[arch-commits] Commit in dnsmasq/trunk (2 files)

[Christian Hesse via arch-commits]

Date: Friday, January 19, 2018 @ 14:05:59
  Author: eworm
Revision: 315151

upgpkg: dnsmasq 2.78-2

* fix locale path in build
* DNSSEC fix for wildcard NSEC records (CVE-2017-15107)

Added:
  dnsmasq/trunk/0001-DNSSEC-fix-for-wildcard-NSEC-records.patch
Modified:
  dnsmasq/trunk/PKGBUILD

-+
 0001-DNSSEC-fix-for-wildcard-NSEC-records.patch |  203 ++
 PKGBUILD|   16 +
 2 files changed, 217 insertions(+), 2 deletions(-)

Added: 0001-DNSSEC-fix-for-wildcard-NSEC-records.patch
===
--- 0001-DNSSEC-fix-for-wildcard-NSEC-records.patch 
(rev 0)
+++ 0001-DNSSEC-fix-for-wildcard-NSEC-records.patch 2018-01-19 14:05:59 UTC 
(rev 315151)
@@ -0,0 +1,203 @@
+From 4fe6744a220eddd3f1749b40cac3dfc510787de6 Mon Sep 17 00:00:00 2001
+From: Simon Kelley 
+Date: Fri, 19 Jan 2018 12:26:08 +
+Subject: DNSSEC fix for wildcard NSEC records. CVE-2017-15107 applies.
+
+It's OK for NSEC records to be expanded from wildcards,
+but in that case, the proof of non-existence is only valid
+starting at the wildcard name, *. NOT the name expanded
+from the wildcard. Without this check it's possible for an
+attacker to craft an NSEC which wrongly proves non-existence
+in a domain which includes a wildcard for NSEC.
+---
+ src/dnssec.c | 117 ---
+ 2 files changed, 114 insertions(+), 15 deletions(-)
+
+diff --git a/src/dnssec.c b/src/dnssec.c
+index eb6c11c..a54a0b4 100644
+--- a/src/dnssec.c
 b/src/dnssec.c
+@@ -103,15 +103,17 @@ static void from_wire(char *name)
+ static int count_labels(char *name)
+ {
+   int i;
+-
++  char *p;
++  
+   if (*name == 0)
+ return 0;
+ 
+-  for (i = 0; *name; name++)
+-if (*name == '.')
++  for (p = name, i = 0; *p; p++)
++if (*p == '.')
+   i++;
+ 
+-  return i+1;
++  /* Don't count empty first label. */
++  return *name == '.' ? i : i+1;
+ }
+ 
+ /* Implement RFC1982 wrapped compare for 32-bit numbers */
+@@ -1094,8 +1096,8 @@ static int hostname_cmp(const char *a, const char *b)
+ }
+ }
+ 
+-static int prove_non_existence_nsec(struct dns_header *header, size_t plen, 
unsigned char **nsecs, int nsec_count,
+-  char *workspace1, char *workspace2, char 
*name, int type, int *nons)
++static int prove_non_existence_nsec(struct dns_header *header, size_t plen, 
unsigned char **nsecs, unsigned char **labels, int nsec_count,
++  char *workspace1_in, char *workspace2, char 
*name, int type, int *nons)
+ {
+   int i, rc, rdlen;
+   unsigned char *p, *psave;
+@@ -1108,6 +1110,9 @@ static int prove_non_existence_nsec(struct dns_header 
*header, size_t plen, unsi
+   /* Find NSEC record that proves name doesn't exist */
+   for (i = 0; i < nsec_count; i++)
+ {
++  char *workspace1 = workspace1_in;
++  int sig_labels, name_labels;
++
+   p = nsecs[i];
+   if (!extract_name(header, plen, , workspace1, 1, 10))
+   return 0;
+@@ -1116,7 +1121,27 @@ static int prove_non_existence_nsec(struct dns_header 
*header, size_t plen, unsi
+   psave = p;
+   if (!extract_name(header, plen, , workspace2, 1, 10))
+   return 0;
+-  
++
++  /* If NSEC comes from wildcard expansion, use original wildcard
++   as name for computation. */
++  sig_labels = *labels[i];
++  name_labels = count_labels(workspace1);
++
++  if (sig_labels < name_labels)
++  {
++int k;
++for (k = name_labels - sig_labels; k != 0; k--)
++  {
++while (*workspace1 != '.' && *workspace1 != 0)
++  workspace1++;
++if (k != 1 && *workspace1 == '.')
++  workspace1++;
++  }
++
++workspace1--;
++*workspace1 = '*';
++  }
++
+   rc = hostname_cmp(workspace1, name);
+   
+   if (rc == 0)
+@@ -1514,24 +1539,26 @@ static int prove_non_existence_nsec3(struct dns_header 
*header, size_t plen, uns
+ 
+ static int prove_non_existence(struct dns_header *header, size_t plen, char 
*keyname, char *name, int qtype, int qclass, char *wildname, int *nons)
+ {
+-  static unsigned char **nsecset = NULL;
+-  static int nsecset_sz = 0;
++  static unsigned char **nsecset = NULL, **rrsig_labels = NULL;
++  static int nsecset_sz = 0, rrsig_labels_sz = 0;
+   
+   int type_found = 0;
+-  unsigned char *p = skip_questions(header, plen);
++  unsigned char *auth_start, *p = skip_questions(header, plen);
+   int type, class, rdlen, i, nsecs_found;
+   
+   /* Move to NS section */
+   if (!p || !(p = skip_section(p, ntohs(header->ancount), header, plen)))
+ return 0;
++
++  auth_start = p;
+   
+   for (nsecs_found = 0, i = ntohs(header->nscount); i != 0; i--)
+ {
+   unsigned char *pstart = p;
+   
+-  if (!(p = 

