From 33b37417b55f846b5d76ccacee779c3b626af015 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Aug 01 2017 03:46:34 +0000 Subject: import dnsmasq-2.76-2.el7 --- diff --git a/.dnsmasq.metadata b/.dnsmasq.metadata index dfeefcb..c26dbef 100644 --- a/.dnsmasq.metadata +++ b/.dnsmasq.metadata @@ -1 +1 @@ -fb6b1690de53014a8e6c8bfa6f1653062b965741 SOURCES/dnsmasq-2.66.tar.gz +3cb264e2505a06705203d616883db5ee6ac00026 SOURCES/dnsmasq-2.76.tar.gz diff --git a/.gitignore b/.gitignore index 9d96e45..1dd44d3 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/dnsmasq-2.66.tar.gz +SOURCES/dnsmasq-2.76.tar.gz diff --git a/SOURCES/dnsmasq-2.66-Allow-constructed-ranges-from-interface-address-at-end-of-range.patch b/SOURCES/dnsmasq-2.66-Allow-constructed-ranges-from-interface-address-at-end-of-range.patch deleted file mode 100644 index 6eda494..0000000 --- a/SOURCES/dnsmasq-2.66-Allow-constructed-ranges-from-interface-address-at-end-of-range.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 429805dbbc3888abc0d472c45935e92057964384 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Fri, 31 May 2013 13:47:26 +0100 -Subject: [PATCH 1/1] Allow constructed ranges from interface address at end of range. - -Also make man page on this clearer, as it's been confusing many. ---- - man/dnsmasq.8 | 11 ++++++++++- - src/dhcp6.c | 4 +++- - 2 files changed, 13 insertions(+), 2 deletions(-) - -diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 -index d2e3d18..1c3dfeb 100644 ---- a/man/dnsmasq.8 -+++ b/man/dnsmasq.8 -@@ -649,7 +649,16 @@ This forms a template which describes how to create ranges, based on the address - - .B --dhcp-range=::1,::400,constructor:eth0 - --will look for addresses of the form ::1 on eth0 and then create a range from ::1 to ::400. If the interface is assigned more than one network, then the corresponding ranges will be automatically created, and then deprecated and finally removed again as the address is deprecated and then deleted. The interface name may have a final "*" wildcard. -+will look for addresses of the form ::1 or :400 on -+eth0 and then create a range from ::1 to ::400. If -+the interface is assigned more than one network, then the -+corresponding ranges will be automatically created, and then -+deprecated and finally removed again as the address is deprecated and -+then deleted. The interface name may have a final "*" wildcard. Note -+that just any address on eth0 will not do: the non-prefix part must be -+equal either the start or end address given in the dhcp-range. This is -+to prevent prefixes becoming perpetual if the interface -+gains a SLAAC address for the prefix when it is advertised by dnsmasq. - - The optional - .B set: -diff --git a/src/dhcp6.c b/src/dhcp6.c -index a827b2f..6cd30b5 100644 ---- a/src/dhcp6.c -+++ b/src/dhcp6.c -@@ -538,7 +538,9 @@ static int construct_worker(struct in6_addr *local, int prefix, - } - - } -- else if (addr6part(local) == addr6part(&template->start6) && wildcard_match(template->template_interface, ifrn_name)) -+ else if ((addr6part(local) == addr6part(&template->start6) || -+ addr6part(local) == addr6part(&template->end6)) && -+ wildcard_match(template->template_interface, ifrn_name)) - { - start6 = *local; - setaddr6part(&start6, addr6part(&template->start6)); --- -1.7.2.5 - diff --git a/SOURCES/dnsmasq-2.66-Allow-option_number_zero_in_encapsulated_DHCP_options.patch b/SOURCES/dnsmasq-2.66-Allow-option_number_zero_in_encapsulated_DHCP_options.patch deleted file mode 100644 index 4acc08d..0000000 --- a/SOURCES/dnsmasq-2.66-Allow-option_number_zero_in_encapsulated_DHCP_options.patch +++ /dev/null @@ -1,142 +0,0 @@ -From bd08ae67f9a0cae2ce15be885254cad9449d4551 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Fri, 19 Apr 2013 10:22:06 +0100 -Subject: [PATCH] Allow option number zero in encapsulated DHCP options. - ---- - src/dhcp-common.c | 6 +++--- - src/dnsmasq.h | 4 ++-- - src/option.c | 33 ++++++++++++++++++++------------- - 3 files changed, 25 insertions(+), 18 deletions(-) - -diff --git a/src/dhcp-common.c b/src/dhcp-common.c -index f4fd088..8de4268 100644 ---- a/src/dhcp-common.c -+++ b/src/dhcp-common.c -@@ -512,7 +512,7 @@ void display_opts6(void) - } - #endif - --u16 lookup_dhcp_opt(int prot, char *name) -+int lookup_dhcp_opt(int prot, char *name) - { - const struct opttab_t *t; - int i; -@@ -528,10 +528,10 @@ u16 lookup_dhcp_opt(int prot, char *name) - if (strcasecmp(t[i].name, name) == 0) - return t[i].val; - -- return 0; -+ return -1; - } - --u16 lookup_dhcp_len(int prot, u16 val) -+int lookup_dhcp_len(int prot, int val) - { - const struct opttab_t *t; - int i; -diff --git a/src/dnsmasq.h b/src/dnsmasq.h -index 69ae7a7..41e2798 100644 ---- a/src/dnsmasq.h -+++ b/src/dnsmasq.h -@@ -1216,8 +1216,8 @@ void log_tags(struct dhcp_netid *netid, u32 xid); - int match_bytes(struct dhcp_opt *o, unsigned char *p, int len); - void dhcp_update_configs(struct dhcp_config *configs); - void display_opts(void); --u16 lookup_dhcp_opt(int prot, char *name); --u16 lookup_dhcp_len(int prot, u16 val); -+int lookup_dhcp_opt(int prot, char *name); -+int lookup_dhcp_len(int prot, int val); - char *option_string(int prot, unsigned int opt, unsigned char *val, - int opt_len, char *buf, int buf_len); - #ifdef HAVE_LINUX_NETWORK -diff --git a/src/option.c b/src/option.c -index b2596ec..2a61017 100644 ---- a/src/option.c -+++ b/src/option.c -@@ -750,6 +750,7 @@ static int parse_dhcp_opt(char *errstr, char *arg, int flags) - struct dhcp_netid *np = NULL; - u16 opt_len = 0; - int is6 = 0; -+ int option_ok = 0; - - new->len = 0; - new->flags = flags; -@@ -769,16 +770,19 @@ static int parse_dhcp_opt(char *errstr, char *arg, int flags) - { - new->opt = atoi(arg); - opt_len = 0; -+ option_ok = 1; - break; - } - - if (strstr(arg, "option:") == arg) - { -- new->opt = lookup_dhcp_opt(AF_INET, arg+7); -- opt_len = lookup_dhcp_len(AF_INET, new->opt); -- /* option: must follow tag and vendor string. */ -- if ((opt_len & OT_INTERNAL) && flags != DHOPT_MATCH) -- new->opt = 0; -+ if ((new->opt = lookup_dhcp_opt(AF_INET, arg+7)) != -1) -+ { -+ opt_len = lookup_dhcp_len(AF_INET, new->opt); -+ /* option: must follow tag and vendor string. */ -+ if (!(opt_len & OT_INTERNAL) || flags == DHOPT_MATCH) -+ option_ok = 1; -+ } - break; - } - #ifdef HAVE_DHCP6 -@@ -792,13 +796,16 @@ static int parse_dhcp_opt(char *errstr, char *arg, int flags) - { - new->opt = atoi(arg+8); - opt_len = 0; -+ option_ok = 1; - } - else - { -- new->opt = lookup_dhcp_opt(AF_INET6, arg+8); -- opt_len = lookup_dhcp_len(AF_INET6, new->opt); -- if ((opt_len & OT_INTERNAL) && flags != DHOPT_MATCH) -- new->opt = 0; -+ if ((new->opt = lookup_dhcp_opt(AF_INET6, arg+8)) != -1) -+ { -+ opt_len = lookup_dhcp_len(AF_INET6, new->opt); -+ if (!(opt_len & OT_INTERNAL) || flags == DHOPT_MATCH) -+ option_ok = 1; -+ } - } - /* option6:| must follow tag and vendor string. */ - is6 = 1; -@@ -821,7 +828,7 @@ static int parse_dhcp_opt(char *errstr, char *arg, int flags) - new->flags |= DHOPT_RFC3925; - if (flags == DHOPT_MATCH) - { -- new->opt = 1; /* avoid error below */ -+ option_ok = 1; - break; - } - } -@@ -848,16 +855,16 @@ static int parse_dhcp_opt(char *errstr, char *arg, int flags) - - if (opt_len == 0 && - !(new->flags & DHOPT_RFC3925)) -- opt_len = lookup_dhcp_len(AF_INET6 ,new->opt); -+ opt_len = lookup_dhcp_len(AF_INET6, new->opt); - } - else - #endif - if (opt_len == 0 && - !(new->flags & (DHOPT_VENDOR | DHOPT_ENCAPSULATE | DHOPT_RFC3925))) -- opt_len = lookup_dhcp_len(AF_INET ,new->opt); -+ opt_len = lookup_dhcp_len(AF_INET, new->opt); - - /* option may be missing with rfc3925 match */ -- if (new->opt == 0) -+ if (!option_ok) - ret_err(_("bad dhcp-option")); - - if (comma) --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-Dont-BIND-DHCP-socket-if-more-interfaces-may-come.patch b/SOURCES/dnsmasq-2.66-Dont-BIND-DHCP-socket-if-more-interfaces-may-come.patch deleted file mode 100644 index 638c67a..0000000 --- a/SOURCES/dnsmasq-2.66-Dont-BIND-DHCP-socket-if-more-interfaces-may-come.patch +++ /dev/null @@ -1,51 +0,0 @@ -From e2ba0df2d4798e52e188c2f7f74613867d5aa82a Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Fri, 31 May 2013 17:04:25 +0100 -Subject: [PATCH 1/1] Don't BIND DHCP socket if more interfaces may come along later. - ---- - src/dhcp-common.c | 20 +++++++++++++------- - 1 file changed, 13 insertions(+), 7 deletions(-) - -diff --git a/src/dhcp-common.c b/src/dhcp-common.c -index 8de4268..9321e92 100644 ---- a/src/dhcp-common.c -+++ b/src/dhcp-common.c -@@ -347,21 +347,27 @@ void bindtodevice(int fd) - to that device. This is for the use case of (eg) OpenStack, which runs a new - dnsmasq instance for each VLAN interface it creates. Without the BINDTODEVICE, - individual processes don't always see the packets they should. -- SO_BINDTODEVICE is only available Linux. */ -+ SO_BINDTODEVICE is only available Linux. -+ -+ Note that if wildcards are used in --interface, or a configured interface doesn't -+ yet exist, then more interfaces may arrive later, so we can't safely assert there -+ is only one interface and proceed. -+*/ - - struct irec *iface, *found; -- -+ struct iname *if_tmp; -+ -+ for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next) -+ if (if_tmp->name && (!if_tmp->used || strchr(if_tmp->name, '*'))) -+ return; -+ - for (found = NULL, iface = daemon->interfaces; iface; iface = iface->next) - if (iface->dhcp_ok) - { - if (!found) - found = iface; - else if (strcmp(found->name, iface->name) != 0) -- { -- /* more than one. */ -- found = NULL; -- break; -- } -+ return; /* more than one. */ - } - - if (found) --- -1.7.2.5 - diff --git a/SOURCES/dnsmasq-2.66-Fix-crash-on-SERVFAIL-when-using-conntrack.patch b/SOURCES/dnsmasq-2.66-Fix-crash-on-SERVFAIL-when-using-conntrack.patch deleted file mode 100644 index d3f0341..0000000 --- a/SOURCES/dnsmasq-2.66-Fix-crash-on-SERVFAIL-when-using-conntrack.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 797a7afba477390bc016c647cfb792c85ee6102d Mon Sep 17 00:00:00 2001 -From: Giacomo Tazzari -Date: Mon, 22 Apr 2013 13:16:37 +0100 -Subject: [PATCH] Fix crash on SERVFAIL when --conntrack in use. - ---- - CHANGELOG | 5 ++++++ - src/forward.c | 6 +++--- - 2 files changed, 9 insertions(+), 3 deletions(-) - -diff --git a/CHANGELOG b/CHANGELOG -index 93aaf18..6cb1b51 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -1,3 +1,8 @@ -+ Fix crash if upstream server returns SERVFAIL when -+ --conntrack in use. Thanks to Giacomo Tazzari for finding -+ this and supplying the patch. -+ -+ - version 2.66 - Add the ability to act as an authoritative DNS - server. Dnsmasq can now answer queries from the wider 'net -diff --git a/src/forward.c b/src/forward.c -index 77d6849..78495ca 100644 ---- a/src/forward.c -+++ b/src/forward.c -@@ -328,8 +328,8 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr, - struct server *firstsentto = start; - int forwarded = 0; - -- if (udpaddr && option_bool(OPT_ADD_MAC)) -- plen = add_mac(header, plen, ((char *) header) + PACKETSZ, udpaddr); -+ if (option_bool(OPT_ADD_MAC)) -+ plen = add_mac(header, plen, ((char *) header) + PACKETSZ, &forward->source); - - while (1) - { -@@ -372,7 +372,7 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr, - if (option_bool(OPT_CONNTRACK)) - { - unsigned int mark; -- if (get_incoming_mark(udpaddr, dst_addr, 0, &mark)) -+ if (get_incoming_mark(&forward->source, &forward->dest, 0, &mark)) - setsockopt(fd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int)); - } - #endif --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-Fix-option-parsing-for-dhcp-host.patch b/SOURCES/dnsmasq-2.66-Fix-option-parsing-for-dhcp-host.patch deleted file mode 100644 index d3c0a96..0000000 --- a/SOURCES/dnsmasq-2.66-Fix-option-parsing-for-dhcp-host.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 3e8ed78bf1b2649b13129327700d5d55bd2040e2 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Wed, 29 May 2013 14:31:33 +0100 -Subject: [PATCH 1/1] Fix option parsing for --dhcp-host. - ---- - src/option.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/option.c b/src/option.c -index eb71102..ac54c31 100644 ---- a/src/option.c -+++ b/src/option.c -@@ -2510,7 +2510,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - case 'G': /* --dhcp-host */ - { - int j, k = 0; -- char *a[6] = { NULL, NULL, NULL, NULL, NULL, NULL }; -+ char *a[7] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL }; - struct dhcp_config *new; - struct in_addr in; - -@@ -2522,7 +2522,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - new->netid = NULL; - - if ((a[0] = arg)) -- for (k = 1; k < 6; k++) -+ for (k = 1; k < 7; k++) - if (!(a[k] = split(a[k-1]))) - break; - --- -1.7.2.5 - diff --git a/SOURCES/dnsmasq-2.66-Fix-regression-in-dhcp_lease_time-utility.patch b/SOURCES/dnsmasq-2.66-Fix-regression-in-dhcp_lease_time-utility.patch deleted file mode 100644 index d523603..0000000 --- a/SOURCES/dnsmasq-2.66-Fix-regression-in-dhcp_lease_time-utility.patch +++ /dev/null @@ -1,103 +0,0 @@ -From aa63a21ce0b20dfe988e0bcdf14b8b930de20311 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Mon, 22 Apr 2013 15:01:52 +0100 -Subject: [PATCH] Fix regression in dhcp_lease_time utility. - ---- - CHANGELOG | 9 +++++++++ - contrib/wrt/dhcp_lease_time.c | 9 ++++++++- - src/rfc2131.c | 17 ++++++++++++++++- - 3 files changed, 33 insertions(+), 2 deletions(-) - -diff --git a/CHANGELOG b/CHANGELOG -index 6cb1b51..268b64d 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -2,6 +2,15 @@ version 2.67 - Fix crash if upstream server returns SERVFAIL when - --conntrack in use. Thanks to Giacomo Tazzari for finding - this and supplying the patch. -+ -+ Repair regression in 2.64. That release stopped sending -+ lease-time information in the reply to DHCPINFORM -+ requests, on the correct grounds that it was a standards -+ violation. However, this broke the dnsmasq-specific -+ dhcp_lease_time utility. Now, DHCPINFORM returns -+ lease-time only if it's specifically requested -+ (maintaining standards) and the dhcp_lease_time utility -+ has been taught to ask for it (restoring functionality). - - - version 2.66 -diff --git a/contrib/wrt/dhcp_lease_time.c b/contrib/wrt/dhcp_lease_time.c -index 2866bb5..b438ef7 100644 ---- a/contrib/wrt/dhcp_lease_time.c -+++ b/contrib/wrt/dhcp_lease_time.c -@@ -20,7 +20,7 @@ - nothing is sent to stdout a message is sent to stderr and a - non-zero error code is returned. - -- Requires dnsmasq 2.40 or later. -+ This version requires dnsmasq 2.66 or later. - */ - - #include -@@ -46,6 +46,7 @@ - #define OPTION_LEASE_TIME 51 - #define OPTION_OVERLOAD 52 - #define OPTION_MESSAGE_TYPE 53 -+#define OPTION_REQUESTED_OPTIONS 55 - #define OPTION_END 255 - #define DHCPINFORM 8 - #define DHCP_SERVER_PORT 67 -@@ -167,6 +168,12 @@ int main(int argc, char **argv) - *(p++) = 1; - *(p++) = DHCPINFORM; - -+ /* Explicity request the lease time, it won't be sent otherwise: -+ this is a dnsmasq extension, not standard. */ -+ *(p++) = OPTION_REQUESTED_OPTIONS; -+ *(p++) = 1; -+ *(p++) = OPTION_LEASE_TIME; -+ - *(p++) = OPTION_END; - - dest.sin_family = AF_INET; -diff --git a/src/rfc2131.c b/src/rfc2131.c -index 92974c0..013a446 100644 ---- a/src/rfc2131.c -+++ b/src/rfc2131.c -@@ -39,6 +39,7 @@ static unsigned char *option_find(struct dhcp_packet *mess, size_t size, int opt - static unsigned char *option_find1(unsigned char *p, unsigned char *end, int opt, int minsize); - static size_t dhcp_packet_size(struct dhcp_packet *mess, unsigned char *agent_id, unsigned char *real_end); - static void clear_packet(struct dhcp_packet *mess, unsigned char *end); -+static int in_list(unsigned char *list, int opt); - static void do_options(struct dhcp_context *context, - struct dhcp_packet *mess, - unsigned char *real_end, -@@ -1410,7 +1411,21 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index, - clear_packet(mess, end); - option_put(mess, end, OPTION_MESSAGE_TYPE, 1, DHCPACK); - option_put(mess, end, OPTION_SERVER_IDENTIFIER, INADDRSZ, ntohl(server_id(context, override, fallback).s_addr)); -- -+ -+ /* RFC 2131 says that DHCPINFORM shouldn't include lease-time parameters, but -+ we supply a utility which makes DHCPINFORM requests to get this information. -+ Only include lease time if OPTION_LEASE_TIME is in the parameter request list, -+ which won't be true for ordinary clients, but will be true for the -+ dhcp_lease_time utility. */ -+ if (lease && in_list(req_options, OPTION_LEASE_TIME)) -+ { -+ if (lease->expires == 0) -+ time = 0xffffffff; -+ else -+ time = (unsigned int)difftime(lease->expires, now); -+ option_put(mess, end, OPTION_LEASE_TIME, 4, time); -+ } -+ - do_options(context, mess, end, req_options, hostname, get_domain(mess->ciaddr), - netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now); - --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-Fix-wrong_size_in_memset_call.patch b/SOURCES/dnsmasq-2.66-Fix-wrong_size_in_memset_call.patch deleted file mode 100644 index f5103bc..0000000 --- a/SOURCES/dnsmasq-2.66-Fix-wrong_size_in_memset_call.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 4582c0efe7d7af93517b1f3bcc7af67685ab3e5c Mon Sep 17 00:00:00 2001 -From: Dave Reisner -Date: Thu, 18 Apr 2013 09:47:49 +0100 -Subject: [PATCH] Fix wrong size in memset() call. - -Thanks to Dave Reisner. ---- - src/ipset.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/ipset.c b/src/ipset.c -index a34ed96..f175fa4 100644 ---- a/src/ipset.c -+++ b/src/ipset.c -@@ -110,7 +110,7 @@ static int new_add_to_ipset(const char *setname, const struct all_addr *ipaddr, - return -1; - } - -- memset(buffer, 0, sizeof(buffer)); -+ memset(buffer, 0, BUFF_SZ); - - nlh = (struct nlmsghdr *)buffer; - nlh->nlmsg_len = NL_ALIGN(sizeof(struct nlmsghdr)); --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-Fix_crash_with_empty_DHCP_string_options.patch b/SOURCES/dnsmasq-2.66-Fix_crash_with_empty_DHCP_string_options.patch deleted file mode 100644 index f20b113..0000000 --- a/SOURCES/dnsmasq-2.66-Fix_crash_with_empty_DHCP_string_options.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 625ac28c61b0a5e6a252db00d72fbac6d88718fd Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Tue, 2 Jul 2013 21:19:32 +0100 -Subject: [PATCH] Fix crash with empty DHCP string options. - ---- - src/rfc2131.