webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

dnsmasq: Update to 2.76test13 with latest patches (001-006)

Browse Source 
Update from 'dnsmasq 2.76test10' to '2.76test13'

Includes latest patches (001-006) from upstream.

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Matthias Fischer
2016-05-05 19:54:42 +02:00
committed by Michael Tremer
parent 15f37d7738
commit 4d36732fe2
12 changed files with 904 additions and 579 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lfs/dnsmasq
View File

@@ -24,7 +24,7 @@
include Config
VER = 2.76test10
VER = 2.76test13
THISAPP = dnsmasq-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_MD5 = 4b51474ed6081b18c61407077f254cf7
$(DL_FILE)_MD5 = bb66cef5b41e0cddf8272b0911855568
install : $(TARGET)
@@ -73,11 +73,12 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/001-Add_TTL_parameter_to_--host-record_and_--cname.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/002-Add_--dhcp-ttl_option.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/003-Update_CHANGELOG.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/004-Add_--tftp-mtu_option.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/005-Apply_ceiling_of_lease_length_to_TTL_when_--dhcp-ttl_in_use.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/001-Debian_init_d_script_fix.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/002-Add_--help_to_manpage.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch
cd $(DIR_APP) && sed -i src/config.h \

265
src/patches/dnsmasq/001-Add_TTL_parameter_to_--host-record_and_--cname.patch
View File

@@ -1,265 +0,0 @@
From df3d54f776a3c9b60735b45c0b7fd88b66a2d5c4 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 24 Feb 2016 21:03:38 +0000
Subject: [PATCH] Add TTL parameter to --host-record and --cname.
---
man/dnsmasq.8 | 12 ++++++++++--
src/cache.c | 7 +++++++
src/dnsmasq.h | 2 ++
src/option.c | 46 ++++++++++++++++++++++++++++++++++++++--------
src/rfc1035.c | 6 +++++-
5 files changed, 62 insertions(+), 11 deletions(-)
diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
index b782eaf..7bc1394 100644
--- a/man/dnsmasq.8
+++ b/man/dnsmasq.8
@@ -529,7 +529,7 @@ zone files: the port, weight and priority numbers are in a different
order. More than one SRV record for a given service/domain is allowed,
all that match are returned.
.TP
-.B --host-record=<name>[,<name>....],[<IPv4-address>],[<IPv6-address>]
+.B --host-record=<name>[,<name>....],[<IPv4-address>],[<IPv6-address>][,<TTL>]
Add A, AAAA and PTR records to the DNS. This adds one or more names to
the DNS with associated IPv4 (A) and IPv6 (AAAA) records. A name may
appear in more than one
@@ -546,6 +546,10 @@ is in effect. Short and long names may appear in the same
.B host-record,
eg.
.B --host-record=laptop,laptop.thekelleys.org,192.168.0.1,1234::100
+
+If the time-to-live is given, it overrides the default, which is zero
+or the value of --local-ttl. The value is a positive integer and gives
+the time-to-live in seconds.
.TP
.B \-Y, --txt-record=<name>[[,<text>],<text>]
Return a TXT DNS record. The value of TXT record is a set of strings,
@@ -559,7 +563,7 @@ Return a PTR DNS record.
.B --naptr-record=<name>,<order>,<preference>,<flags>,<service>,<regexp>[,<replacement>]
Return an NAPTR DNS record, as specified in RFC3403.
.TP
-.B --cname=<cname>,<target>
+.B --cname=<cname>,<target>[,<TTL>]
Return a CNAME record which indicates that <cname> is really
<target>. There are significant limitations on the target; it must be a
DNS name which is known to dnsmasq from /etc/hosts (or additional
@@ -568,6 +572,10 @@ hosts files), from DHCP, from --interface-name or from another
If the target does not satisfy this
criteria, the whole cname is ignored. The cname must be unique, but it
is permissable to have more than one cname pointing to the same target.
+
+If the time-to-live is given, it overrides the default, which is zero
+or the value of -local-ttl. The value is a positive integer and gives
+the time-to-live in seconds.
.TP
.B --dns-rr=<name>,<RR-number>,[<hex data>]
Return an arbitrary DNS Resource Record. The number is the type of the
diff --git a/src/cache.c b/src/cache.c
index a9eaa65..4ecd535 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -778,6 +778,7 @@ static void add_hosts_cname(struct crec *target)
(crec = whine_malloc(sizeof(struct crec))))
{
crec->flags = F_FORWARD | F_IMMORTAL | F_NAMEP | F_CONFIG | F_CNAME;
+ crec->ttd = a->ttl;
crec->name.namep = a->alias;
crec->addr.cname.target.cache = target;
crec->addr.cname.uid = target->uid;
@@ -981,6 +982,7 @@ int read_hostsfile(char *filename, unsigned int index, int cache_size, struct cr
strcat(cache->name.sname, ".");
strcat(cache->name.sname, domain_suffix);
cache->flags = flags;
+ cache->ttd = daemon->local_ttl;
add_hosts_entry(cache, &addr, addrlen, index, rhash, hashsz);
name_count++;
}
@@ -988,6 +990,7 @@ int read_hostsfile(char *filename, unsigned int index, int cache_size, struct cr
{
strcpy(cache->name.sname, canon);
cache->flags = flags;
+ cache->ttd = daemon->local_ttl;
add_hosts_entry(cache, &addr, addrlen, index, rhash, hashsz);
name_count++;
}
@@ -1057,6 +1060,7 @@ void cache_reload(void)
((cache = whine_malloc(sizeof(struct crec)))))
{
cache->flags = F_FORWARD | F_NAMEP | F_CNAME | F_IMMORTAL | F_CONFIG;
+ cache->ttd = a->ttl;
cache->name.namep = a->alias;
cache->addr.cname.target.int_name = intr;
cache->addr.cname.uid = SRC_INTERFACE;
@@ -1071,6 +1075,7 @@ void cache_reload(void)
(cache->addr.ds.keydata = blockdata_alloc(ds->digest, ds->digestlen)))
{
cache->flags = F_FORWARD | F_IMMORTAL | F_DS | F_CONFIG | F_NAMEP;
+ cache->ttd = daemon->local_ttl;
cache->name.namep = ds->name;
cache->addr.ds.keylen = ds->digestlen;
cache->addr.ds.algo = ds->algo;
@@ -1095,6 +1100,7 @@ void cache_reload(void)
(cache = whine_malloc(sizeof(struct crec))))
{
cache->name.namep = nl->name;
+ cache->ttd = hr->ttl;
cache->flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV4 | F_NAMEP | F_CONFIG;
add_hosts_entry(cache, (struct all_addr *)&hr->addr, INADDRSZ, SRC_CONFIG, (struct crec **)daemon->packet, revhashsz);
}
@@ -1103,6 +1109,7 @@ void cache_reload(void)
(cache = whine_malloc(sizeof(struct crec))))
{
cache->name.namep = nl->name;
+ cache->ttd = hr->ttl;
cache->flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV6 | F_NAMEP | F_CONFIG;
add_hosts_entry(cache, (struct all_addr *)&hr->addr6, IN6ADDRSZ, SRC_CONFIG, (struct crec **)daemon->packet, revhashsz);
}
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index 6d1c5ae..6344df5 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -308,6 +308,7 @@ struct ptr_record {
};
struct cname {
+ int ttl;
char *alias, *target;
struct cname *next;
};
@@ -344,6 +345,7 @@ struct auth_zone {
struct host_record {
+ int ttl;
struct name_list {
char *name;
struct name_list *next;
diff --git a/src/option.c b/src/option.c
index c98bdc9..7c5e6bc 100644
--- a/src/option.c
+++ b/src/option.c
@@ -448,20 +448,20 @@ static struct {
{ LOPT_GEN_NAMES, ARG_DUP, "[=tag:<tag>]", gettext_noop("Generate hostnames based on MAC address for nameless clients."), NULL},
{ LOPT_PROXY, ARG_DUP, "[=<ipaddr>]...", gettext_noop("Use these DHCP relays as full proxies."), NULL },
{ LOPT_RELAY, ARG_DUP, "<local-addr>,<server>[,<interface>]", gettext_noop("Relay DHCP requests to a remote server"), NULL},
- { LOPT_CNAME, ARG_DUP, "<alias>,<target>", gettext_noop("Specify alias name for LOCAL DNS name."), NULL },
+ { LOPT_CNAME, ARG_DUP, "<alias>,<target>[,<ttl>]", gettext_noop("Specify alias name for LOCAL DNS name."), NULL },
{ LOPT_PXE_PROMT, ARG_DUP, "<prompt>,[<timeout>]", gettext_noop("Prompt to send to PXE clients."), NULL },
{ LOPT_PXE_SERV, ARG_DUP, "<service>", gettext_noop("Boot service for PXE menu."), NULL },
{ LOPT_TEST, 0, NULL, gettext_noop("Check configuration syntax."), NULL },
{ LOPT_ADD_MAC, ARG_DUP, "[=base64|text]", gettext_noop("Add requestor's MAC address to forwarded DNS queries."), NULL },
{ LOPT_ADD_SBNET, ARG_ONE, "<v4 pref>[,<v6 pref>]", gettext_noop("Add specified IP subnet to forwarded DNS queries."), NULL },
- { LOPT_CPE_ID, ARG_ONE, "<text>", gettext_noop("Add client identification to forwarded DNS queries."), NULL },
+ { LOPT_CPE_ID, ARG_ONE, "<text>", gettext_noop("Add client identification to forwarded DNS queries."), NULL },
{ LOPT_DNSSEC, OPT_DNSSEC_PROXY, NULL, gettext_noop("Proxy DNSSEC validation results from upstream nameservers."), NULL },
{ LOPT_INCR_ADDR, OPT_CONSEC_ADDR, NULL, gettext_noop("Attempt to allocate sequential IP addresses to DHCP clients."), NULL },
{ LOPT_CONNTRACK, OPT_CONNTRACK, NULL, gettext_noop("Copy connection-track mark from queries to upstream connections."), NULL },
{ LOPT_FQDN, OPT_FQDN_UPDATE, NULL, gettext_noop("Allow DHCP clients to do their own DDNS updates."), NULL },
{ LOPT_RA, OPT_RA, NULL, gettext_noop("Send router-advertisements for interfaces doing DHCPv6"), NULL },
{ LOPT_DUID, ARG_ONE, "<enterprise>,<duid>", gettext_noop("Specify DUID_EN-type DHCPv6 server DUID"), NULL },
- { LOPT_HOST_REC, ARG_DUP, "<name>,<address>", gettext_noop("Specify host (A/AAAA and PTR) records"), NULL },
+ { LOPT_HOST_REC, ARG_DUP, "<name>,<address>[,<ttl>]", gettext_noop("Specify host (A/AAAA and PTR) records"), NULL },
{ LOPT_RR, ARG_DUP, "<name>,<RR-number>,[<data>]", gettext_noop("Specify arbitrary DNS resource record"), NULL },
{ LOPT_CLVERBIND, OPT_CLEVERBIND, NULL, gettext_noop("Bind to interfaces in use - check for new interfaces"), NULL },
{ LOPT_AUTHSERV, ARG_ONE, "<NS>,<interface>", gettext_noop("Export local names to global DNS"), NULL },
@@ -3692,12 +3692,15 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
case LOPT_CNAME: /* --cname */
{
struct cname *new;
- char *alias;
- char *target;
+ char *alias, *target, *ttls;
+ int ttl = -1;
if (!(comma = split(arg)))
ret_err(gen_err);
+ if ((ttls = split(comma)) && !atoi_check(ttls, &ttl))
+ ret_err(_("bad TTL"));
+
alias = canonicalise_opt(arg);
target = canonicalise_opt(comma);
@@ -3713,6 +3716,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
daemon->cnames = new;
new->alias = alias;
new->target = target;
+ new->ttl = ttl;
}
break;
@@ -3913,14 +3917,22 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
{
struct host_record *new = opt_malloc(sizeof(struct host_record));
memset(new, 0, sizeof(struct host_record));
-
+ new->ttl = -1;
+
if (!arg || !(comma = split(arg)))
ret_err(_("Bad host-record"));
while (arg)
{
struct all_addr addr;
- if (inet_pton(AF_INET, arg, &addr))
+ char *dig;
+
+ for (dig = arg; *dig != 0; dig++)
+ if (*dig < '0' || *dig > '9')
+ break;
+ if (*dig == 0)
+ new->ttl = atoi(arg);
+ else if (inet_pton(AF_INET, arg, &addr))
new->addr = addr.addr.addr4;
#ifdef HAVE_IPV6
else if (inet_pton(AF_INET6, arg, &addr))
@@ -4601,7 +4613,25 @@ void read_opts(int argc, char **argv, char *compile_opts)
}
}
}
-
+
+ if (daemon->host_records)
+ {
+ struct host_record *hr;
+
+ for (hr = daemon->host_records; hr; hr = hr->next)
+ if (hr->ttl == -1)
+ hr->ttl = daemon->local_ttl;
+ }
+
+ if (daemon->cnames)
+ {
+ struct cname *cn;
+
+ for (cn = daemon->cnames; cn; cn = cn->next)
+ if (cn->ttl == -1)
+ cn->ttl = daemon->local_ttl;
+ }
+
if (daemon->if_addrs)
{
struct iname *tmp;
diff --git a/src/rfc1035.c b/src/rfc1035.c
index 9c0ddb5..3535a71 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1169,9 +1169,13 @@ static unsigned long crec_ttl(struct crec *crecp, time_t now)
/* Return 0 ttl for DHCP entries, which might change
before the lease expires. */
- if (crecp->flags & (F_IMMORTAL | F_DHCP))
+ if (crecp->flags & F_DHCP)
return daemon->local_ttl;
+ /* Immortal entries other than DHCP are local, and hold TTL in TTD field. */
+ if (crecp->flags & F_IMMORTAL)
+ return crecp->ttd;
+
/* Return the Max TTL value if it is lower then the actual TTL */
if (daemon->max_ttl == 0 || ((unsigned)(crecp->ttd - now) < daemon->max_ttl))
return crecp->ttd - now;
--
1.7.10.4

