Development May 2016

development@lists.ipfire.org

13 participants
72 discussions

[PATCH] squid 3.4: remove obsolete patch files
by Matthias Fischer 10 May '16

10 May '16

Obsolete, no longer needed. Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> --- src/patches/squid-3.4-13233.patch | 274 -------------------------------------- src/patches/squid-3.4-13234.patch | 33 ----- src/patches/squid-3.4-13235.patch | 97 -------------- 3 files changed, 404 deletions(-) delete mode 100644 src/patches/squid-3.4-13233.patch delete mode 100644 src/patches/squid-3.4-13234.patch delete mode 100644 src/patches/squid-3.4-13235.patch diff --git a/src/patches/squid-3.4-13233.patch b/src/patches/squid-3.4-13233.patch deleted file mode 100644 index d657838..0000000 --- a/src/patches/squid-3.4-13233.patch +++ /dev/null @@ -1,274 +0,0 @@ ------------------------------------------------------------- -revno: 13233 -revision-id: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11 -parent: squid3(a)treenet.co.nz-20160330141410-t6p2dhzr8ri36fap -committer: Amos Jeffries <squid3(a)treenet.co.nz> -branch nick: 3.4 -timestamp: Wed 2016-04-20 18:39:07 +1200 -message: - cachemgr.cgi: use dynamic MemBuf for internal content generation - - Using a fixed size buffer limits how big content lines can be. Modern - HTTP is fast reaching the point where such limits are problematic. - Also fixes incorrect uses of snprintf() by removing them. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 -# testament_sha1: 161e86814f6f14d74557a3fa169b37b6601c08a1 -# timestamp: 2016-04-20 06:50:57 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 -# base_revision_id: squid3(a)treenet.co.nz-20160330141410-\ -# t6p2dhzr8ri36fap -# -# Begin patch -=== modified file 'src/tests/stub_cbdata.cc' ---- src/tests/stub_cbdata.cc 2012-11-01 10:31:28 +0000 -+++ src/tests/stub_cbdata.cc 2016-04-20 06:39:07 +0000 -@@ -5,7 +5,13 @@ - #include "tests/STUB.h" - - void cbdataRegisterWithCacheManager(void) STUB -- -+void *cbdataInternalAlloc(cbdata_type type, const char *, int sz) { -+ return xcalloc(1, sz); -+} -+void *cbdataInternalFree(void *p, const char *, int) { -+ xfree(p); -+ return nullptr; -+} - #if USE_CBDATA_DEBUG - void *cbdataInternalAllocDbg(cbdata_type type, const char *, int) STUB_RETVAL(NULL) - void *cbdataInternalFreeDbg(void *p, const char *, int) STUB_RETVAL(NULL) - -=== modified file 'src/tests/stub_mem.cc' ---- src/tests/stub_mem.cc 2012-08-29 07:29:35 +0000 -+++ src/tests/stub_mem.cc 2016-04-20 06:39:07 +0000 -@@ -5,7 +5,7 @@ - #include "squid.h" - - #define STUB_API "stub_mem.cc" --#include "STUB.h" -+#include "tests/STUB.h" - #include "Mem.h" - - void - -=== modified file 'tools/Makefile.am' ---- tools/Makefile.am 2014-04-06 04:37:08 +0000 -+++ tools/Makefile.am 2016-04-20 06:39:07 +0000 -@@ -35,15 +35,24 @@ - stub_debug.cc: $(top_srcdir)/src/tests/stub_debug.cc - cp $(top_srcdir)/src/tests/stub_debug.cc . - -+MemBuf.cc: $(top_srcdir)/src/MemBuf.cc -+ cp $(top_srcdir)/src/MemBuf.cc $@ -+ - time.cc: $(top_srcdir)/src/time.cc - cp $(top_srcdir)/src/time.cc . - -+stub_cbdata.cc: $(top_srcdir)/src/tests/stub_cbdata.cc -+ cp $(top_srcdir)/src/tests/stub_cbdata.cc $@ -+ -+stub_mem.cc: $(top_srcdir)/src/tests/stub_mem.cc -+ cp $(top_srcdir)/src/tests/stub_mem.cc $@ -+ - # stock tools for unit tests - library independent versions of dlink_list - # etc. - # globals.cc is needed by test_tools.cc. - # Neither of these should be disted from here. - TESTSOURCES= test_tools.cc --CLEANFILES += test_tools.cc stub_debug.cc time.cc -+CLEANFILES += test_tools.cc MemBuf.cc stub_debug.cc time.cc stub_cbdata.cc stub_mem.cc - - ## ##### helper-mux ##### - -@@ -74,7 +83,10 @@ - libexec_PROGRAMS = cachemgr$(CGIEXT) - - cachemgr__CGIEXT__SOURCES = cachemgr.cc \ -+ MemBuf.cc \ -+ stub_cbdata.cc \ - stub_debug.cc \ -+ stub_mem.cc \ - test_tools.cc \ - time.cc - - -=== modified file 'tools/cachemgr.cc' ---- tools/cachemgr.cc 2015-01-09 10:32:57 +0000 -+++ tools/cachemgr.cc 2016-04-20 06:39:07 +0000 -@@ -35,6 +35,7 @@ - #include "getfullhostname.h" - #include "html_quote.h" - #include "ip/Address.h" -+#include "MemBuf.h" - #include "rfc1123.h" - #include "rfc1738.h" - #include "util.h" -@@ -460,8 +461,8 @@ - return url; - } - --static const char * --munge_menu_line(const char *buf, cachemgr_request * req) -+static void -+munge_menu_line(MemBuf &out, const char *buf, cachemgr_request * req) - { - char *x; - const char *a; -@@ -469,15 +470,14 @@ - const char *p; - char *a_url; - char *buf_copy; -- static char html[2 * 1024]; -- -- if (strlen(buf) < 1) -- return buf; -- -- if (*buf != ' ') -- return buf; -- -- buf_copy = x = xstrdup(buf); -+ -+ const char bufLen = strlen(buf); -+ if (bufLen < 1 || *buf != ' ') { -+ out.append(buf, bufLen); -+ return; -+ } -+ -+ buf_copy = x = xstrndup(buf, bufLen); - - a = xstrtok(&x, '\t'); - -@@ -489,59 +489,56 @@ - - /* no reason to give a url for a disabled action */ - if (!strcmp(p, "disabled")) -- snprintf(html, sizeof(html), "<LI type=\"circle\">%s (disabled)<A HREF=\"%s\">.</A>\n", d, a_url); -+ out.Printf("<LI type=\"circle\">%s (disabled)<A HREF=\"%s\">.</A>\n", d, a_url); - else - /* disable a hidden action (requires a password, but password is not in squid.conf) */ - if (!strcmp(p, "hidden")) -- snprintf(html, sizeof(html), "<LI type=\"circle\">%s (hidden)<A HREF=\"%s\">.</A>\n", d, a_url); -+ out.Printf("<LI type=\"circle\">%s (hidden)<A HREF=\"%s\">.</A>\n", d, a_url); - else - /* disable link if authentication is required and we have no password */ - if (!strcmp(p, "protected") && !req->passwd) -- snprintf(html, sizeof(html), "<LI type=\"circle\">%s (requires <a href=\"%s\">authentication</a>)<A HREF=\"%s\">.</A>\n", -- d, menu_url(req, "authenticate"), a_url); -+ out.Printf("<LI type=\"circle\">%s (requires <a href=\"%s\">authentication</a>)<A HREF=\"%s\">.</A>\n", -+ d, menu_url(req, "authenticate"), a_url); - else - /* highlight protected but probably available entries */ - if (!strcmp(p, "protected")) -- snprintf(html, sizeof(html), "<LI type=\"square\"><A HREF=\"%s\"><font color=\"#FF0000\">%s</font></A>\n", -- a_url, d); -+ out.Printf("<LI type=\"square\"><A HREF=\"%s\"><font color=\"#FF0000\">%s</font></A>\n", -+ a_url, d); - - /* public entry or unknown type of protection */ - else -- snprintf(html, sizeof(html), "<LI type=\"disk\"><A HREF=\"%s\">%s</A>\n", a_url, d); -+ out.Printf("<LI type=\"disk\"><A HREF=\"%s\">%s</A>\n", a_url, d); - - xfree(a_url); - - xfree(buf_copy); -- -- return html; - } - --static const char * --munge_other_line(const char *buf, cachemgr_request * req) -+static void -+munge_other_line(MemBuf &out, const char *buf, cachemgr_request *) - { - static const char *ttags[] = {"td", "th"}; - -- static char html[4096]; - static int table_line_num = 0; - static int next_is_header = 0; - int is_header = 0; - const char *ttag; - char *buf_copy; - char *x, *p; -- int l = 0; - /* does it look like a table? */ - - if (!strchr(buf, '\t') || *buf == '\t') { - /* nope, just text */ -- snprintf(html, sizeof(html), "%s%s", -- table_line_num ? "</table>\n<pre>" : "", html_quote(buf)); -+ if (table_line_num) -+ out.append("</table>\n<pre>", 14); -+ out.Printf("%s", html_quote(buf)); - table_line_num = 0; -- return html; -+ return; - } - - /* start html table */ - if (!table_line_num) { -- l += snprintf(html + l, sizeof(html) - l, "</pre><table cellpadding=\"2\" cellspacing=\"1\">\n"); -+ out.append("</pre><table cellpadding=\"2\" cellspacing=\"1\">\n", 46); - next_is_header = 0; - } - -@@ -551,7 +548,7 @@ - ttag = ttags[is_header]; - - /* record starts */ -- l += snprintf(html + l, sizeof(html) - l, "<tr>"); -+ out.append("<tr>", 4); - - /* substitute '\t' */ - buf_copy = x = xstrdup(buf); -@@ -568,18 +565,17 @@ - ++x; - } - -- l += snprintf(html + l, sizeof(html) - l, "<%s colspan=\"%d\" align=\"%s\">%s</%s>", -- ttag, column_span, -- is_header ? "center" : is_number(cell) ? "right" : "left", -- html_quote(cell), ttag); -+ out.Printf("<%s colspan=\"%d\" align=\"%s\">%s</%s>", -+ ttag, column_span, -+ is_header ? "center" : is_number(cell) ? "right" : "left", -+ html_quote(cell), ttag); - } - - xfree(buf_copy); - /* record ends */ -- snprintf(html + l, sizeof(html) - l, "</tr>\n"); -+ out.append("</tr>\n", 6); - next_is_header = is_header && strstr(buf, "\t\t"); - ++table_line_num; -- return html; - } - - static const char * -@@ -736,14 +732,18 @@ - /* yes, fall through, we do not want to loose the first line */ - - case isBody: -+ { - /* interpret [and reformat] cache response */ -- -+ MemBuf out; -+ out.init(); - if (parse_menu) -- fputs(munge_menu_line(buf, req), stdout); -+ munge_menu_line(out, buf, req); - else -- fputs(munge_other_line(buf, req), stdout); -+ munge_other_line(out, buf, req); - -- break; -+ fputs(out.buf, stdout); -+ } -+ break; - - case isForward: - /* forward: no modifications allowed */ - diff --git a/src/patches/squid-3.4-13234.patch b/src/patches/squid-3.4-13234.patch deleted file mode 100644 index 6f701fa..0000000 --- a/src/patches/squid-3.4-13234.patch +++ /dev/null @@ -1,33 +0,0 @@ ------------------------------------------------------------- -revno: 13234 -revision-id: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj -parent: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11 -committer: Amos Jeffries <squid3(a)treenet.co.nz> -branch nick: 3.4 -timestamp: Wed 2016-04-20 22:14:37 +1200 -message: - nullptr is a C++11 feature ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 -# testament_sha1: 0f9f2a5b29a7ef02befe2a4e2e6357ef4bcffbce -# timestamp: 2016-04-20 10:51:03 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 -# base_revision_id: squid3(a)treenet.co.nz-20160420063907-\ -# hcnf4qmcg5hbjc11 -# -# Begin patch -=== modified file 'src/tests/stub_cbdata.cc' ---- src/tests/stub_cbdata.cc 2016-04-20 06:39:07 +0000 -+++ src/tests/stub_cbdata.cc 2016-04-20 10:14:37 +0000 -@@ -10,7 +10,7 @@ - } - void *cbdataInternalFree(void *p, const char *, int) { - xfree(p); -- return nullptr; -+ return NULL; - } - #if USE_CBDATA_DEBUG - void *cbdataInternalAllocDbg(cbdata_type type, const char *, int) STUB_RETVAL(NULL) - diff --git a/src/patches/squid-3.4-13235.patch b/src/patches/squid-3.4-13235.patch deleted file mode 100644 index e380225..0000000 --- a/src/patches/squid-3.4-13235.patch +++ /dev/null @@ -1,97 +0,0 @@ ------------------------------------------------------------- -revno: 13235 -revision-id: squid3(a)treenet.co.nz-20160420111514-4hpxglbn9k15l5sa -parent: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj -committer: Amos Jeffries <squid3(a)treenet.co.nz> -branch nick: 3.4 -timestamp: Wed 2016-04-20 23:15:14 +1200 -message: - Fix several ESI element construction issues - - * Do not wrap active logic in assert(). - - * Fix localbuf array bounds checking. - - * Add Must() conditions to verify array writes will succeed ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20160420111514-4hpxglbn9k15l5sa -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 -# testament_sha1: e95687b13c98667ab09966e7f94d511ca3e6ad96 -# timestamp: 2016-04-20 11:18:22 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 -# base_revision_id: squid3(a)treenet.co.nz-20160420101437-\ -# 36eofkldxfku61kj -# -# Begin patch -=== modified file 'src/esi/Esi.cc' ---- src/esi/Esi.cc 2013-06-27 15:58:46 +0000 -+++ src/esi/Esi.cc 2016-04-20 11:15:14 +0000 -@@ -991,7 +991,7 @@ - ESIElement::Pointer element; - int specifiedattcount = attrCount * 2; - char *position; -- assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */ -+ Must(ellen < sizeof(localbuf)); /* prevent unexpected overruns. */ - - debugs(86, 5, "ESIContext::Start: element '" << el << "' with " << specifiedattcount << " tags"); - -@@ -1005,15 +1005,17 @@ - /* Spit out elements we aren't interested in */ - localbuf[0] = '<'; - localbuf[1] = '\0'; -- assert (xstrncpy (&localbuf[1], el, sizeof(localbuf) - 2)); -+ xstrncpy(&localbuf[1], el, sizeof(localbuf) - 2); - position = localbuf + strlen (localbuf); - - for (i = 0; i < specifiedattcount && attr[i]; i += 2) { -+ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1); - *position = ' '; - ++position; - /* TODO: handle thisNode gracefully */ -- assert (xstrncpy (position, attr[i], sizeof(localbuf) + (position - localbuf))); -+ xstrncpy(position, attr[i], sizeof(localbuf) - (position - localbuf)); - position += strlen (position); -+ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2); - *position = '='; - ++position; - *position = '\"'; -@@ -1022,18 +1024,21 @@ - char ch; - while ((ch = *chPtr++) != '\0') { - if (ch == '\"') { -- assert( xstrncpy(position, """, sizeof(localbuf) + (position-localbuf)) ); -+ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 6); -+ xstrncpy(position, """, sizeof(localbuf) - (position-localbuf)); - position += 6; - } else { -+ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1); - *position = ch; - ++position; - } - } -- position += strlen (position); -+ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1); - *position = '\"'; - ++position; - } - -+ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2); - *position = '>'; - ++position; - *position = '\0'; -@@ -1119,11 +1124,11 @@ - switch (ESIElement::IdentifyElement (el)) { - - case ESIElement::ESI_ELEMENT_NONE: -- assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */ -+ Must(ellen < sizeof(localbuf) - 3); /* prevent unexpected overruns. */ - /* Add elements we aren't interested in */ - localbuf[0] = '<'; - localbuf[1] = '/'; -- assert (xstrncpy (&localbuf[2], el, sizeof(localbuf) - 3)); -+ xstrncpy(&localbuf[2], el, sizeof(localbuf) - 3); - position = localbuf + strlen (localbuf); - *position = '>'; - ++position; - -- 2.8.2

1 0

RE: RE: Re: update: LCDproc 0.5.6 (2012) to 0.5.7 (2014)
by g6094199＠freenet.de 10 May '16

