diff options
5 files changed, 25 insertions, 137 deletions
diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile index 7b95d5dccf..5e76579e4b 100644 --- a/package/network/services/dnsmasq/Makefile +++ b/package/network/services/dnsmasq/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dnsmasq -PKG_VERSION:=2.80test3 +PKG_VERSION:=2.80 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/test-releases -PKG_HASH:=af9f6fd13e0d6c5a68059bcf8634c2784c0533017fd48fbaf59cd2955342d301 +PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq +PKG_HASH:=cdaba2785e92665cf090646cba6f94812760b9d7d8c8d0cfb07ac819377a63bb PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=COPYING @@ -124,7 +124,8 @@ Package/dnsmasq-full/conffiles = $(Package/dnsmasq/conffiles) TARGET_CFLAGS += -ffunction-sections -fdata-sections TARGET_LDFLAGS += -Wl,--gc-sections -COPTS = $(if $(CONFIG_IPV6),,-DNO_IPV6) +COPTS = -DHAVE_UBUS \ + $(if $(CONFIG_IPV6),,-DNO_IPV6) ifeq ($(BUILD_VARIANT),nodhcpv6) COPTS += -DNO_DHCP6 @@ -165,6 +166,7 @@ define Package/dnsmasq/install $(INSTALL_DIR) $(1)/etc/hotplug.d/tftp $(INSTALL_DATA) ./files/dnsmasqsec.hotplug $(1)/etc/hotplug.d/ntp/25-dnsmasqsec $(INSTALL_DIR) $(1)/usr/share/dnsmasq + $(INSTALL_DATA) ./files/dhcpbogushostname.conf $(1)/usr/share/dnsmasq/ $(INSTALL_DATA) ./files/rfc6761.conf $(1)/usr/share/dnsmasq/ $(INSTALL_DIR) $(1)/usr/lib/dnsmasq $(INSTALL_BIN) ./files/dhcp-script.sh $(1)/usr/lib/dnsmasq/dhcp-script.sh diff --git a/package/network/services/dnsmasq/files/dhcpbogushostname.conf b/package/network/services/dnsmasq/files/dhcpbogushostname.conf new file mode 100644 index 0000000000..e83b6975d0 --- /dev/null +++ b/package/network/services/dnsmasq/files/dhcpbogushostname.conf @@ -0,0 +1,8 @@ +# dhcpbogushostname.conf included configuration file for dnsmasq +# +# includes a list of hostnames that should not be associated with dhcp leases +# in response to CERT VU#598349 +# file included by default, option dhcpbogushostname 0 to disable + +dhcp-name-match=set:dhcp_bogus_hostname,localhost +dhcp-name-match=set:dhcp_bogus_hostname,wpad diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init index c1ae0934fd..9c922eec6c 100644 --- a/package/network/services/dnsmasq/files/dnsmasq.init +++ b/package/network/services/dnsmasq/files/dnsmasq.init @@ -16,6 +16,7 @@ BASEHOSTFILE="/tmp/hosts/dhcp" TRUSTANCHORSFILE="/usr/share/dnsmasq/trust-anchors.conf" TIMEVALIDFILE="/var/state/dnsmasqsec" BASEDHCPSTAMPFILE="/var/run/dnsmasq" +DHCPBOGUSHOSTNAMEFILE="/usr/share/dnsmasq/dhcpbogushostname.conf" RFC6761FILE="/usr/share/dnsmasq/rfc6761.conf" DHCPSCRIPT="/usr/lib/dnsmasq/dhcp-script.sh" @@ -813,6 +814,7 @@ dnsmasq_start() append_bool "$cfg" localise_queries "--localise-queries" append_bool "$cfg" readethers "--read-ethers" append_bool "$cfg" dbus "--enable-dbus" + append_bool "$cfg" ubus "--enable-ubus" 1 append_bool "$cfg" expandhosts "--expand-hosts" config_get tftp_root "$cfg" "tftp_root" [ -n "$tftp_root" ] && mkdir -p "$tftp_root" && append_bool "$cfg" enable_tftp "--enable-tftp" @@ -869,9 +871,6 @@ dnsmasq_start() ADD_LOCAL_FQDN="$ADD_LOCAL_HOSTNAME" fi - config_get_bool readethers "$cfg" readethers - [ "$readethers" = "1" -a \! -e "/etc/ethers" ] && touch /etc/ethers - config_get user_dhcpscript $cfg dhcpscript if has_handler || [ -n "$user_dhcpscript" ]; then xappend "--dhcp-script=$DHCPSCRIPT" @@ -958,6 +957,13 @@ dnsmasq_start() config_foreach filter_dnsmasq host dhcp_host_add "$cfg" echo >> $CONFIGFILE_TMP + + config_get_bool dhcpbogushostname "$cfg" dhcpbogushostname 1 + [ "$dhcpbogushostname" -gt 0 ] && { + xappend "--dhcp-ignore-names=tag:dhcp_bogus_hostname" + [ -r "$DHCPBOGUSHOSTNAMEFILE" ] && xappend "--conf-file=$DHCPBOGUSHOSTNAMEFILE" + } + config_foreach filter_dnsmasq boot dhcp_boot_add "$cfg" config_foreach filter_dnsmasq mac dhcp_mac_add "$cfg" config_foreach filter_dnsmasq tag dhcp_tag_add "$cfg" @@ -1022,7 +1028,7 @@ dnsmasq_start() procd_set_param respawn procd_add_jail dnsmasq ubus log - procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE $RFC6761FILE /etc/passwd /etc/group /etc/TZ /dev/null /dev/urandom $dnsmasqconffile $dnsmasqconfdir $resolvfile $user_dhcpscript /etc/hosts /etc/ethers /sbin/hotplug-call $EXTRA_MOUNT $DHCPSCRIPT + procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE $RFC6761FILE $DHCPBOGUSHOSTNAMEFILE /etc/passwd /etc/group /etc/TZ /dev/null /dev/urandom $dnsmasqconffile $dnsmasqconfdir $resolvfile $user_dhcpscript /etc/hosts /etc/ethers /sbin/hotplug-call $EXTRA_MOUNT $DHCPSCRIPT procd_add_jail_mount_rw /var/run/dnsmasq/ $leasefile procd_close_instance diff --git a/package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch b/package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch index 37b11abc1d..2501079b3f 100644 --- a/package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch +++ b/package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch @@ -7,7 +7,7 @@ Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> --- a/src/dnsmasq.h +++ b/src/dnsmasq.h -@@ -88,7 +88,7 @@ typedef unsigned long long u64; +@@ -95,7 +95,7 @@ typedef unsigned long long u64; #if defined(HAVE_SOLARIS_NETWORK) # include <sys/sockio.h> #endif diff --git a/package/network/services/dnsmasq/patches/240-ubus.patch b/package/network/services/dnsmasq/patches/240-ubus.patch deleted file mode 100644 index 2fa9f48d12..0000000000 --- a/package/network/services/dnsmasq/patches/240-ubus.patch +++ /dev/null @@ -1,128 +0,0 @@ ---- a/src/dnsmasq.c -+++ b/src/dnsmasq.c -@@ -19,6 +19,8 @@ - - #include "dnsmasq.h" - -+#include <libubus.h> -+ - struct daemon *daemon; - - static volatile pid_t pid = 0; -@@ -32,6 +34,64 @@ static void fatal_event(struct event_des - static int read_event(int fd, struct event_desc *evp, char **msg); - static void poll_resolv(int force, int do_reload, time_t now); - -+static struct ubus_context *ubus; -+static struct blob_buf b; -+ -+static struct ubus_object_type