packages/dnsmasq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update to 2.81

Browse Source
This commit is contained in:
seuzw 2020-05-12 14:39:02 +08:00
parent 61c0570c17
commit 5364debf1f
9 changed files with 111 additions and 257 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
0141-Fix-memory-leak-in-helper.c.patch
View File

@ -1,46 +0,0 @@
From 69bc94779c2f035a9fffdb5327a54c3aeca73ed5 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 14 Aug 2019 20:44:50 +0100
Subject: [PATCH 141/156] Fix memory leak in helper.c
Thanks to Xu Mingjie <xumingjie1995@outlook.com> for spotting this.
---
src/helper.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/helper.c b/src/helper.c
index 33ba120..c392eec 100644
--- a/src/helper.c
+++ b/src/helper.c
@@ -80,7 +80,8 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
pid_t pid;
int i, pipefd[2];
struct sigaction sigact;
-
+ unsigned char *alloc_buff = NULL;
+
/* create the pipe through which the main program sends us commands,
then fork our process. */
if (pipe(pipefd) == -1 || !fix_fd(pipefd[1]) || (pid = fork()) == -1)
@@ -186,11 +187,16 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
struct script_data data;
char *p, *action_str, *hostname = NULL, *domain = NULL;
unsigned char *buf = (unsigned char *)daemon->namebuff;
- unsigned char *end, *extradata, *alloc_buff = NULL;
+ unsigned char *end, *extradata;
int is6, err = 0;
int pipeout[2];
- free(alloc_buff);
+ /* Free rarely-allocated memory from previous iteration. */
+ if (alloc_buff)
+ {
+ free(alloc_buff);
+ alloc_buff = NULL;
+ }
/* we read zero bytes when pipe closed: this is our signal to exit */
if (!read_write(pipefd[0], (unsigned char *)&data, sizeof(data), 1))
--
1.8.3.1

