diff --git a/dns/dnsmasq-devel/Makefile b/dns/dnsmasq-devel/Makefile index 3c573b4f84d7..ee7a5d95d55f 100644 --- a/dns/dnsmasq-devel/Makefile +++ b/dns/dnsmasq-devel/Makefile @@ -1,148 +1,148 @@ PORTNAME= dnsmasq DISTVERSION= 2.89test1 # remember to bump PORTEPOCH when going from test to rc! # Leave the PORTREVISION in even if 0 to avoid accidental PORTEPOCH bumps: PORTREVISION= 0 PORTEPOCH= 5 CATEGORIES= dns #MASTER_SITES= https://www.thekelleys.org.uk/dnsmasq/release-candidates/ \ # LOCAL/mandree/ MASTER_SITES= https://www.thekelleys.org.uk/dnsmasq/test-releases/ \ LOCAL/mandree/ PKGNAMESUFFIX= -devel MAINTAINER= mandree@FreeBSD.org COMMENT= Lightweight DNS forwarder, DHCP, and TFTP server WWW= https://www.thekelleys.org.uk/dnsmasq/doc.html LICENSE= GPLv2 -DEPRECATED= Short-lived test branch, to be removed after v2.89 release -#IGNORE= please use dns/dnsmasq, which is newer +#DEPRECATED= Short-lived test branch, to be removed after v2.89 release +IGNORE= please use dns/dnsmasq, which is newer USES= cpe shebangfix tar:xz CPE_VENDOR= thekelleys SHEBANG_FILES= contrib/dnslist/dnslist.pl \ contrib/dynamic-dnsmasq/dynamic-dnsmasq.pl MAKE_ARGS= CC="${CC}" \ CFLAGS="${CFLAGS}" \ COPTS="${CFLAGS}" \ LIBS="${LDFLAGS}" \ PREFIX="${PREFIX}" \ RPM_OPT_FLAGS="${CPPFLAGS}" CFLAGS+= -Wall -Wno-unused-function -Wno-unused-parameter \ -Wno-unused-value -Wno-unused-variable CPPFLAGS+= -I${LOCALBASE}/include CONFLICTS_INSTALL= dnsmasq-2* PATCH_STRIP= -p1 SUB_FILES= pkg-message PORTDOCS= CHANGELOG CHANGELOG.archive FAQ doc.html setup.html OPTIONS_DEFINE= DBUS DNSSEC DOCS IPSET IPV6 LUA OPTIONS_DEFAULT= DNSSEC IPSET OPTIONS_RADIO= INTL OPTIONS_RADIO_INTL= IDN NLS OPTIONS_EXCLUDE+= EXAMPLES DNSSEC_DESC= Enable DNSSEC caching and validation (needs nettle) IDN_DESC= IDN: Int'l Domain Names WITHOUT full NLS INTL_DESC= Internationalization Support Level IPSET_DESC= Dynamic firewall management of resolved names (needs PF) LUA_DESC= Support lease-change scripts written in Lua NLS_DESC= IDN+NLS: Int'l Domain Names & National Language support IPSET_CFLAGS_OFF= -DNO_IPSET IPV6_CFLAGS_OFF= -DNO_IPV6 .include .if ${PORT_OPTIONS:MNLS} USES+= gettext gmake iconv pkgconfig CFLAGS+= -DHAVE_LIBIDN2 LIB_DEPENDS+= libidn2.so:dns/libidn2 PLIST_SUB+= NLS="" ALL_TARGET= all-i18n _intllibs= -lidn2 -lintl .else _intllibs= PLIST_SUB+= NLS="@comment " .if ${PORT_OPTIONS:MIDN} USES+= iconv CFLAGS+= -DHAVE_LIBIDN2 LIB_DEPENDS+= libidn2.so:dns/libidn2 _intllibs+= -lidn2 .endif .endif .if ${PORT_OPTIONS:MDBUS} LIB_DEPENDS+= libdbus-1.so:devel/dbus USES+= pkgconfig CPPFLAGS+= `pkg-config --cflags dbus-1` CFLAGS+= -DHAVE_DBUS