| non port: dns/dnsmasq-devel/distinfo |
Number of commits found: 117 (showing only 100 on this page) |
|
Tuesday, 8 Jul 2025
|
22:09 Matthias Andree (mandree) 
dns/dnsmasq-devel: update to v2.92test16
Changelog:
* bceb528 2025-07-07 | Fix FTBFS on MacOS. (HEAD -> master, tag: v2.92test16)
[Simon Kelley]
* 84445de 2025-07-07 | Fix server selection for DS queries. [Simon Kelley]
* c70b92b 2025-06-24 | Add CG-NAT range to non-globally routed IP space per
RFC7793 (tag: v2.92test15)
[Rob Gill via Dnsmasq-discuss]
* 57e5824 2025-06-24 | Fix to 57f0489f384193f7c962fb2a20c9e2e867f86039 [Simon
Kelley]
MFH: 2025Q3
    69ddaec5 |
|
Monday, 23 Jun 2025
|
22:20 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test14
Upstream changelog since v2.92test13, all changes by Simon Kelley:
* ec8f3e6 2025-06-23 | Tweak domain-specific servers and DNSSEC code to treat
servers for plain names (server=//1.2.3.4) as domain-specific. (tag:
v2.92test14)
* 15841f1 2025-06-22 | Fix issue with fast file-descriptor close on *BSD.
* ade9749 2025-06-20 | Trvial formatting fix.
* 2b19285 2025-06-20 | Fix breakage of ipset on *BSD.
* a444715 2025-06-20 | Fix FTBFS on Jurassic gcc versions.
PR: 287324
MFH: 2025Q2
00b0a8a |
|
Monday, 9 Jun 2025
|
22:50 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test13
changes:
* 14e81b6 2025-06-06 | Additional sanity check in filter_servers(). (tag:
v2.92test13) [Simon Kelley]
* 6ce7f2d 2025-06-06 | Fix regression in
9e67099ce73c1105da3db9b611480bfadbf60c73 [Simon Kelley]
...which was this change in v2.92test4:
* 9e67099 2025-04-22 | Tidy up replies to non-QUERY DNS opcodes in auth mode.
[Simon Kelley]
MFH: 2025Q2
e709bb9 |
|
Wednesday, 4 Jun 2025
|
05:05 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test12
Upstream change:
* 287d6bc 2025-06-03 | Fix 5846f749e5d878b6b5f7c20f6975bc96b95e4aae (tag:
v2.92test12) [Simon Kelley]
Which revises this change in v2.92test11:
* 5846f74 2025-05-29 | Rewrite chunks of inotify.c to remove a memory leak.
[Simon Kelley]
MFH: 2025Q2
ca01f25 |
|
Tuesday, 3 Jun 2025
|
17:23 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test11
Changes since v2.92test10:
* c378d2c 2025-06-02 | Fix crash in filter_servers(). (tag: v2.92test11) [Simon
Kelley]
* 5846f74 2025-05-29 | Rewrite chunks of inotify.c to remove a memory leak.
[Simon Kelley]
* c9a4240 2025-05-24 | Unbreak compilation on non-Linux systems (FreeBSD)
[Matthias Andree]
(The latter was already in FreeBSD's port.)
MFH: 2025Q2
7db750b |
|
Saturday, 24 May 2025
|
19:48 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test10 with one FreeBSD patch
Changes since v2.92test9:
This one has been submitted upstream to unbreak compilation:
* e4bc90e 2025-05-24 | Unbreak compilation on non-Linux systems (FreeBSD)
[Matthias Andree]
These are part of the official v2.92test10:
* 90b2485 2025-05-24 | Remove compiler warnings for obscure combinations of
build options. (tag: v2.92test10) [Simon Kelley]
* ebef27f 2025-05-24 | Add TFTP options windowsize (RFC 7440) and timeout (RFC
2349). [Simon Kelley]
* 1861a88 2025-05-21 | Only define variable "a" if we HAVE_LINUX_NETWORK
[Matthias Andree]
* 96bdb42 2025-05-20 | Fix GCC's -Wunterminated-string-initialization warning in
edns0.c. [Matthias Andree]
* c7a909a 2025-05-21 | Add RRtypes HHIT and BRID to the table. [Simon Kelley]
MFH: 2025Q2
eea38a5 |
|
Monday, 19 May 2025
|
20:27 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test9
Changes since v2.92test8, by Simon Kelley
- fixes compiler warnings
- Overhaul extract_addresses() function.
The latter approximates to rewriting parts of the cache to make
it more correct and more useful, see this for details:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=e48a2af4f5e4c0fef9e4da9a591f672e725e3436;hp=e48a2af4f5e4c0fef9e4da9a591f672e725e3436
00c050e |
|
Thursday, 15 May 2025
|
21:05 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test8
Upstream's changes since test7 (by Simon Kelley):
* 91b800c 2025-05-14 | CHANGELOG update. (tag: v2.92test8)
* 075e4a5 2025-04-30 | --leasequery can now take a subnet argument.
* 48658eb 2025-04-23 | Add address filtering for leasequery.
* 692ed0d 2025-04-23 | Log source address of leasequeries.
* 43805c1 2025-04-04 | Omit message type from leasequery.c option dump.
* 4fbe1ad 2025-03-20 | Implement RFC-4388 DHCPv4 leasequery.
* 57c7ae8 2025-05-14 | CHANGELOG update.
* d100821 2025-05-14 | Better error message when rejecting a TFTP transfer.
MFH: 2025Q2
938eaea |
|
Monday, 12 May 2025
|
15:07 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test7
Changes since v2.925test5, all by Simon Kelley, newest first:
* b0aa604 2025-05-11 | Tidy-up of TCP-child pipe handling code. (tag:
v2.92test7)
* 8ddabd1 2025-05-09 | DNSSEC validation change for reverse lookups in RFC-1918
ranges and friends.
* 98189ff 2025-05-07 | Fix problems with ipset or nftset and TCP DNS transport.
(tag: v2.92test6)
MFH: 2025Q2
9ef50e9 |
|
Friday, 2 May 2025
|
13:17 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test5
Upstream changes since test4, by Simon Kelley:
* e86d53c 2025-04-29 | Fix some edge cases wth domains and
--address and --server.
* e127a97 2025-04-27 | Fix logging booboo.
MFH: 2025Q2
8ba6b66 |
|
Wednesday, 23 Apr 2025
|
21:50 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.92test4
Changes since 2.92test3, by Simon Kelley unless stated otherwise:
* a458c2b 2025-04-23 | Tidy up pipe-to-parent code in DNS TCP path. (tag:
v2.92test4)
* 9e67099 2025-04-22 | Tidy up replies to non-QUERY DNS opcodes in auth mode.
* cfa1313 2025-04-20 | Log format error from upstream as 'FORMERR' [Rob Gill]
* e3a2c8d 2025-04-20 | Add --log-queries=auth option.
I had cherry-picked this in FreeBSD's test3 port already:
* 95b74a7 2025-04-18 | Fix copy 'n paste error in DBUS server-statistics code.
MFH: 2025Q2
d14258b |
|
Monday, 21 Apr 2025
|
22:16 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test3 + 1 cherry-pick
Changes (newest first) since v2.92test2, by Simon Kelley unless
noted otherwise:
* 95b74a7 2025-04-18 | Fix copy 'n paste error in DBUS server-statistics code.
* ae57f84 2025-04-18 | Do a better job of 942a35f[...] (tag: v2.92test3)
* 0620309 2025-04-16 | Revise negative DNS caching to better comply with
RFC2308.
* 942a35f 2025-04-16 | Silence compiler warnings. [Opty]
MFH: 2025Q2
1925d27 |
|
Monday, 7 Apr 2025
|
07:32 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test2
Changes:
* 83658ef 2025-04-04 | Fix occasional crashes with DNSSEC and large nunbers of
--address configs. [Simon Kelley]
* b0b4d90 2025-03-29 | Multiple typo and spelling fixes. [Paul Donald]
MFH: 2025Q2
85ac19a |
|
Thursday, 20 Mar 2025
|
22:01 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.92test1
Changelog: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=v2.92test1
489e8d8 |
|
Saturday, 22 Feb 2025
|
12:39 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.91rc5
Upstream changes since rc4, all by Simon Kelley:
* 5990074 2025-02-21 | Fix stupid error in allocating 0x20-flip bitmaps.
