cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/001-include_0_0_0_0_8_in_DNS_rebind_checks.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/002-enhance_add_subnet_to_allow_arbitary_subnet_addresses.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/003-dont_answer_non_auth_queries_for_auth_zones_locally_when_localise_queries_set.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/004-fix_behaviour_of_empty_dhcp-option.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/005-suggest_solution_to_ENOMEM_error_with_IPv6_multicast.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/006-clarify_man_page_on_RDNSS_set_in_router_advertisement.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/007-handle_signed_dangling_CNAME_replies_to_DS_queries.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/008-DHCPv6_option_56_does_not_hold_an_address_list.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/009-Respect_the_--no_resolv_flag_in_inotify_code.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch
cd $(DIR_APP) && sed -i src/config.h \
--- /dev/null
+From 5e3e464ac4022ee0b3794513abe510817e2cf3ca Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Tue, 25 Aug 2015 23:08:39 +0100
+Subject: [PATCH] Fix behaviour of empty dhcp-option=option6:dns-server, which
+ should inhibit sending option.
+
+---
+ src/rfc3315.c | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/src/rfc3315.c b/src/rfc3315.c
+index 2665d0d..3f1f9ee 100644
+--- a/src/rfc3315.c
++++ b/src/rfc3315.c
+@@ -1320,15 +1320,16 @@ static struct dhcp_netid *add_options(struct state *state, int do_refresh)
+
+ if (opt_cfg->opt == OPTION6_REFRESH_TIME)
+ done_refresh = 1;
++
++ if (opt_cfg->opt == OPTION6_DNS_SERVER)
++ done_dns = 1;
+
+- if (opt_cfg->flags & DHOPT_ADDR6)
++ /* Empty DNS_SERVER option will not set DHOPT_ADDR6 */
++ if ((opt_cfg->flags & DHOPT_ADDR6) || opt_cfg->opt == OPTION6_DNS_SERVER)
+ {
+ int len, j;
+ struct in6_addr *a;
+
+- if (opt_cfg->opt == OPTION6_DNS_SERVER)
+- done_dns = 1;
+-
+ for (a = (struct in6_addr *)opt_cfg->val, len = opt_cfg->len, j = 0;
+ j < opt_cfg->len; j += IN6ADDRSZ, a++)
+ if ((IN6_IS_ADDR_ULA_ZERO(a) && IN6_IS_ADDR_UNSPECIFIED(state->ula_addr)) ||
+--
+1.7.10.4
+
--- /dev/null
+From 9cdcfe9f19ffd45bac4e5b459879bf7c50a287ed Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Wed, 26 Aug 2015 22:38:08 +0100
+Subject: [PATCH] Suggest solution to ENOMEM error with IPv6 multicast.
+
+---
+ src/network.c | 13 ++++++++++---
+ 1 file changed, 10 insertions(+), 3 deletions(-)
+
+diff --git a/src/network.c b/src/network.c
+index a1d90c8..819302f 100644
+--- a/src/network.c
++++ b/src/network.c
+@@ -1076,23 +1076,30 @@ void join_multicast(int dienow)
+
+ if ((daemon->doing_dhcp6 || daemon->relay6) &&
+ setsockopt(daemon->dhcp6fd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq, sizeof(mreq)) == -1)
+- err = 1;
++ err = errno;
+
+ inet_pton(AF_INET6, ALL_SERVERS, &mreq.ipv6mr_multiaddr);
+
+ if (daemon->doing_dhcp6 &&
+ setsockopt(daemon->dhcp6fd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq, sizeof(mreq)) == -1)
+- err = 1;
++ err = errno;
+
+ inet_pton(AF_INET6, ALL_ROUTERS, &mreq.ipv6mr_multiaddr);
+
+ if (daemon->doing_ra &&
+ setsockopt(daemon->icmp6fd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq, sizeof(mreq)) == -1)
+- err = 1;
++ err = errno;
+
+ if (err)
+ {
+ char *s = _("interface %s failed to join DHCPv6 multicast group: %s");
++ errno = err;
++
++#ifdef HAVE_LINUX_NETWORK
++ if (errno == ENOMEM)
++ my_syslog(LOG_ERR, _("try increasing /proc/sys/net/core/optmem_max"));
++#endif
++
+ if (dienow)
+ die(s, iface->name, EC_BADNET);
+ else
+--
+1.7.10.4
+
--- /dev/null
+From 20fd11e11a9d09edcea94de135396ae1541fbbab Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Wed, 26 Aug 2015 22:48:13 +0100
+Subject: [PATCH] Clarify man page on RDNSS set in router advertisement.
