Commit Graph

248 Commits

Author SHA1 Message Date
Petr Menšík
067b065880 Add separate SPDX licenses also to translations 2023-04-05 17:52:22 +02:00
Petr Menšík
d57471e354 Set the default maximum DNS UDP packet size to 1232
Resolves: CVE-2023-28450
2023-04-03 16:26:57 +02:00
Petr Menšík
76bd39af36 Update to 2.89 (#2167121)
Fix bug introduced in 2.88 (commit fe91134b) which can result
in corruption of the DNS cache internal data structures and
logging of "cache internal error". This has only been seen
in one place in the wild, and it took considerable effort
to even generate a test case to reproduce it, but there's
no way to be sure it won't strike, and the effect is to break
the cache badly. Installations with DNSSEC enabled are more
likely to see the problem, but not running DNSSEC does not
guarantee that it won't happen. Thanks to Timo van Roermund
for reporting the bug and for his great efforts in chasing
it down.

Also --no-ident option to disable CHAOS entries.
2023-02-13 20:11:42 +01:00
Fedora Release Engineering
c18e8375ae Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-01-19 01:36:01 +00:00
Petr Menšík
b313864b6c Create dnsmasq-langpack subpackage with translations (#2131681)
For now create just single additional languages pack, which provides
translations for some localizations. Because it is quite small, it
should not matter.
2022-12-08 18:18:41 +01:00
Petr Menšík
773d89e137 Update to 2.88 (#2150667)
Still keeping underflow patch, even it seems not necessary.

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q4/016767.html
2022-12-06 18:35:48 +01:00
Petr Menšík
a2d26dd525 Fix regression removing config statements on DBus change (#2148301) 2022-11-25 11:21:24 +01:00
Petr Menšík
3539c7a7f0 Update License tag to SPDX identifier 2022-09-30 13:19:30 +02:00
Petr Menšík
fb936db8eb Update to 2.87 (#2129658) 2022-09-27 15:35:46 +02:00
Fedora Release Engineering
e28b110acb Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-07-21 00:41:20 +00:00
Petr Menšík
19e76a2a0a Do not own configuration by dnsmasq group (#2104973)
Dynamic owned files makes problems with container based releases.
Because they are not necessary, get rid of them.
2022-07-08 22:43:06 +02:00
Petr Menšík
ef60adb63e Fix losing static forwarders configuration after dbus update
Correct loop updates of up pointer. Do not lose server records prior to
first marked server on update.

Modified for 2.86 version.

Resolves: rhbz#2061944
2022-06-17 13:01:00 +02:00
Petr Menšík
f9d6c726e6 Require NetworkManager-ci tests pass on rawhide 2022-05-06 00:02:51 +02:00
Petr Menšík
7da92dcce5 Move NetworkManager-ci part to separate plan
Correct used git repo for NM CI

Use moved upstream to gitlab.

Make fmf a bit nicer.

Remove discover from script only

It breaks running the other plan this way.

Prepare inside the script
2022-05-06 00:00:49 +02:00
Petr Menšík
da02ce5baf Deactivate STI, use tmt 2022-05-06 00:00:49 +02:00
Petr Menšík
1f5e1331ba Move from github tests to fedora /tests/dnsmasq
Fix gating to still reference only STI test product.
2022-05-04 13:42:03 +02:00
Anssi Hannula
3123631ff7 Enable conntrack support
This allows using e.g. the --conntrack configuration option.
2022-04-29 19:06:47 +02:00
Petr Menšík
c8a9dcf212 Update GNU address in license file
Just download fresh copy from GNU, until upstream updates the license.
2022-04-29 18:12:10 +02:00
Petr Menšík
5624c40cb5 fixup! Avoid bogus messages from rpmlint about badfuncs 2022-04-29 17:04:05 +02:00
Petr Menšík
d71e6bdd87 Avoid bogus messages from rpmlint about badfuncs
The code handles both IPv4 and IPv6, but those functions are used only
in IPv4-only code paths, where it does not limit anything.
2022-04-29 11:13:31 +02:00
Petr Menšík
af6782a97c Minor description update to satisfy rpmlint 2022-04-29 11:13:31 +02:00
Petr Sklenar
c06c867464 adding ci.fmf to have more plans 2022-04-20 09:09:42 +00:00
Petr Sklenar
275f610b3a gating yaml with one fmf plan 2022-04-20 09:09:42 +00:00
Petr Sklenar
a85837f755 fedora ci should start the both way 2022-04-20 09:09:42 +00:00
Petr Sklenar
8034904a73 Adding fmf plan 2022-04-20 09:09:42 +00:00
Petr Menšík
1c5ebdc65d Fix massive confusion on server reload
The 2.86 upstream server rewrite severely broke re-reading
of server configuration. It would get everyting right the first
time, but on re-reading /etc/resolv.conf or --servers-file
or setting things with DBUS, the results were just wrong.