* d17581c 2025-02-21 | Use correct packet length when 0x20 flipping truncated
packet.
* 2c9ed7f 2025-02-20 | Fix possible problems with case-encode bigmap array
allocation.
* 717ff6a 2025-02-10 | Update plen when getting retried query from stash.
MFH: 2025Q1
05d61c2 |
|
Tuesday, 11 Feb 2025
|
21:45 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.91rc4
Upstream git log since v2.91rc3, changes by Simon Kelley:
* f9f8d19 2025-02-09 | Yet another 0x20 fix.
Upstream has one more fix in Git,
so this isn't going to be the release yet.
MFH: 2025Q1
884bdef |
|
Saturday, 8 Feb 2025
|
22:40 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.91rc3
* bceab45 2025-02-07 | Fix 0x20 problem.
Also fix ordering of chrony vs. dnsmasq (from dns/dnsmasq main port)
MFH: 2025Q1
fe9d683 |
|
Friday, 7 Feb 2025
|
01:05 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.91rc2
changes since v2.91rc1:
* 368ceff 2025-02-06 | TFTP off-by-2 bugfix [Helge Deller]
* 77c4e95 2025-02-06 | Fix for case-sensitivity problems in DNS. [Simon Kelley]
* e44165c 2025-02-06 | Fix bug in 0x20 encoding. [Simon Kelley]
CHANGELOG addition:
| Fix a long-standing problem when two queries which are identical in
| every repect _except_ case, get combined by dnsmasq. If dnsmasq gets
| eg, two queries for example.com and Example.com in quick succession it
| will get the answer for example.com from upstream and send that answer
| to both requestors. This means that the query for Example.com will get
| an answer for example.com, and in the modern DNS, that answer may not
| be accepted.
MFH: 2025Q1
25b9e07 |
|
Wednesday, 5 Feb 2025
|
23:24 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.91rc1
Changes since 2.91test10, by Simon Kelley unless noted otherwise:
* a1a214c 2025-02-05 | Bump date on manpage.
* 94b7144 2025-02-05 | Fix c99ism added in
0b6144583b128330e7cffa105bc9ccbc4d6f0692
* e72910d 2025-02-05 | Spell check v2.91 CHANGELOG [Matthias Andree]
* 0b61445 2025-02-05 | Log failed TCP DNS connections upstream when --log-debug
active.
* f316673 2025-02-05 | Manpage typo.
* 5226b71 2025-02-03 | Add --no-0x20-encode config option.
* 1f84cde 2025-02-03 | Tweak to logging.
* 046bfa2 2025-01-31 | Clean up some of the man page formatting. [Paul Donald]
* 0762732 2025-02-01 | belt-and-braces extra call to check_log_writer() in
tcp_request()
MFH: 2025Q1
9c05711 |
|
Saturday, 1 Feb 2025
|
09:57 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.91test10
Git history:
* efb8f10 2025-01-23 | Fix potential memory leak [Brian Haley]
* 6dbdf16 2025-01-24 | Move debian submodule to submodules/dnsmasq-debian.
[Simon Kelley]
* 6e6a45a 2025-01-23 | Bump copyrights to 2025. [Simon Kelley]
MFH: 2025Q1
bbee93d |
|
Thursday, 23 Jan 2025
|
21:32 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.91test9
Upstream commit history, all changes by Simon Kelley:
* a4569c2 2025-01-20 | Correct BNF for --trust-anchor in manpage.
* 199e65c 2025-01-20 | Remove misleading comment.
* bb8811d 2025-01-20 | Convert DNS names in logs to all lower case.
* 995a16c 2025-01-19 | Implement "DNS-0x20 encoding".
* 65f9c1a 2025-01-19 | Case-sensitive matching of questions and answers.
Upstream CHANGELOG addition:
| Implement "DNS-0x20 encoding", for extra protection against
| reply-spoof attacks. Since DNS queries are case-insensitive, it's
| possible to randomly flip the case of letters in a query and still get
| the correct answer back.
| This adds an extra dimension for a cache-poisoning attacker to guess
| when sending replies in-the-blind since it's expected that the
| legitimate answer will have the same pattern of upper and lower case
| as the query, so any replies which don't can be ignored as malicious.
| The amount of extra entropy clearly depends on the number of a-z and
| A-Z characters in the query, and this implementation puts a hard limit
| of 32 bits to make rescource allocation easy. This about doubles
| entropy over the standard random ID and random port combination.
MFH: 2025Q1
8d75a12 |
|
Tuesday, 21 Jan 2025
|
20:20 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.91test8
Upstream CHANGELOG file addition:
| Handle DS queries to auth zones. When dnsmasq is configured to act as
| an authoritative server and has an authoritative zone configured, and
| recieves a query for that zone _as_forwarder_ it answers the query
| directly rather than forwarding it. This doesn't affect the answer, but
| it saves dnsmasq forwarding the query to the recusor upstream, whch then
| bounces it back to dnsmasq in auth mode. The exception should be when
| the query is for the root of zone, for a DS RR. The answer to that has
| to come from the parent, via the recursor, and will typically be a
| proof-of-nonexistence since dnsmasq doesn't support signed zones. This
| patch suppresses local answers and forces forwarding to the upstream
| recursor for such queries. It stops breakage when a DNSSEC validating
| client makes queries to dnsmasq acting as forwarder for a zone for which
| it is authoritative.
And commits:
* b72ecb3 2025-01-18 | Fix log message fields in wrong order in some auth
replies.
* c221030 2025-01-18 | Rename cache_validated() to cache_not_validated().
* 5bbea08 2025-01-18 | Fix subtle bug in arbitrary-RR caching.
* 622cf03 2025-01-18 | Fix fubar that could return unsigned NODATA response when
do bit set.
* 8ce2743 2025-01-17 | Handle DS queries to auth zones.
* 5d89462 2025-01-17 | Extend build fingerprinting to include CFLAGS.
e4f8962 |
|
Tuesday, 14 Jan 2025
|
21:35 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.91test7
The local patch got merged upstream and was removed.
This is the changelog since test6:
* da58455 2025-01-13 | Tweak 7d915a0bb94260073ec7aa4dd00b787f3ea4b9e8 (tag:
v2.91test7)
* b915c9a 2025-01-13 | Attempt to keep running if a child process dies.
* 424aaa0 2025-01-13 | Fix another 509afcd1d2f9edbd1e11c9abd0f335f02baa7fc4
SNAFU
* c72c895 2025-01-12 | Improve "no upstream servers configured" when D-Bus is
enabled [Andrew Sayers]
* b715611 2025-01-12 | Fix SNAFU in 509afcd1d2f9edbd1e11c9abd0f335f02baa7fc4
* 7d915a0 2025-01-12 | Don't do retries over UDP when we've sent the query by
TCP.
* 509afcd 2025-01-12 | Refactor poll() loop.
* 51343bd 2025-01-12 | Treat replies with CD flag set the same for UDP and TCP
code paths.
* b58276a 2025-01-12 | Return EDE OTHER error when DNSSEC validation abandoned.
* f162d34 2024-12-29 | cache: Fix potential NULL deref in arcane situations.
[Matthias Andree]
44de445 |
|
Wednesday, 8 Jan 2025
|
15:29 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.91test6.
Also include one potential cache.c NULL deref which I have
submitted upstream.
Upstream Git log:
* 0003db1 2025-01-07 | Fix crash introduced in
6656790f2498f2a0b21086bc4ab47a2e38429a7c (tag: v2.91test6)
* 275f4a4 2025-01-07 | Remove arbitrary workspace size limit. (tag: v2.91test5)
* 12e4565 2025-01-06 | Improve "chown of PID file failed" message for missing
CAP_CHOWN [Andrew Sayers]
* 7af26ee 2025-01-07 | Fix manpage typo. [Andrew Sayers]
* 63dc6eb 2025-01-07 | Fix read_write() changes for TCP timeout.