74
src/patches/dnsmasq/001-Debian_init_d_script_fix.patch Normal file
View File

@@ -0,0 +1,74 @@
From 332c41e2ff533649dc48b6bab00804d795f348f5 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sun, 1 May 2016 22:36:46 +0100
Subject: [PATCH] Debian init.d script fix.
---
debian/changelog | 8 +++++---
debian/init | 14 +++++++-------
2 files changed, 12 insertions(+), 10 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index e727406..8a0341c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,19 +3,21 @@ dnsmasq (2.76-1) unstable; urgency=low
* New upstream. (closes: #798586)
* Use /run/dnsmasq directly, rather than relying on link from /var/run
to avoid problems before /var is mounted. (closes: #800351)
-
+ * Test for the existance of /usr/share/doc/dnsmasq rather then
+ /etc/dnsmasq.d/README in the daemon startup script. (closes: #819856)
+
-- Simon Kelley <simon@thekelleys.org.uk> Thur, 10 Sep 2015 23:07:21 +0000
dnsmasq (2.75-1) unstable; urgency=low
* New upstream. (closes: #794095)
-
+
-- Simon Kelley <simon@thekelleys.org.uk> Thur, 30 Jul 2015 20:58:31 +0000
dnsmasq (2.74-1) unstable; urgency=low
* New upstream. (LP: #1468611)
-
+
-- Simon Kelley <simon@thekelleys.org.uk> Wed, 15 Jul 2015 21:54:11 +0000
dnsmasq (2.73-2) unstable; urgency=low
diff --git a/debian/init b/debian/init
index 6afe191..10b277c 100644
--- a/debian/init
+++ b/debian/init
@@ -8,7 +8,8 @@
# Description: DHCP and DNS server
### END INIT INFO
-set +e # Don't exit on error status
+# Don't exit on error status
+set +e
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/sbin/dnsmasq
@@ -29,12 +30,11 @@ if [ -r /etc/default/locale ]; then
export LANG
fi
-# /etc/dnsmasq.d/README is a non-conffile installed by the dnsmasq package.
-# Should the dnsmasq package be removed, the following test ensures that
-# the daemon is no longer started, even if the dnsmasq-base package is
-# still in place.
-test -e /etc/dnsmasq.d/README || exit 0
-
+# The following test ensures the dnsmasq service is not started, when the
+# package 'dnsmasq' is removed but not purged, even if the dnsmasq-base
+# package is still in place.
+test -d /usr/share/doc/dnsmasq || exit 0
+
test -x $DAEMON || exit 0
# Provide skeleton LSB log functions for backports which don't have LSB functions.
--
2.5.5

