Rebuilt for bind 9.11.10

In case if system time was changed backward it's possible to have ip
address dropped by the kernel due to lifetime expirity. Try to detect
this situation using either monotonic time or saved timestamp and execute
go_reboot() procedure to request lease extention

Part of fix resides in dhcp, part in bind-export-libs. Only in case of
f29 and f30.

Renamed from 0023-Detect-system-time-jumps.patch on master.

dhcp-4.3.6-bind-9.11.5.patch

@@ -0,0 +1,86 @@
+From ffb24c0bbd4d6f2b4718a1a8f4f2da237cc6ed66 Mon Sep 17 00:00:00 2001
+From: Thomas Markwalder <tmark@isc.org>
+Date: Fri, 14 Sep 2018 13:41:41 -0400
+Subject: [PATCH] [master] Added includes of new BIND9 compatibility headers,
+ updated util/bind.sh
+
+    Merges in rt48072.
+
+(cherry picked from commit 8194daabfd590f17825f0c61e9534bee5c99cc86)
+---
+ includes/omapip/isclib.h |  3 +++
+ includes/omapip/result.h |  1 +
+ server/dhcpv6.c          | 13 +++++++++----
+ 3 files changed, 13 insertions(+), 4 deletions(-)
+
+diff --git a/includes/omapip/isclib.h b/includes/omapip/isclib.h
+index e2963089..fa5d9ad3 100644
+--- a/includes/omapip/isclib.h
++++ b/includes/omapip/isclib.h
+@@ -48,6 +48,9 @@
+ #include <string.h>
+ #include <netdb.h>
+ 
++#include <isc/boolean.h>
++#include <isc/int.h>
++
+ #include <isc/buffer.h>
+ #include <isc/lex.h>
+ #include <isc/lib.h>
+diff --git a/includes/omapip/result.h b/includes/omapip/result.h
+index ae5f7d6a..9c1fab23 100644
+--- a/includes/omapip/result.h
++++ b/includes/omapip/result.h
+@@ -26,6 +26,7 @@
+ #ifndef DHCP_RESULT_H
+ #define DHCP_RESULT_H 1
+ 
++#include <isc/boolean.h>
+ #include <isc/lang.h>
+ #include <isc/resultclass.h>
+ #include <isc/types.h>
+diff --git a/server/dhcpv6.c b/server/dhcpv6.c
+index 74487667..1a6ff241 100644
+--- a/server/dhcpv6.c
++++ b/server/dhcpv6.c
+@@ -1003,7 +1003,8 @@ void check_pool6_threshold(struct reply_state *reply,
+ 				  shared_name,
+ 				  inet_ntop(AF_INET6, &lease->addr,
+ 					    tmp_addr, sizeof(tmp_addr)),
+-				  used, count);
++				  (long long unsigned)(used),
++				  (long long unsigned)(count));
+ 		}
+ 		return;
+ 	}
+@@ -1035,7 +1036,8 @@ void check_pool6_threshold(struct reply_state *reply,
+ 		  "address: %s; high threshold %d%% %llu/%llu.",
+ 		  shared_name,
+ 		  inet_ntop(AF_INET6, &lease->addr, tmp_addr, sizeof(tmp_addr)),
+-		  poolhigh, used, count);
++		  poolhigh, (long long unsigned)(used),
++		  (long long unsigned)(count));
+ 
+ 	/* handle the low threshold now, if we don't
+ 	 * have one we default to 0. */
+@@ -1383,12 +1385,15 @@ pick_v6_address(struct reply_state *reply)
+ 		log_debug("Unable to pick client address: "
+ 			  "no addresses available  - shared network %s: "
+ 			  " 2^64-1 < total, %llu active,  %llu abandoned",
+-			  shared_name, active - abandoned, abandoned);
++			  shared_name, (long long unsigned)(active - abandoned),
++			  (long long unsigned)(abandoned));
+ 	} else {
+ 		log_debug("Unable to pick client address: "
+ 			  "no addresses available  - shared network %s: "
+ 			  "%llu total, %llu active,  %llu abandoned",
+-			  shared_name, total, active - abandoned, abandoned);
++			  shared_name, (long long unsigned)(total),
++			  (long long unsigned)(active - abandoned),
++		          (long long unsigned)(abandoned));
+ 	}
+ 
+ 	return ISC_R_NORESOURCES;
+-- 
+2.14.5
+

