Difuse/difos
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

dnsmasq: various house-keeping updates

Browse source 
* Add Authoritative DNS and IPSET to full variant
* Remove some bloat from IPSET support
* Reintroduce "DHCP no address warning"-patch

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 41246
This commit is contained in:
Steven Barth 2014-06-18 10:04:34 +00:00
parent 132cbe5e29
commit 495b237cc4
4 changed files with 165 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
package/network/services/dnsmasq/Makefile
View file

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=dnsmasq PKG_NAME:=dnsmasq
PKG_VERSION:=2.71 PKG_VERSION:=2.71
PKG_RELEASE:=1 PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq
@ -28,7 +28,7 @@ include $(INCLUDE_DIR)/package.mk
define Package/dnsmasq/Default define Package/dnsmasq/Default
SECTION:=net SECTION:=net
CATEGORY:=Base system CATEGORY:=Base system
TITLE:=A lightweight DNS and DHCP server TITLE:=DNS and DHCP server
URL:=http://www.thekelleys.org.uk/dnsmasq/ URL:=http://www.thekelleys.org.uk/dnsmasq/
endef endef
@ -46,7 +46,7 @@ endef
define Package/dnsmasq-full define Package/dnsmasq-full
$(call Package/dnsmasq/Default) $(call Package/dnsmasq/Default)
TITLE += (with DHCPv6 and DNSSEC) TITLE += (with DNSSEC, DHCPv6, Auth DNS, IPSET)
DEPENDS:=@IPV6 +kmod-ipv6 +libnettle DEPENDS:=@IPV6 +kmod-ipv6 +libnettle
VARIANT:=full VARIANT:=full
endef endef
@ -64,7 +64,7 @@ endef
define Package/dnsmasq-full/description define Package/dnsmasq-full/description
$(call Package/dnsmasq/description) $(call Package/dnsmasq/description)
This is a variant with DHCPv6 and DNSSEC support This is a variant with DHCPv6, DNSSEC, Authroitative DNS and IPSET support
endef endef
define Package/dnsmasq/conffiles define Package/dnsmasq/conffiles
@ -78,7 +78,7 @@ Package/dnsmasq-full/conffiles = $(Package/dnsmasq/conffiles)
TARGET_CFLAGS += -ffunction-sections -fdata-sections TARGET_CFLAGS += -ffunction-sections -fdata-sections
TARGET_LDFLAGS += -Wl,--gc-sections TARGET_LDFLAGS += -Wl,--gc-sections
COPTS = $(if $(CONFIG_IPV6),,-DNO_IPV6) -DNO_IPSET -DNO_AUTH COPTS = $(if $(CONFIG_IPV6),,-DNO_IPV6)
ifeq ($(BUILD_VARIANT),nodhcpv6) ifeq ($(BUILD_VARIANT),nodhcpv6)
COPTS += -DNO_DHCP6 COPTS += -DNO_DHCP6
@ -87,6 +87,8 @@ endif
ifeq ($(BUILD_VARIANT),full) ifeq ($(BUILD_VARIANT),full)
COPTS += -DHAVE_DNSSEC COPTS += -DHAVE_DNSSEC
COPTS += $(if $(CONFIG_LIBNETTLE_MINI),-DNO_GMP,) COPTS += $(if $(CONFIG_LIBNETTLE_MINI),-DNO_GMP,)
else
COPTS += -DNO_AUTH -DNO_IPSET
endif endif
MAKE_FLAGS := \ MAKE_FLAGS := \

13
package/network/services/dnsmasq/patches/0001-Build-config-add-DNO_GMP-for-use-with-nettle-mini-gm.patch → package/network/services/dnsmasq/patches/001-Build-config-add-DNO_GMP-for-use-with-nettle-mini-gm.patch
View file