* 6656790 2025-01-07 | Handle queries with EDNS client subnet fields better.
* c8de423 2025-01-07 | Fix finger-trouble in immediately previous commit.
* c52653f 2025-01-06 | Correctly handle failure of pipe() call in swap_to_tcp()
* e24c341 2025-01-01 | Fix wrong packet size when dumpong packets to file.
c822c10 |
|
Tuesday, 31 Dec 2024
|
15:03 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.91test4.
Upstream Git history since our 2.91test3:
* 5ef6c8c 2024-12-30 | Extend fcb40ee73d04e1ffd46f8c19e537f118526f57ea to cover
"Make install-i18n" (tag: v2.91test4, origin/master, origin/HEAD) [Simon Kelley]
* 7c348a0 2024-12-24 | Extend d578da0665c496ca709c25ae8d6963d1bff141c4 to
Linux-only code. [Simon Kelley]
* d578da0 2024-12-24 | Fix FTBFS when using -pedantic compiler flag. [Matthias
Andree]
* 8949ef4 2024-12-24 | Update DE translation. [Conrad Kostecki]
The patches I shipped in earlier 2.91test2/test3 have been integrated
upstream with d578da0 and are no longer needed.
Let's swap FreeBSD's distcache in first place because the upstream
master site is slow, let's relieve it a bit.
eedecab |
|
Sunday, 29 Dec 2024
|
21:10 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.91test2 plus warning fixes
I am also adding a set of fixes I've also sent upstream,
to make this compile without GNU extensions under -pedantic-errors.
Upstream Git history since test1, author Simon Kelley unless stated
otherwise.
* 0f437b3 2024-12-20 | Banish compiler warnings. (tag: v2.91test2,
origin/master, origin/HEAD)
* 8a5fe8c 2024-12-20 | Extend the code to effciently close unwanted file
descriptors to *BSD.
* 2a664c0 2024-12-20 | bpf.c: Follow callback updates. [Matthias Andree]
* 4902807 2024-12-20 | Fix [-Wgnu-variable-sized-type-not-at-end] warning.
* 742af6e 2024-12-20 | Refactor receive_query() to removed duplicated code.
* 3eb008c 2024-12-19 | Further refactoring of the TCP DNS codepath.
* 32248eb 2024-12-19 | Fix thinko in 3b74df4f55b1107b051183d6b628eb02933cb00a
592a171 |
21:10 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.91test3.
This still needs my patches added for test2; while the public
repo as of this commit does not have the v2.91test3 tag,
I suppose it's 3ac11cd from looking at the tarball; we have
DSYNC added to src/cache.c but not the de.po update.
This makes for the upstream changes since v2.91test2 then:
* 3ac11cd 2024-12-22 | Add newly assigned RRTYPE DSYNC [DL6ER]
* 5d49fa1 2024-07-26 | Add newly assigned RRTYPEs NXNAME, CLA, and IPN [DL6ER]
* d29d19e 2024-06-21 | Add newly assigned RRTYPE WALLET (262) [DL6ER]
* 49ea7db 2024-12-23 | Fix c9bc0156a8d36d56735831cb81e786d628ed73e [Simon
Kelley]
* fcb40ee 2023-10-16 | Fix dependency in make install target [Olaf Hering]
4c9b868 |
|
Friday, 20 Dec 2024
|
14:43 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.91test1
ChangeLog:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=8982a93cb95c074e652a19b6f2a6a33dfffba04a;hb=5d32f35bdcd6105acc206e0afd0516dee2dd1439
Note the test I've added has not seen serious testing, it's just
to fix compiles, and might impair how we enumerate interfaces.
I've sent it upstream to the dnsmasq-discuss@ mailing list so Simon or
other people are aware and can provide a different fix.
This is a TEST release, treat it as such.
95b16c6 |
|
Tuesday, 13 Feb 2024
|
07:09 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.90test4
Changelog: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=2d46ae440610eea4b266dfa143cd413def94c7d3;hb=8c8e5385fd462689ed07d7805dcee0b95821419b
ae3af87 |
|
Wednesday, 31 Jan 2024
|
22:04 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.90test3
ChangeLog: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=2ce53a81079810ae43588607f43851dabb5db38d;hb=db07664f2a75a1c8f1e42aab763db6f56782efb8
189a992 |
|
Friday, 27 Jan 2023
|
20:49 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.89test1
ChangeLog:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=v2.89test1
+ unlisted change "Add --no-ident option" (see doc/dnsmasq.8 linked here:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=e5e8cae1ca4bbbabc1eca707eb3480e83e793fdf
2111e9c |
|
Sunday, 27 Nov 2022
|
12:50 Matthias Andree (mandree)
dns/dnsmasq-devel: update to rc5
CHANGELOG diff vs. rc3:
Optimise reading large numbers of --server options. When re-reading
upstream servers from /etc/resolv.conf or other sources that
can change dnsmasq tries to avoid memory fragmentation by re-using
existing records that are being re-read unchanged. This involves
seaching all the server records for each new one installed.
During startup this search is pointless, and can cause long
start times with thousands of --server options because the work
needed is O(n^2). Handle this case more intelligently.
Thanks to Ye Zhou for spotting the problem and an initial patch.
If we detect that a DNS reply from upstream is malformed don't
return it to the requestor; send a SEVFAIL rcode instead.
eb7af30 |
|
Thursday, 17 Nov 2022
|
20:48 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.88rc3
Changelog: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=8d55a3683039be38f9bb09c061a9a8c0195c74de;hb=3e306c1202529d76424f9d24db79b7ae19856fab#l1
a649c64 |
|
Thursday, 8 Sep 2022
|
18:24 Matthias Andree (mandree)
dns/dnsmasq-devel: 2.87rc1 release candidate
Changes since test9:
+ Tweak DHCPv6 relay code so that packets relayed towards a server
have source address on the server-facing network, not the
client facing network. Thanks to Luis Thomas for spotting this
and initial patch.
fc85d84 |
|
Friday, 12 Aug 2022
|
18:57 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.87test9
CHANGELOG difference in Git between test8 and test9
* Enhance --domain to accept, for instance,
--domain=net2.thekelleys.org.uk,eth2 so that hosts get a domain
which relects the interface they are attached to in a way which
doesn't require hard-coding addresses. Thanks to Sten Spans for
the idea.
* Fix write-after-free error in DHCPv6 server code.
CVE-2022-0934 refers.
* Add the ability to specify destination port in
DHCP-relay mode. This change also removes a previous bug
where --dhcp-alternate-port would affect the port used
to relay _to_ as well as the port being listened on.
The new feature allows configuration to provide bug-for-bug
compatibility, if required. Thanks to Damian Kaczkowski
for the feature suggestion.
* Bound the value of UDP packet size in the EDNS0 header of
forwarded queries to the configured or default value of
edns-packet-max. There's no point letting a client set a larger
value if we're unable to return the answer. Thanks to Bertie
Taylor for pointing out the problem and supplying the patch.
* Fix problem with the configuration
--server=/some.domain/# --address=/#/<ip> --server=<server_ip>
This would return <ip> for queries in some.domain, rather than
forwarding the query via the default server.
37b050f |
|
Wednesday, 9 Feb 2022
|
18:56 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.87test8
new CHANGELOG entries since test7:
- Fix problem with binding DHCP sockets to an individual interface.
Despite the fact that the system call tales the interface _name_ as a
parameter, it actually, binds the socket to interface _index_.
Deleting the interface and creating a new one with the same name
leaves the socket bound to the old index. (Creating new sockets always
allocates a fresh index, they are not reused). We now take this
behaviour into account and keep up with changing indexes.
- Add --conf-script configuration option.
c331ef6 |
|
Sunday, 6 Feb 2022
|
11:23 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.87test7
with one patch by Johnny S. Lee via mailing list to
avoid a build failure on *BSD.