dhcp-detect-system-time-jumps.patch

@@ -0,0 +1,80 @@
+diff --git a/client/dhclient.c b/client/dhclient.c
+index 4e5546a..6085b8e 100644
+--- a/client/dhclient.c
++++ b/client/dhclient.c
+@@ -5398,6 +5398,12 @@ isc_result_t dhcp_set_control_state (control_object_state_t oldstate,
+ 		  case server_awaken:
+ 		    state_reboot (client);
+ 		    break;
++
++                  case server_time_changed:
++                    if (client->active){
++                      state_reboot (client);
++                    }
++                    break;
+ 		}
+ 	    }
+ 	}
+diff --git a/common/dispatch.c b/common/dispatch.c
+index d7fe200..8a24499 100644
+--- a/common/dispatch.c
++++ b/common/dispatch.c
+@@ -118,7 +118,6 @@ dispatch(void)
+ 		 * signal. It will return ISC_R_RELOAD in that
+ 		 * case. That is a normal behavior.
+ 		 */
+-
+ 		if (status == ISC_R_RELOAD) {
+ 			/*
+ 			 * dhcp_set_control_state() will do the job.
+@@ -129,6 +128,16 @@ dispatch(void)
+ 			if (status == ISC_R_SUCCESS)
+ 				status = ISC_R_RELOAD;
+ 		}
++
++                
++                if (status == ISC_R_TIMESHIFTED){
++                  status = dhcp_set_control_state(server_time_changed,
++                                                  server_time_changed);
++                  status = ISC_R_RELOAD;
++                  log_info ("System time has been changed. Unable to use existing leases. Restarting");
++                  // do nothing, restart context
++                };
++
+ 	} while (status == ISC_R_RELOAD);
+ 
+ 	log_fatal ("Dispatch routine failed: %s -- exiting",
+diff --git a/includes/dhcpd.h b/includes/dhcpd.h
+index 635c510..ec6c227 100644
+--- a/includes/dhcpd.h
++++ b/includes/dhcpd.h
+@@ -524,7 +524,8 @@ typedef enum {
+ 	server_running = 1,
+ 	server_shutdown = 2,
+ 	server_hibernate = 3,
+-	server_awaken = 4
++	server_awaken = 4,
++        server_time_changed = 5
+ } control_object_state_t;
+ 
+ typedef struct {
+diff --git a/server/dhcpd.c b/server/dhcpd.c
+index e06f6b4..778ef8d 100644
+--- a/server/dhcpd.c
++++ b/server/dhcpd.c
+@@ -1779,6 +1779,12 @@ isc_result_t dhcp_set_control_state (control_object_state_t oldstate,
+ {
+ 	struct timeval tv;
+ 
++        if (newstate == server_time_changed){
++          log_error ("System time has been changed. Leases information unreliable!");
++          return ISC_R_SUCCESS;
++        }
++
++                
+ 	if (newstate != server_shutdown)
+ 		return DHCP_R_INVALIDARG;
+ 	/* Re-entry. */
+-- 
+2.14.5
+

dhcp-iface_hwaddr_discovery.patch

@@ -7,7 +7,80 @@ index 26a78ca..ed01e45 100644
  			tmp = interfaces; /* XXX */
  		}
 +		if (tmp != NULL)
-+			get_hw_addr(tmp);
++			try_hw_addr(tmp);
  
  		if (dhcp_interface_discovery_hook) {
  			(*dhcp_interface_discovery_hook)(tmp);
+diff --git a/common/lpf.c b/common/lpf.c
+index 4a252ca..467b055 100644
+--- a/common/lpf.c
++++ b/common/lpf.c
+@@ -697,8 +697,22 @@ ioctl_get_ll(char *name)
+ 	return sll;
+ }
+ 
++// define ? 
++void try_hw_addr(struct interface_info *info){
++  get_hw_addr2(info);
++};
++
+ void
+ get_hw_addr(struct interface_info *info)
++{
++  if (get_hw_addr2(info) == ISC_R_NOTFOUND){
++    log_fatal("Unsupported device type for \"%s\"",
++              info->name);
++  }
++}
++
++isc_result_t
++get_hw_addr2(struct interface_info *info)
+ {
+ 	struct hardware *hw = &info->hw_address;
+ 	char *name = info->name;
+@@ -708,7 +722,8 @@ get_hw_addr(struct interface_info *info)
+ 	int sll_allocated = 0;
+ 	char *dup = NULL;
+ 	char *colon = NULL;
+-
++        isc_result_t result = ISC_R_SUCCESS;
++        
+ 	if (getifaddrs(&ifaddrs) == -1)
+ 		log_fatal("Failed to get interfaces");
+ 
+@@ -792,14 +807,16 @@ get_hw_addr(struct interface_info *info)
+ 			hw->hbuf[4] = 0xef;
+ 			break;
+ #endif
+-		default:
+-			freeifaddrs(ifaddrs);
+-			log_fatal("Unsupported device type %hu for \"%s\"",
+-				  sll->sll_hatype, name);
++        default:
++          log_error("Unsupported device type %hu for \"%s\"",
++                      sll->sll_hatype, name);
++          result = ISC_R_NOTFOUND;
++
+ 	}
+ 
+ 	if (sll_allocated)
+ 		dfree(sll, MDL);
+ 	freeifaddrs(ifaddrs);
++        return result;
+ }
+ #endif
+diff --git a/includes/dhcpd.h b/includes/dhcpd.h
+index d534f8c..66a21fb 100644
+--- a/includes/dhcpd.h
++++ b/includes/dhcpd.h
+@@ -2591,7 +2591,10 @@ void print_dns_status (int, struct dhcp_ddns_cb *, isc_result_t);
+ #endif
+ const char *print_time(TIME);
+ 
++
+ void get_hw_addr(struct interface_info *info);
++void try_hw_addr(struct interface_info *info);
++isc_result_t get_hw_addr2(struct interface_info *info);
+ char *buf_to_hex (const unsigned char *s, unsigned len,
+                    const char *file, int line);
+ char *format_lease_id(const unsigned char *s, unsigned len, int format,

