Fixed coredns random rebuilds bug. (microsoft#14697)

PawelWMS · web-flow · commit 15df9612a38f · 2025-09-19T00:00:39.000-07:00
diff --git a/SPECS/coredns/CVE-2025-47950.patch b/SPECS/coredns/CVE-2025-47950.patch
@@ -3,13 +3,22 @@ From: Aninda <v-anipradhan@microsoft.com>
 Date: Mon, 16 Jun 2025 15:03:49 -0400
 Subject: [PATCH] Address CVE-2025-47950
 Upstream Patch Reference: https://github.com/coredns/coredns/commit/efaed02c6a480ec147b1f799aab7cf815b17dfe1
+
+Modification from original patch by Pawel Winogrodzki <pawelwi@microsoft.com>:
+	Changed original file order. We want to modify plugin.cfg before
+	zdirectives.go and zplugin.go to guarantee their mtime is same or newer than
+	plugin.cfg. Makefile target for the two z*.go files depends on plugin.cfg,
+	so the original order was causing random runs of the z*.go target.
+	The target included calling 'go get', which in turn would fail builds with disabled
+	network access.
+
 ---
+ plugin.cfg                    |   1 +
  core/dnsserver/config.go      |   8 ++
  core/dnsserver/server_quic.go |  49 +++++--
  core/dnsserver/zdirectives.go |   1 +
  core/plugin/zplugin.go        |   1 +
  man/coredns-quic.7            |  69 ++++++++++
- plugin.cfg                    |   1 +
  plugin/quic/README.md         |  48 +++++++
  plugin/quic/setup.go          |  79 +++++++++++
  plugin/quic/setup_test.go     | 242 ++++++++++++++++++++++++++++++++++
@@ -20,6 +29,18 @@ Upstream Patch Reference: https://github.com/coredns/coredns/commit/efaed02c6a48
  create mode 100644 plugin/quic/setup.go
  create mode 100644 plugin/quic/setup_test.go
 
+diff --git a/plugin.cfg b/plugin.cfg
+index 532c3dd..a01852b 100644
+--- a/plugin.cfg
++++ b/plugin.cfg
+@@ -24,6 +24,7 @@ metadata:metadata
+ geoip:geoip
+ cancel:cancel
+ tls:tls
++quic:quic
+ timeouts:timeouts
+ reload:reload
+ nsid:nsid
 diff --git a/core/dnsserver/config.go b/core/dnsserver/config.go
 index 9e11166..cba5795 100644
 --- a/core/dnsserver/config.go
@@ -231,18 +252,6 @@ index 0000000..6301ec2
 +.fi
 +.RE
 +
-diff --git a/plugin.cfg b/plugin.cfg
-index 532c3dd..a01852b 100644
---- a/plugin.cfg
-+++ b/plugin.cfg
-@@ -24,6 +24,7 @@ metadata:metadata
- geoip:geoip
- cancel:cancel
- tls:tls
-+quic:quic
- timeouts:timeouts
- reload:reload
- nsid:nsid
 diff --git a/plugin/quic/README.md b/plugin/quic/README.md
 new file mode 100644
 index 0000000..63fe56d
diff --git a/SPECS/coredns/coredns.spec b/SPECS/coredns/coredns.spec
@@ -6,7 +6,7 @@
 Summary:        Fast and flexible DNS server
 Name:           coredns
 Version:        1.11.4
-Release:        9%{?dist}
+Release:        10%{?dist}
 License:        Apache License 2.0
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -83,6 +83,9 @@ go install github.com/fatih/faillint@latest && \
 %{_bindir}/%{name}
 
 %changelog
+* Thu Sep 18 2025 Pawel Winogrodzki <pawelwi@microsoft.com> - 1.11.4-10
+- Changed patch order to resolve 'make' race condition.
+
 * Thu Sep 11 2025 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 1.11.4-9
 - Patch for CVE-2025-58063
 