This should put things right again.

No fedora bug reference, reported upstream:
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016166.html
2022-02-24 02:58:52 +01:00
Fedora Release Engineering
4cfebfcd18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-01-20 00:51:16 +00:00
Petr Menšík
b77271d4fc Add writeable group flag to log file
Resolves: rhbz#2024166
2022-01-16 12:18:48 +01:00
Petr Menšík
6ad2d1af9f Compare query with case-insensitive compare
Required by TCP queries retrying query on REDHAT.COM VPN, which offers
too many SRV records to fit into reply without EDNS0. That means length
of answer >512 bytes, as used by kinit implementation.
2021-10-27 17:58:56 +02:00
Petr Menšík
19d9817a3e Rebuild server array after each change
On /etc/resolv.conf of d-bus update of servers, dnsmasq did not update
dnsmasq_daemon->serverarray properly. Call refresh after each change.

When resolv.conf resolvers are cleared, dnsmasq_daemon->serverarray
were not properly refreshed. Force refresh as part of removal.

Replaces original upstream commit, which fixed only some use-cases:
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=d290630d31f4517ab26392d00753d1397f9a4114

Resolves: rhbz#2009975
Related: rhbz#2014019
2021-10-27 17:56:38 +02:00
Petr Menšík
cee3418eae Attempt to fix regression found on recent release (#2006367)
Try to fix immediate failures.
2021-09-23 17:46:26 +02:00
Petr Menšík
d5947e0b61 Update to 2.86 (#2002475) 2021-09-09 10:03:17 +02:00
Petr Menšík
06b5c95b05 Add coverity patches
Various coverity fixes, not yet sent to upstream.
2021-09-09 09:55:19 +02:00
Petr Menšík
01910ecdac Do not require systemd 2021-08-04 18:56:26 +02:00
Petr Menšík
97b69aa4f1 Start before nss-lookup.target, hint modification to listen on IP (#1984618) 2021-07-22 21:29:28 +02:00
Petr Menšík
e12e428986 Update lease if hostname is assigned to a new lease (#1978718) 2021-07-22 21:17:24 +02:00
Fedora Release Engineering
3ace2e2c82 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-21 20:57:40 +00:00
Petr Menšík
72ba11797c Change default pid file into run directory 2021-04-08 08:56:22 +02:00
Petr Menšík
7ce0e29ff5 Update to 2.85 (#1947198)
Change to production release.
2021-04-08 08:30:33 +02:00
Petr Menšík
d7ba69deba Report various failures during startup (#1774028)
Report failed start when port is bound already by different service or
configuration is wrong.
2021-03-31 10:09:05 +02:00
Petr Menšík
f497e41434 Update to 2.85rc2
Fixes CVE-2021-3448 and few more regressions.
2021-03-31 10:08:29 +02:00
Zbigniew Jędrzejewski-Szmek
93943b79fb Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
2021-03-02 16:13:54 +01:00
Petr Menšík
e2a508e666 Update to 2.84
Fixes just regression caused by security patches. When multiple requests
from different address families join one query, error is emitted on
reply receive.
2021-01-26 13:39:02 +01:00
Fedora Release Engineering
b600d12834 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-26 03:35:18 +00:00
Petr Menšík
85b95520cf Update to security issues release 2.83
Seven CVEs have been found in dnsmasq. They are marked from
CVE-2020-25681 to CVE-2020-25687.
2021-01-19 23:05:09 +01:00
Luca BRUNO
b7481f49d6 spec: switch to use sysusers compat macro
This switches the %pre scriplet to use the sysusers compat
macro when creating system user/group.
This ensures that only dnsmasq entries are created, without
triggering actions for other sysusers.d files that may be on
disk.

Refs:
 * https://fedoraproject.org/wiki/Changes/Adopting_sysusers.d_format
 * https://bugzilla.redhat.com/show_bug.cgi?id=1792462
2021-01-11 21:55:03 +00:00
Tom Stellard
08446b0eff Add BuildRequires: make
https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot
2020-12-19 06:11:46 +00:00
Petr Menšík
23460f21dc Use gpgverify only for Fedora builds
Avoid using it on EPEL, where %gpgverify exists, but parameters have
different syntax.
2020-11-20 11:46:44 +01:00
Petr Menšík
9d4a531b20 Remove condition on uninitialized tv
Downstream patch originally included more. I failed to spot tv is not
initialized, when removed that not-functional part.
2020-10-09 12:05:19 +02:00
Petr Menšík
549005c787 Listen only on lo device (#1852373)
Dnsmasq now accepts in default configuration queries only from
localhost. It received queries from any interface on the computer
before. It just dropped queries coming from wrong interfaces.

This change makes it listen only on specified interfaces. Queries coming
from different interfaces would receive ICMP error right away. Makes it
easier to understand why dnsmasq is not answering to those queries.
2020-10-01 00:51:03 +02:00