update to dnsmasq-2.82

2020-08-25 17:05:48 +08:00 · 2020-08-25 17:05:48 +08:00 · e227927ead
commit e227927ead
parent d31f755379
7 changed files with 2420 additions and 121 deletions
--- a/bugfix-allow-binding-mac-with-ipv6.patch
+++ b/bugfix-allow-binding-mac-with-ipv6.patch
@ -1,43 +1,40 @@
-From 53e1a09a06e11317bbde0e236837e5daa8d40593 Mon Sep 17 00:00:00 2001
+From 5db7b109af8f6967335806b50d628611be7b9cfd Mon Sep 17 00:00:00 2001
-From: liaichun <liaichun@huawei.com>
+From: xiaoweiwei <xiaoweiwei5@huawei.com>
-Date: Mon, 20 Apr 2020 16:06:51 +0800
+Date: Tue, 28 Jul 2020 15:22:54 +0800
-Subject: [PATCH] bugfix-allow-binding-mac-with-ipv6
+Subject: [PATCH] bugfix allow binding mac with ipv6
 ---
- src/dnsmasq.c                     |  2 +-
+ src/dnsmasq.c |  1 +
- src/dnsmasq.h                     |  4 ++-
+ src/dnsmasq.h |  2 ++
- src/option.c                      |  5 +++-
+ src/option.c  |  3 +++
- src/rfc3315.c                     | 35 +++++++++++++++++++++++++-
+ src/rfc3315.c | 32 +++++++++++++++++++++++++++++++-
- 4 files changed, 46 insertions(+)
+ 4 files changed, 37 insertions(+), 1 deletion(-)
 diff --git a/src/dnsmasq.c b/src/dnsmasq.c
-index fc085eb..e44c360 100644
+index bfad87f..b25e0c9 100644
 --- a/src/dnsmasq.c
 +++ b/src/dnsmasq.c
-@@ -260,7 +260,7 @@ int main (int argc, char **argv)
+@@ -261,6 +261,7 @@ int main (int argc, char **argv)
   if (daemon->dhcp6)
     {
       daemon->doing_ra = option_bool(OPT_RA);
-      
+      daemon->bind_mac_with_ip6 = option_bool(OPT_BIND_MAC_IP6);
-+      daemon->bind_mac_with_ip6 = option_bool(OPT_BIND_MAC_IP6); 
+       
       for (context = daemon->dhcp6; context; context = context->next)
 	{
 	  if (context->flags & CONTEXT_DHCP)
 diff --git a/src/dnsmasq.h b/src/dnsmasq.h
-index 68e6287..e7f1a0d 100644
+index 4220798..b9054b9 100644
 --- a/src/dnsmasq.h
 +++ b/src/dnsmasq.h
-@@ -269,7 +269,8 @@ struct event_desc {
+@@ -270,6 +270,7 @@ struct event_desc {
 #define OPT_IGNORE_CLID    59
 #define OPT_SINGLE_PORT    60
 #define OPT_LEASE_RENEW    61
-#define OPT_LAST           62
+ #define OPT_LAST           62
-+#define OPT_BIND_MAC_IP6   62
+#define OPT_BIND_MAC_IP6   63
 +#define OPT_LAST           63
 #define OPTION_BITS (sizeof(unsigned int)*8)
 #define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
-@@ -1049,6 +1050,7 @@ extern struct daemon {
+@@ -1051,6 +1052,7 @@ extern struct daemon {
   int override;
   int enable_pxe;
   int doing_ra, doing_dhcp6;
@ -46,24 +43,22 @@ index 68e6287..e7f1a0d 100644
   struct dhcp_netid_list *force_broadcast, *bootp_dynamic;
   struct hostsfile *dhcp_hosts_file, *dhcp_opts_file, *dynamic_dirs;
 diff --git a/src/option.c b/src/option.c
-index 1f698da..f02d389 100644
+index dbe5f90..f8391d0 100644
 --- a/src/option.c
 +++ b/src/option.c
-@@ -167,7 +167,8 @@ struct myoption {
+@@ -167,6 +167,7 @@ struct myoption {
 #define LOPT_IGNORE_CLID   358
 #define LOPT_SINGLE_PORT   359
 #define LOPT_SCRIPT_TIME   360
 - 
 +#define LOPT_BIND_MAC_IP6  361
-+
+  
 #ifdef HAVE_GETOPT_LONG
 static const struct option opts[] =  
 #else
@@ -339,6 +340,7 @@ static const struct myoption opts[] =
     { "dumpfile", 1, 0, LOPT_DUMPFILE },
     { "dumpmask", 1, 0, LOPT_DUMPMASK },
     { "dhcp-ignore-clid", 0, 0,  LOPT_IGNORE_CLID },
-+    { "bind-mac-with-ip6", 0, 0 , LOPT_BIND_MAC_IP6 },
+    { "bind-mac-with-ip6",0, 0,  LOPT_BIND_MAC_IP6},
     { NULL, 0, 0, 0 }
   };
@ -76,7 +71,7 @@ index 1f698da..f02d389 100644
 }; 
 diff --git a/src/rfc3315.c b/src/rfc3315.c
-index b3f0a0a..a5a092c 100644