111
bugfix-allow-binding-mac-with-ipv6.patch
View File

@ -1,45 +1,43 @@
From 7d8a6199730a2fd0cd2a7cfa4fdb73b8399f110a Mon Sep 17 00:00:00 2001
From: Shufeng Cao <caoshufeng@huawei.com>
Date: Tue, 27 Nov 2018 15:03:59 +0800
Subject: [PATCH 1/2] allow binding mac address with ipv6
From 53e1a09a06e11317bbde0e236837e5daa8d40593 Mon Sep 17 00:00:00 2001
From: liaichun <liaichun@huawei.com>
Date: Mon, 20 Apr 2020 16:06:51 +0800
Subject: [PATCH] bugfix-allow-binding-mac-with-ipv6
This change introduces a new option --bind-mac-with-ip6, when this
option is enabled, a client of same mac address will always get the
bound ipv6 address, even when it's duid has been changed.
---
src/dnsmasq.c | 1 +
src/dnsmasq.h | 4 +++-
src/option.c | 3 +++
src/rfc3315.c | 34 +++++++++++++++++++++++++++++++++-
4 files changed, 40 insertions(+), 2 deletions(-)
src/dnsmasq.c | 2 +-
src/dnsmasq.h | 4 ++-
src/option.c | 5 +++-
src/rfc3315.c | 35 +++++++++++++++++++++++++-
4 files changed, 46 insertions(+)
diff --git a/src/dnsmasq.c b/src/dnsmasq.c
index 9f6c020..32a4d22 100644
index fc085eb..e44c360 100644
--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
@@ -243,6 +243,7 @@ int main (int argc, char **argv)
@@ -260,7 +260,7 @@ int main (int argc, char **argv)
if (daemon->dhcp6)
{
daemon->doing_ra = option_bool(OPT_RA);
+ daemon->bind_mac_with_ip6 = option_bool(OPT_BIND_MAC_IP6);
-
+ daemon->bind_mac_with_ip6 = option_bool(OPT_BIND_MAC_IP6);
for (context = daemon->dhcp6; context; context = context->next)
{
if (context->flags & CONTEXT_DHCP)
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index 6773b69..8b31d42 100644
index 68e6287..e7f1a0d 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -250,7 +250,8 @@ struct event_desc {
#define OPT_MAC_B64 54
#define OPT_MAC_HEX 55
#define OPT_TFTP_APREF_MAC 56
-#define OPT_LAST 57
+#define OPT_BIND_MAC_IP6 57
+#define OPT_LAST 58
@@ -269,7 +269,8 @@ struct event_desc {
#define OPT_IGNORE_CLID 59
#define OPT_SINGLE_PORT 60
#define OPT_LEASE_RENEW 61
-#define OPT_LAST 62
+#define OPT_BIND_MAC_IP6 62
+#define OPT_LAST 63
/* extra flags for my_syslog, we use a couple of facilities since they are known
not to occupy the same bits as priorities, no matter how syslog.h is set up. */
@@ -1000,6 +1001,7 @@ extern struct daemon {
#define OPTION_BITS (sizeof(unsigned int)*8)
#define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
@@ -1049,6 +1050,7 @@ extern struct daemon {
int override;
int enable_pxe;
int doing_ra, doing_dhcp6;
@ -48,56 +46,59 @@ index 6773b69..8b31d42 100644
struct dhcp_netid_list *force_broadcast, *bootp_dynamic;
struct hostsfile *dhcp_hosts_file, *dhcp_opts_file, *dynamic_dirs;
diff --git a/src/option.c b/src/option.c
index d358d99..919e5a3 100644
index 1f698da..f02d389 100644
--- a/src/option.c
+++ b/src/option.c
@@ -160,6 +160,7 @@ struct myoption {
#define LOPT_DHCPTTL 348
#define LOPT_TFTP_MTU 349
#define LOPT_REPLY_DELAY 350
+#define LOPT_BIND_MAC_IP6 351
@@ -167,7 +167,8 @@ struct myoption {
#define LOPT_IGNORE_CLID 358
#define LOPT_SINGLE_PORT 359
#define LOPT_SCRIPT_TIME 360
-
+#define LOPT_BIND_MAC_IP6 361
+
#ifdef HAVE_GETOPT_LONG
static const struct option opts[] =
@@ -325,6 +326,7 @@ static const struct myoption opts[] =
{ "script-arp", 0, 0, LOPT_SCRIPT_ARP },
{ "dhcp-ttl", 1, 0 , LOPT_DHCPTTL },
{ "dhcp-reply-delay", 1, 0, LOPT_REPLY_DELAY },
#else
@@ -339,6 +340,7 @@ static const struct myoption opts[] =
{ "dumpfile", 1, 0, LOPT_DUMPFILE },