117
src/patches/dnsmasq/002-Add_--dhcp-ttl_option.patch
View File

@@ -1,117 +0,0 @@
From 832e47beab95c2918b5264f0504f2fe6fe523e4c Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 24 Feb 2016 21:24:45 +0000
Subject: [PATCH] Add --dhcp-ttl option.
---
man/dnsmasq.8 | 5 ++++-
src/dnsmasq.h | 2 +-
src/option.c | 13 +++++++++++--
src/rfc1035.c | 2 +-
4 files changed, 17 insertions(+), 5 deletions(-)
diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
index 7bc1394..2bcce20 100644
--- a/man/dnsmasq.8
+++ b/man/dnsmasq.8
@@ -60,7 +60,7 @@ in the same way as for DHCP-derived names. Note that this does not
apply to domain names in cnames, PTR records, TXT records etc.
.TP
.B \-T, --local-ttl=<time>
-When replying with information from /etc/hosts or the DHCP leases
+When replying with information from /etc/hosts or configuration or the DHCP leases
file dnsmasq by default sets the time-to-live field to zero, meaning
that the requester should not itself cache the information. This is
the correct thing to do in almost all situations. This option allows a
@@ -68,6 +68,9 @@ time-to-live (in seconds) to be given for these replies. This will
reduce the load on the server at the expense of clients using stale
data under some circumstances.
.TP
+.B --dhcp-ttl=<time>
+As for --local-ttl, but affects only replies with information from DHCP leases. If both are given, --dhcp-ttl applies for DHCP information, and --local-ttl for others. Setting this to zero eliminates the effect of --local-ttl for DHCP.
+.TP
.B --neg-ttl=<time>
Negative replies from upstream servers normally contain time-to-live
information in SOA records which dnsmasq uses for caching. If the
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index 6344df5..9f73c3b 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -955,7 +955,7 @@ extern struct daemon {
int max_logs; /* queue limit */
int cachesize, ftabsize;
int port, query_port, min_port, max_port;
- unsigned long local_ttl, neg_ttl, max_ttl, min_cache_ttl, max_cache_ttl, auth_ttl;
+ unsigned long local_ttl, neg_ttl, max_ttl, min_cache_ttl, max_cache_ttl, auth_ttl, dhcp_ttl, use_dhcp_ttl;
char *dns_client_id;
struct hostsfile *addn_hosts;
struct dhcp_context *dhcp, *dhcp6;
diff --git a/src/option.c b/src/option.c
index 7c5e6bc..3f6d162 100644
--- a/src/option.c
+++ b/src/option.c
@@ -157,6 +157,7 @@ struct myoption {
#define LOPT_MAXPORT 345
#define LOPT_CPE_ID 346
#define LOPT_SCRIPT_ARP 347
+#define LOPT_DHCPTTL 348
#ifdef HAVE_GETOPT_LONG
static const struct option opts[] =
@@ -319,6 +320,7 @@ static const struct myoption opts[] =
{ "quiet-ra", 0, 0, LOPT_QUIET_RA },
{ "dns-loop-detect", 0, 0, LOPT_LOOP_DETECT },
{ "script-arp", 0, 0, LOPT_SCRIPT_ARP },
+ { "dhcp-ttl", 1, 0 , LOPT_DHCPTTL },
{ NULL, 0, 0, 0 }
};
@@ -485,9 +487,10 @@ static struct {
{ LOPT_QUIET_DHCP, OPT_QUIET_DHCP, NULL, gettext_noop("Do not log routine DHCP."), NULL },
{ LOPT_QUIET_DHCP6, OPT_QUIET_DHCP6, NULL, gettext_noop("Do not log routine DHCPv6."), NULL },
{ LOPT_QUIET_RA, OPT_QUIET_RA, NULL, gettext_noop("Do not log RA."), NULL },
- { LOPT_LOCAL_SERVICE, OPT_LOCAL_SERVICE, NULL, gettext_noop("Accept queries only from directly-connected networks"), NULL },
- { LOPT_LOOP_DETECT, OPT_LOOP_DETECT, NULL, gettext_noop("Detect and remove DNS forwarding loops"), NULL },
+ { LOPT_LOCAL_SERVICE, OPT_LOCAL_SERVICE, NULL, gettext_noop("Accept queries only from directly-connected networks."), NULL },
+ { LOPT_LOOP_DETECT, OPT_LOOP_DETECT, NULL, gettext_noop("Detect and remove DNS forwarding loops."), NULL },
{ LOPT_IGNORE_ADDR, ARG_DUP, "<ipaddr>", gettext_noop("Ignore DNS responses containing ipaddr."), NULL },
+ { LOPT_DHCPTTL, ARG_ONE, "<ttl>", gettext_noop("Set TTL in DNS responses with DHCP-derived addresses."), NULL },
{ 0, 0, NULL, NULL, NULL }
};
@@ -2580,6 +2583,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
case LOPT_MINCTTL: /* --min-cache-ttl */
case LOPT_MAXCTTL: /* --max-cache-ttl */
case LOPT_AUTHTTL: /* --auth-ttl */
+ case LOPT_DHCPTTL: /* --dhcp-ttl */
{
int ttl;
if (!atoi_check(arg, &ttl))
@@ -2598,6 +2602,11 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
daemon->max_cache_ttl = (unsigned long)ttl;
else if (option == LOPT_AUTHTTL)
daemon->auth_ttl = (unsigned long)ttl;
+ else if (option == LOPT_DHCPTTL)
+ {
+ daemon->dhcp_ttl = (unsigned long)ttl;
+ daemon->use_dhcp_ttl = 1;
+ }
else
daemon->local_ttl = (unsigned long)ttl;
break;
diff --git a/src/rfc1035.c b/src/rfc1035.c
index 3535a71..8f1e3b4 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1170,7 +1170,7 @@ static unsigned long crec_ttl(struct crec *crecp, time_t now)
before the lease expires. */
if (crecp->flags & F_DHCP)
- return daemon->local_ttl;
+ return daemon->use_dhcp_ttl ? daemon->dhcp_ttl : daemon->local_ttl;
/* Immortal entries other than DHCP are local, and hold TTL in TTD field. */
if (crecp->flags & F_IMMORTAL)
--
1.7.10.4

