powerel7
/
base
2
0
Fork 0
Code Issues Pull Requests Releases Activity

added dnsmasq package 

Signed-off-by: basebuilder_pel7ppc64bebuilder0 <basebuilder@powerel.org>
master
basebuilder_pel7ppc64bebuilder0 2018-05-09 13:56:44 +02:00
parent 08af543973
commit 10b5753608
10 changed files with 1290 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

254
SOURCES/dnsmasq-2.76-coverity.patch Normal file
View File

@ -0,0 +1,254 @@
From 7ab5d6bd1f8b018c73341f50a395405dee6873d8 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Wed, 15 Mar 2017 14:26:04 +0100
Subject: [PATCH] Coverity fixes

---
src/dbus.c | 2 +-
src/dhcp-common.c | 2 +-
src/dhcp.c | 4 ++--
src/dnsmasq.h | 2 +-
src/edns0.c | 2 ++
src/inotify.c | 9 ++++++---
src/lease.c | 4 ++--
src/network.c | 8 ++++----
src/option.c | 16 +++++++++++-----
src/tftp.c | 2 +-
src/util.c | 2 +-
11 files changed, 32 insertions(+), 21 deletions(-)

diff --git a/src/dbus.c b/src/dbus.c
index 2e1a48e..f27ec3e 100644
--- a/src/dbus.c
+++ b/src/dbus.c
@@ -550,7 +550,7 @@ static DBusMessage *dbus_add_lease(DBusMessage* message)
"Invalid IP address '%s'", ipaddr);
hw_len = parse_hex((char*)hwaddr, dhcp_chaddr, DHCP_CHADDR_MAX, NULL, &hw_type);
- if (hw_type == 0 && hw_len != 0)
+ if (hw_type == 0 && hw_len > 0)
hw_type = ARPHRD_ETHER;
lease_set_hwaddr(lease, dhcp_chaddr, clid, hw_len, hw_type,
diff --git a/src/dhcp-common.c b/src/dhcp-common.c
index 08528e8..ebf06b6 100644
--- a/src/dhcp-common.c
+++ b/src/dhcp-common.c
@@ -487,7 +487,7 @@ void bindtodevice(char *device, int fd)
{
struct ifreq ifr;
- strcpy(ifr.ifr_name, device);
+ strncpy(ifr.ifr_name, device, IF_NAMESIZE-1);
/* only allowed by root. */
if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr)) == -1 &&
errno != EPERM)
diff --git a/src/dhcp.c b/src/dhcp.c
index 10f1fb9..37bb71e 100644
--- a/src/dhcp.c
+++ b/src/dhcp.c
@@ -246,7 +246,7 @@ void dhcp_packet(time_t now, int pxe_fd)
}
else
{
- strncpy(ifr.ifr_name, bridge->iface, IF_NAMESIZE);
+ strncpy(ifr.ifr_name, bridge->iface, IF_NAMESIZE-1);
break;
}
}
@@ -270,7 +270,7 @@ void dhcp_packet(time_t now, int pxe_fd)
is_relay_reply = 1;
iov.iov_len = sz;
#ifdef HAVE_LINUX_NETWORK
- strncpy(arp_req.arp_dev, ifr.ifr_name, 16);
+ strncpy(arp_req.arp_dev, ifr.ifr_name, IF_NAMESIZE-1);
#endif
}
else
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index dfd15aa..1179492 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -180,7 +180,7 @@ struct event_desc {
#define EC_INIT_OFFSET 10
/* Trust the compiler dead-code eliminator.... */
-#define option_bool(x) (((x) < 32) ? daemon->options & (1u << (x)) : daemon->options2 & (1u << ((x) - 32)))
+#define option_bool(x) (((x) < 32) ? daemon->options & (1u << ((x)&0x1F)) : daemon->options2 & (1u << ((x) - 32)))
#define OPT_BOGUSPRIV 0
#define OPT_FILTER 1
diff --git a/src/edns0.c b/src/edns0.c
index c7a101e..d2b514b 100644
--- a/src/edns0.c
+++ b/src/edns0.c
@@ -263,6 +263,8 @@ static size_t add_dns_client(struct dns_header *header, size_t plen, unsigned ch
encode[8] = 0;
}
}
+ else
+ encode[0] = '\0';
return add_pseudoheader(header, plen, limit, PACKETSZ, EDNS0_OPTION_NOMDEVICEID, (unsigned char *)encode, strlen(encode), 0, replace);
}
diff --git a/src/inotify.c b/src/inotify.c
index 603ce9d..fcc0d97 100644
--- a/src/inotify.c
+++ b/src/inotify.c
@@ -224,17 +224,20 @@ int inotify_check(time_t now)
if (rc <= 0)
break;
+ else
+ inotify_buffer[rc] = '\0';
for (p = inotify_buffer; rc - (p - inotify_buffer) >= (int)sizeof(struct inotify_event); p += sizeof(struct inotify_event) + in->len)
{
in = (struct inotify_event*)p;
-
+
for (res = daemon->resolv_files; res; res = res->next)
- if (res->wd == in->wd && in->len != 0 && strcmp(res->file, in->name) == 0)
+ if (res->wd == in->wd && in->len != 0 && strncmp(res->file, in->name, NAME_MAX) == 0)
hit = 1;
/* ignore emacs backups and dotfiles */
- if (in->len == 0 ||
+ if (in->len == 0 ||
+ in->len > NAME_MAX+1 ||
in->name[in->len - 1] == '~' ||
