Fix bug introduced in 2.88 (commit fe91134b) which can result
in corruption of the DNS cache internal data structures and
logging of "cache internal error". This has only been seen
in one place in the wild, and it took considerable effort
to even generate a test case to reproduce it, but there's
no way to be sure it won't strike, and the effect is to break
the cache badly. Installations with DNSSEC enabled are more
likely to see the problem, but not running DNSSEC does not
guarantee that it won't happen. Thanks to Timo van Roermund
for reporting the bug and for his great efforts in chasing
it down.
Also --no-ident option to disable CHAOS entries.
For now create just single additional languages pack, which provides
translations for some localizations. Because it is quite small, it
should not matter.
Correct loop updates of up pointer. Do not lose server records prior to
first marked server on update.
Modified for 2.86 version.
Resolves: rhbz#2061944
The 2.86 upstream server rewrite severely broke re-reading
of server configuration. It would get everyting right the first
time, but on re-reading /etc/resolv.conf or --servers-file
or setting things with DBUS, the results were just wrong.
This should put things right again.
No fedora bug reference, reported upstream:
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016166.html
Required by TCP queries retrying query on REDHAT.COM VPN, which offers
too many SRV records to fit into reply without EDNS0. That means length
of answer >512 bytes, as used by kinit implementation.
On /etc/resolv.conf of d-bus update of servers, dnsmasq did not update
dnsmasq_daemon->serverarray properly. Call refresh after each change.
When resolv.conf resolvers are cleared, dnsmasq_daemon->serverarray
were not properly refreshed. Force refresh as part of removal.
Replaces original upstream commit, which fixed only some use-cases:
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=d290630d31f4517ab26392d00753d1397f9a4114
Resolves: rhbz#2009975
Related: rhbz#2014019
Fixes just regression caused by security patches. When multiple requests
from different address families join one query, error is emitted on
reply receive.
Dnsmasq now accepts in default configuration queries only from
localhost. It received queries from any interface on the computer
before. It just dropped queries coming from wrong interfaces.
This change makes it listen only on specified interfaces. Queries coming
from different interfaces would receive ICMP error right away. Makes it
easier to understand why dnsmasq is not answering to those queries.
Enable nice checkout with --with sourcegit. It would not base sources
directory on tarball, but from git repository configured in spec.
Simplifies backporting a new patch from upstream.
Make sure IPv4 requests search only in IPv4 contexts and vice versa. Do
not accept IPv4 record for IPv6 requests, as it would lead to defined
assignment.