10 May '16

ok guys. i promised to test. the package works...almost. 1. i still have to add my driver manualy...no problem so far. 2. the backlight doesnt work as expected anymore: before, the backlight turned on when u pushed a button. now the backlight stays off until to reach one special information screen (i guess it was LCD Server or called similar), then it turns on for a sec and returns back to off. regards sash > -----Ursprüngliche Nachricht----- > Von: Arne Fitzenreiter > Gesendet: Mo. 09.05.2016 16:26 > An: g6094199(a)freenet.de > Kopie: development(a)lists.ipfire.org > Betreff: RE: Re: update: LCDproc 0.5.6 (2012) to 0.5.7 (2014) > > You have still installed the version 0.5.6 because we have not get > feedback yet. > The new version 0.5.7 is only available in testing tree. >http://wiki.ipfire.org/en/configuration/ipfire/pakfire/testing?s[]=testing&… > > Arne > > > On 2016-05-09 10:39, g6094199(a)freenet.de wrote: >> Hi michael!, >> >> when will the update hit the release? i installed 102 and at least the >> LCDd.conf has still a diff to the current lcdproc release. >> why i know this....there is an SDEC driver based display mounted in my >> watchgurad box and i had still to add it manually to the config, while >> the official release has it added already. >> >> also: >> >> [root@ipfire ~]# lcdproc -v >> LCDproc 0.5.6 >> >> so plz do update all the missing diffs, not only the drivers. just to >> not confuse users like me ;-) >> >> BTW im happy to test, if u need somebody.... >> >> THX! >> >> sash >> >>> -----Ursprüngliche Nachricht----- >>> Von: Michael Tremer >>> Gesendet: Mo. 02.05.2016 21:02 >>> An: g6094199(a)freenet.de, development(a)lists.ipfire.org >>> Betreff: Re: update: LCDproc 0.5.6 (2012) to 0.5.7 (2014) >>> >>> Have a look at the release announcement today: >>> >>>" target="_blank">http://downloads.ipfire.org/release/ipfire-2.19-core101 >>> >>> -Michael >>> >>> On Mon, 2016-05-02 at 13:51 +0200, g6094199(a)freenet.de wrote: >>> > He Guys, >>> > >>> > i'm experimenting with LCDproc and saw that the packge is quiet >> outdated. I >>> > would be nice if someone could update the current state: >>> > >>> >https://sourceforge.net/projects/lcdproc/files/lcdproc/0.5.7/ [1] >>> > >>> > mainly they added some drivers (e.g. raspberry pi related) and >> updated some >>> > others which seems interesting for us >>> > >>> > >>> > regards >>> > sash >>> > >>> > >>> > --- >>> > Alle Postfächer an einem Ort. Jetzt wechseln und E-Mail-Adresse >> mitnehmen! >>> > Rundum glücklich mit freenetMail> >>> >>> -----Ursprüngliche Nachricht Ende-----SDEC >> >> --- >> Alle Postfächer an einem Ort. Jetzt wechseln und E-Mail-Adresse >> mitnehmen! Rundum glücklich mit freenetMail [2] >> >> Links: >> ------ >> [1] >>" target="_blank">https://sourceforge.net/projects/lcdproc/files/lcdproc/0.5.7/ >> [2] " target="_blank">https://email.freenet.de/mail/Uebersicht?epid=e9900000451 > > > > -----Ursprüngliche Nachricht Ende----- --- Alle Postfächer an einem Ort. Jetzt wechseln und E-Mail-Adresse mitnehmen! https://email.freenet.de/mail/Uebersicht?epid=e9900000451

1 1

[PATCH 1/2] New package: libcheck (dependency for kbd 2.0.3)
by Marcel Lorenz 09 May '16

09 May '16

This package is only need for build kbd version 2.0.3 No files from this package are needed in the distribution. The package was original named "check" but the make.sh can't handle this name. ;-) Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org> --- config/rootfiles/common/libcheck | 43 ++++++++++++++++++++++ lfs/libcheck | 77 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 120 insertions(+) create mode 100644 config/rootfiles/common/libcheck create mode 100644 lfs/libcheck diff --git a/config/rootfiles/common/libcheck b/config/rootfiles/common/libcheck new file mode 100644 index 0000000..0af3fcf --- /dev/null +++ b/config/rootfiles/common/libcheck @@ -0,0 +1,43 @@ +#usr/bin/checkmk +#usr/include/check.h +#usr/include/check_stdint.h +#usr/lib/libcheck.a +#usr/lib/libcheck.la +#usr/lib/libcheck.so +#usr/lib/libcheck.so.0 +#usr/lib/libcheck.so.0.0.0 +#usr/lib/pkgconfig/check.pc +#usr/share/aclocal/check.m4 +#usr/share/doc/check +#usr/share/doc/check/COPYING.LESSER +#usr/share/doc/check/ChangeLog +#usr/share/doc/check/ChangeLogOld +#usr/share/doc/check/NEWS +#usr/share/doc/check/README +#usr/share/doc/check/SVNChangeLog +#usr/share/doc/check/example +#usr/share/doc/check/example/Makefile.am +#usr/share/doc/check/example/README +#usr/share/doc/check/example/configure.ac +#usr/share/doc/check/example/src +#usr/share/doc/check/example/src/Makefile.am +#usr/share/doc/check/example/src/main.c +#usr/share/doc/check/example/src/money.1.c +#usr/share/doc/check/example/src/money.1.h +#usr/share/doc/check/example/src/money.2.h +#usr/share/doc/check/example/src/money.3.c +#usr/share/doc/check/example/src/money.4.c +#usr/share/doc/check/example/src/money.5.c +#usr/share/doc/check/example/src/money.6.c +#usr/share/doc/check/example/src/money.c +#usr/share/doc/check/example/src/money.h +#usr/share/doc/check/example/tests +#usr/share/doc/check/example/tests/Makefile.am +#usr/share/doc/check/example/tests/check_money.1.c +#usr/share/doc/check/example/tests/check_money.2.c +#usr/share/doc/check/example/tests/check_money.3.c +#usr/share/doc/check/example/tests/check_money.6.c +#usr/share/doc/check/example/tests/check_money.7.c +#usr/share/doc/check/example/tests/check_money.c +#usr/share/info/check.info +#usr/share/man/man1/checkmk.1 diff --git a/lfs/libcheck b/lfs/libcheck new file mode 100644 index 0000000..6e6291e --- /dev/null +++ b/lfs/libcheck @@ -0,0 +1,77 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2012 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see <http://www.gnu.org/licenses/>. # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 0.10.0 + +THISAPP = check-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 53c5e5c77d090e103a17f3ed7fd7d8b8 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) -- 1.9.1

2 4

RE: Re: update: LCDproc 0.5.6 (2012) to 0.5.7 (2014)
by g6094199＠freenet.de 09 May '16

09 May '16

Hi michael!, when will the update hit the release? i installed 102 and at least the LCDd.conf has still a diff to the current lcdproc release. why i know this....there is an SDEC driver based display mounted in my watchgurad box and i had still to add it manually to the config, while the official release has it added already. also: [root@ipfire ~]# lcdproc -v LCDproc 0.5.6 so plz do update all the missing diffs, not only the drivers. just to not confuse users like me ;-) BTW im happy to test, if u need somebody.... THX! sash > -----Ursprüngliche Nachricht----- > Von: Michael Tremer > Gesendet: Mo. 02.05.2016 21:02 > An: g6094199(a)freenet.de, development(a)lists.ipfire.org > Betreff: Re: update: LCDproc 0.5.6 (2012) to 0.5.7 (2014) > > Have a look at the release announcement today: > > http://downloads.ipfire.org/release/ipfire-219-core101 > > -Michael > > On Mon, 2016-05-02 at 13:51 +0200, g6094199(a)freenet.de wrote: > > He Guys, > > > > i'm experimenting with LCDproc and saw that the packge is quiet outdated. I > > would be nice if someone could update the current state: > > > > https://sourceforge.net/projects/lcdproc/files/lcdproc/0.5.7/ > > > > mainly they added some drivers (e.g. raspberry pi related) and updated some > > others which seems interesting for us > > > > > > regards > > sash > > > > > > --- > > Alle Postfächer an einem Ort. Jetzt wechseln und E-Mail-Adresse mitnehmen! > > Rundum glücklich mit freenetMail> > > -----Ursprüngliche Nachricht Ende-----SDEC --- Alle Postfächer an einem Ort. Jetzt wechseln und E-Mail-Adresse mitnehmen! Rundum glücklich mit freenetMail

2 1

New package libvirt
by Jonatan Schlag 07 May '16

07 May '16

These patch series contain all changes for libvirt. I tried to describe everything, that is necessary, in the commit messages. If there are questions just ask :-) Regards Jonatan

1 6

[PATCH] squid: Update to 3.5.18
by Matthias Fischer 07 May '16

07 May '16

Removed unecessary quotations and two configure-options, see: ftp://ftp.fu-berlin.de/unix/www/squid/archive/3.1/squid-3.1.0.16-RELEASENOTES.html --with-aio Deprecated. POSIX AIO is now auto-detected and enabled. Use --without-aio to disable, but only if you really have to. --with-pthreads Deprecated. pthreads library is now auto-detected and enabled. Use --without-pthreads to disable, but only if you really have to. Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> --- lfs/squid | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/lfs/squid b/lfs/squid index 66ad875..a7edc9d 100644 --- a/lfs/squid +++ b/lfs/squid @@ -24,7 +24,7 @@ include Config -VER = 3.5.17 +VER = 3.5.18 THISAPP = squid-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 2dc73cc01e77b1bd16d9070780ae79b1 +$(DL_FILE)_MD5 = 9ae3843c341e8a142e963ab937c51cdd install : $(TARGET) @@ -92,10 +92,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --disable-ipv6 \ --enable-poll \ --enable-ident-lookups \ - --enable-storeio="aufs,diskd,ufs" \ + --enable-storeio=aufs,diskd,ufs \ --enable-underscores \ --enable-http-violations \ - --enable-removal-policies="heap,lru" \ + --enable-removal-policies=heap,lru \ --enable-delay-pools \ --enable-linux-netfilter \ --enable-snmp \ @@ -119,11 +119,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --enable-kill-parent-hack \ --enable-icap-client \ --enable-zph-qos \ - --with-pthreads \ --with-dl \ --with-filedescriptors=$$(( 16384 * 64 )) \ - --with-large-files \ - --with-aio + --with-large-files cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install -- 2.8.2

2 3

[PATCH] dnsmasq: Update to 2.76test13 with latest patches (001-006)
by Matthias Fischer 05 May '16

