summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/admin.scm27
-rw-r--r--gnu/packages/patches/isc-dhcp-4.4.1-fixes-for-newer-bind.patch100
3 files changed, 5 insertions, 123 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index c13b6357c9..3f8fa2ed7b 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1025,7 +1025,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/inkscape-poppler-0.76.patch		\
   %D%/packages/patches/intltool-perl-compatibility.patch	\
   %D%/packages/patches/irrlicht-use-system-libs.patch		\
-  %D%/packages/patches/isc-dhcp-4.4.1-fixes-for-newer-bind.patch	\
   %D%/packages/patches/isl-0.11.1-aarch64-support.patch	\
   %D%/packages/patches/jacal-fix-texinfo.patch			\
   %D%/packages/patches/jamvm-arm.patch				\
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index b58a917f62..23619cbfc2 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -767,14 +767,14 @@ connection alive.")
                                       bind-release-version)))
     (package
       (name "isc-dhcp")
-      (version "4.4.1")
+      (version "4.4.2")
       (source (origin
                 (method url-fetch)
                 (uri (string-append "https://ftp.isc.org/isc/dhcp/"
                                     version "/dhcp-" version ".tar.gz"))
                 (sha256
                  (base32
-                  "025nfqx4zwdgv4b3rkw26ihcj312vir08jk6yi57ndmb4a4m08ia"))))
+                  "08a5003zdxgl41b29zjkxa92h2i40zyjgxg0npvnhpkfl5jcsz0s"))))
       (build-system gnu-build-system)
       (arguments
        `(#:parallel-build? #f
@@ -783,17 +783,6 @@ connection alive.")
          (modify-phases %standard-phases
            (add-after 'unpack 'replace-bundled-bind
              (lambda* (#:key inputs native-inputs #:allow-other-keys)
-               ;; XXX TODO: Remove the following invocation of 'patch' when
-               ;; isc-dhcp is updated.  It should be needed only for 4.4.1.
-               (let ((patch (string-append (assoc-ref (or native-inputs inputs)
-                                                      "patch")
-                                           "/bin/patch"))
-                     (the-patch (assoc-ref (or native-inputs inputs)
-                                           "fixes-for-newer-bind.patch")))
-                 (format #t "applying '~a'...~%" the-patch)
-                 (invoke patch "--force" "--no-backup-if-mismatch"
-                         "-p1" "--input" the-patch))
-
                (delete-file "bind/bind.tar.gz")
                (copy-file (assoc-ref inputs "bind-source-tarball")
                           "bind/bind.tar.gz")
@@ -881,20 +870,14 @@ connection alive.")
 
       (native-inputs
        `(("perl" ,perl)
-         ("file" ,file)
-
-         ;; XXX TODO: Remove the following patch, and also the 'patch'
-         ;; program, when isc-dhcp is updated.
-         ("fixes-for-newer-bind.patch"
-          ,(search-patch "isc-dhcp-4.4.1-fixes-for-newer-bind.patch"))
-         ("patch" ,patch)))
+         ("file" ,file)))
 
       (inputs `(("inetutils" ,inetutils)
                 ("net-tools" ,net-tools)
                 ("iproute" ,iproute)
 