dhcp-isc_heap_delete.patch

@@ -0,0 +1,164 @@
+diff --git a/includes/dhcpd.h b/includes/dhcpd.h
+index aac2c108..c83dc9a6 100644
+--- a/includes/dhcpd.h
++++ b/includes/dhcpd.h
+@@ -1622,8 +1622,9 @@ struct iasubopt {
+  */
+ #define EXPIRED_IPV6_CLEANUP_TIME (60*60)
+ 
+-	int heap_index;				/* index into heap, or -1
+-						   (internal use only) */
++	/* index into heaps, or -1 (internal use only) */
++	int active_index;
++	int inactive_index;
+ 
+ 	/*
+ 	 * A pointer to the state of the ddns update for this lease.
+diff --git a/server/mdb6.c b/server/mdb6.c
+index 1a728eb3..418ff606 100644
+--- a/server/mdb6.c
++++ b/server/mdb6.c
+@@ -216,7 +216,8 @@ iasubopt_allocate(struct iasubopt **iasubopt, const char *file, int line) {
+ 
+ 	tmp->refcnt = 1;
+ 	tmp->state = FTS_FREE;
+-	tmp->heap_index = -1;
++	tmp->active_index = -1;
++	tmp->inactive_index = -1;
+ 	tmp->plen = 255;
+ 
+ 	*iasubopt = tmp;
+@@ -604,10 +605,14 @@ lease_older(void *a, void *b) {
+  * Callback when an address's position in the heap changes.
+  */
+ static void
+-lease_index_changed(void *iasubopt, unsigned int new_heap_index) {
+-	((struct iasubopt *)iasubopt)-> heap_index = new_heap_index;
++active_changed(void *iasubopt, unsigned int new_heap_index) {
++	((struct iasubopt *)iasubopt)-> active_index = new_heap_index;
+ }
+ 
++static void
++inactive_changed(void *iasubopt, unsigned int new_heap_index) {
++	((struct iasubopt *)iasubopt)-> inactive_index = new_heap_index;
++}
+ 
+ /*!
+  *
+@@ -660,13 +665,13 @@ ipv6_pool_allocate(struct ipv6_pool **pool, u_int16_t type,
+ 		dfree(tmp, file, line);
+ 		return ISC_R_NOMEMORY;
+ 	}
+-	if (isc_heap_create(dhcp_gbl_ctx.mctx, lease_older, lease_index_changed,
++	if (isc_heap_create(dhcp_gbl_ctx.mctx, lease_older, active_changed,
+ 			    0, &(tmp->active_timeouts)) != ISC_R_SUCCESS) {
+ 		iasubopt_free_hash_table(&(tmp->leases), file, line);
+ 		dfree(tmp, file, line);
+ 		return ISC_R_NOMEMORY;
+ 	}
+-	if (isc_heap_create(dhcp_gbl_ctx.mctx, lease_older, lease_index_changed,
++	if (isc_heap_create(dhcp_gbl_ctx.mctx, lease_older, inactive_changed,
+ 			    0, &(tmp->inactive_timeouts)) != ISC_R_SUCCESS) {
+ 		isc_heap_destroy(&(tmp->active_timeouts));
+ 		iasubopt_free_hash_table(&(tmp->leases), file, line);
+@@ -1361,7 +1366,7 @@ cleanup_lease6(ia_hash_t *ia_table,
+ 	 * Remove the old lease from the active heap and from the hash table
+ 	 * then remove the lease from the IA and clean up the IA if necessary.
+ 	 */
+-	isc_heap_delete(pool->active_timeouts, test_iasubopt->heap_index);
++	isc_heap_delete(pool->active_timeouts, test_iasubopt->active_index);
+ 	pool->num_active--;
+ 	if (pool->ipv6_pond)
+ 		pool->ipv6_pond->num_active--;
+@@ -1434,7 +1439,7 @@ add_lease6(struct ipv6_pool *pool, struct iasubopt *lease,
+ 		if ((test_iasubopt->state == FTS_ACTIVE) ||
+ 		    (test_iasubopt->state == FTS_ABANDONED)) {
+ 			isc_heap_delete(pool->active_timeouts,
+-					test_iasubopt->heap_index);
++					test_iasubopt->active_index);
+ 			pool->num_active--;
+ 			if (pool->ipv6_pond)
+ 				pool->ipv6_pond->num_active--;
+@@ -1446,7 +1451,7 @@ add_lease6(struct ipv6_pool *pool, struct iasubopt *lease,