{ "dumpmask", 1, 0, LOPT_DUMPMASK },
{ "dhcp-ignore-clid", 0, 0, LOPT_IGNORE_CLID },
+ { "bind-mac-with-ip6", 0, 0 , LOPT_BIND_MAC_IP6 },
{ NULL, 0, 0, 0 }
};
@@ -497,6 +499,7 @@ static struct {
{ LOPT_IGNORE_ADDR, ARG_DUP, "<ipaddr>", gettext_noop("Ignore DNS responses containing ipaddr."), NULL },
{ LOPT_DHCPTTL, ARG_ONE, "<ttl>", gettext_noop("Set TTL in DNS responses with DHCP-derived addresses."), NULL },
{ LOPT_REPLY_DELAY, ARG_ONE, "<integer>", gettext_noop("Delay DHCP replies for at least number of seconds."), NULL },
@@ -518,6 +520,7 @@ static struct {
{ LOPT_DUMPFILE, ARG_ONE, "<path>", gettext_noop("Path to debug packet dump file"), NULL },
{ LOPT_DUMPMASK, ARG_ONE, "<hex>", gettext_noop("Mask which packets to dump"), NULL },
{ LOPT_SCRIPT_TIME, OPT_LEASE_RENEW, NULL, gettext_noop("Call dhcp-script when lease expiry changes."), NULL },
+ { LOPT_BIND_MAC_IP6, OPT_BIND_MAC_IP6, NULL, gettext_noop("Bind mac with ipv6 address. This is an experimental feature and it conflicts with rfc3315."), NULL },
{ 0, 0, NULL, NULL, NULL }
};
diff --git a/src/rfc3315.c b/src/rfc3315.c
index 21fcd9b..defd966 100644
index b3f0a0a..a5a092c 100644
--- a/src/rfc3315.c
+++ b/src/rfc3315.c
@@ -55,6 +55,7 @@ static struct prefix_class *prefix_class_from_context(struct dhcp_context *conte
@@ -49,6 +49,7 @@ static void end_ia(int t1cntr, unsigned int min_time, int do_fuzz);
static void mark_context_used(struct state *state, struct in6_addr *addr);
static void mark_config_used(struct dhcp_context *context, struct in6_addr *addr);
static int check_address(struct state *state, struct in6_addr *addr);
+static int check_and_try_preempte_address(struct state *state, struct in6_addr *addr, time_t now, struct dhcp_config *config);
static int config_valid(struct dhcp_config *config, struct dhcp_context *context, struct in6_addr *addr, struct state *state, time_t now);
static struct addrlist *config_implies(struct dhcp_config *config, struct dhcp_context *context, struct in6_addr *addr);
static void add_address(struct state *state, struct dhcp_context *context, unsigned int lease_time, void *ia_option,
unsigned int *min_time, struct in6_addr *addr, time_t now);
static void update_leases(struct state *state, struct dhcp_context *context, struct in6_addr *addr, unsigned int lease_time, time_t now);
@@ -746,7 +747,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
@@ -703,7 +704,8 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
for (c = state->context; c; c = c->current)
if (!(c->flags & CONTEXT_CONF_USED) &&
match_netid(c->filter, solicit_tags, plain_range) &&
config_valid(config, c, &addr) &&
- check_address(state, &addr))
- config_valid(config, c, &addr, state, now))
+ config_valid(config, c, &addr, state, now) &&
+ check_and_try_preempte_address(state, &addr, now, config))
{
mark_config_used(state->context, &addr);
if (have_config(config, CONFIG_TIME))
@@ -1744,6 +1745,37 @@ static int check_address(struct state *state, struct in6_addr *addr)
return 1;
@@ -1259,6 +1261,37 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
}
+static int check_and_try_preempte_address(struct state *state, struct in6_addr *addr, time_t now, struct dhcp_config *config)
@ -131,9 +132,9 @@ index 21fcd9b..defd966 100644
+ return 1;
+}
+
/* Calculate valid and preferred times to send in leases/renewals.
static struct dhcp_netid *add_options(struct state *state, int do_refresh)
{
void *oro;
--
2.19.1
2.23.0