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletions(-) - -diff --git a/src/rfc2131.c b/src/rfc2131.c -index 499f5c4..e7fa75f 100644 ---- a/src/rfc2131.c -+++ b/src/rfc2131.c -@@ -1833,7 +1833,8 @@ static int do_opt(struct dhcp_opt *opt, unsigned char *p, struct dhcp_context *c - } - } - else -- memcpy(p, opt->val, len); -+ /* empty string may be extended to "\0" by null_term */ -+ memcpy(p, opt->val ? opt->val : (unsigned char *)"", len); - } - return len; - } --- -1.7.2.5 - diff --git a/SOURCES/dnsmasq-2.66-Fix_failure_to_start_with_ENOTSOCK.patch b/SOURCES/dnsmasq-2.66-Fix_failure_to_start_with_ENOTSOCK.patch deleted file mode 100644 index 26b2795..0000000 --- a/SOURCES/dnsmasq-2.66-Fix_failure_to_start_with_ENOTSOCK.patch +++ /dev/null @@ -1,44 +0,0 @@ -From cfcad42ff1ddee8e64d120f18016a654152d0215 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Fri, 17 May 2013 11:32:03 +0100 -Subject: [PATCH] Fix failure to start with ENOTSOCK - ---- - CHANGELOG | 6 ++++++ - src/dnsmasq.c | 2 +- - 2 files changed, 7 insertions(+), 1 deletion(-) - -diff --git a/CHANGELOG b/CHANGELOG -index 7aa0024..48b6070 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -31,7 +31,13 @@ version 2.67 - want to continue to bind the aliases too, you need to add - eg. --interface=eth0:0 to the config. - -+ Fix "failed to set SO_BINDTODEVICE on DHCP socket: Socket -+ operation on non-socket" error on startup with -+ configurations which have exactly one --interface option -+ and do RA but _not_ DHCPv6. Thanks to Trever Adams for the -+ bug report. - -+ - version 2.66 - Add the ability to act as an authoritative DNS - server. Dnsmasq can now answer queries from the wider 'net -diff --git a/src/dnsmasq.c b/src/dnsmasq.c -index 43b8cb1..b0f984d 100644 ---- a/src/dnsmasq.c -+++ b/src/dnsmasq.c -@@ -248,7 +248,7 @@ int main (int argc, char **argv) - #endif - - #if defined(HAVE_LINUX_NETWORK) && defined(HAVE_DHCP6) -- if (daemon->dhcp6) -+ if (daemon->doing_dhcp6) - bindtodevice(daemon->dhcp6fd); - #endif - } --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-Handle_IPv4_interface_address_labels_in_Linux.patch b/SOURCES/dnsmasq-2.66-Handle_IPv4_interface_address_labels_in_Linux.patch deleted file mode 100644 index 1434467..0000000 --- a/SOURCES/dnsmasq-2.66-Handle_IPv4_interface_address_labels_in_Linux.patch +++ /dev/null @@ -1,283 +0,0 @@ -From 3f2873d42c4d7e7dba32b6e64a3687d43928bc8e Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Tue, 14 May 2013 11:28:47 +0100 -Subject: [PATCH] Handle IPv4 interface-address labels in Linux. - ---- - CHANGELOG | 9 +++++++++ - src/bpf.c | 2 +- - src/dhcp.c | 14 +++++++++----- - src/dnsmasq.h | 1 + - src/forward.c | 3 ++- - src/lease.c | 3 ++- - src/netlink.c | 7 +++++-- - src/network.c | 39 +++++++++++++++++++++++++++++++-------- - src/tftp.c | 3 ++- - 9 files changed, 62 insertions(+), 19 deletions(-) - -diff --git a/CHANGELOG b/CHANGELOG -index f6ce80e..7aa0024 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -21,6 +21,15 @@ version 2.67 - Fix --dhcp-match, --dhcp-vendorclass and --dhcp-userclass - to work with BOOTP and well as DHCP. Thanks to Peter - Korsgaard for spotting the problem. -+ -+ Handle IPv4 interface-address labels in Linux. These are -+ often used to emulate the old IP-alias addresses. Before, -+ using --interface=eth0 would service all the addresses of -+ eth0, including ones configured as aliases, which appear -+ in ifconfig as eth0:0. Now, only addresses with the label -+ eth0 are active. This is not backwards compatible: if you -+ want to continue to bind the aliases too, you need to add -+ eg. --interface=eth0:0 to the config. - - - version 2.66 -diff --git a/src/bpf.c b/src/bpf.c -index 02a3abb..e75b0c6 100644 ---- a/src/bpf.c -+++ b/src/bpf.c -@@ -123,7 +123,7 @@ int iface_enumerate(int family, void *parm, int (*callback)()) - broadcast = ((struct sockaddr_in *) addrs->ifa_broadaddr)->sin_addr; - else - broadcast.s_addr = 0; -- if (!((*callback)(addr, iface_index, netmask, broadcast, parm))) -+ if (!((*callback)(addr, iface_index, NULL, netmask, broadcast, parm))) - goto err; - } - #ifdef HAVE_IPV6 -diff --git a/src/dhcp.c b/src/dhcp.c -index dd25632..333a327 100644 ---- a/src/dhcp.c -+++ b/src/dhcp.c -@@ -28,9 +28,9 @@ struct match_param { - struct in_addr netmask, broadcast, addr; - }; - --static int complete_context(struct in_addr local, int if_index, -+static int complete_context(struct in_addr local, int if_index, char *label, - struct in_addr netmask, struct in_addr broadcast, void *vparam); --static int check_listen_addrs(struct in_addr local, int if_index, -+static int check_listen_addrs(struct in_addr local, int if_index, char *label, - struct in_addr netmask, struct in_addr broadcast, void *vparam); - - static int make_fd(int port) -@@ -287,7 +287,7 @@ void dhcp_packet(time_t now, int pxe_fd) - iface_addr = match.addr; - /* make sure secondary address gets priority in case - there is more than one address on the interface in the same subnet */ -- complete_context(match.addr, iface_index, match.netmask, match.broadcast, &parm); -+ complete_context(match.addr, iface_index, NULL, match.netmask, match.broadcast, &parm); - } - - if (!iface_enumerate(AF_INET, &parm, complete_context)) -@@ -411,12 +411,14 @@ void dhcp_packet(time_t now, int pxe_fd) - } - - /* check against secondary interface addresses */ --static int check_listen_addrs(struct in_addr local, int if_index, -+static int check_listen_addrs(struct in_addr local, int if_index, char *label, - struct in_addr netmask, struct in_addr broadcast, void *vparam) - { - struct match_param *param = vparam; - struct iname *tmp; - -+ (void) label; -+ - if (if_index == param->ind) - { - for (tmp = daemon->if_addrs; tmp; tmp = tmp->next) -@@ -444,11 +446,13 @@ static int check_listen_addrs(struct in_addr local, int if_index, - - Note that the current chain may be superceded later for configured hosts or those coming via gateways. */ - --static int complete_context(struct in_addr local, int if_index, -+static int complete_context(struct in_addr local, int if_index, char *label, - struct in_addr netmask, struct in_addr broadcast, void *vparam) - { - struct dhcp_context *context; - struct iface_param *param = vparam; -+ -+ (void)label; - - for (context = daemon->dhcp; context; context = context->next) - { -diff --git a/src/dnsmasq.h b/src/dnsmasq.h -index e177cea..8866dd8 100644 ---- a/src/dnsmasq.h -+++ b/src/dnsmasq.h -@@ -1030,6 +1030,7 @@ void create_bound_listeners(int die); - int is_dad_listeners(void); - int iface_check(int family, struct all_addr *addr, char *name, int *auth_dns); - int loopback_exception(int fd, int family, struct all_addr *addr, char *name); -+int label_exception(int index, int family, struct all_addr *addr); - int fix_fd(int fd); - int tcp_interface(int fd, int af); - struct in_addr get_ifaddr(char *intr); -diff --git a/src/forward.c b/src/forward.c -index 78495ca..28fe9eb 100644 ---- a/src/forward.c -+++ b/src/forward.c -@@ -789,7 +789,8 @@ void receive_query(struct listener *listen, time_t now) - { - if (!option_bool(OPT_CLEVERBIND)) - enumerate_interfaces(); -- if (!loopback_exception(listen->fd, listen->family, &dst_addr, ifr.ifr_name)) -+ if (!loopback_exception(listen->fd, listen->family, &dst_addr, ifr.ifr_name) && -+ !label_exception(if_index, listen->family, &dst_addr)) - return; - } - -diff --git a/src/lease.c b/src/lease.c -index a4560ba..b85cf57 100644 ---- a/src/lease.c -+++ b/src/lease.c -@@ -345,11 +345,12 @@ void lease_update_file(time_t now) - } - - --static int find_interface_v4(struct in_addr local, int if_index, -+static int find_interface_v4(struct in_addr local, int if_index, char *label, - struct in_addr netmask, struct in_addr broadcast, void *vparam) - { - struct dhcp_lease *lease; - -+ (void) label; - (void) broadcast; - (void) vparam; - -diff --git a/src/netlink.c b/src/netlink.c -index 0881b71..78d0926 100644 ---- a/src/netlink.c -+++ b/src/netlink.c -@@ -215,7 +215,8 @@ int iface_enumerate(int family, void *parm, int (*callback)()) - if (ifa->ifa_family == AF_INET) - { - struct in_addr netmask, addr, broadcast; -- -+ char *label = NULL; -+ - netmask.s_addr = htonl(0xffffffff << (32 - ifa->ifa_prefixlen)); - addr.s_addr = 0; - broadcast.s_addr = 0; -@@ -226,12 +227,14 @@ int iface_enumerate(int family, void *parm, int (*callback)()) - addr = *((struct in_addr *)(rta+1)); - else if (rta->rta_type == IFA_BROADCAST) - broadcast = *((struct in_addr *)(rta+1)); -+ else if (rta->rta_type == IFA_LABEL) -+ label = RTA_DATA(rta); - - rta = RTA_NEXT(rta, len1); - } - - if (addr.s_addr && callback_ok) -- if (!((*callback)(addr, ifa->ifa_index, netmask, broadcast, parm))) -+ if (!((*callback)(addr, ifa->ifa_index, label, netmask, broadcast, parm))) - callback_ok = 0; - } - #ifdef HAVE_IPV6 -diff --git a/src/network.c b/src/network.c -index 792914b..473e85f 100644 ---- a/src/network.c -+++ b/src/network.c -@@ -204,7 +204,27 @@ int loopback_exception(int fd, int family, struct all_addr *addr, char *name) - return 0; - } - --static int iface_allowed(struct irec **irecp, int if_index, -+/* If we're configured with something like --interface=eth0:0 then we'll listen correctly -+ on the relevant address, but the name of the arrival interface, derived from the -+ index won't match the config. Check that we found an interface address for the arrival -+ interface: daemon->interfaces must be up-to-date. */ -+int label_exception(int index, int family, struct all_addr *addr) -+{ -+ struct irec *iface; -+ -+ /* labels only supported on IPv4 addresses. */ -+ if (family != AF_INET) -+ return 0; -+ -+ for (iface = daemon->interfaces; iface; iface = iface->next) -+ if (iface->index == index && iface->addr.sa.sa_family == AF_INET && -+ iface->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr) -+ return 1; -+ -+ return 0; -+} -+ -+static int iface_allowed(struct irec **irecp, int if_index, char *label, - union mysockaddr *addr, struct in_addr netmask, int dad) - { - struct irec *iface; -@@ -242,8 +262,8 @@ static int iface_allowed(struct irec **irecp, int if_index, - loopback = ifr.ifr_flags & IFF_LOOPBACK; - - if (loopback) -- dhcp_ok = 0; -- -+ dhcp_ok = 0; -+ - if (ioctl(fd, SIOCGIFMTU, &ifr) != -1) - mtu = ifr.ifr_mtu; - -@@ -272,13 +292,16 @@ static int iface_allowed(struct irec **irecp, int if_index, - } - } - -+ if (!label) -+ label = ifr.ifr_name; -+ - if (addr->sa.sa_family == AF_INET && -- !iface_check(AF_INET, (struct all_addr *)&addr->in.sin_addr, ifr.ifr_name, &auth_dns)) -+ !iface_check(AF_INET, (struct all_addr *)&addr->in.sin_addr, label, &auth_dns)) - return 1; - - #ifdef HAVE_IPV6 - if (addr->sa.sa_family == AF_INET6 && -- !iface_check(AF_INET6, (struct all_addr *)&addr->in6.sin6_addr, ifr.ifr_name, &auth_dns)) -+ !iface_check(AF_INET6, (struct all_addr *)&addr->in6.sin6_addr, label, &auth_dns)) - return 1; - #endif - -@@ -348,11 +371,11 @@ static int iface_allowed_v6(struct in6_addr *local, int prefix, - addr.in6.sin6_port = htons(daemon->port); - addr.in6.sin6_scope_id = if_index; - -- return iface_allowed((struct irec **)vparam, if_index, &addr, netmask, !!(flags & IFACE_TENTATIVE)); -+ return iface_allowed((struct irec **)vparam, if_index, NULL, &addr, netmask, !!(flags & IFACE_TENTATIVE)); - } - #endif - --static int iface_allowed_v4(struct in_addr local, int if_index, -+static int iface_allowed_v4(struct in_addr local, int if_index, char *label, - struct in_addr netmask, struct in_addr broadcast, void *vparam) - { - union mysockaddr addr; -@@ -366,7 +389,7 @@ static int iface_allowed_v4(struct in_addr local, int if_index, - addr.in.sin_addr = local; - addr.in.sin_port = htons(daemon->port); - -- return iface_allowed((struct irec **)vparam, if_index, &addr, netmask, 0); -+ return iface_allowed((struct irec **)vparam, if_index, label, &addr, netmask, 0); - } - - int enumerate_interfaces(void) -diff --git a/src/tftp.c b/src/tftp.c -index 960b1ee..d7d050f 100644 ---- a/src/tftp.c -+++ b/src/tftp.c -@@ -202,7 +202,8 @@ void tftp_request(struct listener *listen, time_t now) - { - if (!option_bool(OPT_CLEVERBIND)) - enumerate_interfaces(); -- if (!loopback_exception(listen->tftpfd, listen->family, &addra, name)) -+ if (!loopback_exception(listen->tftpfd, listen->family, &addra, name) && -+ !label_exception(if_index, listen->family, &addra) ) - return; - } - --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-Log-forwarding-table-overflows.patch b/SOURCES/dnsmasq-2.66-Log-forwarding-table-overflows.patch deleted file mode 100644 index 99dedce..0000000 --- a/SOURCES/dnsmasq-2.66-Log-forwarding-table-overflows.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 0da5e8979b5e5466d0f7bb836f2716cbcf1d4589 Mon Sep 17 00:00:00 2001 -From: Marcelo Salhab Brogliato -Date: Fri, 31 May 2013 11:49:06 +0100 -Subject: [PATCH 1/1] Log forwarding table overflows. - ---- - src/forward.c | 9 +++++++++ - 1 file changed, 9 insertions(+), 0 deletions(-) - -diff --git a/src/forward.c b/src/forward.c -index 33a68a0..6c9f646 100644 ---- a/src/forward.c -+++ b/src/forward.c -@@ -1205,8 +1205,17 @@ struct frec *get_new_frec(time_t now, int *wait) - /* none available, calculate time 'till oldest record expires */ - if (count > daemon->ftabsize) - { -+ static time_t last_log = 0; -+ - if (oldest && wait) - *wait = oldest->time + (time_t)TIMEOUT - now; -+ -+ if ((int)difftime(now, last_log) > 5) -+ { -+ last_log = now; -+ my_syslog(LOG_WARNING, _("Maximum number of concurrent DNS queries reached (max: %d)"), daemon->ftabsize); -+ } -+ - return NULL; - } - --- -1.7.2.5 - diff --git a/SOURCES/dnsmasq-2.66-Manpage-typos.patch b/SOURCES/dnsmasq-2.66-Manpage-typos.patch deleted file mode 100644 index de7c44a..0000000 --- a/SOURCES/dnsmasq-2.66-Manpage-typos.patch +++ /dev/null @@ -1,97 +0,0 @@ -From a66d36ea1112c861ad2f11ed40cc26973873e5be Mon Sep 17 00:00:00 2001 -From: Tomas Hozza -Date: Mon, 22 Apr 2013 15:08:07 +0100 -Subject: [PATCH] Manpage typos. - ---- - man/dnsmasq.8 | 18 +++++++++--------- - 1 file changed, 9 insertions(+), 9 deletions(-) - -diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 -index 96d8938..fc12b1c 100644 ---- a/man/dnsmasq.8 -+++ b/man/dnsmasq.8 -@@ -559,7 +559,7 @@ needed for a client to do validation itself. - .B --auth-zone=[,[,.....]] - Define a DNS zone for which dnsmasq acts as authoritative server. Locally defined DNS records which are in the domain - will be served, except that A and AAAA records must be in one of the --specified subnets, or in a subnet corresponding to a contructed DHCP -+specified subnets, or in a subnet corresponding to a constructed DHCP - range. The subnet(s) are also used to define in-addr.arpa and - ipv6.arpa domains which are served for reverse-DNS queries. For IPv4 - subnets, the prefix length is limited to the values 8, 16 or 24. -@@ -763,7 +763,7 @@ This is - useful when there is another DHCP server on the network which should - be used by some machines. - --The set: contruct sets the tag -+The set: construct sets the tag - whenever this dhcp-host directive is in use. This can be used to - selectively send DHCP options just for this host. More than one tag - can be set in a dhcp-host directive (but not in other places where -@@ -978,7 +978,7 @@ agent ID and one provided by a relay agent, the tag is set. - (IPv4 only) A normal DHCP relay agent is only used to forward the initial parts of - a DHCP interaction to the DHCP server. Once a client is configured, it - communicates directly with the server. This is undesirable if the --relay agent is addding extra information to the DHCP packets, such as -+relay agent is adding extra information to the DHCP packets, such as - that used by - .B dhcp-circuitid - and -@@ -995,7 +995,7 @@ relays at those addresses are affected. - Without a value, set the tag if the client sends a DHCP - option of the given number or name. When a value is given, set the tag only if - the option is sent and matches the value. The value may be of the form --"01:ff:*:02" in which case the value must match (apart from widcards) -+"01:ff:*:02" in which case the value must match (apart from wildcards) - but the option sent may have unmatched data past the end of the - value. The value may also be of the same form as in - .B dhcp-option -@@ -1008,7 +1008,7 @@ will set the tag "efi-ia32" if the the number 6 appears in the list of - architectures sent by the client in option 93. (See RFC 4578 for - details.) If the value is a string, substring matching is used. - --The special form with vi-encap: matches against -+The special form with vi-encap: matches against - vendor-identifying vendor classes for the specified enterprise. Please - see RFC 3925 for more details of these rare and interesting beasts. - .TP -@@ -1036,7 +1036,7 @@ dhcp-host configuration in dnsmasq and the contents of /etc/hosts and - .TP - .B --dhcp-generate-names=tag:[,tag:] - (IPv4 only) Generate a name for DHCP clients which do not otherwise have one, --using the MAC address expressed in hex, seperated by dashes. Note that -+using the MAC address expressed in hex, separated by dashes. Note that - if a host provides a name, it will be used by preference to this, - unless - .B --dhcp-ignore-names -@@ -1113,7 +1113,7 @@ timeout has elapsed with no keyboard input, the first available menu - option will be automatically executed. If the timeout is zero then the first available menu - item will be executed immediately. If - .B pxe-prompt --is ommitted the system will wait for user input if there are multiple -+is omitted the system will wait for user input if there are multiple - items in the menu, but boot immediately if - there is only one. See - .B pxe-service -@@ -1412,7 +1412,7 @@ In the default mode, dnsmasq inserts the unqualified names of - DHCP clients into the DNS. For this reason, the names must be unique, - even if two clients which have the same name are in different - domains. If a second DHCP client appears which has the same name as an --existing client, the name is transfered to the new client. If -+existing client, the name is transferred to the new client. If - .B --dhcp-fqdn - is set, this behaviour changes: the unqualified name is no longer - put in the DNS, only the qualified name. Two DHCP clients with the -@@ -1666,7 +1666,7 @@ used to allocate the address, one from any matching - The tag "bootp" is set for BOOTP requests, and a tag whose name is the - name of the interface on which the request arrived is also set. - --Any configuration lines which includes one or more tag: contructs -+Any configuration lines which include one or more tag: constructs - will only be valid if all that tags are matched in the set derived - above. Typically this is dhcp-option. - .B dhcp-option --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-Note-that-dhcp_lease_time-and-dhcp_release-work-for-IPv4.patch b/SOURCES/dnsmasq-2.66-Note-that-dhcp_lease_time-and-dhcp_release-work-for-IPv4.patch deleted file mode 100644 index 9da0a80..0000000 --- a/SOURCES/dnsmasq-2.66-Note-that-dhcp_lease_time-and-dhcp_release-work-for-IPv4.