ubus_object_type = { -+ .name = "dnsmasq", -+}; -+ -+static struct ubus_object ubus_object = { -+ .name = "dnsmasq", -+ .type = &ubus_object_type, -+}; -+ -+void ubus_event_bcast(const char *type, const char *mac, const char *ip, const char *name, const char *interface) -+{ -+ if (!ubus || !ubus_object.has_subscribers) -+ return; -+ -+ blob_buf_init(&b, 0); -+ if (mac) -+ blobmsg_add_string(&b, "mac", mac); -+ if (ip) -+ blobmsg_add_string(&b, "ip", ip); -+ if (name) -+ blobmsg_add_string(&b, "name", name); -+ if (interface) -+ blobmsg_add_string(&b, "interface", interface); -+ ubus_notify(ubus, &ubus_object, type, b.head, -1); -+} -+ -+static void set_ubus_listeners(void) -+{ -+ if (!ubus) -+ return; -+ -+ poll_listen(ubus->sock.fd, POLLIN); -+ poll_listen(ubus->sock.fd, POLLERR); -+ poll_listen(ubus->sock.fd, POLLHUP); -+} -+ -+static void check_ubus_listeners() -+{ -+ if (!ubus) { -+ ubus = ubus_connect(NULL); -+ if (ubus) -+ ubus_add_object(ubus, &ubus_object); -+ else -+ return; -+ } -+ -+ if (poll_check(ubus->sock.fd, POLLIN)) -+ ubus_handle_event(ubus); -+ -+ if (poll_check(ubus->sock.fd, POLLHUP)) { -+ ubus_free(ubus); -+ ubus = NULL; -+ } -+} -+ - int main (int argc, char **argv) - { - int bind_fallback = 0; -@@ -949,6 +1009,7 @@ int main (int argc, char **argv) - set_dbus_listeners(); - #endif - -+ set_ubus_listeners(); - #ifdef HAVE_DHCP - if (daemon->dhcp || daemon->relay4) - { -@@ -1079,6 +1140,8 @@ int main (int argc, char **argv) - check_dbus_listeners(); - #endif - -+ check_ubus_listeners(); -+ - check_dns_listeners(now); - - #ifdef HAVE_TFTP ---- a/Makefile -+++ b/Makefile -@@ -85,7 +85,7 @@ all : $(BUILDDIR) - @cd $(BUILDDIR) && $(MAKE) \ - top="$(top)" \ - build_cflags="$(version) $(dbus_cflags) $(idn2_cflags) $(idn_cflags) $(ct_cflags) $(lua_cflags) $(nettle_cflags)" \ -- build_libs="$(dbus_libs) $(idn2_libs) $(idn_libs) $(ct_libs) $(lua_libs) $(sunos_libs) $(nettle_libs) $(gmp_libs)" \ -+ build_libs="$(dbus_libs) $(idn2_libs) $(idn_libs) $(ct_libs) $(lua_libs) $(sunos_libs) $(nettle_libs) $(gmp_libs) -lubox -lubus" \ - -f $(top)/Makefile dnsmasq - - mostly_clean : ---- a/src/dnsmasq.h -+++ b/src/dnsmasq.h -@@ -1445,6 +1445,8 @@ void emit_dbus_signal(int action, struct - # endif - #endif - -+void ubus_event_bcast(const char *type, const char *mac, const char *ip, const char *name, const char *interface); -+ - /* ipset.c */ - #ifdef HAVE_IPSET - void ipset_init(void); ---- a/src/rfc2131.c -+++ b/src/rfc2131.c -@@ -1636,6 +1636,10 @@ static void log_packet(char *type, void - daemon->namebuff, - string ? string : "", - err ? err : ""); -+ if (!strcmp(type, "DHCPACK")) -+ ubus_event_bcast("dhcp.ack", daemon->namebuff, addr ? inet_ntoa(a) : NULL, string ? string : NULL, interface); -+ else if (!strcmp(type, "DHCPRELEASE")) -+ ubus_event_bcast("dhcp.release", daemon->namebuff, addr ? inet_ntoa(a) : NULL, string ? string : NULL, interface); - } - - static void log_options(unsigned char *start, u32 xid) |