66
src/patches/dnsmasq/002-Add_--help_to_manpage.patch Normal file
View File

@@ -0,0 +1,66 @@
From 09217a1a874c654bfd4d29a1097f44435b4c632d Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 3 May 2016 17:04:35 +0100
Subject: [PATCH] Add --help to manpage .
---
debian/changelog | 1 +
man/dnsmasq.8 | 9 ++++++++-
src/option.c | 2 +-
3 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 8a0341c..e028f57 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,7 @@ dnsmasq (2.76-1) unstable; urgency=low
to avoid problems before /var is mounted. (closes: #800351)
* Test for the existance of /usr/share/doc/dnsmasq rather then
/etc/dnsmasq.d/README in the daemon startup script. (closes: #819856)
+ * Add --help to manpage and mention dhcp6 in summary. (closes: #821226)
-- Simon Kelley <simon@thekelleys.org.uk> Thur, 10 Sep 2015 23:07:21 +0000
diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
index fd4b7c5..dacd9ce 100644
--- a/man/dnsmasq.8
+++ b/man/dnsmasq.8
@@ -42,6 +42,13 @@ the configuration file.
Read and syntax check configuration file(s). Exit with code 0 if all
is OK, or a non-zero code otherwise. Do not start up dnsmasq.
.TP
+.B \-w, --help
+Display all command-line options.
+.B --help dhcp
+will display known DHCPv4 configuration options, and
+.B --help dhcp6
+will display DHCPv6 options.
+.TP
.B \-h, --no-hosts
Don't read the hostnames in /etc/hosts.
.TP
@@ -317,7 +324,7 @@ instead of the correct NXDOMAIN response. This option tells dnsmasq to
fake the correct response when it sees this behaviour. As at Sept 2003
the IP address being returned by Verisign is 64.94.110.11
.TP
-.B \-B, --ignore-address=<ipaddr>
+.B --ignore-address=<ipaddr>
Ignore replies to A-record queries which include the specified address.
No error is generated, dnsmasq simply continues to listen for another reply.
This is useful to defeat blocking strategies which rely on quickly supplying a
diff --git a/src/option.c b/src/option.c
index c66f401..0b35500 100644
--- a/src/option.c
+++ b/src/option.c
@@ -402,7 +402,7 @@ static struct {
{ 'v', 0, NULL, gettext_noop("Display dnsmasq version and copyright information."), NULL },
{ 'V', ARG_DUP, "<ipaddr>,<ipaddr>,<netmask>", gettext_noop("Translate IPv4 addresses from upstream servers."), NULL },
{ 'W', ARG_DUP, "<name>,<target>,...", gettext_noop("Specify a SRV record."), NULL },
- { 'w', 0, NULL, gettext_noop("Display this message. Use --help dhcp for known DHCP options."), NULL },
+ { 'w', 0, NULL, gettext_noop("Display this message. Use --help dhcp or --help dhcp6 for known DHCP options."), NULL },
{ 'x', ARG_ONE, "<path>", gettext_noop("Specify path of PID file (defaults to %s)."), RUNFILE },
{ 'X', ARG_ONE, "<integer>", gettext_noop("Specify maximum number of DHCP leases (defaults to %s)."), "&" },
{ 'y', OPT_LOCALISE, NULL, gettext_noop("Answer DNS queries based on the interface a query was sent to."), NULL },
--
2.5.5

73
src/patches/dnsmasq/003-Move_dhcp_release_and_dhcp_lease_time_to_contrib_lease_tools.patch Normal file
View File

@@ -0,0 +1,73 @@
From c6cdf6bbee27d1127847ce7bdff2a22a785f9723 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 3 May 2016 21:14:14 +0100
Subject: [PATCH] Move dhcp_release and dhcp_lease_time to contrib/lease_tools.
---
contrib/{wrt => lease-tools}/Makefile | 0
contrib/{wrt => lease-tools}/dhcp_lease_time.1 | 0
contrib/{wrt => lease-tools}/dhcp_lease_time.c | 0
contrib/{wrt => lease-tools}/dhcp_release.1 | 0
contrib/{wrt => lease-tools}/dhcp_release.c | 0
debian/rules | 12 ++++++------
6 files changed, 6 insertions(+), 6 deletions(-)
rename contrib/{wrt => lease-tools}/Makefile (100%)
rename contrib/{wrt => lease-tools}/dhcp_lease_time.1 (100%)
rename contrib/{wrt => lease-tools}/dhcp_lease_time.c (100%)
rename contrib/{wrt => lease-tools}/dhcp_release.1 (100%)
rename contrib/{wrt => lease-tools}/dhcp_release.c (100%)
diff --git a/contrib/wrt/Makefile b/contrib/lease-tools/Makefile
similarity index 100%
rename from contrib/wrt/Makefile
rename to contrib/lease-tools/Makefile
diff --git a/contrib/wrt/dhcp_lease_time.1 b/contrib/lease-tools/dhcp_lease_time.1
similarity index 100%
rename from contrib/wrt/dhcp_lease_time.1
rename to contrib/lease-tools/dhcp_lease_time.1
diff --git a/contrib/wrt/dhcp_lease_time.c b/contrib/lease-tools/dhcp_lease_time.c
similarity index 100%
rename from contrib/wrt/dhcp_lease_time.c
rename to contrib/lease-tools/dhcp_lease_time.c
diff --git a/contrib/wrt/dhcp_release.1 b/contrib/lease-tools/dhcp_release.1
similarity index 100%
rename from contrib/wrt/dhcp_release.1
rename to contrib/lease-tools/dhcp_release.1
diff --git a/contrib/wrt/dhcp_release.c b/contrib/lease-tools/dhcp_release.c
similarity index 100%
rename from contrib/wrt/dhcp_release.c
rename to contrib/lease-tools/dhcp_release.c
diff --git a/debian/rules b/debian/rules
index 8612092..193b30c 100755
--- a/debian/rules
+++ b/debian/rules
@@ -93,7 +93,7 @@ clean:
$(checkdir)
rm -rf debian/daemon debian/base debian/utils debian/*~ debian/files debian/substvars debian/utils-substvars
make clean
- make -C contrib/wrt clean
+ make -C contrib/lease-tools clean
binary-indep: checkroot
$(checkdir)
@@ -184,12 +184,12 @@ ifeq ($(DEB_HOST_ARCH_OS),linux)
-d debian/utils/usr/share/man/man1 \
-d debian/utils/usr/bin \
-d debian/utils/usr/share/doc/dnsmasq-utils
- make -C contrib/wrt PREFIX=/usr DESTDIR=`pwd`/debian/utils CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" COPTS="$(DEB_COPTS)" CC=gcc
- install -m 755 contrib/wrt/dhcp_release debian/utils/usr/bin/dhcp_release
- install -m 644 contrib/wrt/dhcp_release.1 debian/utils/usr/share/man/man1/dhcp_release.1
+ make -C contrib/lease-tools PREFIX=/usr DESTDIR=`pwd`/debian/utils CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" COPTS="$(DEB_COPTS)" CC=gcc
+ install -m 755 contrib/lease-tools/dhcp_release debian/utils/usr/bin/dhcp_release
+ install -m 644 contrib/lease-tools/dhcp_release.1 debian/utils/usr/share/man/man1/dhcp_release.1
gzip -9n debian/utils/usr/share/man/man1/dhcp_release.1
- install -m 755 contrib/wrt/dhcp_lease_time debian/utils/usr/bin/dhcp_lease_time
- install -m 644 contrib/wrt/dhcp_lease_time.1 debian/utils/usr/share/man/man1/dhcp_lease_time.1
+ install -m 755 contrib/lease-tools/dhcp_lease_time debian/utils/usr/bin/dhcp_lease_time
+ install -m 644 contrib/lease-tools/dhcp_lease_time.1 debian/utils/usr/share/man/man1/dhcp_lease_time.1
install -m 644 debian/copyright debian/utils/usr/share/doc/dnsmasq-utils/copyright
install -m 644 debian/changelog debian/utils/usr/share/doc/dnsmasq-utils/changelog.Debian
gzip -9n debian/utils/usr/share/doc/dnsmasq-utils/changelog.Debian
--
2.5.5

17
src/patches/dnsmasq/003-Update_CHANGELOG.patch
View File

@@ -1,17 +0,0 @@
X-Git-Url: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blobdiff_plain;f=CHANGELOG;h=6d9ba490488f80ef565f459cef3c110bdf31212c;hp=14354f2506a7fbf8360cd32c96e1d7ce1bfeb3f9;hb=e06e6e34bffd781b7cefa49b25fb8ae863654ca2;hpb=832e47beab95c2918b5264f0504f2fe6fe523e4c
diff --git a/CHANGELOG b/CHANGELOG
index 14354f2..6d9ba49 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -48,6 +48,10 @@ version 2.76
(ie xx::0 to xx::ffff:ffff:ffff:ffff)
Thanks to Laurent Bendel for spotting this problem.
+ Add support for a TTL parameter in --host-record and
+ --cname.
+
+ Add --dhcp-ttl option.
version 2.75
Fix reversion on 2.74 which caused 100% CPU use when a