[arch-commits] Commit in dnsmasq/trunk (2 files)

[Christian Hesse]

Date: Sunday, August 27, 2017 @ 19:43:40
  Author: eworm
Revision: 304260

upgpkg: dnsmasq 2.77-4

Apply: Fix logic of appending "." to PXE basename (FS#55302)

Added:
  dnsmasq/trunk/0002-Fix-logic-of-appending-layer-to-PXE-basename.patch
Modified:
  dnsmasq/trunk/PKGBUILD

-+
 0002-Fix-logic-of-appending-layer-to-PXE-basename.patch |   35 ++
 PKGBUILD|5 +-
 2 files changed, 39 insertions(+), 1 deletion(-)

Added: 0002-Fix-logic-of-appending-layer-to-PXE-basename.patch
===
--- 0002-Fix-logic-of-appending-layer-to-PXE-basename.patch 
(rev 0)
+++ 0002-Fix-logic-of-appending-layer-to-PXE-basename.patch 2017-08-27 
19:43:40 UTC (rev 304260)
@@ -0,0 +1,35 @@
+From: Chris Novakovic 
+Date: Tue, 6 Jun 2017 22:02:59 + (+0100)
+Subject: Fix logic of appending "." to PXE basename
+X-Git-Tag: v2.78test1~1
+X-Git-Url: 
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff_plain;h=2446514e716075cfe2be35e2a9b9de4eacdbac99
+
+Fix logic of appending "." to PXE basename
+
+Commit f77700aa, which fixes a compiler warning, also breaks the
+behaviour of prepending "." to basenames in --pxe-service: in
+situations where the basename contains a ".", the "." suffix is
+erroneously added, and in situations where the basename doesn't contain
+a ".", the "." suffix is erroneously omitted.
+
+A patch against the git HEAD is attached that inverts this logic and
+restores the expected behaviour of --pxe-service.
+---
+
+diff --git a/src/rfc2131.c b/src/rfc2131.c
+index a679470..1c850e5 100644
+--- a/src/rfc2131.c
 b/src/rfc2131.c
+@@ -836,10 +836,10 @@ size_t dhcp_reply(struct dhcp_context *context, char 
*iface_name, int int_index,
+ 
+ if (strchr(service->basename, '.'))
+   snprintf((char *)mess->file, sizeof(mess->file),
+-  "%s.%d", service->basename, layer);
++  "%s", service->basename);
+ else
+   snprintf((char *)mess->file, sizeof(mess->file),
+-  "%s", service->basename);
++  "%s.%d", service->basename, layer);
+ 
+ option_put(mess, end, OPTION_MESSAGE_TYPE, 1, DHCPACK);
+ option_put(mess, end, OPTION_SERVER_IDENTIFIER, INADDRSZ, 
htonl(context->local.s_addr));

Modified: PKGBUILD
===
--- PKGBUILD2017-08-27 13:36:37 UTC (rev 304259)
+++ PKGBUILD2017-08-27 19:43:40 UTC (rev 304260)
@@ -6,7 +6,7 @@
 
 pkgname=dnsmasq
 pkgver=2.77
-pkgrel=3
+pkgrel=4
 pkgdesc="Lightweight, easy to configure DNS forwarder and DHCP server"
 url="http://www.thekelleys.org.uk/dnsmasq/doc.html;
 arch=('i686' 'x86_64')
@@ -16,11 +16,13 @@
 validpgpkeys=('D6EACBD6EE46B834248D111215CDDA6AE19135A2') # Simon Kelley 