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 1c10b9de118c951a5aedc130e55101987dcc3feb Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Tue, 23 Apr 2013 10:58:35 +0100 -Subject: [PATCH] Note that dhcp_lease_time and dhcp_release only work for - IPv4. - ---- - contrib/wrt/dhcp_lease_time.1 | 6 ++++-- - contrib/wrt/dhcp_release.1 | 2 ++ - 2 files changed, 6 insertions(+), 2 deletions(-) - -diff --git a/contrib/wrt/dhcp_lease_time.1 b/contrib/wrt/dhcp_lease_time.1 -index 2720b71..2fa78d3 100644 ---- a/contrib/wrt/dhcp_lease_time.1 -+++ b/contrib/wrt/dhcp_lease_time.1 -@@ -12,9 +12,11 @@ If an error occurs or no lease exists for the given address, - nothing is sent to stdout a message is sent to stderr and a - non-zero error code is returned. - --Requires dnsmasq 2.40 or later and may not work with other DHCP servers. -+Requires dnsmasq 2.66 or later and may not work with other DHCP servers. - --The address argument is a dotted-quad IP addresses and mandatory. -+The address argument is a dotted-quad IP addresses and mandatory. -+.SH LIMITATIONS -+Only works with IPv4 addresses and DHCP leases. - .SH SEE ALSO - .BR dnsmasq (8) - .SH AUTHOR -diff --git a/contrib/wrt/dhcp_release.1 b/contrib/wrt/dhcp_release.1 -index eb5307a..e71aba0 100644 ---- a/contrib/wrt/dhcp_release.1 -+++ b/contrib/wrt/dhcp_release.1 -@@ -27,6 +27,8 @@ for ethernet. This encoding is the one used in dnsmasq lease files. - The client-id is optional. If it is "*" then it treated as being missing. - .SH NOTES - MUST be run as root - will fail otherwise. -+.SH LIMITATIONS -+Only usable on IPv4 DHCP leases. - .SH SEE ALSO - .BR dnsmasq (8) - .SH AUTHOR --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-Remove-limit-in-prefix-length-in-auth-zone.patch b/SOURCES/dnsmasq-2.66-Remove-limit-in-prefix-length-in-auth-zone.patch deleted file mode 100644 index cc4bd45..0000000 --- a/SOURCES/dnsmasq-2.66-Remove-limit-in-prefix-length-in-auth-zone.patch +++ /dev/null @@ -1,68 +0,0 @@ -From baa80ae5125beabd49edae2cdfaf3817a88a2ab6 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Wed, 29 May 2013 16:32:07 +0100 -Subject: [PATCH 1/1] Remove limit in prefix length in --auth-zone. - ---- - man/dnsmasq.8 | 9 ++++++--- - src/auth.c | 4 ++-- - src/option.c | 2 -- - 3 files changed, 8 insertions(+), 7 deletions(-) - -diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 -index 2638930..d2e3d18 100644 ---- a/man/dnsmasq.8 -+++ b/man/dnsmasq.8 -@@ -572,13 +572,16 @@ If you use the first DNSSEC mode, validating resolvers in clients, - this option is not required. Dnsmasq always returns all the data - needed for a client to do validation itself. - .TP --.B --auth-zone=[,[,.....]] -+.B --auth-zone=[,[/][,[/].....]] - Define a DNS zone for which dnsmasq acts as authoritative server. Locally defined DNS records which are in the domain - will be served, except that A and AAAA records must be in one of the - specified subnets, or in a subnet corresponding to a constructed DHCP - range. The subnet(s) are also used to define in-addr.arpa and --ipv6.arpa domains which are served for reverse-DNS queries. For IPv4 --subnets, the prefix length is limited to the values 8, 16 or 24. -+ipv6.arpa domains which are served for reverse-DNS queries. If not -+specified, the prefix length defaults to 24 for IPv4 and 64 for IPv6. -+For IPv4 subnets, the prefix length should be have the value 8, 16 or 24 -+unless you are familiar with RFC 2317 and have arranged the -+in-addr.arpa delegation accordingly. - .TP - .B --auth-soa=[,[,[,[,]]]] - Specify fields in the SOA record associated with authoritative -diff --git a/src/auth.c b/src/auth.c -index 2a3f323..b08f85c 100644 ---- a/src/auth.c -+++ b/src/auth.c -@@ -520,10 +520,10 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n - in_addr_t a = ntohl(subnet->addr4.s_addr) >> 8; - char *p = name; - -- if (subnet->prefixlen == 24) -+ if (subnet->prefixlen >= 24) - p += sprintf(p, "%d.", a & 0xff); - a = a >> 8; -- if (subnet->prefixlen != 8) -+ if (subnet->prefixlen >= 16 ) - p += sprintf(p, "%d.", a & 0xff); - a = a >> 8; - p += sprintf(p, "%d.in-addr.arpa", a & 0xff); -diff --git a/src/option.c b/src/option.c -index ac54c31..25bbf48 100644 ---- a/src/option.c -+++ b/src/option.c -@@ -1637,8 +1637,6 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - - if (inet_pton(AF_INET, arg, &subnet->addr4)) - { -- if ((prefixlen & 0x07) != 0 || prefixlen > 24) -- ret_err(_("bad prefix")); - subnet->prefixlen = (prefixlen == 0) ? 24 : prefixlen; - subnet->is6 = 0; - } --- -1.7.2.5 - diff --git a/SOURCES/dnsmasq-2.66-Send-TCP-DNS-messages-in-one-write-call.patch b/SOURCES/dnsmasq-2.66-Send-TCP-DNS-messages-in-one-write-call.patch deleted file mode 100644 index ffeafb5..0000000 --- a/SOURCES/dnsmasq-2.66-Send-TCP-DNS-messages-in-one-write-call.patch +++ /dev/null @@ -1,90 +0,0 @@ -From 4b5ea12e90024ade5033b3b83a8b2620035952ba Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Mon, 22 Apr 2013 10:18:26 +0100 -Subject: [PATCH] Send TCP DNS messages in one write() call. Stops TCP stream - fragmenting. - -This is an optimisation, not a bugfix. Thanks to Jim Bos for spotting it. ---- - src/forward.c | 31 +++++++++++++------------------ - 1 file changed, 13 insertions(+), 18 deletions(-) - -diff --git a/src/forward.c b/src/forward.c -index 1ea25dd..77d6849 100644 ---- a/src/forward.c -+++ b/src/forward.c -@@ -880,9 +880,12 @@ unsigned char *tcp_request(int confd, time_t now, - unsigned short qtype; - unsigned int gotname; - unsigned char c1, c2; -- /* Max TCP packet + slop */ -- unsigned char *packet = whine_malloc(65536 + MAXDNAME + RRFIXEDSZ); -- struct dns_header *header; -+ /* Max TCP packet + slop + size */ -+ unsigned char *packet = whine_malloc(65536 + MAXDNAME + RRFIXEDSZ + sizeof(u16)); -+ unsigned char *payload = &packet[2]; -+ /* largest field in header is 16-bits, so this is still sufficiently aligned */ -+ struct dns_header *header = (struct dns_header *)payload; -+ u16 *length = (u16 *)packet; - struct server *last_server; - struct in_addr dst_addr_4; - union mysockaddr peer_addr; -@@ -896,14 +899,12 @@ unsigned char *tcp_request(int confd, time_t now, - if (!packet || - !read_write(confd, &c1, 1, 1) || !read_write(confd, &c2, 1, 1) || - !(size = c1 << 8 | c2) || -- !read_write(confd, packet, size, 1)) -+ !read_write(confd, payload, size, 1)) - return packet; - - if (size < (int)sizeof(struct dns_header)) - continue; - -- header = (struct dns_header *)packet; -- - /* save state of "cd" flag in query */ - checking_disabled = header->hb4 & HB4_CD; - -@@ -1020,12 +1021,9 @@ unsigned char *tcp_request(int confd, time_t now, - #endif - } - -- c1 = size >> 8; -- c2 = size; -+ *length = htons(size); - -- if (!read_write(last_server->tcpfd, &c1, 1, 0) || -- !read_write(last_server->tcpfd, &c2, 1, 0) || -- !read_write(last_server->tcpfd, packet, size, 0) || -+ if (!read_write(last_server->tcpfd, packet, size + sizeof(u16), 0) || - !read_write(last_server->tcpfd, &c1, 1, 1) || - !read_write(last_server->tcpfd, &c2, 1, 1)) - { -@@ -1035,7 +1033,7 @@ unsigned char *tcp_request(int confd, time_t now, - } - - m = (c1 << 8) | c2; -- if (!read_write(last_server->tcpfd, packet, m, 1)) -+ if (!read_write(last_server->tcpfd, payload, m, 1)) - return packet; - - if (!gotname) -@@ -1071,12 +1069,9 @@ unsigned char *tcp_request(int confd, time_t now, - - check_log_writer(NULL); - -- c1 = m>>8; -- c2 = m; -- if (m == 0 || -- !read_write(confd, &c1, 1, 0) || -- !read_write(confd, &c2, 1, 0) || -- !read_write(confd, packet, m, 0)) -+ *length = htons(m); -+ -+ if (m == 0 || !read_write(confd, packet, m + sizeof(u16), 0)) - return packet; - } - } --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-Set-SOREUSEADDR-as-well-as-SOREUSEPORT-on-DHCP-socke.patch b/SOURCES/dnsmasq-2.66-Set-SOREUSEADDR-as-well-as-SOREUSEPORT-on-DHCP-socke.patch deleted file mode 100644 index 3d05210..0000000 --- a/SOURCES/dnsmasq-2.66-Set-SOREUSEADDR-as-well-as-SOREUSEPORT-on-DHCP-socke.patch +++ /dev/null @@ -1,63 +0,0 @@ -From ffbad34b310ab2db6a686c85f5c0a0e52c0680c8 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Wed, 14 Aug 2013 15:53:57 +0100 -Subject: [PATCH] Set SOREUSEADDR as well as SOREUSEPORT on DHCP sockets when - both available. - -Signed-off-by: Tomas Hozza ---- - src/dhcp.c | 8 ++++---- - src/dhcp6.c | 8 ++++---- - 2 files changed, 8 insertions(+), 8 deletions(-) - -diff --git a/src/dhcp.c b/src/dhcp.c -index 333a327..b95a4ba 100644 ---- a/src/dhcp.c -+++ b/src/dhcp.c -@@ -70,15 +70,15 @@ static int make_fd(int port) - support it. This handles the introduction of REUSEPORT on Linux. */ - if (option_bool(OPT_NOWILD) || option_bool(OPT_CLEVERBIND)) - { -- int rc = -1, porterr = 0; -+ int rc = 0; - - #ifdef SO_REUSEPORT - if ((rc = setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &oneopt, sizeof(oneopt))) == -1 && -- errno != ENOPROTOOPT) -- porterr = 1; -+ errno == ENOPROTOOPT) -+ rc = 0; - #endif - -- if (rc == -1 && !porterr) -+ if (rc != -1) - rc = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &oneopt, sizeof(oneopt)); - - if (rc == -1) -diff --git a/src/dhcp6.c b/src/dhcp6.c -index 17e03e5..89af7dd 100644 ---- a/src/dhcp6.c -+++ b/src/dhcp6.c -@@ -55,15 +55,15 @@ void dhcp6_init(void) - support it. This handles the introduction of REUSEPORT on Linux. */ - if (option_bool(OPT_NOWILD) || option_bool(OPT_CLEVERBIND)) - { -- int rc = -1, porterr = 0; -+ int rc = 0; - - #ifdef SO_REUSEPORT - if ((rc = setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &oneopt, sizeof(oneopt))) == -1 && -- errno != ENOPROTOOPT) -- porterr = 1; -+ errno == ENOPROTOOPT) -+ rc = 0; - #endif - -- if (rc == -1 && !porterr) -+ if (rc != -1) - rc = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &oneopt, sizeof(oneopt)); - - if (rc == -1) --- -1.8.3.1 - diff --git a/SOURCES/dnsmasq-2.66-Support-IPv6-assignment-based-on-MAC-for-DHCPv6.patch b/SOURCES/dnsmasq-2.66-Support-IPv6-assignment-based-on-MAC-for-DHCPv6.patch deleted file mode 100644 index b615499..0000000 --- a/SOURCES/dnsmasq-2.66-Support-IPv6-assignment-based-on-MAC-for-DHCPv6.patch +++ /dev/null @@ -1,1255 +0,0 @@ -From 989461c95c82ac183eb3b01d2636b54e0731568f Mon Sep 17 00:00:00 2001 -From: Tomas Hozza -Date: Thu, 19 Feb 2015 17:37:52 +0100 -Subject: [PATCH] Support IPv6 assignment based on MAC for DHCPv6 - -Support added to --dhcp-host and --dhcp-mac - -Signed-off-by: Tomas Hozza ---- - man/dnsmasq.8 | 15 ++++--- - src/dhcp-common.c | 104 ++++++++++++++++++++++++++++++++++++++++++ - src/dhcp.c | 83 ---------------------------------- - src/dhcp6-protocol.h | 1 + - src/dhcp6.c | 124 +++++++++++++++++++++++++++++++++------------------ - src/dnsmasq.c | 2 +- - src/dnsmasq.h | 28 ++++++------ - src/helper.c | 69 ++++++++++++++-------------- - src/lease.c | 60 +++++++++++++++---------- - src/option.c | 1 + - src/radv-protocol.h | 7 +++ - src/radv.c | 14 +++--- - src/rfc3315.c | 104 ++++++++++++++++++++++++++++++++---------- - 13 files changed, 376 insertions(+), 236 deletions(-) - -diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 -index 045dee5..d0eb895 100644 ---- a/man/dnsmasq.8 -+++ b/man/dnsmasq.8 -@@ -733,7 +733,8 @@ the same subnet as some valid dhcp-range. For - subnets which don't need a pool of dynamically allocated addresses, - use the "static" keyword in the dhcp-range declaration. - --It is allowed to use client identifiers rather than -+It is allowed to use client identifiers (called client -+DUID in IPv6-land rather than - hardware addresses to identify hosts by prefixing with 'id:'. Thus: - .B --dhcp-host=id:01:02:03:04,..... - refers to the host with client identifier 01:02:03:04. It is also -@@ -748,11 +749,11 @@ IPv6 addresses may contain only the host-identifier part: - .B --dhcp-host=laptop,[::56] - in which case they act as wildcards in constructed dhcp ranges, with - the appropriate network part inserted. --Note that in IPv6 DHCP, the hardware address is not normally --available, so a client must be identified by client-id (called client --DUID in IPv6-land) or hostname. -+Note that in IPv6 DHCP, the hardware address may not be -+available, though it normally is for direct-connected clients, or -+clients using DHCP relays which support RFC 6939. - --The special option id:* means "ignore any client-id -+For DHCPv4, the special option id:* means "ignore any client-id - and use MAC addresses only." This is useful when a client presents a client-id sometimes - but not others. - -@@ -968,7 +969,7 @@ this to set a different printer server for hosts in the class - "accounts" than for hosts in the class "engineering". - .TP - .B \-4, --dhcp-mac=set:, --(IPv4 only) Map from a MAC address to a tag. The MAC address may include -+Map from a MAC address to a tag. The MAC address may include - wildcards. For example - .B --dhcp-mac=set:3com,01:34:23:*:*:* - will set the tag "3com" for any host whose MAC address matches the pattern. -@@ -1274,7 +1275,7 @@ every call to the script. - DNSMASQ_IAID containing the IAID for the lease. If the lease is a - temporary allocation, this is prefixed to 'T'. - -- -+DNSMASQ_MAC containing the MAC address of the client, if known. - - Note that the supplied hostname, vendorclass and userclass data is - only supplied for -diff --git a/src/dhcp-common.c b/src/dhcp-common.c -index 9321e92..242bd72 100644 ---- a/src/dhcp-common.c -+++ b/src/dhcp-common.c -@@ -253,6 +253,110 @@ int match_bytes(struct dhcp_opt *o, unsigned char *p, int len) - return 0; - } - -+int config_has_mac(struct dhcp_config *config, unsigned char *hwaddr, int len, int type) -+{ -+ struct hwaddr_config *conf_addr; -+ -+ for (conf_addr = config->hwaddr; conf_addr; conf_addr = conf_addr->next) -+ if (conf_addr->wildcard_mask == 0 && -+ conf_addr->hwaddr_len == len && -+ (conf_addr->hwaddr_type == type || conf_addr->hwaddr_type == 0) && -+ memcmp(conf_addr->hwaddr, hwaddr, len) == 0) -+ return 1; -+ -+ return 0; -+} -+ -+static int is_config_in_context(struct dhcp_context *context, struct dhcp_config *config) -+{ -+ if (!context) /* called via find_config() from lease_update_from_configs() */ -+ return 1; -+ -+ if (!(context->flags & CONTEXT_V6)) -+ { -+ if (!(config->flags & CONFIG_ADDR)) -+ return 1; -+ -+ for (; context; context = context->current) -+ if (is_same_net(config->addr, context->start, context->netmask)) -+ return 1; -+ } -+#ifdef HAVE_DHCP6 -+ else -+ { -+ if (!(config->flags & CONFIG_ADDR6) || (config->flags & CONFIG_WILDCARD)) -+ return 1; -+ -+ for (; context; context = context->current) -+ if (is_same_net6(&config->addr6, &context->start6, context->prefix)) -+ return 1; -+ } -+#endif -+ -+ return 0; -+} -+ -+struct dhcp_config *find_config(struct dhcp_config *configs, -+ struct dhcp_context *context, -+ unsigned char *clid, int clid_len, -+ unsigned char *hwaddr, int hw_len, -+ int hw_type, char *hostname) -+{ -+ int count, new; -+ struct dhcp_config *config, *candidate; -+ struct hwaddr_config *conf_addr; -+ -+ if (clid) -+ for (config = configs; config; config = config->next) -+ if (config->flags & CONFIG_CLID) -+ { -+ if (config->clid_len == clid_len && -+ memcmp(config->clid, clid, clid_len) == 0 && -+ is_config_in_context(context, config)) -+ return config; -+ -+ /* dhcpcd prefixes ASCII client IDs by zero which is wrong, but we try and -+ cope with that here */ -+ if (!(context->flags & CONTEXT_V6) && *clid == 0 && config->clid_len == clid_len-1 && -+ memcmp(config->clid, clid+1, clid_len-1) == 0 && -+ is_config_in_context(context, config)) -+ return config; -+ } -+ -+ -+ if (hwaddr) -+ for (config = configs; config; config = config->next) -+ if (config_has_mac(config, hwaddr, hw_len, hw_type) && -+ is_config_in_context(context, config)) -+ return config; -+ -+ if (hostname && context) -+ for (config = configs; config; config = config->next) -+ if ((config->flags & CONFIG_NAME) && -+ hostname_isequal(config->hostname, hostname) && -+ is_config_in_context(context, config)) -+ return config; -+ -+ -+ if (!hwaddr) -+ return NULL; -+ -+ /* use match with fewest wildcard octets */ -+ for (candidate = NULL, count = 0, config = configs; config; config = config->next) -+ if (is_config_in_context(context, config)) -+ for (conf_addr = config->hwaddr; conf_addr; conf_addr = conf_addr->next) -+ if (conf_addr->wildcard_mask != 0 && -+ conf_addr->hwaddr_len == hw_len && -+ (conf_addr->hwaddr_type == hw_type || conf_addr->hwaddr_type == 0) && -+ (new = memcmp_masked(conf_addr->hwaddr, hwaddr, hw_len, conf_addr->wildcard_mask)) > count) -+ { -+ count = new; -+ candidate = config; -+ } -+ -+ return candidate; -+} -+ - void dhcp_update_configs(struct dhcp_config *configs) - { - /* Some people like to keep all static IP addresses in /etc/hosts. -diff --git a/src/dhcp.c b/src/dhcp.c -index b95a4ba..f69183e 100644 ---- a/src/dhcp.c -+++ b/src/dhcp.c -@@ -704,89 +704,6 @@ int address_allocate(struct dhcp_context *context, - return 0; - } - --static int is_addr_in_context(struct dhcp_context *context, struct dhcp_config *config) --{ -- if (!context) /* called via find_config() from lease_update_from_configs() */ -- return 1; -- if (!