(in->name[0] == '#' && in->name[in->len - 1] == '#') ||
in->name[0] == '.')
diff --git a/src/lease.c b/src/lease.c
index 20cac90..9ad106d 100644
--- a/src/lease.c
+++ b/src/lease.c
@@ -827,9 +827,9 @@ void lease_set_hwaddr(struct dhcp_lease *lease, const unsigned char *hwaddr,
if (hw_len != lease->hwaddr_len ||
hw_type != lease->hwaddr_type ||
- (hw_len != 0 && memcmp(lease->hwaddr, hwaddr, hw_len) != 0))
+ (hw_len > 0 && memcmp(lease->hwaddr, hwaddr, hw_len) != 0))
{
- if (hw_len != 0)
+ if (hw_len > 0)
memcpy(lease->hwaddr, hwaddr, hw_len);
lease->hwaddr_len = hw_len;
lease->hwaddr_type = hw_type;
diff --git a/src/network.c b/src/network.c
index 6119039..fcd9d8d 100644
--- a/src/network.c
+++ b/src/network.c
@@ -188,7 +188,7 @@ int loopback_exception(int fd, int family, struct all_addr *addr, char *name)
struct ifreq ifr;
struct irec *iface;
- strncpy(ifr.ifr_name, name, IF_NAMESIZE);
+ strncpy(ifr.ifr_name, name, IF_NAMESIZE-1);
if (ioctl(fd, SIOCGIFFLAGS, &ifr) != -1 &&
ifr.ifr_flags & IFF_LOOPBACK)
{
@@ -1206,7 +1206,7 @@ int local_bind(int fd, union mysockaddr *addr, char *intname, int is_tcp)
return 0;
#if defined(SO_BINDTODEVICE)
- if (intname[0] != 0 &&
+ if (intname && intname[0] != 0 &&
setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, intname, IF_NAMESIZE) == -1)
return 0;
#endif
@@ -1245,7 +1245,7 @@ static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname)
/* may have a suitable one already */
for (sfd = daemon->sfds; sfd; sfd = sfd->next )
if (sockaddr_isequal(&sfd->source_addr, addr) &&
- strcmp(intname, sfd->interface) == 0 &&
+ intname && strcmp(intname, sfd->interface) == 0 &&
ifindex == sfd->ifindex)
return sfd;
@@ -1437,7 +1437,7 @@ void add_update_server(int flags,
serv->flags |= SERV_HAS_DOMAIN;
if (interface)
- strcpy(serv->interface, interface);
+ strncpy(serv->interface, interface, sizeof(serv->interface)-1);
if (addr)
serv->addr = *addr;
if (source_addr)
diff --git a/src/option.c b/src/option.c
index 5503b79..eb78b1a 100644
--- a/src/option.c
+++ b/src/option.c
@@ -3929,13 +3929,15 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
case LOPT_HOST_REC: /* --host-record */
{
- struct host_record *new = opt_malloc(sizeof(struct host_record));
- memset(new, 0, sizeof(struct host_record));
- new->ttl = -1;
+ struct host_record *new;
if (!arg || !(comma = split(arg)))
ret_err(_("Bad host-record"));
+ new = opt_malloc(sizeof(struct host_record));
+ memset(new, 0, sizeof(struct host_record));
+ new->ttl = -1;
+
while (arg)
{
struct all_addr addr;
@@ -3956,10 +3958,11 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
{
int nomem;
char *canon = canonicalise(arg, &nomem);
- struct name_list *nl = opt_malloc(sizeof(struct name_list));
+ struct name_list *nl;
if (!canon)
ret_err(_("Bad name in host-record"));
+ nl = opt_malloc(sizeof(struct name_list));
nl->name = canon;
/* keep order, so that PTR record goes to first name */
nl->next = NULL;
@@ -4023,7 +4026,10 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
!atoi_check8(algo, &new->algo) ||
!atoi_check8(digest, &new->digest_type) ||
!(new->name = canonicalise_opt(arg)))
- ret_err(_("bad trust anchor"));
+ {
+ free(new);
+ ret_err(_("bad trust anchor"));
+ }
/* Upper bound on length */
len = (2*strlen(keyhex))+1;
diff --git a/src/tftp.c b/src/tftp.c
index 5e4a32a..bd8c622 100644
--- a/src/tftp.c
+++ b/src/tftp.c
@@ -234,7 +234,7 @@ void tftp_request(struct listener *listen, time_t now)
#endif
}
- strncpy(ifr.ifr_name, name, IF_NAMESIZE);
+ strncpy(ifr.ifr_name, name, IF_NAMESIZE-1);
if (ioctl(listen->tftpfd, SIOCGIFMTU, &ifr) != -1)
{
mtu = ifr.ifr_mtu;
diff --git a/src/util.c b/src/util.c
index 93b24f5..1a9f228 100644
--- a/src/util.c
+++ b/src/util.c
@@ -491,7 +491,7 @@ int parse_hex(char *in, unsigned char *out, int maxlen,
int j, bytes = (1 + (r - in))/2;
for (j = 0; j < bytes; j++)
{
- char sav = sav;
+ char sav;
if (j < bytes - 1)
{
sav = in[(j+1)*2];
--
2.9.3