LDFLAGS+= `pkg-config --libs dbus-1` .endif .if ${PORT_OPTIONS:MLUA} CPPFLAGS+= -I${LUA_INCDIR} CFLAGS+= -DHAVE_LUASCRIPT LDFLAGS+= -L${LUA_LIBDIR} -llua-${LUA_VER} USES+= lua pkgconfig .endif .if ${PORT_OPTIONS:MDNSSEC} CFLAGS+= -DHAVE_DNSSEC -I${LOCALBASE}/include USES+= pkgconfig LIB_DEPENDS+= libgmp.so:math/gmp \ libnettle.so:security/nettle .endif USE_RC_SUBR= dnsmasq .include LDFLAGS+= -L${LOCALBASE}/lib ${_intllibs} ${ICONV_LIB} post-patch: ${REINPLACE_CMD} -e '/^lua_/s/lua5\.2/lua-${LUA_VER}/' ${WRKSRC}/Makefile pre-configure: pretty-print-config .if ${PORT_OPTIONS:MIDN} .if empty(PORT_OPTIONS:MNLS) @if ${READELF} -d ${LOCALBASE}/lib/libidn2.so \ | ${EGREP} -q '\.*\[libintl\.so' ; \ then ${ECHO} ; ${ECHO} 'WARNING: dns/libidn2 was compiled with NLS support!' ; \ ${ECHO} 'Recompile libidn2 WITHOUT_NLS to get rid of NLS dependencies.' ; ${ECHO} ; \ fi .else @${ECHO} 'WARNING: IDN and NLS enabled, building IDN WITH NLS.' .endif .endif do-install: ${INSTALL_PROGRAM} ${WRKSRC}/src/dnsmasq ${STAGEDIR}${PREFIX}/sbin ${INSTALL_DATA} ${WRKSRC}/dnsmasq.conf.example ${STAGEDIR}${PREFIX}/etc/dnsmasq.conf.sample ${REINPLACE_CMD} -i '' 's}%%PREFIX%%}${PREFIX}}' ${STAGEDIR}${PREFIX}/etc/dnsmasq.conf.sample ${INSTALL_MAN} ${WRKSRC}/man/${PORTNAME}.8 ${STAGEDIR}${PREFIX}/man/man8 ${MKDIR} ${STAGEDIR}${DATADIR} ${INSTALL_DATA} ${WRKSRC}/trust-anchors.conf ${STAGEDIR}${DATADIR}/ .if ${PORT_OPTIONS:MDOCS} @${MKDIR} ${STAGEDIR}${DOCSDIR} cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR} .endif .if ${PORT_OPTIONS:MNLS} .for i in de es fi fr id it no pl pt_BR ro ${MKDIR} ${STAGEDIR}${PREFIX}/share/locale/${i}/LC_MESSAGES ${INSTALL_DATA} ${WRKSRC}/src/${i}.mo \ ${STAGEDIR}${PREFIX}/share/locale/${i}/LC_MESSAGES/${PORTNAME}.mo .endfor .endif ${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/dynamic-dnsmasq ${STAGEDIR}${EXAMPLESDIR}/dnslist ${INSTALL_SCRIPT} ${WRKSRC}/contrib/dynamic-dnsmasq/dynamic-dnsmasq.pl ${STAGEDIR}${EXAMPLESDIR}/dynamic-dnsmasq/ ${INSTALL_SCRIPT} ${WRKSRC}/contrib/dnslist/dnslist.pl ${STAGEDIR}${EXAMPLESDIR}/dnslist/ ${INSTALL_DATA} ${WRKSRC}/contrib/dnslist/dhcp.css ${STAGEDIR}${EXAMPLESDIR}/dnslist/ ${INSTALL_DATA} ${WRKSRC}/contrib/dnslist/dnslist.tt2 ${STAGEDIR}${EXAMPLESDIR}/dnslist/ .include diff --git a/dns/dnsmasq/Makefile b/dns/dnsmasq/Makefile index ba26d1ec62a8..3752dda7c16d 100644 --- a/dns/dnsmasq/Makefile +++ b/dns/dnsmasq/Makefile @@ -1,143 +1,143 @@ PORTNAME= dnsmasq -DISTVERSION= 2.88 +DISTVERSION= 2.89 # Leave the PORTREVISION in even if 0 to avoid accidental PORTEPOCH bumps: -PORTREVISION= 1 +PORTREVISION= 0 PORTEPOCH= 1 CATEGORIES= dns