05 May '16

Update from 'dnsmasq 2.76test10' to '2.76test13' Includes latest patches (001-006) from upstream. Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> --- lfs/dnsmasq | 15 +- ...TL_parameter_to_--host-record_and_--cname.patch | 265 ----------- .../dnsmasq/001-Debian_init_d_script_fix.patch | 74 +++ .../dnsmasq/002-Add_--dhcp-ttl_option.patch | 117 ----- .../dnsmasq/002-Add_--help_to_manpage.patch | 66 +++ ...nd_dhcp_lease_time_to_contrib_lease_tools.patch | 73 +++ src/patches/dnsmasq/003-Update_CHANGELOG.patch | 17 - .../dnsmasq/004-Add_--tftp-mtu_option.patch | 136 ------ ...004-Add_contrib_lease-tools_dhcp_release6.patch | 528 +++++++++++++++++++++ ...ease_length_to_TTL_when_--dhcp-ttl_in_use.patch | 37 -- ...am_nameservers_when_logging_configuration.patch | 85 ++++ ..._interface_when_--bridge-interface_in_use.patch | 70 +++ 12 files changed, 904 insertions(+), 579 deletions(-) delete mode 100644 src/patches/dnsmasq/001-Add_TTL_parameter_to_--host-record_and_--cname.patch create mode 100644 src/patches/dnsmasq/001-Debian_init_d_script_fix.patch delete mode 100644 src/patches/dnsmasq/002-Add_--dhcp-ttl_option.patch create mode 100644 src/patches/dnsmasq/002-Add_--help_to_manpage.patch create mode 100644 src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch delete mode 100644 src/patches/dnsmasq/003-Update_CHANGELOG.patch delete mode 100644 src/patches/dnsmasq/004-Add_--tftp-mtu_option.patch create mode 100644 src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch delete mode 100644 src/patches/dnsmasq/005-Apply_ceiling_of_lease_length_to_TTL_when_--dhcp-ttl_in_use.patch create mode 100644 src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch create mode 100644 src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch diff --git a/lfs/dnsmasq b/lfs/dnsmasq index 84585c1..feb1789 100644 --- a/lfs/dnsmasq +++ b/lfs/dnsmasq @@ -24,7 +24,7 @@ include Config -VER = 2.76test10 +VER = 2.76test13 THISAPP = dnsmasq-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -43,7 +43,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 4b51474ed6081b18c61407077f254cf7 +$(DL_FILE)_MD5 = bb66cef5b41e0cddf8272b0911855568 install : $(TARGET) @@ -73,11 +73,12 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/001-Add_TTL_parameter_to_--host-record_and_--cname.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/002-Add_--dhcp-ttl_option.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/003-Update_CHANGELOG.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/004-Add_--tftp-mtu_option.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/005-Apply_ceiling_of_lease_length_to_TTL_when_--dhcp-ttl_in_use.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/001-Debian_init_d_script_fix.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/002-Add_--help_to_manpage.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch cd $(DIR_APP) && sed -i src/config.h \ diff --git a/src/patches/dnsmasq/001-Add_TTL_parameter_to_--host-record_and_--cname.patch b/src/patches/dnsmasq/001-Add_TTL_parameter_to_--host-record_and_--cname.patch deleted file mode 100644 index 86fbc9c..0000000 --- a/src/patches/dnsmasq/001-Add_TTL_parameter_to_--host-record_and_--cname.patch +++ /dev/null @@ -1,265 +0,0 @@ -From df3d54f776a3c9b60735b45c0b7fd88b66a2d5c4 Mon Sep 17 00:00:00 2001 -From: Simon Kelley <simon(a)thekelleys.org.uk> -Date: Wed, 24 Feb 2016 21:03:38 +0000 -Subject: [PATCH] Add TTL parameter to --host-record and --cname. - ---- - man/dnsmasq.8 | 12 ++++++++++-- - src/cache.c | 7 +++++++ - src/dnsmasq.h | 2 ++ - src/option.c | 46 ++++++++++++++++++++++++++++++++++++++-------- - src/rfc1035.c | 6 +++++- - 5 files changed, 62 insertions(+), 11 deletions(-) - -diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 -index b782eaf..7bc1394 100644 ---- a/man/dnsmasq.8 -+++ b/man/dnsmasq.8 -@@ -529,7 +529,7 @@ zone files: the port, weight and priority numbers are in a different - order. More than one SRV record for a given service/domain is allowed, - all that match are returned. - .TP --.B --host-record=<name>[,<name>....],[<IPv4-address>],[<IPv6-address>] -+.B --host-record=<name>[,<name>....],[<IPv4-address>],[<IPv6-address>][,<TTL>] - Add A, AAAA and PTR records to the DNS. This adds one or more names to - the DNS with associated IPv4 (A) and IPv6 (AAAA) records. A name may - appear in more than one -@@ -546,6 +546,10 @@ is in effect. Short and long names may appear in the same - .B host-record, - eg. - .B --host-record=laptop,laptop.thekelleys.org,192.168.0.1,1234::100 -+ -+If the time-to-live is given, it overrides the default, which is zero -+or the value of --local-ttl. The value is a positive integer and gives -+the time-to-live in seconds. - .TP - .B \-Y, --txt-record=<name>[[,<text>],<text>] - Return a TXT DNS record. The value of TXT record is a set of strings, -@@ -559,7 +563,7 @@ Return a PTR DNS record. - .B --naptr-record=<name>,<order>,<preference>,<flags>,<service>,<regexp>[,<replacement>] - Return an NAPTR DNS record, as specified in RFC3403. - .TP --.B --cname=<cname>,<target> -+.B --cname=<cname>,<target>[,<TTL>] - Return a CNAME record which indicates that <cname> is really - <target>. There are significant limitations on the target; it must be a - DNS name which is known to dnsmasq from /etc/hosts (or additional -@@ -568,6 +572,10 @@ hosts files), from DHCP, from --interface-name or from another - If the target does not satisfy this - criteria, the whole cname is ignored. The cname must be unique, but it - is permissable to have more than one cname pointing to the same target. -+ -+If the time-to-live is given, it overrides the default, which is zero -+or the value of -local-ttl. The value is a positive integer and gives -+the time-to-live in seconds. - .TP - .B --dns-rr=<name>,<RR-number>,[<hex data>] - Return an arbitrary DNS Resource Record. The number is the type of the -diff --git a/src/cache.c b/src/cache.c -index a9eaa65..4ecd535 100644 ---- a/src/cache.c -+++ b/src/cache.c -@@ -778,6 +778,7 @@ static void add_hosts_cname(struct crec *target) - (crec = whine_malloc(sizeof(struct crec)))) - { - crec->flags = F_FORWARD | F_IMMORTAL | F_NAMEP | F_CONFIG | F_CNAME; -+ crec->ttd = a->ttl; - crec->name.namep = a->alias; - crec->addr.cname.target.cache = target; - crec->addr.cname.uid = target->uid; -@@ -981,6 +982,7 @@ int read_hostsfile(char *filename, unsigned int index, int cache_size, struct cr - strcat(cache->name.sname, "."); - strcat(cache->name.sname, domain_suffix); - cache->flags = flags; -+ cache->ttd = daemon->local_ttl; - add_hosts_entry(cache, &addr, addrlen, index, rhash, hashsz); - name_count++; - } -@@ -988,6 +990,7 @@ int read_hostsfile(char *filename, unsigned int index, int cache_size, struct cr - { - strcpy(cache->name.sname, canon); - cache->flags = flags; -+ cache->ttd = daemon->local_ttl; - add_hosts_entry(cache, &addr, addrlen, index, rhash, hashsz); - name_count++; - } -@@ -1057,6 +1060,7 @@ void cache_reload(void) - ((cache = whine_malloc(sizeof(struct crec))))) - { - cache->flags = F_FORWARD | F_NAMEP | F_CNAME | F_IMMORTAL | F_CONFIG; -+ cache->ttd = a->ttl; - cache->name.namep = a->alias; - cache->addr.cname.target.int_name = intr; - cache->addr.cname.uid = SRC_INTERFACE; -@@ -1071,6 +1075,7 @@ void cache_reload(void) - (cache->addr.ds.keydata = blockdata_alloc(ds->digest, ds->digestlen))) - { - cache->flags = F_FORWARD | F_IMMORTAL | F_DS | F_CONFIG | F_NAMEP; -+ cache->ttd = daemon->local_ttl; - cache->name.namep = ds->name; - cache->addr.ds.keylen = ds->digestlen; - cache->addr.ds.algo = ds->algo; -@@ -1095,6 +1100,7 @@ void cache_reload(void) - (cache = whine_malloc(sizeof(struct crec)))) - { - cache->name.namep = nl->name; -+ cache->ttd = hr->ttl; - cache->flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV4 | F_NAMEP | F_CONFIG; - add_hosts_entry(cache, (struct all_addr *)&hr->addr, INADDRSZ, SRC_CONFIG, (struct crec **)daemon->packet, revhashsz); - } -@@ -1103,6 +1109,7 @@ void cache_reload(void) - (cache = whine_malloc(sizeof(struct crec)))) - { - cache->name.namep = nl->name; -+ cache->ttd = hr->ttl; - cache->flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV6 | F_NAMEP | F_CONFIG; - add_hosts_entry(cache, (struct all_addr *)&hr->addr6, IN6ADDRSZ, SRC_CONFIG, (struct crec **)daemon->packet, revhashsz); - } -diff --git a/src/dnsmasq.h b/src/dnsmasq.h -index 6d1c5ae..6344df5 100644 ---- a/src/dnsmasq.h -+++ b/src/dnsmasq.h -@@ -308,6 +308,7 @@ struct ptr_record { - }; - - struct cname { -+ int ttl; - char *alias, *target; - struct cname *next; - }; -@@ -344,6 +345,7 @@ struct auth_zone { - - - struct host_record { -+ int ttl; - struct name_list { - char *name; - struct name_list *next; -diff --git a/src/option.c b/src/option.c -index c98bdc9..7c5e6bc 100644 ---- a/src/option.c -+++ b/src/option.c -@@ -448,20 +448,20 @@ static struct { - { LOPT_GEN_NAMES, ARG_DUP, "[=tag:<tag>]", gettext_noop("Generate hostnames based on MAC address for nameless clients."), NULL}, - { LOPT_PROXY, ARG_DUP, "[=<ipaddr>]...", gettext_noop("Use these DHCP relays as full proxies."), NULL }, - { LOPT_RELAY, ARG_DUP, "<local-addr>,<server>[,<interface>]", gettext_noop("Relay DHCP requests to a remote server"), NULL}, -- { LOPT_CNAME, ARG_DUP, "<alias>,<target>", gettext_noop("Specify alias name for LOCAL DNS name."), NULL }, -+ { LOPT_CNAME, ARG_DUP, "<alias>,<target>[,<ttl>]", gettext_noop("Specify alias name for LOCAL DNS name."), NULL }, - { LOPT_PXE_PROMT, ARG_DUP, "<prompt>,[<timeout>]", gettext_noop("Prompt to send to PXE clients."), NULL }, - { LOPT_PXE_SERV, ARG_DUP, "<service>", gettext_noop("Boot service for PXE menu."), NULL }, - { LOPT_TEST, 0, NULL, gettext_noop("Check configuration syntax."), NULL }, - { LOPT_ADD_MAC, ARG_DUP, "[=base64|text]", gettext_noop("Add requestor's MAC address to forwarded DNS queries."), NULL }, - { LOPT_ADD_SBNET, ARG_ONE, "<v4 pref>[,<v6 pref>]", gettext_noop("Add specified IP subnet to forwarded DNS queries."), NULL }, -- { LOPT_CPE_ID, ARG_ONE, "<text>", gettext_noop("Add client identification to forwarded DNS queries."), NULL }, -+ { LOPT_CPE_ID, ARG_ONE, "<text>", gettext_noop("Add client identification to forwarded DNS queries."), NULL }, - { LOPT_DNSSEC, OPT_DNSSEC_PROXY, NULL, gettext_noop("Proxy DNSSEC validation results from upstream nameservers."), NULL }, - { LOPT_INCR_ADDR, OPT_CONSEC_ADDR, NULL, gettext_noop("Attempt to allocate sequential IP addresses to DHCP clients."), NULL }, - { LOPT_CONNTRACK, OPT_CONNTRACK, NULL, gettext_noop("Copy connection-track mark from queries to upstream connections."), NULL }, - { LOPT_FQDN, OPT_FQDN_UPDATE, NULL, gettext_noop("Allow DHCP clients to do their own DDNS updates."), NULL }, - { LOPT_RA, OPT_RA, NULL, gettext_noop("Send router-advertisements for interfaces doing DHCPv6"), NULL }, - { LOPT_DUID, ARG_ONE, "<enterprise>,<duid>", gettext_noop("Specify DUID_EN-type DHCPv6 server DUID"), NULL }, -- { LOPT_HOST_REC, ARG_DUP, "<name>,<address>", gettext_noop("Specify host (A/AAAA and PTR) records"), NULL }, -+ { LOPT_HOST_REC, ARG_DUP, "<name>,<address>[,<ttl>]", gettext_noop("Specify host (A/AAAA and PTR) records"), NULL }, - { LOPT_RR, ARG_DUP, "<name>,<RR-number>,[<data>]", gettext_noop("Specify arbitrary DNS resource record"), NULL }, - { LOPT_CLVERBIND, OPT_CLEVERBIND, NULL, gettext_noop("Bind to interfaces in use - check for new interfaces"), NULL }, - { LOPT_AUTHSERV, ARG_ONE, "<NS>,<interface>", gettext_noop("Export local names to global DNS"), NULL }, -@@ -3692,12 +3692,15 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - case LOPT_CNAME: /* --cname */ - { - struct cname *new; -- char *alias; -- char *target; -+ char *alias, *target, *ttls; -+ int ttl = -1; - - if (!(comma = split(arg))) - ret_err(gen_err); - -+ if ((ttls = split(comma)) && !atoi_check(ttls, &ttl)) -+ ret_err(_("bad TTL")); -+ - alias = canonicalise_opt(arg); - target = canonicalise_opt(comma); - -@@ -3713,6 +3716,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - daemon->cnames = new; - new->alias = alias; - new->target = target; -+ new->ttl = ttl; - } - - break; -@@ -3913,14 +3917,22 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - { - struct host_record *new = opt_malloc(sizeof(struct host_record)); - memset(new, 0, sizeof(struct host_record)); -- -+ new->ttl = -1; -+ - if (!arg || !(comma = split(arg))) - ret_err(_("Bad host-record")); - - while (arg) - { - struct all_addr addr; -- if (inet_pton(AF_INET, arg, &addr)) -+ char *dig; -+ -+ for (dig = arg; *dig != 0; dig++) -+ if (*dig < '0' || *dig > '9') -+ break; -+ if (*dig == 0) -+ new->ttl = atoi(arg); -+ else if (inet_pton(AF_INET, arg, &addr)) - new->addr = addr.addr.addr4; - #ifdef HAVE_IPV6 - else if (inet_pton(AF_INET6, arg, &addr)) -@@ -4601,7 +4613,25 @@ void read_opts(int argc, char **argv, char *compile_opts) - } - } - } -- -+ -+ if (daemon->host_records) -+ { -+ struct host_record *hr; -+ -+ for (hr = daemon->host_records; hr; hr = hr->next) -+ if (hr->ttl == -1) -+ hr->ttl = daemon->local_ttl; -+ } -+ -+ if (daemon->cnames) -+ { -+ struct cname *cn; -+ -+ for (cn = daemon->cnames; cn; cn = cn->next) -+ if (cn->ttl == -1) -+ cn->ttl = daemon->local_ttl; -+ } -+ - if (daemon->if_addrs) - { - struct iname *tmp; -diff --git a/src/rfc1035.c b/src/rfc1035.c -index 9c0ddb5..3535a71 100644 ---- a/src/rfc1035.c -+++ b/src/rfc1035.c -@@ -1169,9 +1169,13 @@ static unsigned long crec_ttl(struct crec *crecp, time_t now) - /* Return 0 ttl for DHCP entries, which might change - before the lease expires. */ - -- if (crecp->flags & (F_IMMORTAL | F_DHCP)) -+ if (crecp->flags & F_DHCP) - return daemon->local_ttl; - -+ /* Immortal entries other than DHCP are local, and hold TTL in TTD field. */ -+ if (crecp->flags & F_IMMORTAL) -+ return crecp->ttd; -+ - /* Return the Max TTL value if it is lower then the actual TTL */ - if (daemon->max_ttl == 0 || ((unsigned)(crecp->ttd - now) < daemon->max_ttl)) - return crecp->ttd - now; --- -1.7.10.4 - diff --git a/src/patches/dnsmasq/001-Debian_init_d_script_fix.patch b/src/patches/dnsmasq/001-Debian_init_d_script_fix.patch new file mode 100644 index 0000000..86d0480 --- /dev/null +++ b/src/patches/dnsmasq/001-Debian_init_d_script_fix.patch @@ -0,0 +1,74 @@ +From 332c41e2ff533649dc48b6bab00804d795f348f5 Mon Sep 17 00:00:00 2001 +From: Simon Kelley <simon(a)thekelleys.org.uk> +Date: Sun, 1 May 2016 22:36:46 +0100 +Subject: [PATCH] Debian init.d script fix. + +--- + debian/changelog | 8 +++++--- + debian/init | 14 +++++++------- + 2 files changed, 12 insertions(+), 10 deletions(-) + +diff --git a/debian/changelog b/debian/changelog +index e727406..8a0341c 100644 +--- a/debian/changelog ++++ b/debian/changelog +@@ -3,19 +3,21 @@ dnsmasq (2.76-1) unstable; urgency=low + * New upstream. (closes: #798586) + * Use /run/dnsmasq directly, rather than relying on link from /var/run + to avoid problems before /var is mounted. (closes: #800351) +- ++ * Test for the existance of /usr/share/doc/dnsmasq rather then ++ /etc/dnsmasq.d/README in the daemon startup script. (closes: #819856) ++ + -- Simon Kelley <simon(a)thekelleys.org.uk> Thur, 10 Sep 2015 23:07:21 +0000 + + dnsmasq (2.75-1) unstable; urgency=low + + * New upstream. (closes: #794095) +- ++ + -- Simon Kelley <simon(a)thekelleys.org.uk> Thur, 30 Jul 2015 20:58:31 +0000 + + dnsmasq (2.74-1) unstable; urgency=low + + * New upstream. (LP: #1468611) +- ++ + -- Simon Kelley <simon(a)thekelleys.org.uk> Wed, 15 Jul 2015 21:54:11 +0000 + + dnsmasq (2.73-2) unstable; urgency=low +diff --git a/debian/init b/debian/init +index 6afe191..10b277c 100644 +--- a/debian/init ++++ b/debian/init +@@ -8,7 +8,8 @@ + # Description: DHCP and DNS server + ### END INIT INFO + +-set +e # Don't exit on error status ++# Don't exit on error status ++set +e + + PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin + DAEMON=/usr/sbin/dnsmasq +@@ -29,12 +30,11 @@ if [ -r /etc/default/locale ]; then + export LANG + fi + +-# /etc/dnsmasq.d/README is a non-conffile installed by the dnsmasq package. +-# Should the dnsmasq package be removed, the following test ensures that +-# the daemon is no longer started, even if the dnsmasq-base package is +-# still in place. +-test -e /etc/dnsmasq.d/README || exit 0 +- ++# The following test ensures the dnsmasq service is not started, when the ++# package 'dnsmasq' is removed but not purged, even if the dnsmasq-base ++# package is still in place. ++test -d /usr/share/doc/dnsmasq || exit 0 ++ + test -x $DAEMON || exit 0 + + # Provide skeleton LSB log functions for backports which don't have LSB functions. +-- +2.5.5 + diff --git a/src/patches/dnsmasq/002-Add_--dhcp-ttl_option.patch b/src/patches/dnsmasq/002-Add_--dhcp-ttl_option.patch deleted file mode 100644 index 45e3b9b..0000000 --- a/src/patches/dnsmasq/002-Add_--dhcp-ttl_option.patch +++ /dev/null @@ -1,117 +0,0 @@ -From 832e47beab95c2918b5264f0504f2fe6fe523e4c Mon Sep 17 00:00:00 2001 -From: Simon Kelley <simon(a)thekelleys.org.uk> -Date: Wed, 24 Feb 2016 21:24:45 +0000 -Subject: [PATCH] Add --dhcp-ttl option. - ---- - man/dnsmasq.8 | 5 ++++- - src/dnsmasq.h | 2 +- - src/option.c | 13 +++++++++++-- - src/rfc1035.c | 2 +- - 4 files changed, 17 insertions(+), 5 deletions(-) - -diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 -index 7bc1394..2bcce20 100644 ---- a/man/dnsmasq.8 -+++ b/man/dnsmasq.8 -@@ -60,7 +60,7 @@ in the same way as for DHCP-derived names. Note that this does not - apply to domain names in cnames, PTR records, TXT records etc. - .TP - .B \-T, --local-ttl=<time> --When replying with information from /etc/hosts or the DHCP leases -+When replying with information from /etc/hosts or configuration or the DHCP leases - file dnsmasq by default sets the time-to-live field to zero, meaning - that the requester should not itself cache the information. This is - the correct thing to do in almost all situations. This option allows a -@@ -68,6 +68,9 @@ time-to-live (in seconds) to be given for these replies. This will - reduce the load on the server at the expense of clients using stale - data under some circumstances. - .TP -+.B --dhcp-ttl=<time> -+As for --local-ttl, but affects only replies with information from DHCP leases. If both are given, --dhcp-ttl applies for DHCP information, and --local-ttl for others. Setting this to zero eliminates the effect of --local-ttl for DHCP. -+.TP - .B --neg-ttl=<time> - Negative replies from upstream servers normally contain time-to-live - information in SOA records which dnsmasq uses for caching. If the -diff --git a/src/dnsmasq.h b/src/dnsmasq.h -index 6344df5..9f73c3b 100644 ---- a/src/dnsmasq.h -+++ b/src/dnsmasq.h -@@ -955,7 +955,7 @@ extern struct daemon { - int max_logs; /* queue limit */ - int cachesize, ftabsize; - int port, query_port, min_port, max_port; -- unsigned long local_ttl, neg_ttl, max_ttl, min_cache_ttl, max_cache_ttl, auth_ttl; -+ unsigned long local_ttl, neg_ttl, max_ttl, min_cache_ttl, max_cache_ttl, auth_ttl, dhcp_ttl, use_dhcp_ttl; - char *dns_client_id; - struct hostsfile *addn_hosts; - struct dhcp_context *dhcp, *dhcp6; -diff --git a/src/option.c b/src/option.c -index 7c5e6bc..3f6d162 100644 ---- a/src/option.c -+++ b/src/option.c -@@ -157,6 +157,7 @@ struct myoption { - #define LOPT_MAXPORT 345 - #define LOPT_CPE_ID 346 - #define LOPT_SCRIPT_ARP 347 -+#define LOPT_DHCPTTL 348 - - #ifdef HAVE_GETOPT_LONG - static const struct option opts[] = -@@ -319,6 +320,7 @@ static const struct myoption opts[] = - { "quiet-ra", 0, 0, LOPT_QUIET_RA }, - { "dns-loop-detect", 0, 0, LOPT_LOOP_DETECT }, - { "script-arp", 0, 0, LOPT_SCRIPT_ARP }, -+ { "dhcp-ttl", 1, 0 , LOPT_DHCPTTL }, - { NULL, 0, 0, 0 } - }; - -@@ -485,9 +487,10 @@ static struct { - { LOPT_QUIET_DHCP, OPT_QUIET_DHCP, NULL, gettext_noop("Do not log routine DHCP."), NULL }, - { LOPT_QUIET_DHCP6, OPT_QUIET_DHCP6, NULL, gettext_noop("Do not log routine DHCPv6."), NULL }, - { LOPT_QUIET_RA, OPT_QUIET_RA, NULL, gettext_noop("Do not log RA."), NULL }, -- { LOPT_LOCAL_SERVICE, OPT_LOCAL_SERVICE, NULL, gettext_noop("Accept queries only from directly-connected networks"), NULL }, -- { LOPT_LOOP_DETECT, OPT_LOOP_DETECT, NULL, gettext_noop("Detect and remove DNS forwarding loops"), NULL }, -+ { LOPT_LOCAL_SERVICE, OPT_LOCAL_SERVICE, NULL, gettext_noop("Accept queries only from directly-connected networks."), NULL }, -+ { LOPT_LOOP_DETECT, OPT_LOOP_DETECT, NULL, gettext_noop("Detect and remove DNS forwarding loops."), NULL }, - { LOPT_IGNORE_ADDR, ARG_DUP, "<ipaddr>", gettext_noop("Ignore DNS responses containing ipaddr."), NULL }, -+ { LOPT_DHCPTTL, ARG_ONE, "<ttl>", gettext_noop("Set TTL in DNS responses with DHCP-derived addresses."), NULL }, - { 0, 0, NULL, NULL, NULL } - }; - -@@ -2580,6 +2583,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - case LOPT_MINCTTL: /* --min-cache-ttl */ - case LOPT_MAXCTTL: /* --max-cache-ttl */ - case LOPT_AUTHTTL: /* --auth-ttl */ -+ case LOPT_DHCPTTL: /* --dhcp-ttl */ - { - int ttl; - if (!atoi_check(arg, &ttl)) -@@ -2598,6 +2602,11 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - daemon->max_cache_ttl = (unsigned long)ttl; - else if (option == LOPT_AUTHTTL) - daemon->auth_ttl = (unsigned long)ttl; -+ else if (option == LOPT_DHCPTTL) -+ { -+ daemon->dhcp_ttl = (unsigned long)ttl; -+ daemon->use_dhcp_ttl = 1; -+ } - else - daemon->local_ttl = (unsigned long)ttl; - break; -diff --git a/src/rfc1035.c b/src/rfc1035.c -index 3535a71..8f1e3b4 100644 ---- a/src/rfc1035.c -+++ b/src/rfc1035.c -@@ -1170,7 +1170,7 @@ static unsigned long crec_ttl(struct crec *crecp, time_t now) - before the lease expires. */ - - if (crecp->flags & F_DHCP) -- return daemon->local_ttl; -+ return daemon->use_dhcp_ttl ? daemon->dhcp_ttl : daemon->local_ttl; - - /* Immortal entries other than DHCP are local, and hold TTL in TTD field. */ - if (crecp->flags & F_IMMORTAL) --- -1.7.10.4 - diff --git a/src/patches/dnsmasq/002-Add_--help_to_manpage.patch b/src/patches/dnsmasq/002-Add_--help_to_manpage.patch new file mode 100644 index 0000000..82de3ee --- /dev/null +++ b/src/patches/dnsmasq/002-Add_--help_to_manpage.patch @@ -0,0 +1,66 @@ +From 09217a1a874c654bfd4d29a1097f44435b4c632d Mon Sep 17 00:00:00 2001 +From: Simon Kelley <simon(a)thekelleys.org.uk> +Date: Tue, 3 May 2016 17:04:35 +0100 +Subject: [PATCH] Add --help to manpage . + +--- + debian/changelog | 1 + + man/dnsmasq.8 | 9 ++++++++- + src/option.c | 2 +- + 3 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/debian/changelog b/debian/changelog +index 8a0341c..e028f57 100644 +--- a/debian/changelog ++++ b/debian/changelog +@@ -5,6 +5,7 @@ dnsmasq (2.76-1) unstable; urgency=low + to avoid problems before /var is mounted. (closes: #800351) + * Test for the existance of /usr/share/doc/dnsmasq rather then + /etc/dnsmasq.d/README in the daemon startup script. (closes: #819856) ++ * Add --help to manpage and mention dhcp6 in summary. (closes: #821226) + + -- Simon Kelley <simon(a)thekelleys.org.uk> Thur, 10 Sep 2015 23:07:21 +0000 + +diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 +index fd4b7c5..dacd9ce 100644 +--- a/man/dnsmasq.8 ++++ b/man/dnsmasq.8 +@@ -42,6 +42,13 @@ the configuration file. + Read and syntax check configuration file(s). Exit with code 0 if all + is OK, or a non-zero code otherwise. Do not start up dnsmasq. + .TP ++.B \-w, --help ++Display all command-line options. ++.B --help dhcp ++will display known DHCPv4 configuration options, and ++.B --help dhcp6 ++will display DHCPv6 options. ++.TP + .B \-h, --no-hosts + Don't read the hostnames in /etc/hosts. + .TP +@@ -317,7 +324,7 @@ instead of the correct NXDOMAIN response. This option tells dnsmasq to + fake the correct response when it sees this behaviour. As at Sept 2003 + the IP address being returned by Verisign is 64.94.110.11 + .TP +-.B \-B, --ignore-address=<ipaddr> ++.B --ignore-address=<ipaddr> + Ignore replies to A-record queries which include the specified address. + No error is generated, dnsmasq simply continues to listen for another reply. + This is useful to defeat blocking strategies which rely on quickly supplying a +diff --git a/src/option.c b/src/option.c +index c66f401..0b35500 100644 +--- a/src/option.c ++++ b/src/option.c +@@ -402,7 +402,7 @@ static struct { + { 'v', 0, NULL, gettext_noop("Display dnsmasq version and copyright information."), NULL }, + { 'V', ARG_DUP, "<ipaddr>,<ipaddr>,<netmask>", gettext_noop("Translate IPv4 addresses from upstream servers."), NULL }, + { 'W', ARG_DUP, "<name>,<target>,...", gettext_noop("Specify a SRV record."), NULL }, +- { 'w', 0, NULL, gettext_noop("Display this message. Use --help dhcp for known DHCP options."), NULL }, ++ { 'w', 0, NULL, gettext_noop("Display this message. Use --help dhcp or --help dhcp6 for known DHCP options."), NULL }, + { 'x', ARG_ONE, "<path>", gettext_noop("Specify path of PID file (defaults to %s)."), RUNFILE }, + { 'X', ARG_ONE, "<integer>", gettext_noop("Specify maximum number of DHCP leases (defaults to %s)."), "&" }, + { 'y', OPT_LOCALISE, NULL, gettext_noop("Answer DNS queries based on the interface a query was sent to."), NULL }, +-- +2.5.5 + diff --git a/src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch b/src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch new file mode 100644 index 0000000..6065904 --- /dev/null +++ b/src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch @@ -0,0 +1,73 @@ +From c6cdf6bbee27d1127847ce7bdff2a22a785f9723 Mon Sep 17 00:00:00 2001 +From: Simon Kelley <simon(a)thekelleys.org.uk> +Date: Tue, 3 May 2016 21:14:14 +0100 +Subject: [PATCH] Move dhcp_release and dhcp_lease_time to contrib/lease_tools. + +--- + contrib/{wrt => lease-tools}/Makefile | 0 + contrib/{wrt => lease-tools}/dhcp_lease_time.1 | 0 + contrib/{wrt => lease-tools}/dhcp_lease_time.c | 0 + contrib/{wrt => lease-tools}/dhcp_release.1 | 0 + contrib/{wrt => lease-tools}/dhcp_release.c | 0 + debian/rules | 12 ++++++------ + 6 files changed, 6 insertions(+), 6 deletions(-) + rename contrib/{wrt => lease-tools}/Makefile (100%) + rename contrib/{wrt => lease-tools}/dhcp_lease_time.1 (100%) + rename contrib/{wrt => lease-tools}/dhcp_lease_time.c (100%) + rename contrib/{wrt => lease-tools}/dhcp_release.1 (100%) + rename contrib/{wrt => lease-tools}/dhcp_release.c (100%) + +diff --git a/contrib/wrt/Makefile b/contrib/lease-tools/Makefile +similarity index 100% +rename from contrib/wrt/Makefile +rename to contrib/lease-tools/Makefile +diff --git a/contrib/wrt/dhcp_lease_time.1 b/contrib/lease-tools/dhcp_lease_time.1 +similarity index 100% +rename from contrib/wrt/dhcp_lease_time.1 +rename to contrib/lease-tools/dhcp_lease_time.1 +diff --git a/contrib/wrt/dhcp_lease_time.c b/contrib/lease-tools/dhcp_lease_time.c +similarity index 100% +rename from contrib/wrt/dhcp_lease_time.c +rename to contrib/lease-tools/dhcp_lease_time.c +diff --git a/contrib/wrt/dhcp_release.1 b/contrib/lease-tools/dhcp_release.1 +similarity index 100% +rename from contrib/wrt/dhcp_release.1 +rename to contrib/lease-tools/dhcp_release.1 +diff --git a/contrib/wrt/dhcp_release.c b/contrib/lease-tools/dhcp_release.c +similarity index 100% +rename from contrib/wrt/dhcp_release.c +rename to contrib/lease-tools/dhcp_release.c +diff --git a/debian/rules b/debian/rules +index 8612092..193b30c 100755 +--- a/debian/rules ++++ b/debian/rules +@@ -93,7 +93,7 @@ clean: + $(checkdir) + rm -rf debian/daemon debian/base debian/utils debian/*~ debian/files debian/substvars debian/utils-substvars + make clean +- make -C contrib/wrt clean ++ make -C contrib/lease-tools clean + + binary-indep: checkroot + $(checkdir) +@@ -184,12 +184,12 @@ ifeq ($(DEB_HOST_ARCH_OS),linux) + -d debian/utils/usr/share/man/man1 \ + -d debian/utils/usr/bin \ + -d debian/utils/usr/share/doc/dnsmasq-utils +- make -C contrib/wrt PREFIX=/usr DESTDIR=`pwd`/debian/utils CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" COPTS="$(DEB_COPTS)" CC=gcc +- install -m 755 contrib/wrt/dhcp_release debian/utils/usr/bin/dhcp_release +- install -m 644 contrib/wrt/dhcp_release.1 debian/utils/usr/share/man/man1/dhcp_release.1 ++ make -C contrib/lease-tools PREFIX=/usr DESTDIR=`pwd`/debian/utils CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" COPTS="$(DEB_COPTS)" CC=gcc ++ install -m 755 contrib/lease-tools/dhcp_release debian/utils/usr/bin/dhcp_release ++ install -m 644 contrib/lease-tools/dhcp_release.1 debian/utils/usr/share/man/man1/dhcp_release.1 + gzip -9n debian/utils/usr/share/man/man1/dhcp_release.1 +- install -m 755 contrib/wrt/dhcp_lease_time debian/utils/usr/bin/dhcp_lease_time +- install -m 644 contrib/wrt/dhcp_lease_time.1 debian/utils/usr/share/man/man1/dhcp_lease_time.1 ++ install -m 755 contrib/lease-tools/dhcp_lease_time debian/utils/usr/bin/dhcp_lease_time ++ install -m 644 contrib/lease-tools/dhcp_lease_time.1 debian/utils/usr/share/man/man1/dhcp_lease_time.1 + install -m 644 debian/copyright debian/utils/usr/share/doc/dnsmasq-utils/copyright + install -m 644 debian/changelog debian/utils/usr/share/doc/dnsmasq-utils/changelog.Debian + gzip -9n debian/utils/usr/share/doc/dnsmasq-utils/changelog.Debian +-- +2.5.5 + diff --git a/src/patches/dnsmasq/003-Update_CHANGELOG.patch b/src/patches/dnsmasq/003-Update_CHANGELOG.patch deleted file mode 100644 index f04f943..0000000 --- a/src/patches/dnsmasq/003-Update_CHANGELOG.patch +++ /dev/null @@ -1,17 +0,0 @@ -X-Git-Url: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blobdiff_plain;f=CHANGELOG… - -diff --git a/CHANGELOG b/CHANGELOG -index 14354f2..6d9ba49 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -48,6 +48,10 @@ version 2.76 - (ie xx::0 to xx::ffff:ffff:ffff:ffff) - Thanks to Laurent Bendel for spotting this problem. - -+ Add support for a TTL parameter in --host-record and -+ --cname. -+ -+ Add --dhcp-ttl option. - - version 2.75 - Fix reversion on 2.74 which caused 100% CPU use when a diff --git a/src/patches/dnsmasq/004-Add_--tftp-mtu_option.patch b/src/patches/dnsmasq/004-Add_--tftp-mtu_option.patch deleted file mode 100644 index c06705a..0000000 --- a/src/patches/dnsmasq/004-Add_--tftp-mtu_option.patch +++ /dev/null @@ -1,136 +0,0 @@ -From bec366b4041df72b559e713f1c924177676e6eb0 Mon Sep 17 00:00:00 2001 -From: Simon Kelley <simon(a)thekelleys.org.uk> -Date: Wed, 24 Feb 2016 22:03:26 +0000 -Subject: [PATCH] Add --tftp-mtu option. - ---- - CHANGELOG | 4 ++++ - man/dnsmasq.8 | 4 ++++ - src/dnsmasq.h | 2 +- - src/option.c | 10 +++++++++- - src/tftp.c | 14 ++++++++++++-- - 5 files changed, 30 insertions(+), 4 deletions(-) - -diff --git a/CHANGELOG b/CHANGELOG -index 6d9ba49..9218b8c 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -53,6 +53,10 @@ version 2.76 - - Add --dhcp-ttl option. - -+ Add --tftp-mtu option. Thanks to Patrick McLean for the -+ initial patch. -+ -+ - version 2.75 - Fix reversion on 2.74 which caused 100% CPU use when a - dhcp-script is configured. Thanks to Adrian Davey for -diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 -index 2bcce20..3cf48cd 100644 ---- a/man/dnsmasq.8 -+++ b/man/dnsmasq.8 -@@ -1810,6 +1810,10 @@ require about (2*n) + 10 descriptors. If - .B --tftp-port-range - is given, that can affect the number of concurrent connections. - .TP -+.B --tftp-mtu=<mtu size> -+Use size as the ceiling of the MTU supported by the intervening network when -+negotiating TFTP blocksize, overriding the MTU setting of the local interface if it is larger. -+.TP - .B --tftp-no-blocksize - Stop the TFTP server from negotiating the "blocksize" option with a - client. Some buggy clients request this option but then behave badly -diff --git a/src/dnsmasq.h b/src/dnsmasq.h -index 9f73c3b..280ad9d 100644 ---- a/src/dnsmasq.h -+++ b/src/dnsmasq.h -@@ -975,7 +975,7 @@ extern struct daemon { - struct dhcp_netid_list *dhcp_ignore, *dhcp_ignore_names, *dhcp_gen_names; - struct dhcp_netid_list *force_broadcast, *bootp_dynamic; - struct hostsfile *dhcp_hosts_file, *dhcp_opts_file, *dynamic_dirs; -- int dhcp_max, tftp_max; -+ int dhcp_max, tftp_max, tftp_mtu; - int dhcp_server_port, dhcp_client_port; - int start_tftp_port, end_tftp_port; - unsigned int min_leasetime; -diff --git a/src/option.c b/src/option.c -index 3f6d162..765965f 100644 ---- a/src/option.c -+++ b/src/option.c -@@ -158,7 +158,8 @@ struct myoption { - #define LOPT_CPE_ID 346 - #define LOPT_SCRIPT_ARP 347 - #define LOPT_DHCPTTL 348 -- -+#define LOPT_TFTP_MTU 349 -+ - #ifdef HAVE_GETOPT_LONG - static const struct option opts[] = - #else -@@ -244,6 +245,7 @@ static const struct myoption opts[] = - { "tftp-unique-root", 0, 0, LOPT_APREF }, - { "tftp-root", 1, 0, LOPT_PREFIX }, - { "tftp-max", 1, 0, LOPT_TFTP_MAX }, -+ { "tftp-mtu", 1, 0, LOPT_TFTP_MTU }, - { "tftp-lowercase", 0, 0, LOPT_TFTP_LC }, - { "ptr-record", 1, 0, LOPT_PTR }, - { "naptr-record", 1, 0, LOPT_NAPTR }, -@@ -432,6 +434,7 @@ static struct { - { LOPT_SECURE, OPT_TFTP_SECURE, NULL, gettext_noop("Allow access only to files owned by the user running dnsmasq."), NULL }, - { LOPT_TFTP_NO_FAIL, OPT_TFTP_NO_FAIL, NULL, gettext_noop("Do not terminate the service if TFTP directories are inaccessible."), NULL }, - { LOPT_TFTP_MAX, ARG_ONE, "<integer>", gettext_noop("Maximum number of conncurrent TFTP transfers (defaults to %s)."), "#" }, -+ { LOPT_TFTP_MTU, ARG_ONE, "<integer>", gettext_noop("Maximum MTU to use for TFTP transfers."), NULL }, - { LOPT_NOBLOCK, OPT_TFTP_NOBLOCK, NULL, gettext_noop("Disable the TFTP blocksize extension."), NULL }, - { LOPT_TFTP_LC, OPT_TFTP_LC, NULL, gettext_noop("Convert TFTP filenames to lowercase"), NULL }, - { LOPT_TFTPPORTS, ARG_ONE, "<start>,<end>", gettext_noop("Ephemeral port range for use by TFTP transfers."), NULL }, -@@ -2625,6 +2628,11 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma - ret_err(gen_err); - break; - -+ case LOPT_TFTP_MTU: /* --tftp-mtu */ -+ if (!atoi_check(arg, &daemon->tftp_mtu)) -+ ret_err(gen_err); -+ break; -+ - case LOPT_PREFIX: /* --tftp-prefix */ - comma = split(arg); - if (comma) -diff --git a/src/tftp.c b/src/tftp.c -index 00ed2fc..dc4aa85 100644 ---- a/src/tftp.c -+++ b/src/tftp.c -@@ -103,8 +103,10 @@ void tftp_request(struct listener *listen, time_t now) - if (listen->iface) - { - addr = listen->iface->addr; -- mtu = listen->iface->mtu; - name = listen->iface->name; -+ mtu = listen->iface->mtu; -+ if (daemon->tftp_mtu != 0 && daemon->tftp_mtu < mtu) -+ mtu = daemon->tftp_mtu; - } - else - { -@@ -234,9 +236,17 @@ void tftp_request(struct listener *listen, time_t now) - - strncpy(ifr.ifr_name, name, IF_NAMESIZE); - if (ioctl(listen->tftpfd, SIOCGIFMTU, &ifr) != -1) -- mtu = ifr.ifr_mtu; -+ { -+ mtu = ifr.ifr_mtu; -+ if (daemon->tftp_mtu != 0 && daemon->tftp_mtu < mtu) -+ mtu = daemon->tftp_mtu; -+ } - } - -+ /* Failed to get interface mtu - can use configured value. */ -+ if (mtu == 0) -+ mtu = daemon->tftp_mtu; -+ - if (name) - { - /* check for per-interface prefix */ --- -1.7.10.4 - diff --git a/src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch b/src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch new file mode 100644 index 0000000..6426d39 --- /dev/null +++ b/src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch @@ -0,0 +1,528 @@ +From 69cbf78bb676e493f0a4cd6dc7ffec0fcafafed5 Mon Sep 17 00:00:00 2001 +From: Simon Kelley <simon(a)thekelleys.org.uk> +Date: Tue, 3 May 2016 21:33:38 +0100 +Subject: [PATCH] Add contrib/lease-tools/dhcp_release6 + +--- + CHANGELOG | 6 + + contrib/lease-tools/Makefile | 4 +- + contrib/lease-tools/dhcp_release6.1 | 38 ++++ + contrib/lease-tools/dhcp_release6.c | 416 ++++++++++++++++++++++++++++++++++++ + debian/rules | 3 + + 5 files changed, 465 insertions(+), 2 deletions(-) + create mode 100644 contrib/lease-tools/dhcp_release6.1 + create mode 100644 contrib/lease-tools/dhcp_release6.c + +diff --git a/CHANGELOG b/CHANGELOG +index aa53fba..7d4a061 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -65,6 +65,12 @@ version 2.76 + --servers-file to define upstream DNS servers. Thanks to + Scott Bonar for the bug report. + ++ Move the dhcp_release and dhcp_lease_time tools from ++ contrib/wrt to contrib/lease-tools. ++ ++ Add dhcp_release6 to contrib/lease-tools. Many thanks ++ to Sergey Nechaev for this code. ++ + + version 2.75 + Fix reversion on 2.74 which caused 100% CPU use when a +diff --git a/contrib/lease-tools/Makefile b/contrib/lease-tools/Makefile +index 68e8d32..f38f2ed 100644 +--- a/contrib/lease-tools/Makefile ++++ b/contrib/lease-tools/Makefile +@@ -1,6 +1,6 @@ + CFLAGS?