dnsmasq: bump to v2.80test7
Bump to latest test release: 3a610a0 Finesse allocation of memory for "struct crec" cache entries. 48b090c Fix b6f926fbefcd2471699599e44f32b8d25b87b471 to not SEGV on startup (rarely). 4139298 Change behavior when RD bit unset in queries. 51cc10f Add warning about 0.0.0.0 and :: addresses to man page. ea6cc33 Handle memory allocation failure in make_non_terminals() ad03967 Add debian/tmpfiles.conf f4fd07d Debian bugfix. e3c08a3 Debian packaging fix. (restorecon) 118011f Debian packaging fix. (tmpfiles.d) Delete our own backports of ea6cc33 & 4139298, so the only real changes here, since we don't care about the Debian stuff are 48b090c & 3a610a0 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
This commit is contained in:
parent
3fa7e62cec
commit
d9a37d8d1e
|
@ -8,12 +8,12 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=dnsmasq
|
||||
PKG_VERSION:=2.80test6
|
||||
PKG_RELEASE:=3
|
||||
PKG_VERSION:=2.80test7
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
|
||||
PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/test-releases
|
||||
PKG_HASH:=aa74384f4ee6941d7785db79cf50fd6399cb992d219fc07ea6affeabe63b0190
|
||||
PKG_HASH:=f4e1277504097429279d2702cd8a132f54a47540ea3935d9fc6ac70f690441b3
|
||||
|
||||
PKG_LICENSE:=GPL-2.0
|
||||
PKG_LICENSE_FILES:=COPYING
|
||||
|
|
|
@ -1,45 +0,0 @@
|
|||
From ea6cc338042094f8023d224e53c244da158e6499 Mon Sep 17 00:00:00 2001
|
||||
From: Simon Kelley <simon@thekelleys.org.uk>
|
||||
Date: Tue, 18 Sep 2018 23:21:17 +0100
|
||||
Subject: [PATCH] Handle memory allocation failure in make_non_terminals()
|
||||
|
||||
Thanks to Kristian Evensen for spotting the problem.
|
||||
|
||||
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
||||
---
|
||||
src/cache.c | 17 ++++++++++-------
|
||||
1 file changed, 10 insertions(+), 7 deletions(-)
|
||||
|
||||
--- a/src/cache.c
|
||||
+++ b/src/cache.c
|
||||
@@ -1360,7 +1360,7 @@ void cache_add_dhcp_entry(char *host_nam
|
||||
static void make_non_terminals(struct crec *source)
|
||||
{
|
||||
char *name = cache_get_name(source);
|
||||
- struct crec* crecp, *tmp, **up;
|
||||
+ struct crec *crecp, *tmp, **up;
|
||||
int type = F_HOSTS | F_CONFIG;
|
||||
#ifdef HAVE_DHCP
|
||||
if (source->flags & F_DHCP)
|
||||
@@ -1434,12 +1434,15 @@ static void make_non_terminals(struct cr
|
||||
#endif
|
||||
crecp = whine_malloc(sizeof(struct crec));
|
||||
|
||||
- *crecp = *source;
|
||||
- crecp->flags &= ~(F_IPV4 | F_IPV6 | F_CNAME | F_DNSKEY | F_DS | F_REVERSE);
|
||||
- crecp->flags |= F_NAMEP;
|
||||
- crecp->name.namep = name;
|
||||
-
|
||||
- cache_hash(crecp);
|
||||
+ if (crecp)
|
||||
+ {
|
||||
+ *crecp = *source;
|
||||
+ crecp->flags &= ~(F_IPV4 | F_IPV6 | F_CNAME | F_DNSKEY | F_DS | F_REVERSE);
|
||||
+ crecp->flags |= F_NAMEP;
|
||||
+ crecp->name.namep = name;
|
||||
+
|
||||
+ cache_hash(crecp);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
|
@ -1,54 +0,0 @@
|
|||
From 4139298d287eb5c57f4aa53c459cb02fc5be2495 Mon Sep 17 00:00:00 2001
|
||||
From: Simon Kelley <simon@thekelleys.org.uk>
|
||||
Date: Wed, 19 Sep 2018 22:27:11 +0100
|
||||
Subject: [PATCH 2/2] Change behavior when RD bit unset in queries.
|
||||
|
||||
Change anti cache-snooping behaviour with queries with the
|
||||
recursion-desired bit unset. Instead to returning SERVFAIL, we
|
||||
now always forward, and never answer from the cache. This
|
||||
allows "dig +trace" command to work.
|
||||
|
||||
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
||||
---
|
||||
CHANGELOG | 7 ++++++-
|
||||
src/rfc1035.c | 8 +++-----
|
||||
2 files changed, 9 insertions(+), 6 deletions(-)
|
||||
|
||||
--- a/CHANGELOG
|
||||
+++ b/CHANGELOG
|
||||
@@ -59,7 +59,12 @@ version 2.80
|
||||
Returning null addresses is a useful technique for ad-blocking.
|
||||
Thanks to Peter Russell for the suggestion.
|
||||
|
||||
-
|
||||
+ Change anti cache-snooping behaviour with queries with the
|
||||
+ recursion-desired bit unset. Instead to returning SERVFAIL, we
|
||||
+ now always forward, and never answer from the cache. This
|
||||
+ allows "dig +trace" command to work.
|
||||
+
|
||||
+
|
||||
version 2.79
|
||||
Fix parsing of CNAME arguments, which are confused by extra spaces.
|
||||
Thanks to Diego Aguirre for spotting the bug.
|
||||
--- a/src/rfc1035.c
|
||||
+++ b/src/rfc1035.c
|
||||
@@ -1293,16 +1293,14 @@ size_t answer_request(struct dns_header
|
||||
struct mx_srv_record *rec;
|
||||
size_t len;
|
||||
|
||||
- if (ntohs(header->ancount) != 0 ||
|
||||
+ /* never answer queries with RD unset, to avoid cache snooping. */
|
||||
+ if (!(header->hb3 & HB3_RD) ||
|
||||
+ ntohs(header->ancount) != 0 ||
|
||||
ntohs(header->nscount) != 0 ||
|
||||
ntohs(header->qdcount) == 0 ||
|
||||
OPCODE(header) != QUERY )
|
||||
return 0;
|
||||
|
||||
- /* always servfail queries with RD unset, to avoid cache snooping. */
|
||||
- if (!(header->hb3 & HB3_RD))
|
||||
- return setup_reply(header, qlen, NULL, F_SERVFAIL, 0);
|
||||
-
|
||||
/* Don't return AD set if checking disabled. */
|
||||
if (header->hb4 & HB4_CD)
|
||||
sec_data = 0;
|
Loading…
Reference in New Issue