6fc24ef |
|
Thursday, 2 Sep 2021
|
20:38 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.86rc3
Git change:
* c83e33d 2021-09-01 | Final logging tweaks. [Dominik DL6ER]
17426ba |
|
Wednesday, 1 Sep 2021
|
19:50 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.86rc2
Git history:
* 7b80c75 2021-08-31 | Rationalise query-reply logging. [Simon Kelley]
* 79337f9 2021-08-29 | Support limited wildcards in the input tags for
--tag-if. [Geoff Back]
a41b136 |
|
Wednesday, 25 Aug 2021
|
15:59 Matthias Andree (mandree)
dns/dnsmasq-devel: update to rc1 release candidate
Changes:
* a42ee39 2021-08-16 | Man page BNF error fix. [Geert Stappers]
* e58f8bb 2021-08-25 | Merge message changes into I18N files. [Simon Kelley]
* 58cf958 2021-08-20 | Fix empty domain in server option parsing when more than
one domain is given [Dominik DL6ER]
* 06d01f7 2021-07-22 | Make comment style consistent. [Etan Kissling]
* 1a33eec 2021-07-22 | Adjust logging levels for connmark patterns. [Etan
Kissling]
* 82de7a1 2021-07-22 | Re-order UBus teardown logic. [Etan Kissling]
* 8e9bde5 2021-07-22 | Eliminate redundant UBus `notify` variable. [Etan
Kissling]
* 1bb70e0 2021-07-22 | Handle UBus serialization errors. [Etan Kissling]
* 9afcb7a 2021-08-12 | Revert "There was a `notify` variable to keep track
whether a subscriber is" [Simon Kelley]
* 545c495 2021-08-12 | Revert "Re-order UBus teardown logic." [Simon Kelley]
* 2f2d59b 2021-08-12 | Define order of reading files when --addn-hosts given a
directory. [Simon Kelley]
CHANGELOG addition:
+ When --dhcp-hostsfile --dhcp-optsfile and --addn-hosts are
+ given a directory as argument, define the order in which
+ files within that directory are read (alphabetical order
+ of filename). Thanks to Ed Wildgoose for the initial patch
+ and motivation for this.
6473688 |
|
Thursday, 19 Aug 2021
|
15:56 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.86test7
Changes since test6, per Git, without merges, and by Simon Kelley unless
noted otherwise:
* a1729de 2021-08-11 | Fiz sizeof() confusion in 527c3c7 (tag:
v2.86test7)
* fc64b97 2021-08-10 | dhcp_buff2 not availble in log_packet, use
daemon->addrbuff
* a163c63 2021-08-05 | CONNTRACK needs CAP_NET_ADMIN.
* 527c3c7 2021-08-10 | Remove remaining uses of deprecated inet_ntoa()
[Petr MenÅ¡Ãk]
* fcb4dca 2021-08-10 | Remove remaining uses of deprecated inet_addr()
function. [Petr MenÅ¡Ãk]
* 3ca4995 2021-08-10 | CHANGELOG: spell-check [Matthias Andree]
* d387f8f 2021-07-22 | Re-order UBus teardown logic. [Etan Kissling]
* ea43234 2021-08-10 | There was a `notify` variable to keep track
whether a subscriber is observing our UBus object. However, it was not
properly cleaned up in `ubus_destroy`, potentially becoming stale over
UBus reconnections. The variable was removed and the current state is
examined when sending notifications, similarly as is done in other
existing OpenWrt code. [Etan Kissling]
* 867e56a 2021-08-08 | Fix NOERR/NXDOMAIN in answers configured by
--domain-needed.
47af927e |
|
Thursday, 22 Jul 2021
|
08:40 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.86test6
CHANGELOG additions since test5:
* Allow smaller then 64 prefix lengths in synth-domain, with caveats.
--synth-domain=1234:4567::/56,example.com is now valid.
* Make domains generated by --synth-domain appear in replies
when in authoritative mode.
Git log since v2.86test5:
* 8389b94 2021-07-21 | Better fix than f2266d9678d71633d62d70238be3782ea74019c9
(tag: v2.86test6) [Simon Kelley]
* f2266d9 2021-07-21 | Add UINT32_MAX if not defined by system. [Simon Kelley]
* 56bd806 2021-07-21 | Typo in new EDE code. [Simon Kelley]
* ac7eeea 2021-07-21 | Handle empty hostmaster in --auth-soa [Simon Kelley]
* b741059 2021-07-20 | Detect malformed --dhcp-relay option. [Simon Kelley]
* cbd9842 2021-07-20 | Fix argument checking for --dhcp-match. [Simon Kelley]
* 32e15c3 2021-07-20 | canonicalise_opt must always return heap memory. [Simon
Kelley]
* f0dc324 2021-07-20 | Checks on prefix-length in --domain --synth-domain and
--rev-server. [Simon Kelley]
* f83c6cf 2021-07-20 | Return REFUSED in auth mode when we are not authoritative
for the query. [Simon Kelley]
* c068b3a 2021-07-19 | --synth-domain now works in auth mode. [Simon Kelley]
* adf9dec 2021-07-18 | Allow shorter IPv6 prefix lengths in (some)
--synth-domain options. [Simon Kelley]
* 767d9cb 2021-07-09 | Add --quiet-tftp. [Kevin Darbyshire-Bryant]
35d8b4a |
|
Friday, 16 Jul 2021
|
16:26 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.86test5
git history since test4:
* e7ccd95 2021-07-09 | Add EDE return when no matching key found. (tag:
v2.86test5) [Dominik DL6ER]
* 719f79a 2021-07-06 | Subtle change to priority of --server types. [Simon
Kelley]
* 96f6444 2021-07-05 | Fix thinko in a92c6d77dcd475579c39bdff141f5eb128e2a048
[Kevin Darbyshire-Bryant]
* df25f20 2021-07-05 | Fix logical error in
d0ae3f5a4dc094e8fe2a3c607028c1c59f42f473 [Simon Kelley]
* 8acdc3e 2021-07-04 | Add calls to dump internally generated answers for
dumpmask=0x0002 [Simon Kelley]
* 857b445 2021-07-04 | Fix order of calls to resize-packet() and
add_pseudoheader(). [Simon Kelley]
* 5bcca12 2021-07-04 | Support IPv6 in --bogus-nxdomian and --ignore-address
[Simon Kelley]
* 4558c26 2021-07-04 | Make --rebind-localhost-ok apply to :: and 0.0.0.0 [Simon
Kelley]
* a92c6d7 2021-07-03 | Tidy domain parsing, make --server=/*/1.2.3.4 equivalent
to --server=1.2.3.4 [Simon Kelley]
* 0c95a5f 2021-07-02 | Modify and propagate changed lease. [Petr MenÅ¡Ãk]
* cb6d06b 2021-07-01 | Rationalise SERV_MARK use. [Simon Kelley]
* 3ef955c 2021-07-01 | Fix oversight in build_server_array(). [Simon Kelley]
* 5e95c16 2021-07-01 | Allow wildcards in domain patterns. [Simon Kelley]
* 4205e2e 2021-07-01 | Reuse workspace bit in struct server ->flags. [Simon
Kelley]
* 9d806c5 2021-06-29 | Fix ipset support. [Etan Kissling]
* a38bb31 2021-06-30 | Revert "Treat failure of ubus_add_object() in ubus_init()
as retry-able." [Simon Kelley]
* 8a1ef36 2021-06-27 | Treat failure of ubus_add_object() in ubus_init() as
retry-able. [Simon Kelley]
* 1291865 2021-06-27 | Fix trivial breakage of DBUS done by
85bc7534dae7711f6c82742feaa7dacb41af3f36 [Simon Kelley]
* a9ebbee 2021-06-27 | Compiler warnings. [Simon Kelley]
* 06df5ad 2021-06-27 | Tidy up interface to dbus and ubus modules. [Simon
Kelley]
0184db0 |
|
Monday, 28 Jun 2021
|
19:35 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.86test4
Changes, taken from upstream Git log
(all by Simon Kelley, upstream maintainer):
* 66b863c 2021-06-26 | Fix problem with re-allocation of serverarray.
* c9efe8e 2021-06-26 | Rationalise domain parsing for --rev-server and --domain.
* d515223 2021-06-26 | Don't re-use datastructures for --address and --local.
* b908f43 2021-06-26 | Merge branch 'extended-error'
|\
| * 6261aba 2021-06-26 | Initial implementation of RFC-8914 extended DNS errors.
| * 11c52d0 2021-06-21 | Initial changes for extended DNS error codes.
* 85bc753 2021-06-25 | Rationalise --server parsing and datastructure building.
* 1b30fd1 2021-06-25 | Merge branch 'master' of
ssh://thekelleys.org.uk/var/local/git/dnsmasq
* 8c9196b 2021-06-24 | Correct domain search algorithm.
d23863a |
|
Friday, 25 Jun 2021
|
20:13 Matthias Andree (mandree)
dns/dnsmasq-devel: update to v2.86test3
Git history between v2.86test2 and v2.86test3:
* b1daf44 2021-06-24 | Correct domain search algorithm. (tag: v2.86test3) [Simon
Kelley]
* be291d9 2021-06-21 | Include EDNS0 in connmark REFUSED replies. [Simon Kelley]
* 6d1edd8 2021-06-21 | Use correct packet-size limit in make_local_answer()
[Simon Kelley]
* 25ff956 2021-06-21 | Tidy up name buffer use in report_addresses(). [Simon
Kelley]
* 3817950 2021-06-21 | CHANGELOG entry for new connmark code. [Simon Kelley]
* 5f7be5f 2021-06-21 | Fix compiler warning. [Simon Kelley]
* 627056f 2021-06-16 | Connection track mark based DNS query filtering. [Etan
Kissling]
* cbd7644 2021-06-21 | Further work from
a0a3b8ad3e91db5181023fceea6732eb6c6f0759 [Simon Kelley]
* a60a233 2021-06-20 | Fix bug introduced in
6860cf932baeaf1c2f09c2a58e38be189ae394de [Simon Kelley]
* a0a3b8a 2021-06-20 | Fix bug in 6860cf932baeaf1c2f09c2a58e38be189ae394de
[Simon Kelley]
* d0ae3f5 2021-06-17 | Fix specific NOERR/NXDOMAIN confusion. [Simon Kelley]
* 6860cf9 2021-06-17 | Optimise lokkup_domain() [Simon Kelley]
* 0276e08 2021-06-16 | merge development machines. Merge branch 'master' of
ssh://thekelleys.org.uk/var/local/git/dnsmasq [Simon Kelley]
|\
| * 1a3b69a 2021-06-16 | Fix error in new domain-search code. [Simon Kelley]
* 06ff3d8 2021-06-16 | Log the correct name when we retry a DNSSEC query. [Simon
Kelley]
* 8237d06 2021-06-15 | Typo in FAQ. [Simon Kelley]
d52c9b5 |
|
Wednesday, 16 Jun 2021
|
15:46 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.86test2
* 1c9f136 2021-06-15 | Man page update, lease times can be given in days or
weeks. (tag: v2.86test2) [Simon Kelley]
* 5ab7e4a 2021-06-14 | Improve efficiency of DNSSEC. [Simon Kelley]
* 3236f35 2021-06-13 | Revise resource handling for number of concurrent DNS
queries. [Simon Kelley]
* 4a6550d 2021-06-10 | Move make_local_answer() to domain-match.c
(refs/bisect/bad) [Simon Kelley]
* ff523d0 2021-06-10 | Fix TCP replies with --domain-needed. [Simon Kelley]
* 3c93e8e 2021-06-08 | Re-order UBus initialisation to avoid logging before logs
set up. [Simon Kelley]
Reported by: portscout
d4ba4c5 |
|
Saturday, 12 Jun 2021
|
10:36 Matthias Andree (mandree)
dns/dnsmasq-devel: update to 2.86test1.
4f76735 |
10:36 Matthias Andree (mandree)
dns/dnsmasq-devel: revive from 6a7b12367
f892b65 |
|
Friday, 9 Apr 2021
|
15:02 Antoine Brodin (antoine)
Finish removal of dns/dnsmasq-devel
98bc55d |
|
Saturday, 27 Mar 2021
|
12:40 mandree
dns/dnsmasq-devel: update to v2.85rc2
* ea28d0e 2021-03-26 | Scale the DNS random scket pool on the value of
dns-forward-max. (HEAD -> master, tag: v2.85rc2, origin/master, origin/HEAD)
[Simon Kelley]
* 4a8c098 2021-03-26 | Change the method of allocation of random source ports
for DNS. [Simon Kelley]
* ffa4628 2021-03-22 | Fix thinko in 51f7bc924cbcdeb09cbb83249b70c121d1ffa31e
[Li Xing Cong ]
* e10a923 2021-03-15 | Move repeated test pattern to server_test_type [Petr
Mensik]
* 51f7bc9 2021-03-18 | Create common function for forward dump, log and send
[Petr Mensik]
* 6c0bf79 2021-03-18 | Reduce few repetitions in forward code [Petr Mensik]
* 4b03170 2021-03-20 | Update German translation for 2.85rc1. [Matthias Andree]
* 1de6bbc 2021-03-19 | Fix FTBS on FreeBSD due to Linux-specific optimisation of
if_nametoindex() [Simon Kelley]
  |
|
Thursday, 18 Mar 2021
|
00:12 mandree
dnsmasq-devel: add test release 2.85rc1
This is to fix a port randomization flaw that subjects dnsmasq to a cache
poisoning attack.
ChangeLog:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=155fc966f9542259596b41594f4b85775d1f9c9a;hb=023ace8e54c2e83e88082a1073a281d659f2a860#l1
Add CONFLICTS_INSTALL markers.
Security: CVE-2021-3448
Security: 5b72b1ff-877c-11eb-bd4f-2f1d57dafe46
|
|
Monday, 13 Jul 2020
|
20:25 mandree
dns/dnsmasq-devel: revive port and update to 2.82rc1
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=4b4e5b345170ab1e3a54d8d2847f500664a84d8d;hb=4d85e409cd2f4b0935d6ac5e8c72f6a151735d52#l1
|
|
Sunday, 5 Apr 2020
|
09:38 mandree
dns/dnsmasq-devel update to 2.81 release candidate #5
Git changes since rc4:
* 532246f 2020-04-04 | Tweak to DNSSEC logging. (tag: v2.81rc5, origin/master,
origin/HEAD) [Simon Kelley]
* 8caf3d7 2020-04-04 | Fix rare problem allocating frec for DNSSEC. [Simon
Kelley]
* d162bee 2020-03-20 | Allow overriding of ubus service name. [Oldrich Jedlicka]
* b43585c 2020-03-28 | Fix nameserver list in auth mode. [Simon Kelley]
* 3f60ecd 2020-03-18 | Fixed resource leak on ubus_init failure. [Oldrich
Jedlicka]
* 0506a5e 2020-03-19 | Handle old kernels that don't do NETLINK_NO_ENOBUFS.
[Simon Kelley]
* e7ee1aa 2020-03-17 | Extend stop-dns-rebind to reject IPv6 LL and ULA
addresses. We also reject the loopback address if rebind-localhost-ok is NOT
set. [Dominik DL6ER]
|
|
Saturday, 21 Mar 2020
|
09:53 mandree
dns/dnsmasq-devel: update to upstream release candidate #4
FreeBSD-relevant changes, since rc #3, from Git:
* 63e21bd 2020-03-17 | Remove 19036 trust anchor, now expired. [Simon Kelley]
* b837c45 2020-03-10 | Update German translation. [Conrad Kostecki]
|
|
Monday, 9 Mar 2020
|
21:29 mandree
dns/dnsmasq-devel: Update to 2.81rc3 (from rc2).
Git changelog:
* 46bdfe6 2020-03-08 | Fix error in IPv6 prefix calculation. (HEAD -> master,
tag: v2.81rc3, origin/master, origin/HEAD) [Petr Mensik]
* dded78b 2020-03-08 | Add DHCPv6 ntp-server (56) option handling. [Vladislav
Grishenko]
* b594e8d 2020-03-06 | rfc3315: fix incorrect logical '&&' warning [Kevin
Darbyshire-Bryant]
* 70c50ef 2020-03-06 | suppress non linux network unused var warnings [Kevin
Darbyshire-Bryant]
* ea3c60a 2020-03-08 | Diverge error handling between *BSD and Linux. [Brad
Smith]
Replace patch-Makefile by a $REINPLACE_CMD that support
nondefault lua versions 5.1 and 5.3, too.
Remove patch-src_rfc3315.c, same as b594e8d but written independently.
|
|
Friday, 6 Mar 2020
|
01:44 mandree
dns/dnsmasq-devel: Update to new upstream release candidate #2.
Changelog (from Git):
* fc19399 2020-03-05 | Fix compiler warning. (HEAD -> master, tag: v2.81rc2,
origin/master, origin/HEAD) [Simon Kelley]
* 980b14f 2020-03-05 | Compiler warning. [Simon Kelley]
* 1df73fe 2020-03-05 | Remove compiler warnings in IPv6 checksum code in dump.c
[Simon Kelley]
* c125c1d 2020-03-05 | Update decline address handling in DHCPv6 for new
multi-address world. [Simon Kelley]
* e39c484 2020-03-05 | Fix parameters to setsockopt() for TCP_FASTOPEN.
[Matthias Andree]
* 977a5a2 2020-03-02 | Merge i18n messages. [Simon Kelley]
* 02df000 2020-03-02 | Trivial formatting fix. [Simon Kelley]
Drop previous patches, and add two new ones,
one to fix pkgconfig for lua,
one to fix the bitfield flag testing in rfc3315.c/DHCPv6 decline handling.
|
|
Wednesday, 4 Mar 2020
|
22:27 mandree
Update dnsmasq-devel to 2.81rc1.
This currently adds two portability fixes that have been reported upstream.
Changelog:
<http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=31b395c987fe50174533065afe816dec3d4284a1;hb=b2ed691eb3ca6488a8878f5f3dd950a07b14a9db#l1>
|
|
Tuesday, 16 Oct 2018
|
22:36 mandree
Update dns/dnsmasq-devel to release candidate #1
Updates German translation.
|
|
Sunday, 7 Oct 2018
|
16:30 mandree
dns/dnsmasq-devel: upgrade to 2.80test8 release
CHANGELOG since test7:
Include in the example config file a formulation which stops DHCP clients
from claiming the DNS name "wpad".
This is a fix for the CERT Vulnerability VU#598349.
|
|
Wednesday, 3 Oct 2018
|
23:24 mandree
dns/dnsmasq-devel: update to 2.80test7
Changes since test6, from CHANGELOG:
Change anti cache-snooping behaviour with queries with the
recursion-desired bit unset. Instead to returning SERVFAIL, we
now always forward, and never answer from the cache. This
allows "dig +trace" command to work.
Include in the example config file a formulation which
stops DHCP clients from claiming the DNS name "wpad".
This is a fix for the CERT Vulnerability VU#598349.
|
|
Sunday, 9 Sep 2018
|
10:18 mandree
Update dnsmasq-devel to v2.80test6.
Changes from git log --oneline:
af3bd07 Man page typo.
d682099 Picky changes to 47b45b2967c931fed3c89a2e6a8df9f9183a5789
47b45b2 Fix lengths of interface names
2b38e38 Minor improvements in lease-tools
282eab7 Mark die function as never returning
c346f61 Handle ANY queries in context of
da8b6517decdac593e7ce24bde2824dd841725c8
03212e5 Manpage typo.
Reported by: portscout
|
|
Friday, 7 Sep 2018
|
17:57 mandree
Update dnsmasq-devel to v2.80test5
CHANGELOG extract:
Implement --address=/example.com/# as (more efficient) syntactic
sugar for --address=/example.com/0.0.0.0 and
--address=/example.com/::
|
|
Monday, 27 Aug 2018
|
23:52 mandree
Update dnsmasq-devel to v2.80test4.
CHANGELOG diff since v2.80test3:
Fix crash on startup with a --synth-domain which has no prefix.
Fix missing EDNS0 section in some replies generated by local
DNS configuration which confused systemd-resolvd.
Add --dhcp-name-match config option.
Add --caa-record config option.
|
|
Thursday, 16 Aug 2018
|
07:08 mandree
Update to 2.80test3 release.
Changelog:
<http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=3b6eb197a88ff450fb6abeff67152a592a7d683a>
|
|
Monday, 22 May 2017
|
22:53 mandree
Update to new upstream release candidate #5.
Switch IDN support from libidn to libidn2.
Drop patches integrated upstream.
|
|
Sunday, 21 May 2017
|
11:05 mandree
Update to upstream release candidate #4, with two more fixes.
Additionally, zero out *addrp in edns0.c, and fix two typoes in
forward.c where && should be &. These fixes have all been reported
upstream.
Note that the build rig is currently not up to using I18N and IDN2, so
we forgo IDN2 for now. Also reported upstream.
Changelog since -test5:
1835343 (tag: v2.77rc4) Update German translation.
2aaea18 Add .gitattributes to substitute VERSION on export.
7ab78b9 (tag: v2.77rc3) Fix c7be0164ce6ae89d6f2f0ffea14e2612418dd5da
c7be016 (tag: v2.77rc2) Suppress DHCP ping checks when allocating on the
loopback interface.
d203af4 Add optional support for libidn2 and therefore IDNA2008.
05f76da Don't die() on failing to parse lease-script output.
bf05f8f Fix crash introduced by 09f3b2cd9c7b5b5e0e96ba41f666e69808862620.
09f3b2c (tag: v2.77rc1) Fix case of DS queries to domains marked as not doing
DNSSEC.
2282787 Fix botch introduced by 561441320f0cb67ea97f81c59332da5c6d14b494
4583dd9 Replace obsolete utime() usage with utimes().
5614413 Fix a couple of crashes on malformed config files.
b2a9c57 Add "known-othernet" DHCP tag.
|
|
Thursday, 4 May 2017
|
22:50 mandree
Update to new upstream test release -test5.
Diff from upstream CHANGELOG:
+ Allow use of MAC addresses with --tftp-unique-root. Thanks
+ to Floris Bos for the patch.
+
+ Add --dhcp-reply-delay option. Thanks to Floris Bos
+ for the patch.
+
+ Add mtu setting facility to --ra-param. Thanks to David
+ Flamand for the patch.
+
+ Capture STDOUT and STDERR output from dhcp-script and log
+ it as part of the dnsmasq log stream. Makes life easier
+ for diagnosing unexpected problems in scripts.
+ Thanks to Petr Mensik for the patch.
+
+ Generate fatal errors when failing to parse the output
+ of the dhcp-script in "init" mode. Avoids strange errors
+ when the script accidentally emits error messages.
+ Thanks to Petr Mensik for the patch.
+
+ Make --rev-server for an RFC1918 subnet work even in the
+ presence of the --bogus-priv flag. Thanks to
+ Vladislav Grishenko for the patch.
+
+ Extend --ra-param mtu: field to allow an interface name.
+ This allows the MTU of a WAN interface to be advertised on
+ the internal interfaces of a router. Thanks to
+ Vladislav Grishenko for the patch.
+
+ Do ICMP-ping check for address-in-use for DHCPv4 when
+ the client specifies an address in DHCPDISCOVER, and when
+ an address in configured locally. Thanks to Alin Nastac
+ for spotting the problem.
This change was reverted:
- Implement RFC 6842. Thanks to Reddeiah Raju Konduru for
- pointing out that this was missing.
Reported by: portscout
|
|
Tuesday, 21 Mar 2017
|
22:50 mandree
Update to -test4 release, forward port IPSET [1]
Changes since -test3 release (edited diff from CHANGELOG):
* Improve logging of upstream servers when there are a lot of "local
addresses only" entries.
* Implement RFC 6842.
* Make --bogus-priv apply to IPv6, for the prefixes specified in RFC6303.
