rpms/dnsmasq
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import dnsmasq-2.79-20.el8

Browse Source
This commit is contained in:
CentOS Sources 2021-11-11 04:18:22 +00:00 committed by Stepan Oksanichenko
parent b0a42572f2
commit ad51900b9c
3 changed files with 143 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

107
SOURCES/dnsmasq-2.79-alternative-lease.patch Normal file
View File

@ -0,0 +1,107 @@
From 268080fc19990711a1d1e1acd68a50aa2f6cb5fb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Fri, 17 Sep 2021 20:12:21 +0200
Subject: [PATCH] Offer alternative DHCPv6 address if requested is taken
In some cases multiple requests might arrive from single DUID. It may
happen just one address is offered to different IAID requests. When
the first request confirms lease, another would be offered alternative
address instead of address in use error.
Includes check on such Rapid commit equivalents and returns NotOnLink
error, required by RFC 8145, if requested address were not on any
supported prefix.
---
src/rfc3315.c | 39 ++++++++++++++++++++++++++++-----------
1 file changed, 28 insertions(+), 11 deletions(-)
diff --git a/src/rfc3315.c b/src/rfc3315.c
index 5c2ff97..d1534ad 100644
--- a/src/rfc3315.c
+++ b/src/rfc3315.c
@@ -614,7 +614,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
case DHCP6SOLICIT:
{
- int address_assigned = 0;
+ int address_assigned = 0, ia_invalid = 0;
/* tags without all prefix-class tags */
struct dhcp_netid *solicit_tags;
struct dhcp_context *c;
@@ -697,6 +697,8 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
get_context_tag(state, c);
address_assigned = 1;
}
+ else
+ ia_invalid++;
}
/* Suggest configured address(es) */
@@ -782,11 +784,26 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
tagif = add_options(state, 0);
}
else
- {
+ {
+ char *errmsg;
/* no address, return error */
o1 = new_opt6(OPTION6_STATUS_CODE);
- put_opt6_short(DHCP6NOADDRS);
- put_opt6_string(_("no addresses available"));
+ if (state->lease_allocate && ia_invalid)
+ {
+ /* RFC 8415, Section 18.3.2:
+ If any of the prefixes of the included addresses are not
+ appropriate for the link to which the client is connected,
+ the server MUST return the IA to the client with a Status
+ Code option with the value NotOnLink. */
+ put_opt6_short(DHCP6NOTONLINK);
+ errmsg = _("not on link");
+ }
+ else
+ {
+ put_opt6_short(DHCP6NOADDRS);
+ errmsg = _("no addresses available");
+ }
+ put_opt6_string(errmsg);
end_opt6(o1);
/* Some clients will ask repeatedly when we're not giving
@@ -795,7 +812,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
for (c = state->context; c; c = c->current)
if (!(c->flags & CONTEXT_RA_STATELESS))
{
- log6_packet(state, state->lease_allocate ? "DHCPREPLY" : "DHCPADVERTISE", NULL, _("no addresses available"));
+ log6_packet(state, state->lease_allocate ? "DHCPREPLY" : "DHCPADVERTISE", NULL, errmsg);
break;
}
}
@@ -831,7 +848,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
/* If we get a request with an IA_*A without addresses, treat it exactly like
a SOLICT with rapid commit set. */
save_counter(start);
- goto request_no_address;
+ goto request_no_address;
}
o = build_ia(state, &t1cntr);
@@ -861,11 +878,11 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
}
else if (!check_address(state, &req_addr))
{
- /* Address leased to another DUID/IAID */
- o1 = new_opt6(OPTION6_STATUS_CODE);
- put_opt6_short(DHCP6UNSPEC);
- put_opt6_string(_("address in use"));
- end_opt6(o1);
+ /* Address leased to another DUID/IAID.
+ Find another address for the client, treat it exactly like
+ a SOLICT with rapid commit set. */
+ save_counter(start);
+ goto request_no_address;
}
else
{
--
2.31.1