35
bugfix-deal-with-CONFRIM-when-binding-mac-with-ipv6.patch
View File

@ -1,18 +1,17 @@
From c4a283365bdd56e4552e7205fbfba17ca298fc3a Mon Sep 17 00:00:00 2001
From: Shufeng Cao <caoshufeng@huawei.com>
Date: Fri, 14 Dec 2018 20:02:31 +0800
Subject: [PATCH 2/2] binding mac with ipv6: dealing with invalid CONFIRM
package
From 068fe05737fe86185b5d55da7de6ea6b2668c911 Mon Sep 17 00:00:00 2001
From: liaichun <liaichun@huawei.com>
Date: Mon, 20 Apr 2020 16:17:24 +0800
Subject: [PATCH] bugfix-deal-with-CONFRIM-when-binding-mac-with-ipv6
---
src/rfc3315.c | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
src/rfc3315.c | 30 +++++++++++++++++++++++++++++-
1 file changed, 29 insertions(+), 1 deletion(-)
diff --git a/src/rfc3315.c b/src/rfc3315.c
index defd966..f8ba7e4 100644
index a5a092c..ef13b3d 100644
--- a/src/rfc3315.c
+++ b/src/rfc3315.c
@@ -1087,11 +1087,31 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
@@ -1033,11 +1033,31 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
case DHCP6CONFIRM:
{
int good_addr = 0;
@ -28,11 +27,11 @@ index defd966..f8ba7e4 100644
+ if(state->mac) {
+ for (find_config = daemon->dhcp_conf; find_config; find_config = find_config->next)
+ if (config_has_mac(find_config, state->mac, state->mac_len, state->mac_type) && have_config(find_config, CONFIG_ADDR6)) {
+ find_bind = 1;
+ break;
+ find_bind = 1;
+ break;
+ }
+ }
+ /* requires all mac has binding ipv6 address. */
+ /* requires all mac has binding ipv6 address. */
+ if (find_bind == 0) {
+ o1 = new_opt6(OPTION6_STATUS_CODE);
+ put_opt6_short(DHCP6NOTONLINK);
@ -44,12 +43,13 @@ index defd966..f8ba7e4 100644
for (opt = state->packet_options; opt; opt = opt6_next(opt, state->end))
{
@@ -1112,6 +1132,16 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
@@ -1061,7 +1081,15 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
log6_quiet(state, "DHCPREPLY", &req_addr, _("confirm failed"));
return 1;
}
-
+ if(daemon->bind_mac_with_ip6) {
+ if (!is_same_net6(req_addr, &find_config->addr6, 128)) {
+ if (!is_same_net6(&req_addr, &find_config->addr6, 128)) {
+ o1 = new_opt6(OPTION6_STATUS_CODE);
+ put_opt6_short(DHCP6NOTONLINK);
+ put_opt6_string(_("confirm failed, not binding to this address"));
@ -57,10 +57,9 @@ index defd966..f8ba7e4 100644
+ return 1;
+ }
+ }
+
good_addr = 1;
log6_quiet(state, "DHCPREPLY", req_addr, state->hostname);
log6_quiet(state, "DHCPREPLY", &req_addr, state->hostname);
}
--
2.19.1
2.23.0

58
dnsmasq-2.77-underflow.patch
View File

@ -1,63 +1,41 @@
From c82a594d95431e8615126621397ea595eb037a6b Mon Sep 17 00:00:00 2001
From: Doran Moppert <dmoppert@redhat.com>
Date: Tue, 26 Sep 2017 14:48:20 +0930
Subject: [PATCH] google patch hand-applied
From 8fbce6094dc3acad11c464723d97d3215951c5d4 Mon Sep 17 00:00:00 2001
From: liaichun <liaichun@huawei.com>
Date: Mon, 20 Apr 2020 15:26:17 +0800
Subject: [PATCH] dnsmasq-2.77-underflow
---
src/edns0.c | 10 +++++-----
src/forward.c | 4 ++++
src/rfc1035.c | 2 ++
3 files changed, 11 insertions(+), 5 deletions(-)
src/forward.c | 3 +++
src/rfc1035.c | 3 +++
2 files changed, 6 insertions(+)
diff --git a/src/edns0.c b/src/edns0.c
index af33877..ba6ff0c 100644
--- a/src/edns0.c
+++ b/src/edns0.c
@@ -212,11 +212,11 @@ size_t add_pseudoheader(struct dns_header *header, size_t plen, unsigned char *l
/* Copy back any options */
if (buff)
{
- if (p + rdlen > limit)
- {
- free(buff);
- return plen; /* Too big */
- }
+ if (p + rdlen > limit)
+ {
+ free(buff);
+ return plen; /* Too big */
+ }
memcpy(p, buff, rdlen);
free(buff);
p += rdlen;
diff --git a/src/forward.c b/src/forward.c
index cdd11d3..3078f64 100644
index fde554d..47ccd91 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -1438,6 +1438,10 @@ void receive_query(struct listener *listen, time_t now)
@@ -1546,6 +1546,9 @@ void receive_query(struct listener *listen, time_t now)
else if (udp_size < PACKETSZ)
udp_size = PACKETSZ; /* Sanity check - can't reduce below default. RFC 6891 6.2.3 */
}
+ // Make sure the udp size is not smaller than the incoming message so that we
+ // do not underflow
+ if (udp_size < n) udp_size = n;
+
#ifdef HAVE_AUTH
if (auth_dns)
{
diff --git a/src/rfc1035.c b/src/rfc1035.c
index b078b59..777911b 100644
index fefe63d..6253794 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1281,6 +1281,8 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
int nxdomain = 0, auth = 1, trunc = 0, sec_data = 1;
struct mx_srv_record *rec;
@@ -1340,6 +1340,9 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
size_t len;
int rd_bit = (header->hb3 & HB3_RD);
+ // Make sure we do not underflow here too.
+ if (qlen > (limit - ((char *)header))) return 0;
+
/* never answer queries with RD unset, to avoid cache snooping. */
if (ntohs(header->ancount) != 0 ||
ntohs(header->nscount) != 0 ||
--
2.14.3
2.23.0

33
dnsmasq-2.78-fips.patch
View File

@ -1,29 +1,20 @@
From 89f57e39b69f92beacb6bad9c68d61f9c4fb0e77 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Fri, 2 Mar 2018 13:17:04 +0100
Subject: [PATCH] Print warning on FIPS machine with dnssec enabled. Dnsmasq
has no proper FIPS 140-2 compliant implementation.
From 7d77bd1038de810c3f916d2117742b0d8fa2429c Mon Sep 17 00:00:00 2001
From: liaichun <liaichun@huawei.com>
Date: Mon, 20 Apr 2020 15:32:27 +0800
Subject: [PATCH] dnsmasq-2.78-fips
---
src/dnsmasq.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
src/dnsmasq.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/dnsmasq.c b/src/dnsmasq.c
index ce44809..9f6c020 100644
index 878167c..fc085eb 100644
--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
@@ -187,6 +187,7 @@ int main (int argc, char **argv)
if (daemon->cachesize < CACHESIZ)
die(_("cannot reduce cache size from default when DNSSEC enabled"), NULL, EC_BADCONF);
+
#else
die(_("DNSSEC not available: set HAVE_DNSSEC in src/config.h"), NULL, EC_BADCONF);
#endif
@@ -769,7 +770,10 @@ int main (int argc, char **argv)
}
my_syslog(LOG_INFO, _("DNSSEC validation enabled"));
@@ -876,7 +876,10 @@ int main (int argc, char **argv)
my_syslog(LOG_INFO, _("DNSSEC validation enabled but all unsigned answers are trusted"));
else
my_syslog(LOG_INFO, _("DNSSEC validation enabled"));
-
+
+ if (access("/etc/system-fips", F_OK) == 0)
@ -33,5 +24,5 @@ index ce44809..9f6c020 100644
if (option_bool(OPT_DNSSEC_TIME) && !daemon->back_to_the_future)
my_syslog(LOG_INFO, _("DNSSEC signature timestamps not checked until receipt of SIGINT"));
--
2.14.4
2.23.0

BIN
dnsmasq-2.79.tar.xz
View File

Binary file not shown.