119
SOURCES/dnsmasq-2.76-dns-sleep-resume.patch Normal file
View File

@ -0,0 +1,119 @@
From 2675f2061525bc954be14988d64384b74aa7bf8b Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Sun, 28 Aug 2016 20:44:05 +0100
Subject: [PATCH] Handle binding upstream servers to an interface
(--server=1.2.3.4@eth0) when the named interface is destroyed and recreated
in the kernel.

---
CHANGELOG | 5 +++++
src/dnsmasq.h | 1 +
src/network.c | 31 +++++++++++++++++++++++++++++--
3 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index 27385a9..f239ce5 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -488,6 +488,7 @@ struct serverfd {
int fd;
union mysockaddr source_addr;
char interface[IF_NAMESIZE+1];
+ unsigned int ifindex, used;
struct serverfd *next;
};
diff --git a/src/network.c b/src/network.c
index e7722fd..ddf8d31 100644
--- a/src/network.c
+++ b/src/network.c
@@ -1204,6 +1204,7 @@ int local_bind(int fd, union mysockaddr *addr, char *intname, int is_tcp)
static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname)
{
struct serverfd *sfd;
+ unsigned int ifindex = 0;
int errsave;
/* when using random ports, servers which would otherwise use
@@ -1224,11 +1225,15 @@ static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname)
return NULL;
#endif
}
+
+ if (intname && strlen(intname) != 0)
+ ifindex = if_nametoindex(intname); /* index == 0 when not binding to an interface */
/* may have a suitable one already */
for (sfd = daemon->sfds; sfd; sfd = sfd->next )
if (sockaddr_isequal(&sfd->source_addr, addr) &&
- strcmp(intname, sfd->interface) == 0)
+ strcmp(intname, sfd->interface) == 0 &&
+ ifindex == sfd->ifindex)
return sfd;
/* need to make a new one. */
@@ -1250,11 +1255,13 @@ static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname)
errno = errsave;
return NULL;
}
-
+
strcpy(sfd->interface, intname);
sfd->source_addr = *addr;
sfd->next = daemon->sfds;
+ sfd->ifindex = ifindex;
daemon->sfds = sfd;
+
return sfd;
}
@@ -1429,12 +1436,16 @@ void check_servers(void)
{
struct irec *iface;
struct server *serv;
+ struct serverfd *sfd, *tmp, **up;
int port = 0, count;
/* interface may be new since startup */
if (!option_bool(OPT_NOWILD))
enumerate_interfaces(0);
+ for (sfd = daemon->sfds; sfd; sfd = sfd->next)
+ sfd->used = 0;
+
#ifdef HAVE_DNSSEC
/* Disable DNSSEC validation when using server=/domain/.... servers
unless there's a configured trust anchor. */
@@ -1505,6 +1516,8 @@ void check_servers(void)
serv->flags |= SERV_MARK;
continue;
}
+
+ serv->sfd->used = 1;
}
if (!(serv->flags & SERV_NO_REBIND) && !(serv->flags & SERV_LITERAL_ADDRESS))
@@ -1547,6 +1560,20 @@ void check_servers(void)
if (count - 1 > SERVERS_LOGGED)
my_syslog(LOG_INFO, _("using %d more nameservers"), count - SERVERS_LOGGED - 1);
+ /* Remove unused sfds */
+ for (sfd = daemon->sfds, up = &daemon->sfds; sfd; sfd = tmp)
+ {
+ tmp = sfd->next;
+ if (!sfd->used)
+ {
+ *up = sfd->next;
+ close(sfd->fd);
+ free(sfd);
+ }
+ else
+ up = &sfd->next;
+ }
+
cleanup_servers();
}
--
2.7.4

29
SOURCES/dnsmasq-2.76-fix-crash-dns-resume.patch Normal file
View File

@ -0,0 +1,29 @@
From 16800ea072dd0cdf14d951c4bb8d2808b3dfe53d Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 30 Aug 2016 23:07:06 +0100
Subject: [PATCH] Fix crash introduced in
2675f2061525bc954be14988d64384b74aa7bf8b

---
src/network.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/network.c b/src/network.c
index ddf8d31..d87d08f 100644
--- a/src/network.c
+++ b/src/network.c
@@ -1516,8 +1516,9 @@ void check_servers(void)
serv->flags |= SERV_MARK;
continue;
}
-
- serv->sfd->used = 1;
+
+ if (serv->sfd)
+ serv->sfd->used = 1;
}
if (!(serv->flags & SERV_NO_REBIND) && !(serv->flags & SERV_LITERAL_ADDRESS))
--
2.9.3

49
SOURCES/dnsmasq-2.76-fix-dhcp-option-arrangements.patch Normal file
View File

@ -0,0 +1,49 @@
From 591ed1e90503817938ccf5f127e677a8dd48b6d8 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 11 Jul 2016 18:18:42 +0100
Subject: [PATCH] Fix bad behaviour with some DHCP option arrangements.

The check that there's enough space to store the DHCP agent-id
at the end of the packet could succeed when it should fail
if the END option is in either of the oprion-overload areas.
That could overwrite legit options in the request and cause
bad behaviour. It's highly unlikely that any sane DHCP client
would trigger this bug, and it's never been seen, but this
fixes the problem.

Also fix off-by-one in bounds checking of option processing.
Worst case scenario on that is a read one byte beyond the
end off a buffer with a crafted packet, and maybe therefore
a SIGV crash if the memory after the buffer is not mapped.

Thanks to Timothy Becker for spotting these.
---
src/rfc2131.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/rfc2131.c b/src/rfc2131.c
index b7c167e..8b99d4b 100644
--- a/src/rfc2131.c
+++ b/src/rfc2131.c
@@ -186,7 +186,8 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
be enough free space at the end of the packet to copy the option. */
unsigned char *sopt;
unsigned int total = option_len(opt) + 2;
- unsigned char *last_opt = option_find(mess, sz, OPTION_END, 0);
+ unsigned char *last_opt = option_find1(&mess->options[0] + sizeof(u32), ((unsigned char *)mess) + sz,
+ OPTION_END, 0);
if (last_opt && last_opt < end - total)
{
end -= total;
@@ -1606,7 +1607,7 @@ static unsigned char *option_find1(unsigned char *p, unsigned char *end, int opt
{
while (1)
{
- if (p > end)
+ if (p >= end)
return NULL;
else if (*p == OPTION_END)
return opt == OPTION_END ? p : NULL;
--
2.9.3

36
SOURCES/dnsmasq-2.76-label-man.patch Normal file
View File

@ -0,0 +1,36 @@
From 6eaafb18e56928881bae371ba8bb05ee93f55d54 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Tue, 14 Mar 2017 15:24:58 +0100
Subject: [PATCH 2/2] Document real behaviour of labels with --interface

---
man/dnsmasq.8 | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
index 523c823..6e93cf1 100644
--- a/man/dnsmasq.8
+++ b/man/dnsmasq.8
@@ -203,12 +203,14 @@ or
options are given dnsmasq listens on all available interfaces except any
given in
.B \--except-interface
-options. IP alias interfaces (eg "eth1:0") cannot be used with
-.B --interface
+options. IP alias interface names (eg "eth1:0") can be used only in
+.B \--bind-interfaces
or
-.B --except-interface
-options, use --listen-address instead. A simple wildcard, consisting
-of a trailing '*', can be used in
+.B \--bind-dynamic
+mode. Use
+.B \--listen-address
+in the default mode instead. A simple wildcard, consisting of a trailing '*',
+can be used in
.B \--interface
and
.B \--except-interface
--
2.9.3

93
SOURCES/dnsmasq-2.76-label-warning.patch Normal file
View File

@ -0,0 +1,93 @@
From c3d10a1132ada7baa80914f61abb720f94400465 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Tue, 14 Mar 2017 15:23:22 +0100
Subject: [PATCH 1/2] Warn when using label in default mode

---
src/dnsmasq.c | 2 ++
src/dnsmasq.h | 3 ++-
src/network.c | 13 +++++++++++++
3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/src/dnsmasq.c b/src/dnsmasq.c
index 456b0e8..d2cc7cc 100644
--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
@@ -771,6 +771,8 @@ int main (int argc, char **argv)
if (option_bool(OPT_NOWILD))
warn_bound_listeners();
+ else if (!option_bool(OPT_CLEVERBIND))
+ warn_wild_labels();
warn_int_names();
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index a27fbc1..6b44e53 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -522,7 +522,7 @@ struct ipsets {
struct irec {
union mysockaddr addr;
struct in_addr netmask; /* only valid for IPv4 */
- int tftp_ok, dhcp_ok, mtu, done, warned, dad, dns_auth, index, multicast_done, found;
+ int tftp_ok, dhcp_ok, mtu, done, warned, dad, dns_auth, index, multicast_done, found, label;
char *name;
struct irec *next;
};
@@ -1252,6 +1252,7 @@ int enumerate_interfaces(int reset);
void create_wildcard_listeners(void);
void create_bound_listeners(int die);
void warn_bound_listeners(void);
+void warn_wild_labels(void);
void warn_int_names(void);
int is_dad_listeners(void);
int iface_check(int family, struct all_addr *addr, char *name, int *auth_dns);
diff --git a/src/network.c b/src/network.c
index eb41624..e5ceb76 100644
--- a/src/network.c
+++ b/src/network.c
@@ -244,6 +244,7 @@ static int iface_allowed(struct iface_param *param, int if_index, char *label,
int tftp_ok = !!option_bool(OPT_TFTP);
int dhcp_ok = 1;
int auth_dns = 0;
+ int is_label = 0;
#if defined(HAVE_DHCP) || defined(HAVE_TFTP)
struct iname *tmp;
#endif
@@ -264,6 +265,8 @@ static int iface_allowed(struct iface_param *param, int if_index, char *label,
if (!label)
label = ifr.ifr_name;
+ else
+ is_label = strcmp(label, ifr.ifr_name);
/* maintain a list of all addresses on all interfaces for --local-service option */
if (option_bool(OPT_LOCAL_SERVICE))
@@ -482,6 +485,7 @@ static int iface_allowed(struct iface_param *param, int if_index, char *label,
iface->found = 1;
iface->done = iface->multicast_done = iface->warned = 0;
iface->index = if_index;
+ iface->label = is_label;
if ((iface->name = whine_malloc(strlen(ifr.ifr_name)+1)))
{
strcpy(iface->name, ifr.ifr_name);
@@ -1034,6 +1038,15 @@ void warn_bound_listeners(void)
my_syslog(LOG_WARNING, _("LOUD WARNING: use --bind-dynamic rather than --bind-interfaces to avoid DNS amplification attacks via these interface(s)"));
}
+void warn_wild_labels(void)
+{
+ struct irec *iface;
+
+ for (iface = daemon->interfaces; iface; iface = iface->next)
+ if (iface->found && iface->name && iface->label)
+ my_syslog(LOG_WARNING, _("warning: using interface %s instead"), iface->name);
+}
+
void warn_int_names(void)
{
struct interface_name *intname;
--
2.9.3

149
SOURCES/dnsmasq-2.76-pftables.patch Normal file
View File

@ -0,0 +1,149 @@
From 396750cef533cf72c7e6a72e47a9c93e2e431cb7 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 13 Aug 2016 22:34:11 +0100
Subject: [PATCH] Refactor openBSD pftables code to remove blatant copyright
violation.

---
src/tables.c | 90 +++++++++++++++++++++---------------------------------------
1 file changed, 32 insertions(+), 58 deletions(-)

diff --git a/src/tables.c b/src/tables.c
index aae1252..4fa3487 100644
--- a/src/tables.c
+++ b/src/tables.c
@@ -53,52 +53,6 @@ static char *pfr_strerror(int errnum)
}
}
-static int pfr_add_tables(struct pfr_table *tbl, int size, int *nadd, int flags)
-{
- struct pfioc_table io;
-
- if (size < 0 || (size && tbl == NULL))
- {
- errno = EINVAL;
- return (-1);
- }
- bzero(&io, sizeof io);
- io.pfrio_flags = flags;
- io.pfrio_buffer = tbl;
- io.pfrio_esize = sizeof(*tbl);
- io.pfrio_size = size;
- if (ioctl(dev, DIOCRADDTABLES, &io))
- return (-1);
- if (nadd != NULL)
- *nadd = io.pfrio_nadd;
- return (0);
-}
-
-static int fill_addr(const struct all_addr *ipaddr, int flags, struct pfr_addr* addr) {
- if ( !addr || !ipaddr)
- {
- my_syslog(LOG_ERR, _("error: fill_addr missused"));
- return -1;
- }
- bzero(addr, sizeof(*addr));
-#ifdef HAVE_IPV6
- if (flags & F_IPV6)
- {
- addr->pfra_af = AF_INET6;
- addr->pfra_net = 0x80;
- memcpy(&(addr->pfra_ip6addr), &(ipaddr->addr), sizeof(struct in6_addr));
- }
- else
-#endif
- {
- addr->pfra_af = AF_INET;
- addr->pfra_net = 0x20;
- addr->pfra_ip4addr.s_addr = ipaddr->addr.addr4.s_addr;
- }
- return 1;
-}
-
-/*****************************************************************************/
void ipset_init(void)
{
@@ -111,14 +65,13 @@ void ipset_init(void)
}
int add_to_ipset(const char *setname, const struct all_addr *ipaddr,
- int flags, int remove)
+ int flags, int remove)
{
struct pfr_addr addr;
struct pfioc_table io;
struct pfr_table table;
- int n = 0, rc = 0;
- if ( dev == -1 )
+ if (dev == -1)
{
my_syslog(LOG_ERR, _("warning: no opened pf devices %s"), pf_device);
return -1;
@@ -126,31 +79,52 @@ int add_to_ipset(const char *setname, const struct all_addr *ipaddr,
bzero(&table, sizeof(struct pfr_table));
table.pfrt_flags |= PFR_TFLAG_PERSIST;
- if ( strlen(setname) >= PF_TABLE_NAME_SIZE )
+ if (strlen(setname) >= PF_TABLE_NAME_SIZE)
{
my_syslog(LOG_ERR, _("error: cannot use table name %s"), setname);
errno = ENAMETOOLONG;
return -1;
}
- if ( strlcpy(table.pfrt_name, setname,
- sizeof(table.pfrt_name)) >= sizeof(table.pfrt_name))
+ if (strlcpy(table.pfrt_name, setname,
+ sizeof(table.pfrt_name)) >= sizeof(table.pfrt_name))
{
my_syslog(LOG_ERR, _("error: cannot strlcpy table name %s"), setname);
return -1;
}
- if ((rc = pfr_add_tables(&table, 1, &n, 0)))
+ bzero(&io, sizeof io);
+ io.pfrio_flags = 0;
+ io.pfrio_buffer = &table;
+ io.pfrio_esize = sizeof(table);
+ io.pfrio_size = 1;
+ if (ioctl(dev, DIOCRADDTABLES, &io))
{
- my_syslog(LOG_WARNING, _("warning: pfr_add_tables: %s(%d)"),
- pfr_strerror(errno),rc);
+ my_syslog(LOG_WARNING, _("IPset: error:%s"), pfr_strerror(errno));
+
return -1;
}
+
table.pfrt_flags &= ~PFR_TFLAG_PERSIST;
- if (n)
+ if (io.pfrio_nadd)
my_syslog(LOG_INFO, _("info: table created"));
-
- fill_addr(ipaddr,flags,&addr);
+
+ bzero(&addr, sizeof(addr));
+#ifdef HAVE_IPV6
+ if (flags & F_IPV6)
+ {
+ addr.pfra_af = AF_INET6;
+ addr.pfra_net = 0x80;
+ memcpy(&(addr.pfra_ip6addr), &(ipaddr->addr), sizeof(struct in6_addr));
+ }
+ else
+#endif
+ {
+ addr.pfra_af = AF_INET;
+ addr.pfra_net = 0x20;
+ addr.pfra_ip4addr.s_addr = ipaddr->addr.addr4.s_addr;
+ }
+
bzero(&io, sizeof(io));
io.pfrio_flags = 0;
io.pfrio_table = table;
--
2.9.3

