From: Matthias Fischer <matthias.fischer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] dnsmasq 2.75: latest patch from upstream (056)
Date: Sat, 23 Jan 2016 23:44:33 +0100 [thread overview]
Message-ID: <1453589073-18014-1-git-send-email-matthias.fischer@ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 9252 bytes --]
One latecomer...
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
lfs/dnsmasq | 1 +
...q-Add-support-to-read-ISC-DHCP-lease-file.patch | 6 +-
.../dnsmasq/056-Add_--max-port_config_option.patch | 166 +++++++++++++++++++++
3 files changed, 170 insertions(+), 3 deletions(-)
create mode 100644 src/patches/dnsmasq/056-Add_--max-port_config_option.patch
diff --git a/lfs/dnsmasq b/lfs/dnsmasq
index 5134c13..95da5d7 100644
--- a/lfs/dnsmasq
+++ b/lfs/dnsmasq
@@ -128,6 +128,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/053-Complete_DNSSEC_server-selection_code_and_set_conntrack_on_DNSSEC_queries.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/054-Fix_problems_in_last_commit_when_DNSSEC_not_enabled.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/055-Fix_wrong_reply_to_simple_name_when_--domain-needed_set_and_no_servers_configured.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/056-Add_--max-port_config_option.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch
cd $(DIR_APP) && sed -i src/config.h \
diff --git a/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch b/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch
index f13dbcd..e49366a 100644
--- a/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch
+++ b/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch
@@ -42,7 +42,7 @@
--- a/src/dnsmasq.c Thu Jul 30 20:59:06 2015
+++ b/src/dnsmasq.c Wed Dec 16 19:38:32 2015
-@@ -996,6 +996,11 @@
+@@ -1010,6 +1010,11 @@
poll_resolv(0, daemon->last_resolv != 0, now);
daemon->last_resolv = now;
@@ -56,7 +56,7 @@
--- a/src/dnsmasq.h Wed Dec 16 19:24:12 2015
+++ b/src/dnsmasq.h Wed Dec 16 19:40:11 2015
-@@ -1509,6 +1509,11 @@
+@@ -1510,6 +1510,11 @@
void poll_listen(int fd, short event);
int do_poll(int timeout);
@@ -326,7 +326,7 @@
+#endif
--- a/src/option.c Wed Dec 16 19:24:12 2015
+++ b/src/option.c Wed Dec 16 19:42:48 2015
-@@ -1757,7 +1757,7 @@
+@@ -1760,7 +1760,7 @@
ret_err(_("bad MX target"));
break;
diff --git a/src/patches/dnsmasq/056-Add_--max-port_config_option.patch b/src/patches/dnsmasq/056-Add_--max-port_config_option.patch
new file mode 100644
index 0000000..7457be8
--- /dev/null
+++ b/src/patches/dnsmasq/056-Add_--max-port_config_option.patch
@@ -0,0 +1,166 @@
+From 926332a76454c7621f569d6c76d2697a83074d99 Mon Sep 17 00:00:00 2001
+From: Hans Dedecker <dedeckeh(a)gmail.com>
+Date: Sat, 23 Jan 2016 10:48:12 +0000
+Subject: [PATCH] Add --max-port config option.
+
+---
+ CHANGELOG | 3 +++
+ man/dnsmasq.8 | 7 +++++++
+ src/dns-protocol.h | 1 +
+ src/dnsmasq.c | 8 +++++++-
+ src/dnsmasq.h | 2 +-
+ src/network.c | 6 +++---
+ src/option.c | 9 +++++++++
+ 7 files changed, 31 insertions(+), 5 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index d3cf909..bc1e930 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -31,6 +31,9 @@ version 2.76
+ Return REFUSED when running out of forwarding table slots,
+ not SERVFAIL.
+
++ Add --max-port configuration. Thanks to Hans Dedecker for
++ the patch.
++
+
+ version 2.75
+ Fix reversion on 2.74 which caused 100% CPU use when a
+diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
+index 69acdae..103a813 100644
+--- a/man/dnsmasq.8
++++ b/man/dnsmasq.8
+@@ -174,6 +174,13 @@ queries. Dnsmasq picks random ports as source for outbound queries:
+ when this option is given, the ports used will always to larger
+ than that specified. Useful for systems behind firewalls.
+ .TP
++.B --max-port=<port>
++Use ports lower than that given as source for outbound DNS queries.
++Dnsmasq picks random ports as source for outbound queries:
++when this option is given, the ports used will always be lower
++than that specified. Useful for systems behind firewalls.