73
dnsmasq-2.80-dnssec.patch
View File

@ -1,73 +0,0 @@
From a997ca0da044719a0ce8a232d14da8b30022592b Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Fri, 29 Jun 2018 14:39:41 +0100
Subject: [PATCH] Fix sometimes missing DNSSEC RRs when DNSSEC validation not
enabled.
Dnsmasq does pass on the do-bit, and return DNSSEC RRs, irrespective
of of having DNSSEC validation compiled in or enabled.
The thing to understand here is that the cache does not store all the
DNSSEC RRs, and dnsmasq doesn't have the (very complex) logic required
to determine the set of DNSSEC RRs required in an answer. Therefore if
the client wants the DNSSEC RRs, the query can not be answered from
the cache. When DNSSEC validation is enabled, any query with the
do-bit set is never answered from the cache, unless the domain is
known not to be signed: the query is always forwarded. This ensures
that the DNSEC RRs are included.
The same thing should be true when DNSSEC validation is not enabled,
but there's a bug in the logic.
line 1666 of src/rfc1035.c looks like this
if ((crecp->flags & (F_HOSTS | F_DHCP | F_CONFIG)) || !do_bit || !(crecp->flags & F_DNSSECOK))
{ ...answer from cache ... }
So local stuff (hosts, DHCP, ) get answered. If the do_bit is not set
then the query is answered, and if the domain is known not to be
signed, the query is answered.
Unfortunately, if DNSSEC validation is not turned on then the
F_DNSSECOK bit is not valid, and it's always zero, so the question
always gets answered from the cache, even when the do-bit is set.
This code should look like that at line 1468, dealing with PTR queries
if ((crecp->flags & (F_HOSTS | F_DHCP | F_CONFIG)) ||
!do_bit ||
(option_bool(OPT_DNSSEC_VALID) && !(crecp->flags & F_DNSSECOK)))
where the F_DNSSECOK bit is only used when validation is enabled.
---
src/rfc1035.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/rfc1035.c b/src/rfc1035.c
index ebb1f36..580f5ef 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1663,7 +1663,9 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
}
/* If the client asked for DNSSEC don't use cached data. */
- if ((crecp->flags & (F_HOSTS | F_DHCP | F_CONFIG)) || !do_bit || !(crecp->flags & F_DNSSECOK))
+ if ((crecp->flags & (F_HOSTS | F_DHCP | F_CONFIG)) ||
+ !do_bit ||
+ (option_bool(OPT_DNSSEC_VALID) && !(crecp->flags & F_DNSSECOK)))
do
{
/* don't answer wildcard queries with data not from /etc/hosts
@@ -1747,7 +1749,7 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
{
if ((crecp = cache_find_by_name(NULL, name, now, F_CNAME | (dryrun ? F_NO_RR : 0))) &&
(qtype == T_CNAME || (crecp->flags & F_CONFIG)) &&
- ((crecp->flags & F_CONFIG) || !do_bit || !(crecp->flags & F_DNSSECOK)))
+ ((crecp->flags & F_CONFIG) || !do_bit || (option_bool(OPT_DNSSEC_VALID) && !(crecp->flags & F_DNSSECOK))))
{
if (!(crecp->flags & F_DNSSECOK))
sec_data = 0;
--
2.14.4

BIN
dnsmasq-2.81.tar.xz Normal file
View File

Binary file not shown.

12
dnsmasq.spec
View File

@ -1,6 +1,6 @@
Name: dnsmasq
Version: 2.79
Release: 11
Version: 2.81
Release: 1
Summary: Dnsmasq provides network infrastructure for small networks
License: GPLv2 or GPLv3
URL: http://www.thekelleys.org.uk/dnsmasq/
@ -11,9 +11,7 @@ Source2: dnsmasq-systemd-sysusers.conf
#patches from the opensource fedora/redhat repository
Patch0001: dnsmasq-2.77-underflow.patch
Patch0002: dnsmasq-2.78-fips.patch
Patch0003: dnsmasq-2.80-dnssec.patch
Patch6000: 0141-Fix-memory-leak-in-helper.c.patch
Patch9000: bugfix-allow-binding-mac-with-ipv6.patch
Patch9001: bugfix-deal-with-CONFRIM-when-binding-mac-with-ipv6.patch
@ -109,6 +107,12 @@ install -Dpm644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysusersdir}/dnsmasq.conf
%{_mandir}/man8/dnsmasq*
%changelog
* Fri Apr 17 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.80-1
- Type:bugfix
- Id:NA
- SUG:NA
- DESC:update to 2.80-1
* Sat Dec 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.79-11
- Type:bugfix
- Id:NA