Forward port IPSET option from ../dnsmasq port, to permit build on
PF-less systems.
PR: 217900 [1]
Submitted by: Oliver Pinter <oliver.pinter@hardenedbsd.org>
|
|
Sunday, 12 Feb 2017
|
13:02 mandree
Update to 2.77.test3.
Simon Kelley (2):
Improve connection handling when talking to TCP upsteam servers.
Add forthcoming 2017 root zone trust anchor to trust-anchors.conf.
|
|
Thursday, 9 Feb 2017
|
00:22 mandree
Update to new 2.77test2 release.
Changelog: <http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=68f6312d4bae30b78daafcd6f51dc441b8685b1e>
Use readelf instead of objdump, unbreaking arm64 build. [1]
Submitted by: emaste@ [1]
Differential Revision: https://reviews.freebsd.org/D7881 [1]
|
|
Monday, 16 May 2016
|
22:57 mandree
Update to new upstream release candidate #2.
Changes in upstream Git between releases (git shortlog):
Sergey Nechaev (1):
Stricter command line args validation to dhcp_release6.
Simon Kelley (4):
Fix error in PXE arch names and add ARM32 and ARM64.
Tweak CSAs affected by UEFI PXE workaround code.
Tweak UEFI workaround code.
Merge messages into translation files.
Upstream CHANGELOG diff since rc #1:
Swap the values if BC_EFI and x86-64_EFI in --pxe-service.
These were previously wrong due to an error in RFC 4578.
If you're using BC_EFI to boot 64-bit EFI machines, you
will need to update your config.
Add ARM32_EFI and ARM64_EFI as valid architectures in
--pxe-service.
|
|
Wednesday, 11 May 2016
|
21:37 mandree
Update to release candidate #1.
Changes since test#13:
+ Move the dhcp_release and dhcp_lease_time tools from
+ contrib/wrt to contrib/lease-tools.
+
+ Add dhcp_release6 to contrib/lease-tools. Many thanks
+ to Sergey Nechaev for this code.
+
+ To avoid filling logs in configurations which define
+ many upstream nameservers, don't log more that 30 servers.
+ The number to be logged can be changed as SERVERS_LOGGED
+ in src/config.h.
Changelog since v2.75 at:
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=8628cd603fd0c55c7d41b84488446db44f58ff5b
|
|
Thursday, 5 May 2016
|
12:37 mandree
Update to new upstream test release ...test13.
Upstream's CHANGELOG since test12:
* Check return-code of inet_pton() when parsing dhcp-option. Bad
addresses could fail to generate errors and result in garbage
dhcp-options being sent. Thanks to Marc Branchaud for spotting this.
* Fix wrong value for EDNS UDP packet size when using --servers-file to
define upstream DNS servers. Thanks to Scott Bonar for the bug report.
|
|
Friday, 4 Mar 2016
|
08:49 mandree
New upstream test release #12.
Git shortlog since test release #10:
Simon Kelley (14):
Add TTL parameter to --host-record and --cname.
Add --dhcp-ttl option.
Update CHANGELOG.
Add --tftp-mtu option.
Apply ceiling of lease length to TTL when --dhcp-ttl in use.
Fix --add-subnet when returning empty or default subnet.
Replace incoming EDNS0_OPTION_NOMDEVICEID and EDNS0_OPTION_NOMCPEID
options.
Fix typo in last commit.
Check return code from open()
format fix.
Fix pointer declaration botch.
Tidy parsing code.
Fix broken DNSMASQ_USER<x> envvars in script with more than one class.
Tighten syntax checking for dhcp-range and clarify man page.
|
|
Friday, 19 Feb 2016
|
08:54 mandree
Upgrade to -test10 release.
Upstream's CHANGELOG since -test8:
Don't crash with divide-by-zero if an IPv6 dhcp-range is declared as a
whole /64. (ie xx::0 to xx::ffff:ffff:ffff:ffff)
Thanks to Laurent Bendel for spotting this problem.
|
|
Wednesday, 17 Feb 2016
|
08:12 mandree
Upgrade to upstream -test8 pre-release.
Changes per diff of the CHANGELOG file:
Fix wrong answer to simple name query when --domain-needed set, but no
upstream servers configured. Dnsmasq returned REFUSED, in this case,
when it should be the same as when upstream servers are configured -
NOERROR. Thanks to Allain Legacy for spotting the problem.
Return REFUSED when running out of forwarding table slots, not SERVFAIL.
Add --max-port configuration. Thanks to Hans Dedecker for the patch.
Add --script-arp and two new functions for the dhcp-script. These are
"arp" and "arp-old" which announce the arrival and removal of entries
in the ARP or nieghbour tables.
Extend --add-mac to allow a new encoding of the MAC address as base64,
by configurting --add-mac=base64
Add --add-cpe-id option.
|
|
Saturday, 16 Jan 2016
|
18:30 mandree
Update to new test5 release.
Changes, taken from Git shortlog:
Andre Glupker (1):
Fix bad cache-size calculation when hosts-file read fails.
Simon Kelley (7):
Handle building with script support enabled and DHCP disabled.
Update copyright notices. Happy new year!
Fix FTBFS when scripts excluded at compilation time.
Inhibit DNSSEC validation when forwarding to private servers for a domain.
DNSSEC: Handle non-root trust anchors, and check we have a root trust
anchor.
Disable DNSSEC for server=/domain/.. servers unless trust-anchor provided.
arp.c tidy up.
|
|
Monday, 4 Jan 2016
|
19:02 mandree
Update to -test4 release.
Changelog:
<http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=93c73d01e19562d27d5c56a3a87c8211422f20a1;hb=d917275e481add809cd5c40650f339ae994ee35f#l1>
|
|
Monday, 21 Dec 2015
|
23:22 mandree
Update to 2.76test1.
|
|
Thursday, 30 Jul 2015
|
18:47 mandree
Update to new release candidate #4 and mark IGNORE since 2.74 is out.
|
|
Saturday, 18 Jul 2015
|
12:58 mandree
Update to new release candidate #3
DNSSEC fix, signed wildcard CNAME to unsigned domain.
Update Polish translation.
|
|
Wednesday, 15 Jul 2015
|
00:57 mandree
Update to new upstream release candidate 2.74rc1.
To fix three regressions in 2.73:
1) The meaning of --conf-file without an argument changed from "don't
read any conf-file" to "read the default conf-file"
2) A resolv-file which was dangling symlink at startup causes
problems, up to and including a segmentation fault.
3) Under some circumstances, dnsmasq can use more file descriptors,
and this shows up that the code doesn't handle the limit (normally
1024) in the number of descriptors handled by the select() system call.
|
|
Friday, 12 Jun 2015
|
06:17 mandree
Update to new upstream release candidate #10.
Git shortlog since rc #9:
Neil Jerram (6):
Fix logging of unknown interface in --bridge-interface, DHPCv4.
Extend --bridge-interface aliasing to DHCPv6.
Allow router advertisements to have the "off-link" bit set.
Upply --bridge-interface aliasing to solicited router advertisements.
Apply --bridge-interfaces to unsolicited router advertisements.
Documenation updates for --bridge-interface and "off-link".
Nicolas Cavallari (1):
Add Dbus methods to create and delete DHCP leases.
Simon Kelley (2):
Add a couple of missed logging strings to the catalogue.
Merge messages and fix makefile process to do this.
|
|
Wednesday, 10 Jun 2015
|
17:36 mandree
Update to new release candidate -rc9.
Relevant Git shortlog excerpt since -rc8:
Christian Demsar (1):
Man page typo.
John Hanks (1):
Add infiniband to example config file.
Simon Kelley (8):
Remove support for DNS Extended Label Types.
Select correct DHCP context when in PXE bootserver mode.
DHCPv6: DHCPCONFIRM should be OK for any address on link, not just dynamic
addresses.
Handle corner cases in NSEC coverage checks.
swigger (1):
Correctly sanitise DNS header bits in answer when recreating query for
retry.
|
|
Saturday, 23 May 2015
|
08:45 mandree
Upgrade to new release candidate #8, fixing buffer overflow since rc6. [1]
Add CPE information [2].