 source=("http://www.thekelleys.org.uk/$pkgname/$pkgname-$pkgver.tar.xz"{,.asc}
 '0001-do-not-include-stdio-h-before-dnsmasq-h.patch'
+'0002-Fix-logic-of-appending-layer-to-PXE-basename.patch'
 'dnsmasq-sysusers.conf'
 'dnsmasq.service')
 sha256sums=('6eac3b1c50ae25170e3ff8c96ddb55236cf45007633fdb8a35b1f3e02f5f8b8a'
 'SKIP'
 'bd39af88222ec44d269734d0513656bed865fb0f0901b538fdbbe19768e91bcf'
+'5c969e79037980f3d138434a40c4478f7383f9ee9a46689c96dcf93f74062e11'
 '7f6ff6a709038ae580758f4b6a754451d7f7ce22957b88a36b97f7b643d3c2ab'
 '983a3c7a68ce114cf7b44f0d9c59b74c266647a9e5ac34c1d1d5161610bc57fe')
 
@@ -30,6 +32,7 @@
   cd "$pkgname-$pkgver"
 
   patch -Np1 < "${srcdir}"/0001-do-not-include-stdio-h-before-dnsmasq-h.patch
+  patch -Np1 < 
"${srcdir}"/0002-Fix-logic-of-appending-layer-to-PXE-basename.patch
 }
 
 build() {

[arch-commits] Commit in dnsmasq/trunk (2 files)

[Christian Hesse]

Date: Wednesday, August 23, 2017 @ 08:06:24
  Author: eworm
Revision: 303332

upgpkg: dnsmasq 2.77-3

do not include stdio.h before dnsmasq.h (FS#54834)

Added:
  dnsmasq/trunk/0001-do-not-include-stdio-h-before-dnsmasq-h.patch
Modified:
  dnsmasq/trunk/PKGBUILD

+
 0001-do-not-include-stdio-h-before-dnsmasq-h.patch |   24 +++
 PKGBUILD   |   11 +++-
 2 files changed, 34 insertions(+), 1 deletion(-)

Added: 0001-do-not-include-stdio-h-before-dnsmasq-h.patch
===
--- 0001-do-not-include-stdio-h-before-dnsmasq-h.patch  
(rev 0)
+++ 0001-do-not-include-stdio-h-before-dnsmasq-h.patch  2017-08-23 08:06:24 UTC 
(rev 303332)
@@ -0,0 +1,24 @@
+Subject: [PATCH 1/1] do not include stdio.h before dnsmasq.h
+Date: Tue, 22 Aug 2017 23:19:29 +0200
+From: Christian Hesse 
+
+We define some constants in dnsmasq.h, which have an influence on
+stdio.h. So do not include stdio.h before dnsmasq.h.
+
+Signed-off-by: Christian Hesse 
+---
+ src/helper.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/src/helper.c b/src/helper.c
+index 635677e..281cb4a 100644
+--- a/src/helper.c
 b/src/helper.c
+@@ -14,7 +14,6 @@
+along with this program.  If not, see .
+ */
+ 
+-#include 
+ #include "dnsmasq.h"
+ 
+ #ifdef HAVE_SCRIPT

Modified: PKGBUILD
===
--- PKGBUILD2017-08-23 07:21:51 UTC (rev 303331)
+++ PKGBUILD2017-08-23 08:06:24 UTC (rev 303332)
@@ -1,4 +1,5 @@
 # $Id$
+# Maintainer: Christian Hesse 
 # Maintainer: Dave Reisner 
 # Contributor: Paul Mattal 
 # Contributor: Tom Newsom 
@@ -5,7 +6,7 @@
 
 pkgname=dnsmasq
 pkgver=2.77
-pkgrel=2
+pkgrel=3
 pkgdesc="Lightweight, easy to configure DNS forwarder and DHCP server"
 url="http://www.thekelleys.org.uk/dnsmasq/doc.html;
 arch=('i686' 'x86_64')
@@ -14,15 +15,23 @@
 backup=('etc/dnsmasq.conf')
 validpgpkeys=('D6EACBD6EE46B834248D111215CDDA6AE19135A2') # Simon Kelley 

 source=("http://www.thekelleys.org.uk/$pkgname/$pkgname-$pkgver.tar.xz"{,.asc}
+'0001-do-not-include-stdio-h-before-dnsmasq-h.patch'
 'dnsmasq-sysusers.conf'
 'dnsmasq.service')
 sha256sums=('6eac3b1c50ae25170e3ff8c96ddb55236cf45007633fdb8a35b1f3e02f5f8b8a'
 'SKIP'
+'bd39af88222ec44d269734d0513656bed865fb0f0901b538fdbbe19768e91bcf'
 '7f6ff6a709038ae580758f4b6a754451d7f7ce22957b88a36b97f7b643d3c2ab'
 '983a3c7a68ce114cf7b44f0d9c59b74c266647a9e5ac34c1d1d5161610bc57fe')
 
 _build_copts="-DHAVE_DNSSEC -DHAVE_DBUS -DHAVE_IDN -DHAVE_CONNTRACK"
 
+prepare() {
+  cd "$pkgname-$pkgver"
+
+  patch -Np1 < "${srcdir}"/0001-do-not-include-stdio-h-before-dnsmasq-h.patch
+}
+
 build() {
   cd "$pkgname-$pkgver"
 

[arch-commits] Commit in dnsmasq/trunk (2 files)

[Christian Hesse]

Date: Thursday, June 1, 2017 @ 19:03:12
  Author: eworm
Revision: 297329

upgpkg: dnsmasq 2.77-1

new upstream release

Modified:
  dnsmasq/trunk/PKGBUILD
Deleted:
  dnsmasq/trunk/0001-Handle-binding-upstream-servers-to-an-interface.patch

+
 0001-Handle-binding-upstream-servers-to-an-interface.patch |  123 ---
 PKGBUILD   |   23 --
 2 files changed, 7 insertions(+), 139 deletions(-)

Deleted: 0001-Handle-binding-upstream-servers-to-an-interface.patch
===
--- 0001-Handle-binding-upstream-servers-to-an-interface.patch  2017-06-01 
18:59:30 UTC (rev 297328)
+++ 0001-Handle-binding-upstream-servers-to-an-interface.patch  2017-06-01 
19:03:12 UTC (rev 297329)
@@ -1,123 +0,0 @@
-From f7fcfebdbc3c57570d2f6de35f38c72ce6c80143 Mon Sep 17 00:00:00 2001
-From: Christian Hesse 
-Date: Wed, 31 Aug 2016 18:42:22 +0200
-Subject: [PATCH 1/1] Handle binding upstream servers to an interface
-
-upstream commits:
-
-* 2675f2061525bc954be14988d64384b74aa7bf8b
-* 16800ea072dd0cdf14d951c4bb8d2808b3dfe53d
-
-Signed-off-by: Christian Hesse 

- src/dnsmasq.h |  1 +
- src/network.c | 32 ++--
- 2 files changed, 31 insertions(+), 2 deletions(-)
-
-diff --git a/src/dnsmasq.h b/src/dnsmasq.h
-index 1896a64..aa5ec84 100644
 a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -487,6 +487,7 @@ struct serverfd {
-   int fd;
-   union mysockaddr source_addr;
-   char interface[IF_NAMESIZE+1];
-+  unsigned int ifindex, used;
-   struct serverfd *next;
- };
- 
-diff --git a/src/network.c b/src/network.c
-index e7722fd..d87d08f 100644
 a/src/network.c
-+++ b/src/network.c
-@@ -1204,6 +1204,7 @@ int local_bind(int fd, union mysockaddr *addr, char 
*intname, int is_tcp)
- static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname)
- {
-   struct serverfd *sfd;
-+  unsigned int ifindex = 0;
-   int errsave;
- 
-   /* when using random ports, servers which would otherwise use
-@@ -1224,11 +1225,15 @@ static struct serverfd *allocate_sfd(union mysockaddr 
*addr, char *intname)
-   return NULL;
- #endif
- }
-+
-+  if (intname && strlen(intname) != 0)
-+ifindex = if_nametoindex(intname); /* index == 0 when not binding to an 
interface */
-   
-   /* may have a suitable one already */
-   for (sfd = daemon->sfds; sfd; sfd = sfd->next )
- if (sockaddr_isequal(>source_addr, addr) &&
--  strcmp(intname, sfd->interface) == 0)
-+  strcmp(intname, sfd->interface) == 0 &&
-+  ifindex == sfd->ifindex) 
-   return sfd;
-   
-   /* need to make a new one. */
-@@ -1250,11 +1255,13 @@ static struct serverfd *allocate_sfd(union mysockaddr 
*addr, char *intname)
-   errno = errsave;
-   return NULL;
- }
--
-+
-   strcpy(sfd->interface, intname); 
-   sfd->source_addr = *addr;
-   sfd->next = daemon->sfds;
-+  sfd->ifindex = ifindex;
-   daemon->sfds = sfd;
-+
-   return sfd; 
- }
- 
-@@ -1429,12 +1436,16 @@ void check_servers(void)
- {
-   struct irec *iface;
-   struct server *serv;
-+  struct serverfd *sfd, *tmp, **up;
-   int port = 0, count;
- 
-   /* interface may be new since startup */
-   if (!option_bool(OPT_NOWILD))
- enumerate_interfaces(0);
-   
-+  for (sfd = daemon->sfds; sfd; sfd = sfd->next)
-+sfd->used = 0;
-+
- #ifdef HAVE_DNSSEC
-  /* Disable DNSSEC validation when using server=/domain/ servers
- unless there's a configured trust anchor. */
-@@ -1505,6 +1516,9 @@ void check_servers(void)
- serv->flags |= SERV_MARK;
- continue;
-   }
-+
-+if (serv->sfd)
-+  serv->sfd->used = 1;
-   }
-   
-   if (!(serv->flags & SERV_NO_REBIND) && !(serv->flags & 
SERV_LITERAL_ADDRESS))
-@@ -1547,6 +1561,20 @@ void check_servers(void)
-   if (count - 1 > SERVERS_LOGGED)
- my_syslog(LOG_INFO, _("using %d more nameservers"), count - 
SERVERS_LOGGED - 1);
- 
-+  /* Remove unused sfds */
-+  for (sfd = daemon->sfds, up = >sfds; sfd; sfd = tmp)
-+{
-+   tmp = sfd->next;
-+   if (!sfd->used) 
-+  {
-+*up = sfd->next;
-+close(sfd->fd);
-+free(sfd);
-+  } 
-+  else
-+  up = >next;
-+}
-+  
-   cleanup_servers();
- }
- 
--- 
-2.9.3
-