60
SOURCES/dnsmasq-2.76-warning-fixes.patch Normal file
View File

@ -0,0 +1,60 @@
From 13dee6f49e1d035b8069947be84ee8da2af0c420 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 28 Feb 2017 16:51:58 +0000
Subject: [PATCH] Compilation warning fixes.

---
src/dbus.c | 9 ++++-----
src/option.c | 3 ++-
2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/dbus.c b/src/dbus.c
index 7e0d342..2e1a48e 100644
--- a/src/dbus.c
+++ b/src/dbus.c
@@ -549,17 +549,16 @@ static DBusMessage *dbus_add_lease(DBusMessage* message)
return dbus_message_new_error_printf(message, DBUS_ERROR_INVALID_ARGS,
"Invalid IP address '%s'", ipaddr);
- hw_len = parse_hex((char*)hwaddr, dhcp_chaddr, DHCP_CHADDR_MAX, NULL,
- &hw_type);
+ hw_len = parse_hex((char*)hwaddr, dhcp_chaddr, DHCP_CHADDR_MAX, NULL, &hw_type);
if (hw_type == 0 && hw_len != 0)
hw_type = ARPHRD_ETHER;
-
- lease_set_hwaddr(lease, dhcp_chaddr, clid, hw_len, hw_type,
+
+ lease_set_hwaddr(lease, dhcp_chaddr, clid, hw_len, hw_type,
clid_len, now, 0);
lease_set_expires(lease, expires, now);
if (hostname_len != 0)
lease_set_hostname(lease, hostname, 0, get_domain(lease->addr), NULL);
-
+
lease_update_file(now);
lease_update_dns(0);
diff --git a/src/option.c b/src/option.c
index 4a5ef5f..e03b1e3 100644
--- a/src/option.c
+++ b/src/option.c
@@ -4089,7 +4089,7 @@ static void read_file(char *file, FILE *f, int hard_opt)
{
int white, i;
volatile int option = (hard_opt == LOPT_REV_SERV) ? 0 : hard_opt;
- char *errmess, *p, *arg = NULL, *start;
+ char *errmess, *p, *arg, *start;
size_t len;
/* Memory allocation failure longjmps here if mem_recover == 1 */
@@ -4100,6 +4100,7 @@ static void read_file(char *file, FILE *f, int hard_opt)
mem_recover = 1;
}
+ arg = NULL;
lineno++;
errmess = NULL;
--
2.9.3

9
SOURCES/dnsmasq.service Normal file
View File

@ -0,0 +1,9 @@
[Unit]
Description=DNS caching server.
After=network.target

[Service]
ExecStart=/usr/sbin/dnsmasq -k

[Install]
WantedBy=multi-user.target

492
SPECS/dnsmasq.spec Normal file
View File

@ -0,0 +1,492 @@
%define testrelease 0
%define releasecandidate 0
%if 0%{testrelease}
%define extrapath test-releases/
%define extraversion test30
%endif
%if 0%{releasecandidate}
%define extrapath release-candidates/
%define extraversion rc5
%endif

%define _hardened_build 1

Name: dnsmasq
Version: 2.76
Release: 2%{?extraversion}%{?dist}
Summary: A lightweight DHCP/caching DNS server

Group: System Environment/Daemons
License: GPLv2 or GPLv3
URL: http://www.thekelleys.org.uk/dnsmasq/
Source0: http://www.thekelleys.org.uk/dnsmasq/%{?extrapath}%{name}-%{version}%{?extraversion}.tar.gz
Source1: %{name}.service
# upstream git: git://thekelleys.org.uk/dnsmasq.git

# https://bugzilla.redhat.com/show_bug.cgi?id=1367772
# commit 2675f2061525bc954be14988d64384b74aa7bf8b
# after v2.76
Patch1: dnsmasq-2.76-dns-sleep-resume.patch
# commit 591ed1e90503817938ccf5f127e677a8dd48b6d8
Patch2: dnsmasq-2.76-fix-dhcp-option-arrangements.patch
# commit 396750cef533cf72c7e6a72e47a9c93e2e431cb7
Patch3: dnsmasq-2.76-pftables.patch
# commit 16800ea072dd0cdf14d951c4bb8d2808b3dfe53d
Patch4: dnsmasq-2.76-fix-crash-dns-resume.patch
# commit 13dee6f49e1d035b8069947be84ee8da2af0c420
Patch5: dnsmasq-2.76-warning-fixes.patch
Patch6: dnsmasq-2.76-label-warning.patch
Patch7: dnsmasq-2.76-label-man.patch
Patch8: dnsmasq-2.76-coverity.patch

BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

BuildRequires: dbus-devel
BuildRequires: pkgconfig
BuildRequires: libidn-devel

BuildRequires: systemd
Requires(post): systemd systemd-sysv chkconfig
Requires(preun): systemd
Requires(postun): systemd


%description
Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server.
It is designed to provide DNS and, optionally, DHCP, to a small network.
It can serve the names of local machines which are not in the global
DNS. The DHCP server integrates with the DNS server and allows machines
with DHCP-allocated addresses to appear in the DNS with names configured
either in each host or in a central configuration file. Dnsmasq supports
static and dynamic DHCP leases and BOOTP for network booting of diskless
machines.