Extract from shortlog, omitting irrelevant entries:
Nicolas Cavallari (1):
Constify some DHCP lease management functions.
Simon Kelley (10):
Don't remove RRSIG RR from answers to ANY queries when the do bit is not
set.
Handle UDP packet loss when fragmentation of large packets is broken.
Check IPv4-mapped IPv6 addresses with --stop-rebind.
Tweak EDNS timeout code.
Pointer to mail-archive mailing list mirror in doc.html.
Allow T1 and T2 DHCPv4 options to be set.
Use correct DHCP context for PXE-proxy server-id.
Fix buffer overflow introduced in 2.73rc6.
PR: 199955 [2]
Submitted by: shun, amdmi3 [2]
Reviewed by: amdmi3 [2]
Security: 7927165a-0126-11e5-9d98-080027ef73ec
|
|
Sunday, 3 May 2015
|
02:47 mandree
Upgrade to release candidate #7.
Git shortlog:
Johnny S. Lee (1):
Make get-version work when repo is a git submodule.
Simon Kelley (2):
Logs in DHCPv6 not suppressed by dhcp6-quiet.
Fix argument-order botch which broke DNSSEC for TCP queries.
|
|
Wednesday, 22 Apr 2015
|
22:25 mandree
Update to new release candidate #6.
Git shortlog since release candidate #4:
Moshe Levi (1):
Check IP address command line arg in dhcp_release.c
Simon Kelley (7):
Fix crash in auth code with odd configuration.
Auth: correct replies to NS and SOA in .arpa zones.
Note CVE-2015-3294
Log domain when reporting DNSSEC validation failure.
Revert 61b838dd574c51d96fef100285a0d225824534f9 and just quieten log inste
Handle domain names with '.' or /000 within labels.
Tweaks to previous, DNS label charset commit.
Stefan Tomanek (1):
Fix (srk induced) crash in new tftp_no_fail code.
|
|
Sunday, 12 Apr 2015
|
11:15 mandree
Upgrade to new release candidate #4.
Resolves checksum trouble.
Git shortlog between rc#3 and rc#4:
Simon Kelley (4):
Return INSECURE, rather than BOGUS when DS proved not to exist.
Fix compiler warning when not including DNSSEC.
Fix crash caused by looking up servers.bind when many servers defined.
Fix crash on receipt of certain malformed DNS requests.
Stefan Tomanek (2):
add --tftp-no-fail to ignore missing tftp root
|
|
Tuesday, 31 Mar 2015
|
21:05 mandree
Upgrade to new release candidate #3 (skipping rc2).
Changes since rc1 (git shortlog):
+ Don't fail DNSSEC when a signed CNAME dangles into an unsigned zone.
+ Return SERVFAIL when validation abandoned.
+ Protect against broken DNSSEC upstreams.
+ DNSSEC fix for non-ascii characters in labels.
+ Allow control characters in names in the cache, handle when logging.
|
|
Monday, 30 Mar 2015
|
17:39 mandree
Update to upstream 2.73rc1 (pending rc2 upload)
Changes from previous 2.73test6 (taken from CHANGELOG's Git repo):
Don't reply to DHCPv6 SOLICIT messages if we're not
configured to do stateful DHCPv6. Thanks to Win King Wan
for the patch.
Fix broken DNSSEC validation of ECDSA signatures.
Add --dnssec-timestamp option, which provides an automatic
way to detect when the system time becomes valid after boot
on systems without an RTC, whilst allowing DNS queries before the
clock is valid so that NTP can run. Thanks to
Kevin Darbyshire-Bryant for developing this idea.
|
|
Thursday, 22 Jan 2015
|
22:48 mandree
Update to new 2.73test6 pre-release
Changes since test3, from CHANGELOG file:
Add --log-queries=extra option, which makes logs easier
to search automatically.
Add --min-cache-ttl option. I've resisted this for a long
time, on the grounds that disbelieving TTLs is never a
good idea, but I've been persuaded that there are
sometimes reasons to do it. (Step forward, GFW).
To avoid misuse, there's a hard limit on the TTL
floor of one hour. Thansk to RinSatsuki for the patch.
Cope with multiple interfaces with the same link-local
address. (IPv6 addresses are scoped, so this is allowed.)
Thanks to Cory Benfield for help with this.
Add --dhcp-hostsdir. This allows addition of new host
configurations to a running dnsmasq instance much more
cheaply than having dnsmasq re-read all its existing
configuration each time.
|
|
Friday, 9 Jan 2015
|
16:41 mandree
Update to new test release.
Changes: the two items at the end of v2.73 here:
<http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=e8bf80f81baac3366dfecbdb6e80c4102fb21574;hb=424c4a8a53c8aa5d6ac899c95803b97410abec8f#l26>
|
|
Tuesday, 23 Dec 2014
|
23:04 mandree
Package 2.73test2, with one additional patch to make it build
(also reported upstream).
CHANGELOG at:
<http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=fbc5205702c7f6f431d9f1043c553d7fb62ddfdb>
|
|
Saturday, 20 Sep 2014
|
22:24 mandree
Upgrade to 2.72rc2.
+ Fix bug when resulted in NXDOMAIN answers instead of NODATA in some
circumstances.
+ Fix bug which caused dnsmasq to become unresponsive if it failed to
send packets due to a network interface disappearing.
+ Fix problem with --local-service option on big-endian platforms.
|
|
Wednesday, 10 Sep 2014
|
15:47 mandree
Update to 2.72rc1.
Announcement with ChangeLog:
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2014q3/008793.html
Submitted by: portscout
|
|
Monday, 31 Mar 2014
|
20:19 mandree
Upgrade to new upstream release candidate #rc4.
Fixes ipset logging patch.
Known issue: The executable identifies as #rc3.
|
|
Sunday, 30 Mar 2014
|
00:42 mandree
Update to new upstream release candidate #2.
Git shortlog between 2.69 rc1 and rc2:
Simon Kelley (7):
Add dnssec-check-unsigned to example config file.
Reorder sanity checks on UDP packet reception, to cope with failed recvfro
SERVFAIL is an expected error return, don't try all servers.
Terminate DS-search when reaching the root via cache entries.
Cache stats availble in CHAOS .bind domain.
Ensure ->sentto is valid for DNSSEC forwards. Otherwise retries SEGV.
Add --dnssec-no-timecheck
Tomas Hozza (2):
Memory leak in error path.
Handle failure of hash_questions()
Wang Jian (1):
Log IPSET actions.
|
|
Saturday, 22 Mar 2014
|
22:06 mandree
Upgrade to release candidate #1.
|
|
Monday, 10 Mar 2014
|
17:01 mandree
Upgrade to new upstream test release #11.
Git shortlog since test release #9:
Speeling.
Strip DNSSEC RRs when query doesn't have DO bit set.
Return INSECURE when validation fails with proved non-existent DS.
Negative caching for DS records.
Check that unsigned replies come from unsigned zones if --dnssec-check-uns
Tidy.
Fix off-by-one overwrite.
Don't free blockdata for negative DS cache entries.
Handle replies with no answers and no NS in validate_reply.
Tweak tuning params.
Don't cache secure replies which we've messsed with.
Mass edit of INSECURE->BOGUS returns for server failure/bad input.
Can have local DS records (trust anchors).
|
|
Thursday, 27 Feb 2014
|
22:55 mandree
Update to new test9 release.
Relevant excerpt from git shortlog between test8 and test9:
Add RFC-6605 ECDSA DNSSEC verification.
Don't mess with the TTL of DNSSEC RRs.
No CD in forwarded queries unless dnssec-debug for TCP too.
Log BOGUS validation result when upstream sends SERVFAIL.
--rev-server option. Syntactic sugar for PTR queries.
Omit ECC from DNSSEC if nettle library is old.
Add --servers-file option.
NSEC3 validation. First pass.
Check signer name in RRSIGs.
An NSEC record cannot attest to its own non-existance!
|
Number of commits found: 117 (showing only 100 on this page) |
As an Amazon Associate I earn from qualifying purchases.