+ 			}
+ 		} else {
+ 			isc_heap_delete(pool->inactive_timeouts,
+-					test_iasubopt->heap_index);
++					test_iasubopt->inactive_index);
+ 			pool->num_inactive--;
+ 		}
+ 
+@@ -1567,14 +1572,13 @@ lease6_usable(struct iasubopt *lease) {
+ static isc_result_t
+ move_lease_to_active(struct ipv6_pool *pool, struct iasubopt *lease) {
+ 	isc_result_t insert_result;
+-	int old_heap_index;
+ 
+-	old_heap_index = lease->heap_index;
+ 	insert_result = isc_heap_insert(pool->active_timeouts, lease);
+ 	if (insert_result == ISC_R_SUCCESS) {
+        		iasubopt_hash_add(pool->leases, &lease->addr, 
+ 				  sizeof(lease->addr), lease, MDL);
+-		isc_heap_delete(pool->inactive_timeouts, old_heap_index);
++		isc_heap_delete(pool->inactive_timeouts,
++				lease->inactive_index);
+ 		pool->num_active++;
+ 		pool->num_inactive--;
+ 		lease->state = FTS_ACTIVE;
+@@ -1624,16 +1628,16 @@ renew_lease6(struct ipv6_pool *pool, struct iasubopt *lease) {
+ 	if (lease->state == FTS_ACTIVE) {
+ 		if (old_end_time <= lease->hard_lifetime_end_time) {
+ 			isc_heap_decreased(pool->active_timeouts,
+-					   lease->heap_index);
++					   lease->active_index);
+ 		} else {
+ 			isc_heap_increased(pool->active_timeouts,
+-					   lease->heap_index);
++					   lease->active_index);
+ 		}
+ 		return ISC_R_SUCCESS;
+ 	} else if (lease->state == FTS_ABANDONED) {
+ 		char tmp_addr[INET6_ADDRSTRLEN];
+                 lease->state = FTS_ACTIVE;
+-                isc_heap_increased(pool->active_timeouts, lease->heap_index);
++                isc_heap_increased(pool->active_timeouts, lease->active_index);
+ 		log_info("Reclaiming previously abandoned address %s",
+ 			 inet_ntop(AF_INET6, &(lease->addr), tmp_addr,
+ 				   sizeof(tmp_addr)));
+@@ -1655,9 +1659,7 @@ static isc_result_t
+ move_lease_to_inactive(struct ipv6_pool *pool, struct iasubopt *lease, 
+ 		       binding_state_t state) {
+ 	isc_result_t insert_result;
+-	int old_heap_index;
+ 
+-	old_heap_index = lease->heap_index;
+ 	insert_result = isc_heap_insert(pool->inactive_timeouts, lease);
+ 	if (insert_result == ISC_R_SUCCESS) {
+ 		/*
+@@ -1708,7 +1710,7 @@ move_lease_to_inactive(struct ipv6_pool *pool, struct iasubopt *lease,
+ 
+ 		iasubopt_hash_delete(pool->leases, 
+ 				     &lease->addr, sizeof(lease->addr), MDL);
+-		isc_heap_delete(pool->active_timeouts, old_heap_index);
++		isc_heap_delete(pool->active_timeouts, lease->active_index);
+ 		lease->state = state;
+ 		pool->num_active--;
+ 		pool->num_inactive++;
+@@ -1786,7 +1788,7 @@ decline_lease6(struct ipv6_pool *pool, struct iasubopt *lease) {
+ 		pool->ipv6_pond->num_abandoned++;
+ 
+ 	lease->hard_lifetime_end_time = MAX_TIME;
+-	isc_heap_decreased(pool->active_timeouts, lease->heap_index);
++	isc_heap_decreased(pool->active_timeouts, lease->active_index);
+ 	return ISC_R_SUCCESS;
+ }
+ 
+@@ -2059,7 +2061,7 @@ cleanup_old_expired(struct ipv6_pool *pool) {
+ 			break;
+ 		}
+ 
+-		isc_heap_delete(pool->inactive_timeouts, tmp->heap_index);
++		isc_heap_delete(pool->inactive_timeouts, tmp->inactive_index);
+ 		pool->num_inactive--;
+ 
+ 		if (tmp->ia != NULL) {

