aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--package/network/services/dnsmasq/Makefile10
-rw-r--r--package/network/services/dnsmasq/files/dhcpbogushostname.conf8
-rw-r--r--package/network/services/dnsmasq/files/dnsmasq.init14
-rw-r--r--package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch2
-rw-r--r--package/network/services/dnsmasq/patches/240-ubus.patch128
5 files changed, 25 insertions, 137 deletions
diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile
index 7b95d5dccf..5e76579e4b 100644
--- a/package/network/services/dnsmasq/Makefile
+++ b/package/network/services/dnsmasq/Makefile
@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=dnsmasq
-PKG_VERSION:=2.80test3
+PKG_VERSION:=2.80
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/test-releases
-PKG_HASH:=af9f6fd13e0d6c5a68059bcf8634c2784c0533017fd48fbaf59cd2955342d301
+PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq
+PKG_HASH:=cdaba2785e92665cf090646cba6f94812760b9d7d8c8d0cfb07ac819377a63bb
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
@@ -124,7 +124,8 @@ Package/dnsmasq-full/conffiles = $(Package/dnsmasq/conffiles)
TARGET_CFLAGS += -ffunction-sections -fdata-sections
TARGET_LDFLAGS += -Wl,--gc-sections
-COPTS = $(if $(CONFIG_IPV6),,-DNO_IPV6)
+COPTS = -DHAVE_UBUS \
+ $(if $(CONFIG_IPV6),,-DNO_IPV6)
ifeq ($(BUILD_VARIANT),nodhcpv6)
COPTS += -DNO_DHCP6
@@ -165,6 +166,7 @@ define Package/dnsmasq/install
$(INSTALL_DIR) $(1)/etc/hotplug.d/tftp
$(INSTALL_DATA) ./files/dnsmasqsec.hotplug $(1)/etc/hotplug.d/ntp/25-dnsmasqsec
$(INSTALL_DIR) $(1)/usr/share/dnsmasq
+ $(INSTALL_DATA) ./files/dhcpbogushostname.conf $(1)/usr/share/dnsmasq/
$(INSTALL_DATA) ./files/rfc6761.conf $(1)/usr/share/dnsmasq/
$(INSTALL_DIR) $(1)/usr/lib/dnsmasq
$(INSTALL_BIN) ./files/dhcp-script.sh $(1)/usr/lib/dnsmasq/dhcp-script.sh
diff --git a/package/network/services/dnsmasq/files/dhcpbogushostname.conf b/package/network/services/dnsmasq/files/dhcpbogushostname.conf
new file mode 100644
index 0000000000..e83b6975d0
--- /dev/null
+++ b/package/network/services/dnsmasq/files/dhcpbogushostname.conf
@@ -0,0 +1,8 @@
+# dhcpbogushostname.conf included configuration file for dnsmasq
+#
+# includes a list of hostnames that should not be associated with dhcp leases
+# in response to CERT VU#598349
+# file included by default, option dhcpbogushostname 0 to disable
+
+dhcp-name-match=set:dhcp_bogus_hostname,localhost
+dhcp-name-match=set:dhcp_bogus_hostname,wpad
diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init
index c1ae0934fd..9c922eec6c 100644
--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -16,6 +16,7 @@ BASEHOSTFILE="/tmp/hosts/dhcp"
TRUSTANCHORSFILE="/usr/share/dnsmasq/trust-anchors.conf"
TIMEVALIDFILE="/var/state/dnsmasqsec"
BASEDHCPSTAMPFILE="/var/run/dnsmasq"
+DHCPBOGUSHOSTNAMEFILE="/usr/share/dnsmasq/dhcpbogushostname.conf"
RFC6761FILE="/usr/share/dnsmasq/rfc6761.conf"
DHCPSCRIPT="/usr/lib/dnsmasq/dhcp-script.sh"
@@ -813,6 +814,7 @@ dnsmasq_start()
append_bool "$cfg" localise_queries "--localise-queries"
append_bool "$cfg" readethers "--read-ethers"