Modified: PKGBUILD
===
--- PKGBUILD2017-06-01 18:59:30 UTC (rev 297328)
+++ PKGBUILD2017-06-01 19:03:12 UTC (rev 297329)
@@ -4,8 +4,8 @@
 # Contributor: Tom Newsom 
 
 pkgname=dnsmasq
-pkgver=2.76
-pkgrel=4
+pkgver=2.77
+pkgrel=1
 pkgdesc="Lightweight, easy to configure DNS forwarder and DHCP server"
 url="http://www.thekelleys.org.uk/dnsmasq/doc.html;
 arch=('i686' 'x86_64')
@@ -12,26 +12,17 @@
 license=('GPL')
 depends=('glibc' 'gmp' 'libidn' 'libdbus' 'libnetfilter_conntrack' 'nettle')
 

[arch-commits] Commit in dnsmasq/trunk (2 files)

[Dave Reisner]

Date: Sunday, December 8, 2013 @ 21:11:38
  Author: dreisner
Revision: 201312

upgpkg: dnsmasq 2.68-1

Modified:
  dnsmasq/trunk/PKGBUILD
Deleted:
  dnsmasq/trunk/0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch

-+
 0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch |   49 
--
 PKGBUILD|   10 --
 2 files changed, 3 insertions(+), 56 deletions(-)

Deleted: 0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch
===
--- 0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch 
2013-12-08 19:32:58 UTC (rev 201311)
+++ 0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch 
2013-12-08 20:11:38 UTC (rev 201312)
@@ -1,49 +0,0 @@
-From 7b174c250df2bc97b503fd03b9e473998676b1a6 Mon Sep 17 00:00:00 2001
-From: Simon Kelley si...@thekelleys.org.uk
-Date: Mon, 28 Oct 2013 13:14:03 +
-Subject: [PATCH] Fix check for local domains in CNAME case. Fixes
- d56a604a9600c08d4a863527d549713c07f0186d
-

- src/cache.c   | 2 +-
- src/rfc1035.c | 4 ++--
- 2 files changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/cache.c b/src/cache.c
-index d99aba6..6c5f601 100644
 a/src/cache.c
-+++ b/src/cache.c
-@@ -330,7 +330,7 @@ static int cache_scan_free(char *name, struct all_addr 
*addr, time_t now, unsign
-((flags  crecp-flags  F_TYPE) || ((crecp-flags | flags)  
F_CNAME)) 
-hostname_isequal(cache_get_name(crecp), name))
- {
--  if (crecp-flags  (F_HOSTS | F_DHCP))
-+  if (crecp-flags  (F_HOSTS | F_DHCP | F_CONFIG))
- return 0;
-   *up = crecp-hash_next;
-   cache_unlink(crecp);
-diff --git a/src/rfc1035.c b/src/rfc1035.c
-index fc6d09c..ff97576 100644
 a/src/rfc1035.c
-+++ b/src/rfc1035.c
-@@ -1221,7 +1221,7 @@ int check_for_local_domain(char *name, time_t now)
-   struct naptr *naptr;
- 
-   if ((crecp = cache_find_by_name(NULL, name, now, F_IPV4 | F_IPV6 | 
F_CNAME)) 
--  (crecp-flags  (F_HOSTS | F_DHCP)))
-+  (crecp-flags  (F_HOSTS | F_DHCP | F_CONFIG)))
- return 1;
-   
-   for (naptr = daemon-naptr; naptr; naptr = naptr-next)
-@@ -1861,7 +1861,7 @@ size_t answer_request(struct dns_header *header, char 
*limit, size_t qlen,
- if (qtype == T_CNAME || qtype == T_ANY)
-   {
- if ((crecp = cache_find_by_name(NULL, name, now, F_CNAME)) 
--(qtype == T_CNAME || (crecp-flags  (F_HOSTS | F_DHCP
-+(qtype == T_CNAME || (crecp-flags  (F_HOSTS | F_DHCP | 
F_CONFIG
-   {
- ans = 1;
- if (!dryrun)
--- 
-1.8.4.2
-