+index b3f0a0a..5781809 100644
 --- a/src/rfc3315.c
 +++ b/src/rfc3315.c
@@ -49,6 +49,7 @@ static void end_ia(int t1cntr, unsigned int min_time, int do_fuzz);
@ -93,16 +88,15 @@ index b3f0a0a..a5a092c 100644
 		  match_netid(c->filter, solicit_tags, plain_range) &&
 -		  config_valid(config, c, &addr, state, now))
 +		  config_valid(config, c, &addr, state, now) &&
-+		  check_and_try_preempte_address(state, &addr, now, config))
+                  check_and_try_preempte_address(state, &addr, now, config))
 		{
 		  mark_config_used(state->context, &addr);
 		  if (have_config(config, CONFIG_TIME))
-@@ -1259,6 +1261,37 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+@@ -1684,6 +1686,34 @@ static int check_address(struct state *state, struct in6_addr *addr)
- 
+   return 1;
 }
-+static int check_and_try_preempte_address(struct state *state, struct in6_addr *addr, time_t now, struct dhcp_config *config)
+static int check_and_try_preempte_address(struct state *state, struct in6_addr *addr, time_t now, struct dhcp_config *config){
 +{
 +  struct dhcp_lease *lease;
 +
 +  if (!(lease = lease6_find_by_addr(addr, 128, 0)))
@ -110,8 +104,7 @@ index b3f0a0a..a5a092c 100644
 +    return 1;
 +  }
 +
-+
+  if (daemon->bind_mac_with_ip6) {
 +  if(daemon->bind_mac_with_ip6) {
 +    // break rfc3315 here
 +    // bind mac address with a lease
 +    if ((state->mac) && !(config->flags & CONFIG_CLID) &&
@ -125,16 +118,15 @@ index b3f0a0a..a5a092c 100644
 +  if (lease->clid_len != state->clid_len ||
 +      memcmp(lease->clid, state->clid, state->clid_len) != 0 ||
 +      lease->iaid != state->iaid)
-+   {
+  {
-+   return 0;
+    return 0;
-+   }
+  }
 +
 +  return 1;
 +}
-+
+ 
- static struct dhcp_netid *add_options(struct state *state, int do_refresh)  
+ /* return true of *addr could have been generated from config. */
- {
+ static struct addrlist *config_implies(struct dhcp_config *config, struct dhcp_context *context, struct in6_addr *addr)
   void *oro;
 -- 
-2.23.0
+1.8.3.1
--- a/bugfix-deal-with-CONFRIM-when-binding-mac-with-ipv6.patch
+++ b/bugfix-deal-with-CONFRIM-when-binding-mac-with-ipv6.patch
--- a/dnsmasq-2.77-underflow.patch
+++ b/dnsmasq-2.77-underflow.patch
@ -1,41 +1,26 @@
-From 8fbce6094dc3acad11c464723d97d3215951c5d4 Mon Sep 17 00:00:00 2001
+From 4d3ef152a5d0a3cf053d41ea950823bfcc0ea5c2 Mon Sep 17 00:00:00 2001
-From: liaichun <liaichun@huawei.com>
+From: xiaoweiwei <xiaoweiwei5@huawei.com>
-Date: Mon, 20 Apr 2020 15:26:17 +0800
+Date: Tue, 28 Jul 2020 10:32:50 +0800
-Subject: [PATCH] dnsmasq-2.77-underflow
+Subject: [PATCH] underflow
 ---
 src/forward.c | 3 +++
 src/rfc1035.c | 3 +++
- 2 files changed, 6 insertions(+)
+ 1 file changed, 3 insertions(+)
 diff --git a/src/forward.c b/src/forward.c
 index fde554d..47ccd91 100644
 --- a/src/forward.c
 +++ b/src/forward.c
@@ -1546,6 +1546,9 @@ void receive_query(struct listener *listen, time_t now)
       else if (udp_size < PACKETSZ)
 	udp_size = PACKETSZ; /* Sanity check - can't reduce below default. RFC 6891 6.2.3 */
     }
 +  // Make sure the udp size is not smaller than the incoming message so that we
 +  // do not underflow
 +  if (udp_size < n) udp_size = n;
 #ifdef HAVE_AUTH
   if (auth_dns)
 diff --git a/src/rfc1035.c b/src/rfc1035.c
-index fefe63d..6253794 100644
+index fefe63d..d3cce6f 100644
 --- a/src/rfc1035.c
 +++ b/src/rfc1035.c
@@ -1340,6 +1340,9 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
   size_t len;
   int rd_bit = (header->hb3 & HB3_RD);
-+  // Make sure we do not underflow here too.