+
+---
+ man/dnsmasq.8 | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
+index a23c898..d51b10f 100644
+--- a/man/dnsmasq.8
++++ b/man/dnsmasq.8
+@@ -1687,15 +1687,15 @@ creation are handled by a different protocol. When DHCP is in use,
+ only a subset of this is needed, and dnsmasq can handle it, using
+ existing DHCP configuration to provide most data. When RA is enabled,
+ dnsmasq will advertise a prefix for each dhcp-range, with default
+-router and recursive DNS server as the relevant link-local address on
+-the machine running dnsmasq. By default, he "managed address" bits are set, and
++router as the relevant link-local address on
++the machine running dnsmasq. By default, the "managed address" bits are set, and
+ the "use SLAAC" bit is reset. This can be changed for individual
+ subnets with the mode keywords described in
+ .B --dhcp-range.
+ RFC6106 DNS parameters are included in the advertisements. By default,
+ the relevant link-local address of the machine running dnsmasq is sent
+ as recursive DNS server. If provided, the DHCPv6 options dns-server and
+-domain-search are used for RDNSS and DNSSL.
++domain-search are used for the DNS server (RDNSS) and the domain serach list (DNSSL).
+ .TP
+ .B --ra-param=<interface>,[high|low],[[<ra-interval>],<router lifetime>]
+ Set non-default values for router advertisements sent via an
+--
+1.7.10.4
+
--- /dev/null
+From 6de81f1250fd323c9155de065d5a9dc200a6f20b Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Wed, 9 Sep 2015 22:51:13 +0100
+Subject: [PATCH] Handle signed dangling CNAME replies to DS queries.
+
+---
+ src/dnssec.c | 7 ++-----
+ 1 file changed, 2 insertions(+), 5 deletions(-)
+
+diff --git a/src/dnssec.c b/src/dnssec.c
+index 4deda24..67ce486 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -1232,11 +1232,8 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
+
+ /* If we return STAT_NO_SIG, name contains the name of the DS query */
+ if (val == STAT_NO_SIG)
+- {
+- *keyname = 0;
+- return val;
+- }
+-
++ return val;
++
+ /* If the key needed to validate the DS is on the same domain as the DS, we'll
+ loop getting nowhere. Stop that now. This can happen of the DS answer comes
+ from the DS's zone, and not the parent zone. */
+--
+1.7.10.4
+
--- /dev/null
+From 102208df695e886a3086754d32bf7f8c541fbe46 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 10 Sep 2015 21:50:00 +0100
+Subject: [PATCH] DHCPv6 option 56 does not hold an address list. (RFC 5908).
+
+---
+ src/dhcp-common.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/dhcp-common.c b/src/dhcp-common.c
+index bc48f41..8fc171a 100644
+--- a/src/dhcp-common.c
++++ b/src/dhcp-common.c
+@@ -599,7 +599,7 @@ static const struct opttab_t opttab6[] = {
+ { "sntp-server", 31, OT_ADDR_LIST },
+ { "information-refresh-time", 32, OT_TIME },
+ { "FQDN", 39, OT_INTERNAL | OT_RFC1035_NAME },
+- { "ntp-server", 56, OT_ADDR_LIST },
++ { "ntp-server", 56, 0 },
+ { "bootfile-url", 59, OT_NAME },
+ { "bootfile-param", 60, OT_CSTRING },
+ { NULL, 0, 0 }
+--
+1.7.10.4
+
--- /dev/null
+From 77607cbea0ad0f876dfb79c8b2c121ee400d57d0 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 10 Sep 2015 23:08:43 +0100
+Subject: [PATCH] Respect the --no-resolv flag in inotify code.
+
+---
+ CHANGELOG | 7 ++++++-
+ debian/changelog | 6 ++++++
+ src/inotify.c | 3 +++
+ 3 files changed, 15 insertions(+), 1 deletion(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index bbc2834..d6e309f 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -7,8 +7,13 @@ version 2.76
+
+ Enhance --add-subnet to allow arbitrary subnet addresses.
+ Thanks to Ed Barsley for the patch.
++
++ Respect the --no-resolv flag in inotify code. Fixes bug
++ which caused dnsmasq to fail to start if a resolv-file
++ was a dangling symbolic link, even of --no-resolv set.
++ Thanks to Alexander Kurtz for spotting the problem.
++
+
+-
+ version 2.75
+ Fix reversion on 2.74 which caused 100% CPU use when a
+ dhcp-script is configured. Thanks to Adrian Davey for
+diff --git a/src/inotify.c b/src/inotify.c
+index 52d412f..ef05c58 100644
+--- a/src/inotify.c
++++ b/src/inotify.c
+@@ -90,6 +90,9 @@ void inotify_dnsmasq_init()
+
+ if (daemon->inotifyfd == -1)
+ die(_("failed to create inotify: %s"), NULL, EC_MISC);
++
++ if (option_bool(OPT_NO_RESOLV))
++ return;
+
+ for (res = daemon->resolv_files; res; res = res->next)
+ {
+--
+1.7.10.4
+
projects / ipfire-2.x.git / commitdiff