append_bool "$cfg" dbus "--enable-dbus"
+ append_bool "$cfg" ubus "--enable-ubus" 1
append_bool "$cfg" expandhosts "--expand-hosts"
config_get tftp_root "$cfg" "tftp_root"
[ -n "$tftp_root" ] && mkdir -p "$tftp_root" && append_bool "$cfg" enable_tftp "--enable-tftp"
@@ -869,9 +871,6 @@ dnsmasq_start()
ADD_LOCAL_FQDN="$ADD_LOCAL_HOSTNAME"
fi
- config_get_bool readethers "$cfg" readethers
- [ "$readethers" = "1" -a \! -e "/etc/ethers" ] && touch /etc/ethers
-
config_get user_dhcpscript $cfg dhcpscript
if has_handler || [ -n "$user_dhcpscript" ]; then
xappend "--dhcp-script=$DHCPSCRIPT"
@@ -958,6 +957,13 @@ dnsmasq_start()
config_foreach filter_dnsmasq host dhcp_host_add "$cfg"
echo >> $CONFIGFILE_TMP
+
+ config_get_bool dhcpbogushostname "$cfg" dhcpbogushostname 1
+ [ "$dhcpbogushostname" -gt 0 ] && {
+ xappend "--dhcp-ignore-names=tag:dhcp_bogus_hostname"
+ [ -r "$DHCPBOGUSHOSTNAMEFILE" ] && xappend "--conf-file=$DHCPBOGUSHOSTNAMEFILE"
+ }
+
config_foreach filter_dnsmasq boot dhcp_boot_add "$cfg"
config_foreach filter_dnsmasq mac dhcp_mac_add "$cfg"
config_foreach filter_dnsmasq tag dhcp_tag_add "$cfg"
@@ -1022,7 +1028,7 @@ dnsmasq_start()
procd_set_param respawn
procd_add_jail dnsmasq ubus log
- procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE $RFC6761FILE /etc/passwd /etc/group /etc/TZ /dev/null /dev/urandom $dnsmasqconffile $dnsmasqconfdir $resolvfile $user_dhcpscript /etc/hosts /etc/ethers /sbin/hotplug-call $EXTRA_MOUNT $DHCPSCRIPT
+ procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE $RFC6761FILE $DHCPBOGUSHOSTNAMEFILE /etc/passwd /etc/group /etc/TZ /dev/null /dev/urandom $dnsmasqconffile $dnsmasqconfdir $resolvfile $user_dhcpscript /etc/hosts /etc/ethers /sbin/hotplug-call $EXTRA_MOUNT $DHCPSCRIPT
procd_add_jail_mount_rw /var/run/dnsmasq/ $leasefile
procd_close_instance
diff --git a/package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch b/package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch
index 37b11abc1d..2501079b3f 100644
--- a/package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch
+++ b/package/network/services/dnsmasq/patches/230-fix-poll-h-include-warning-on-musl.patch
@@ -7,7 +7,7 @@ Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
-@@ -88,7 +88,7 @@ typedef unsigned long long u64;
+@@ -95,7 +95,7 @@ typedef unsigned long long u64;
#if defined(HAVE_SOLARIS_NETWORK)
# include <sys/sockio.h>
#endif
diff --git a/package/network/services/dnsmasq/patches/240-ubus.patch b/package/network/services/dnsmasq/patches/240-ubus.patch
deleted file mode 100644
index 2fa9f48d12..0000000000
--- a/package/network/services/dnsmasq/patches/240-ubus.patch
+++ /dev/null
@@ -1,128 +0,0 @@
---- a/src/dnsmasq.c
-+++ b/src/dnsmasq.c
-@@ -19,6 +19,8 @@
-
- #include "dnsmasq.h"
-
-+#include <libubus.h>
-+
- struct daemon *daemon;
-
- static volatile pid_t pid = 0;
-@@ -32,6 +34,64 @@ static void fatal_event(struct event_des
- static int read_event(int fd, struct event_desc *evp, char **msg);
- static void poll_resolv(int force, int do_reload, time_t now);
-