136
src/patches/dnsmasq/004-Add_--tftp-mtu_option.patch
View File

@@ -1,136 +0,0 @@
From bec366b4041df72b559e713f1c924177676e6eb0 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 24 Feb 2016 22:03:26 +0000
Subject: [PATCH] Add --tftp-mtu option.
---
CHANGELOG | 4 ++++
man/dnsmasq.8 | 4 ++++
src/dnsmasq.h | 2 +-
src/option.c | 10 +++++++++-
src/tftp.c | 14 ++++++++++++--
5 files changed, 30 insertions(+), 4 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index 6d9ba49..9218b8c 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -53,6 +53,10 @@ version 2.76
Add --dhcp-ttl option.
+ Add --tftp-mtu option. Thanks to Patrick McLean for the
+ initial patch.
+
+
version 2.75
Fix reversion on 2.74 which caused 100% CPU use when a
dhcp-script is configured. Thanks to Adrian Davey for
diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
index 2bcce20..3cf48cd 100644
--- a/man/dnsmasq.8
+++ b/man/dnsmasq.8
@@ -1810,6 +1810,10 @@ require about (2*n) + 10 descriptors. If
.B --tftp-port-range
is given, that can affect the number of concurrent connections.
.TP
+.B --tftp-mtu=<mtu size>
+Use size as the ceiling of the MTU supported by the intervening network when
+negotiating TFTP blocksize, overriding the MTU setting of the local interface if it is larger.
+.TP
.B --tftp-no-blocksize
Stop the TFTP server from negotiating the "blocksize" option with a
client. Some buggy clients request this option but then behave badly
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index 9f73c3b..280ad9d 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -975,7 +975,7 @@ extern struct daemon {
struct dhcp_netid_list *dhcp_ignore, *dhcp_ignore_names, *dhcp_gen_names;
struct dhcp_netid_list *force_broadcast, *bootp_dynamic;
struct hostsfile *dhcp_hosts_file, *dhcp_opts_file, *dynamic_dirs;
- int dhcp_max, tftp_max;
+ int dhcp_max, tftp_max, tftp_mtu;
int dhcp_server_port, dhcp_client_port;
int start_tftp_port, end_tftp_port;
unsigned int min_leasetime;
diff --git a/src/option.c b/src/option.c
index 3f6d162..765965f 100644
--- a/src/option.c
+++ b/src/option.c
@@ -158,7 +158,8 @@ struct myoption {
#define LOPT_CPE_ID 346
#define LOPT_SCRIPT_ARP 347
#define LOPT_DHCPTTL 348
-
+#define LOPT_TFTP_MTU 349
+
#ifdef HAVE_GETOPT_LONG
static const struct option opts[] =
#else
@@ -244,6 +245,7 @@ static const struct myoption opts[] =
{ "tftp-unique-root", 0, 0, LOPT_APREF },
{ "tftp-root", 1, 0, LOPT_PREFIX },
{ "tftp-max", 1, 0, LOPT_TFTP_MAX },
+ { "tftp-mtu", 1, 0, LOPT_TFTP_MTU },
{ "tftp-lowercase", 0, 0, LOPT_TFTP_LC },
{ "ptr-record", 1, 0, LOPT_PTR },
{ "naptr-record", 1, 0, LOPT_NAPTR },
@@ -432,6 +434,7 @@ static struct {
{ LOPT_SECURE, OPT_TFTP_SECURE, NULL, gettext_noop("Allow access only to files owned by the user running dnsmasq."), NULL },
{ LOPT_TFTP_NO_FAIL, OPT_TFTP_NO_FAIL, NULL, gettext_noop("Do not terminate the service if TFTP directories are inaccessible."), NULL },
{ LOPT_TFTP_MAX, ARG_ONE, "<integer>", gettext_noop("Maximum number of conncurrent TFTP transfers (defaults to %s)."), "#" },
+ { LOPT_TFTP_MTU, ARG_ONE, "<integer>", gettext_noop("Maximum MTU to use for TFTP transfers."), NULL },
{ LOPT_NOBLOCK, OPT_TFTP_NOBLOCK, NULL, gettext_noop("Disable the TFTP blocksize extension."), NULL },
{ LOPT_TFTP_LC, OPT_TFTP_LC, NULL, gettext_noop("Convert TFTP filenames to lowercase"), NULL },
{ LOPT_TFTPPORTS, ARG_ONE, "<start>,<end>", gettext_noop("Ephemeral port range for use by TFTP transfers."), NULL },
@@ -2625,6 +2628,11 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
ret_err(gen_err);
break;
+ case LOPT_TFTP_MTU: /* --tftp-mtu */
+ if (!atoi_check(arg, &daemon->tftp_mtu))
+ ret_err(gen_err);
+ break;
+
case LOPT_PREFIX: /* --tftp-prefix */
comma = split(arg);
if (comma)
diff --git a/src/tftp.c b/src/tftp.c
index 00ed2fc..dc4aa85 100644
--- a/src/tftp.c
+++ b/src/tftp.c
@@ -103,8 +103,10 @@ void tftp_request(struct listener *listen, time_t now)
if (listen->iface)
{
addr = listen->iface->addr;
- mtu = listen->iface->mtu;
name = listen->iface->name;
+ mtu = listen->iface->mtu;
+ if (daemon->tftp_mtu != 0 && daemon->tftp_mtu < mtu)
+ mtu = daemon->tftp_mtu;
}
else
{
@@ -234,9 +236,17 @@ void tftp_request(struct listener *listen, time_t now)
strncpy(ifr.ifr_name, name, IF_NAMESIZE);
if (ioctl(listen->tftpfd, SIOCGIFMTU, &ifr) != -1)
- mtu = ifr.ifr_mtu;
+ {
+ mtu = ifr.ifr_mtu;
+ if (daemon->tftp_mtu != 0 && daemon->tftp_mtu < mtu)
+ mtu = daemon->tftp_mtu;
+ }
}
+ /* Failed to get interface mtu - can use configured value. */
+ if (mtu == 0)
+ mtu = daemon->tftp_mtu;
+
if (name)
{
/* check for per-interface prefix */
--
1.7.10.4

528
src/patches/dnsmasq/004-Add_contrib_lease-tools_dhcp_release6.patch Normal file
View File

