Report information
The Basics
Id:
40685
Status:
resolved
Priority:
Medium/Medium
Queue:
bind9-public
People
Owner:
Nobody in particular
Requestors:
Tomas Hozza <thozza@redhat.com>
Cc:
AdminCc:
BugTracker
Version Fixed:
9.9.9, 9.9.9-S1, 9.10.4, 9.11.0
Version Found:
(no value)
Versions Affected:
(no value)
Versions Planned:
(no value)
Priority:
(no value)
Severity:
S2 Normal
CVSS Score:
(no value)
CVE ID:
(no value)
Component:
BIND Utilities
Area:
bug
Attachments
0001-nsupdate-Don-t-exit-on-GSSAPI-error.patch
Dates
Created:Fri, 11 Sep 2015 12:53:25 -0400
Updated:Wed, 16 Aug 2017 19:27:13 -0400
Closed:Mon, 19 Oct 2015 18:39:42 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History
  Fri, 11 Sep 2015 12:53:25 -0400 Tomas Hozza <thozza@redhat.com> - Ticket created
Subject: nsupdate: Don't exit on first GSSAPI error
Date: Fri, 11 Sep 2015 18:53:09 +0200
To: bind9-bugs@isc.org
From: "Tomas Hozza" <thozza@redhat.com>

Hello. Previously nsupdate exited on the first GSSAPI error in case it was run with '-g' option, while it would execute the following commands without the '-g' option. I'm attaching a patch changing this behavior. With the change nsupdate will continue with the next command in case GSSAPI failed. We have a Fedora bug for this: https://bugzilla.redhat.com/show_bug.cgi?id=1261155 Regards, -- Tomas Hozza Software Engineer - EMEA ENG Developer Experience PGP: 1D9F3C2D UTC+2 (CEST) Red Hat Inc. http://cz.redhat.com
0001-nsupdate-Don-t-exit-on-GSSAPI-error.patch

Message body is not shown because sender requested not to inline it.

Thu, 17 Sep 2015 08:14:26 -0400 Mark Andrews <marka@isc.org> - Taken
  Thu, 17 Sep 2015 17:58:40 -0400 Mark Andrews <marka@isc.org> - Correspondence added

Does this actually help anything? If dns_tkey_buildgssquery fails on the first request it will almost certainly fail on subsequent requests.
Thu, 17 Sep 2015 17:58:41 -0400 The RT System itself - Status changed from 'new' to 'open'
Thu, 17 Sep 2015 19:55:39 -0400 Mark Andrews <marka@isc.org> - Version Fixed 9.9.9,9.9.9(sub),9.10.4,9.11.0 added
  Thu, 17 Sep 2015 19:55:40 -0400 Mark Andrews <marka@isc.org> - Correspondence added

4215. [bug] nsupdate: skip to next request on GSSTKEY create failure. [RT #40685]
Thu, 17 Sep 2015 19:55:41 -0400 Mark Andrews <marka@isc.org> - Status changed from 'open' to 'resolved'
Thu, 17 Sep 2015 19:55:41 -0400 Mark Andrews <marka@isc.org> - Queue changed from #6 to #30
Thu, 17 Sep 2015 19:55:41 -0400 Mark Andrews <marka@isc.org> - Untaken
  Mon, 21 Sep 2015 02:29:37 -0400 Tomas Hozza <thozza@redhat.com> - Correspondence added
Subject: Re: [ISC-Bugs #40685] nsupdate: Don't exit on first GSSAPI error
Date: Mon, 21 Sep 2015 02:29:30 -0400 (EDT)
To: bind9-bugs@isc.org
From: "Tomas Hozza" <thozza@redhat.com>

Hi Mark. ----- Original Message ----- > Does this actually help anything? If dns_tkey_buildgssquery fails on the > first request it > will almost certainly fail on subsequent requests. The rationale is that the next request may be sent to a different server. If it is sent to the same, it will most probably fail as you pointed out. Regards, Tomas -- Tomas Hozza Software Engineer - EMEA ENG Developer Experience PGP: 1D9F3C2D UTC+2 (CEST) Red Hat Inc. http://cz.redhat.com
Mon, 21 Sep 2015 02:29:38 -0400 The RT System itself - Status changed from 'resolved' to 'open'
Mon, 19 Oct 2015 18:39:42 -0400 Mark Andrews <marka@isc.org> - Status changed from 'open' to 'resolved'
Mon, 22 Feb 2016 06:40:49 -0500 Stephen Morris <stephen@isc.org> - Area bug added
Mon, 22 Feb 2016 06:40:49 -0500 Stephen Morris <stephen@isc.org> - Component BIND Utilities added
Wed, 03 Aug 2016 15:52:50 -0400 Vicky Risk <vicky@isc.org> - Subject changed from 'nsupdate: Don't exit on first GSSAPI error' to '[patch] nsupdate: Don't exit on first GSSAPI error'
Wed, 03 Aug 2016 15:52:51 -0400 Vicky Risk <vicky@isc.org> - Severity S2 Normal added
Wed, 21 Jun 2017 14:36:36 -0400 Brian Conry <bconry@isc.org> - Queue changed from #30 to #6
Fri, 07 Jul 2017 19:40:52 -0400 Vicky Risk <vicky@isc.org> - Queue changed from #6 to bind9-public
Wed, 16 Aug 2017 19:27:13 -0400 Mark Andrews <marka@isc.org> - Version Fixed 9.9.9,9.9.9(sub),9.10.4,9.11.0 changed to 9.9.9, 9.9.9-S1, 9.10.4, 9.11.0