%package utils
Summary: Utilities for manipulating DHCP server leases
Group: System Environment/Daemons

%description utils
Utilities that use the standard DHCP protocol to
query/remove a DHCP server's leases.


%prep
%setup -q -n %{name}-%{version}%{?extraversion}

%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1 -b .coverity

# use /var/lib/dnsmasq instead of /var/lib/misc
for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do
sed -i 's|/var/lib/misc/dnsmasq.leases|/var/lib/dnsmasq/dnsmasq.leases|g' "$file"
done

#enable dbus
sed -i 's|/\* #define HAVE_DBUS \*/|#define HAVE_DBUS|g' src/config.h

#enable IDN support
sed -i 's|/\* #define HAVE_IDN \*/|#define HAVE_IDN|g' src/config.h

#enable /etc/dnsmasq.d fix bz 526703, ignore RPM backup files
cat << EOF >> dnsmasq.conf.example

# Include all files in /etc/dnsmasq.d except RPM backup files
conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig
EOF


%build
make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
make -C contrib/lease-tools %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"


%install
rm -rf $RPM_BUILD_ROOT
# normally i'd do 'make install'...it's a bit messy, though
mkdir -p $RPM_BUILD_ROOT%{_sbindir} \
$RPM_BUILD_ROOT%{_mandir}/man8 \
$RPM_BUILD_ROOT%{_var}/lib/dnsmasq \
$RPM_BUILD_ROOT%{_sysconfdir}/dnsmasq.d \
$RPM_BUILD_ROOT%{_sysconfdir}/dbus-1/system.d
install src/dnsmasq $RPM_BUILD_ROOT%{_sbindir}/dnsmasq
install dnsmasq.conf.example $RPM_BUILD_ROOT%{_sysconfdir}/dnsmasq.conf
install dbus/dnsmasq.conf $RPM_BUILD_ROOT%{_sysconfdir}/dbus-1/system.d/
install -m 644 man/dnsmasq.8 $RPM_BUILD_ROOT%{_mandir}/man8/

# utils sub package
mkdir -p $RPM_BUILD_ROOT%{_bindir} \
$RPM_BUILD_ROOT%{_mandir}/man1
install -m 755 contrib/lease-tools/dhcp_release $RPM_BUILD_ROOT%{_bindir}/dhcp_release
install -m 644 contrib/lease-tools/dhcp_release.1 $RPM_BUILD_ROOT%{_mandir}/man1/dhcp_release.1
install -m 755 contrib/lease-tools/dhcp_release6 $RPM_BUILD_ROOT%{_bindir}/dhcp_release6
install -m 644 contrib/lease-tools/dhcp_release6.1 $RPM_BUILD_ROOT%{_mandir}/man1/dhcp_release6.1
install -m 755 contrib/lease-tools/dhcp_lease_time $RPM_BUILD_ROOT%{_bindir}/dhcp_lease_time
install -m 644 contrib/lease-tools/dhcp_lease_time.1 $RPM_BUILD_ROOT%{_mandir}/man1/dhcp_lease_time.1

# Systemd
mkdir -p %{buildroot}%{_unitdir}
install -m644 %{SOURCE1} %{buildroot}%{_unitdir}
rm -rf %{buildroot}%{_initrddir}

%clean
rm -rf $RPM_BUILD_ROOT

%post
%systemd_post dnsmasq.service

%preun
%systemd_preun dnsmasq.service

%postun
%systemd_postun_with_restart dnsmasq.service

%triggerun -- dnsmasq < 2.52-3
%{_bindir}/systemd-sysv-convert --save dnsmasq >/dev/null 2>&1 ||:
/sbin/chkconfig --del dnsmasq >/dev/null 2>&1 || :
/bin/systemctl try-restart dnsmasq.service >/dev/null 2>&1 || :

%files
%defattr(-,root,root,-)
%doc CHANGELOG COPYING COPYING-v3 FAQ doc.html setup.html dbus/DBus-interface
%config(noreplace) %attr(644,root,root) %{_sysconfdir}/dnsmasq.conf
%dir /etc/dnsmasq.d
%dir %{_var}/lib/dnsmasq
%config(noreplace) %attr(644,root,root) %{_sysconfdir}/dbus-1/system.d/dnsmasq.conf
%{_unitdir}/%{name}.service
%{_sbindir}/dnsmasq
%{_mandir}/man8/dnsmasq*

%files utils
%{_bindir}/dhcp_*
%{_mandir}/man1/dhcp_*

%changelog
* Wed Mar 15 2017 Petr Menšík <pemensik@redhat.com> - 2.76-2
- Fix a few coverity warnings
- package is dual-licensed GPL v2 or v3
- don't include /etc/dnsmasq.d in triplicate, ignore RPM backup files instead

* Tue Feb 21 2017 Petr Menšík <pemensik@redhat.com> - 2.76-1
- Rebase to 2.76 (#1375527)
- Include also dhcp_release6 (#1375569)
- Fix compilation warnings
- Correct manual about interface aliases, warn if used without --bind*

* Tue Sep 13 2016 Pavel Šimerda <psimerda@redhat.com> - 2.66-21
- Related: #1367772 - fix dns server update

* Thu Sep 08 2016 Pavel Šimerda <psimerda@redhat.com> - 2.66-20
- Related: #1367772 - additional upstream patch

* Tue Sep 06 2016 Pavel Šimerda <psimerda@redhat.com> - 2.66-19
- Resolves: #1367772 - dns not updated after sleep and resume laptop