@@ -0,0 +1,528 @@
From 69cbf78bb676e493f0a4cd6dc7ffec0fcafafed5 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 3 May 2016 21:33:38 +0100
Subject: [PATCH] Add contrib/lease-tools/dhcp_release6
---
CHANGELOG | 6 +
contrib/lease-tools/Makefile | 4 +-
contrib/lease-tools/dhcp_release6.1 | 38 ++++
contrib/lease-tools/dhcp_release6.c | 416 ++++++++++++++++++++++++++++++++++++
debian/rules | 3 +
5 files changed, 465 insertions(+), 2 deletions(-)
create mode 100644 contrib/lease-tools/dhcp_release6.1
create mode 100644 contrib/lease-tools/dhcp_release6.c
diff --git a/CHANGELOG b/CHANGELOG
index aa53fba..7d4a061 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -65,6 +65,12 @@ version 2.76
--servers-file to define upstream DNS servers. Thanks to
Scott Bonar for the bug report.
+ Move the dhcp_release and dhcp_lease_time tools from
+ contrib/wrt to contrib/lease-tools.
+
+ Add dhcp_release6 to contrib/lease-tools. Many thanks
+ to Sergey Nechaev for this code.
+
version 2.75
Fix reversion on 2.74 which caused 100% CPU use when a
diff --git a/contrib/lease-tools/Makefile b/contrib/lease-tools/Makefile
index 68e8d32..f38f2ed 100644
--- a/contrib/lease-tools/Makefile
+++ b/contrib/lease-tools/Makefile
@@ -1,6 +1,6 @@
CFLAGS?= -O2 -Wall -W
-all: dhcp_release dhcp_lease_time
+all: dhcp_release dhcp_release6 dhcp_lease_time
clean:
- rm -f *~ *.o core dhcp_release dhcp_lease_time
+ rm -f *~ *.o core dhcp_release dhcp_release6 dhcp_lease_time
diff --git a/contrib/lease-tools/dhcp_release6.1 b/contrib/lease-tools/dhcp_release6.1
new file mode 100644
index 0000000..763e01c
--- /dev/null
+++ b/contrib/lease-tools/dhcp_release6.1
@@ -0,0 +1,38 @@
+.TH DHCP_RELEASE 1
+.SH NAME
+dhcp_release6 \- Release a DHCPv6 lease on a the local dnsmasq DHCP server.
+.SH SYNOPSIS
+.B dhcp_release6 --iface <interface> --client-id <client-id> --server-id
+server-id --iaid <iaid> --ip <IP> [--dry-run] [--help]
+.SH "DESCRIPTION"
+A utility which forces the DHCP server running on this machine to release a
+DHCPv6 lease.
+.SS OPTIONS
+.IP "-a, --ip"
+IPv6 address to release.
+.IP "-c, --client-id"
+Colon-separated hex string representing DHCPv6 client id. Normally
+it can be found in leases file both on client and server.
+.IP "-d, --dry-run"
+Print hexadecimal representation of generated DHCPv6 release packet to standard
+output and exit.
+.IP "-h, --help"
+print usage information to standard output and exit.
+.IP "-i, --iaid"
+Decimal representation of DHCPv6 IAID. Normally it can be found in leases file
+both on client and server.
+.IP "-n, --iface"
+Network interface to send a DHCPv6 release packet from.
+.IP "-s, --server-id"
+Colon-separated hex string representing DHCPv6 server id. Normally
+it can be found in leases file both on client and server.
+.SH NOTES
+MUST be run as root - will fail otherwise.
+.SH LIMITATIONS
+Only usable on IPv6 DHCP leases.
+.SH SEE ALSO
+.BR dnsmasq (8)
+.SH AUTHOR
+This manual page was written by Simon Kelley <simon@thekelleys.org.uk>.
+
+
diff --git a/contrib/lease-tools/dhcp_release6.c b/contrib/lease-tools/dhcp_release6.c
new file mode 100644
index 0000000..74fb26a
--- /dev/null
+++ b/contrib/lease-tools/dhcp_release6.c
@@ -0,0 +1,416 @@
+/*
+ dhcp_release6 --iface <interface> --client-id <client-id> --server-id
+ server-id --iaid <iaid> --ip <IP> [--dry-run] [--help]
+ MUST be run as root - will fail othewise
+ */
+
+/* Send a DHCPRELEASE message to IPv6 multicast address via the specified interface
+ to tell the local DHCP server to delete a particular lease.
+
+ The interface argument is the interface in which a DHCP
+ request _would_ be received if it was coming from the client,
+ rather than being faked up here.
+
+ The client-id argument is colon-separated hex string and mandatory. Normally
+ it can be found in leases file both on client and server
+
+ The server-id argument is colon-separated hex string and mandatory. Normally
+ it can be found in leases file both on client and server.
+
+ The iaid argument is numeric string and mandatory. Normally
+ it can be found in leases file both on client and server.
+
+ IP is an IPv6 adress to release
+
+ If --dry-run is specified, dhcp_release6 just prints hexadecimal represantation of
+ packet to send to stdout and exits.
+
+ If --help is specified, dhcp_release6 print usage information to stdout and exits
+
+
+
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <strings.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <getopt.h>
+#include <errno.h>
+#include <unistd.h>
+
+#define NOT_REPLY_CODE 115
+typedef unsigned char u8;
+typedef unsigned short u16;
+typedef unsigned int u32;
+
+enum DHCP6_TYPES{
+ SOLICIT = 1,
+ ADVERTISE = 2,
+ REQUEST = 3,
+ CONFIRM = 4,
+ RENEW = 5,
+ REBIND = 6,
+ REPLY = 7,
+ RELEASE = 8,
+ DECLINE = 9,
+ RECONFIGURE = 10,
+ INFORMATION_REQUEST = 11,
+ RELAY_FORW = 12,
+ RELAY_REPL = 13
+
+};
+enum DHCP6_OPTIONS{
+ CLIENTID = 1,
+ SERVERID = 2,
+ IA_NA = 3,
+ IA_TA = 4,
+ IAADDR = 5,
+ ORO = 6,
+ PREFERENCE = 7,
+ ELAPSED_TIME = 8,
+ RELAY_MSG = 9,
+ AUTH = 11,
+ UNICAST = 12,
+ STATUS_CODE = 13,
+ RAPID_COMMIT = 14,
+ USER_CLASS = 15,
+ VENDOR_CLASS = 16,
+ VENDOR_OPTS = 17,
+ INTERFACE_ID = 18,
+ RECONF_MSG = 19,
+ RECONF_ACCEPT = 20,
+};
+
+enum DHCP6_STATUSES{
+ SUCCESS = 0,
+ UNSPEC_FAIL = 1,
+ NOADDR_AVAIL=2,
+ NO_BINDING = 3,
+ NOT_ON_LINK = 4,
+ USE_MULTICAST =5
+};
+static struct option longopts[] = {
+ {"ip", required_argument, 0, 'a'},
+ {"server-id", required_argument, 0, 's'},
+ {"client-id", required_argument, 0, 'c'},
+ {"iface", required_argument, 0, 'n'},
+ {"iaid", required_argument, 0, 'i'},
+ {"dry-run", no_argument, 0, 'd'},
+ {"help", no_argument, 0, 'h'},
+ {0, 0, 0, 0}
+};
+
+const short DHCP6_CLIENT_PORT = 546;
+const short DHCP6_SERVER_PORT = 547;
+
+const char* DHCP6_MULTICAST_ADDRESS = "ff02::1:2";
+
+struct dhcp6_option{
+ uint16_t type;
+ uint16_t len;
+ char value[1024];
+};
+
+struct dhcp6_iaaddr_option{
+ uint16_t type;
+ uint16_t len;
+ struct in6_addr ip;
+ uint32_t preferred_lifetime;
+ uint32_t valid_lifetime;
+
+
+};
+
+struct dhcp6_iana_option{
+ uint16_t type;
+ uint16_t len;
+ uint32_t iaid;
+ uint32_t t1;
+ uint32_t t2;
+ char options[1024];
+};
+
+
+struct dhcp6_packet{
+ size_t len;
+ char buf[2048];
+
+} ;
+
+size_t pack_duid(const char* str, char* dst){
+
+ char* tmp = strdup(str);
+ char* tmp_to_free = tmp;
+ char *ptr;
+ uint8_t write_pos = 0;
+ while ((ptr = strtok (tmp, ":"))) {
+ dst[write_pos] = (uint8_t) strtol(ptr, NULL, 16);
+ write_pos += 1;
+ tmp = NULL;
+
+ }
+ free(tmp_to_free);
+ return write_pos;
+}
+
+struct dhcp6_option create_client_id_option(const char* duid){
+ struct dhcp6_option option;
+ option.type = htons(CLIENTID);
+ bzero(option.value, sizeof(option.value));
+ option.len = htons(pack_duid(duid, option.value));
+ return option;
+}
+
+struct dhcp6_option create_server_id_option(const char* duid){
+ struct dhcp6_option option;
+ option.type = htons(SERVERID);
+ bzero(option.value, sizeof(option.value));
+ option.len = htons(pack_duid(duid, option.value));
+ return option;
+}
+
+struct dhcp6_iaaddr_option create_iaadr_option(const char* ip){
+ struct dhcp6_iaaddr_option result;
+ result.type =htons(IAADDR);
+ /* no suboptions needed here, so length is 24 */
+ result.len = htons(24);
+ result.preferred_lifetime = 0;
+ result.valid_lifetime = 0;
+ int s = inet_pton(AF_INET6, ip, &(result.ip));
+ if (s <= 0) {
+ if (s == 0)
