mirror of https://github.com/hak5/openwrt-owl.git
dnsmasq: bump to 2.73rc6
Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45572owl
parent
6bfb1a4b11
commit
62e7f07615
|
@ -8,12 +8,12 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=dnsmasq
|
||||
PKG_VERSION:=2.73rc4
|
||||
PKG_RELEASE:=2
|
||||
PKG_VERSION:=2.73rc6
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
|
||||
PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/release-candidates
|
||||
PKG_MD5SUM:=24569c7605059aee175b1776201afa93
|
||||
PKG_MD5SUM:=9ee735fe4f1250620f007039a034710f
|
||||
|
||||
PKG_LICENSE:=GPL-2.0
|
||||
PKG_LICENSE_FILES:=COPYING
|
||||
|
|
|
@ -1,113 +0,0 @@
|
|||
From 38440b204db65f9be16c4c3daa7e991e4356f6ed Mon Sep 17 00:00:00 2001
|
||||
From: Simon Kelley <simon@thekelleys.org.uk>
|
||||
Date: Sun, 12 Apr 2015 21:52:47 +0100
|
||||
Subject: [PATCH] Fix crash in auth code with odd configuration.
|
||||
|
||||
---
|
||||
CHANGELOG | 32 +++++++++++++++++++++-----------
|
||||
src/auth.c | 13 ++++++++-----
|
||||
2 files changed, 29 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/CHANGELOG b/CHANGELOG
|
||||
index 9af6170..f2142c7 100644
|
||||
--- a/CHANGELOG
|
||||
+++ b/CHANGELOG
|
||||
@@ -68,18 +68,31 @@ version 2.73
|
||||
Fix broken DNSSEC validation of ECDSA signatures.
|
||||
|
||||
Add --dnssec-timestamp option, which provides an automatic
|
||||
- way to detect when the system time becomes valid after boot
|
||||
- on systems without an RTC, whilst allowing DNS queries before the
|
||||
- clock is valid so that NTP can run. Thanks to
|
||||
- Kevin Darbyshire-Bryant for developing this idea.
|
||||
+ way to detect when the system time becomes valid after
|
||||
+ boot on systems without an RTC, whilst allowing DNS
|
||||
+ queries before the clock is valid so that NTP can run.
|
||||
+ Thanks to Kevin Darbyshire-Bryant for developing this idea.
|
||||
|
||||
Add --tftp-no-fail option. Thanks to Stefan Tomanek for
|
||||
the patch.
|
||||
|
||||
- Fix crash caused by looking up servers.bind, CHAOS text record,
|
||||
- when more than about five --servers= lines are in the dnsmasq
|
||||
- config. This causes memory corruption which causes a crash later.
|
||||
- Thanks to Matt Coddington for sterling work chasing this down.
|
||||
+ Fix crash caused by looking up servers.bind, CHAOS text
|
||||
+ record, when more than about five --servers= lines are
|
||||
+ in the dnsmasq config. This causes memory corruption
|
||||
+ which causes a crash later. Thanks to Matt Coddington for
|
||||
+ sterling work chasing this down.
|
||||
+
|
||||
+ Fix crash on receipt of certain malformed DNS requests.
|
||||
+ Thanks to Nick Sampanis for spotting the problem.
|
||||
+
|
||||
+ Fix crash in authoritative DNS code, if a .arpa zone
|
||||
+ is declared as authoritative, and then a PTR query which
|
||||
+ is not to be treated as authoritative arrived. Normally,
|
||||
+ directly declaring .arpa zone as authoritative is not
|
||||
+ done, so this crash wouldn't be seen. Instead the
|
||||
+ relevant .arpa zone should be specified as a subnet
|
||||
+ in the auth-zone declaration. Thanks to Johnny S. Lee
|
||||
+ for the bugreport and initial patch.
|
||||
|
||||
|
||||
version 2.72
|
||||
@@ -125,10 +138,7 @@ version 2.72
|
||||
Fix problem with --local-service option on big-endian platforms
|
||||
Thanks to Richard Genoud for the patch.
|
||||
|
||||
- Fix crash on receipt of certain malformed DNS requests. Thanks
|
||||
- to Nick Sampanis for spotting the problem.