MASTER_SITES= https://www.thekelleys.org.uk/dnsmasq/ \ LOCAL/mandree/ MAINTAINER= mandree@FreeBSD.org COMMENT= Lightweight DNS forwarder, DHCP, and TFTP server WWW= https://www.thekelleys.org.uk/dnsmasq/doc.html LICENSE= GPLv2 USES= cpe shebangfix tar:xz CPE_VENDOR= thekelleys SHEBANG_FILES= contrib/dnslist/dnslist.pl \ contrib/dynamic-dnsmasq/dynamic-dnsmasq.pl MAKE_ARGS= CC="${CC}" \ CFLAGS="${CFLAGS}" \ COPTS="${CFLAGS}" \ LIBS="${LDFLAGS}" \ PREFIX="${PREFIX}" \ RPM_OPT_FLAGS="${CPPFLAGS}" CFLAGS+= -Wall -Wno-unused-function -Wno-unused-parameter \ -Wno-unused-value -Wno-unused-variable CPPFLAGS+= -I${LOCALBASE}/include CONFLICTS_INSTALL= dnsmasq-devel PATCH_STRIP= -p1 SUB_FILES= pkg-message PORTDOCS= CHANGELOG CHANGELOG.archive FAQ doc.html setup.html OPTIONS_DEFINE= DBUS DNSSEC DOCS IPSET IPV6 LUA OPTIONS_DEFAULT= DNSSEC IPSET OPTIONS_RADIO= INTL OPTIONS_RADIO_INTL= IDN NLS OPTIONS_EXCLUDE+= EXAMPLES DNSSEC_DESC= Enable DNSSEC caching and validation (needs nettle) IDN_DESC= IDN: Int'l Domain Names WITHOUT full NLS INTL_DESC= Internationalization Support Level IPSET_DESC= Dynamic firewall management of resolved names (needs PF) LUA_DESC= Support lease-change scripts written in Lua NLS_DESC= IDN+NLS: Int'l Domain Names & National Language support IPSET_CFLAGS_OFF= -DNO_IPSET IPV6_CFLAGS_OFF= -DNO_IPV6 .include .if ${PORT_OPTIONS:MNLS} USES+= gettext gmake iconv pkgconfig CFLAGS+= -DHAVE_LIBIDN2 LIB_DEPENDS+= libidn2.so:dns/libidn2 PLIST_SUB+= NLS="" ALL_TARGET= all-i18n _intllibs= -lidn2 -lintl .else _intllibs= PLIST_SUB+= NLS="@comment " .if ${PORT_OPTIONS:MIDN} USES+= iconv CFLAGS+= -DHAVE_LIBIDN2 LIB_DEPENDS+= libidn2.so:dns/libidn2 _intllibs+= -lidn2 .endif .endif .if ${PORT_OPTIONS:MDBUS} LIB_DEPENDS+= libdbus-1.so:devel/dbus USES+= pkgconfig CPPFLAGS+= `pkg-config --cflags dbus-1` CFLAGS+= -DHAVE_DBUS LDFLAGS+= `pkg-config --libs dbus-1` .endif .if ${PORT_OPTIONS:MLUA} CPPFLAGS+= -I${LUA_INCDIR} CFLAGS+= -DHAVE_LUASCRIPT LDFLAGS+= -L${LUA_LIBDIR} -llua-${LUA_VER} USES+= lua pkgconfig .endif .if ${PORT_OPTIONS:MDNSSEC} CFLAGS+= -DHAVE_DNSSEC -I${LOCALBASE}/include USES+= pkgconfig LIB_DEPENDS+= libgmp.so:math/gmp \ libnettle.so:security/nettle .endif USE_RC_SUBR= dnsmasq .include LDFLAGS+= -L${LOCALBASE}/lib ${_intllibs} ${ICONV_LIB} post-patch: ${REINPLACE_CMD} -e '/^lua_/s/lua5\.2/lua-${LUA_VER}/' ${WRKSRC}/Makefile pre-configure: pretty-print-config .if ${PORT_OPTIONS:MIDN} .if empty(PORT_OPTIONS:MNLS) @if ${READELF} -d ${LOCALBASE}/lib/libidn2.so \ | ${EGREP} -q '\.*\[libintl\.so' ; \ then ${ECHO} ; ${ECHO} 'WARNING: dns/libidn2 was compiled with NLS support!' ; \ ${ECHO} 'Recompile libidn2 WITHOUT_NLS to get rid of NLS dependencies.' ; ${ECHO} ; \ fi .else @${ECHO} 'WARNING: IDN and NLS enabled, building IDN WITH NLS.' .endif .endif do-install: ${INSTALL_PROGRAM} ${WRKSRC}/src/dnsmasq ${STAGEDIR}${PREFIX}/sbin ${INSTALL_DATA} ${WRKSRC}/dnsmasq.conf.example ${STAGEDIR}${PREFIX}/etc/dnsmasq.conf.sample ${REINPLACE_CMD} -i '' 's}%%PREFIX%%}${PREFIX}}' ${STAGEDIR}${PREFIX}/etc/dnsmasq.conf.sample ${INSTALL_MAN} ${WRKSRC}/man/${PORTNAME}.8 ${STAGEDIR}${PREFIX}/man/man8 ${MKDIR} ${STAGEDIR}${DATADIR} ${INSTALL_DATA} ${WRKSRC}/trust-anchors.conf ${STAGEDIR}${DATADIR}/ .if ${PORT_OPTIONS:MDOCS} @${MKDIR} ${STAGEDIR}${DOCSDIR} cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR} .endif .if ${PORT_OPTIONS:MNLS} .for i in de es fi fr id it no pl pt_BR ro ${MKDIR} ${STAGEDIR}${PREFIX}/share/locale/${i}/LC_MESSAGES ${INSTALL_DATA} ${WRKSRC}/src/${i}.mo \ ${STAGEDIR}${PREFIX}/share/locale/${i}/LC_MESSAGES/${PORTNAME}.mo .endfor .endif ${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/dynamic-dnsmasq ${STAGEDIR}${EXAMPLESDIR}/dnslist ${INSTALL_SCRIPT} ${WRKSRC}/contrib/dynamic-dnsmasq/dynamic-dnsmasq.pl ${STAGEDIR}${EXAMPLESDIR}/dynamic-dnsmasq/ ${INSTALL_SCRIPT} ${WRKSRC}/contrib/dnslist/dnslist.pl ${STAGEDIR}${EXAMPLESDIR}/dnslist/ ${INSTALL_DATA} ${WRKSRC}/contrib/dnslist/dhcp.css ${STAGEDIR}${EXAMPLESDIR}/dnslist/ ${INSTALL_DATA} ${WRKSRC}/contrib/dnslist/dnslist.tt2 ${STAGEDIR}${EXAMPLESDIR}/dnslist/ .include diff --git a/dns/dnsmasq/distinfo b/dns/dnsmasq/distinfo index 132b712d1028..356a1b606020 100644 --- a/dns/dnsmasq/distinfo +++ b/dns/dnsmasq/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1670269342 -SHA256 (dnsmasq-2.88.tar.xz) = 23544deda10340c053bea6f15a93fed6ea7f5aaa85316bfc671ffa6d22fbc1b3 -SIZE (dnsmasq-2.88.tar.xz) = 560640 +TIMESTAMP = 1675552402 +SHA256 (dnsmasq-2.89.tar.xz) = 02bd230346cf0b9d5909f5e151df168b2707103785eb616b56685855adebb609 +SIZE (dnsmasq-2.89.tar.xz) = 562700 diff --git a/dns/dnsmasq/files/patch-zgf172fdb b/dns/dnsmasq/files/patch-zgf172fdb deleted file mode 100644 index f3128f57d55f..000000000000 --- a/dns/dnsmasq/files/patch-zgf172fdb +++ /dev/null @@ -1,85 +0,0 @@ -From f172fdbb77c422e27d3b7530f3fe95b98d1608e7 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Wed, 11 Jan 2023 23:23:40 +0000 -Subject: [PATCH] Fix bug which can break the invariants on the order of a hash - chain. - -If there are multiple cache records with the same name but different -F_REVERSE and/or F_IMMORTAL flags, the code added in fe9a134b could -concievable break the REVERSE-FORWARD-IMMORTAL order invariant. - -Reproducing this is damn near impossible, but it is responsible -for rare and otherwise inexplicable reversion between 2.87 and 2.88 -which manifests itself as a cache internal error. All observed -cases have depended on DNSSEC being enabled, but the bug could in -theory manifest itself without DNSSEC - -Thanks to Timo van Roermund for reporting the bug and huge -efforts to isolate it. ---- - CHANGELOG | 16 +++++++++++++++- - src/cache.c | 14 +++++++++----- - 2 files changed, 24 insertions(+), 6 deletions(-) - -diff --git a/CHANGELOG b/CHANGELOG -index 0f36a0f..d6e6753 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -1,6 +1,20 @@ -+version 2.98 -+ Fix bug introduced in 2.88 (commit fe91134b) which can result -+ in corruption of the DNS cache internal data structures and -+ logging of "cache internal error". This has only been seen -+ in one place in the wild, and it took considerable effort -+ to even generate a test case to reproduce it, but there's -+ no way to be sure it won't strike, and the effect to to break -+ the cache badly. Installations with DNSSEC enabled are more -+ likely to see the problem, but not running DNSSEC does not -+ guarantee that it won't happen. Thanks to Timo van Roermund -+ for reporting the bug and for his great efforts in chasing -+ it down. -+ -+ - version 2.88 - Fix bug in --dynamic-host when an interface has /16 IPv4 -- address. Thanks to Mark Dietzer for spotting this. -+ address. Thanks to Mark Dietzer for spotting this. - - Add --fast-dns-retry option. This gives dnsmasq the ability - to originate retries for upstream DNS queries itself, rather -diff --git a/src/cache.c b/src/cache.c -index 42283bc..0a5fd14 100644 ---- a/src/cache.c -+++ b/src/cache.c -@@ -236,19 +236,23 @@ static void cache_hash(struct crec *crecp) - - char *name = cache_get_name(crecp); - struct crec **up = hash_bucket(name); -- -- if (!(crecp->flags & F_REVERSE)) -+ unsigned int flags = crecp->flags & (F_IMMORTAL | F_REVERSE); -+ -+ if (!(flags & F_REVERSE)) - { - while (*up && ((*up)->flags & F_REVERSE)) - up = &((*up)->hash_next); - -- if (crecp->flags & F_IMMORTAL) -+ if (flags & F_IMMORTAL) - while (*up && !((*up)->flags & F_IMMORTAL)) - up = &((*up)->hash_next); - } - -- /* Preserve order when inserting the same name multiple times. */ -- while (*up && hostname_isequal(cache_get_name(*up), name)) -+ /* Preserve order when inserting the same name multiple times. -+ Do not mess up the flag invariants. */ -+ while (*up && -+ hostname_isequal(cache_get_name(*up), name) && -+ flags == ((*up)->flags & (F_IMMORTAL | F_REVERSE))) - up = &((*up)->hash_next); - - crecp->hash_next = *up; --- -2.20.1 -