@ -10,11 +10,9 @@ Subject: [PATCH] Build config: add -DNO_GMP for use with nettle/mini-gmp
src/dnssec.c | 3 ++- src/dnssec.c | 3 ++-
4 files changed, 17 insertions(+), 4 deletions(-) 4 files changed, 17 insertions(+), 4 deletions(-)
diff --git a/Makefile b/Makefile
index c58b50b..17eeb27 100644
--- a/Makefile --- a/Makefile
+++ b/Makefile +++ b/Makefile
@@ -61,7 +61,7 @@ lua_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CON @@ -61,7 +61,7 @@ lua_cflags = `echo $(COPTS) | $(top)/
lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua5.1` lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua5.1`
nettle_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --cflags nettle hogweed` nettle_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --cflags nettle hogweed`
nettle_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --libs nettle hogweed` nettle_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --libs nettle hogweed`
@ -23,8 +21,6 @@ index c58b50b..17eeb27 100644
sunos_libs = `if uname | grep SunOS >/dev/null 2>&1; then echo -lsocket -lnsl -lposix4; fi` sunos_libs = `if uname | grep SunOS >/dev/null 2>&1; then echo -lsocket -lnsl -lposix4; fi`
version = -DVERSION='\"`$(top)/bld/get-version $(top)`\"' version = -DVERSION='\"`$(top)/bld/get-version $(top)`\"'
diff --git a/bld/pkg-wrapper b/bld/pkg-wrapper
index 9f9332d..0ddb678 100755
--- a/bld/pkg-wrapper --- a/bld/pkg-wrapper
+++ b/bld/pkg-wrapper +++ b/bld/pkg-wrapper
@@ -11,9 +11,14 @@ in=`cat` @@ -11,9 +11,14 @@ in=`cat`
@ -44,8 +40,6 @@ index 9f9332d..0ddb678 100755
elif grep "^\#[[:space:]]*define[[:space:]]*${search}_STATIC" config.h >/dev/null 2>&1 || \ elif grep "^\#[[:space:]]*define[[:space:]]*${search}_STATIC" config.h >/dev/null 2>&1 || \
echo $in | grep ${search}_STATIC >/dev/null 2>&1; then echo $in | grep ${search}_STATIC >/dev/null 2>&1; then
pkg=`$pkg --static $op $*` pkg=`$pkg --static $op $*`
diff --git a/src/config.h b/src/config.h
index 2155544..ee6d218 100644
--- a/src/config.h --- a/src/config.h
+++ b/src/config.h +++ b/src/config.h
@@ -105,6 +105,8 @@ HAVE_AUTH @@ -105,6 +105,8 @@ HAVE_AUTH
@ -69,8 +63,6 @@ index 2155544..ee6d218 100644
LEASEFILE LEASEFILE
CONFFILE CONFFILE
RESOLVFILE RESOLVFILE
diff --git a/src/dnssec.c b/src/dnssec.c
index 44d626b..2ffb75d 100644
--- a/src/dnssec.c --- a/src/dnssec.c
+++ b/src/dnssec.c +++ b/src/dnssec.c
@@ -26,7 +26,8 @@ @@ -26,7 +26,8 @@
@ -83,6 +75,3 @@ index 44d626b..2ffb75d 100644
#define SERIAL_UNDEF -100 #define SERIAL_UNDEF -100
#define SERIAL_EQ 0 #define SERIAL_EQ 0
--
2.0.0

47
package/network/services/dnsmasq/patches/100-fix-dhcp-no-address-warning.patch Normal file
View file

@ -0,0 +1,47 @@
--- a/src/dhcp.c
+++ b/src/dhcp.c
@@ -146,7 +146,7 @@ void dhcp_packet(time_t now, int pxe_fd)
struct iovec iov;
ssize_t sz;
int iface_index = 0, unicast_dest = 0, is_inform = 0;
- struct in_addr iface_addr;
+ struct in_addr iface_addr, *addrp = NULL;
struct iface_param parm;
#ifdef HAVE_LINUX_NETWORK
struct arpreq arp_req;
@@ -272,11 +272,9 @@ void dhcp_packet(time_t now, int pxe_fd)
{
ifr.ifr_addr.sa_family = AF_INET;
if (ioctl(daemon->dhcpfd, SIOCGIFADDR, &ifr) != -1 )
- iface_addr = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
- else
{
- my_syslog(MS_DHCP | LOG_WARNING, _("DHCP packet received on %s which has no address"), ifr.ifr_name);
- return;
+ addrp = &iface_addr;
+ iface_addr = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
}
for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
@@ -295,7 +293,7 @@ void dhcp_packet(time_t now, int pxe_fd)
parm.relay_local.s_addr = 0;
parm.ind = iface_index;
- if (!iface_check(AF_INET, (struct all_addr *)&iface_addr, ifr.ifr_name, NULL))
+ if (!iface_check(AF_INET, (struct all_addr *)addrp, ifr.ifr_name, NULL))
{
/* If we failed to match the primary address of the interface, see if we've got a --listen-address
for a secondary */
@@ -315,6 +313,12 @@ void dhcp_packet(time_t now, int pxe_fd)
complete_context(match.addr, iface_index, NULL, match.netmask, match.broadcast, &parm);
}
+ if (!addrp)
+ {
+ my_syslog(MS_DHCP | LOG_WARNING, _("DHCP packet received on %s which has no address"), ifr.ifr_name);
+ return;
+ }
+
if (!iface_enumerate(AF_INET, &parm, complete_context))
return;