(config->flags & CONFIG_ADDR)) -- return 1; -- for (; context; context = context->current) -- if (is_same_net(config->addr, context->start, context->netmask)) -- return 1; -- -- return 0; --} -- --int config_has_mac(struct dhcp_config *config, unsigned char *hwaddr, int len, int type) --{ -- struct hwaddr_config *conf_addr; -- -- for (conf_addr = config->hwaddr; conf_addr; conf_addr = conf_addr->next) -- if (conf_addr->wildcard_mask == 0 && -- conf_addr->hwaddr_len == len && -- (conf_addr->hwaddr_type == type || conf_addr->hwaddr_type == 0) && -- memcmp(conf_addr->hwaddr, hwaddr, len) == 0) -- return 1; -- -- return 0; --} -- --struct dhcp_config *find_config(struct dhcp_config *configs, -- struct dhcp_context *context, -- unsigned char *clid, int clid_len, -- unsigned char *hwaddr, int hw_len, -- int hw_type, char *hostname) --{ -- int count, new; -- struct dhcp_config *config, *candidate; -- struct hwaddr_config *conf_addr; -- -- if (clid) -- for (config = configs; config; config = config->next) -- if (config->flags & CONFIG_CLID) -- { -- if (config->clid_len == clid_len && -- memcmp(config->clid, clid, clid_len) == 0 && -- is_addr_in_context(context, config)) -- return config; -- -- /* dhcpcd prefixes ASCII client IDs by zero which is wrong, but we try and -- cope with that here */ -- if (*clid == 0 && config->clid_len == clid_len-1 && -- memcmp(config->clid, clid+1, clid_len-1) == 0 && -- is_addr_in_context(context, config)) -- return config; -- } -- -- -- for (config = configs; config; config = config->next) -- if (config_has_mac(config, hwaddr, hw_len, hw_type) && -- is_addr_in_context(context, config)) -- return config; -- -- if (hostname && context) -- for (config = configs; config; config = config->next) -- if ((config->flags & CONFIG_NAME) && -- hostname_isequal(config->hostname, hostname) && -- is_addr_in_context(context, config)) -- return config; -- -- /* use match with fewest wildcard octets */ -- for (candidate = NULL, count = 0, config = configs; config; config = config->next) -- if (is_addr_in_context(context, config)) -- for (conf_addr = config->hwaddr; conf_addr; conf_addr = conf_addr->next) -- if (conf_addr->wildcard_mask != 0 && -- conf_addr->hwaddr_len == hw_len && -- (conf_addr->hwaddr_type == hw_type || conf_addr->hwaddr_type == 0) && -- (new = memcmp_masked(conf_addr->hwaddr, hwaddr, hw_len, conf_addr->wildcard_mask)) > count) -- { -- count = new; -- candidate = config; -- } -- -- return candidate; --} -- - void dhcp_read_ethers(void) - { - FILE *f = fopen(ETHERSFILE, "r"); -diff --git a/src/dhcp6-protocol.h b/src/dhcp6-protocol.h -index 50d84a9..8cef0e8 100644 ---- a/src/dhcp6-protocol.h -+++ b/src/dhcp6-protocol.h -@@ -58,6 +58,7 @@ - #define OPTION6_REMOTE_ID 37 - #define OPTION6_SUBSCRIBER_ID 38 - #define OPTION6_FQDN 39 -+#define OPTION6_CLIENT_MAC 79 - - /* replace this with the real number when allocated. - defining this also enables the relevant code. */ -diff --git a/src/dhcp6.c b/src/dhcp6.c -index de3187d..5f4d298 100644 ---- a/src/dhcp6.c -+++ b/src/dhcp6.c -@@ -18,16 +18,25 @@ - - #ifdef HAVE_DHCP6 - -+#include -+ - struct iface_param { - struct dhcp_context *current; - struct in6_addr fallback; - int ind, addr_match; - }; - -+struct mac_param { -+ struct in6_addr *target; -+ unsigned char *mac; -+ unsigned int maclen; -+}; -+ - static int complete_context6(struct in6_addr *local, int prefix, - int scope, int if_index, int flags, - unsigned int preferred, unsigned int valid, void *vparam); - -+static int find_mac(int family, char *addrp, char *mac, size_t maclen, void *parmv); - static int make_duid1(int index, unsigned int type, char *mac, size_t maclen, void *parm); - - void dhcp6_init(void) -@@ -156,7 +165,7 @@ void dhcp6_packet(time_t now) - - if (!iface_enumerate(AF_INET6, &parm, complete_context6)) - return; -- -+ - if (daemon->if_names || daemon->if_addrs) - { - -@@ -171,7 +180,7 @@ void dhcp6_packet(time_t now) - lease_prune(NULL, now); /* lose any expired leases */ - - port = dhcp6_reply(parm.current, if_index, ifr.ifr_name, &parm.fallback, -- sz, IN6_IS_ADDR_MULTICAST(&from.sin6_addr), now); -+ sz, &from.sin6_addr, now); - - lease_update_file(now); - lease_update_dns(0); -@@ -189,6 +198,75 @@ void dhcp6_packet(time_t now) - } - } - -+void get_client_mac(struct in6_addr *client, int iface, unsigned char *mac, unsigned int *maclenp, unsigned int *mactypep) -+{ -+ /* Recieving a packet from a host does not populate the neighbour -+ cache, so we send a neighbour discovery request if we can't -+ find the sender. Repeat a few times in case of packet loss. */ -+ -+ struct neigh_packet neigh; -+ struct sockaddr_in6 addr; -+ struct mac_param mac_param; -+ int i; -+ -+ neigh.type = ND_NEIGHBOR_SOLICIT; -+ neigh.code = 0; -+ neigh.reserved = 0; -+ neigh.target = *client; -+ // https://tools.ietf.org/html/rfc4443#section-2.3 -+ neigh.checksum = 0; -+ -+ memset(&addr, 0, sizeof(addr)); -+#ifdef HAVE_SOCKADDR_SA_LEN -+ addr.sin6_len = sizeof(struct sockaddr_in6); -+#endif -+ addr.sin6_family = AF_INET6; -+ addr.sin6_port = htons(IPPROTO_ICMPV6); -+ addr.sin6_addr = *client; -+ addr.sin6_scope_id = iface; -+ -+ mac_param.target = client; -+ mac_param.maclen = 0; -+ mac_param.mac = mac; -+ -+ for (i = 0; i < 5; i++) -+ { -+ struct timespec ts; -+ -+ iface_enumerate(AF_UNSPEC, &mac_param, find_mac); -+ -+ if (mac_param.maclen != 0) -+ break; -+ -+ sendto(daemon->icmp6fd, &neigh, sizeof(neigh), 0, (struct sockaddr *)&addr, sizeof(addr)); -+ -+ ts.tv_sec = 0; -+ ts.tv_nsec = 100000000; /* 100ms */ -+ nanosleep(&ts, NULL); -+ } -+ -+ *maclenp = mac_param.maclen; -+ *mactypep = ARPHRD_ETHER; -+} -+ -+static int find_mac(int family, char *addrp, char *mac, size_t maclen, void *parmv) -+{ -+ struct mac_param *parm = parmv; -+ -+ if (family == AF_INET6 && IN6_ARE_ADDR_EQUAL(parm->target, addrp)) -+ { -+ if (maclen <= DHCP_CHADDR_MAX) -+ { -+ parm->maclen = maclen; -+ memcpy(parm->mac, mac, maclen); -+ } -+ -+ return 0; /* found, abort */ -+ } -+ -+ return 1; -+} -+ - static int complete_context6(struct in6_addr *local, int prefix, - int scope, int if_index, int flags, unsigned int preferred, - unsigned int valid, void *vparam) -@@ -400,48 +478,6 @@ int config_valid(struct dhcp_config *config, struct dhcp_context *context, struc - return 0; - } - --static int is_config_in_context6(struct dhcp_context *context, struct dhcp_config *config) --{ -- if (!(config->flags & CONFIG_ADDR6) || -- (config->flags & CONFIG_WILDCARD)) -- -- return 1; -- -- for (; context; context = context->current) -- if (is_same_net6(&config->addr6, &context->start6, context->prefix)) -- return 1; -- -- return 0; --} -- -- --struct dhcp_config *find_config6(struct dhcp_config *configs, -- struct dhcp_context *context, -- unsigned char *duid, int duid_len, -- char *hostname) --{ -- struct dhcp_config *config; -- -- if (duid) -- for (config = configs; config; config = config->next) -- if (config->flags & CONFIG_CLID) -- { -- if (config->clid_len == duid_len && -- memcmp(config->clid, duid, duid_len) == 0 && -- is_config_in_context6(context, config)) -- return config; -- } -- -- if (hostname && context) -- for (config = configs; config; config = config->next) -- if ((config->flags & CONFIG_NAME) && -- hostname_isequal(config->hostname, hostname) && -- is_config_in_context6(context, config)) -- return config; -- -- return NULL; --} -- - void make_duid(time_t now) - { - if (daemon->duid_config) -diff --git a/src/dnsmasq.c b/src/dnsmasq.c -index b0f984d..3c0d7e7 100644 ---- a/src/dnsmasq.c -+++ b/src/dnsmasq.c -@@ -203,7 +203,7 @@ int main (int argc, char **argv) - dhcp_init(); - - # ifdef HAVE_DHCP6 -- if (daemon->doing_ra) -+ if (daemon->doing_ra || daemon->doing_dhcp6) - ra_init(now); - - if (daemon->doing_dhcp6) -diff --git a/src/dnsmasq.h b/src/dnsmasq.h -index ca000ad..45e3d6d 100644 ---- a/src/dnsmasq.h -+++ b/src/dnsmasq.h -@@ -530,13 +530,15 @@ struct dhcp_lease { - #ifdef HAVE_BROKEN_RTC - unsigned int length; - #endif -- int hwaddr_len, hwaddr_type; /* hw_type used for iaid in v6 */ -- unsigned char hwaddr[DHCP_CHADDR_MAX]; /* also IPv6 address */ -+ int hwaddr_len, hwaddr_type; -+ unsigned char hwaddr[DHCP_CHADDR_MAX]; - struct in_addr addr, override, giaddr; - unsigned char *extradata; - unsigned int extradata_len, extradata_size; - int last_interface; - #ifdef HAVE_DHCP6 -+ struct in6_addr addr6; -+ int iaid; - struct slaac_address { - struct in6_addr addr, local; - time_t ping_time; -@@ -724,6 +726,7 @@ struct dhcp_context { - #define CONTEXT_RA 8192 - #define CONTEXT_CONF_USED 16384 - #define CONTEXT_USED 32768 -+#define CONTEXT_V6 65536 - - struct ping_result { - struct in_addr addr; -@@ -1050,12 +1053,6 @@ struct dhcp_context *narrow_context(struct dhcp_context *context, - int address_allocate(struct dhcp_context *context, - struct in_addr *addrp, unsigned char *hwaddr, int hw_len, - struct dhcp_netid *netids, time_t now); --int config_has_mac(struct dhcp_config *config, unsigned char *hwaddr, int len, int type); --struct dhcp_config *find_config(struct dhcp_config *configs, -- struct dhcp_context *context, -- unsigned char *clid, int clid_len, -- unsigned char *hwaddr, int hw_len, -- int hw_type, char *hostname); - void dhcp_read_ethers(void); - struct dhcp_config *config_find_by_address(struct dhcp_config *configs, struct in_addr addr); - char *host_from_dns(struct in_addr addr); -@@ -1077,6 +1074,7 @@ struct dhcp_lease *lease6_find_by_addr(struct in6_addr *net, int prefix, u64 add - u64 lease_find_max_addr6(struct dhcp_context *context); - void lease_ping_reply(struct in6_addr *sender, unsigned char *packet, char *interface); - void lease_update_slaac(time_t now); -+void lease_set_iaid(struct dhcp_lease *lease, int iaid); - #endif - void lease_set_hwaddr(struct dhcp_lease *lease, unsigned char *hwaddr, - unsigned char *clid, int hw_len, int hw_type, int clid_len, time_t now, int force); -@@ -1188,20 +1186,18 @@ struct dhcp_context *address6_valid(struct dhcp_context *context, - struct in6_addr *taddr, - struct dhcp_netid *netids, - int plain_range); --struct dhcp_config *find_config6(struct dhcp_config *configs, -- struct dhcp_context *context, -- unsigned char *duid, int duid_len, -- char *hostname); - struct dhcp_config *config_find_by_address6(struct dhcp_config *configs, struct in6_addr *net, - int prefix, u64 addr); - void make_duid(time_t now); - void dhcp_construct_contexts(time_t now); -+void get_client_mac(struct in6_addr *client, int iface, unsigned char *mac, -+ unsigned int *maclenp, unsigned int *mactypep); - #endif - - /* rfc3315.c */ - #ifdef HAVE_DHCP6 - unsigned short dhcp6_reply(struct dhcp_context *context, int interface, char *iface_name, -- struct in6_addr *fallback, size_t sz, int is_multicast, time_t now); -+ struct in6_addr *fallback, size_t sz, struct in6_addr *client_addr, time_t now); - #endif - - /* dhcp-common.c */ -@@ -1221,6 +1217,12 @@ int lookup_dhcp_opt(int prot, char *name); - int lookup_dhcp_len(int prot, int val); - char *option_string(int prot, unsigned int opt, unsigned char *val, - int opt_len, char *buf, int buf_len); -+struct dhcp_config *find_config(struct dhcp_config *configs, -+ struct dhcp_context *context, -+ unsigned char *clid, int clid_len, -+ unsigned char *hwaddr, int hw_len, -+ int hw_type, char *hostname); -+int config_has_mac(struct dhcp_config *config, unsigned char *hwaddr, int len, int type); - #ifdef HAVE_LINUX_NETWORK - void bindtodevice(int fd); - #endif -diff --git a/src/helper.c b/src/helper.c -index ab691b7..c6838ba 100644 ---- a/src/helper.c -+++ b/src/helper.c -@@ -61,6 +61,10 @@ struct script_data - #else - time_t expires; - #endif -+#ifdef HAVE_DHCP6 -+ struct in6_addr addr6; -+ int iaid, vendorclass_count; -+#endif - unsigned char hwaddr[DHCP_CHADDR_MAX]; - char interface[IF_NAMESIZE]; - -@@ -215,8 +219,6 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) - continue; - - -- if (!is6) -- { - /* stringify MAC into dhcp_buff */ - p = daemon->dhcp_buff; - if (data.hwaddr_type != ARPHRD_ETHER || data.hwaddr_len == 0) -@@ -227,7 +229,6 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) - if (i != data.hwaddr_len - 1) - p += sprintf(p, ":"); - } -- } - - /* supplied data may just exceed normal buffer (unlikely) */ - if ((data.hostname_len + data.ed_len + data.clid_len) > MAXDNAME && -@@ -239,7 +240,6 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) - continue; - - /* CLID into packet */ -- if (!is6) - for (p = daemon->packet, i = 0; i < data.clid_len; i++) - { - p += sprintf(p, "%.2x", buf[i]); -@@ -247,24 +247,17 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) - p += sprintf(p, ":"); - } - #ifdef HAVE_DHCP6 -- else -+ if (is6) - { - /* or IAID and server DUID for IPv6 */ -- sprintf(daemon->dhcp_buff3, "%s%u", data.flags & LEASE_TA ? "T" : "", data.hwaddr_type); -- for (p = daemon->packet, i = 0; i < daemon->duid_len; i++) -+ sprintf(daemon->dhcp_buff3, "%s%u", data.flags & LEASE_TA ? "T" : "", data.iaid); -+ for (p = daemon->dhcp_packet.iov_base, i = 0; i < daemon->duid_len; i++) - { - p += sprintf(p, "%.2x", daemon->duid[i]); - if (i != daemon->duid_len - 1) - p += sprintf(p, ":"); - } - -- /* duid not MAC for IPv6 */ -- for (p = daemon->dhcp_buff, i = 0; i < data.clid_len; i++) -- { -- p += sprintf(p, "%.2x", buf[i]); -- if (i != data.clid_len - 1) -- p += sprintf(p, ":"); -- } - } - #endif - -@@ -293,7 +286,7 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) - inet_ntop(AF_INET, &data.addr, daemon->addrbuff, ADDRSTRLEN); - #ifdef HAVE_DHCP6 - else -- inet_ntop(AF_INET6, &data.hwaddr, daemon->addrbuff, ADDRSTRLEN); -+ inet_ntop(AF_INET6, &data.addr6, daemon->addrbuff, ADDRSTRLEN); - #endif - - /* file length */ -@@ -329,9 +322,9 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) - - if (is6) - { -- lua_pushstring(lua, daemon->dhcp_buff); -- lua_setfield(lua, -2, "client_duid"); - lua_pushstring(lua, daemon->packet); -+ lua_setfield(lua, -2, "client_duid"); -+ lua_pushstring(lua, daemon->dhcp_packet.iov_base); - lua_setfield(lua, -2, "server_duid"); - lua_pushstring(lua, daemon->dhcp_buff3); - lua_setfield(lua, -2, "iaid"); -@@ -375,12 +368,16 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) - if (!is6) - buf = grab_extradata_lua(buf, end, "vendor_class"); - #ifdef HAVE_DHCP6 -- else -- for (i = 0; i < data.hwaddr_len; i++) -- { -- sprintf(daemon->dhcp_buff2, "vendor_class%i", i); -- buf = grab_extradata_lua(buf, end, daemon->dhcp_buff2); -- } -+ else if (data.vendorclass_count != 0) -+ { -+ sprintf(daemon->dhcp_buff2, "vendor_class_id"); -+ buf = grab_extradata_lua(buf, end, daemon->dhcp_buff2); -+ for (i = 0; i < data.vendorclass_count - 1; i++) -+ { -+ sprintf(daemon->dhcp_buff2, "vendor_class%i", i); -+ buf = grab_extradata_lua(buf, end, daemon->dhcp_buff2); -+ } -+ } - #endif - - buf = grab_extradata_lua(buf, end, "supplied_hostname"); -@@ -423,7 +420,7 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) - lua_setfield(lua, -2, "old_hostname"); - } - -- if (!is6) -+ if (!is6 || data.hwaddr_len != 0) - { - lua_pushstring(lua, daemon->dhcp_buff); - lua_setfield(lua, -2, "mac_address"); -@@ -476,12 +473,15 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) - - if (data.action != ACTION_TFTP) - { -+#ifdef HAVE_DHCP6 - if (is6) - { - my_setenv("DNSMASQ_IAID", daemon->dhcp_buff3, &err); -- my_setenv("DNSMASQ_SERVER_DUID", daemon->packet, &err); -+ my_setenv("DNSMASQ_SERVER_DUID", daemon->dhcp_packet.iov_base, &err); -+ if (data.hwaddr_len != 0) -+ my_setenv("DNSMASQ_MAC", daemon->dhcp_buff, &err); - } -- -+#endif - if (!is6 && data.clid_len != 0) - my_setenv("DNSMASQ_CLIENT_ID", daemon->packet, &err); - -@@ -507,10 +507,10 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) - #ifdef HAVE_DHCP6 - else - { -- if (data.hwaddr_len != 0) -+ if (data.vendorclass_count != 0) - { - buf = grab_extradata(buf, end, "DNSMASQ_VENDOR_CLASS_ID", &err); -- for (i = 0; i < data.hwaddr_len - 1; i++) -+ for (i = 0; i < data.vendorclass_count - 1; i++) - { - sprintf(daemon->dhcp_buff2, "DNSMASQ_VENDOR_CLASS%i", i); - buf = grab_extradata(buf, end, daemon->dhcp_buff2, &err); -@@ -570,7 +570,8 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) - { - execl(daemon->lease_change_command, - p ? p+1 : daemon->lease_change_command, -- action_str, daemon->dhcp_buff, daemon->addrbuff, hostname, (char*)NULL); -+ action_str, is6 ? daemon->packet : daemon->dhcp_buff, -+ daemon->addrbuff, hostname, (char*)NULL); - err = errno; - } - /* failed, send event so the main process logs the problem */ -@@ -656,8 +657,6 @@ void queue_script(int action, struct dhcp_lease *lease, char *hostname, time_t n - unsigned int hostname_len = 0, clid_len = 0, ed_len = 0; - int fd = daemon->dhcpfd; - #ifdef HAVE_DHCP6 -- int is6 = !!(lease->flags & (LEASE_TA | LEASE_NA)); -- - if (!daemon->dhcp) - fd = daemon->dhcp6fd; - #endif -@@ -677,10 +676,10 @@ void queue_script(int action, struct dhcp_lease *lease, char *hostname, time_t n - - buf->action = action; - buf->flags = lease->flags; --#ifdef HAVE_DHCP6 -- if (is6) -- buf->hwaddr_len = lease->vendorclass_count; -- else -+#ifdef HAVE_DHCP6 -+ buf->vendorclass_count = lease->vendorclass_count; -+ buf->addr6 = lease->addr6; -+ buf->iaid = lease->iaid; - #endif - buf->hwaddr_len = lease->hwaddr_len; - buf->hwaddr_type = lease->hwaddr_type; -diff --git a/src/lease.c b/src/lease.c -index b85cf57..e5fe8a6 100644 ---- a/src/lease.c -+++ b/src/lease.c -@@ -108,6 +108,7 @@ void lease_init(time_t now) - { - char *s = daemon->dhcp_buff2; - int lease_type = LEASE_NA; -+ int iaid; - - if (s[0] == 'T') - { -@@ -115,12 +116,12 @@ void lease_init(time_t now) - s++; - } - -- hw_type = strtoul(s, NULL, 10); -+ iaid = strtoul(s, NULL, 10); - - if ((lease = lease6_allocate(&addr.addr.addr6, lease_type))) - { -- lease_set_hwaddr(lease, NULL, (unsigned char *)daemon->packet, 0, hw_type, clid_len, now, 0); -- -+ lease_set_hwaddr(lease, NULL, (unsigned char *)daemon->packet, 0, 0, clid_len, now, 0); -+ lease_set_iaid(lease, iaid); - if (strcmp(daemon->dhcp_buff, "*") != 0) - lease_set_hostname(lease, daemon->dhcp_buff, 0, get_domain6((struct in6_addr *)lease->hwaddr), NULL); - } -@@ -187,7 +188,9 @@ void lease_update_from_configs(void) - char *name; - - for (lease = leases; lease; lease = lease->next) -- if ((config = find_config(daemon->dhcp_conf, NULL, lease->clid, lease->clid_len, -+ if (lease->flags & (LEASE_TA | LEASE_NA)) -+ continue; -+ else if ((config = find_config(daemon->dhcp_conf, NULL, lease->clid, lease->clid_len, - lease->hwaddr, lease->hwaddr_len, lease->hwaddr_type, NULL)) && - (config->flags & CONFIG_NAME) && - (!(config->flags & CONFIG_ADDR) || config->addr.s_addr == lease->addr.s_addr)) -@@ -277,10 +280,10 @@ void lease_update_file(time_t now) - ourprintf(&err, "%lu ", (unsigned long)lease->expires); - #endif - -- inet_ntop(AF_INET6, lease->hwaddr, daemon->addrbuff, ADDRSTRLEN); -+ inet_ntop(AF_INET6, &lease->addr6, daemon->addrbuff, ADDRSTRLEN); - - ourprintf(&err, "%s%u %s ", (lease->flags & LEASE_TA) ? "T" : "", -- lease->hwaddr_type, daemon->addrbuff); -+ lease->iaid, daemon->addrbuff); - ourprintf(&err, "%s ", lease->hostname ? lease->hostname : "*"); - - if (lease->clid && lease->clid_len != 0) -@@ -376,7 +379,7 @@ static int find_interface_v6(struct in6_addr *local, int prefix, - - for (lease = leases; lease; lease = lease->next) - if ((lease->flags & (LEASE_TA | LEASE_NA))) -- if (is_same_net6(local, (struct in6_addr *)&lease->hwaddr, prefix)) -+ if (is_same_net6(local, &lease->addr6, prefix)) - lease_set_interface(lease, if_index, *((time_t *)vparam)); - - return 1; -@@ -463,12 +466,12 @@ void lease_update_dns(int force) - - if (lease->fqdn) - cache_add_dhcp_entry(lease->fqdn, prot, -- prot == AF_INET ? (struct all_addr *)&lease->addr : (struct all_addr *)&lease->hwaddr, -+ prot == AF_INET ? (struct all_addr *)&lease->addr : (struct all_addr *)&lease->addr6, - lease->expires); - - if (!option_bool(OPT_DHCP_FQDN) && lease->hostname) - cache_add_dhcp_entry(lease->hostname, prot, -- prot == AF_INET ? (struct all_addr *)&lease->addr : (struct all_addr *)&lease->hwaddr, -+ prot == AF_INET ? (struct all_addr *)&lease->addr : (struct all_addr *)&lease->addr6, - lease->expires); - } - -@@ -564,10 +567,10 @@ struct dhcp_lease *lease6_find(unsigned char *clid, int clid_len, - - for (lease = leases; lease; lease = lease->next) - { -- if (!