Commit Graph

207 Commits

Author SHA1 Message Date
Petr Menšík
19e76a2a0a Do not own configuration by dnsmasq group (#2104973)
Dynamic owned files makes problems with container based releases.
Because they are not necessary, get rid of them.
2022-07-08 22:43:06 +02:00
Petr Menšík
ef60adb63e Fix losing static forwarders configuration after dbus update
Correct loop updates of up pointer. Do not lose server records prior to
first marked server on update.

Modified for 2.86 version.

Resolves: rhbz#2061944
2022-06-17 13:01:00 +02:00
Anssi Hannula
3123631ff7 Enable conntrack support
This allows using e.g. the --conntrack configuration option.
2022-04-29 19:06:47 +02:00
Petr Menšík
c8a9dcf212 Update GNU address in license file
Just download fresh copy from GNU, until upstream updates the license.
2022-04-29 18:12:10 +02:00
Petr Menšík
af6782a97c Minor description update to satisfy rpmlint 2022-04-29 11:13:31 +02:00
Petr Menšík
1c5ebdc65d Fix massive confusion on server reload
The 2.86 upstream server rewrite severely broke re-reading
of server configuration. It would get everyting right the first
time, but on re-reading /etc/resolv.conf or --servers-file
or setting things with DBUS, the results were just wrong.

This should put things right again.

No fedora bug reference, reported upstream:
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016166.html
2022-02-24 02:58:52 +01:00
Fedora Release Engineering
4cfebfcd18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-01-20 00:51:16 +00:00
Petr Menšík
b77271d4fc Add writeable group flag to log file
Resolves: rhbz#2024166
2022-01-16 12:18:48 +01:00
Petr Menšík
6ad2d1af9f Compare query with case-insensitive compare
Required by TCP queries retrying query on REDHAT.COM VPN, which offers
too many SRV records to fit into reply without EDNS0. That means length
of answer >512 bytes, as used by kinit implementation.
2021-10-27 17:58:56 +02:00
Petr Menšík
19d9817a3e Rebuild server array after each change
On /etc/resolv.conf of d-bus update of servers, dnsmasq did not update
dnsmasq_daemon->serverarray properly. Call refresh after each change.

When resolv.conf resolvers are cleared, dnsmasq_daemon->serverarray
were not properly refreshed. Force refresh as part of removal.

Replaces original upstream commit, which fixed only some use-cases:
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=d290630d31f4517ab26392d00753d1397f9a4114

Resolves: rhbz#2009975
Related: rhbz#2014019
2021-10-27 17:56:38 +02:00
Petr Menšík
cee3418eae Attempt to fix regression found on recent release (#2006367)
Try to fix immediate failures.
2021-09-23 17:46:26 +02:00
Petr Menšík
d5947e0b61 Update to 2.86 (#2002475) 2021-09-09 10:03:17 +02:00
Petr Menšík
06b5c95b05 Add coverity patches
Various coverity fixes, not yet sent to upstream.
2021-09-09 09:55:19 +02:00
Petr Menšík
01910ecdac Do not require systemd 2021-08-04 18:56:26 +02:00
Petr Menšík
97b69aa4f1 Start before nss-lookup.target, hint modification to listen on IP (#1984618) 2021-07-22 21:29:28 +02:00
Petr Menšík
e12e428986 Update lease if hostname is assigned to a new lease (#1978718) 2021-07-22 21:17:24 +02:00
Fedora Release Engineering
3ace2e2c82 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-21 20:57:40 +00:00
Petr Menšík
72ba11797c Change default pid file into run directory 2021-04-08 08:56:22 +02:00
Petr Menšík
7ce0e29ff5 Update to 2.85 (#1947198)
Change to production release.
2021-04-08 08:30:33 +02:00
Petr Menšík
d7ba69deba Report various failures during startup (#1774028)
Report failed start when port is bound already by different service or
configuration is wrong.
2021-03-31 10:09:05 +02:00
Petr Menšík
f497e41434 Update to 2.85rc2
Fixes CVE-2021-3448 and few more regressions.
2021-03-31 10:08:29 +02:00
Zbigniew Jędrzejewski-Szmek
93943b79fb Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
2021-03-02 16:13:54 +01:00
Petr Menšík
e2a508e666 Update to 2.84
Fixes just regression caused by security patches. When multiple requests
from different address families join one query, error is emitted on
reply receive.
2021-01-26 13:39:02 +01:00
Fedora Release Engineering
b600d12834 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-26 03:35:18 +00:00
Petr Menšík
85b95520cf Update to security issues release 2.83
Seven CVEs have been found in dnsmasq. They are marked from
CVE-2020-25681 to CVE-2020-25687.
2021-01-19 23:05:09 +01:00
Luca BRUNO
b7481f49d6 spec: switch to use sysusers compat macro
This switches the %pre scriplet to use the sysusers compat
macro when creating system user/group.
This ensures that only dnsmasq entries are created, without
triggering actions for other sysusers.d files that may be on
disk.