= -O2 -Wall -W + +-all: dhcp_release dhcp_lease_time ++all: dhcp_release dhcp_release6 dhcp_lease_time + + clean: +- rm -f *~ *.o core dhcp_release dhcp_lease_time ++ rm -f *~ *.o core dhcp_release dhcp_release6 dhcp_lease_time +diff --git a/contrib/lease-tools/dhcp_release6.1 b/contrib/lease-tools/dhcp_release6.1 +new file mode 100644 +index 0000000..763e01c +--- /dev/null ++++ b/contrib/lease-tools/dhcp_release6.1 +@@ -0,0 +1,38 @@ ++.TH DHCP_RELEASE 1 ++.SH NAME ++dhcp_release6 \- Release a DHCPv6 lease on a the local dnsmasq DHCP server. ++.SH SYNOPSIS ++.B dhcp_release6 --iface <interface> --client-id <client-id> --server-id ++server-id --iaid <iaid> --ip <IP> [--dry-run] [--help] ++.SH "DESCRIPTION" ++A utility which forces the DHCP server running on this machine to release a ++DHCPv6 lease. ++.SS OPTIONS ++.IP "-a, --ip" ++IPv6 address to release. ++.IP "-c, --client-id" ++Colon-separated hex string representing DHCPv6 client id. Normally ++it can be found in leases file both on client and server. ++.IP "-d, --dry-run" ++Print hexadecimal representation of generated DHCPv6 release packet to standard ++output and exit. ++.IP "-h, --help" ++print usage information to standard output and exit. ++.IP "-i, --iaid" ++Decimal representation of DHCPv6 IAID. Normally it can be found in leases file ++both on client and server. ++.IP "-n, --iface" ++Network interface to send a DHCPv6 release packet from. ++.IP "-s, --server-id" ++Colon-separated hex string representing DHCPv6 server id. Normally ++it can be found in leases file both on client and server. ++.SH NOTES ++MUST be run as root - will fail otherwise. ++.SH LIMITATIONS ++Only usable on IPv6 DHCP leases. ++.SH SEE ALSO ++.BR dnsmasq (8) ++.SH AUTHOR ++This manual page was written by Simon Kelley <simon(a)thekelleys.org.uk>. ++ ++ +diff --git a/contrib/lease-tools/dhcp_release6.c b/contrib/lease-tools/dhcp_release6.c +new file mode 100644 +index 0000000..74fb26a +--- /dev/null ++++ b/contrib/lease-tools/dhcp_release6.c +@@ -0,0 +1,416 @@ ++/* ++ dhcp_release6 --iface <interface> --client-id <client-id> --server-id ++ server-id --iaid <iaid> --ip <IP> [--dry-run] [--help] ++ MUST be run as root - will fail othewise ++ */ ++ ++/* Send a DHCPRELEASE message to IPv6 multicast address via the specified interface ++ to tell the local DHCP server to delete a particular lease. ++ ++ The interface argument is the interface in which a DHCP ++ request _would_ be received if it was coming from the client, ++ rather than being faked up here. ++ ++ The client-id argument is colon-separated hex string and mandatory. Normally ++ it can be found in leases file both on client and server ++ ++ The server-id argument is colon-separated hex string and mandatory. Normally ++ it can be found in leases file both on client and server. ++ ++ The iaid argument is numeric string and mandatory. Normally ++ it can be found in leases file both on client and server. ++ ++ IP is an IPv6 adress to release ++ ++ If --dry-run is specified, dhcp_release6 just prints hexadecimal represantation of ++ packet to send to stdout and exits. ++ ++ If --help is specified, dhcp_release6 print usage information to stdout and exits ++ ++ ++ ++ */ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <strings.h> ++#include <sys/types.h> ++#include <sys/socket.h> ++#include <arpa/inet.h> ++#include <getopt.h> ++#include <errno.h> ++#include <unistd.h> ++ ++#define NOT_REPLY_CODE 115 ++typedef unsigned char u8; ++typedef unsigned short u16; ++typedef unsigned int u32; ++ ++enum DHCP6_TYPES{ ++ SOLICIT = 1, ++ ADVERTISE = 2, ++ REQUEST = 3, ++ CONFIRM = 4, ++ RENEW = 5, ++ REBIND = 6, ++ REPLY = 7, ++ RELEASE = 8, ++ DECLINE = 9, ++ RECONFIGURE = 10, ++ INFORMATION_REQUEST = 11, ++ RELAY_FORW = 12, ++ RELAY_REPL = 13 ++ ++}; ++enum DHCP6_OPTIONS{ ++ CLIENTID = 1, ++ SERVERID = 2, ++ IA_NA = 3, ++ IA_TA = 4, ++ IAADDR = 5, ++ ORO = 6, ++ PREFERENCE = 7, ++ ELAPSED_TIME = 8, ++ RELAY_MSG = 9, ++ AUTH = 11, ++ UNICAST = 12, ++ STATUS_CODE = 13, ++ RAPID_COMMIT = 14, ++ USER_CLASS = 15, ++ VENDOR_CLASS = 16, ++ VENDOR_OPTS = 17, ++ INTERFACE_ID = 18, ++ RECONF_MSG = 19, ++ RECONF_ACCEPT = 20, ++}; ++ ++enum DHCP6_STATUSES{ ++ SUCCESS = 0, ++ UNSPEC_FAIL = 1, ++ NOADDR_AVAIL=2, ++ NO_BINDING = 3, ++ NOT_ON_LINK = 4, ++ USE_MULTICAST =5 ++}; ++static struct option longopts[] = { ++ {"ip", required_argument, 0, 'a'}, ++ {"server-id", required_argument, 0, 's'}, ++ {"client-id", required_argument, 0, 'c'}, ++ {"iface", required_argument, 0, 'n'}, ++ {"iaid", required_argument, 0, 'i'}, ++ {"dry-run", no_argument, 0, 'd'}, ++ {"help", no_argument, 0, 'h'}, ++ {0, 0, 0, 0} ++}; ++ ++const short DHCP6_CLIENT_PORT = 546; ++const short DHCP6_SERVER_PORT = 547; ++ ++const char* DHCP6_MULTICAST_ADDRESS = "ff02::1:2"; ++ ++struct dhcp6_option{ ++ uint16_t type; ++ uint16_t len; ++ char value[1024]; ++}; ++ ++struct dhcp6_iaaddr_option{ ++ uint16_t type; ++ uint16_t len; ++ struct in6_addr ip; ++ uint32_t preferred_lifetime; ++ uint32_t valid_lifetime; ++ ++ ++}; ++ ++struct dhcp6_iana_option{ ++ uint16_t type; ++ uint16_t len; ++ uint32_t iaid; ++ uint32_t t1; ++ uint32_t t2; ++ char options[1024]; ++}; ++ ++ ++struct dhcp6_packet{ ++ size_t len; ++ char buf[2048]; ++ ++} ; ++ ++size_t pack_duid(const char* str, char* dst){ ++ ++ char* tmp = strdup(str); ++ char* tmp_to_free = tmp; ++ char *ptr; ++ uint8_t write_pos = 0; ++ while ((ptr = strtok (tmp, ":"))) { ++ dst[write_pos] = (uint8_t) strtol(ptr, NULL, 16); ++ write_pos += 1; ++ tmp = NULL; ++ ++ } ++ free(tmp_to_free); ++ return write_pos; ++} ++ ++struct dhcp6_option create_client_id_option(const char* duid){ ++ struct dhcp6_option option; ++ option.type = htons(CLIENTID); ++ bzero(option.value, sizeof(option.value)); ++ option.len = htons(pack_duid(duid, option.value)); ++ return option; ++} ++ ++struct dhcp6_option create_server_id_option(const char* duid){ ++ struct dhcp6_option option; ++ option.type = htons(SERVERID); ++ bzero(option.value, sizeof(option.value)); ++ option.len = htons(pack_duid(duid, option.value)); ++ return option; ++} ++ ++struct dhcp6_iaaddr_option create_iaadr_option(const char* ip){ ++ struct dhcp6_iaaddr_option result; ++ result.type =htons(IAADDR); ++ /* no suboptions needed here, so length is 24 */ ++ result.len = htons(24); ++ result.preferred_lifetime = 0; ++ result.valid_lifetime = 0; ++ int s = inet_pton(AF_INET6, ip, &(result.ip)); ++ if (s <= 0) { ++ if (s == 0) ++ fprintf(stderr, "Not in presentation format"); ++ else ++ perror("inet_pton"); ++ exit(EXIT_FAILURE); ++ } ++ return result; ++} ++struct dhcp6_iana_option create_iana_option(const char * iaid, struct dhcp6_iaaddr_option ia_addr){ ++ struct dhcp6_iana_option result; ++ result.type = htons(IA_NA); ++ result.iaid = htonl(atoi(iaid)); ++ result.t1 = 0; ++ result.t2 = 0; ++ result.len = htons(12 + ntohs(ia_addr.len) + 2 * sizeof(uint16_t)); ++ memcpy(result.options, &ia_addr, ntohs(ia_addr.len) + 2 * sizeof(uint16_t)); ++ return result; ++} ++ ++struct dhcp6_packet create_release_packet(const char* iaid, const char* ip, const char* client_id, const char* server_id){ ++ struct dhcp6_packet result; ++ bzero(result.buf, sizeof(result.buf)); ++ /* message_type */ ++ result.buf[0] = RELEASE; ++ /* tx_id */ ++ bzero(result.buf+1, 3); ++ ++ struct dhcp6_option client_option = create_client_id_option(client_id); ++ struct dhcp6_option server_option = create_server_id_option(server_id); ++ struct dhcp6_iaaddr_option iaaddr_option = create_iaadr_option(ip); ++ struct dhcp6_iana_option iana_option = create_iana_option(iaid, iaaddr_option); ++ int offset = 4; ++ memcpy(result.buf + offset, &client_option, ntohs(client_option.len) + 2*sizeof(uint16_t)); ++ offset += (ntohs(client_option.len)+ 2 *sizeof(uint16_t) ); ++ memcpy(result.buf + offset, &server_option, ntohs(server_option.len) + 2*sizeof(uint16_t) ); ++ offset += (ntohs(server_option.len)+ 2* sizeof(uint16_t)); ++ memcpy(result.buf + offset, &iana_option, ntohs(iana_option.len) + 2*sizeof(uint16_t) ); ++ offset += (ntohs(iana_option.len)+ 2* sizeof(uint16_t)); ++ result.len = offset; ++ return result; ++} ++ ++uint16_t parse_iana_suboption(char* buf, size_t len){ ++ size_t current_pos = 0; ++ char option_value[1024]; ++ while (current_pos < len) { ++ uint16_t option_type, option_len; ++ memcpy(&option_type,buf + current_pos, sizeof(uint16_t)); ++ memcpy(&option_len,buf + current_pos + sizeof(uint16_t), sizeof(uint16_t)); ++ option_type = ntohs(option_type); ++ option_len = ntohs(option_len); ++ current_pos += 2 * sizeof(uint16_t); ++ if (option_type == STATUS_CODE){ ++ uint16_t status; ++ memcpy(&status, buf + current_pos, sizeof(uint16_t)); ++ status = ntohs(status); ++ if (status != SUCCESS){ ++ memcpy(option_value, buf + current_pos + sizeof(uint16_t) , option_len - sizeof(uint16_t)); ++ option_value[option_len-sizeof(uint16_t)] ='\0'; ++ fprintf(stderr, "Error: %s\n", option_value); ++ } ++ return status; ++ } ++ } ++ return -2; ++} ++ ++int16_t parse_packet(char* buf, size_t len){ ++ uint8_t type = buf[0]; ++ /*skipping tx id. you need it, uncomment following line ++ uint16_t tx_id = ntohs((buf[1] <<16) + (buf[2] <<8) + buf[3]); ++ */ ++ size_t current_pos = 4; ++ if (type != REPLY ){ ++ return NOT_REPLY_CODE; ++ } ++ char option_value[1024]; ++ while (current_pos < len) { ++ uint16_t option_type, option_len; ++ memcpy(&option_type,buf + current_pos, sizeof(uint16_t)); ++ memcpy(&option_len,buf + current_pos + sizeof(uint16_t), sizeof(uint16_t)); ++ option_type = ntohs(option_type); ++ option_len = ntohs(option_len); ++ current_pos += 2 * sizeof(uint16_t); ++ if (option_type == STATUS_CODE){ ++ uint16_t status; ++ memcpy(&status, buf + current_pos, sizeof(uint16_t)); ++ status = ntohs(status); ++ if (status != SUCCESS){ ++ memcpy(option_value, buf + current_pos +sizeof(uint16_t) , option_len -sizeof(uint16_t)); ++ fprintf(stderr, "Error: %d %s\n", status, option_value); ++ return status; ++ } ++ ++ } ++ if (option_type == IA_NA ){ ++ uint16_t result = parse_iana_suboption(buf + current_pos +24, option_len -24); ++ if (result){ ++ return result; ++ } ++ } ++ current_pos += option_len; ++ ++ } ++ return -1; ++} ++ ++void usage(const char* arg, FILE* stream){ ++ const char* usage_string ="--ip IPv6 --iface IFACE --server-id SERVER_ID --client-id CLIENT_ID --iaid IAID [--dry-run] | --help"; ++ fprintf (stream, "Usage: %s %s\n", arg, usage_string); ++ ++} ++ ++int send_release_packet(const char* iface, struct dhcp6_packet* packet){ ++ ++ struct sockaddr_in6 server_addr, client_addr; ++ char response[1400]; ++ int sock = socket(PF_INET6, SOCK_DGRAM, 0); ++ int i = 0; ++ if (sock < 0) { ++ perror("creating socket"); ++ return -1; ++ } ++ if (setsockopt(sock, SOL_SOCKET, 25, iface, strlen(iface)) == -1) { ++ perror("SO_BINDTODEVICE"); ++ close(sock); ++ return -1; ++ } ++ memset(&server_addr, 0, sizeof(server_addr)); ++ server_addr.sin6_family = AF_INET6; ++ client_addr.sin6_family = AF_INET6; ++ client_addr.sin6_port = htons(DHCP6_CLIENT_PORT); ++ client_addr.sin6_flowinfo = 0; ++ client_addr.sin6_scope_id =0; ++ inet_pton(AF_INET6, "::", &client_addr.sin6_addr); ++ bind(sock, (struct sockaddr*)&client_addr, sizeof(struct sockaddr_in6)); ++ inet_pton(AF_INET6, DHCP6_MULTICAST_ADDRESS, &server_addr.sin6_addr); ++ server_addr.sin6_port = htons(DHCP6_SERVER_PORT); ++ int16_t recv_size = 0; ++ for (i = 0; i < 5; i++) { ++ if (sendto(sock, packet->buf, packet->len, 0, ++ (struct sockaddr *)&server_addr, ++ sizeof(server_addr)) < 0) { ++ perror("sendto failed"); ++ exit(4); ++ } ++ recv_size = recvfrom(sock, response, sizeof(response), MSG_DONTWAIT, NULL, 0); ++ if (recv_size == -1){ ++ if (errno == EAGAIN){ ++ sleep(1); ++ continue; ++ }else { ++ perror("recvfrom"); ++ } ++ } ++ int16_t result = parse_packet(response, recv_size); ++ if (result == NOT_REPLY_CODE){ ++ sleep(1); ++ continue; ++ } ++ return result; ++ } ++ fprintf(stderr, "Response timed out\n"); ++ return -1; ++ ++} ++ ++ ++int main(int argc, char * const argv[]) { ++ const char* iface = ""; ++ const char* ip = ""; ++ const char* client_id = ""; ++ const char* server_id = ""; ++ const char* iaid = ""; ++ int dry_run = 0; ++ while (1) { ++ int option_index = 0; ++ int c = getopt_long(argc, argv, "a:s:c:n:i:hd", longopts, &option_index); ++ if (c == -1){ ++ break; ++ } ++ switch(c){ ++ case 0: ++ if (longopts[option_index].flag !=0){ ++ break; ++ } ++ printf ("option %s", longopts[option_index].name); ++ if (optarg) ++ printf (" with arg %s", optarg); ++ printf ("\n"); ++ break; ++ case 'i': ++ iaid = optarg; ++ break; ++ case 'n': ++ iface = optarg; ++ break; ++ case 'a': ++ ip = optarg; ++ break; ++ case 'c': ++ client_id = optarg; ++ break; ++ case 'd': ++ dry_run = 1; ++ break; ++ case 's': ++ server_id = optarg; ++ break; ++ case 'h': ++ usage(argv[0], stdout); ++ break; ++ case '?': ++ usage(argv[0], stderr); ++ return -1; ++ default: ++ abort(); ++ ++ } ++ ++ } ++ struct dhcp6_packet packet = create_release_packet(iaid, ip, client_id, server_id); ++ if (dry_run){ ++ uint16_t i; ++ for(i=0;i<packet.len;i++){ ++ printf("%hhx", packet.buf[i]); ++ } ++ printf("\n"); ++ return 0; ++ } ++ return send_release_packet(iface, &packet); ++ ++} +diff --git a/debian/rules b/debian/rules +index 193b30c..d748829 100755 +--- a/debian/rules ++++ b/debian/rules +@@ -188,6 +188,9 @@ ifeq ($(DEB_HOST_ARCH_OS),linux) + install -m 755 contrib/lease-tools/dhcp_release debian/utils/usr/bin/dhcp_release + install -m 644 contrib/lease-tools/dhcp_release.1 debian/utils/usr/share/man/man1/dhcp_release.1 + gzip -9n debian/utils/usr/share/man/man1/dhcp_release.1 ++ install -m 755 contrib/lease-tools/dhcp_release6 debian/utils/usr/bin/dhcp_release6 ++ install -m 644 contrib/lease-tools/dhcp_release6.1 debian/utils/usr/share/man/man1/dhcp_release6.1 ++ gzip -9n debian/utils/usr/share/man/man1/dhcp_release6.1 + install -m 755 contrib/lease-tools/dhcp_lease_time debian/utils/usr/bin/dhcp_lease_time + install -m 644 contrib/lease-tools/dhcp_lease_time.1 debian/utils/usr/share/man/man1/dhcp_lease_time.1 + install -m 644 debian/copyright debian/utils/usr/share/doc/dnsmasq-utils/copyright +-- +2.5.5 + diff --git a/src/patches/dnsmasq/005-Apply_ceiling_of_lease_length_to_TTL_when_--dhcp-ttl_in_use.patch b/src/patches/dnsmasq/005-Apply_ceiling_of_lease_length_to_TTL_when_--dhcp-ttl_in_use.patch deleted file mode 100644 index 2875d2c..0000000 --- a/src/patches/dnsmasq/005-Apply_ceiling_of_lease_length_to_TTL_when_--dhcp-ttl_in_use.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 7480aeffc8ad195e9fd8bcf424bae0fab3839d55 Mon Sep 17 00:00:00 2001 -From: Simon Kelley <simon(a)thekelleys.org.uk> -Date: Fri, 26 Feb 2016 21:58:20 +0000 -Subject: [PATCH] Apply ceiling of lease length to TTL when --dhcp-ttl in use. - ---- - src/rfc1035.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/src/rfc1035.c b/src/rfc1035.c -index 8f1e3b4..bed5312 100644 ---- a/src/rfc1035.c -+++ b/src/rfc1035.c -@@ -1167,10 +1167,18 @@ int add_resource_record(struct dns_header *header, char *limit, int *truncp, int - static unsigned long crec_ttl(struct crec *crecp, time_t now) - { - /* Return 0 ttl for DHCP entries, which might change -- before the lease expires. */ -+ before the lease expires, unless configured otherwise. */ - - if (crecp->flags & F_DHCP) -- return daemon->use_dhcp_ttl ? daemon->dhcp_ttl : daemon->local_ttl; -+ { -+ int conf_ttl = daemon->use_dhcp_ttl ? daemon->dhcp_ttl : daemon->local_ttl; -+ -+ /* Apply ceiling of actual lease length to configured TTL. */ -+ if (!(crecp->flags & F_IMMORTAL) && (crecp->ttd - now) < conf_ttl) -+ return crecp->ttd - now; -+ -+ return conf_ttl; -+ } - - /* Immortal entries other than DHCP are local, and hold TTL in TTD field. */ - if (crecp->flags & F_IMMORTAL) --- -1.7.10.4 - diff --git a/src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch b/src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch new file mode 100644 index 0000000..3486104 --- /dev/null +++ b/src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch @@ -0,0 +1,85 @@ +From b97026035ecc870ea0f12f537b214237cf3d0af6 Mon Sep 17 00:00:00 2001 +From: Simon Kelley <simon(a)thekelleys.org.uk> +Date: Tue, 3 May 2016 22:34:06 +0100 +Subject: [PATCH] Limit number of upstream nameservers when logging + configuration. + +--- + CHANGELOG | 5 +++++ + src/config.h | 1 + + src/network.c | 10 ++++++++-- + 3 files changed, 14 insertions(+), 2 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 7d4a061..f3220d8 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -71,6 +71,11 @@ version 2.76 + Add dhcp_release6 to contrib/lease-tools. Many thanks + to Sergey Nechaev for this code. + ++ To avoid filling logs in configurations which define ++ many upstream nameservers, don't log more that 30 servers. ++ The number to be logged can be changed as SERVERS_LOGGED ++ in src/config.h. ++ + + version 2.75 + Fix reversion on 2.74 which caused 100% CPU use when a +diff --git a/src/config.h b/src/config.h +index c3bbbcb..80a50e1 100644 +--- a/src/config.h ++++ b/src/config.h +@@ -25,6 +25,7 @@ + #define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */ + #define FORWARD_TEST 50 /* try all servers every 50 queries */ + #define FORWARD_TIME 20 /* or 20 seconds */ ++#define SERVERS_LOGGED 30 /* Only log this many servers when logging state */ + #define RANDOM_SOCKS 64 /* max simultaneous random ports */ + #define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */ + #define CACHESIZ 150 /* default cache size */ +diff --git a/src/network.c b/src/network.c +index da8a7f4..e7722fd 100644 +--- a/src/network.c ++++ b/src/network.c +@@ -1429,7 +1429,7 @@ void check_servers(void) + { + struct irec *iface; + struct server *serv; +- int port = 0; ++ int port = 0, count; + + /* interface may be new since startup */ + if (!option_bool(OPT_NOWILD)) +@@ -1442,7 +1442,7 @@ void check_servers(void) + serv->flags |= SERV_DO_DNSSEC; + #endif + +- for (serv = daemon->servers; serv; serv = serv->next) ++ for (count = 0, serv = daemon->servers; serv; serv = serv->next) + { + if (!(serv->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR | SERV_USE_RESOLV | SERV_NO_REBIND))) + { +@@ -1509,6 +1509,9 @@ void check_servers(void) + + if (!(serv->flags & SERV_NO_REBIND) && !(serv->flags & SERV_LITERAL_ADDRESS)) + { ++ if (++count > SERVERS_LOGGED) ++ continue; ++ + if (serv->flags & (SERV_HAS_DOMAIN | SERV_FOR_NODOTS | SERV_USE_RESOLV)) + { + char *s1, *s2, *s3 = ""; +@@ -1540,6 +1543,9 @@ void check_servers(void) + my_syslog(LOG_INFO, _("using nameserver %s#%d"), daemon->namebuff, port); + } + } ++ ++ if (count - 1 > SERVERS_LOGGED) ++ my_syslog(LOG_INFO, _("using %d more nameservers"), count - SERVERS_LOGGED - 1); + + cleanup_servers(); + } +-- +2.5.5 + diff --git a/src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch b/src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch new file mode 100644 index 0000000..3c90ca3 --- /dev/null +++ b/src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch @@ -0,0 +1,70 @@ +From ff325644c7afae2588583f935f4ea9b9694eb52e Mon Sep 17 00:00:00 2001 +From: Neil Jerram <Neil.Jerram(a)metaswitch.com> +Date: Tue, 3 May 2016 22:45:14 +0100 +Subject: [PATCH] Fix for DHCP in transmission interface when + --bridge-interface in use. + +From f3d832b41f44c856003517c583fbd7af4dca722c Mon Sep 17 00:00:00 2001 +From: Neil Jerram <Neil.Jerram(a)metaswitch.com> +Date: Fri, 8 Apr 2016 19:23:47 +0100 +Subject: [PATCH] Fix DHCPv4 reply via --bridge-interface alias interface + +Sending a DHCPv4 reply through a --bridge-interface alias interface +was inadvertently broken by + + commit 65c721200023ef0023114459a8d12f8b0a24cfd8 + Author: Lung-Pin Chang <changlp(a)cs.nctu.edu.tw> + Date: Thu Mar 19 23:22:21 2015 +0000 + + dhcp: set outbound interface via cmsg in unicast reply + + If multiple routes to the same network exist, Linux blindly picks + the first interface (route) based on destination address, which might not be + the one we're actually offering leases. Rather than relying on this, + always set the interface for outgoing unicast DHCP packets. + +because in the aliasing case, iface_index is changed from the index of +the interface on which the packet was received, to be the interface +index of the 'bridge' interface (where the DHCP context is expected to +be defined, and so needs to be looked up). + +For the cmsg code that the cited commit added, we need the original +iface_index; so this commit saves that off before the aliasing code +can change it, as rcvd_iface_index, and then uses rcvd_iface_index +instead of iface_index for the cmsg code. +--- + src/dhcp.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/dhcp.c b/src/dhcp.c +index 00145bc..10f1fb9 100644 +--- a/src/dhcp.c ++++ b/src/dhcp.c +@@ -146,6 +146,7 @@ void dhcp_packet(time_t now, int pxe_fd) + struct iovec iov; + ssize_t sz; + int iface_index = 0, unicast_dest = 0, is_inform = 0; ++ int rcvd_iface_index; + struct in_addr iface_addr; + struct iface_param parm; + #ifdef HAVE_LINUX_NETWORK +@@ -230,6 +231,7 @@ void dhcp_packet(time_t now, int pxe_fd) + --bridge-interface option), change ifr.ifr_name so that we look + for DHCP contexts associated with the aliased interface instead + of with the aliasing one. */ ++ rcvd_iface_index = iface_index; + for (bridge = daemon->bridges; bridge; bridge = bridge->next) + { + for (alias = bridge->alias; alias; alias = alias->next) +@@ -387,7 +389,7 @@ void dhcp_packet(time_t now, int pxe_fd) + msg.msg_controllen = sizeof(control_u); + cmptr = CMSG_FIRSTHDR(&msg); + pkt = (struct in_pktinfo *)CMSG_DATA(cmptr); +- pkt->ipi_ifindex = iface_index; ++ pkt->ipi_ifindex = rcvd_iface_index; + pkt->ipi_spec_dst.s_addr = 0; + msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo)); + cmptr->cmsg_level = IPPROTO_IP; +-- +2.5.5 + -- 2.8.2