(lease->flags & lease_type) || lease->hwaddr_type != iaid) -+ if (!(lease->flags & lease_type) || lease->iaid != iaid) - continue; - -- if (memcmp(lease->hwaddr, addr, IN6ADDRSZ) != 0) -+ if (!IN6_ARE_ADDR_EQUAL(&lease->addr6, addr)) - continue; - - if ((clid_len != lease->clid_len || -@@ -604,7 +607,7 @@ struct dhcp_lease *lease6_find_by_client(struct dhcp_lease *first, int lease_typ - if (lease->flags & LEASE_USED) - continue; - -- if (!(lease->flags & lease_type) || lease->hwaddr_type != iaid) -+ if (!(lease->flags & lease_type) || lease->iaid != iaid) - continue; - - if ((clid_len != lease->clid_len || -@@ -626,8 +629,8 @@ struct dhcp_lease *lease6_find_by_addr(struct in6_addr *net, int prefix, u64 add - if (!(lease->flags & (LEASE_TA | LEASE_NA))) - continue; - -- if (is_same_net6((struct in6_addr *)lease->hwaddr, net, prefix) && -- (prefix == 128 || addr6part((struct in6_addr *)lease->hwaddr) == addr)) -+ if (is_same_net6(&lease->addr6, net, prefix) && -+ (prefix == 128 || addr6part(&lease->addr6) == addr)) - return lease; - } - -@@ -646,11 +649,11 @@ u64 lease_find_max_addr6(struct dhcp_context *context) - if (!(lease->flags & (LEASE_TA | LEASE_NA))) - continue; - -- if (is_same_net6((struct in6_addr *)lease->hwaddr, &context->start6, 64) && -- addr6part((struct in6_addr *)lease->hwaddr) > addr6part(&context->start6) && -- addr6part((struct in6_addr *)lease->hwaddr) <= addr6part(&context->end6) && -- addr6part((struct in6_addr *)lease->hwaddr) > addr) -- addr = addr6part((struct in6_addr *)lease->hwaddr); -+ if (is_same_net6(&lease->addr6, &context->start6, 64) && -+ addr6part(&lease->addr6) > addr6part(&context->start6) && -+ addr6part(&lease->addr6) <= addr6part(&context->end6) && -+ addr6part(&lease->addr6) > addr) -+ addr = addr6part(&lease->addr6); - } - - return addr; -@@ -692,6 +695,7 @@ static struct dhcp_lease *lease_allocate(void) - #ifdef HAVE_BROKEN_RTC - lease->length = 0xffffffff; /* illegal value */ - #endif -+ lease->hwaddr_len = 256; /* illegal value */ - lease->next = leases; - leases = lease; - -@@ -707,7 +711,6 @@ struct dhcp_lease *lease4_allocate(struct in_addr addr) - if (lease) - { - lease->addr = addr; -- lease->hwaddr_len = 256; /* illegal value */ - } - - return lease; -@@ -720,8 +723,9 @@ struct dhcp_lease *lease6_allocate(struct in6_addr *addrp, int lease_type) - - if (lease) - { -- memcpy(lease->hwaddr, addrp, sizeof(*addrp)) ; -+ lease->addr6 = *addrp; - lease->flags |= lease_type; -+ lease->iaid = 0; - } - - return lease; -@@ -758,6 +762,17 @@ void lease_set_expires(struct dhcp_lease *lease, unsigned int len, time_t now) - #endif - } - -+#ifdef HAVE_DHCP6 -+void lease_set_iaid(struct dhcp_lease *lease, int iaid) -+{ -+ if (lease->iaid != iaid) -+ { -+ lease->iaid = iaid; -+ lease->flags |= LEASE_CHANGED; -+ } -+} -+#endif -+ - void lease_set_hwaddr(struct dhcp_lease *lease, unsigned char *hwaddr, - unsigned char *clid, int hw_len, int hw_type, int clid_len, - time_t now, int force) -@@ -779,9 +794,6 @@ void lease_set_hwaddr(struct dhcp_lease *lease, unsigned char *hwaddr, - lease->hwaddr_type = hw_type; - lease->flags |= LEASE_CHANGED; - file_dirty = 1; /* run script on change */ --#ifdef HAVE_DHCP6 -- change = 1; --#endif - } - - /* only update clid when one is available, stops packets -diff --git a/src/option.c b/src/option.c -index 9f63d0e..2fc90cb 100644 ---- a/src/option.c -+++ b/src/option.c -@@ -2361,6 +2361,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - { - new->prefix = 64; /* default */ - new->end6 = new->start6; -+ new->flags |= CONTEXT_V6; - - /* dhcp-range=:: enables DHCP stateless on any interface */ - if (IN6_IS_ADDR_UNSPECIFIED(&new->start6)) -diff --git a/src/radv-protocol.h b/src/radv-protocol.h -index 1f0f88a..8d5b153 100644 ---- a/src/radv-protocol.h -+++ b/src/radv-protocol.h -@@ -33,6 +33,13 @@ struct ra_packet { - u32 retrans_time; - }; - -+struct neigh_packet { -+ u8 type, code; -+ u16 checksum; -+ u16 reserved; -+ struct in6_addr target; -+}; -+ - struct prefix_opt { - u8 type, len, prefix_len, flags; - u32 valid_lifetime, preferred_lifetime, reserved; -diff --git a/src/radv.c b/src/radv.c -index 72a93cb..940d6a1 100644 ---- a/src/radv.c -+++ b/src/radv.c -@@ -68,12 +68,15 @@ void ra_init(time_t now) - for (context = daemon->dhcp6; context; context = context->next) - if ((context->flags & CONTEXT_RA_NAME)) - break; -+ /* Need ICMP6 socket for transmission for DHCPv6 even when not doing RA. */ - - ICMP6_FILTER_SETBLOCKALL(&filter); -- ICMP6_FILTER_SETPASS(ND_ROUTER_SOLICIT, &filter); -- if (context) -- ICMP6_FILTER_SETPASS(ICMP6_ECHO_REPLY, &filter); -- -+ if (daemon->doing_ra) -+ { -+ ICMP6_FILTER_SETPASS(ND_ROUTER_SOLICIT, &filter); -+ if (context) -+ ICMP6_FILTER_SETPASS(ICMP6_ECHO_REPLY, &filter); -+ } - if ((fd = socket(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) == -1 || - getsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &hop_limit, &len) || - #if defined(IPV6_TCLASS) && defined(IPTOS_CLASS_CS6) -@@ -88,7 +91,8 @@ void ra_init(time_t now) - - daemon->icmp6fd = fd; - -- ra_start_unsolicted(now, NULL); -+ if (daemon->doing_ra) -+ ra_start_unsolicted(now, NULL); - } - - void ra_start_unsolicted(time_t now, struct dhcp_context *context) -diff --git a/src/rfc3315.c b/src/rfc3315.c -index c8ba3d0..0408e18 100644 ---- a/src/rfc3315.c -+++ b/src/rfc3315.c -@@ -29,15 +29,20 @@ struct state { - char *iface_name; - void *packet_options, *end; - struct dhcp_netid *tags, *context_tags; -+ unsigned char mac[DHCP_CHADDR_MAX]; -+ unsigned int mac_len, mac_type; - #ifdef OPTION6_PREFIX_CLASS - struct prefix_class *send_prefix_class; - #endif - }; - --static int dhcp6_maybe_relay(struct in6_addr *link_address, struct dhcp_netid **relay_tagsp, struct dhcp_context *context, -- int interface, char *iface_name, struct in6_addr *fallback, void *inbuff, size_t sz, int is_unicast, time_t now); -+static int dhcp6_maybe_relay(struct in6_addr *link_address, struct dhcp_netid **relay_tagsp, struct dhcp_context *context, -+ int interface, char *iface_name, struct in6_addr *fallback, void *inbuff, size_t sz, -+ struct in6_addr *client_addr, int is_unicast, time_t now, -+ unsigned char *mac, unsigned int mac_len, unsigned int mac_type); - static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dhcp_netid *tags, struct dhcp_context *context, -- int interface, char *iface_name, struct in6_addr *fallback, void *inbuff, size_t sz, int is_unicast, time_t now); -+ int interface, char *iface_name, struct in6_addr *fallback, void *inbuff, size_t sz, int is_unicast, time_t now, -+ unsigned int mac_len, unsigned int mac_type, unsigned char *mac); - static void log6_opts(int nest, unsigned int xid, void *start_opts, void *end_opts); - static void log6_packet(struct state *state, char *type, struct in6_addr *addr, char *string); - -@@ -68,11 +73,14 @@ static void calculate_times(struct dhcp_context *context, unsigned int *min_time - - - unsigned short dhcp6_reply(struct dhcp_context *context, int interface, char *iface_name, -- struct in6_addr *fallback, size_t sz, int is_unicast, time_t now) -+ struct in6_addr *fallback, size_t sz, struct in6_addr *client_addr, time_t now) - { - struct dhcp_netid *relay_tags = NULL; - struct dhcp_vendor *vendor; - int msg_type; -+ unsigned int mac_len = 0; -+ unsigned int mac_type = 0; -+ unsigned char mac[DHCP_CHADDR_MAX]; - - if (sz <= 4) - return 0; -@@ -85,7 +93,10 @@ unsigned short dhcp6_reply(struct dhcp_context *context, int interface, char *if - - save_counter(0); - -- if (dhcp6_maybe_relay(NULL, &relay_tags, context, interface, iface_name, fallback, daemon->dhcp_packet.iov_base, sz, is_unicast, now)) -+ if (dhcp6_maybe_relay(NULL, &relay_tags, context, interface, iface_name, -+ fallback, daemon->dhcp_packet.iov_base, sz, client_addr, -+ IN6_IS_ADDR_MULTICAST(client_addr), now, -+ mac, mac_len, mac_type)) - return msg_type == DHCP6RELAYFORW ? DHCPV6_SERVER_PORT : DHCPV6_CLIENT_PORT; - - return 0; -@@ -93,7 +104,9 @@ unsigned short dhcp6_reply(struct dhcp_context *context, int interface, char *if - - /* This cost me blood to write, it will probably cost you blood to understand - srk. */ - static int dhcp6_maybe_relay(struct in6_addr *link_address, struct dhcp_netid **relay_tagsp, struct dhcp_context *context, -- int interface, char *iface_name, struct in6_addr *fallback, void *inbuff, size_t sz, int is_unicast, time_t now) -+ int interface, char *iface_name, struct in6_addr *fallback, void *inbuff, size_t sz, -+ struct in6_addr *client_addr, int is_unicast, time_t now, -+ unsigned char *mac, unsigned int mac_len, unsigned int mac_type) - { - void *end = inbuff + sz; - void *opts = inbuff + 34; -@@ -108,9 +121,14 @@ static int dhcp6_maybe_relay(struct in6_addr *link_address, struct dhcp_netid ** - /* if link_address != NULL if points to the link address field of the - innermost nested RELAYFORW message, which is where we find the - address of the network on which we can allocate an address. -- Recalculate the available contexts using that information. */ -- -- if (link_address) -+ Recalculate the available contexts using that information. -+ -+ link_address == NULL means there's no relay in use, so we try and find the client's -+ MAC address from the local ND cache. */ -+ -+ if (!link_address) -+ get_client_mac(client_addr, interface, mac, &mac_len, &mac_type); -+ else - { - struct dhcp_context *c; - context = NULL; -@@ -146,7 +164,8 @@ static int dhcp6_maybe_relay(struct in6_addr *link_address, struct dhcp_netid ** - return 0; - } - -- return dhcp6_no_relay(msg_type, link_address, *relay_tagsp, context, interface, iface_name, fallback, inbuff, sz, is_unicast, now); -+ return dhcp6_no_relay(msg_type, link_address, *relay_tagsp, context, interface, iface_name, fallback, inbuff, -+ sz, is_unicast, now, mac_len, mac_type, mac); - } - - /* must have at least msg_type+hopcount+link_address+peer_address+minimal size option -@@ -180,21 +199,31 @@ static int dhcp6_maybe_relay(struct in6_addr *link_address, struct dhcp_netid ** - break; - } - } -- -+ -+ /* RFC-6939 */ -+ if ((opt = opt6_find(opts, end, OPTION6_CLIENT_MAC, 3))) -+ { -+ mac_type = opt6_uint(opt, 0, 2); -+ mac_len = opt6_len(opt) - 2; -+ mac = opt6_ptr(opt, 2); -+ } -+ - for (opt = opts; opt; opt = opt6_next(opt, end)) - { - int o = new_opt6(opt6_type(opt)); - if (opt6_type(opt) == OPTION6_RELAY_MSG) - { -- struct in6_addr link_address; -+ struct in6_addr align; - /* the packet data is unaligned, copy to aligned storage */ -- memcpy(&link_address, inbuff + 2, IN6ADDRSZ); -+ memcpy(&align, inbuff + 2, IN6ADDRSZ); - /* Not, zero is_unicast since that is now known to refer to the - relayed packet, not the original sent by the client */ -- if (!dhcp6_maybe_relay(&link_address, relay_tagsp, context, interface, iface_name, fallback, opt6_ptr(opt, 0), opt6_len(opt), 0, now)) -+ if (!dhcp6_maybe_relay(&align, relay_tagsp, context, interface, iface_name, fallback, -+ opt6_ptr(opt, 0), opt6_len(opt), client_addr, 0, now, -+ mac, mac_len, mac_type)) - return 0; - } -- else -+ else if (opt6_type(opt) != OPTION6_CLIENT_MAC) - put_opt6(opt6_ptr(opt, 0), opt6_len(opt)); - end_opt6(o); - } -@@ -203,7 +232,8 @@ static int dhcp6_maybe_relay(struct in6_addr *link_address, struct dhcp_netid ** - } - - static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dhcp_netid *tags, struct dhcp_context *context, -- int interface, char *iface_name, struct in6_addr *fallback, void *inbuff, size_t sz, int is_unicast, time_t now) -+ int interface, char *iface_name, struct in6_addr *fallback, void *inbuff, size_t sz, int is_unicast, time_t now, -+ unsigned int mac_len, unsigned int mac_type, unsigned char *mac) - { - void *opt; - int i, o, o1, start_opts; -@@ -214,6 +244,7 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh - unsigned char *outmsgtypep; - struct dhcp_vendor *vendor; - struct dhcp_context *context_tmp; -+ struct dhcp_mac *mac_opt; - unsigned int ignore = 0; - struct state state; - #ifdef OPTION6_PREFIX_CLASS -@@ -237,6 +268,9 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh - state.client_hostname = NULL; - state.iface_name = iface_name; - state.fqdn_flags = 0x01; /* default to send if we recieve no FQDN option */ -+ state.mac_len = mac_len; -+ state.mac_type = mac_type; -+ memcpy(state.mac, mac, mac_len); - #ifdef OPTION6_PREFIX_CLASS - state.send_prefix_class = NULL; - #endif -@@ -390,7 +424,17 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh - state.tags = opt_cfg->netid; - } - } -- -+ -+ if (mac_len != 0) -+ for (mac_opt = daemon->dhcp_macs; mac_opt; mac_opt = mac_opt->next) -+ if ((unsigned)mac_opt->hwaddr_len == mac_len && -+ ((unsigned)mac_opt->hwaddr_type == mac_type || mac_opt->hwaddr_type == 0) && -+ memcmp_masked(mac_opt->hwaddr, mac, mac_len, mac_opt->mask)) -+ { -+ mac_opt->netid.next = state.tags; -+ state.tags = &mac_opt->netid; -+ } -+ - if ((opt = opt6_find(state.packet_options, state.end, OPTION6_FQDN, 1))) - { - /* RFC4704 refers */ -@@ -433,7 +477,7 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh - - if (state.clid) - { -- config = find_config6(daemon->dhcp_conf, context, state.clid, state.clid_len, NULL); -+ config = find_config(daemon->dhcp_conf, context, state.clid, state.clid_len, mac, mac_len, mac_type, NULL); - - if (have_config(config, CONFIG_NAME)) - { -@@ -453,7 +497,7 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh - /* Search again now we have a hostname. - Only accept configs without CLID here, (it won't match) - to avoid impersonation by name. */ -- struct dhcp_config *new = find_config6(daemon->dhcp_conf, context, NULL, 0, state.hostname); -+ struct dhcp_config *new = find_config(daemon->dhcp_conf, context, NULL, 0, NULL, 0, 0, state.hostname); - if (new && !have_config(new, CONFIG_CLID) && !new->hwaddr) - config = new; - } -@@ -704,7 +748,7 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh - ltmp = NULL; - while ((ltmp = lease6_find_by_client(ltmp, state.ia_type == OPTION6_IA_NA ? LEASE_NA : LEASE_TA, state.clid, state.clid_len, state.iaid))) - { -- req_addr = (struct in6_addr *)ltmp->hwaddr; -+ req_addr = <mp->addr6; - if ((c = address6_available(context, req_addr, solicit_tags, plain_range))) - { - #ifdef OPTION6_PREFIX_CLASS -@@ -935,6 +979,9 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh - calculate_times(this_context, &min_time, &valid_time, &preferred_time, lease_time, requested_time); - - lease_set_expires(lease, valid_time, now); -+ /* Update MAC record in case it's new information. */ -+ if (mac_len != 0) -+ lease_set_hwaddr(lease, mac, state.clid, mac_len, mac_type, state.clid_len, now, 0); - if (state.ia_type == OPTION6_IA_NA && state.hostname) - { - char *addr_domain = get_domain6(req_addr); -@@ -1163,8 +1210,16 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh - log_tags(tagif, state.xid); - - if (option_bool(OPT_LOG_OPTS)) -- log6_opts(0, state.xid, daemon->outpacket.iov_base + start_opts, daemon->outpacket.iov_base + save_counter(-1)); -- -+ { -+ if (mac_len != 0) -+ { -+ print_mac(daemon->dhcp_buff, mac, mac_len); -+ my_syslog(MS_DHCP | LOG_INFO, _("%u client MAC address: %s"), state.xid, daemon->dhcp_buff); -+ } -+ -+ log6_opts(0, state.xid, daemon->outpacket.iov_base + start_opts, daemon->outpacket.iov_base + save_counter(-1)); -+ } -+ - return 1; - - } -@@ -1548,7 +1603,7 @@ static int check_address(struct state *state, struct in6_addr *addr) - - if (lease->clid_len != state->clid_len || - memcmp(lease->clid, state->clid, state->clid_len) != 0 || -- lease->hwaddr_type != state->iaid) -+ lease->iaid != state->iaid) - return 0; - - return 1; -@@ -1591,7 +1646,8 @@ static void update_leases(struct state *state, struct dhcp_context *context, str - if (lease) - { - lease_set_expires(lease, lease_time, now); -- lease_set_hwaddr(lease, NULL, state->clid, 0, state->iaid, state->clid_len, now, 0); -+ lease_set_iaid(lease, state->iaid); -+ lease_set_hwaddr(lease, state->mac, state->clid, state->mac_len, state->mac_type, state->clid_len, now, 0); - lease_set_interface(lease, state->interface, now); - if (state->hostname && state->ia_type == OPTION6_IA_NA) - { --- -2.1.0 - diff --git a/SOURCES/dnsmasq-2.66-Tighten_checks_in_legal_hostname.patch b/SOURCES/dnsmasq-2.66-Tighten_checks_in_legal_hostname.patch deleted file mode 100644 index cc6f603..0000000 --- a/SOURCES/dnsmasq-2.66-Tighten_checks_in_legal_hostname.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 7abb69b5dc8dbe369be36bd7bf23c039b036acd1 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Mon, 29 Apr 2013 10:52:16 +0100 -Subject: [PATCH] Tighten checks in legal_hostname(). - ---- - src/util.c | 14 +++++++++----- - 1 file changed, 9 insertions(+), 5 deletions(-) - -diff --git a/src/util.c b/src/util.c -index 848e01b..af4031c 100644 ---- a/src/util.c -+++ b/src/util.c -@@ -142,19 +142,23 @@ static int check_name(char *in) - int legal_hostname(char *name) - { - char c; -+ int first; - - if (!check_name(name)) - return 0; - -- for (; (c = *name); name++) -+ for (first = 1; (c = *name); name++, first = 0) - /* check for legal char a-z A-Z 0-9 - _ . */ - { - if ((c >= 'A' && c <= 'Z') || -- (c >= 'a' && c <= 'z') || -- (c >= '0' && c <= '9') || -- c == '-' || c == '_') -+ (c >= 'a' && c <= 'z')) - continue; -- -+ -+ if (!first && -+ ((c >= '0' && c <= '9') || -+ c == '-' || c == '_')) -+ continue; -+ - /* end of hostname part */ - if (c == '.') - return 1; --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-Use-dnsmasq-as-default-DNS-server-for-RA-only-if-it-is-doing-DNS.patch b/SOURCES/dnsmasq-2.66-Use-dnsmasq-as-default-DNS-server-for-RA-only-if-it-is-doing-DNS.patch deleted file mode 100644 index 22139ee..0000000 --- a/SOURCES/dnsmasq-2.66-Use-dnsmasq-as-default-DNS-server-for-RA-only-if-it-is-doing-DNS.patch +++ /dev/null @@ -1,30 +0,0 @@ -From ab915f837c1db9b8b095158b41028ea71246d68d Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Tue, 30 Apr 2013 10:41:28 +0100 -Subject: [PATCH] Only use ourselves as default DNS server for RA if we're - doing DNS. - -This makes RA the same as DHCP4/6 ---- - src/radv.