|
||||
|
||||
-
|
||||
version 2.71
|
||||
Subtle change to error handling to help DNSSEC validation
|
||||
when servers fail to provide NODATA answers for
|
||||
diff --git a/src/auth.c b/src/auth.c
|
||||
index 15721e5..4a5c39f 100644
|
||||
--- a/src/auth.c
|
||||
+++ b/src/auth.c
|
||||
@@ -141,7 +141,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
|
||||
for (zone = daemon->auth_zones; zone; zone = zone->next)
|
||||
if ((subnet = find_subnet(zone, flag, &addr)))
|
||||
break;
|
||||
-
|
||||
+
|
||||
if (!zone)
|
||||
{
|
||||
auth = 0;
|
||||
@@ -186,7 +186,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
|
||||
|
||||
if (intr)
|
||||
{
|
||||
- if (in_zone(zone, intr->name, NULL))
|
||||
+ if (local_query || in_zone(zone, intr->name, NULL))
|
||||
{
|
||||
found = 1;
|
||||
log_query(flag | F_REVERSE | F_CONFIG, intr->name, &addr, NULL);
|
||||
@@ -208,8 +208,11 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
|
||||
*p = 0; /* must be bare name */
|
||||
|
||||
/* add external domain */
|
||||
- strcat(name, ".");
|
||||
- strcat(name, zone->domain);
|
||||
+ if (zone)
|
||||
+ {
|
||||
+ strcat(name, ".");
|
||||
+ strcat(name, zone->domain);
|
||||
+ }
|
||||
log_query(flag | F_DHCP | F_REVERSE, name, &addr, record_source(crecp->uid));
|
||||
found = 1;
|
||||
if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
|
||||
@@ -217,7 +220,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
|
||||
T_PTR, C_IN, "d", name))
|
||||
anscount++;
|
||||
}
|
||||
- else if (crecp->flags & (F_DHCP | F_HOSTS) && in_zone(zone, name, NULL))
|
||||
+ else if (crecp->flags & (F_DHCP | F_HOSTS) && (local_query || in_zone(zone, name, NULL)))
|
||||
{
|
||||
log_query(crecp->flags & ~F_FORWARD, name, &addr, record_source(crecp->uid));
|
||||
found = 1;
|
||||
--
|
||||
2.1.4
|
||||
|
|
@ -1,38 +0,0 @@
|
|||
From 35042c3ef61b3bc07f0f9418dff6be6ed78f4aa1 Mon Sep 17 00:00:00 2001
|
||||
From: Steven Barth <steven@midlink.org>
|
||||
Date: Fri, 10 Apr 2015 10:46:57 +0200
|
||||
Subject: [PATCH] Revert "Don't reply to DHCPv6 SOLICIT messages when not
|
||||
configured for statefull DHCPv6."
|
||||
|
||||
This reverts commit 61b838dd574c51d96fef100285a0d225824534f9.
|
||||
---
|
||||
src/rfc3315.c | 13 -------------
|
||||
1 file changed, 13 deletions(-)
|
||||
|
||||
diff --git a/src/rfc3315.c b/src/rfc3315.c
|
||||
index c1ddc80..50131d8 100644
|
||||
--- a/src/rfc3315.c
|
||||
+++ b/src/rfc3315.c
|
||||
@@ -824,19 +824,6 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
|
||||
}
|
||||
else
|
||||
{
|
||||
- /* Windows 8 always requests an address even if the Managed bit
|
||||
- in RA is 0 and it keeps retrying if it receives a reply
|
||||
- stating that no addresses are available. We solve this
|
||||
- by not replying at all if we're not configured to give any
|
||||
- addresses by DHCPv6. RFC 3315 17.2.1. appears to allow this. */
|
||||
-
|
||||
- for (c = state->context; c; c = c->current)
|
||||
- if (!(c->flags & CONTEXT_RA_STATELESS))
|
||||
- break;
|
||||
-
|
||||
- if (!c)
|
||||
- return 0;
|
||||
-
|
||||
/* no address, return error */
|
||||
o1 = new_opt6(OPTION6_STATUS_CODE);
|
||||
put_opt6_short(DHCP6NOADDRS);
|
||||
--
|
||||
2.1.4
|
||||
|
|
@ -8,11 +8,9 @@ Signed-off-by: Steven Barth <steven@midlink.org>
|
|||
src/dnssec.c | 15 +++++++++++----
|
||||
1 file changed, 11 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/dnssec.c b/src/dnssec.c
|
||||
index 05e0983..9c02548 100644
|
||||
--- a/src/dnssec.c
|
||||
+++ b/src/dnssec.c
|
||||
@@ -408,17 +408,24 @@ static int back_to_the_future;
|
||||
@@ -432,17 +432,24 @@ static int back_to_the_future;
|
||||
int setup_timestamp(void)
|
||||
{
|
||||
struct stat statbuf;
|
||||
|
@ -40,7 +38,7 @@ index 05e0983..9c02548 100644
|
|||
{
|
||||
/* time already OK, update timestamp, and do key checking from the start. */
|
||||
if (utime(daemon->timestamp_file, NULL) == -1)
|
||||
@@ -439,7 +446,7 @@ int setup_timestamp(void)
|
||||
@@ -463,7 +470,7 @@ int setup_timestamp(void)
|
||||
|
||||
close(fd);
|
||||
|
||||
|
@ -49,6 +47,3 @@ index 05e0983..9c02548 100644
|
|||
if (utime(daemon->timestamp_file, &timbuf) == 0)
|
||||
goto check_and_exit;
|
||||
}
|
||||
--
|
||||
2.1.4
|
||||
|
||||
|
|
Loading…
Reference in New Issue