means that
nobody uses TSIGs so I don't have to backport patch :) But now, when report
exists I'm going to release it. Update will be avaliable tomorrow

Adam
Comment 4 Anthony Messina 2007-07-26 12:18:40 EDT
Thanks a lot.  How do people do transfers then?  Am I  using an old method or
something?
Comment 5 Adam Tkac 2007-07-26 12:22:00 EDT
People often think that Internet is security so do transfers without any
protection because they don't want waste time with correct setup :) Your method
is recommended and modern
Comment 6 Anthony Messina 2007-07-26 15:07:44 EDT
thanks.  glad to hear i'm doing something right :) anyway, your .8 release works
 (i rolled my own rpm) so test #1 is good! i appreciate the quick replies.
Comment 7 Fedora Update System 2007-07-27 01:56:46 EDT
bind-9.4.1-8.P1.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.