* Fri Aug 26 2016 root - 2.66-18
- Resolves: #1358427 - dhcp errors with hostnames beginning with numbers

* Tue May 31 2016 Pavel Šimerda <psimerda@redhat.com> - 2.66-17
- Resolves: #1275626 - modify the patch using new information

* Mon May 30 2016 Pavel Šimerda <psimerda@redhat.com> - 2.66-16
- Resolves: #1275626 - use the patch

* Wed May 25 2016 Pavel Šimerda <psimerda@redhat.com> - 2.66-15
- Resolves: #1275626 - dnsmasq crash with coredump on infiniband network with
OpenStack

* Thu Jun 25 2015 Pavel Šimerda <psimerda@redhat.com> - 2.66-14
- Resolves: #1232677 - handle IPv4 and IPv6 host entries properly

* Wed Feb 25 2015 Pavel Šimerda <psimerda@redhat.com> - 2.66-13
- Resolves: #1179756 - dnsmasq does not support MAC address based matching for
IPv6

* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 2.66-12
- Mass rebuild 2014-01-24

* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 2.66-11
- Mass rebuild 2013-12-27

* Thu Aug 15 2013 Tomas Hozza <thozza@redhat.com> - 2.66-10
- Use SO_REUSEPORT and SO_REUSEADDR if possible for DHCPv4/6 (#981973)

* Mon Aug 12 2013 Tomas Hozza <thozza@redhat.com> - 2.66-9
- Don't use SO_REUSEPORT on DHCPv4 socket to prevent conflicts with ISC DHCP (#981973)

* Tue Jul 23 2013 Tomas Hozza <thozza@redhat.com> - 2.66-8
- Fix crash when specified empty DHCP option

* Tue Jun 11 2013 Tomas Hozza <thozza@redhat.com> - 2.66-7
- use _hardened_build macro instead of hardcoded flags
- include several fixies from upstream repo:
- Allow constructed ranges from interface address at end of range
- Dont BINDTODEVICE DHCP socket if more interfaces may come
- Fix option parsing for dhcp host
- Log forwarding table overflows
- Remove limit in prefix length in auth zone

* Fri May 17 2013 Tomas Hozza <thozza@redhat.com> - 2.66-6
- include several fixies from upstream repo:
- Tighten hostname checks in legal hostname() function
- Replace inet_addr() with inet_pton() in src/option.c
- Use dnsmasq as default DNS server for RA only if it's doing DNS
- Handle IPv4 interface address labels (aliases) in Linux (#962246)
- Fix failure to start with ENOTSOCK (#962874)

* Tue Apr 30 2013 Tomas Hozza <thozza@redhat.com> - 2.66-5
- dnsmasq unit file cleanup
- drop forking Type and PIDfile and rather start dnsmasq with "-k" option
- drop After syslog.target as this is by default

* Thu Apr 25 2013 Tomas Hozza <thozza@redhat.com> - 2.66-4
- include several fixes from upstream repo:
- Send TCP DNS messages in one packet
- Fix crash on SERVFAIL when using --conntrack option
- Fix regression in dhcp_lease_time utility
- Man page typos fixes
- Note that dhcp_lease_time and dhcp_release work only for IPv4
- Fix for --dhcp-match option to work also with BOOTP protocol

* Sat Apr 20 2013 Tomas Hozza <thozza@redhat.com> - 2.66-3
- Use Full RELRO when linking the daemon
- compile the daemon with PIE
- include two fixes from upstream git repo

* Thu Apr 18 2013 Tomas Hozza <thozza@redhat.com> - 2.66-2
- New stable version dnsmasq-2.66
- Drop of merged patch

* Fri Apr 12 2013 Tomas Hozza <thozza@redhat.com> - 2.66-1.rc5
- Update to latest dnsmasq-2.66rc5
- Include fix for segfault when lease limit is reached

* Fri Mar 22 2013 Tomas Hozza <thozza@redhat.com> - 2.66-1.rc1
- Update to latest dnsmasq-2.66rc1
- Dropping unneeded patches
- Enable IDN support

* Fri Mar 15 2013 Tomas Hozza <thozza@redhat.com> - 2.65-5
- Allocate dhcp_buff-ers also if daemon->ra_contexts to prevent SIGSEGV (#920300)

* Thu Jan 31 2013 Tomas Hozza <thozza@redhat.com> - 2.65-4
- Handle locally-routed DNS Queries (#904940)

* Thu Jan 24 2013 Tomas Hozza <thozza@redhat.com> - 2.65-3
- build dnsmasq with $RPM_OPT_FLAGS, $RPM_LD_FLAGS explicitly (#903362)

* Tue Jan 22 2013 Tomas Hozza <thozza@redhat.com> - 2.65-2
- Fix for CVE-2013-0198 (checking of TCP connection interfaces) (#901555)

* Sat Dec 15 2012 Tomas Hozza <thozza@redhat.com> - 2.65-1
- new version 2.65

* Wed Dec 05 2012 Tomas Hozza <thozza@redhat.com> - 2.64-1
- New version 2.64
- Merged patches dropped

* Tue Nov 20 2012 Tomas Hozza <thozza@redhat.com> - 2.63-4
- Remove EnvironmentFile from service file (#878343)

* Mon Nov 19 2012 Tomas Hozza <thozza@redhat.com> - 2.63-3
- dhcp6 support fixes (#867054)
- removed "-s $HOSTNAME" from .service file (#753656, #822797)

* Tue Oct 23 2012 Tomas Hozza <thozza@redhat.com> - 2.63-2
- Introduce new systemd-rpm macros in dnsmasq spec file (#850096)

* Thu Aug 23 2012 Douglas Schilling Landgraf <dougsland@redhat.com> - 2.63-1
- Use .tar.gz compression, in upstream site there is no .lzma anymore
- New version 2.63

* Sat Feb 11 2012 Pádraig Brady <P@draigBrady.com> - 2.59-5
- Compile DHCP lease management utils with RPM_OPT_FLAGS

* Thu Feb 9 2012 Pádraig Brady <P@draigBrady.com> - 2.59-4
- Include DHCP lease management utils in a subpackage

* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.59-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Fri Aug 26 2011 Douglas Schilling Landgraf <dougsland@redhat.com> - 2.59-2
- do not enable service by default