dhcp.spec

@@ -16,7 +16,8 @@
 Summary:  Dynamic host configuration protocol software
 Name:     dhcp
 Version:  4.3.6
-Release:  27%{?dist}
+Release:  34%{?dist}
+
 # NEVER CHANGE THE EPOCH on this package.  The previous maintainer (prior to
 # dcantrell maintaining the package) made incorrect use of the epoch and
 # that's why it is at 12 now.  It should have never been used, but it was.
@@ -78,6 +79,9 @@ Patch41:  dhcp-4.3.6-isc-util.patch
 Patch42:  dhcp-4.3.6-options_overflow.patch
 Patch43:  dhcp-4.3.6-reference_count_overflow.patch
 Patch44:  dhcp-iface_hwaddr_discovery.patch
+Patch45:  dhcp-4.3.6-bind-9.11.5.patch
+Patch46:  dhcp-isc_heap_delete.patch
+Patch48:  dhcp-detect-system-time-jumps.patch
 
 BuildRequires: autoconf
 BuildRequires: automake
@@ -87,7 +91,8 @@ BuildRequires: openldap-devel
 BuildRequires: krb5-devel
 BuildRequires: libcap-ng-devel
 # https://fedorahosted.org/fpc/ticket/502#comment:3
-BuildRequires: bind-export-devel
+# https://bugzilla.redhat.com/show_bug.cgi?id=916116
+BuildRequires: bind-export-devel >= 9.11.8-2
 BuildRequires: systemd systemd-devel
 # dhcp-sd_notify.patch
 BuildRequires: pkgconfig(libsystemd)
@@ -354,6 +359,15 @@ rm bind/bind.tar.gz
 # https://bugzilla.redhat.com/1163379
 %patch44 -p1 -b .xid-hwaddr
 
+# Build on Bind 9.11.5+
+%patch45 -p1 -b .bind
+
+# https://bugs.isc.org/Public/Bug/Display.html?id=46719#
+%patch46 -p1 -b .heap
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=916116
+%patch48 -p1 -b .time-jump
+
 # DHCLIENT_DEFAULT_PREFIX_LEN  64 -> 128
 # https://bugzilla.gnome.org/show_bug.cgi?id=656610
 sed -i -e 's|DHCLIENT_DEFAULT_PREFIX_LEN 64|DHCLIENT_DEFAULT_PREFIX_LEN 128|g' includes/site.h
@@ -677,6 +691,27 @@ done
 %endif
 
 %changelog
+* Wed Aug 28 2019 Petr Menšík <pemensik@redhat.com> - 12:4.3.6-34
+- Rebuilt for bind 9.11.10
+
+* Thu Jul 25 2019 Petr Menšík <pemensik@redhat.com> - 12:4.3.6-33
+- Detect time change and request lease renewal (#916116)
+
+* Wed Jul 17 2019 Petr Menšík <pemensik@redhat.com> - 12:4.3.6-32
+- Rebuilt for bind 9.11.8
+
+* Sat May 04 2019 Björn Esser <besser82@fedoraproject.org> - 12:4.3.6-31
+- rebuilt (bind)
+
+* Tue Apr 30 2019 Pavel Zhukov <pzhukov@redhat.com> - 12:4.3.6-30
+- Resolves: #1641246 - Do not rely on isc_heap_delete bug
+
+* Tue Nov 06 2018 Petr Menšík <pemensik@redhat.com> - 12:4.3.6-29
+- Compile on BIND 9.11.5
+
+* Mon Sep 24 2018 Pavel Zhukov <pzhukov@redhat.com> - 12:4.3.6-28
+- Resolves: 1632246 - Do not fail if iface has no hwaddr 
+
 * Fri Jul 13 2018 Petr Menšík <pemensik@redhat.com> - 12:4.3.6-27
 - Update to bind 9.11.4