1 0

[PATCH] dnsmasq 2.76test13: latest patches from upstream (001-006)
by Matthias Fischer 05 May '16

05 May '16

Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> --- lfs/dnsmasq | 6 + .../dnsmasq/001-Debian_init_d_script_fix.patch | 74 +++ .../dnsmasq/002-Add_--help_to_manpage.patch | 66 +++ ...nd_dhcp_lease_time_to_contrib_lease_tools.patch | 73 +++ ...004-Add_contrib_lease-tools_dhcp_release6.patch | 528 +++++++++++++++++++++ ...am_nameservers_when_logging_configuration.patch | 85 ++++ ..._interface_when_--bridge-interface_in_use.patch | 70 +++ 7 files changed, 902 insertions(+) create mode 100644 src/patches/dnsmasq/001-Debian_init_d_script_fix.patch create mode 100644 src/patches/dnsmasq/002-Add_--help_to_manpage.patch create mode 100644 src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch create mode 100644 src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch create mode 100644 src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch create mode 100644 src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch diff --git a/lfs/dnsmasq b/lfs/dnsmasq index 3b72746..feb1789 100644 --- a/lfs/dnsmasq +++ b/lfs/dnsmasq @@ -73,6 +73,12 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/001-Debian_init_d_script_fix.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/002-Add_--help_to_manpage.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch cd $(DIR_APP) && sed -i src/config.h \ diff --git a/src/patches/dnsmasq/001-Debian_init_d_script_fix.patch b/src/patches/dnsmasq/001-Debian_init_d_script_fix.patch new file mode 100644 index 0000000..86d0480 --- /dev/null +++ b/src/patches/dnsmasq/001-Debian_init_d_script_fix.patch @@ -0,0 +1,74 @@ +From 332c41e2ff533649dc48b6bab00804d795f348f5 Mon Sep 17 00:00:00 2001 +From: Simon Kelley <simon(a)thekelleys.org.uk> +Date: Sun, 1 May 2016 22:36:46 +0100 +Subject: [PATCH] Debian init.d script fix. + +--- + debian/changelog | 8 +++++--- + debian/init | 14 +++++++------- + 2 files changed, 12 insertions(+), 10 deletions(-) + +diff --git a/debian/changelog b/debian/changelog +index e727406..8a0341c 100644 +--- a/debian/changelog ++++ b/debian/changelog +@@ -3,19 +3,21 @@ dnsmasq (2.76-1) unstable; urgency=low + * New upstream. (closes: #798586) + * Use /run/dnsmasq directly, rather than relying on link from /var/run + to avoid problems before /var is mounted. (closes: #800351) +- ++ * Test for the existance of /usr/share/doc/dnsmasq rather then ++ /etc/dnsmasq.d/README in the daemon startup script. (closes: #819856) ++ + -- Simon Kelley <simon(a)thekelleys.org.uk> Thur, 10 Sep 2015 23:07:21 +0000 + + dnsmasq (2.75-1) unstable; urgency=low + + * New upstream. (closes: #794095) +- ++ + -- Simon Kelley <simon(a)thekelleys.org.uk> Thur, 30 Jul 2015 20:58:31 +0000 + + dnsmasq (2.74-1) unstable; urgency=low + + * New upstream. (LP: #1468611) +- ++ + -- Simon Kelley <simon(a)thekelleys.org.uk> Wed, 15 Jul 2015 21:54:11 +0000 + + dnsmasq (2.73-2) unstable; urgency=low +diff --git a/debian/init b/debian/init +index 6afe191..10b277c 100644 +--- a/debian/init ++++ b/debian/init +@@ -8,7 +8,8 @@ + # Description: DHCP and DNS server + ### END INIT INFO + +-set +e # Don't exit on error status ++# Don't exit on error status ++set +e + + PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin + DAEMON=/usr/sbin/dnsmasq +@@ -29,12 +30,11 @@ if [ -r /etc/default/locale ]; then + export LANG + fi + +-# /etc/dnsmasq.d/README is a non-conffile installed by the dnsmasq package. +-# Should the dnsmasq package be removed, the following test ensures that +-# the daemon is no longer started, even if the dnsmasq-base package is +-# still in place. +-test -e /etc/dnsmasq.d/README || exit 0 +- ++# The following test ensures the dnsmasq service is not started, when the ++# package 'dnsmasq' is removed but not purged, even if the dnsmasq-base ++# package is still in place. ++test -d /usr/share/doc/dnsmasq || exit 0 ++ + test -x $DAEMON || exit 0 + + # Provide skeleton LSB log functions for backports which don't have LSB functions. +-- +2.5.5 + diff --git a/src/patches/dnsmasq/002-Add_--help_to_manpage.patch b/src/patches/dnsmasq/002-Add_--help_to_manpage.patch new file mode 100644 index 0000000..82de3ee --- /dev/null +++ b/src/patches/dnsmasq/002-Add_--help_to_manpage.patch @@ -0,0 +1,66 @@ +From 09217a1a874c654bfd4d29a1097f44435b4c632d Mon Sep 17 00:00:00 2001 +From: Simon Kelley <simon(a)thekelleys.org.uk> +Date: Tue, 3 May 2016 17:04:35 +0100 +Subject: [PATCH] Add --help to manpage . + +--- + debian/changelog | 1 + + man/dnsmasq.8 | 9 ++++++++- + src/option.c | 2 +- + 3 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/debian/changelog b/debian/changelog +index 8a0341c..e028f57 100644 +--- a/debian/changelog ++++ b/debian/changelog +@@ -5,6 +5,7 @@ dnsmasq (2.76-1) unstable; urgency=low + to avoid problems before /var is mounted. (closes: #800351) + * Test for the existance of /usr/share/doc/dnsmasq rather then + /etc/dnsmasq.d/README in the daemon startup script. (closes: #819856) ++ * Add --help to manpage and mention dhcp6 in summary. (closes: #821226) + + -- Simon Kelley <simon(a)thekelleys.org.uk> Thur, 10 Sep 2015 23:07:21 +0000 + +diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 +index fd4b7c5..dacd9ce 100644 +--- a/man/dnsmasq.8 ++++ b/man/dnsmasq.8 +@@ -42,6 +42,13 @@ the configuration file. + Read and syntax check configuration file(s). Exit with code 0 if all + is OK, or a non-zero code otherwise. Do not start up dnsmasq. + .TP ++.B \-w, --help ++Display all command-line options. ++.B --help dhcp ++will display known DHCPv4 configuration options, and ++.B --help dhcp6 ++will display DHCPv6 options. ++.TP + .B \-h, --no-hosts + Don't read the hostnames in /etc/hosts. + .TP +@@ -317,7 +324,7 @@ instead of the correct NXDOMAIN response. This option tells dnsmasq to + fake the correct response when it sees this behaviour. As at Sept 2003 + the IP address being returned by Verisign is 64.94.110.11 + .TP +-.B \-B, --ignore-address=<ipaddr> ++.B --ignore-address=<ipaddr> + Ignore replies to A-record queries which include the specified address. + No error is generated, dnsmasq simply continues to listen for another reply. + This is useful to defeat blocking strategies which rely on quickly supplying a +diff --git a/src/option.c b/src/option.c +index c66f401..0b35500 100644 +--- a/src/option.c ++++ b/src/option.c +@@ -402,7 +402,7 @@ static struct { + { 'v', 0, NULL, gettext_noop("Display dnsmasq version and copyright information."), NULL }, + { 'V', ARG_DUP, "<ipaddr>,<ipaddr>,<netmask>", gettext_noop("Translate IPv4 addresses from upstream servers."), NULL }, + { 'W', ARG_DUP, "<name>,<target>,...", gettext_noop("Specify a SRV record."), NULL }, +- { 'w', 0, NULL, gettext_noop("Display this message. Use --help dhcp for known DHCP options."), NULL }, ++ { 'w', 0, NULL, gettext_noop("Display this message. Use --help dhcp or --help dhcp6 for known DHCP options."), NULL }, + { 'x', ARG_ONE, "<path>", gettext_noop("Specify path of PID file (defaults to %s)."), RUNFILE }, + { 'X', ARG_ONE, "<integer>", gettext_noop("Specify maximum number of DHCP leases (defaults to %s)."), "&" }, + { 'y', OPT_LOCALISE, NULL, gettext_noop("Answer DNS queries based on the interface a query was sent to."), NULL }, +-- +2.5.5 + diff --git a/src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch b/src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch new file mode 100644 index 0000000..6065904 --- /dev/null +++ b/src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch @@ -0,0 +1,73 @@ +From c6cdf6bbee27d1127847ce7bdff2a22a785f9723 Mon Sep 17 00:00:00 2001 +From: Simon Kelley <simon(a)thekelleys.org.uk> +Date: Tue, 3 May 2016 21:14:14 +0100 +Subject: [PATCH] Move dhcp_release and dhcp_lease_time to contrib/lease_tools. + +--- + contrib/{wrt => lease-tools}/Makefile | 0 + contrib/{wrt => lease-tools}/dhcp_lease_time.1 | 0 + contrib/{wrt => lease-tools}/dhcp_lease_time.c | 0 + contrib/{wrt => lease-tools}/dhcp_release.1 | 0 + contrib/{wrt => lease-tools}/dhcp_release.c | 0 + debian/rules | 12 ++++++------ + 6 files changed, 6 insertions(+), 6 deletions(-) + rename contrib/{wrt => lease-tools}/Makefile (100%) + rename contrib/{wrt => lease-tools}/dhcp_lease_time.1 (100%) + rename contrib/{wrt => lease-tools}/dhcp_lease_time.c (100%) + rename contrib/{wrt => lease-tools}/dhcp_release.1 (100%) + rename contrib/{wrt => lease-tools}/dhcp_release.c (100%) + +diff --git a/contrib/wrt/Makefile b/contrib/lease-tools/Makefile +similarity index 100% +rename from contrib/wrt/Makefile +rename to contrib/lease-tools/Makefile +diff --git a/contrib/wrt/dhcp_lease_time.1 b/contrib/lease-tools/dhcp_lease_time.1 +similarity index 100% +rename from contrib/wrt/dhcp_lease_time.1 +rename to contrib/lease-tools/dhcp_lease_time.1 +diff --git a/contrib/wrt/dhcp_lease_time.c b/contrib/lease-tools/dhcp_lease_time.c +similarity index 100% +rename from contrib/wrt/dhcp_lease_time.c +rename to contrib/lease-tools/dhcp_lease_time.c +diff --git a/contrib/wrt/dhcp_release.1 b/contrib/lease-tools/dhcp_release.1 +similarity index 100% +rename from contrib/wrt/dhcp_release.1 +rename to contrib/lease-tools/dhcp_release.1 +diff --git a/contrib/wrt/dhcp_release.c b/contrib/lease-tools/dhcp_release.c +similarity index 100% +rename from contrib/wrt/dhcp_release.c +rename to contrib/lease-tools/dhcp_release.c +diff --git a/debian/rules b/debian/rules +index 8612092..193b30c 100755 +--- a/debian/rules ++++ b/debian/rules +@@ -93,7 +93,7 @@ clean: + $(checkdir) + rm -rf debian/daemon debian/base debian/utils debian/*~ debian/files debian/substvars debian/utils-substvars + make clean +- make -C contrib/wrt clean ++ make -C contrib/lease-tools clean + + binary-indep: checkroot + $(checkdir) +@@ -184,12 +184,12 @@ ifeq ($(DEB_HOST_ARCH_OS),linux) + -d debian/utils/usr/share/man/man1 \ + -d debian/utils/usr/bin \ + -d debian/utils/usr/share/doc/dnsmasq-utils +- make -C contrib/wrt PREFIX=/usr DESTDIR=`pwd`/debian/utils CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" COPTS="$(DEB_COPTS)" CC=gcc +- install -m 755 contrib/wrt/dhcp_release debian/utils/usr/bin/dhcp_release +- install -m 644 contrib/wrt/dhcp_release.1 debian/utils/usr/share/man/man1/dhcp_release.1 ++ make -C contrib/lease-tools PREFIX=/usr DESTDIR=`pwd`/debian/utils CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" COPTS="$(DEB_COPTS)" CC=gcc ++ install -m 755 contrib/lease-tools/dhcp_release debian/utils/usr/bin/dhcp_release ++ install -m 644 contrib/lease-tools/dhcp_release.1 debian/utils/usr/share/man/man1/dhcp_release.1 + gzip -9n debian/utils/usr/share/man/man1/dhcp_release.1 +- install -m 755 contrib/wrt/dhcp_lease_time debian/utils/usr/bin/dhcp_lease_time +- install -m 644 contrib/wrt/dhcp_lease_time.1 debian/utils/usr/share/man/man1/dhcp_lease_time.1 ++ install -m 755 contrib/lease-tools/dhcp_lease_time debian/utils/usr/bin/dhcp_lease_time ++ install -m 644 contrib/lease-tools/dhcp_lease_time.1 debian/utils/usr/share/man/man1/dhcp_lease_time.1 + install -m 644 debian/copyright debian/utils/usr/share/doc/dnsmasq-utils/copyright + install -m 644 debian/changelog debian/utils/usr/share/doc/dnsmasq-utils/changelog.Debian + gzip -9n debian/utils/usr/share/doc/dnsmasq-utils/changelog.Debian +-- +2.5.5 + diff --git a/src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch b/src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch new file mode 100644 index 0000000..6426d39 --- /dev/null +++ b/src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch @@ -0,0 +1,528 @@ +From 69cbf78bb676e493f0a4cd6dc7ffec0fcafafed5 Mon Sep 17 00:00:00 2001 +From: Simon Kelley <simon(a)thekelleys.org.uk> +Date: Tue, 3 May 2016 21:33:38 +0100 +Subject: [PATCH] Add contrib/lease-tools/dhcp_release6 + +--- + CHANGELOG | 6 + + contrib/lease-tools/Makefile | 4 +- + contrib/lease-tools/dhcp_release6.1 | 38 ++++ + contrib/lease-tools/dhcp_release6.c | 416 ++++++++++++++++++++++++++++++++++++ + debian/rules | 3 + + 5 files changed, 465 insertions(+), 2 deletions(-) + create mode 100644 contrib/lease-tools/dhcp_release6.1 + create mode 100644 contrib/lease-tools/dhcp_release6.c + +diff --git a/CHANGELOG b/CHANGELOG +index aa53fba..7d4a061 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -65,6 +65,12 @@ version 2.76 + --servers-file to define upstream DNS servers. Thanks to + Scott Bonar for the bug report. + ++ Move the dhcp_release and dhcp_lease_time tools from ++ contrib/wrt to contrib/lease-tools. ++ ++ Add dhcp_release6 to contrib/lease-tools. Many thanks ++ to Sergey Nechaev for this code. ++ + + version 2.75 + Fix reversion on 2.74 which caused 100% CPU use when a +diff --git a/contrib/lease-tools/Makefile b/contrib/lease-tools/Makefile +index 68e8d32..f38f2ed 100644 +--- a/contrib/lease-tools/Makefile ++++ b/contrib/lease-tools/Makefile +@@ -1,6 +1,6 @@ + CFLAGS?= -O2 -Wall -W + +-all: dhcp_release dhcp_lease_time ++all: dhcp_release dhcp_release6 dhcp_lease_time + + clean: +- rm -f *~ *.o core dhcp_release dhcp_lease_time ++ rm -f *~ *.o core dhcp_release dhcp_release6 dhcp_lease_time +diff --git a/contrib/lease-tools/dhcp_release6.1 b/contrib/lease-tools/dhcp_release6.1 +new file mode 100644 +index 0000000..763e01c +--- /dev/null ++++ b/contrib/lease-tools/dhcp_release6.1 +@@ -0,0 +1,38 @@ ++.TH DHCP_RELEASE 1 ++.SH NAME ++dhcp_release6 \- Release a DHCPv6 lease on a the local dnsmasq DHCP server. ++.SH SYNOPSIS ++.B dhcp_release6 --iface <interface> --client-id <client-id> --server-id ++server-id --iaid <iaid> --ip <IP> [--dry-run] [--help] ++.SH "DESCRIPTION" ++A utility which forces the DHCP server running on this machine to release a ++DHCPv6 lease. ++.SS OPTIONS ++.IP "-a, --ip" ++IPv6 address to release. ++.IP "-c, --client-id" ++Colon-separated hex string representing DHCPv6 client id. Normally ++it can be found in leases file both on client and server. ++.IP "-d, --dry-run" ++Print hexadecimal representation of generated DHCPv6 release packet to standard ++output and exit. ++.IP "-h, --help" ++print usage information to standard output and exit. ++.IP "-i, --iaid" ++Decimal representation of DHCPv6 IAID. Normally it can be found in leases file ++both on client and server. ++.IP "-n, --iface" ++Network interface to send a DHCPv6 release packet from. ++.IP "-s, --server-id" ++Colon-separated hex string representing DHCPv6 server id. Normally ++it can be found in leases file both on client and server. ++.SH NOTES ++MUST be run as root - will fail otherwise. ++.SH LIMITATIONS ++Only usable on IPv6 DHCP leases. ++.SH SEE ALSO ++.BR dnsmasq (8) ++.SH AUTHOR ++This manual page was written by Simon Kelley <simon(a)thekelleys.org.uk>. ++ ++ +diff --git a/contrib/lease-tools/dhcp_release6.c b/contrib/lease-tools/dhcp_release6.c +new file mode 100644 +index 0000000..74fb26a +--- /dev/null ++++ b/contrib/lease-tools/dhcp_release6.c +@@ -0,0 +1,416 @@ ++/* ++ dhcp_release6 --iface <interface> --client-id <client-id> --server-id ++ server-id --iaid <iaid> --ip <IP> [--dry-run] [--help] ++ MUST be run as root - will fail othewise ++ */ ++ ++/* Send a DHCPRELEASE message to IPv6 multicast address via the specified interface ++ to tell the local DHCP server to delete a particular lease. ++ ++ The interface argument is the interface in which a DHCP ++ request _would_ be received if it was coming from the client, ++ rather than being faked up here. ++ ++ The client-id argument is colon-separated hex string and mandatory. Normally ++ it can be found in leases file both on client and server ++ ++ The server-id argument is colon-separated hex string and mandatory. Normally ++ it can be found in leases file both on client and server. ++ ++ The iaid argument is numeric string and mandatory. Normally ++ it can be found in leases file both on client and server. ++ ++ IP is an IPv6 adress to release ++ ++ If --dry-run is specified, dhcp_release6 just prints hexadecimal represantation of ++ packet to send to stdout and exits. ++ ++ If --help is specified, dhcp_release6 print usage information to stdout and exits ++ ++ ++ ++ */ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <strings.h> ++#include <sys/types.h> ++#include <sys/socket.h> ++#include <arpa/inet.h> ++#include <getopt.h> ++#include <errno.h> ++#include <unistd.h> ++ ++#define NOT_REPLY_CODE 115 ++typedef unsigned char u8; ++typedef unsigned short u16; ++typedef unsigned int u32; ++ ++enum DHCP6_TYPES{ ++ SOLICIT = 1, ++ ADVERTISE = 2, ++ REQUEST = 3, ++ CONFIRM = 4, ++ RENEW = 5, ++ REBIND = 6, ++ REPLY = 7, ++ RELEASE = 8, ++ DECLINE = 9, ++ RECONFIGURE = 10, ++ INFORMATION_REQUEST = 11, ++ RELAY_FORW = 12, ++ RELAY_REPL = 13 ++ ++}; ++enum DHCP6_OPTIONS{ ++ CLIENTID = 1, ++ SERVERID = 2, ++ IA_NA = 3, ++ IA_TA = 4, ++ IAADDR = 5, ++ ORO = 6, ++ PREFERENCE = 7, ++ ELAPSED_TIME = 8, ++ RELAY_MSG = 9, ++ AUTH = 11, ++ UNICAST = 12, ++ STATUS_CODE = 13, ++ RAPID_COMMIT = 14, ++ USER_CLASS = 15, ++ VENDOR_CLASS = 16, ++ VENDOR_OPTS = 17, ++ INTERFACE_ID = 18, ++ RECONF_MSG = 19, ++ RECONF_ACCEPT = 20, ++}; ++ ++enum DHCP6_STATUSES{ ++ SUCCESS = 0, ++ UNSPEC_FAIL = 1, ++ NOADDR_AVAIL=2, ++ NO_BINDING = 3, ++ NOT_ON_LINK = 4, ++ USE_MULTICAST =5 ++}; ++static struct option longopts[] = { ++ {"ip", required_argument, 0, 'a'}, ++ {"server-id", required_argument, 0, 's'}, ++ {"client-id", required_argument, 0, 'c'}, ++ {"iface", required_argument, 0, 'n'}, ++ {"iaid", required_argument, 0, 'i'}, ++ {"dry-run", no_argument, 0, 'd'}, ++ {"help", no_argument, 0, 'h'}, ++ {0, 0, 0, 0} ++}; ++ ++const short DHCP6_CLIENT_PORT = 546; ++const short DHCP6_SERVER_PORT = 547; ++ ++const char* DHCP6_MULTICAST_ADDRESS = "ff02::1:2"; ++ ++struct dhcp6_option{ ++ uint16_t type; ++ uint16_t len; ++ char value[1024]; ++}; ++ ++struct dhcp6_iaaddr_option{ ++ uint16_t type; ++ uint16_t len; ++ struct in6_addr ip; ++ uint32_t preferred_lifetime; ++ uint32_t valid_lifetime; ++ ++ ++}; ++ ++struct dhcp6_iana_option{ ++ uint16_t type; ++ uint16_t len; ++ uint32_t iaid; ++ uint32_t t1; ++ uint32_t t2; ++ char options[1024]; ++}; ++ ++ ++struct dhcp6_packet{ ++ size_t len; ++ char buf[2048]; ++ ++} ; ++ ++size_t pack_duid(const char* str, char* dst){ ++ ++ char* tmp = strdup(str); ++ char* tmp_to_free = tmp; ++ char *ptr; ++ uint8_t write_pos = 0; ++ while ((ptr = strtok (tmp, ":"))) { ++ dst[write_pos] = (uint8_t) strtol(ptr, NULL, 16); ++ write_pos += 1; ++ tmp = NULL; ++ ++ } ++ free(tmp_to_free); ++ return write_pos; ++} ++ ++struct dhcp6_option create_client_id_option(const char* duid){ ++ struct dhcp6_option option; ++ option.type = htons(CLIENTID); ++ bzero(option.value, sizeof(option.value)); ++ option.len = htons(pack_duid(duid, option.value)); ++ return option; ++} ++ ++struct dhcp6_option create_server_id_option(const char* duid){ ++ struct dhcp6_option option; ++ option.type = htons(SERVERID); ++ bzero(option.value, sizeof(option.value)); ++ option.len = htons(pack_duid(duid, option.value)); ++ return option; ++} ++ ++struct dhcp6_iaaddr_option create_iaadr_option(const char* ip){ ++ struct dhcp6_iaaddr_option result; ++ result.type =htons(IAADDR); ++ /* no suboptions needed here, so length is 24 */ ++ result.len = htons(24); ++ result.preferred_lifetime = 0; ++ result.valid_lifetime = 0; ++ int s = inet_pton(AF_INET6, ip, &(result.ip)); ++ if (s <= 0) { ++ if (s == 0) ++ fprintf(stderr, "Not in presentation format"); ++ else ++ perror("inet_pton"); ++ exit(EXIT_FAILURE); ++ } ++ return result; ++} ++struct dhcp6_iana_option create_iana_option(const char * iaid, struct dhcp6_iaaddr_option ia_addr){ ++ struct dhcp6_iana_option result; ++ result.type = htons(IA_NA); ++ result.iaid = htonl(atoi(iaid)); ++ result.t1 = 0; ++ result.t2 = 0; ++ result.len = htons(12 + ntohs(ia_addr.len) + 2 * sizeof(uint16_t)); ++ memcpy(result.options, &ia_addr, ntohs(ia_addr.len) + 2 * sizeof(uint16_t)); ++ return result; ++} ++ ++struct dhcp6_packet create_release_packet(const char* iaid, const char* ip, const char* client_id, const char* server_id){ ++ struct dhcp6_packet result; ++ bzero(result.buf, sizeof(result.buf)); ++ /* message_type */ ++ result.buf[0] = RELEASE; ++ /* tx_id */ ++ bzero(result.buf+1, 3); ++ ++ struct dhcp6_option client_option = create_client_id_option(client_id); ++ struct dhcp6_option server_option = create_server_id_option(server_id); ++ struct dhcp6_iaaddr_option iaaddr_option = create_iaadr_option(ip); ++ struct dhcp6_iana_option iana_option = create_iana_option(iaid, iaaddr_option); ++ int offset = 4; ++ memcpy(result.buf + offset, &client_option, ntohs(client_option.len) + 2*sizeof(uint16_t)); ++ offset += (ntohs(client_option.len)+ 2 *sizeof(uint16_t) ); ++ memcpy(result.buf + offset, &server_option, ntohs(server_option.len) + 2*sizeof(uint16_t) ); ++ offset += (ntohs(server_option.len)+ 2* sizeof(uint16_t)); ++ memcpy(result.buf + offset, &iana_option, ntohs(iana_option.len) + 2*sizeof(uint16_t) ); ++ offset += (ntohs(iana_option.len)+ 2* sizeof(uint16_t)); ++ result.len = offset; ++ return result; ++} ++ ++uint16_t parse_iana_suboption(char* buf, size_t len){ ++ size_t current_pos = 0; ++ char option_value[1024]; ++ while (current_pos < len) { ++ uint16_t option_type, option_len; ++ memcpy(&option_type,buf + current_pos, sizeof(uint16_t)); ++ memcpy(&option_len,buf + current_pos + sizeof(uint16_t), sizeof(uint16_t)); ++ option_type = ntohs(option_type); ++ option_len = ntohs(option_len); ++ current_pos += 2 * sizeof(uint16_t); ++ if (option_type == STATUS_CODE){ ++ uint16_t status; ++ memcpy(&status, buf + current_pos, sizeof(uint16_t)); ++ status = ntohs(status); ++ if (status != SUCCESS){ ++ memcpy(option_value, buf + current_pos + sizeof(uint16_t) , option_len - sizeof(uint16_t)); ++ option_value[option_len-sizeof(uint16_t)] ='\0'; ++ fprintf(stderr, "Error: %s\n", option_value); ++ } ++ return status; ++ } ++ } ++ return -2; ++} ++ ++int16_t parse_packet(char* buf, size_t len){ ++ uint8_t type = buf[0]; ++ /*skipping tx id. you need it, uncomment following line ++ uint16_t tx_id = ntohs((buf[1] <<16) + (buf[2] <<8) + buf[3]); ++ */ ++ size_t current_pos = 4; ++ if (type != REPLY ){ ++ return NOT_REPLY_CODE; ++ } ++ char option_value[1024]; ++ while (current_pos < len) { ++ uint16_t option_type, option_len; ++ memcpy(&option_type,buf + current_pos, sizeof(uint16_t)); ++ memcpy(&option_len,buf + current_pos + sizeof(uint16_t), sizeof(uint16_t)); ++ option_type = ntohs(option_type); ++ option_len = ntohs(option_len); ++ current_pos += 2 * sizeof(uint16_t); ++ if (option_type == STATUS_CODE){ ++ uint16_t status; ++ memcpy(&status, buf + current_pos, sizeof(uint16_t)); ++ status = ntohs(status); ++ if (status != SUCCESS){ ++ memcpy(option_value, buf + current_pos +sizeof(uint16_t) , option_len -sizeof(uint16_t)); ++ fprintf(stderr, "Error: %d %s\n", status, option_value); ++ return status; ++ } ++ ++ } ++ if (option_type == IA_NA ){ ++ uint16_t result = parse_iana_suboption(buf + current_pos +24, option_len -24); ++ if (result){ ++ return result; ++ } ++ } ++ current_pos += option_len; ++ ++ } ++ return -1; ++} ++ ++void usage(const char* arg, FILE* stream){ ++ const char* usage_string ="--ip IPv6 --iface IFACE --server-id SERVER_ID --client-id CLIENT_ID --iaid IAID [--dry-run] | --help"; ++ fprintf (stream, "Usage: %s %s\n", arg, usage_string); ++ ++} ++ ++int send_release_packet(const char* iface, struct dhcp6_packet* packet){ ++ ++ struct sockaddr_in6 server_addr, client_addr; ++ char response[1400]; ++ int sock = socket(PF_INET6, SOCK_DGRAM, 0); ++ int i = 0; ++ if (sock < 0) { ++ perror("creating socket"); ++ return -1; ++ } ++ if (setsockopt(sock, SOL_SOCKET, 25, iface, strlen(iface)) == -1) { ++ perror("SO_BINDTODEVICE"); ++ close(sock); ++ return -1; ++ } ++ memset(&server_addr, 0, sizeof(server_addr)); ++ server_addr.sin6_family = AF_INET6; ++ client_addr.sin6_family = AF_INET6; ++ client_addr.sin6_port = htons(DHCP6_CLIENT_PORT); ++ client_addr.sin6_flowinfo = 0; ++ client_addr.sin6_scope_id =0; ++ inet_pton(AF_INET6, "::", &client_addr.sin6_addr); ++ bind(sock, (struct sockaddr*)&client_addr, sizeof(struct sockaddr_in6)); ++ inet_pton(AF_INET6, DHCP6_MULTICAST_ADDRESS, &server_addr.sin6_addr); ++ server_addr.sin6_port = htons(DHCP6_SERVER_PORT); ++ int16_t recv_size = 0; ++ for (i = 0; i < 5; i++) { ++ if (sendto(sock, packet->buf, packet->len, 0, ++ (struct sockaddr *)&server_addr, ++ sizeof(server_addr)) < 0) { ++ perror("sendto failed"); ++ exit(4); ++ } ++ recv_size = recvfrom(sock, response, sizeof(response), MSG_DONTWAIT, NULL, 0); ++ if (recv_size == -1){ ++ if (errno == EAGAIN){ ++ sleep(1); ++ continue; ++ }else { ++ perror("recvfrom"); ++ } ++ } ++ int16_t result = parse_packet(response, recv_size); ++ if (result == NOT_REPLY_CODE){ ++ sleep(1); ++ continue; ++ } ++ return result; ++ } ++ fprintf(stderr, "Response timed out\n"); ++ return -1; ++ ++} ++ ++ ++int main(int argc, char * const argv[]) { ++ const char* iface = ""; ++ const char* ip = ""; ++ const char* client_id = ""; ++ const char* server_id = ""; ++ const char* iaid = ""; ++ int dry_run = 0; ++ while (1) { ++ int option_index = 0; ++ int c = getopt_long(argc, argv, "a:s:c:n:i:hd", longopts, &option_index); ++ if (c == -1){ ++ break; ++ } ++ switch(c){ ++ case 0: ++ if (longopts[option_index].flag !=0){ ++ break; ++ } ++ printf ("option %s", longopts[option_index].name); ++ if (optarg) ++ printf (" with arg %s", optarg); ++ printf ("\n"); ++ break; ++ case 'i': ++ iaid = optarg; ++ break; ++ case 'n': ++ iface = optarg; ++ break; ++ case 'a': ++ ip = optarg; ++ break; ++ case 'c': ++ client_id = optarg; ++ break; ++ case 'd': ++ dry_run = 1; ++ break; ++ case 's': ++ server_id = optarg; ++ break; ++ case 'h': ++ usage(argv[0], stdout); ++ break; ++ case '?': ++ usage(argv[0], stderr); ++ return -1; ++ default: ++ abort(); ++ ++ } ++ ++ } ++ struct dhcp6_packet packet = create_release_packet(iaid, ip, client_id, server_id); ++ if (dry_run){ ++ uint16_t i; ++ for(i=0;i<packet.len;i++){ ++ printf("%hhx", packet.buf[i]); ++ } ++ printf("\n"); ++ return 0; ++ } ++ return send_release_packet(iface, &packet); ++ ++} +diff --git a/debian/rules b/debian/rules +index 193b30c..d748829 100755 +--- a/debian/rules ++++ b/debian/rules +@@ -188,6 +188,9 @@ ifeq ($(DEB_HOST_ARCH_OS),linux) + install -m 755 contrib/lease-tools/dhcp_release debian/utils/usr/bin/dhcp_release + install -m 644 contrib/lease-tools/dhcp_release.1 debian/utils/usr/share/man/man1/dhcp_release.1 + gzip -9n debian/utils/usr/share/man/man1/dhcp_release.1 ++ install -m 755 contrib/lease-tools/dhcp_release6 debian/utils/usr/bin/dhcp_release6 ++ install -m 644 contrib/lease-tools/dhcp_release6.1 debian/utils/usr/share/man/man1/dhcp_release6.1 ++ gzip -9n debian/utils/usr/share/man/man1/dhcp_release6.1 + install -m 755 contrib/lease-tools/dhcp_lease_time debian/utils/usr/bin/dhcp_lease_time + install -m 644 contrib/lease-tools/dhcp_lease_time.1 debian/utils/usr/share/man/man1/dhcp_lease_time.1 + install -m 644 debian/copyright debian/utils/usr/share/doc/dnsmasq-utils/copyright +-- +2.5.5 + diff --git a/src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch b/src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch new file mode 100644 index 0000000..3486104 --- /dev/null +++ b/src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch @@ -0,0 +1,85 @@ +From b97026035ecc870ea0f12f537b214237cf3d0af6 Mon Sep 17 00:00:00 2001 +From: Simon Kelley <simon(a)thekelleys.org.uk> +Date: Tue, 3 May 2016 22:34:06 +0100 +Subject: [PATCH] Limit number of upstream nameservers when logging + configuration. + +--- + CHANGELOG | 5 +++++ + src/config.h | 1 + + src/network.c | 10 ++++++++-- + 3 files changed, 14 insertions(+), 2 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 7d4a061..f3220d8 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -71,6 +71,11 @@ version 2.76 + Add dhcp_release6 to contrib/lease-tools. Many thanks + to Sergey Nechaev for this code. + ++ To avoid filling logs in configurations which define ++ many upstream nameservers, don't log more that 30 servers. ++ The number to be logged can be changed as SERVERS_LOGGED ++ in src/config.h. ++ + + version 2.75 + Fix reversion on 2.74 which caused 100% CPU use when a +diff --git a/src/config.h b/src/config.h +index c3bbbcb..80a50e1 100644 +--- a/src/config.h ++++ b/src/config.h +@@ -25,6 +25,7 @@ + #define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */ + #define FORWARD_TEST 50 /* try all servers every 50 queries */ + #define FORWARD_TIME 20 /* or 20 seconds */ ++#define SERVERS_LOGGED 30 /* Only log this many servers when logging state */ + #define RANDOM_SOCKS 64 /* max simultaneous random ports */ + #define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */ + #define CACHESIZ 150 /* default cache size */ +diff --git a/src/network.c b/src/network.c +index da8a7f4..e7722fd 100644 +--- a/src/network.c ++++ b/src/network.c +@@ -1429,7 +1429,7 @@ void check_servers(void) + { + struct irec *iface; + struct server *serv; +- int port = 0; ++ int port = 0, count; + + /* interface may be new since startup */ + if (!option_bool(OPT_NOWILD)) +@@ -1442,7 +1442,7 @@ void check_servers(void) + serv->flags |= SERV_DO_DNSSEC; + #endif + +- for (serv = daemon->servers; serv; serv = serv->next) ++ for (count = 0, serv = daemon->servers; serv; serv = serv->next) + { + if (!(serv->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR | SERV_USE_RESOLV | SERV_NO_REBIND))) + { +@@ -1509,6 +1509,9 @@ void check_servers(void) + + if (!(serv->flags & SERV_NO_REBIND) && !(serv->flags & SERV_LITERAL_ADDRESS)) + { ++ if (++count > SERVERS_LOGGED) ++ continue; ++ + if (serv->flags & (SERV_HAS_DOMAIN | SERV_FOR_NODOTS | SERV_USE_RESOLV)) + { + char *s1, *s2, *s3 = ""; +@@ -1540,6 +1543,9 @@ void check_servers(void) + my_syslog(LOG_INFO, _("using nameserver %s#%d"), daemon->namebuff, port); + } + } ++ ++ if (count - 1 > SERVERS_LOGGED) ++ my_syslog(LOG_INFO, _("using %d more nameservers"), count - SERVERS_LOGGED - 1); + + cleanup_servers(); + } +-- +2.5.5 + diff --git a/src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch b/src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch new file mode 100644 index 0000000..3c90ca3 --- /dev/null +++ b/src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch @@ -0,0 +1,70 @@ +From ff325644c7afae2588583f935f4ea9b9694eb52e Mon Sep 17 00:00:00 2001 +From: Neil Jerram <Neil.Jerram(a)metaswitch.com> +Date: Tue, 3 May 2016 22:45:14 +0100 +Subject: [PATCH] Fix for DHCP in transmission interface when + --bridge-interface in use. + +From f3d832b41f44c856003517c583fbd7af4dca722c Mon Sep 17 00:00:00 2001 +From: Neil Jerram <Neil.Jerram(a)metaswitch.com> +Date: Fri, 8 Apr 2016 19:23:47 +0100 +Subject: [PATCH] Fix DHCPv4 reply via --bridge-interface alias interface + +Sending a DHCPv4 reply through a --bridge-interface alias interface +was inadvertently broken by + + commit 65c721200023ef0023114459a8d12f8b0a24cfd8 + Author: Lung-Pin Chang <changlp(a)cs.nctu.edu.tw> + Date: Thu Mar 19 23:22:21 2015 +0000 + + dhcp: set outbound interface via cmsg in unicast reply + + If multiple routes to the same network exist, Linux blindly picks + the first interface (route) based on destination address, which might not be + the one we're actually offering leases. Rather than relying on this, + always set the interface for outgoing unicast DHCP packets. + +because in the aliasing case, iface_index is changed from the index of +the interface on which the packet was received, to be the interface +index of the 'bridge' interface (where the DHCP context is expected to +be defined, and so needs to be looked up). + +For the cmsg code that the cited commit added, we need the original +iface_index; so this commit saves that off before the aliasing code +can change it, as rcvd_iface_index, and then uses rcvd_iface_index +instead of iface_index for the cmsg code. +--- + src/dhcp.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/dhcp.c b/src/dhcp.c +index 00145bc..10f1fb9 100644 +--- a/src/dhcp.c ++++ b/src/dhcp.c +@@ -146,6 +146,7 @@ void dhcp_packet(time_t now, int pxe_fd) + struct iovec iov; + ssize_t sz; + int iface_index = 0, unicast_dest = 0, is_inform = 0; ++ int rcvd_iface_index; + struct in_addr iface_addr; + struct iface_param parm; + #ifdef HAVE_LINUX_NETWORK +@@ -230,6 +231,7 @@ void dhcp_packet(time_t now, int pxe_fd) + --bridge-interface option), change ifr.ifr_name so that we look + for DHCP contexts associated with the aliased interface instead + of with the aliasing one. */ ++ rcvd_iface_index = iface_index; + for (bridge = daemon->bridges; bridge; bridge = bridge->next) + { + for (alias = bridge->alias; alias; alias = alias->next) +@@ -387,7 +389,7 @@ void dhcp_packet(time_t now, int pxe_fd) + msg.msg_controllen = sizeof(control_u); + cmptr = CMSG_FIRSTHDR(&msg); + pkt = (struct in_pktinfo *)CMSG_DATA(cmptr); +- pkt->ipi_ifindex = iface_index; ++ pkt->ipi_ifindex = rcvd_iface_index; + pkt->ipi_spec_dst.s_addr = 0; + msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo)); + cmptr->cmsg_level = IPPROTO_IP; +-- +2.5.5 + -- 2.8.2