+ fprintf(stderr, "Not in presentation format");
+ else
+ perror("inet_pton");
+ exit(EXIT_FAILURE);
+ }
+ return result;
+}
+struct dhcp6_iana_option create_iana_option(const char * iaid, struct dhcp6_iaaddr_option ia_addr){
+ struct dhcp6_iana_option result;
+ result.type = htons(IA_NA);
+ result.iaid = htonl(atoi(iaid));
+ result.t1 = 0;
+ result.t2 = 0;
+ result.len = htons(12 + ntohs(ia_addr.len) + 2 * sizeof(uint16_t));
+ memcpy(result.options, &ia_addr, ntohs(ia_addr.len) + 2 * sizeof(uint16_t));
+ return result;
+}
+
+struct dhcp6_packet create_release_packet(const char* iaid, const char* ip, const char* client_id, const char* server_id){
+ struct dhcp6_packet result;
+ bzero(result.buf, sizeof(result.buf));
+ /* message_type */
+ result.buf[0] = RELEASE;
+ /* tx_id */
+ bzero(result.buf+1, 3);
+
+ struct dhcp6_option client_option = create_client_id_option(client_id);
+ struct dhcp6_option server_option = create_server_id_option(server_id);
+ struct dhcp6_iaaddr_option iaaddr_option = create_iaadr_option(ip);
+ struct dhcp6_iana_option iana_option = create_iana_option(iaid, iaaddr_option);
+ int offset = 4;
+ memcpy(result.buf + offset, &client_option, ntohs(client_option.len) + 2*sizeof(uint16_t));
+ offset += (ntohs(client_option.len)+ 2 *sizeof(uint16_t) );
+ memcpy(result.buf + offset, &server_option, ntohs(server_option.len) + 2*sizeof(uint16_t) );
+ offset += (ntohs(server_option.len)+ 2* sizeof(uint16_t));
+ memcpy(result.buf + offset, &iana_option, ntohs(iana_option.len) + 2*sizeof(uint16_t) );
+ offset += (ntohs(iana_option.len)+ 2* sizeof(uint16_t));
+ result.len = offset;
+ return result;
+}
+
+uint16_t parse_iana_suboption(char* buf, size_t len){
+ size_t current_pos = 0;
+ char option_value[1024];
+ while (current_pos < len) {
+ uint16_t option_type, option_len;
+ memcpy(&option_type,buf + current_pos, sizeof(uint16_t));
+ memcpy(&option_len,buf + current_pos + sizeof(uint16_t), sizeof(uint16_t));
+ option_type = ntohs(option_type);
+ option_len = ntohs(option_len);
+ current_pos += 2 * sizeof(uint16_t);
+ if (option_type == STATUS_CODE){
+ uint16_t status;
+ memcpy(&status, buf + current_pos, sizeof(uint16_t));
+ status = ntohs(status);
+ if (status != SUCCESS){
+ memcpy(option_value, buf + current_pos + sizeof(uint16_t) , option_len - sizeof(uint16_t));
+ option_value[option_len-sizeof(uint16_t)] ='\0';
+ fprintf(stderr, "Error: %s\n", option_value);
+ }
+ return status;
+ }
+ }
+ return -2;
+}
+
+int16_t parse_packet(char* buf, size_t len){
+ uint8_t type = buf[0];
+ /*skipping tx id. you need it, uncomment following line
+ uint16_t tx_id = ntohs((buf[1] <<16) + (buf[2] <<8) + buf[3]);
+ */
+ size_t current_pos = 4;
+ if (type != REPLY ){
+ return NOT_REPLY_CODE;
+ }
+ char option_value[1024];
+ while (current_pos < len) {
+ uint16_t option_type, option_len;
+ memcpy(&option_type,buf + current_pos, sizeof(uint16_t));
+ memcpy(&option_len,buf + current_pos + sizeof(uint16_t), sizeof(uint16_t));
+ option_type = ntohs(option_type);
+ option_len = ntohs(option_len);
+ current_pos += 2 * sizeof(uint16_t);
+ if (option_type == STATUS_CODE){
+ uint16_t status;
+ memcpy(&status, buf + current_pos, sizeof(uint16_t));
+ status = ntohs(status);
+ if (status != SUCCESS){
+ memcpy(option_value, buf + current_pos +sizeof(uint16_t) , option_len -sizeof(uint16_t));
+ fprintf(stderr, "Error: %d %s\n", status, option_value);
+ return status;
+ }
+
+ }
+ if (option_type == IA_NA ){
+ uint16_t result = parse_iana_suboption(buf + current_pos +24, option_len -24);
+ if (result){
+ return result;
+ }
+ }
+ current_pos += option_len;
+
+ }
+ return -1;
+}
+
+void usage(const char* arg, FILE* stream){
+ const char* usage_string ="--ip IPv6 --iface IFACE --server-id SERVER_ID --client-id CLIENT_ID --iaid IAID [--dry-run] | --help";
+ fprintf (stream, "Usage: %s %s\n", arg, usage_string);
+
+}
+
+int send_release_packet(const char* iface, struct dhcp6_packet* packet){
+
+ struct sockaddr_in6 server_addr, client_addr;
+ char response[1400];
+ int sock = socket(PF_INET6, SOCK_DGRAM, 0);
+ int i = 0;
+ if (sock < 0) {
+ perror("creating socket");
+ return -1;
+ }
+ if (setsockopt(sock, SOL_SOCKET, 25, iface, strlen(iface)) == -1) {
+ perror("SO_BINDTODEVICE");
+ close(sock);
+ return -1;
+ }
+ memset(&server_addr, 0, sizeof(server_addr));
+ server_addr.sin6_family = AF_INET6;
+ client_addr.sin6_family = AF_INET6;
+ client_addr.sin6_port = htons(DHCP6_CLIENT_PORT);
+ client_addr.sin6_flowinfo = 0;
+ client_addr.sin6_scope_id =0;
+ inet_pton(AF_INET6, "::", &client_addr.sin6_addr);
+ bind(sock, (struct sockaddr*)&client_addr, sizeof(struct sockaddr_in6));
+ inet_pton(AF_INET6, DHCP6_MULTICAST_ADDRESS, &server_addr.sin6_addr);
+ server_addr.sin6_port = htons(DHCP6_SERVER_PORT);
+ int16_t recv_size = 0;
+ for (i = 0; i < 5; i++) {
+ if (sendto(sock, packet->buf, packet->len, 0,
+ (struct sockaddr *)&server_addr,
+ sizeof(server_addr)) < 0) {
+ perror("sendto failed");
+ exit(4);
+ }
+ recv_size = recvfrom(sock, response, sizeof(response), MSG_DONTWAIT, NULL, 0);
+ if (recv_size == -1){
+ if (errno == EAGAIN){
+ sleep(1);
+ continue;
+ }else {
+ perror("recvfrom");
+ }
+ }
+ int16_t result = parse_packet(response, recv_size);
+ if (result == NOT_REPLY_CODE){
+ sleep(1);
+ continue;
+ }
+ return result;
+ }
+ fprintf(stderr, "Response timed out\n");
+ return -1;
+
+}
+
+
+int main(int argc, char * const argv[]) {
+ const char* iface = "";
+ const char* ip = "";
+ const char* client_id = "";
+ const char* server_id = "";
+ const char* iaid = "";
+ int dry_run = 0;
+ while (1) {
+ int option_index = 0;
+ int c = getopt_long(argc, argv, "a:s:c:n:i:hd", longopts, &option_index);
+ if (c == -1){
+ break;
+ }
+ switch(c){
+ case 0:
+ if (longopts[option_index].flag !=0){
+ break;
+ }
+ printf ("option %s", longopts[option_index].name);
+ if (optarg)
+ printf (" with arg %s", optarg);
+ printf ("\n");
+ break;
+ case 'i':
+ iaid = optarg;
+ break;
+ case 'n':
+ iface = optarg;
+ break;
+ case 'a':
+ ip = optarg;
+ break;
+ case 'c':
+ client_id = optarg;
+ break;
+ case 'd':
+ dry_run = 1;
+ break;
+ case 's':
+ server_id = optarg;
+ break;
+ case 'h':
+ usage(argv[0], stdout);
+ break;
+ case '?':
+ usage(argv[0], stderr);
+ return -1;
+ default:
+ abort();
+
+ }
+
+ }
+ struct dhcp6_packet packet = create_release_packet(iaid, ip, client_id, server_id);
+ if (dry_run){
+ uint16_t i;
+ for(i=0;i<packet.len;i++){
+ printf("%hhx", packet.buf[i]);
+ }
+ printf("\n");
+ return 0;
+ }
+ return send_release_packet(iface, &packet);
+
+}
diff --git a/debian/rules b/debian/rules
index 193b30c..d748829 100755
--- a/debian/rules
+++ b/debian/rules
@@ -188,6 +188,9 @@ ifeq ($(DEB_HOST_ARCH_OS),linux)
install -m 755 contrib/lease-tools/dhcp_release debian/utils/usr/bin/dhcp_release
install -m 644 contrib/lease-tools/dhcp_release.1 debian/utils/usr/share/man/man1/dhcp_release.1
gzip -9n debian/utils/usr/share/man/man1/dhcp_release.1
+ install -m 755 contrib/lease-tools/dhcp_release6 debian/utils/usr/bin/dhcp_release6
+ install -m 644 contrib/lease-tools/dhcp_release6.1 debian/utils/usr/share/man/man1/dhcp_release6.1
+ gzip -9n debian/utils/usr/share/man/man1/dhcp_release6.1
install -m 755 contrib/lease-tools/dhcp_lease_time debian/utils/usr/bin/dhcp_lease_time
install -m 644 contrib/lease-tools/dhcp_lease_time.1 debian/utils/usr/share/man/man1/dhcp_lease_time.1
install -m 644 debian/copyright debian/utils/usr/share/doc/dnsmasq-utils/copyright
--
2.5.5

