From c8684b8c325ce983a0c4972ebb8392494a7af842 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= Date: Tue, 10 Mar 2020 15:44:41 +0100 Subject: [PATCH] Replace downstream patch with upstream change Actually merged fix is a bit different. --- dnsmasq-2.80-rh1739797.patch | 75 ++++++++++++++++++++++++++---------- 1 file changed, 54 insertions(+), 21 deletions(-) diff --git a/dnsmasq-2.80-rh1739797.patch b/dnsmasq-2.80-rh1739797.patch index 1acc273..c6530ff 100644 --- a/dnsmasq-2.80-rh1739797.patch +++ b/dnsmasq-2.80-rh1739797.patch @@ -1,32 +1,65 @@ -From 18547163b15bbbcb5ed5113360440387d89d0e15 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= -Date: Wed, 28 Aug 2019 19:28:02 +0200 -Subject: [PATCH] Revert "Do unsolicited RAs for interfaces which appear after - dnsmasq startup." +From 515ba97595e60c762c448657f3c0e545c1e365f9 Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Mon, 27 Jan 2020 23:30:10 +0000 +Subject: [PATCH] Fix infinite-loop router advert problems. -This reverts commit 0a496f059c1e9d75c33cce4c1211d58422ba4f62. +The previous code here, which started fast-RA whenever that local +address associated with a DHCP context changed, is very vulnerable +to flapping due to dynamically created addresses in the same net. + +Simplify so that if a context which has never found an interface now +finds one, that gets advertised, but not for other changes. That satisfies +the original intention that prefixes not in place when dnsmasq starts +should be recognised. + +Also totally ignore all interfaces where we are configured not to do DHCP, +to preclude flapping of they have prefixes in common with interfaces +where we do DHCP. --- - src/dhcp6.c | 7 ------- - 1 file changed, 7 deletions(-) + src/dhcp6.c | 15 +++++++++++---- + 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/src/dhcp6.c b/src/dhcp6.c -index 5badc46..454193e 100644 +index 041ad07..51788ed 100644 --- a/src/dhcp6.c +++ b/src/dhcp6.c -@@ -679,13 +679,6 @@ static int construct_worker(struct in6_addr *local, int prefix, - is_same_net6(local, &template->start6, template->prefix) && +@@ -658,7 +658,8 @@ static int construct_worker(struct in6_addr *local, int prefix, + char ifrn_name[IFNAMSIZ]; + struct in6_addr start6, end6; + struct dhcp_context *template, *context; +- ++ struct iname *tmp; ++ + (void)scope; + (void)flags; + (void)valid; +@@ -677,9 +678,15 @@ static int construct_worker(struct in6_addr *local, int prefix, + if (flags & IFACE_DEPRECATED) + return 1; + +- if (!indextoname(daemon->icmp6fd, if_index, ifrn_name)) +- return 0; ++ /* Ignore interfaces where we're not doing RA/DHCP6 */ ++ if (!indextoname(daemon->icmp6fd, if_index, ifrn_name) || ++ !iface_check(AF_LOCAL, NULL, ifrn_name, NULL)) ++ return 1; + ++ for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next) ++ if (tmp->name && wildcard_match(tmp->name, ifrn_name)) ++ return 1; ++ + for (template = daemon->dhcp6; template; template = template->next) + if (!(template->flags & (CONTEXT_TEMPLATE | CONTEXT_CONSTRUCTED))) + { +@@ -689,7 +696,7 @@ static int construct_worker(struct in6_addr *local, int prefix, is_same_net6(local, &template->end6, template->prefix)) { -- /* First time found, do fast RA. */ + /* First time found, do fast RA. */ - if (template->if_index != if_index || !IN6_ARE_ADDR_EQUAL(&template->local6, local)) -- { -- ra_start_unsolicited(param->now, template); -- param->newone = 1; -- } -- - template->if_index = if_index; - template->local6 = *local; - } ++ if (template->if_index == 0) + { + ra_start_unsolicited(param->now, template); + param->newone = 1; -- -2.20.1 +2.21.1