[Bug 267558] dns/bind-tools: nsupdate fails to read keys

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 04 Nov 2022 09:53:10 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267558

            Bug ID: 267558
           Summary: dns/bind-tools: nsupdate fails to read keys
           Product: Ports & Packages
           Version: Latest
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: mat@FreeBSD.org
          Reporter: dinoex@FreeBSD.org
          Assignee: mat@FreeBSD.org
             Flags: maintainer-feedback?(mat@FreeBSD.org)

Setup:
A aerver jail running "bind916-9.16.34_1":
A client jail running "bind-tools"
The client app sends changes to a dynamic zone via "nsupdate" to the server.

I was upgrading the client jail:

Installed packages to be UPGRADED:
        bind-tools: 9.18.7 -> 9.18.8
        bind916: 9.16.33_1 -> 9.16.34_1

The packages where build with:
/etc/make.conf
DEFAULT_VERSIONS+=      ssl=openssl

After the upgrade, nsupdate failed with:

/usr/local/bin/nsupdate -k
'/usr/local/etc/namedb/Kexample.com.dyn.+157+56215.key'

04-Nov-2022 09:54:01.525
/usr/local/etc/namedb/Kexample.com.dyn.+157+56215.key:1: unknown option
'example.com.dyn.'
04-Nov-2022 09:54:01.525
/usr/local/etc/namedb/Kexample.com.dyn.+157+56215.key:2: unexpected token near
end of file
could not read key from
/usr/local/etc/namedb/Kexample.com.dyn.+157+56215.{private,key}: unexpected
token
update failed: REFUSED

After downgrading both packages, everything works again.

diff of "pkg info bind-tools"
-bind-tools-9.18.7
+bind-tools-9.18.8
-Version        : 9.18.7
+Version        : 9.18.8
 Options        :
-       GSSAPI_BASE    : off
-       GSSAPI_HEIMDAL : off
-       GSSAPI_MIT     : off
-       GSSAPI_NONE    : on
+       GSSAPI_BASE    : off
+       GSSAPI_HEIMDAL : off
+       GSSAPI_MIT     : off
+       GSSAPI_NONE    : on
 Shared Libs provided:
-       libns-9.18.7.so
-       libisccfg-9.18.7.so
-       libisccc-9.18.7.so
-       libisc-9.18.7.so
-       libirs-9.18.7.so
-       libdns-9.18.7.so
-       libbind9-9.18.7.so
+       libbind9-9.18.8.so
+       libdns-9.18.8.so
+       libirs-9.18.8.so
+       libisc-9.18.8.so
+       libisccc-9.18.8.so
+       libisccfg-9.18.8.so
+       libns-9.18.8.so
 Annotations    :
+       cpe            : cpe:2.3:a:isc:bind:9.18.8:::::freebsd12:x64
-       cpe            : cpe:2.3:a:isc:bind:9.18.7:::::freebsd12:x64
-Flat size      : 9.37MiB
+Flat size      : 9.38MiB

I found nothing related in the upstream Changelogs for 9.16 ann 9.18

-- 
You are receiving this mail because:
You are the assignee for the bug.