+  // Make sure we do not underflow here too
 +  if (qlen > (limit - ((char *)header))) return 0;
 +
   /* never answer queries with RD unset, to avoid cache snooping. */
   if (ntohs(header->ancount) != 0 ||
       ntohs(header->nscount) != 0 ||
 -- 
-2.23.0
+1.8.3.1
--- a/dnsmasq-2.78-fips.patch
+++ b/dnsmasq-2.78-fips.patch
@ -1,28 +1,26 @@
-From 7d77bd1038de810c3f916d2117742b0d8fa2429c Mon Sep 17 00:00:00 2001
+From 8c8ca24806d5ebfe5018279ec84538a17014a918 Mon Sep 17 00:00:00 2001
-From: liaichun <liaichun@huawei.com>
+From: xiaoweiwei <xiaoweiwei5@huawei.com>
-Date: Mon, 20 Apr 2020 15:32:27 +0800
+Date: Tue, 28 Jul 2020 10:57:56 +0800
-Subject: [PATCH] dnsmasq-2.78-fips
+Subject: [PATCH] fips
 ---
- src/dnsmasq.c | 5 ++++-
+ src/dnsmasq.c | 3 +++
- 1 file changed, 4 insertions(+), 1 deletion(-)
+ 1 file changed, 3 insertions(+)
 diff --git a/src/dnsmasq.c b/src/dnsmasq.c
-index 878167c..fc085eb 100644
+index 2306c48..bfad87f 100644
 --- a/src/dnsmasq.c
 +++ b/src/dnsmasq.c
-@@ -876,7 +876,10 @@ int main (int argc, char **argv)
+@@ -877,6 +877,9 @@ int main (int argc, char **argv)
 	my_syslog(LOG_INFO, _("DNSSEC validation enabled but all unsigned answers are trusted"));
       else
 	my_syslog(LOG_INFO, _("DNSSEC validation enabled"));
 -      
 +
 +      if (access("/etc/system-fips", F_OK) == 0)
 +        my_syslog(LOG_WARNING, _("DNSSEC support is not FIPS 140-2 compliant"));
-+
+       
       daemon->dnssec_no_time_check = option_bool(OPT_DNSSEC_TIME);
       if (option_bool(OPT_DNSSEC_TIME) && !daemon->back_to_the_future)
 	my_syslog(LOG_INFO, _("DNSSEC signature timestamps not checked until receipt of SIGINT"));
 -- 
-2.23.0
+1.8.3.1
--- a/dnsmasq-2.81.tar.xz
+++ b/dnsmasq-2.81.tar.xz
--- a/dnsmasq-2.82.tar.xz
+++ b/dnsmasq-2.82.tar.xz
--- a/dnsmasq.spec
+++ b/dnsmasq.spec
@ -1,5 +1,5 @@
 Name:           dnsmasq
-Version:        2.81
+Version:        2.82
 Release:        1
 Summary:        Dnsmasq provides network infrastructure for small networks
 License:        GPLv2 or GPLv3
@ -8,7 +8,6 @@ Source0:        http://www.thekelleys.org.uk/dnsmasq/%{name}-%{version}.tar.xz
 Source1:        dnsmasq.service
 Source2:        dnsmasq-systemd-sysusers.conf
 #patches from the opensource fedora/redhat repository
 Patch0001:      dnsmasq-2.77-underflow.patch
 Patch0002:      dnsmasq-2.78-fips.patch
@ -107,6 +106,12 @@ install -Dpm644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysusersdir}/dnsmasq.conf
 %{_mandir}/man8/dnsmasq*
 %changelog
 * Tue Aug 25 2020 lunankun <lunankun@huawei.com> - 2.82-1
 - Type:requirement
 - Id:NA
 - SUG:NA
 - DESC:update to 2.82-1
 * Fri Apr 17 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.80-1
 - Type:bugfix
 - Id:NA