Modified: PKGBUILD
===
--- PKGBUILD2013-12-08 19:32:58 UTC (rev 201311)
+++ PKGBUILD2013-12-08 20:11:38 UTC (rev 201312)
@@ -4,8 +4,8 @@
 # Contributor: Tom Newsom jeeps...@gmx.co.uk
 
 pkgname=dnsmasq
-pkgver=2.67
-pkgrel=2
+pkgver=2.68
+pkgrel=1
 pkgdesc=Lightweight, easy to configure DNS forwarder and DHCP server
 url=http://www.thekelleys.org.uk/dnsmasq/doc.html;
 arch=('i686' 'x86_64')
@@ -14,10 +14,8 @@
 install=$pkgname.install
 backup=('etc/dnsmasq.conf')
 source=(http://www.thekelleys.org.uk/$pkgname/$pkgname-$pkgver.tar.xz;
-'0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch'
 'dnsmasq.service')
-md5sums=('3560068c6cc644a01924fa089a70bb9c'
- '38bcc0c2b8dbc480e58a3478cae34bf6'
+md5sums=('fec885ba0a9df0f7d8f2e44db48f19ae'
  '7ac45726cabef4145db40d758cc7fedf')
 
 prepare() {
@@ -26,8 +24,6 @@
   # link against dbus. this ugliness is needed to ensure that the
   # compile time opts report properly on startup. yuck.
   sed -i '/^#ifdef DNSMASQ_COMPILE_OPTS/ i#define HAVE_DBUS' src/config.h
-
-  patch -Np1 
$srcdir/0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch
 }
 
 build() {

[arch-commits] Commit in dnsmasq/trunk (2 files)

[Dave Reisner]

Date: Wednesday, October 30, 2013 @ 16:22:56
  Author: dreisner
Revision: 198522

upgpkg: dnsmasq 2.67-2

- backport fix for local CNAME resolution failures

Added:
  dnsmasq/trunk/0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch
Modified:
  dnsmasq/trunk/PKGBUILD

-+
 0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch |   49 
++
 PKGBUILD|6 +
 2 files changed, 54 insertions(+), 1 deletion(-)

Added: 0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch
===
--- 0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch 
(rev 0)
+++ 0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch 
2013-10-30 15:22:56 UTC (rev 198522)
@@ -0,0 +1,49 @@
+From 7b174c250df2bc97b503fd03b9e473998676b1a6 Mon Sep 17 00:00:00 2001
+From: Simon Kelley si...@thekelleys.org.uk
+Date: Mon, 28 Oct 2013 13:14:03 +
+Subject: [PATCH] Fix check for local domains in CNAME case. Fixes
+ d56a604a9600c08d4a863527d549713c07f0186d
+
+---
+ src/cache.c   | 2 +-
+ src/rfc1035.c | 4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/cache.c b/src/cache.c
+index d99aba6..6c5f601 100644
+--- a/src/cache.c
 b/src/cache.c
+@@ -330,7 +330,7 @@ static int cache_scan_free(char *name, struct all_addr 
*addr, time_t now, unsign
+((flags  crecp-flags  F_TYPE) || ((crecp-flags | flags)  
F_CNAME)) 
+hostname_isequal(cache_get_name(crecp), name))
+ {
+-  if (crecp-flags  (F_HOSTS | F_DHCP))
++  if (crecp-flags  (F_HOSTS | F_DHCP | F_CONFIG))
+ return 0;
+   *up = crecp-hash_next;
+   cache_unlink(crecp);
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index fc6d09c..ff97576 100644
+--- a/src/rfc1035.c
 b/src/rfc1035.c
+@@ -1221,7 +1221,7 @@ int check_for_local_domain(char *name, time_t now)
+   struct naptr *naptr;
+ 
+   if ((crecp = cache_find_by_name(NULL, name, now, F_IPV4 | F_IPV6 | 
F_CNAME)) 
+-  (crecp-flags  (F_HOSTS | F_DHCP)))
++  (crecp-flags  (F_HOSTS | F_DHCP | F_CONFIG)))
+ return 1;
+   
+   for (naptr = daemon-naptr; naptr; naptr = naptr-next)
+@@ -1861,7 +1861,7 @@ size_t answer_request(struct dns_header *header, char 
*limit, size_t qlen,
+ if (qtype == T_CNAME || qtype == T_ANY)
+   {
+ if ((crecp = cache_find_by_name(NULL, name, now, F_CNAME)) 
+-(qtype == T_CNAME || (crecp-flags  (F_HOSTS | F_DHCP
++(qtype == T_CNAME || (crecp-flags  (F_HOSTS | F_DHCP | 
F_CONFIG
+   {
+ ans = 1;
+ if (!dryrun)
+-- 
+1.8.4.2
+