-+static struct ubus_context *ubus;
-+static struct blob_buf b;
-+
-+static struct ubus_object_type ubus_object_type = {
-+ .name = "dnsmasq",
-+};
-+
-+static struct ubus_object ubus_object = {
-+ .name = "dnsmasq",
-+ .type = &ubus_object_type,
-+};
-+
-+void ubus_event_bcast(const char *type, const char *mac, const char *ip, const char *name, const char *interface)
-+{
-+ if (!ubus || !ubus_object.has_subscribers)
-+ return;
-+
-+ blob_buf_init(&b, 0);
-+ if (mac)
-+ blobmsg_add_string(&b, "mac", mac);
-+ if (ip)
-+ blobmsg_add_string(&b, "ip", ip);
-+ if (name)
-+ blobmsg_add_string(&b, "name", name);
-+ if (interface)
-+ blobmsg_add_string(&b, "interface", interface);
-+ ubus_notify(ubus, &ubus_object, type, b.head, -1);
-+}
-+
-+static void set_ubus_listeners(void)
-+{
-+ if (!ubus)
-+ return;
-+
-+ poll_listen(ubus->sock.fd, POLLIN);
-+ poll_listen(ubus->sock.fd, POLLERR);
-+ poll_listen(ubus->sock.fd, POLLHUP);
-+}
-+
-+static void check_ubus_listeners()
-+{
-+ if (!ubus) {
-+ ubus = ubus_connect(NULL);
-+ if (ubus)
-+ ubus_add_object(ubus, &ubus_object);
-+ else
-+ return;
-+ }
-+
-+ if (poll_check(ubus->sock.fd, POLLIN))
-+ ubus_handle_event(ubus);
-+
-+ if (poll_check(ubus->sock.fd, POLLHUP)) {
-+ ubus_free(ubus);
-+ ubus = NULL;
-+ }
-+}
-+
- int main (int argc, char **argv)
- {
- int bind_fallback = 0;
-@@ -949,6 +1009,7 @@ int main (int argc, char **argv)
- set_dbus_listeners();
- #endif
-
-+ set_ubus_listeners();
- #ifdef HAVE_DHCP
- if (daemon->dhcp || daemon->relay4)
- {
-@@ -1079,6 +1140,8 @@ int main (int argc, char **argv)
- check_dbus_listeners();
- #endif
-
-+ check_ubus_listeners();
-+
- check_dns_listeners(now);
-
- #ifdef HAVE_TFTP
---- a/Makefile
-+++ b/Makefile
-@@ -85,7 +85,7 @@ all : $(BUILDDIR)
- @cd $(BUILDDIR) && $(MAKE) \
- top="$(top)" \
- build_cflags="$(version) $(dbus_cflags) $(idn2_cflags) $(idn_cflags) $(ct_cflags) $(lua_cflags) $(nettle_cflags)" \
-- build_libs="$(dbus_libs) $(idn2_libs) $(idn_libs) $(ct_libs) $(lua_libs) $(sunos_libs) $(nettle_libs) $(gmp_libs)" \
-+ build_libs="$(dbus_libs) $(idn2_libs) $(idn_libs) $(ct_libs) $(lua_libs) $(sunos_libs) $(nettle_libs) $(gmp_libs) -lubox -lubus" \
- -f $(top)/Makefile dnsmasq
-
- mostly_clean :
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -1445,6 +1445,8 @@ void emit_dbus_signal(int action, struct
- # endif
- #endif
-
-+void ubus_event_bcast(const char *type, const char *mac, const char *ip, const char *name, const char *interface);
-+
- /* ipset.c */
- #ifdef HAVE_IPSET
- void ipset_init(void);
---- a/src/rfc2131.c
-+++ b/src/rfc2131.c
-@@ -1636,6 +1636,10 @@ static void log_packet(char *type, void
- daemon->namebuff,
- string ? string : "",
- err ? err : "");
-+ if (!strcmp(type, "DHCPACK"))
-+ ubus_event_bcast("dhcp.ack", daemon->namebuff, addr ? inet_ntoa(a) : NULL, string ? string : NULL, interface);
-+ else if (!strcmp(type, "DHCPRELEASE"))
-+ ubus_event_bcast("dhcp.release", daemon->namebuff, addr ? inet_ntoa(a) : NULL, string ? string : NULL, interface);
- }
-
- static void log_options(unsigned char *start, u32 xid)