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/radv.c b/src/radv.c -index a708758..72a93cb 100644 ---- a/src/radv.c -+++ b/src/radv.c -@@ -300,9 +300,9 @@ static void send_ra(time_t now, int iface, char *iface_name, struct in6_addr *de - } - } - -- if (!done_dns) -+ if (daemon->port == NAMESERVER_PORT && !done_dns) - { -- /* default == us. */ -+ /* default == us, as long as we are supplying DNS service. */ - put_opt6_char(ICMP6_OPT_RDNSS); - put_opt6_char(3); - put_opt6_short(0); --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-dhcp-match-now-work-with-BOOTP.patch b/SOURCES/dnsmasq-2.66-dhcp-match-now-work-with-BOOTP.patch deleted file mode 100644 index c452e96..0000000 --- a/SOURCES/dnsmasq-2.66-dhcp-match-now-work-with-BOOTP.patch +++ /dev/null @@ -1,282 +0,0 @@ -From 86e92f998379d219e10517dfa2c42f544ba164ce Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Tue, 23 Apr 2013 11:31:39 +0100 -Subject: [PATCH] --dhcp-match et al now work with BOOTP as well as DHCP. - ---- - CHANGELOG | 4 ++ - src/rfc2131.c | 227 +++++++++++++++++++++++++++++----------------------------- - 2 files changed, 117 insertions(+), 114 deletions(-) - -diff --git a/CHANGELOG b/CHANGELOG -index 268b64d..0a34b64 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -11,6 +11,10 @@ version 2.67 - lease-time only if it's specifically requested - (maintaining standards) and the dhcp_lease_time utility - has been taught to ask for it (restoring functionality). -+ -+ Fix --dhcp-match, --dhcp-vendorclass and --dhcp-userclass -+ to work with BOOTP and well as DHCP. Thanks to Peter -+ Korsgaard for spotting the problem. - - - version 2.66 -diff --git a/src/rfc2131.c b/src/rfc2131.c -index 013a446..54e444b 100644 ---- a/src/rfc2131.c -+++ b/src/rfc2131.c -@@ -355,6 +355,117 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index, - ntohl(mess->xid), daemon->namebuff, inet_ntoa(context_tmp->end)); - } - } -+ -+ /* dhcp-match. If we have hex-and-wildcards, look for a left-anchored match. -+ Otherwise assume the option is an array, and look for a matching element. -+ If no data given, existance of the option is enough. This code handles -+ rfc3925 V-I classes too. */ -+ for (o = daemon->dhcp_match; o; o = o->next) -+ { -+ unsigned int len, elen, match = 0; -+ size_t offset, o2; -+ -+ if (o->flags & DHOPT_RFC3925) -+ { -+ if (!(opt = option_find(mess, sz, OPTION_VENDOR_IDENT, 5))) -+ continue; -+ -+ for (offset = 0; offset < (option_len(opt) - 5u); offset += len + 5) -+ { -+ len = option_uint(opt, offset + 4 , 1); -+ /* Need to take care that bad data can't run us off the end of the packet */ -+ if ((offset + len + 5 <= (option_len(opt))) && -+ (option_uint(opt, offset, 4) == (unsigned int)o->u.encap)) -+ for (o2 = offset + 5; o2 < offset + len + 5; o2 += elen + 1) -+ { -+ elen = option_uint(opt, o2, 1); -+ if ((o2 + elen + 1 <= option_len(opt)) && -+ (match = match_bytes(o, option_ptr(opt, o2 + 1), elen))) -+ break; -+ } -+ if (match) -+ break; -+ } -+ } -+ else -+ { -+ if (!(opt = option_find(mess, sz, o->opt, 1))) -+ continue; -+ -+ match = match_bytes(o, option_ptr(opt, 0), option_len(opt)); -+ } -+ -+ if (match) -+ { -+ o->netid->next = netid; -+ netid = o->netid; -+ } -+ } -+ -+ /* user-class options are, according to RFC3004, supposed to contain -+ a set of counted strings. Here we check that this is so (by seeing -+ if the counts are consistent with the overall option length) and if -+ so zero the counts so that we don't get spurious matches between -+ the vendor string and the counts. If the lengths don't add up, we -+ assume that the option is a single string and non RFC3004 compliant -+ and just do the substring match. dhclient provides these broken options. -+ The code, later, which sends user-class data to the lease-change script -+ relies on the transformation done here. -+ */ -+ -+ if ((opt = option_find(mess, sz, OPTION_USER_CLASS, 1))) -+ { -+ unsigned char *ucp = option_ptr(opt, 0); -+ int tmp, j; -+ for (j = 0; j < option_len(opt); j += ucp[j] + 1); -+ if (j == option_len(opt)) -+ for (j = 0; j < option_len(opt); j = tmp) -+ { -+ tmp = j + ucp[j] + 1; -+ ucp[j] = 0; -+ } -+ } -+ -+ for (vendor = daemon->dhcp_vendors; vendor; vendor = vendor->next) -+ { -+ int mopt; -+ -+ if (vendor->match_type == MATCH_VENDOR) -+ mopt = OPTION_VENDOR_ID; -+ else if (vendor->match_type == MATCH_USER) -+ mopt = OPTION_USER_CLASS; -+ else -+ continue; -+ -+ if ((opt = option_find(mess, sz, mopt, 1))) -+ { -+ int i; -+ for (i = 0; i <= (option_len(opt) - vendor->len); i++) -+ if (memcmp(vendor->data, option_ptr(opt, i), vendor->len) == 0) -+ { -+ vendor->netid.next = netid; -+ netid = &vendor->netid; -+ break; -+ } -+ } -+ } -+ -+ /* mark vendor-encapsulated options which match the client-supplied vendor class, -+ save client-supplied vendor class */ -+ if ((opt = option_find(mess, sz, OPTION_VENDOR_ID, 1))) -+ { -+ memcpy(daemon->dhcp_buff3, option_ptr(opt, 0), option_len(opt)); -+ vendor_class_len = option_len(opt); -+ } -+ match_vendor_opts(opt, daemon->dhcp_opts); -+ -+ if (option_bool(OPT_LOG_OPTS)) -+ { -+ if (sanitise(opt, daemon->namebuff)) -+ my_syslog(MS_DHCP | LOG_INFO, _("%u vendor class: %s"), ntohl(mess->xid), daemon->namebuff); -+ if (sanitise(option_find(mess, sz, OPTION_USER_CLASS, 1), daemon->namebuff)) -+ my_syslog(MS_DHCP | LOG_INFO, _("%u user class: %s"), ntohl(mess->xid), daemon->namebuff); -+ } - - mess->op = BOOTREPLY; - -@@ -494,9 +605,8 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index, - lease_set_interface(lease, int_index, now); - - clear_packet(mess, end); -- match_vendor_opts(NULL, daemon->dhcp_opts); /* clear flags */ - do_options(context, mess, end, NULL, hostname, get_domain(mess->yiaddr), -- netid, subnet_addr, 0, 0, -1, NULL, 0, now); -+ netid, subnet_addr, 0, 0, -1, NULL, vendor_class_len, now); - } - } - -@@ -623,119 +733,8 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index, - } - } - -- /* dhcp-match. If we have hex-and-wildcards, look for a left-anchored match. -- Otherwise assume the option is an array, and look for a matching element. -- If no data given, existance of the option is enough. This code handles -- rfc3925 V-I classes too. */ -- for (o = daemon->dhcp_match; o; o = o->next) -- { -- unsigned int len, elen, match = 0; -- size_t offset, o2; -- -- if (o->flags & DHOPT_RFC3925) -- { -- if (!(opt = option_find(mess, sz, OPTION_VENDOR_IDENT, 5))) -- continue; -- -- for (offset = 0; offset < (option_len(opt) - 5u); offset += len + 5) -- { -- len = option_uint(opt, offset + 4 , 1); -- /* Need to take care that bad data can't run us off the end of the packet */ -- if ((offset + len + 5 <= (option_len(opt))) && -- (option_uint(opt, offset, 4) == (unsigned int)o->u.encap)) -- for (o2 = offset + 5; o2 < offset + len + 5; o2 += elen + 1) -- { -- elen = option_uint(opt, o2, 1); -- if ((o2 + elen + 1 <= option_len(opt)) && -- (match = match_bytes(o, option_ptr(opt, o2 + 1), elen))) -- break; -- } -- if (match) -- break; -- } -- } -- else -- { -- if (!(opt = option_find(mess, sz, o->opt, 1))) -- continue; -- -- match = match_bytes(o, option_ptr(opt, 0), option_len(opt)); -- } -- -- if (match) -- { -- o->netid->next = netid; -- netid = o->netid; -- } -- } -- -- /* user-class options are, according to RFC3004, supposed to contain -- a set of counted strings. Here we check that this is so (by seeing -- if the counts are consistent with the overall option length) and if -- so zero the counts so that we don't get spurious matches between -- the vendor string and the counts. If the lengths don't add up, we -- assume that the option is a single string and non RFC3004 compliant -- and just do the substring match. dhclient provides these broken options. -- The code, later, which sends user-class data to the lease-change script -- relies on the transformation done here. -- */ -- -- if ((opt = option_find(mess, sz, OPTION_USER_CLASS, 1))) -- { -- unsigned char *ucp = option_ptr(opt, 0); -- int tmp, j; -- for (j = 0; j < option_len(opt); j += ucp[j] + 1); -- if (j == option_len(opt)) -- for (j = 0; j < option_len(opt); j = tmp) -- { -- tmp = j + ucp[j] + 1; -- ucp[j] = 0; -- } -- } -- -- for (vendor = daemon->dhcp_vendors; vendor; vendor = vendor->next) -- { -- int mopt; -- -- if (vendor->match_type == MATCH_VENDOR) -- mopt = OPTION_VENDOR_ID; -- else if (vendor->match_type == MATCH_USER) -- mopt = OPTION_USER_CLASS; -- else -- continue; -- -- if ((opt = option_find(mess, sz, mopt, 1))) -- { -- int i; -- for (i = 0; i <= (option_len(opt) - vendor->len); i++) -- if (memcmp(vendor->data, option_ptr(opt, i), vendor->len) == 0) -- { -- vendor->netid.next = netid; -- netid = &vendor->netid; -- break; -- } -- } -- } -- -- /* mark vendor-encapsulated options which match the client-supplied vendor class, -- save client-supplied vendor class */ -- if ((opt = option_find(mess, sz, OPTION_VENDOR_ID, 1))) -- { -- memcpy(daemon->dhcp_buff3, option_ptr(opt, 0), option_len(opt)); -- vendor_class_len = option_len(opt); -- } -- match_vendor_opts(opt, daemon->dhcp_opts); -- -- if (option_bool(OPT_LOG_OPTS)) -- { -- if (sanitise(opt, daemon->namebuff)) -- my_syslog(MS_DHCP | LOG_INFO, _("%u vendor class: %s"), ntohl(mess->xid), daemon->namebuff); -- if (sanitise(option_find(mess, sz, OPTION_USER_CLASS, 1), daemon->namebuff)) -- my_syslog(MS_DHCP | LOG_INFO, _("%u user class: %s"), ntohl(mess->xid), daemon->namebuff); -- } -- - tagif_netid = run_tag_if(netid); -- -+ - /* if all the netids in the ignore list are present, ignore this client */ - for (id_list = daemon->dhcp_ignore; id_list; id_list = id_list->next) - if (match_netid(id_list->list, tagif_netid, 0)) --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-dhcp-v4-v6.patch b/SOURCES/dnsmasq-2.66-dhcp-v4-v6.patch deleted file mode 100644 index d2436b3..0000000 --- a/SOURCES/dnsmasq-2.66-dhcp-v4-v6.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 24b5a5d50bc793f7e218ef6018ad210eab28c686 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Fri, 11 Oct 2013 15:19:28 +0100 -Subject: [PATCH 1/1] dhcp-host selection fix for v4/v6 - ---- - CHANGELOG | 5 +++++ - src/dhcp-common.c | 35 +++++++++++++++++------------------ - src/rfc1035.c | 14 +++++++------- - 3 files changed, 29 insertions(+), 25 deletions(-) - -diff --git a/src/dhcp-common.c b/src/dhcp-common.c -index 304c47e..5b0756d 100644 ---- a/src/dhcp-common.c -+++ b/src/dhcp-common.c -@@ -272,27 +272,26 @@ static int is_config_in_context(struct dhcp_context *context, struct dhcp_config - if (!context) /* called via find_config() from lease_update_from_configs() */ - return 1; - -- if (!(context->flags & CONTEXT_V6)) -- { -- if (!(config->flags & CONFIG_ADDR)) -- return 1; -+ if (!(config->flags & (CONFIG_ADDR | CONFIG_ADDR6))) -+ return 1; -+ -+#ifdef HAVE_DHCP6 -+ if ((context->flags & CONTEXT_V6) && (config->flags & CONFIG_WILDCARD)) -+ return 1; -+#endif - -- for (; context; context = context->current) -- if (is_same_net(config->addr, context->start, context->netmask)) -- return 1; -- } -+ for (; context; context = context->current) - #ifdef HAVE_DHCP6 -- else -- { -- if (!(config->flags & CONFIG_ADDR6) || (config->flags & CONFIG_WILDCARD)) -- return 1; -- -- for (; context; context = context->current) -- if (is_same_net6(&config->addr6, &context->start6, context->prefix)) -- return 1; -- } -+ if (context->flags & CONTEXT_V6) -+ { -+ if ((config->flags & CONFIG_ADDR6) && is_same_net6(&config->addr6, &context->start6, context->prefix)) -+ return 1; -+ } -+ else - #endif -- -+ if ((config->flags & CONFIG_ADDR) && is_same_net(config->addr, context->start, context->netmask)) -+ return 1; -+ - return 0; - } - diff --git a/SOURCES/dnsmasq-2.66-dns-sleep-resume.patch b/SOURCES/dnsmasq-2.66-dns-sleep-resume.patch deleted file mode 100644 index 4f32bf1..0000000 --- a/SOURCES/dnsmasq-2.66-dns-sleep-resume.patch +++ /dev/null @@ -1,127 +0,0 @@ -commit 64d3d2c83b30c751570faf0c5d527ff3da9f2036 -Author: Beniamino Galvani -Date: Sun Aug 28 20:44:05 2016 +0100 - - Handle binding upstream servers to an interface - (--server=1.2.3.4@eth0) when the named interface - is destroyed and recreated in the kernel. - -diff --git a/src/dbus.c b/src/dbus.c -index 7379341..e56d8c7 100644 ---- a/src/dbus.c -+++ b/src/dbus.c -@@ -161,6 +161,10 @@ static void add_update_server(union mysockaddr *addr, - - if (serv) - { -+ serv->sfd = NULL; -+ serv->queries = 0; -+ serv->failed_queries = 0; -+ - if (interface) - strcpy(serv->interface, interface); - else -diff --git a/src/dnsmasq.h b/src/dnsmasq.h -index 69ae7a7..7b8020e 100644 ---- a/src/dnsmasq.h -+++ b/src/dnsmasq.h -@@ -412,6 +412,7 @@ struct serverfd { - int fd; - union mysockaddr source_addr; - char interface[IF_NAMESIZE+1]; -+ unsigned int ifindex, used; - struct serverfd *next; - }; - -diff --git a/src/network.c b/src/network.c -index 792914b..d2bebcc 100644 ---- a/src/network.c -+++ b/src/network.c -@@ -839,6 +839,7 @@ int local_bind(int fd, union mysockaddr *addr, char *intname, int is_tcp) - static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) - { - struct serverfd *sfd; -+ unsigned int ifindex = 0; - int errsave; - - /* when using random ports, servers which would otherwise use -@@ -859,11 +860,15 @@ static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) - return NULL; - #endif - } -+ -+ if (intname && strlen(intname) != 0) -+ ifindex = if_nametoindex(intname); /* index == 0 when not binding to an interface */ - - /* may have a suitable one already */ - for (sfd = daemon->sfds; sfd; sfd = sfd->next ) - if (sockaddr_isequal(&sfd->source_addr, addr) && -- strcmp(intname, sfd->interface) == 0) -+ strcmp(intname, sfd->interface) == 0 && -+ ifindex == sfd->ifindex) - return sfd; - - /* need to make a new one. */ -@@ -885,11 +890,13 @@ static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) - errno = errsave; - return NULL; - } -- -+ - strcpy(sfd->interface, intname); - sfd->source_addr = *addr; - sfd->next = daemon->sfds; -+ sfd->ifindex = ifindex; - daemon->sfds = sfd; -+ - return sfd; - } - -@@ -944,12 +951,16 @@ void check_servers(void) - { - struct irec *iface; - struct server *new, *tmp, *ret = NULL; -+ struct serverfd *sfd, *tmpfd, **up; - int port = 0; - - /* interface may be new since startup */ - if (!option_bool(OPT_NOWILD)) - enumerate_interfaces(); - -+ for (sfd = daemon->sfds; sfd; sfd = sfd->next) -+ sfd->used = 0; -+ - for (new = daemon->servers; new; new = tmp) - { - tmp = new->next; -@@ -987,6 +998,9 @@ void check_servers(void) - free(new); - continue; - } -+ -+ if (new->sfd) -+ new->sfd->used = 1; - } - - /* reverse order - gets it right. */ -@@ -1019,6 +1033,20 @@ void check_servers(void) - } - } - -+ /* Remove unused sfds */ -+ for (sfd = daemon->sfds, up = &daemon->sfds; sfd; sfd = tmpfd) -+ { -+ tmpfd = sfd->next; -+ if (!sfd->used) -+ { -+ *up = sfd->next; -+ close(sfd->fd); -+ free(sfd); -+ } -+ else -+ up = &sfd->next; -+ } -+ - daemon->servers = ret; - } - diff --git a/SOURCES/dnsmasq-2.66-numeric-hostnames.patch b/SOURCES/dnsmasq-2.66-numeric-hostnames.patch deleted file mode 100644 index a1d36d9..0000000 --- a/SOURCES/dnsmasq-2.66-numeric-hostnames.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff --git a/src/util.c b/src/util.c -index af4031c..759099c 100644 ---- a/src/util.c -+++ b/src/util.c -@@ -151,12 +151,12 @@ int legal_hostname(char *name) - /* check for legal char a-z A-Z 0-9 - _ . */ - { - if ((c >= 'A' && c <= 'Z') || -- (c >= 'a' && c <= 'z')) -+ (c >= 'a' && c <= 'z') || -+ (c >= '0' && c <= '9')) - continue; - - if (!first && -- ((c >= '0' && c <= '9') || -- c == '-' || c == '_')) -+ (c == '-' || c == '_')) - continue; - - /* end of hostname part */ diff --git a/SOURCES/dnsmasq-2.66-replace-inet_addr-with-inet_pton-in-option-c.patch b/SOURCES/dnsmasq-2.66-replace-inet_addr-with-inet_pton-in-option-c.patch deleted file mode 100644 index d21a776..0000000 --- a/SOURCES/dnsmasq-2.66-replace-inet_addr-with-inet_pton-in-option-c.patch +++ /dev/null @@ -1,164 +0,0 @@ -From ddd9a6b499ae601231070854c562611a79e004c0 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Mon, 29 Apr 2013 17:00:21 +0100 -Subject: [PATCH] replace inet_addr with inet_pton() in src/option.c - ---- - src/option.c | 52 ++++++++++++++++++++++++++-------------------------- - 1 file changed, 26 insertions(+), 26 deletions(-) - -diff --git a/src/option.c b/src/option.c -index 20a8668..d2ab689 100644 ---- a/src/option.c -+++ b/src/option.c -@@ -660,7 +660,7 @@ char *parse_server(char *arg, union mysockaddr *addr, union mysockaddr *source_a - scope_id = split_chr(arg, '%'); - #endif - -- if ((addr->in.sin_addr.s_addr = inet_addr(arg)) != (in_addr_t) -1) -+ if (inet_pton(AF_INET, arg, &addr->in.sin_addr) > 0) - { - addr->in.sin_port = htons(serv_port); - addr->sa.sa_family = source_addr->sa.sa_family = AF_INET; -@@ -675,7 +675,7 @@ char *parse_server(char *arg, union mysockaddr *addr, union mysockaddr *source_a - if (flags) - *flags |= SERV_HAS_SOURCE; - source_addr->in.sin_port = htons(source_port); -- if ((source_addr->in.sin_addr.s_addr = inet_addr(source)) == (in_addr_t) -1) -+ if (!