Modified: PKGBUILD
===
--- PKGBUILD2013-10-30 15:22:36 UTC (rev 198521)
+++ PKGBUILD2013-10-30 15:22:56 UTC (rev 198522)
@@ -5,7 +5,7 @@
 
 pkgname=dnsmasq
 pkgver=2.67
-pkgrel=1
+pkgrel=2
 pkgdesc=Lightweight, easy to configure DNS forwarder and DHCP server
 url=http://www.thekelleys.org.uk/dnsmasq/doc.html;
 arch=('i686' 'x86_64')
@@ -14,8 +14,10 @@
 install=$pkgname.install
 backup=('etc/dnsmasq.conf')
 source=(http://www.thekelleys.org.uk/$pkgname/$pkgname-$pkgver.tar.xz;
+'0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch'
 'dnsmasq.service')
 md5sums=('3560068c6cc644a01924fa089a70bb9c'
+ '38bcc0c2b8dbc480e58a3478cae34bf6'
  '7ac45726cabef4145db40d758cc7fedf')
 
 prepare() {
@@ -24,6 +26,8 @@
   # link against dbus. this ugliness is needed to ensure that the
   # compile time opts report properly on startup. yuck.
   sed -i '/^#ifdef DNSMASQ_COMPILE_OPTS/ i#define HAVE_DBUS' src/config.h
+
+  patch -Np1 
$srcdir/0001-Fix-check-for-local-domains-in-CNAME-case.-Fixes-d56.patch
 }
 
 build() {

[arch-commits] Commit in dnsmasq/trunk (2 files)

[Dave Reisner]

Date: Sunday, July 7, 2013 @ 21:07:29
  Author: dreisner
Revision: 189771

upgpkg: dnsmasq 2.66-2

backport fix for start failure as radvd replacement without dhcpv6 enabled

Added:
  dnsmasq/trunk/0001-Fix-failure-to-start-with-ENOTSOCK.patch
Modified:
  dnsmasq/trunk/PKGBUILD

---+
 0001-Fix-failure-to-start-with-ENOTSOCK.patch |   26 
 PKGBUILD  |5 +++-
 2 files changed, 30 insertions(+), 1 deletion(-)

Added: 0001-Fix-failure-to-start-with-ENOTSOCK.patch
===
--- 0001-Fix-failure-to-start-with-ENOTSOCK.patch   
(rev 0)
+++ 0001-Fix-failure-to-start-with-ENOTSOCK.patch   2013-07-07 19:07:29 UTC 
(rev 189771)
@@ -0,0 +1,26 @@
+From cfcad42ff1ddee8e64d120f18016a654152d0215 Mon Sep 17 00:00:00 2001
+From: Simon Kelley si...@thekelleys.org.uk
+Date: Fri, 17 May 2013 11:32:03 +0100
+Subject: [PATCH] Fix failure to start with ENOTSOCK
+
+---
+ CHANGELOG | 6 ++
+ src/dnsmasq.c | 2 +-
+ 2 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/src/dnsmasq.c b/src/dnsmasq.c
+index 43b8cb1..b0f984d 100644
+--- a/src/dnsmasq.c
 b/src/dnsmasq.c
+@@ -248,7 +248,7 @@ int main (int argc, char **argv)
+ #endif
+ 
+ #if defined(HAVE_LINUX_NETWORK)  defined(HAVE_DHCP6)
+-  if (daemon-dhcp6)
++  if (daemon-doing_dhcp6)
+   bindtodevice(daemon-dhcp6fd);
+ #endif
+ }
+-- 
+1.8.3.2
+

Modified: PKGBUILD
===
--- PKGBUILD2013-07-07 17:49:46 UTC (rev 189770)
+++ PKGBUILD2013-07-07 19:07:29 UTC (rev 189771)
@@ -5,7 +5,7 @@
 
 pkgname=dnsmasq
 pkgver=2.66
-pkgrel=1
+pkgrel=2
 pkgdesc=Lightweight, easy to configure DNS forwarder and DHCP server
 url=http://www.thekelleys.org.uk/dnsmasq/doc.html;
 arch=('i686' 'x86_64')
@@ -15,15 +15,18 @@
 backup=('etc/dnsmasq.conf')
 source=(http://www.thekelleys.org.uk/$pkgname/$pkgname-$pkgver.tar.xz;
 '0001-Fix-wrong-size-in-memset-call.patch'
+'0001-Fix-failure-to-start-with-ENOTSOCK.patch'
 'dnsmasq.service')
 md5sums=('cd1c70dd66d2e3ad02b66ca6af4ebf20'
  '05ccefefde68ebdebce5e40d2b3c78be'
+ '98cc950a6b0482eb7e61969dafb4f764'
  '7ac45726cabef4145db40d758cc7fedf')
 