* Fri Aug 26 2011 Douglas Schilling Landgraf <dougsland@redhat.com> - 2.59-1
- New version 2.59
- Fix regression in 2.58 (IPv6 issue) - bz 744814

* Fri Aug 26 2011 Douglas Schilling Landgraf <dougsland@redhat.com> - 2.58-1
- Fixed License
- New version 2.58

* Mon Aug 08 2011 Patrick "Jima" Laughton <jima@fedoraproject.org> - 2.52-5
- Include systemd unit file

* Mon Aug 08 2011 Patrick "Jima" Laughton <jima@fedoraproject.org> - 2.52-3
- Applied Jóhann's patch, minor cleanup

* Tue Jul 26 2011 Jóhann B. Guðmundsson <johannbg@gmail.com> - 2.52-3
- Introduce systemd unit file, drop SysV support

* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.52-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Tue Jan 26 2010 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 2.52-1
- New Version 2.52
- fix condrestart() in initscript bz 547605
- fix sed to enable DBUS(the '*' need some escaping) bz 553161

* Sun Nov 22 2009 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 2.51-2
- fix bz 512664

* Sat Oct 17 2009 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 2.51-1
- move initscript from patch to a plain text file
- drop (dnsmasq-configuration.patch) and use sed instead
- enable /etc/dnsmasq.d fix bz 526703
- change requires to package name instead of file
- new version 2.51

* Mon Oct 5 2009 Mark McLoughlin <markmc@redhat.com> - 2.48-4
- Fix multiple TFTP server vulnerabilities (CVE-2009-2957, CVE-2009-2958)

* Wed Aug 12 2009 Ville Skyttä <ville.skytta@iki.fi> - 2.48-3
- Use lzma compressed upstream tarball.

* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.48-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Wed Jun 10 2009 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.48-1
- Bugfix/feature enhancement update
- Fixing BZ#494094

* Fri May 29 2009 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.47-1
- Bugfix/feature enhancement update

* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.46-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

* Mon Dec 29 2008 Matěj Cepl <mcepl@redhat.com> - 2.45-2
- rebuilt

* Mon Jul 21 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.45-1
- Upstream release (bugfixes)

* Wed Jul 16 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.43-2
- New upstream release, contains fixes for CVE-2008-1447/CERT VU#800113
- Dropped patch for newer glibc (merged upstream)

* Wed Feb 13 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.8
- Added upstream-authored patch for newer glibc (thanks Simon!)

* Wed Feb 13 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.7
- New upstream release

* Wed Jan 30 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.6.rc1
- Release candidate
- Happy Birthday Isaac!

* Wed Jan 23 2008 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.5.test30
- Bugfix update

* Mon Dec 31 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.4.test26
- Bugfix/feature enhancement update

* Thu Dec 13 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.3.test24
- Upstream fix for fairly serious regression

* Tue Dec 04 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.41-0.2.test20
- New upstream test release
- Moving dnsmasq.leases to /var/lib/dnsmasq/ as per BZ#407901
- Ignoring dangerous-command-in-%%post rpmlint warning (as per above fix)
- Patch consolidation/cleanup
- Removed conditionals for Fedora <= 3 and Aurora 2.0

* Tue Sep 18 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.40-1
- Finalized upstream release
- Removing URLs from patch lines (CVS is the authoritative source)
- Added more magic to make spinning rc/test packages more seamless

* Sun Aug 26 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.40-0.1.rc2
- New upstream release candidate (feature-frozen), thanks Simon!
- License clarification

* Tue May 29 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.39-1
- New upstream version (bugfixes, enhancements)

* Mon Feb 12 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.38-1
- New upstream version with bugfix for potential hang

* Tue Feb 06 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.37-1
- New upstream version

* Wed Jan 24 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.36-1
- New upstream version

* Mon Nov 06 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.35-2
- Stop creating /etc/sysconfig on %%install
- Create /etc/dnsmasq.d on %%install

* Mon Nov 06 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.35-1
- Update to 2.35
- Removed UPGRADING_to_2.0 from %%doc as per upstream change
- Enabled conf-dir in default config as per RFE BZ#214220 (thanks Chris!)
- Added %%dir /etc/dnsmasq.d to %%files as per above RFE

* Tue Oct 24 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.34-2
- Fixed BZ#212005
- Moved %%postun scriptlet to %%post, where it made more sense
- Render scriptlets safer
- Minor cleanup for consistency

* Thu Oct 19 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.34-1
- Hardcoded version in patches, as I'm getting tired of updating them
- Update to 2.34

* Mon Aug 28 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.33-2
- Rebuild for FC6

* Tue Aug 15 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.33-1
- Update

* Sat Jul 22 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.32-3
- Added pkgconfig BuildReq due to reduced buildroot

* Thu Jul 20 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.32-2
- Forced update due to dbus version bump

* Mon Jun 12 2006 Patrick "Jima" Laughton <jima@beer.tclug.org> 2.32-1
- Update from upstream
- Patch from Dennis Gilmore fixed the conditionals to detect Aurora Linux

* Mon May 8 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.31-1
- Removed dbus config patch (now provided upstream)
- Patched in init script (no longer provided upstream)
- Added DBus-interface to docs

* Tue May 2 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.30-4.2
- More upstream-recommended cleanups :)
- Killed sysconfig file (provides unneeded functionality)
- Tweaked init script a little more

* Tue May 2 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.30-4
- Moved options out of init script and into /etc/sysconfig/dnsmasq
- Disabled DHCP_LEASE in sysconfig file, fixing bug #190379
- Simon Kelley provided dbus/dnsmasq.conf, soon to be part of the tarball

* Thu Apr 27 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.30-3
- Un-enabled HAVE_ISC_READER, a hack to enable a deprecated feature (request)
- Split initscript & enable-dbus patches, conditionalized dbus for FC3
- Tweaked name field in changelog entries (trying to be consistent)

* Mon Apr 24 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.30-2
- Disabled stripping of binary while installing (oops)
- Enabled HAVE_ISC_READER/HAVE_DBUS via patch
- Added BuildReq for dbus-devel

* Mon Apr 24 2006 Patrick "Jima" Laughton <jima@auroralinux.org> 2.30-1
- Initial Fedora Extras RPM