(inet_pton(AF_INET, source, &source_addr->in.sin_addr) > 0)) - { - #if defined(SO_BINDTODEVICE) - source_addr->in.sin_addr.s_addr = INADDR_ANY; -@@ -1031,7 +1031,7 @@ static int parse_dhcp_opt(char *errstr, char *arg, int flags) - cp = comma; - comma = split(cp); - slash = split_chr(cp, '/'); -- in.s_addr = inet_addr(cp); -+ inet_pton(AF_INET, cp, &in); - if (!slash) - { - memcpy(op, &in, INADDRSZ); -@@ -1576,7 +1576,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - comma = split(arg); - new->name = NULL; - unhide_metas(arg); -- if ((new->addr.in.sin_addr.s_addr = inet_addr(arg)) != (in_addr_t)-1) -+ if (inet_pton(AF_INET, arg, &new->addr.in.sin_addr) > 0) - new->addr.sa.sa_family = AF_INET; - #ifdef HAVE_IPV6 - else if (inet_pton(AF_INET6, arg, &new->addr.in6.sin6_addr) > 0) -@@ -1927,7 +1927,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - { - struct in_addr addr; - unhide_metas(arg); -- if (arg && (addr.s_addr = inet_addr(arg)) != (in_addr_t)-1) -+ if (arg && (inet_pton(AF_INET, arg, &addr) > 0)) - { - struct bogus_addr *baddr = opt_malloc(sizeof(struct bogus_addr)); - baddr->next = daemon->bogus_addr; -@@ -1945,7 +1945,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - struct iname *new = opt_malloc(sizeof(struct iname)); - comma = split(arg); - unhide_metas(arg); -- if (arg && (new->addr.in.sin_addr.s_addr = inet_addr(arg)) != (in_addr_t)-1) -+ if (arg && (inet_pton(AF_INET, arg, &new->addr.in.sin_addr) > 0)) - { - new->addr.sa.sa_family = AF_INET; - new->addr.in.sin_port = 0; -@@ -2369,7 +2369,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - } - - if (k >= 3 && strchr(a[2], '.') && -- ((new->netmask.s_addr = inet_addr(a[2])) != (in_addr_t)-1)) -+ (inet_pton(AF_INET, a[2], &new->netmask) > 0)) - { - new->flags |= CONTEXT_NETMASK; - leasepos = 3; -@@ -2378,7 +2378,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - } - - if (k >= 4 && strchr(a[3], '.') && -- ((new->broadcast.s_addr = inet_addr(a[3])) != (in_addr_t)-1)) -+ (inet_pton(AF_INET, a[3], &new->broadcast) > 0)) - { - new->flags |= CONTEXT_BRDCAST; - leasepos = 4; -@@ -2608,7 +2608,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - } - } - } -- else if (strchr(a[j], '.') && (in.s_addr = inet_addr(a[j])) != (in_addr_t)-1) -+ else if (strchr(a[j], '.') && (inet_pton(AF_INET, a[j], &in) > 0)) - { - struct dhcp_config *configs; - -@@ -2805,17 +2805,17 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - if (comma) - { - unhide_metas(comma); -- if ((dhcp_next_server.s_addr = inet_addr(comma)) == (in_addr_t)-1) { -- -- /* -- * The user may have specified the tftp hostname here. -- * save it so that it can be resolved/looked up during -- * actual dhcp_reply(). -- */ -- -- tftp_sname = opt_string_alloc(comma); -- dhcp_next_server.s_addr = 0; -- } -+ if (!(inet_pton(AF_INET, comma, &dhcp_next_server) > 0)) -+ { -+ /* -+ * The user may have specified the tftp hostname here. -+ * save it so that it can be resolved/looked up during -+ * actual dhcp_reply(). -+ */ -+ -+ tftp_sname = opt_string_alloc(comma); -+ dhcp_next_server.s_addr = 0; -+ } - } - } - -@@ -2828,7 +2828,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - new->next = daemon->boot_config; - daemon->boot_config = new; - } -- -+ - break; - } - -@@ -3144,7 +3144,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - while (arg) { - struct addr_list *new = opt_malloc(sizeof(struct addr_list)); - comma = split(arg); -- if ((new->addr.s_addr = inet_addr(arg)) == (in_addr_t)-1) -+ if (!(inet_pton(AF_INET, arg, &new->addr) > 0)) - ret_err(_("bad dhcp-proxy address")); - new->next = daemon->override_relays; - daemon->override_relays = new; -@@ -3187,15 +3187,15 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - dash = split_chr(a[0], '-'); - - if ((k < 2) || -- ((new->in.s_addr = inet_addr(a[0])) == (in_addr_t)-1) || -- ((new->out.s_addr = inet_addr(a[1])) == (in_addr_t)-1)) -+ (!(inet_pton(AF_INET, a[0], &new->in) > 0)) || -+ (!(inet_pton(AF_INET, a[1], &new->out) > 0))) - option = '?'; - - if (k == 3) -- new->mask.s_addr = inet_addr(a[2]); -+ inet_pton(AF_INET, a[2], &new->mask); - - if (dash && -- ((new->end.s_addr = inet_addr(dash)) == (in_addr_t)-1 || -+ (!(inet_pton(AF_INET, dash, &new->end) > 0) || - !is_same_net(new->in, new->end, new->mask) || - ntohl(new->in.s_addr) > ntohl(new->end.s_addr))) - ret_err(_("invalid alias range")); --- -1.8.1.4 - diff --git a/SOURCES/dnsmasq-2.66-rh1275626.patch b/SOURCES/dnsmasq-2.66-rh1275626.patch deleted file mode 100644 index a6171c8..0000000 --- a/SOURCES/dnsmasq-2.66-rh1275626.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- dnsmasq-2.66/src/dhcp-common.c.orig 2016-05-31 12:59:36.269904624 +0200 -+++ dnsmasq-2.66/src/dhcp-common.c 2016-05-31 12:58:49.929904889 +0200 -@@ -316,9 +316,10 @@ - - /* dhcpcd prefixes ASCII client IDs by zero which is wrong, but we try and - cope with that here */ -- if (!(context->flags & CONTEXT_V6) && *clid == 0 && config->clid_len == clid_len-1 && -+ if ((!context || !(context->flags & CONTEXT_V6)) && (!clid || *clid == 0) && -+ config->clid_len == clid_len-1 && - memcmp(config->clid, clid+1, clid_len-1) == 0 && -- is_config_in_context(context, config)) -+ (!context || is_config_in_context(context, config))) - return config; - } - diff --git a/SOURCES/dnsmasq-2.76-coverity.patch b/SOURCES/dnsmasq-2.76-coverity.patch new file mode 100644 index 0000000..87f41a0 --- /dev/null +++ b/SOURCES/dnsmasq-2.76-coverity.patch @@ -0,0 +1,254 @@ +From 7ab5d6bd1f8b018c73341f50a395405dee6873d8 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Wed, 15 Mar 2017 14:26:04 +0100 +Subject: [PATCH] Coverity fixes + +--- + src/dbus.c | 2 +- + src/dhcp-common.c | 2 +- + src/dhcp.c | 4 ++-- + src/dnsmasq.h | 2 +- + src/edns0.c | 2 ++ + src/inotify.c | 9 ++++++--- + src/lease.c | 4 ++-- + src/network.c | 8 ++++---- + src/option.c | 16 +++++++++++----- + src/tftp.c | 2 +- + src/util.c | 2 +- + 11 files changed, 32 insertions(+), 21 deletions(-) + +diff --git a/src/dbus.c b/src/dbus.c +index 2e1a48e..f27ec3e 100644 +--- a/src/dbus.c ++++ b/src/dbus.c +@@ -550,7 +550,7 @@ static DBusMessage *dbus_add_lease(DBusMessage* message) + "Invalid IP address '%s'", ipaddr); + + hw_len = parse_hex((char*)hwaddr, dhcp_chaddr, DHCP_CHADDR_MAX, NULL, &hw_type); +- if (hw_type == 0 && hw_len != 0) ++ if (hw_type == 0 && hw_len > 0) + hw_type = ARPHRD_ETHER; + + lease_set_hwaddr(lease, dhcp_chaddr, clid, hw_len, hw_type, +diff --git a/src/dhcp-common.c b/src/dhcp-common.c +index 08528e8..ebf06b6 100644 +--- a/src/dhcp-common.c ++++ b/src/dhcp-common.c +@@ -487,7 +487,7 @@ void bindtodevice(char *device, int fd) + { + struct ifreq ifr; + +- strcpy(ifr.ifr_name, device); ++ strncpy(ifr.ifr_name, device, IF_NAMESIZE-1); + /* only allowed by root. */ + if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr)) == -1 && + errno != EPERM) +diff --git a/src/dhcp.c b/src/dhcp.c +index 10f1fb9..37bb71e 100644 +--- a/src/dhcp.c ++++ b/src/dhcp.c +@@ -246,7 +246,7 @@ void dhcp_packet(time_t now, int pxe_fd) + } + else + { +- strncpy(ifr.ifr_name, bridge->iface, IF_NAMESIZE); ++ strncpy(ifr.ifr_name, bridge->iface, IF_NAMESIZE-1); + break; + } + } +@@ -270,7 +270,7 @@ void dhcp_packet(time_t now, int pxe_fd) + is_relay_reply = 1; + iov.iov_len = sz; + #ifdef HAVE_LINUX_NETWORK +- strncpy(arp_req.arp_dev, ifr.ifr_name, 16); ++ strncpy(arp_req.arp_dev, ifr.ifr_name, IF_NAMESIZE-1); + #endif + } + else +diff --git a/src/dnsmasq.h b/src/dnsmasq.h +index dfd15aa..1179492 100644 +--- a/src/dnsmasq.h ++++ b/src/dnsmasq.h +@@ -180,7 +180,7 @@ struct event_desc { + #define EC_INIT_OFFSET 10 + + /* Trust the compiler dead-code eliminator.... */ +-#define option_bool(x) (((x) < 32) ? daemon->options & (1u << (x)) : daemon->options2 & (1u << ((x) - 32))) ++#define option_bool(x) (((x) < 32) ? daemon->options & (1u << ((x)&0x1F)) : daemon->options2 & (1u << ((x) - 32))) + + #define OPT_BOGUSPRIV 0 + #define OPT_FILTER 1 +diff --git a/src/edns0.c b/src/edns0.c +index c7a101e..d2b514b 100644 +--- a/src/edns0.c ++++ b/src/edns0.c +@@ -263,6 +263,8 @@ static size_t add_dns_client(struct dns_header *header, size_t plen, unsigned ch + encode[8] = 0; + } + } ++ else ++ encode[0] = '\0'; + + return add_pseudoheader(header, plen, limit, PACKETSZ, EDNS0_OPTION_NOMDEVICEID, (unsigned char *)encode, strlen(encode), 0, replace); + } +diff --git a/src/inotify.c b/src/inotify.c +index 603ce9d..fcc0d97 100644 +--- a/src/inotify.c ++++ b/src/inotify.c +@@ -224,17 +224,20 @@ int inotify_check(time_t now) + + if (rc <= 0) + break; ++ else ++ inotify_buffer[rc] = '\0'; + + for (p = inotify_buffer; rc - (p - inotify_buffer) >= (int)sizeof(struct inotify_event); p += sizeof(struct inotify_event) + in->len) + { + in = (struct inotify_event*)p; +- ++ + for (res = daemon->resolv_files; res; res = res->next) +- if (res->wd == in->wd && in->len != 0 && strcmp(res->file, in->name) == 0) ++ if (res->wd == in->wd && in->len != 0 && strncmp(res->file, in->name, NAME_MAX) == 0) + hit = 1; + + /* ignore emacs backups and dotfiles */ +- if (in->len == 0 || ++ if (in->len == 0 || ++ in->len > NAME_MAX+1 || + in->name[in->len - 1] == '~' || + (in->name[0] == '#' && in->name[in->len - 1] == '#') || + in->name[0] == '.') +diff --git a/src/lease.c b/src/lease.c +index 20cac90..9ad106d 100644 +--- a/src/lease.c ++++ b/src/lease.c +@@ -827,9 +827,9 @@ void lease_set_hwaddr(struct dhcp_lease *lease, const unsigned char *hwaddr, + + if (hw_len != lease->hwaddr_len || + hw_type != lease->hwaddr_type || +- (hw_len != 0 && memcmp(lease->hwaddr, hwaddr, hw_len) != 0)) ++ (hw_len > 0 && memcmp(lease->hwaddr, hwaddr, hw_len) != 0)) + { +- if (hw_len != 0) ++ if (hw_len > 0) + memcpy(lease->hwaddr, hwaddr, hw_len); + lease->hwaddr_len = hw_len; + lease->hwaddr_type = hw_type; +diff --git a/src/network.c b/src/network.c +index 6119039..fcd9d8d 100644 +--- a/src/network.c ++++ b/src/network.c +@@ -188,7 +188,7 @@ int loopback_exception(int fd, int family, struct all_addr *addr, char *name) + struct ifreq ifr; + struct irec *iface; + +- strncpy(ifr.ifr_name, name, IF_NAMESIZE); ++ strncpy(ifr.ifr_name, name, IF_NAMESIZE-1); + if (ioctl(fd, SIOCGIFFLAGS, &ifr) != -1 && + ifr.ifr_flags & IFF_LOOPBACK) + { +@@ -1206,7 +1206,7 @@ int local_bind(int fd, union mysockaddr *addr, char *intname, int is_tcp) + return 0; + + #if defined(SO_BINDTODEVICE) +- if (intname[0] != 0 && ++ if (intname && intname[0] != 0 && + setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, intname, IF_NAMESIZE) == -1) + return 0; + #endif +@@ -1245,7 +1245,7 @@ static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) + /* may have a suitable one already */ + for (sfd = daemon->sfds; sfd; sfd = sfd->next ) + if (sockaddr_isequal(&sfd->source_addr, addr) && +- strcmp(intname, sfd->interface) == 0 && ++ intname && strcmp(intname, sfd->interface) == 0 && + ifindex == sfd->ifindex) + return sfd; + +@@ -1437,7 +1437,7 @@ void add_update_server(int flags, + serv->flags |= SERV_HAS_DOMAIN; + + if (interface) +- strcpy(serv->interface, interface); ++ strncpy(serv->interface, interface, sizeof(serv->interface)-1); + if (addr) + serv->addr = *addr; + if (source_addr) +diff --git a/src/option.c b/src/option.c +index 5503b79..eb78b1a 100644 +--- a/src/option.c ++++ b/src/option.c +@@ -3929,13 +3929,15 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma + + case LOPT_HOST_REC: /* --host-record */ + { +- struct host_record *new = opt_malloc(sizeof(struct host_record)); +- memset(new, 0, sizeof(struct host_record)); +- new->ttl = -1; ++ struct host_record *new; + + if (!arg || !(comma = split(arg))) + ret_err(_("Bad host-record")); + ++ new = opt_malloc(sizeof(struct host_record)); ++ memset(new, 0, sizeof(struct host_record)); ++ new->ttl = -1; ++ + while (arg) + { + struct all_addr addr; +@@ -3956,10 +3958,11 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma + { + int nomem; + char *canon = canonicalise(arg, &nomem); +- struct name_list *nl = opt_malloc(sizeof(struct name_list)); ++ struct name_list *nl; + if (!canon) + ret_err(_("Bad name in host-record")); + ++ nl = opt_malloc(sizeof(struct name_list)); + nl->name = canon; + /* keep order, so that PTR record goes to first name */ + nl->next = NULL; +@@ -4023,7 +4026,10 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma + !atoi_check8(algo, &new->algo) || + !atoi_check8(digest, &new->digest_type) || + !(new->name = canonicalise_opt(arg))) +- ret_err(_("bad trust anchor")); ++ { ++ free(new); ++ ret_err(_("bad trust anchor")); ++ } + + /* Upper bound on length */ + len = (2*strlen(keyhex))+1; +diff --git a/src/tftp.c b/src/tftp.c +index 5e4a32a..bd8c622 100644 +--- a/src/tftp.c ++++ b/src/tftp.c +@@ -234,7 +234,7 @@ void tftp_request(struct listener *listen, time_t now) + #endif + } + +- strncpy(ifr.ifr_name, name, IF_NAMESIZE); ++ strncpy(ifr.ifr_name, name, IF_NAMESIZE-1); + if (ioctl(listen->tftpfd, SIOCGIFMTU, &ifr) != -1) + { + mtu = ifr.ifr_mtu; +diff --git a/src/util.c b/src/util.c +index 93b24f5..1a9f228 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -491,7 +491,7 @@ int parse_hex(char *in, unsigned char *out, int maxlen, + int j, bytes = (1 + (r - in))/2; + for (j = 0; j < bytes; j++) + { +- char sav = sav; ++ char sav; + if (j < bytes - 1) + { + sav = in[(j+1)*2]; +-- +2.9.3 + diff --git a/SOURCES/dnsmasq-2.76-dns-sleep-resume.patch b/SOURCES/dnsmasq-2.76-dns-sleep-resume.patch new file mode 100644 index 0000000..4271d8d --- /dev/null +++ b/SOURCES/dnsmasq-2.76-dns-sleep-resume.patch @@ -0,0 +1,119 @@ +From 2675f2061525bc954be14988d64384b74aa7bf8b Mon Sep 17 00:00:00 2001 +From: Beniamino Galvani +Date: Sun, 28 Aug 2016 20:44:05 +0100 +Subject: [PATCH] Handle binding upstream servers to an interface + (--server=1.2.3.4@eth0) when the named interface is destroyed and recreated + in the kernel. + +--- + CHANGELOG | 5 +++++ + src/dnsmasq.h | 1 + + src/network.c | 31 +++++++++++++++++++++++++++++-- + 3 files changed, 35 insertions(+), 2 deletions(-) + +diff --git a/src/dnsmasq.h b/src/dnsmasq.h +index 27385a9..f239ce5 100644 +--- a/src/dnsmasq.h ++++ b/src/dnsmasq.h +@@ -488,6 +488,7 @@ struct serverfd { + int fd; + union mysockaddr source_addr; + char interface[IF_NAMESIZE+1]; ++ unsigned int ifindex, used; + struct serverfd *next; + }; + +diff --git a/src/network.c b/src/network.c +index e7722fd..ddf8d31 100644 +--- a/src/network.c ++++ b/src/network.c +@@ -1204,6 +1204,7 @@ int local_bind(int fd, union mysockaddr *addr, char *intname, int is_tcp) + static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) + { + struct serverfd *sfd; ++ unsigned int ifindex = 0; + int errsave; + + /* when using random ports, servers which would otherwise use +@@ -1224,11 +1225,15 @@ static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) + return NULL; + #endif + } ++ ++ if (intname && strlen(intname) != 0) ++ ifindex = if_nametoindex(intname); /* index == 0 when not binding to an interface */ + + /* may have a suitable one already */ + for (sfd = daemon->sfds; sfd; sfd = sfd->next ) + if (sockaddr_isequal(&sfd->source_addr, addr) && +- strcmp(intname, sfd->interface) == 0) ++ strcmp(intname, sfd->interface) == 0 && ++ ifindex == sfd->ifindex) + return sfd; + + /* need to make a new one. */ +@@ -1250,11 +1255,13 @@ static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) + errno = errsave; + return NULL; + } +- ++ + strcpy(sfd->interface, intname); + sfd->source_addr = *addr; + sfd->next = daemon->sfds; ++ sfd->ifindex = ifindex; + daemon->sfds = sfd; ++ + return sfd; + } + +@@ -1429,12 +1436,16 @@ void check_servers(void) + { + struct irec *iface; + struct server *serv; ++ struct serverfd *sfd, *tmp, **up; + int port = 0, count; + + /* interface may be new since startup */ + if (!option_bool(OPT_NOWILD)) + enumerate_interfaces(0); + ++ for (sfd = daemon->sfds; sfd; sfd = sfd->next) ++ sfd->used = 0; ++ + #ifdef HAVE_DNSSEC + /* Disable DNSSEC validation when using server=/domain/.... servers + unless there's a configured trust anchor. */ +@@ -1505,6 +1516,8 @@ void check_servers(void) + serv->flags |= SERV_MARK; + continue; + } ++ ++ serv->sfd->used = 1; + } + + if (!(serv->flags & SERV_NO_REBIND) && !(serv->flags & SERV_LITERAL_ADDRESS)) +@@ -1547,6 +1560,20 @@ void check_servers(void) + if (count - 1 > SERVERS_LOGGED) + my_syslog(LOG_INFO, _("using %d more nameservers"), count - SERVERS_LOGGED - 1); + ++ /* Remove unused sfds */ ++ for (sfd = daemon->sfds, up = &daemon->sfds; sfd; sfd = tmp) ++ { ++ tmp = sfd->next; ++ if (!sfd->used) ++ { ++ *up = sfd->next; ++ close(sfd->fd); ++ free(sfd); ++ } ++ else ++ up = &sfd->next; ++ } ++ + cleanup_servers(); + } + +-- +2.7.4 + diff --git a/SOURCES/dnsmasq-2.76-fix-crash-dns-resume.patch b/SOURCES/dnsmasq-2.76-fix-crash-dns-resume.patch new file mode 100644 index 0000000..2857de0 --- /dev/null +++ b/SOURCES/dnsmasq-2.76-fix-crash-dns-resume.patch @@ -0,0 +1,29 @@ +From 16800ea072dd0cdf14d951c4bb8d2808b3dfe53d Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Tue, 30 Aug 2016 23:07:06 +0100 +Subject: [PATCH] Fix crash introduced in + 2675f2061525bc954be14988d64384b74aa7bf8b + +--- + src/network.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/src/network.c b/src/network.c +index ddf8d31..d87d08f 100644 +--- a/src/network.c ++++ b/src/network.c +@@ -1516,8 +1516,9 @@ void check_servers(void) + serv->flags |= SERV_MARK; + continue; + } +- +- serv->sfd->used = 1; ++ ++ if (serv->sfd) ++ serv->sfd->used = 1; + } + + if (!(serv->flags & SERV_NO_REBIND) && !(serv->flags & SERV_LITERAL_ADDRESS)) +-- +2.9.3 + diff --git a/SOURCES/dnsmasq-2.76-fix-dhcp-option-arrangements.patch b/SOURCES/dnsmasq-2.76-fix-dhcp-option-arrangements.patch new file mode 100644 index 0000000..7155b0f --- /dev/null +++ b/SOURCES/dnsmasq-2.76-fix-dhcp-option-arrangements.patch @@ -0,0 +1,49 @@ +From 591ed1e90503817938ccf5f127e677a8dd48b6d8 Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Mon, 11 Jul 2016 18:18:42 +0100 +Subject: [PATCH] Fix bad behaviour with some DHCP option arrangements. + +The check that there's enough space to store the DHCP agent-id +at the end of the packet could succeed when it should fail +if the END option is in either of the oprion-overload areas. +That could overwrite legit options in the request and cause +bad behaviour. It's highly unlikely that any sane DHCP client +would trigger this bug, and it's never been seen, but this +fixes the problem. + +Also fix off-by-one in bounds checking of option processing. +Worst case scenario on that is a read one byte beyond the +end off a buffer with a crafted packet, and maybe therefore +a SIGV crash if the memory after the buffer is not mapped. + +Thanks to Timothy Becker for spotting these. +--- + src/rfc2131.