110
package/network/services/dnsmasq/patches/110-ipset-remove-old-kernel-support.patch Normal file
View file

@ -0,0 +1,110 @@
--- a/src/ipset.c
+++ b/src/ipset.c
@@ -22,7 +22,6 @@
#include <errno.h>
#include <sys/types.h>
#include <sys/socket.h>
-#include <sys/utsname.h>
#include <arpa/inet.h>
#include <linux/version.h>
#include <linux/netlink.h>
@@ -72,7 +71,7 @@ struct my_nfgenmsg {
#define NL_ALIGN(len) (((len)+3) & ~(3))
static const struct sockaddr_nl snl = { .nl_family = AF_NETLINK };
-static int ipset_sock, old_kernel;
+static int ipset_sock;
static char *buffer;
static inline void add_attr(struct nlmsghdr *nlh, uint16_t type, size_t len, const void *data)
@@ -87,25 +86,7 @@ static inline void add_attr(struct nlmsg
void ipset_init(void)
{
- struct utsname utsname;
- int version;
- char *split;
-
- if (uname(&utsname) < 0)
- die(_("failed to find kernel version: %s"), NULL, EC_MISC);
-
- split = strtok(utsname.release, ".");
- version = (split ? atoi(split) : 0);
- split = strtok(NULL, ".");
- version = version * 256 + (split ? atoi(split) : 0);
- split = strtok(NULL, ".");
- version = version * 256 + (split ? atoi(split) : 0);
- old_kernel = (version < KERNEL_VERSION(2,6,32));
-
- if (old_kernel && (ipset_sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) != -1)
- return;
-
- if (!old_kernel &&
+ if (
(buffer = safe_malloc(BUFF_SZ)) &&
(ipset_sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_NETFILTER)) != -1 &&
(bind(ipset_sock, (struct sockaddr *)&snl, sizeof(snl)) != -1))
@@ -168,62 +149,16 @@ static int new_add_to_ipset(const char *
}
-static int old_add_to_ipset(const char *setname, const struct all_addr *ipaddr, int remove)
-{
- socklen_t size;
- struct ip_set_req_adt_get {
- unsigned op;
- unsigned version;
- union {
- char name[IPSET_MAXNAMELEN];
- uint16_t index;
- } set;
- char typename[IPSET_MAXNAMELEN];
- } req_adt_get;
- struct ip_set_req_adt {
- unsigned op;
- uint16_t index;
- uint32_t ip;
- } req_adt;
-
- if (strlen(setname) >= sizeof(req_adt_get.set.name))
- {
- errno = ENAMETOOLONG;
- return -1;
- }
-
- req_adt_get.op = 0x10;
- req_adt_get.version = 3;
- strcpy(req_adt_get.set.name, setname);
- size = sizeof(req_adt_get);
- if (getsockopt(ipset_sock, SOL_IP, 83, &req_adt_get, &size) < 0)
- return -1;
- req_adt.op = remove ? 0x102 : 0x101;
- req_adt.index = req_adt_get.set.index;
- req_adt.ip = ntohl(ipaddr->addr.addr4.s_addr);
- if (setsockopt(ipset_sock, SOL_IP, 83, &req_adt, sizeof(req_adt)) < 0)
- return -1;
-
- return 0;
-}
-
-
-
int add_to_ipset(const char *setname, const struct all_addr *ipaddr, int flags, int remove)
{
int af = AF_INET;
#ifdef HAVE_IPV6
if (flags & F_IPV6)
- {
af = AF_INET6;
- /* old method only supports IPv4 */
- if (old_kernel)
- return -1;
- }
#endif
- return old_kernel ? old_add_to_ipset(setname, ipaddr, remove) : new_add_to_ipset(setname, ipaddr, af, remove);
+ return new_add_to_ipset(setname, ipaddr, af, remove);
}
#endif