diff --git a/dnsmasq-2.85-search_servers-rhbz2182342.patch b/dnsmasq-2.85-search_servers-rhbz2182342.patch new file mode 100644 index 0000000..896f0c9 --- /dev/null +++ b/dnsmasq-2.85-search_servers-rhbz2182342.patch @@ -0,0 +1,39 @@ +From b3784649cd26c6bd5ec96e84cba0ea7d57786acf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Fri, 5 May 2023 17:51:56 +0200 +Subject: [PATCH] Ensure search_servers domain is set on dnssec + +When dnssec validation is enabled the domain variable used when fetching +dnssec key or domain were not properly initialized always. It were read +anyway inside search_servers. Because it is changed only sometime, do +not use its value on the end of function. domain can be NULL only at +that point, use that value right away. +--- + src/forward.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/forward.c b/src/forward.c +index b09dc96..345eff3 100644 +--- a/src/forward.c ++++ b/src/forward.c +@@ -250,7 +250,7 @@ static unsigned int search_servers(time_t now, union all_addr **addrpp, unsigned + *domain = NULL; + } + if (serv_domain && !*serv_domain) +- *serv_domain = server_domain_find_domain(*domain); ++ *serv_domain = server_domain_find_domain(NULL); + return flags; + } + +@@ -1097,7 +1097,7 @@ void reply_query(int fd, time_t now) + { + int querytype, fd, type = SERV_DO_DNSSEC; + struct frec *next = new->next; +- char *domain; ++ char *domain = NULL; + + *new = *forward; /* copy everything, then overwrite */ + new->next = next; +-- +2.40.1 + diff --git a/dnsmasq.spec b/dnsmasq.spec index 83cb048..76debdd 100644 --- a/dnsmasq.spec +++ b/dnsmasq.spec @@ -20,7 +20,7 @@ Name: dnsmasq Version: 2.85 -Release: 8%{?extraversion:.%{extraversion}}%{?dist} +Release: 9%{?extraversion:.%{extraversion}}%{?dist} Summary: A lightweight DHCP/caching DNS server License: GPLv2 or GPLv3 @@ -56,6 +56,9 @@ Patch9: dnsmasq-2.89-edns0-size.patch # Downstream only patch; https://bugzilla.redhat.com/show_bug.cgi?id=2186481 # Fixes issue in Patch4 Patch10: dnsmasq-2.85-serv_domain-rh2186481.patch +# Downstream only patch; https://bugzilla.redhat.com/show_bug.cgi?id=2182342 +# Another issue in Patch4 +Patch11: dnsmasq-2.85-search_servers-rhbz2182342.patch # This is workaround to nettle bug #1549190 # https://bugzilla.redhat.com/show_bug.cgi?id=1549190 @@ -199,6 +202,9 @@ install -Dpm 644 %{SOURCE2} %{buildroot}%{_sysusersdir}/%{name}.conf %{_mandir}/man1/dhcp_* %changelog +* Fri May 05 2023 Petr Menšík - 2.85-9 +- Properly initialize domain parameter in dnssec mode (#2182342) + * Fri Apr 21 2023 Petr Menšík - 2.85-8 - Correct possible crashes when server=/example.net/# is used (#2188712)