1 0

IPFire 2.19 - Core Update 102 released
by Michael Tremer 04 May '16

04 May '16

http://www.ipfire.org/news/ipfire-2-19-core-update-102-released This is the official release announcement for IPFire 2.19 – Core Update 102. This update contains various security fixes in the OpenSSL library. It is recommended to install this update as soon as possible. OpenSSL Security Fixes The OpenSSL team published fixes for several security issues [1] yesterday: * Memory corruption in the ASN.1 encoder (CVE-2016-2108) * Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) * EVP_EncodeUpdate overflow (CVE-2016-2105) * EVP_EncryptUpdate overflow (CVE-2016-2106) * ASN.1 BIO excessive memory allocation (CVE-2016-2109) * EBCDIC overread (CVE-2016-2176) This Core Update brings you OpenSSL 1.0.2h which fixes all of these above. Additionally OpenSSH is updated to version 7.2p2 and will be restarted during the update. We are currently crowdfunding a Captive Portal for IPFire [2] and would like you to ask to check it out and support us! Please help us to support the work on IPFire Project with your donation [3]. [1] https://www.openssl.org/news/secadv/20160503.txt [2] http://wishlist.ipfire.org/wish/the-ipfire-captive-portal [3] http://www.ipfire.org/donate

1 0

IPFire 2.19 - Core Update 102 released
by The IPFire Project 04 May '16

04 May '16

h_t_t_p://www.ipfire.org/news/ipfire-2-19-core-update-102-released This is the official release announcement for IPFire 2.19 – Core Update 102. This update contains various security fixes in the OpenSSL library. It is recommended to install this update as soon as possible. OpenSSL Security Fixes The OpenSSL team published fixes for several security issues [1] yesterday: * Memory corruption in the ASN.1 encoder (CVE-2016-2108) * Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) * EVP_EncodeUpdate overflow (CVE-2016-2105) * EVP_EncryptUpdate overflow (CVE-2016-2106) * ASN.1 BIO excessive memory allocation (CVE-2016-2109) * EBCDIC overread (CVE-2016-2176) This Core Update brings you OpenSSL 1.0.2h which fixes all of these above. Additionally OpenSSH is updated to version 7.2p2 and will be restarted during the update. We are currently crowdfunding a Captive Portal for IPFire [2] and would like you to ask to check it out and support us! Please help us to support the work on IPFire Project with your donation [3]. [1] h_t_t_ps://www.openssl.org/news/secadv/20160503.txt [2] h_t_t_p://wishlist.ipfire.org/wish/the-ipfire-captive-portal [3] h_t_t_p://www.ipfire.org/donate _______________________________________________ IPFire-Announce mailing list IPFire-Announce(a)lists.ipfire.org h_t_t_p://lists.ipfire.org/mailman/listinfo/ipfire-announce

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Development May 2016