37
src/patches/dnsmasq/005-Apply_ceiling_of_lease_length_to_TTL_when_--dhcp-ttl_in_use.patch
View File

@@ -1,37 +0,0 @@
From 7480aeffc8ad195e9fd8bcf424bae0fab3839d55 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Fri, 26 Feb 2016 21:58:20 +0000
Subject: [PATCH] Apply ceiling of lease length to TTL when --dhcp-ttl in use.
---
src/rfc1035.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/src/rfc1035.c b/src/rfc1035.c
index 8f1e3b4..bed5312 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -1167,10 +1167,18 @@ int add_resource_record(struct dns_header *header, char *limit, int *truncp, int
static unsigned long crec_ttl(struct crec *crecp, time_t now)
{
/* Return 0 ttl for DHCP entries, which might change
- before the lease expires. */
+ before the lease expires, unless configured otherwise. */
if (crecp->flags & F_DHCP)
- return daemon->use_dhcp_ttl ? daemon->dhcp_ttl : daemon->local_ttl;
+ {
+ int conf_ttl = daemon->use_dhcp_ttl ? daemon->dhcp_ttl : daemon->local_ttl;
+
+ /* Apply ceiling of actual lease length to configured TTL. */
+ if (!(crecp->flags & F_IMMORTAL) && (crecp->ttd - now) < conf_ttl)
+ return crecp->ttd - now;
+
+ return conf_ttl;
+ }
/* Immortal entries other than DHCP are local, and hold TTL in TTD field. */
if (crecp->flags & F_IMMORTAL)
--
1.7.10.4

85
src/patches/dnsmasq/005-Limit_number_of_upstream_nameservers_when_logging_configuration.patch Normal file
View File

@@ -0,0 +1,85 @@
From b97026035ecc870ea0f12f537b214237cf3d0af6 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 3 May 2016 22:34:06 +0100
Subject: [PATCH] Limit number of upstream nameservers when logging
configuration.
---
CHANGELOG | 5 +++++
src/config.h | 1 +
src/network.c | 10 ++++++++--
3 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index 7d4a061..f3220d8 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -71,6 +71,11 @@ version 2.76
Add dhcp_release6 to contrib/lease-tools. Many thanks
to Sergey Nechaev for this code.
+ To avoid filling logs in configurations which define
+ many upstream nameservers, don't log more that 30 servers.
+ The number to be logged can be changed as SERVERS_LOGGED
+ in src/config.h.
+
version 2.75
Fix reversion on 2.74 which caused 100% CPU use when a
diff --git a/src/config.h b/src/config.h
index c3bbbcb..80a50e1 100644
--- a/src/config.h
+++ b/src/config.h
@@ -25,6 +25,7 @@
#define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */
#define FORWARD_TEST 50 /* try all servers every 50 queries */
#define FORWARD_TIME 20 /* or 20 seconds */
+#define SERVERS_LOGGED 30 /* Only log this many servers when logging state */
#define RANDOM_SOCKS 64 /* max simultaneous random ports */
#define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */
#define CACHESIZ 150 /* default cache size */
diff --git a/src/network.c b/src/network.c
index da8a7f4..e7722fd 100644
--- a/src/network.c
+++ b/src/network.c
@@ -1429,7 +1429,7 @@ void check_servers(void)
{
struct irec *iface;
struct server *serv;
- int port = 0;
+ int port = 0, count;
/* interface may be new since startup */
if (!option_bool(OPT_NOWILD))
@@ -1442,7 +1442,7 @@ void check_servers(void)
serv->flags |= SERV_DO_DNSSEC;
#endif
- for (serv = daemon->servers; serv; serv = serv->next)
+ for (count = 0, serv = daemon->servers; serv; serv = serv->next)
{
if (!(serv->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR | SERV_USE_RESOLV | SERV_NO_REBIND)))
{
@@ -1509,6 +1509,9 @@ void check_servers(void)
if (!(serv->flags & SERV_NO_REBIND) && !(serv->flags & SERV_LITERAL_ADDRESS))
{
+ if (++count > SERVERS_LOGGED)
+ continue;
+
if (serv->flags & (SERV_HAS_DOMAIN | SERV_FOR_NODOTS | SERV_USE_RESOLV))
{
char *s1, *s2, *s3 = "";
@@ -1540,6 +1543,9 @@ void check_servers(void)
my_syslog(LOG_INFO, _("using nameserver %s#%d"), daemon->namebuff, port);
}
}
+
+ if (count - 1 > SERVERS_LOGGED)
+ my_syslog(LOG_INFO, _("using %d more nameservers"), count - SERVERS_LOGGED - 1);
cleanup_servers();
}
--
2.5.5

70
src/patches/dnsmasq/006-Fix_for_DHCP_in_transmission_interface_when_--bridge-interface_in_use.patch Normal file
View File

@@ -0,0 +1,70 @@
From ff325644c7afae2588583f935f4ea9b9694eb52e Mon Sep 17 00:00:00 2001
From: Neil Jerram <Neil.Jerram@metaswitch.com>
Date: Tue, 3 May 2016 22:45:14 +0100
Subject: [PATCH] Fix for DHCP in transmission interface when
--bridge-interface in use.
From f3d832b41f44c856003517c583fbd7af4dca722c Mon Sep 17 00:00:00 2001
From: Neil Jerram <Neil.Jerram@metaswitch.com>
Date: Fri, 8 Apr 2016 19:23:47 +0100
Subject: [PATCH] Fix DHCPv4 reply via --bridge-interface alias interface
Sending a DHCPv4 reply through a --bridge-interface alias interface
was inadvertently broken by
commit 65c721200023ef0023114459a8d12f8b0a24cfd8
Author: Lung-Pin Chang <changlp@cs.nctu.edu.tw>
Date: Thu Mar 19 23:22:21 2015 +0000
dhcp: set outbound interface via cmsg in unicast reply
If multiple routes to the same network exist, Linux blindly picks
the first interface (route) based on destination address, which might not be
the one we're actually offering leases. Rather than relying on this,
always set the interface for outgoing unicast DHCP packets.
because in the aliasing case, iface_index is changed from the index of
the interface on which the packet was received, to be the interface
index of the 'bridge' interface (where the DHCP context is expected to
be defined, and so needs to be looked up).
For the cmsg code that the cited commit added, we need the original
iface_index; so this commit saves that off before the aliasing code
can change it, as rcvd_iface_index, and then uses rcvd_iface_index
instead of iface_index for the cmsg code.
---
src/dhcp.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/dhcp.c b/src/dhcp.c
index 00145bc..10f1fb9 100644
--- a/src/dhcp.c
+++ b/src/dhcp.c
@@ -146,6 +146,7 @@ void dhcp_packet(time_t now, int pxe_fd)
struct iovec iov;
ssize_t sz;
int iface_index = 0, unicast_dest = 0, is_inform = 0;
+ int rcvd_iface_index;
struct in_addr iface_addr;
struct iface_param parm;
#ifdef HAVE_LINUX_NETWORK
@@ -230,6 +231,7 @@ void dhcp_packet(time_t now, int pxe_fd)
--bridge-interface option), change ifr.ifr_name so that we look
for DHCP contexts associated with the aliased interface instead
of with the aliasing one. */
+ rcvd_iface_index = iface_index;
for (bridge = daemon->bridges; bridge; bridge = bridge->next)
{
for (alias = bridge->alias; alias; alias = alias->next)
@@ -387,7 +389,7 @@ void dhcp_packet(time_t now, int pxe_fd)
msg.msg_controllen = sizeof(control_u);
cmptr = CMSG_FIRSTHDR(&msg);
pkt = (struct in_pktinfo *)CMSG_DATA(cmptr);
- pkt->ipi_ifindex = iface_index;
+ pkt->ipi_ifindex = rcvd_iface_index;
pkt->ipi_spec_dst.s_addr = 0;
msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
cmptr->cmsg_level = IPPROTO_IP;
--
2.5.5