-                ;; XXX isc-dhcp bundles a copy of bind that has security
-                ;; flaws, so we use a newer version.
+                ;; isc-dhcp bundles a copy of BIND, which has proved vulnerable
+                ;; in the past.  Use a BIND-VERSION of our choosing instead.
                 ("bind-source-tarball"
                  ,(origin
                     (method url-fetch)
diff --git a/gnu/packages/patches/isc-dhcp-4.4.1-fixes-for-newer-bind.patch b/gnu/packages/patches/isc-dhcp-4.4.1-fixes-for-newer-bind.patch
deleted file mode 100644
index 53e681ea31..0000000000
--- a/gnu/packages/patches/isc-dhcp-4.4.1-fixes-for-newer-bind.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-These fixes are needed to adapt isc-dhcp-4.4.1 to build
-successfully after its bundled copy of bind has been updated.
-
-It is derived from the following upstream commits:
-
-commit 8194daabfd590f17825f0c61e9534bee5c99cc86
-Author: Thomas Markwalder <tmark@isc.org>
-Date:   Fri Sep 14 13:41:14 2018 -0400
-
-  [master] Added includes of new BIND9 compatibility headers, updated util/bind.sh
-  
-      Merges in rt48072.
-
-commit cc35f84943df44dac2499f3e16e8aaba7d54191d
-Author: Thomas Markwalder <tmark@isc.org>
-Date:   Tue Mar 19 08:36:23 2019 -0400
-
-  [master] Avoid Bind9 python dependency
-  
-      merges [#3,!1] Avoid Bind9 python dependency
-
---- a/bind/Makefile.in
-+++ b/bind/Makefile.in
-@@ -23,7 +23,7 @@ exec_prefix = @exec_prefix@
- 
- bindconfig = --without-openssl --without-libxml2 --without-libjson \
- 	--without-gssapi --disable-threads --without-lmdb \
--	--includedir=@includedir@ --libdir=@libdir@ \
-+	--includedir=@includedir@ --libdir=@libdir@  --without-python\
- 	@BINDLT@ @BINDIOMUX@ @BINDCONFIG@ --enable-full-report
- 
- @BIND_ATF_FALSE@cleandirs = ./lib ./include
-diff --git a/includes/omapip/isclib.h b/includes/omapip/isclib.h
-index 75a87ff6..538b927f 100644
---- a/includes/omapip/isclib.h
-+++ b/includes/omapip/isclib.h
-@@ -48,6 +48,9 @@
- #include <string.h>
- #include <netdb.h>
- 
-+#include <isc/boolean.h>
-+#include <isc/int.h>
-+
- #include <isc/buffer.h>
- #include <isc/lex.h>
- #include <isc/lib.h>
-diff --git a/includes/omapip/result.h b/includes/omapip/result.h
-index 91243e1b..860298f6 100644
---- a/includes/omapip/result.h
-+++ b/includes/omapip/result.h
-@@ -26,6 +26,7 @@
- #ifndef DHCP_RESULT_H
- #define DHCP_RESULT_H 1
- 
-+#include <isc/boolean.h>
- #include <isc/lang.h>
- #include <isc/resultclass.h>
- #include <isc/types.h>
-diff --git a/server/dhcpv6.c b/server/dhcpv6.c
-index a7110f98..cde4f617 100644
---- a/server/dhcpv6.c
-+++ b/server/dhcpv6.c
-@@ -1034,7 +1034,8 @@ void check_pool6_threshold(struct reply_state *reply,
- 				  shared_name,
- 				  inet_ntop(AF_INET6, &lease->addr,
- 					    tmp_addr, sizeof(tmp_addr)),
--				  used, count);
-+				  (long long unsigned)(used),
-+				  (long long unsigned)(count));
- 		}
- 		return;
- 	}
-@@ -1066,7 +1067,8 @@ void check_pool6_threshold(struct reply_state *reply,
- 		  "address: %s; high threshold %d%% %llu/%llu.",
- 		  shared_name,
- 		  inet_ntop(AF_INET6, &lease->addr, tmp_addr, sizeof(tmp_addr)),
--		  poolhigh, used, count);
-+		  poolhigh, (long long unsigned)(used),
-+		  (long long unsigned)(count));
- 
- 	/* handle the low threshold now, if we don't
- 	 * have one we default to 0. */
-@@ -1436,12 +1438,15 @@ pick_v6_address(struct reply_state *reply)
- 		log_debug("Unable to pick client address: "
- 			  "no addresses available  - shared network %s: "
- 			  " 2^64-1 < total, %llu active,  %llu abandoned",
--			  shared_name, active - abandoned, abandoned);
-+			  shared_name, (long long unsigned)(active - abandoned),
-+			  (long long unsigned)(abandoned));
- 	} else {
- 		log_debug("Unable to pick client address: "
- 			  "no addresses available  - shared network %s: "
- 			  "%llu total, %llu active,  %llu abandoned",
--			  shared_name, total, active - abandoned, abandoned);
-+			  shared_name, (long long unsigned)(total),
-+			  (long long unsigned)(active - abandoned),
-+		          (long long unsigned)(abandoned));
- 	}
- 
- 	return ISC_R_NORESOURCES;