++.TP
++
+ .B \-i, --interface=<interface name>
+ Listen only on the specified interface(s). Dnsmasq automatically adds
+ the loopback (local) interface to the list of interfaces to use when
+diff --git a/src/dns-protocol.h b/src/dns-protocol.h
+index 95c55f2..75d8ffb 100644
+--- a/src/dns-protocol.h
++++ b/src/dns-protocol.h
+@@ -16,6 +16,7 @@
+
+ #define NAMESERVER_PORT 53
+ #define TFTP_PORT 69
++#define MAX_PORT 65535u
+
+ #define IN6ADDRSZ 16
+ #define INADDRSZ 4
+diff --git a/src/dnsmasq.c b/src/dnsmasq.c
+index e993629..0bb3e03 100644
+--- a/src/dnsmasq.c
++++ b/src/dnsmasq.c
+@@ -219,7 +219,13 @@ int main (int argc, char **argv)
+ if (option_bool(OPT_LOOP_DETECT))
+ die(_("loop detection not available: set HAVE_LOOP in src/config.h"), NULL, EC_BADCONF);
+ #endif
+-
++
++ if (daemon->max_port != MAX_PORT && daemon->min_port == 0)
++ daemon->min_port = 1024u;
++
++ if (daemon->max_port < daemon->min_port)
++ die(_("max_port cannot be smaller than min_port"), NULL, EC_BADCONF);
++
+ now = dnsmasq_time();
+
+ /* Create a serial at startup if not configured. */
+diff --git a/src/dnsmasq.h b/src/dnsmasq.h
+index 543481c..fd483a6 100644
+--- a/src/dnsmasq.h
++++ b/src/dnsmasq.h
+@@ -950,7 +950,7 @@ extern struct daemon {
+ char *log_file; /* optional log file */
+ int max_logs; /* queue limit */
+ int cachesize, ftabsize;
+- int port, query_port, min_port;
++ int port, query_port, min_port, max_port;
+ unsigned long local_ttl, neg_ttl, max_ttl, min_cache_ttl, max_cache_ttl, auth_ttl;
+ char *dns_client_id;
+ struct hostsfile *addn_hosts;
+diff --git a/src/network.c b/src/network.c
+index 5451c6c..91ac40a 100644
+--- a/src/network.c
++++ b/src/network.c
+@@ -1119,7 +1119,7 @@ int random_sock(int family)
+ if ((fd = socket(family, SOCK_DGRAM, 0)) != -1)
+ {
+ union mysockaddr addr;
+- unsigned int ports_avail = 65536u - (unsigned short)daemon->min_port;
++ unsigned int ports_avail = ((unsigned short)daemon->max_port - (unsigned short)daemon->min_port) + 1;
+ int tries = ports_avail < 30 ? 3 * ports_avail : 100;
+
+ memset(&addr, 0, sizeof(addr));
+@@ -1132,8 +1132,8 @@ int random_sock(int family)
+ {
+ unsigned short port = rand16();
+
+- if (daemon->min_port != 0)
+- port = htons(daemon->min_port + (port % ((unsigned short)ports_avail)));
++ if (daemon->min_port != 0 || daemon->max_port != MAX_PORT)
++ port = htons(daemon->min_port + (port % ((unsigned short)ports_avail)));
+
+ if (family == AF_INET)
+ {
+diff --git a/src/option.c b/src/option.c
+index 0e126f2..f40e9e2 100644
+--- a/src/option.c
++++ b/src/option.c
+@@ -154,6 +154,7 @@ struct myoption {
+ #define LOPT_HOST_INOTIFY 342
+ #define LOPT_DNSSEC_STAMP 343
+ #define LOPT_TFTP_NO_FAIL 344
++#define LOPT_MAXPORT 345
+ #define LOPT_DNS_CLIENT_ID 355
+
+ #ifdef HAVE_GETOPT_LONG
+@@ -271,6 +272,7 @@ static const struct myoption opts[] =
+ { "dhcp-alternate-port", 2, 0, LOPT_ALTPORT },
+ { "dhcp-scriptuser", 1, 0, LOPT_SCRIPTUSR },
+ { "min-port", 1, 0, LOPT_MINPORT },
++ { "max-port", 1, 0, LOPT_MAXPORT },
+ { "dhcp-fqdn", 0, 0, LOPT_DHCP_FQDN },
+ { "cname", 1, 0, LOPT_CNAME },
+ { "pxe-prompt", 1, 0, LOPT_PXE_PROMT },
+@@ -438,6 +440,7 @@ static struct {
+ { LOPT_ALTPORT, ARG_ONE, "[=<ports>]", gettext_noop("Use alternative ports for DHCP."), NULL },
+ { LOPT_NAPTR, ARG_DUP, "<name>,<naptr>", gettext_noop("Specify NAPTR DNS record."), NULL },
+ { LOPT_MINPORT, ARG_ONE, "<port>", gettext_noop("Specify lowest port available for DNS query transmission."), NULL },
++ { LOPT_MAXPORT, ARG_ONE, "<port>", gettext_noop("Specify highest port available for DNS query transmission."), NULL },
+ { LOPT_DHCP_FQDN, OPT_DHCP_FQDN, NULL, gettext_noop("Use only fully qualified domain names for DHCP clients."), NULL },
+ { LOPT_GEN_NAMES, ARG_DUP, "[=tag:<tag>]", gettext_noop("Generate hostnames based on MAC address for nameless clients."), NULL},
+ { LOPT_PROXY, ARG_DUP, "[=<ipaddr>]...", gettext_noop("Use these DHCP relays as full proxies."), NULL },
+@@ -2512,6 +2515,11 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
+ ret_err(gen_err);
+ break;
+
++ case LOPT_MAXPORT: /* --max-port */
++ if (!atoi_check16(arg, &daemon->max_port))
++ ret_err(gen_err);
++ break;
++
+ case '0': /* --dns-forward-max */
+ if (!atoi_check(arg, &daemon->ftabsize))
+ ret_err(gen_err);
+@@ -4462,6 +4470,7 @@ void read_opts(int argc, char **argv, char *compile_opts)
+ daemon->soa_refresh = SOA_REFRESH;
+ daemon->soa_retry = SOA_RETRY;
+ daemon->soa_expiry = SOA_EXPIRY;
++ daemon->max_port = MAX_PORT;
+
+ add_txt("version.bind", "dnsmasq-" VERSION, 0 );
+ add_txt("authors.bind", "Simon Kelley", 0);
+--
+1.7.10.4
+
--
2.7.0
reply other threads:[~2016-01-23 22:44 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1453589073-18014-1-git-send-email-matthias.fischer@ipfire.org \
--to=matthias.fischer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox