Index: head/dns/dnsmasq/Makefile =================================================================== --- head/dns/dnsmasq/Makefile (revision 562460) +++ head/dns/dnsmasq/Makefile (revision 562461) @@ -1,144 +1,145 @@ # Created by: Steven Honson # $FreeBSD$ PORTNAME= dnsmasq DISTVERSION= 2.83 # Leave the PORTREVISION in even if 0 to avoid accidental PORTEPOCH bumps: -PORTREVISION= 0 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= dns -MASTER_SITES= http://www.thekelleys.org.uk/dnsmasq/ \ +MASTER_SITES= https://www.thekelleys.org.uk/dnsmasq/ \ LOCAL/mandree/ +PATCH_STRIP= -p1 MAINTAINER= mandree@FreeBSD.org COMMENT= Lightweight DNS forwarder, DHCP, and TFTP server LICENSE= GPLv2 USES= cpe shebangfix tar:xz CPE_VENDOR= thekelleys SHEBANG_FILES= contrib/dnslist/dnslist.pl \ contrib/dynamic-dnsmasq/dynamic-dnsmasq.pl MAKE_ARGS= CC="${CC}" \ CFLAGS="${CFLAGS}" \ COPTS="${CFLAGS}" \ LIBS="${LDFLAGS}" \ PREFIX="${PREFIX}" \ RPM_OPT_FLAGS="${CPPFLAGS}" CFLAGS+= -Wall -Wno-unused-function -Wno-unused-parameter \ -Wno-unused-value -Wno-unused-variable CPPFLAGS+= -I${LOCALBASE}/include CONFLICTS_INSTALL= dnsmasq-devel-* SUB_FILES= pkg-message PORTDOCS= CHANGELOG CHANGELOG.archive FAQ doc.html setup.html OPTIONS_DEFINE= DBUS DNSSEC DOCS IPSET IPV6 LUA OPTIONS_DEFAULT= DNSSEC IPSET OPTIONS_RADIO= INTL OPTIONS_RADIO_INTL= IDN NLS OPTIONS_EXCLUDE+= EXAMPLES DNSSEC_DESC= Enable DNSSEC caching and validation (needs nettle) IDN_DESC= IDN: Int'l Domain Names WITHOUT full NLS INTL_DESC= Internationalization Support Level IPSET_DESC= Dynamic firewall management of resolved names (needs PF) LUA_DESC= Support lease-change scripts written in Lua NLS_DESC= IDN+NLS: Int'l Domain Names & National Language support IPSET_CFLAGS_OFF= -DNO_IPSET IPV6_CFLAGS_OFF= -DNO_IPV6 .include .if ${PORT_OPTIONS:MNLS} USES+= gettext gmake iconv pkgconfig CFLAGS+= -DHAVE_LIBIDN2 LIB_DEPENDS+= libidn2.so:dns/libidn2 PLIST_SUB+= NLS="" ALL_TARGET= all-i18n _intllibs= -lidn2 -lintl .else _intllibs= PLIST_SUB+= NLS="@comment " .if ${PORT_OPTIONS:MIDN} USES+= iconv CFLAGS+= -DHAVE_LIBIDN2 LIB_DEPENDS+= libidn2.so:dns/libidn2 _intllibs+= -lidn2 .endif .endif .if ${PORT_OPTIONS:MDBUS} LIB_DEPENDS+= libdbus-1.so:devel/dbus USES+= pkgconfig CPPFLAGS+= `pkg-config --cflags dbus-1` CFLAGS+= -DHAVE_DBUS LDFLAGS+= `pkg-config --libs dbus-1` .endif .if ${PORT_OPTIONS:MLUA} CPPFLAGS+= -I${LUA_INCDIR} CFLAGS+= -DHAVE_LUASCRIPT LDFLAGS+= -L${LUA_LIBDIR} -llua-${LUA_VER} USES+= lua pkgconfig .endif .if ${PORT_OPTIONS:MDNSSEC} CFLAGS+= -DHAVE_DNSSEC -I${LOCALBASE}/include USES+= pkgconfig LIB_DEPENDS+= libgmp.so:math/gmp \ libnettle.so:security/nettle .endif USE_RC_SUBR= dnsmasq .include LDFLAGS+= -L${LOCALBASE}/lib ${_intllibs} ${ICONV_LIB} post-patch: ${REINPLACE_CMD} -e '/^lua_/s/lua5\.2/lua-${LUA_VER}/' ${WRKSRC}/Makefile pre-configure: pretty-print-config .if ${PORT_OPTIONS:MIDN} .if empty(PORT_OPTIONS:MNLS) @if ${READELF} -d ${LOCALBASE}/lib/libidn2.so \ | ${EGREP} -q '\.*\[libintl\.so' ; \ then ${ECHO} ; ${ECHO} 'WARNING: dns/libidn2 was compiled with NLS support!' ; \ ${ECHO} 'Recompile libidn2 WITHOUT_NLS to get rid of NLS dependencies.' ; ${ECHO} ; \ fi .else @${ECHO} 'WARNING: IDN and NLS enabled, building IDN WITH NLS.' .endif .endif do-install: ${INSTALL_PROGRAM} ${WRKSRC}/src/dnsmasq ${STAGEDIR}${PREFIX}/sbin ${INSTALL_DATA} ${WRKSRC}/dnsmasq.conf.example ${STAGEDIR}${PREFIX}/etc/dnsmasq.conf.sample ${REINPLACE_CMD} -i '' 's}%%PREFIX%%}${PREFIX}}' ${STAGEDIR}${PREFIX}/etc/dnsmasq.conf.sample ${INSTALL_MAN} ${WRKSRC}/man/${PORTNAME}.8 ${STAGEDIR}${PREFIX}/man/man8 ${MKDIR} ${STAGEDIR}${DATADIR} ${INSTALL_DATA} ${WRKSRC}/trust-anchors.conf ${STAGEDIR}${DATADIR}/ .if ${PORT_OPTIONS:MDOCS} @${MKDIR} ${STAGEDIR}${DOCSDIR} cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR} .endif .if ${PORT_OPTIONS:MNLS} .for i in de es fi fr id it no pl pt_BR ro ${MKDIR} ${STAGEDIR}${PREFIX}/share/locale/${i}/LC_MESSAGES ${INSTALL_DATA} ${WRKSRC}/src/${i}.mo \ ${STAGEDIR}${PREFIX}/share/locale/${i}/LC_MESSAGES/${PORTNAME}.mo .endfor .endif ${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/dynamic-dnsmasq ${STAGEDIR}${EXAMPLESDIR}/dnslist ${INSTALL_SCRIPT} ${WRKSRC}/contrib/dynamic-dnsmasq/dynamic-dnsmasq.pl ${STAGEDIR}${EXAMPLESDIR}/dynamic-dnsmasq/ ${INSTALL_SCRIPT} ${WRKSRC}/contrib/dnslist/dnslist.pl ${STAGEDIR}${EXAMPLESDIR}/dnslist/ ${INSTALL_DATA} ${WRKSRC}/contrib/dnslist/dhcp.css ${STAGEDIR}${EXAMPLESDIR}/dnslist/ ${INSTALL_DATA} ${WRKSRC}/contrib/dnslist/dnslist.tt2 ${STAGEDIR}${EXAMPLESDIR}/dnslist/ .include Index: head/dns/dnsmasq/files/patch-zgit-1 =================================================================== --- head/dns/dnsmasq/files/patch-zgit-1 (nonexistent) +++ head/dns/dnsmasq/files/patch-zgit-1 (revision 562461) @@ -0,0 +1,65 @@ +From 04490bf622ac84891aad6f2dd2edf83725decdee Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Fri, 22 Jan 2021 16:49:12 +0000 +Subject: [PATCH] Move fd into frec_src, fixes + 15b60ddf935a531269bb8c68198de012a4967156 + +If identical queries from IPv4 and IPv6 sources are combined by the +new code added in 15b60ddf935a531269bb8c68198de012a4967156 then replies +can end up being sent via the wrong family of socket. The ->fd +should be per query, not per-question. + +In bind-interfaces mode, this could also result in replies being sent +via the wrong socket even when IPv4/IPV6 issues are not in play. +--- + src/dnsmasq.h | 3 ++- + src/forward.c | 4 ++-- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/dnsmasq.h b/src/dnsmasq.h +index 914f469..360c226 100644 +--- a/src/dnsmasq.h ++++ b/src/dnsmasq.h +@@ -664,6 +664,7 @@ struct frec { + union mysockaddr source; + union all_addr dest; + unsigned int iface, log_id; ++ int fd; + unsigned short orig_id; + struct frec_src *next; + } frec_src; +@@ -671,7 +672,7 @@ struct frec { + struct randfd *rfd4; + struct randfd *rfd6; + unsigned short new_id; +- int fd, forwardall, flags; ++ int forwardall, flags; + time_t time; + unsigned char *hash[HASH_SIZE]; + #ifdef HAVE_DNSSEC +diff --git a/src/forward.c b/src/forward.c +index 7a95ddf..43d0ae7 100644 +--- a/src/forward.c ++++ b/src/forward.c +@@ -402,8 +402,8 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr, + forward->frec_src.dest = *dst_addr; + forward->frec_src.iface = dst_iface; + forward->frec_src.next = NULL; ++ forward->frec_src.fd = udpfd; + forward->new_id = get_id(); +- forward->fd = udpfd; + memcpy(forward->hash, hash, HASH_SIZE); + forward->forwardall = 0; + forward->flags = fwd_flags; +@@ -1300,7 +1300,7 @@ void reply_query(int fd, int family, time_t now) + dump_packet(DUMP_REPLY, daemon->packet, (size_t)nn, NULL, &src->source); + #endif + +- send_from(forward->fd, option_bool(OPT_NOWILD) || option_bool (OPT_CLEVERBIND), daemon->packet, nn, ++ send_from(src->fd, option_bool(OPT_NOWILD) || option_bool (OPT_CLEVERBIND), daemon->packet, nn, + &src->source, &src->dest, src->iface); + + if (option_bool(OPT_EXTRALOG) && src != &forward->frec_src) +-- +2.20.1 + Property changes on: head/dns/dnsmasq/files/patch-zgit-1 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/dns/dnsmasq/files/patch-zgit-2 =================================================================== --- head/dns/dnsmasq/files/patch-zgit-2 (nonexistent) +++ head/dns/dnsmasq/files/patch-zgit-2 (revision 562461) @@ -0,0 +1,24 @@ +From 12af2b171de0d678d98583e2190789e544440e02 Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Fri, 22 Jan 2021 18:24:03 +0000 +Subject: [PATCH] Fix to 75e2f0aec33e58ef5b8d4d107d821c215a52827c + +--- + src/forward.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/forward.c b/src/forward.c +index 43d0ae7..1def931 100644 +--- a/src/forward.c ++++ b/src/forward.c +@@ -378,6 +378,7 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr, + new->dest = *dst_addr; + new->log_id = daemon->log_id; + new->iface = dst_iface; ++ forward->frec_src.fd = udpfd; + } + + return 1; +-- +2.20.1 + Property changes on: head/dns/dnsmasq/files/patch-zgit-2 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/dns/dnsmasq/files/patch-zgit-3 =================================================================== --- head/dns/dnsmasq/files/patch-zgit-3 (nonexistent) +++ head/dns/dnsmasq/files/patch-zgit-3 (revision 562461) @@ -0,0 +1,103 @@ +From 8ebdc364afd886461d209284ad4c946ac65e6d2b Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Fri, 22 Jan 2021 18:50:43 +0000 +Subject: [PATCH] Optimise sort_rrset for the case where the RR type no + canonicalisation. + +--- + src/dnssec.c | 69 ++++++++++++++++++++++++++++++++++++---------------- + 1 file changed, 48 insertions(+), 21 deletions(-) + +diff --git a/src/dnssec.c b/src/dnssec.c +index 93cc7bf..3ee1e9e 100644 +--- a/src/dnssec.c ++++ b/src/dnssec.c +@@ -334,37 +334,64 @@ static int sort_rrset(struct dns_header *header, size_t plen, u16 *rr_desc, int + if (!CHECK_LEN(header, state2.ip, plen, rdlen2)) + return rrsetidx; /* short packet */ + state2.end = state2.ip + rdlen2; +- +- while (1) ++ ++ /* If the RR has no names in it then canonicalisation ++ is the identity function and we can compare ++ the RRs directly. If not we compare the ++ canonicalised RRs one byte at a time. */ ++ if (*rr_desc == (u16)-1) + { +- int ok1, ok2; ++ int rdmin = rdlen1 > rdlen2 ? rdlen2 : rdlen1; ++ int cmp = memcmp(state1.ip, state2.ip, rdmin); + +- ok1 = get_rdata(header, plen, &state1); +- ok2 = get_rdata(header, plen, &state2); +- +- if (!ok1 && !ok2) ++ if (cmp > 0 || (cmp == 0 && rdlen1 > rdmin)) ++ { ++ unsigned char *tmp = rrset[i+1]; ++ rrset[i+1] = rrset[i]; ++ rrset[i] = tmp; ++ swap = 1; ++ } ++ else if (cmp == 0 && (rdlen1 == rdlen2)) + { + /* Two RRs are equal, remove one copy. RFC 4034, para 6.3 */ + for (j = i+1; j < rrsetidx-1; j++) + rrset[j] = rrset[j+1]; + rrsetidx--; + i--; +- break; + } +- else if (ok1 && (!ok2 || *state1.op > *state2.op)) +- { +- unsigned char *tmp = rrset[i+1]; +- rrset[i+1] = rrset[i]; +- rrset[i] = tmp; +- swap = 1; +- break; +- } +- else if (ok2 && (!ok1 || *state2.op > *state1.op)) +- break; +- +- /* arrive here when bytes are equal, go round the loop again +- and compare the next ones. */ + } ++ else ++ /* Comparing canonicalised RRs, byte-at-a-time. */ ++ while (1) ++ { ++ int ok1, ok2; ++ ++ ok1 = get_rdata(header, plen, &state1); ++ ok2 = get_rdata(header, plen, &state2); ++ ++ if (!ok1 && !ok2) ++ { ++ /* Two RRs are equal, remove one copy. RFC 4034, para 6.3 */ ++ for (j = i+1; j < rrsetidx-1; j++) ++ rrset[j] = rrset[j+1]; ++ rrsetidx--; ++ i--; ++ break; ++ } ++ else if (ok1 && (!ok2 || *state1.op > *state2.op)) ++ { ++ unsigned char *tmp = rrset[i+1]; ++ rrset[i+1] = rrset[i]; ++ rrset[i] = tmp; ++ swap = 1; ++ break; ++ } ++ else if (ok2 && (!ok1 || *state2.op > *state1.op)) ++ break; ++ ++ /* arrive here when bytes are equal, go round the loop again ++ and compare the next ones. */ ++ } + } + } while (swap); + +-- +2.20.1 + Property changes on: head/dns/dnsmasq/files/patch-zgit-3 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/dns/dnsmasq/files/patch-zgit-4 =================================================================== --- head/dns/dnsmasq/files/patch-zgit-4 (nonexistent) +++ head/dns/dnsmasq/files/patch-zgit-4 (revision 562461) @@ -0,0 +1,25 @@ +From 3f535da79e7a42104543ef5c7b5fa2bed819a78b Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Fri, 22 Jan 2021 22:26:25 +0000 +Subject: [PATCH] Fix for 12af2b171de0d678d98583e2190789e544440e02 + +--- + src/forward.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/forward.c b/src/forward.c +index 1def931..5c9cbbb 100644 +--- a/src/forward.c ++++ b/src/forward.c +@@ -378,7 +378,7 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr, + new->dest = *dst_addr; + new->log_id = daemon->log_id; + new->iface = dst_iface; +- forward->frec_src.fd = udpfd; ++ new->fd = udpfd; + } + + return 1; +-- +2.20.1 + Property changes on: head/dns/dnsmasq/files/patch-zgit-4 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/dns/dnsmasq/files/pkg-message.in =================================================================== --- head/dns/dnsmasq/files/pkg-message.in (revision 562460) +++ head/dns/dnsmasq/files/pkg-message.in (revision 562461) @@ -1,12 +1,18 @@ +[ +{ +message: <