Refs:
 * https://fedoraproject.org/wiki/Changes/Adopting_sysusers.d_format
 * https://bugzilla.redhat.com/show_bug.cgi?id=1792462
2021-01-11 21:55:03 +00:00
Tom Stellard
08446b0eff Add BuildRequires: make
https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot
2020-12-19 06:11:46 +00:00
Petr Menšík
23460f21dc Use gpgverify only for Fedora builds
Avoid using it on EPEL, where %gpgverify exists, but parameters have
different syntax.
2020-11-20 11:46:44 +01:00
Petr Menšík
9d4a531b20 Remove condition on uninitialized tv
Downstream patch originally included more. I failed to spot tv is not
initialized, when removed that not-functional part.
2020-10-09 12:05:19 +02:00
Petr Menšík
549005c787 Listen only on lo device (#1852373)
Dnsmasq now accepts in default configuration queries only from
localhost. It received queries from any interface on the computer
before. It just dropped queries coming from wrong interfaces.

This change makes it listen only on specified interfaces. Queries coming
from different interfaces would receive ICMP error right away. Makes it
easier to understand why dnsmasq is not answering to those queries.
2020-10-01 00:51:03 +02:00
Fedora Release Engineering
a02f732ecb - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-07-27 15:34:17 +00:00
Petr Menšík
688ad97e82 Update to 2.82
Fixes DNS over TCP issues with sockets and TTL 0 DNSKEY and DS
validation.

Announcement:
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q3/014201.html
2020-07-20 11:17:37 +02:00
Petr Menšík
744ba31be7 Listen only localhost in default configuration
Require manual configuration to enable either local-service for any
connected networks or interface to listen all hosts on interface.
2020-06-30 19:13:15 +02:00
Petr Menšík
4c831af38b Prepare downstream patches on upstream
Enable nice checkout with --with sourcegit. It would not base sources
directory on tarball, but from git repository configured in spec.

Simplifies backporting a new patch from upstream.
2020-06-02 20:05:16 +02:00
Petr Menšík
a6995451dc Correct multiple entries with the same mac address (#1834454)
Make sure IPv4 requests search only in IPv4 contexts and vice versa. Do
not accept IPv4 record for IPv6 requests, as it would lead to defined
assignment.
2020-05-12 00:08:37 +02:00
Petr Menšík
e8e451a80c Update to 2.81 (#1823139) 2020-04-16 21:37:32 +02:00
Petr Menšík
8cb7aff90a Remove upstream merged downstream patches 2020-04-16 21:37:32 +02:00
Petr Menšík
57b55437cd Update to 2.81rc3
Remove patches that has been merged or have alternatives.
2020-04-16 21:37:32 +02:00
Petr Menšík
b8e25263bb Add source GPG validation
Verify signature of sources.
Disabled, because build failed on my machine.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
2020-04-16 21:37:32 +02:00
Petr Menšík
cb7c105d3c Fix small typo with great effect
Every query was refused because of forgotten ! from original line.
2020-03-23 15:34:31 +01:00
Petr Menšík
0461a69019 Respond to any local name also withou rd bit set (#1647464) 2020-03-10 17:12:39 +01:00
Petr Menšík
cde7b60662 Support multiple static leases for single mac on IPv6 (#1810172)
In some cases, DUID will change for the same machine during network
boot. Support assigning small blocks of IPv6 addresses to work around
changing DUID.
2020-03-06 22:44:46 +01:00
Fedora Release Engineering
a491586574 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-28 16:03:36 +00:00
Petr Menšík
70d1413570 Fix RA flood (#1739797)
Upstream commit introduced serious regression, taking a lot of cycles
and filling journal. Its benefits are not too high. Revert it until
proper fix is found.

http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=18547163b15bbbcb5ed5113360440387d89d0e15
2019-08-28 19:33:58 +02:00
Petr Menšík
bde34f977c Remove SO_TIMESTAMP support, DHCP was broken (#1739081)
Quick made support of SO_TIMESTAMP is broken and it broke whole DHCP.
Until that is fixed and properly tested, remove its support. Just skip
call to unsupported ioctl.

Signed-off-by: Petr Menšík <pemensik@redhat.com>
2019-08-09 15:19:39 +02:00
Petr Menšík
8503847793 Fix failed builds on F31 (#1735096) 2019-07-31 20:50:37 +02:00
Petr Menšík
f5fd7025ab Fix TCP listener after interface recreated (#1728701)
Signed-off-by: Petr Menšík <pemensik@redhat.com>
2019-07-31 17:27:56 +02:00
Petr Menšík
6b2ad2c800 Fix NODATA instead of NXDOMAIN (#1674067)
Fix bug added in 2.80 non-terminal code which returns NODATA instead of NXDOMAIN.

Thanks to Sven Muleller and Maciej Żenczykowski for work on this.
2019-07-31 17:13:38 +02:00
Fedora Release Engineering
d7adf990db - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-07-24 22:11:53 +00:00
Petr Menšík
d2f1660dbc Fix autopatch macro errors 2019-04-08 19:17:44 +02:00