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/src/rfc2131.c b/src/rfc2131.c +index b7c167e..8b99d4b 100644 +--- a/src/rfc2131.c ++++ b/src/rfc2131.c +@@ -186,7 +186,8 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index, + be enough free space at the end of the packet to copy the option. */ + unsigned char *sopt; + unsigned int total = option_len(opt) + 2; +- unsigned char *last_opt = option_find(mess, sz, OPTION_END, 0); ++ unsigned char *last_opt = option_find1(&mess->options[0] + sizeof(u32), ((unsigned char *)mess) + sz, ++ OPTION_END, 0); + if (last_opt && last_opt < end - total) + { + end -= total; +@@ -1606,7 +1607,7 @@ static unsigned char *option_find1(unsigned char *p, unsigned char *end, int opt + { + while (1) + { +- if (p > end) ++ if (p >= end) + return NULL; + else if (*p == OPTION_END) + return opt == OPTION_END ? p : NULL; +-- +2.9.3 + diff --git a/SOURCES/dnsmasq-2.76-label-man.patch b/SOURCES/dnsmasq-2.76-label-man.patch new file mode 100644 index 0000000..74514bd --- /dev/null +++ b/SOURCES/dnsmasq-2.76-label-man.patch @@ -0,0 +1,36 @@ +From 6eaafb18e56928881bae371ba8bb05ee93f55d54 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Tue, 14 Mar 2017 15:24:58 +0100 +Subject: [PATCH 2/2] Document real behaviour of labels with --interface + +--- + man/dnsmasq.8 | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 +index 523c823..6e93cf1 100644 +--- a/man/dnsmasq.8 ++++ b/man/dnsmasq.8 +@@ -203,12 +203,14 @@ or + options are given dnsmasq listens on all available interfaces except any + given in + .B \--except-interface +-options. IP alias interfaces (eg "eth1:0") cannot be used with +-.B --interface ++options. IP alias interface names (eg "eth1:0") can be used only in ++.B \--bind-interfaces + or +-.B --except-interface +-options, use --listen-address instead. A simple wildcard, consisting +-of a trailing '*', can be used in ++.B \--bind-dynamic ++mode. Use ++.B \--listen-address ++in the default mode instead. A simple wildcard, consisting of a trailing '*', ++can be used in + .B \--interface + and + .B \--except-interface +-- +2.9.3 + diff --git a/SOURCES/dnsmasq-2.76-label-warning.patch b/SOURCES/dnsmasq-2.76-label-warning.patch new file mode 100644 index 0000000..7c156ab --- /dev/null +++ b/SOURCES/dnsmasq-2.76-label-warning.patch @@ -0,0 +1,93 @@ +From c3d10a1132ada7baa80914f61abb720f94400465 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Tue, 14 Mar 2017 15:23:22 +0100 +Subject: [PATCH 1/2] Warn when using label in default mode + +--- + src/dnsmasq.c | 2 ++ + src/dnsmasq.h | 3 ++- + src/network.c | 13 +++++++++++++ + 3 files changed, 17 insertions(+), 1 deletion(-) + +diff --git a/src/dnsmasq.c b/src/dnsmasq.c +index 456b0e8..d2cc7cc 100644 +--- a/src/dnsmasq.c ++++ b/src/dnsmasq.c +@@ -771,6 +771,8 @@ int main (int argc, char **argv) + + if (option_bool(OPT_NOWILD)) + warn_bound_listeners(); ++ else if (!option_bool(OPT_CLEVERBIND)) ++ warn_wild_labels(); + + warn_int_names(); + +diff --git a/src/dnsmasq.h b/src/dnsmasq.h +index a27fbc1..6b44e53 100644 +--- a/src/dnsmasq.h ++++ b/src/dnsmasq.h +@@ -522,7 +522,7 @@ struct ipsets { + struct irec { + union mysockaddr addr; + struct in_addr netmask; /* only valid for IPv4 */ +- int tftp_ok, dhcp_ok, mtu, done, warned, dad, dns_auth, index, multicast_done, found; ++ int tftp_ok, dhcp_ok, mtu, done, warned, dad, dns_auth, index, multicast_done, found, label; + char *name; + struct irec *next; + }; +@@ -1252,6 +1252,7 @@ int enumerate_interfaces(int reset); + void create_wildcard_listeners(void); + void create_bound_listeners(int die); + void warn_bound_listeners(void); ++void warn_wild_labels(void); + void warn_int_names(void); + int is_dad_listeners(void); + int iface_check(int family, struct all_addr *addr, char *name, int *auth_dns); +diff --git a/src/network.c b/src/network.c +index eb41624..e5ceb76 100644 +--- a/src/network.c ++++ b/src/network.c +@@ -244,6 +244,7 @@ static int iface_allowed(struct iface_param *param, int if_index, char *label, + int tftp_ok = !!option_bool(OPT_TFTP); + int dhcp_ok = 1; + int auth_dns = 0; ++ int is_label = 0; + #if defined(HAVE_DHCP) || defined(HAVE_TFTP) + struct iname *tmp; + #endif +@@ -264,6 +265,8 @@ static int iface_allowed(struct iface_param *param, int if_index, char *label, + + if (!label) + label = ifr.ifr_name; ++ else ++ is_label = strcmp(label, ifr.ifr_name); + + /* maintain a list of all addresses on all interfaces for --local-service option */ + if (option_bool(OPT_LOCAL_SERVICE)) +@@ -482,6 +485,7 @@ static int iface_allowed(struct iface_param *param, int if_index, char *label, + iface->found = 1; + iface->done = iface->multicast_done = iface->warned = 0; + iface->index = if_index; ++ iface->label = is_label; + if ((iface->name = whine_malloc(strlen(ifr.ifr_name)+1))) + { + strcpy(iface->name, ifr.ifr_name); +@@ -1034,6 +1038,15 @@ void warn_bound_listeners(void) + my_syslog(LOG_WARNING, _("LOUD WARNING: use --bind-dynamic rather than --bind-interfaces to avoid DNS amplification attacks via these interface(s)")); + } + ++void warn_wild_labels(void) ++{ ++ struct irec *iface; ++ ++ for (iface = daemon->interfaces; iface; iface = iface->next) ++ if (iface->found && iface->name && iface->label) ++ my_syslog(LOG_WARNING, _("warning: using interface %s instead"), iface->name); ++} ++ + void warn_int_names(void) + { + struct interface_name *intname; +-- +2.9.3 + diff --git a/SOURCES/dnsmasq-2.76-pftables.patch b/SOURCES/dnsmasq-2.76-pftables.patch new file mode 100644 index 0000000..fffd3a2 --- /dev/null +++ b/SOURCES/dnsmasq-2.76-pftables.patch @@ -0,0 +1,149 @@ +From 396750cef533cf72c7e6a72e47a9c93e2e431cb7 Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Sat, 13 Aug 2016 22:34:11 +0100 +Subject: [PATCH] Refactor openBSD pftables code to remove blatant copyright + violation. + +--- + src/tables.c | 90 +++++++++++++++++++++--------------------------------------- + 1 file changed, 32 insertions(+), 58 deletions(-) + +diff --git a/src/tables.c b/src/tables.c +index aae1252..4fa3487 100644 +--- a/src/tables.c ++++ b/src/tables.c +@@ -53,52 +53,6 @@ static char *pfr_strerror(int errnum) + } + } + +-static int pfr_add_tables(struct pfr_table *tbl, int size, int *nadd, int flags) +-{ +- struct pfioc_table io; +- +- if (size < 0 || (size && tbl == NULL)) +- { +- errno = EINVAL; +- return (-1); +- } +- bzero(&io, sizeof io); +- io.pfrio_flags = flags; +- io.pfrio_buffer = tbl; +- io.pfrio_esize = sizeof(*tbl); +- io.pfrio_size = size; +- if (ioctl(dev, DIOCRADDTABLES, &io)) +- return (-1); +- if (nadd != NULL) +- *nadd = io.pfrio_nadd; +- return (0); +-} +- +-static int fill_addr(const struct all_addr *ipaddr, int flags, struct pfr_addr* addr) { +- if ( !addr || !ipaddr) +- { +- my_syslog(LOG_ERR, _("error: fill_addr missused")); +- return -1; +- } +- bzero(addr, sizeof(*addr)); +-#ifdef HAVE_IPV6 +- if (flags & F_IPV6) +- { +- addr->pfra_af = AF_INET6; +- addr->pfra_net = 0x80; +- memcpy(&(addr->pfra_ip6addr), &(ipaddr->addr), sizeof(struct in6_addr)); +- } +- else +-#endif +- { +- addr->pfra_af = AF_INET; +- addr->pfra_net = 0x20; +- addr->pfra_ip4addr.s_addr = ipaddr->addr.addr4.s_addr; +- } +- return 1; +-} +- +-/*****************************************************************************/ + + void ipset_init(void) + { +@@ -111,14 +65,13 @@ void ipset_init(void) + } + + int add_to_ipset(const char *setname, const struct all_addr *ipaddr, +- int flags, int remove) ++ int flags, int remove) + { + struct pfr_addr addr; + struct pfioc_table io; + struct pfr_table table; +- int n = 0, rc = 0; + +- if ( dev == -1 ) ++ if (dev == -1) + { + my_syslog(LOG_ERR, _("warning: no opened pf devices %s"), pf_device); + return -1; +@@ -126,31 +79,52 @@ int add_to_ipset(const char *setname, const struct all_addr *ipaddr, + + bzero(&table, sizeof(struct pfr_table)); + table.pfrt_flags |= PFR_TFLAG_PERSIST; +- if ( strlen(setname) >= PF_TABLE_NAME_SIZE ) ++ if (strlen(setname) >= PF_TABLE_NAME_SIZE) + { + my_syslog(LOG_ERR, _("error: cannot use table name %s"), setname); + errno = ENAMETOOLONG; + return -1; + } + +- if ( strlcpy(table.pfrt_name, setname, +- sizeof(table.pfrt_name)) >= sizeof(table.pfrt_name)) ++ if (strlcpy(table.pfrt_name, setname, ++ sizeof(table.pfrt_name)) >= sizeof(table.pfrt_name)) + { + my_syslog(LOG_ERR, _("error: cannot strlcpy table name %s"), setname); + return -1; + } + +- if ((rc = pfr_add_tables(&table, 1, &n, 0))) ++ bzero(&io, sizeof io); ++ io.pfrio_flags = 0; ++ io.pfrio_buffer = &table; ++ io.pfrio_esize = sizeof(table); ++ io.pfrio_size = 1; ++ if (ioctl(dev, DIOCRADDTABLES, &io)) + { +- my_syslog(LOG_WARNING, _("warning: pfr_add_tables: %s(%d)"), +- pfr_strerror(errno),rc); ++ my_syslog(LOG_WARNING, _("IPset: error:%s"), pfr_strerror(errno)); ++ + return -1; + } ++ + table.pfrt_flags &= ~PFR_TFLAG_PERSIST; +- if (n) ++ if (io.pfrio_nadd) + my_syslog(LOG_INFO, _("info: table created")); +- +- fill_addr(ipaddr,flags,&addr); ++ ++ bzero(&addr, sizeof(addr)); ++#ifdef HAVE_IPV6 ++ if (flags & F_IPV6) ++ { ++ addr.pfra_af = AF_INET6; ++ addr.pfra_net = 0x80; ++ memcpy(&(addr.pfra_ip6addr), &(ipaddr->addr), sizeof(struct in6_addr)); ++ } ++ else ++#endif ++ { ++ addr.pfra_af = AF_INET; ++ addr.pfra_net = 0x20; ++ addr.pfra_ip4addr.s_addr = ipaddr->addr.addr4.s_addr; ++ } ++ + bzero(&io, sizeof(io)); + io.pfrio_flags = 0; + io.pfrio_table = table; +-- +2.9.3 + diff --git a/SOURCES/dnsmasq-2.76-warning-fixes.patch b/SOURCES/dnsmasq-2.76-warning-fixes.patch new file mode 100644 index 0000000..8b0bea8 --- /dev/null +++ b/SOURCES/dnsmasq-2.76-warning-fixes.patch @@ -0,0 +1,60 @@ +From 13dee6f49e1d035b8069947be84ee8da2af0c420 Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Tue, 28 Feb 2017 16:51:58 +0000 +Subject: [PATCH] Compilation warning fixes. + +--- + src/dbus.c | 9 ++++----- + src/option.c | 3 ++- + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/dbus.c b/src/dbus.c +index 7e0d342..2e1a48e 100644 +--- a/src/dbus.c ++++ b/src/dbus.c +@@ -549,17 +549,16 @@ static DBusMessage *dbus_add_lease(DBusMessage* message) + return dbus_message_new_error_printf(message, DBUS_ERROR_INVALID_ARGS, + "Invalid IP address '%s'", ipaddr); + +- hw_len = parse_hex((char*)hwaddr, dhcp_chaddr, DHCP_CHADDR_MAX, NULL, +- &hw_type); ++ hw_len = parse_hex((char*)hwaddr, dhcp_chaddr, DHCP_CHADDR_MAX, NULL, &hw_type); + if (hw_type == 0 && hw_len != 0) + hw_type = ARPHRD_ETHER; +- +- lease_set_hwaddr(lease, dhcp_chaddr, clid, hw_len, hw_type, ++ ++ lease_set_hwaddr(lease, dhcp_chaddr, clid, hw_len, hw_type, + clid_len, now, 0); + lease_set_expires(lease, expires, now); + if (hostname_len != 0) + lease_set_hostname(lease, hostname, 0, get_domain(lease->addr), NULL); +- ++ + lease_update_file(now); + lease_update_dns(0); + +diff --git a/src/option.c b/src/option.c +index 4a5ef5f..e03b1e3 100644 +--- a/src/option.c ++++ b/src/option.c +@@ -4089,7 +4089,7 @@ static void read_file(char *file, FILE *f, int hard_opt) + { + int white, i; + volatile int option = (hard_opt == LOPT_REV_SERV) ? 0 : hard_opt; +- char *errmess, *p, *arg = NULL, *start; ++ char *errmess, *p, *arg, *start; + size_t len; + + /* Memory allocation failure longjmps here if mem_recover == 1 */ +@@ -4100,6 +4100,7 @@ static void read_file(char *file, FILE *f, int hard_opt) + mem_recover = 1; + } + ++ arg = NULL; + lineno++; + errmess = NULL; + +-- +2.9.3 + diff --git a/SPECS/dnsmasq.spec b/SPECS/dnsmasq.spec index 7b152d5..8a6450a 100644 --- a/SPECS/dnsmasq.spec +++ b/SPECS/dnsmasq.spec @@ -12,68 +12,32 @@ %define _hardened_build 1 Name: dnsmasq -Version: 2.66 -Release: 21%{?extraversion}%{?dist} +Version: 2.76 +Release: 2%{?extraversion}%{?dist} Summary: A lightweight DHCP/caching DNS server Group: System Environment/Daemons -License: GPLv2 +License: GPLv2 or GPLv3 URL: http://www.thekelleys.org.uk/dnsmasq/ Source0: http://www.thekelleys.org.uk/dnsmasq/%{?extrapath}%{name}-%{version}%{?extraversion}.tar.gz Source1: %{name}.service +# upstream git: git://thekelleys.org.uk/dnsmasq.git -#include upstream bug fix patches committed after stable release -# commit 4582c0efe7d7af93517b1f3bcc7af67685ab3e5c -Patch0: %{name}-2.66-Fix-wrong_size_in_memset_call.patch -# commit bd08ae67f9a0cae2ce15be885254cad9449d4551 -Patch1: %{name}-2.66-Allow-option_number_zero_in_encapsulated_DHCP_options.patch -# commit 4b5ea12e90024ade5033b3b83a8b2620035952ba -Patch2: %{name}-2.66-Send-TCP-DNS-messages-in-one-write-call.patch -# commit 797a7afba477390bc016c647cfb792c85ee6102d -Patch3: %{name}-2.66-Fix-crash-on-SERVFAIL-when-using-conntrack.patch -# commit aa63a21ce0b20dfe988e0bcdf14b8b930de20311 -Patch4: %{name}-2.66-Fix-regression-in-dhcp_lease_time-utility.patch -# commit a66d36ea1112c861ad2f11ed40cc26973873e5be -Patch5: %{name}-2.66-Manpage-typos.patch -# commit 1c10b9de118c951a5aedc130e55101987dcc3feb -Patch6: %{name}-2.66-Note-that-dhcp_lease_time-and-dhcp_release-work-for-IPv4.patch -# commit 86e92f998379d219e10517dfa2c42f544ba164ce -Patch7: %{name}-2.66-dhcp-match-now-work-with-BOOTP.patch -# commit 7abb69b5dc8dbe369be36bd7bf23c039b036acd1 -Patch8: %{name}-2.66-Tighten_checks_in_legal_hostname.patch -# commit ddd9a6b499ae601231070854c562611a79e004c0 -Patch9: %{name}-2.66-replace-inet_addr-with-inet_pton-in-option-c.patch -# commit b915f837c1db9b8b095158b41028ea71246d68d -Patch10: %{name}-2.66-Use-dnsmasq-as-default-DNS-server-for-RA-only-if-it-is-doing-DNS.patch -# commit 3f2873d42c4d7e7dba32b6e64a3687d43928bc8e - Bug #962246 -Patch11: %{name}-2.66-Handle_IPv4_interface_address_labels_in_Linux.patch -# commit cfcad42ff1ddee8e64d120f18016a654152d0215 - Bug #962874 -Patch12: %{name}-2.66-Fix_failure_to_start_with_ENOTSOCK.patch -# commit 3e8ed78bf1b2649b13129327700d5d55bd2040e2 -Patch13: %{name}-2.66-Fix-option-parsing-for-dhcp-host.patch -# commit baa80ae5125beabd49edae2cdfaf3817a88a2ab6 -Patch14: %{name}-2.66-Remove-limit-in-prefix-length-in-auth-zone.patch -# commit 0da5e8979b5e5466d0f7bb836f2716cbcf1d4589 -Patch15: %{name}-2.66-Log-forwarding-table-overflows.patch -# commit 429805dbbc3888abc0d472c45935e92057964384 -Patch16: %{name}-2.66-Allow-constructed-ranges-from-interface-address-at-end-of-range.patch -# commit e2ba0df2d4798e52e188c2f7f74613867d5aa82a -Patch17: %{name}-2.66-Dont-BIND-DHCP-socket-if-more-interfaces-may-come.patch -# commit 625ac28c61b0a5e6a252db00d72fbac6d88718fd -Patch18: %{name}-2.66-Fix_crash_with_empty_DHCP_string_options.patch -# commit ffbad34b310ab2db6a686c85f5c0a0e52c0680c8 -Patch19: %{name}-2.66-Set-SOREUSEADDR-as-well-as-SOREUSEPORT-on-DHCP-socke.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=1179756 -Patch20: %{name}-2.66-Support-IPv6-assignment-based-on-MAC-for-DHCPv6.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=1232677 -Patch21: %{name}-2.66-dhcp-v4-v6.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=1275626 -Patch22: %{name}-2.66-rh1275626.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=1358427 -Patch23: %{name}-2.66-numeric-hostnames.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1367772 -Patch24: %{name}-2.66-dns-sleep-resume.patch - +# commit 2675f2061525bc954be14988d64384b74aa7bf8b +# after v2.76 +Patch1: dnsmasq-2.76-dns-sleep-resume.patch +# commit 591ed1e90503817938ccf5f127e677a8dd48b6d8 +Patch2: dnsmasq-2.76-fix-dhcp-option-arrangements.patch +# commit 396750cef533cf72c7e6a72e47a9c93e2e431cb7 +Patch3: dnsmasq-2.76-pftables.patch +# commit 16800ea072dd0cdf14d951c4bb8d2808b3dfe53d +Patch4: dnsmasq-2.76-fix-crash-dns-resume.patch +# commit 13dee6f49e1d035b8069947be84ee8da2af0c420 +Patch5: dnsmasq-2.76-warning-fixes.patch +Patch6: dnsmasq-2.76-label-warning.patch +Patch7: dnsmasq-2.76-label-man.patch +Patch8: dnsmasq-2.76-coverity.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -109,31 +73,14 @@ query/remove a DHCP server's leases. %prep %setup -q -n %{name}-%{version}%{?extraversion} -%patch0 -p1 -b .wrong_size -%patch1 -p1 -b .zero_DHCP_option -%patch2 -p1 -b .tcp_dns_in_one_packet -%patch3 -p1 -b .SERVFAIL_crash -%patch4 -p1 -b .dhcp_lease_time-regression +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 %patch5 -p1 -%patch6 -p1 -b .utils_work_only_ipv4 -%patch7 -p1 -b .dhcp-match_bootp -%patch8 -p1 -b .hosname_checks -%patch9 -p1 -b .inet_pton -%patch10 -p1 -b .default_dns_server -%patch11 -p1 -b .interface_aliases -%patch12 -p1 -b .enotsock_failure -%patch13 -p1 -b .option_parsing -%patch14 -p1 -b .auth_zone_limit -%patch15 -p1 -b .log_overflow -%patch16 -p1 -b .constr_range -%patch17 -p1 -b .bindtodevice -%patch18 -p1 -b .empty_dhcp_opts -%patch19 -p1 -b .reuseport -%patch20 -p1 -%patch21 -p1 -%patch22 -p1 -%patch23 -p1 -%patch24 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 -b .coverity # use /var/lib/dnsmasq instead of /var/lib/misc for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do @@ -146,13 +93,17 @@ sed -i 's|/\* #define HAVE_DBUS \*/|#define HAVE_DBUS|g' src/config.h #enable IDN support sed -i 's|/\* #define HAVE_IDN \*/|#define HAVE_IDN|g' src/config.h -#enable /etc/dnsmasq.d fix bz 526703 -sed -i 's|#conf-dir=/etc/dnsmasq.d|conf-dir=/etc/dnsmasq.d|g' dnsmasq.conf.example +#enable /etc/dnsmasq.d fix bz 526703, ignore RPM backup files +cat << EOF >> dnsmasq.conf.example + +# Include all files in /etc/dnsmasq.d except RPM backup files +conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig +EOF %build make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS" -make -C contrib/wrt %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS" +make -C contrib/lease-tools %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS" %install @@ -171,10 +122,12 @@ install -m 644 man/dnsmasq.8 $RPM_BUILD_ROOT%{_mandir}/man8/ # utils sub package mkdir -p $RPM_BUILD_ROOT%{_bindir} \ $RPM_BUILD_ROOT%{_mandir}/man1 -install -m 755 contrib/wrt/dhcp_release $RPM_BUILD_ROOT%{_bindir}/dhcp_release -install -m 644 contrib/wrt/dhcp_release.1 $RPM_BUILD_ROOT%{_mandir}/man1/dhcp_release.1 -install -m 755 contrib/wrt/dhcp_lease_time $RPM_BUILD_ROOT%{_bindir}/dhcp_lease_time -install -m 644 contrib/wrt/dhcp_lease_time.1 $RPM_BUILD_ROOT%{_mandir}/man1/dhcp_lease_time.1 +install -m 755 contrib/lease-tools/dhcp_release $RPM_BUILD_ROOT%{_bindir}/dhcp_release +install -m 644 contrib/lease-tools/dhcp_release.1 $RPM_BUILD_ROOT%{_mandir}/man1/dhcp_release.1 +install -m 755 contrib/lease-tools/dhcp_release6 $RPM_BUILD_ROOT%{_bindir}/dhcp_release6 +install -m 644 contrib/lease-tools/dhcp_release6.1 $RPM_BUILD_ROOT%{_mandir}/man1/dhcp_release6.1 +install -m 755 contrib/lease-tools/dhcp_lease_time $RPM_BUILD_ROOT%{_bindir}/dhcp_lease_time +install -m 644 contrib/lease-tools/dhcp_lease_time.1 $RPM_BUILD_ROOT%{_mandir}/man1/dhcp_lease_time.1 # Systemd mkdir -p %{buildroot}%{_unitdir} @@ -200,7 +153,7 @@ rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root,-) -%doc CHANGELOG COPYING FAQ doc.html setup.html dbus/DBus-interface +%doc CHANGELOG COPYING COPYING-v3 FAQ doc.html setup.html dbus/DBus-interface %config(noreplace) %attr(644,root,root) %{_sysconfdir}/dnsmasq.conf %dir /etc/dnsmasq.d %dir %{_var}/lib/dnsmasq @@ -214,6 +167,17 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man1/dhcp_* %changelog +* Wed Mar 15 2017 Petr Menšík - 2.76-2 +- Fix a few coverity warnings +- package is dual-licensed GPL v2 or v3 +- don't include /etc/dnsmasq.d in triplicate, ignore RPM backup files instead + +* Tue Feb 21 2017 Petr Menšík - 2.76-1 +- Rebase to 2.76 (#1375527) +- Include also dhcp_release6 (#1375569) +- Fix compilation warnings +- Correct manual about interface aliases, warn if used without --bind* + * Tue Sep 13 2016 Pavel Šimerda - 2.66-21 - Related: #1367772 - fix dns server update