28
SOURCES/dnsmasq-2.86-dhcpv6-client-arch.patch Normal file
View File

@ -0,0 +1,28 @@
From 9e2b6474f2074511c3911b2f777e8e8704782670 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Wed, 22 Sep 2021 14:54:01 +0200
Subject: [PATCH] Add support for option6 names of RFC 5970
Client Network Interface Identifier and Client System Architecture Type
options were not understood by dnsmasq. Add it to supported option
types.
---
src/dhcp-common.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/dhcp-common.c b/src/dhcp-common.c
index 224c4d6..368d686 100644
--- a/src/dhcp-common.c
+++ b/src/dhcp-common.c
@@ -645,6 +645,8 @@ static const struct opttab_t opttab6[] = {
{ "ntp-server", 56, 0 },
{ "bootfile-url", 59, OT_NAME },
{ "bootfile-param", 60, OT_CSTRING },
+ { "client-arch", 61, 2 | OT_DEC }, /* RFC 5970 */
+ { "client-interface-id", 62, 1 | OT_DEC }, /* RFC 5970 */
{ NULL, 0, 0 }
};
#endif
--
2.31.1

9
SPECS/dnsmasq.spec
View File

@ -13,7 +13,7 @@
Name: dnsmasq Name: dnsmasq
Version: 2.79 Version: 2.79
Release: 19%{?extraversion:.%{extraversion}}%{?dist} Release: 20%{?extraversion:.%{extraversion}}%{?dist}
Summary: A lightweight DHCP/caching DNS server Summary: A lightweight DHCP/caching DNS server
License: GPLv2 or GPLv3 License: GPLv2 or GPLv3
@ -67,6 +67,8 @@ Patch29: dnsmasq-2.84-bind-dynamic-netlink.patch
Patch30: dnsmasq-2.85-CVE-2021-3448.patch Patch30: dnsmasq-2.85-CVE-2021-3448.patch
# http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=03212e533b1e07aba30d2f4112009dc3af867ea5 # http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=03212e533b1e07aba30d2f4112009dc3af867ea5
Patch31: dnsmasq-2.80-man-nameing.patch Patch31: dnsmasq-2.80-man-nameing.patch
Patch32: dnsmasq-2.79-alternative-lease.patch
Patch33: dnsmasq-2.86-dhcpv6-client-arch.patch
# This is workaround to nettle bug #1549190 # This is workaround to nettle bug #1549190
# https://bugzilla.redhat.com/show_bug.cgi?id=1549190 # https://bugzilla.redhat.com/show_bug.cgi?id=1549190
@ -131,6 +133,8 @@ server's leases.
%patch29 -p1 -b .rh1887649 %patch29 -p1 -b .rh1887649
%patch30 -p1 -b .CVE-2021-3448 %patch30 -p1 -b .CVE-2021-3448
%patch31 -p1 -b .rh1947039 %patch31 -p1 -b .rh1947039
%patch32 -p1 -b .rh1998448
%patch33 -p1 -b .dhcpv6-client-arch
# use /var/lib/dnsmasq instead of /var/lib/misc # use /var/lib/dnsmasq instead of /var/lib/misc
for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do
@ -230,6 +234,9 @@ install -Dpm 644 %{SOURCE2} %{buildroot}%{_sysusersdir}/dnsmasq.conf
%{_mandir}/man1/dhcp_* %{_mandir}/man1/dhcp_*
%changelog %changelog
* Mon Sep 20 2021 Petr Menšík <pemensik@redhat.com> - 2.79-20
- Offer alternate DHCPv6 address if requested is already leased (#1998448)
* Tue Jun 29 2021 Petr Menšík <pemensik@redhat.com> - 2.79-19 * Tue Jun 29 2021 Petr Menšík <pemensik@redhat.com> - 2.79-19
- Correct typo in man page (#1947039) - Correct typo in man page (#1947039)