 prepare() {
   cd $pkgname-$pkgver
 
   patch -Np1 $srcdir/0001-Fix-wrong-size-in-memset-call.patch
+  patch -Np1 $srcdir/0001-Fix-failure-to-start-with-ENOTSOCK.patch
 }
 
 build() {

[arch-commits] Commit in dnsmasq/trunk (2 files)

[Dave Reisner]

Date: Thursday, April 18, 2013 @ 14:44:42
  Author: dreisner
Revision: 183175

upgpkg: dnsmasq 2.66-1

- backport fix for bug in ipset module
- build explicitly with flags
- remove bogus backup entry

Added:
  dnsmasq/trunk/0001-Fix-wrong-size-in-memset-call.patch
Modified:
  dnsmasq/trunk/PKGBUILD

--+
 0001-Fix-wrong-size-in-memset-call.patch |   26 ++
 PKGBUILD |   19 +--
 2 files changed, 39 insertions(+), 6 deletions(-)

Added: 0001-Fix-wrong-size-in-memset-call.patch
===
--- 0001-Fix-wrong-size-in-memset-call.patch(rev 0)
+++ 0001-Fix-wrong-size-in-memset-call.patch2013-04-18 12:44:42 UTC (rev 
183175)
@@ -0,0 +1,26 @@
+From 71aaad9f663efda7032e27c201a7025ff6332a2d Mon Sep 17 00:00:00 2001
+From: Simon Kelley si...@thekelleys.org.uk
+Date: Thu, 18 Apr 2013 09:47:49 +0100
+Subject: [PATCH] Fix wrong size in memset() call.
+
+Thanks to Dave Reisner.
+---
+ src/ipset.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/ipset.c b/src/ipset.c
+index a34ed96..f175fa4 100644
+--- a/src/ipset.c
 b/src/ipset.c
+@@ -110,7 +110,7 @@ static int new_add_to_ipset(const char *setname, const 
struct all_addr *ipaddr,
+   return -1;
+ }
+   
+-  memset(buffer, 0, sizeof(buffer));
++  memset(buffer, 0, BUFF_SZ);
+ 
+   nlh = (struct nlmsghdr *)buffer;
+   nlh-nlmsg_len = NL_ALIGN(sizeof(struct nlmsghdr));
+-- 
+1.8.2.1
+

Modified: PKGBUILD
===
--- PKGBUILD2013-04-18 12:38:02 UTC (rev 183174)
+++ PKGBUILD2013-04-18 12:44:42 UTC (rev 183175)
@@ -4,7 +4,7 @@
 # Contributor: Tom Newsom jeeps...@gmx.co.uk
 
 pkgname=dnsmasq
-pkgver=2.65
+pkgver=2.66
 pkgrel=1
 pkgdesc=Lightweight, easy to configure DNS forwarder and DHCP server
 url=http://www.thekelleys.org.uk/dnsmasq/doc.html;
@@ -12,13 +12,20 @@
 license=('GPL')
 depends=('glibc' 'dbus-core')
 install=$pkgname.install
-backup=('etc/dnsmasq.conf'
-'etc/conf.d/dnsmasq')
-source=(http://www.thekelleys.org.uk/$pkgname/$pkgname-$pkgver.tar.gz;
+backup=('etc/dnsmasq.conf')
+source=(http://www.thekelleys.org.uk/$pkgname/$pkgname-$pkgver.tar.xz;
+'0001-Fix-wrong-size-in-memset-call.patch'
 'dnsmasq.service')
-md5sums=('a91534a5d6f053d5c80f67ef502afa34'
+md5sums=('cd1c70dd66d2e3ad02b66ca6af4ebf20'
+ '05ccefefde68ebdebce5e40d2b3c78be'
  '7ac45726cabef4145db40d758cc7fedf')
 
+prepare() {
+  cd $pkgname-$pkgver
+
+  patch -Np1 $srcdir/0001-Fix-wrong-size-in-memset-call.patch
+}
+
 build() {
   cd $pkgname-$pkgver
 
@@ -26,7 +33,7 @@
   # compile time opts report properly on startup. yuck.
   sed -i '/^#ifdef DNSMASQ_COMPILE_OPTS/ i#define HAVE_DBUS' src/config.h
 
-  make
+  make CFLAGS=$CPPFLAGS $CFLAGS LDFLAGS=$LDFLAGS
 }
 
 package() {