notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.
New feature planned: get notified when the package is available. Now is the time to contribute ideas/suggestions.
non port: dns/dnsmasq/Makefile

Number of commits found: 160 (showing only 100 on this page)

1 | 2  »  

Tuesday, 13 Feb 2024
23:15 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq: security update to 2.90 (fixes dnssec validation DoS)

ChangeLog:	https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=v2.90
Security:       21a854cc-cac1-11ee-b7a7-353f1e043d9a
Security:       CVE-2023-50387
Security:       CVE-2023-50868
MFH:		2024Q1
commit hash: af6c1440146a94063573c048e0eacdccd1108062 commit hash: af6c1440146a94063573c048e0eacdccd1108062 commit hash: af6c1440146a94063573c048e0eacdccd1108062 commit hash: af6c1440146a94063573c048e0eacdccd1108062 af6c144
Saturday, 18 Mar 2023
09:17 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq: cherry-pick several upstream fixes

all from dnsmasq's Git repository hosted by Simon Kelley:

+ Fix DHCPv6 "use multicast" response
+ Avoid undefined behaviour with the ctype(3) functions.
+ Document suppressing default options in --dhcp-option.
+ Fix --rev-server option.
+ Set the default maximum DNS UDP packet size to 1232.
+ Generalise cached NXDOMAIN replies.
+ Fix possible SEGV when no servers defined.

and bump PORTREVISION. This is so we can let it mature
for two weeks before 2023Q2 and because the upstream
release schedule is unforeseeable.

Obtained from: Simon Kelley <simon@thekelleys.org.uk>
Obtained from: Dominik Derigs <dl6er@dl6er.de>
Obtained from: Taylor R Campbell <campbell+dnsmasq@mumble.net>
commit hash: 7a10b554651ee1e9d051856b99c76c9311313947 commit hash: 7a10b554651ee1e9d051856b99c76c9311313947 commit hash: 7a10b554651ee1e9d051856b99c76c9311313947 commit hash: 7a10b554651ee1e9d051856b99c76c9311313947 7a10b55
Monday, 6 Feb 2023
22:00 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq*: update to v2.89, and disable -devel port

Changelog:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=v2.89

MFH:		2023Q1
commit hash: 156fb7b95d82fbedecb72e54e58257275d4f713c commit hash: 156fb7b95d82fbedecb72e54e58257275d4f713c commit hash: 156fb7b95d82fbedecb72e54e58257275d4f713c commit hash: 156fb7b95d82fbedecb72e54e58257275d4f713c 156fb7b
Saturday, 14 Jan 2023
09:19 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq: fix rare cache corruption problem

Simon Kelley sent an advisory that in rare circumstances, the cache can
become corrupted and the DNS subsystem then became disfunctional.
This is reported as regression in 2.88.
Chances seem higher this happens with DNSSEC enabled, but seems not limited
to it.  For details, please see the patch contained in this commit, or
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2023q1/016821.html

The symptom of this happening is apparently a cache internal error.

2.89 with this fix and a few others is slated for release in a week.
Let's fix the patch already and MFH to 2023Q1 so we keep our liberties
to decide whether we need to move quarterly to 2.89 or rather stick
with 2.88_1.

originally
Reported by:	Timo van Roermund (to Simon Kelley in private)
Reported by:	Simon Kelley (upstream maintainer, through mailing list)
Obtained from:	Simon Kelley (upstream maintainer, Git repository)
MFH:		2023Q1
commit hash: 038ffa5e63e3b419b68989e5c822b8cb108af7da commit hash: 038ffa5e63e3b419b68989e5c822b8cb108af7da commit hash: 038ffa5e63e3b419b68989e5c822b8cb108af7da commit hash: 038ffa5e63e3b419b68989e5c822b8cb108af7da 038ffa5
Monday, 5 Dec 2022
19:48 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq*: update to 2.88, and ignore -devel port

ChangeLog:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=v2.88
commit hash: e5e31e3f2f02d5128c018fa0d2a035da8648297b commit hash: e5e31e3f2f02d5128c018fa0d2a035da8648297b commit hash: e5e31e3f2f02d5128c018fa0d2a035da8648297b commit hash: e5e31e3f2f02d5128c018fa0d2a035da8648297b e5e31e3
Monday, 26 Sep 2022
16:20 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq*: update to v2.87

and set dnsmasq-devel port to IGNORE.

Changelog:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=v2.87
https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg16445.html

MFH:		2022Q3
commit hash: 7bf80ce8165de85b5c550ea7aba984c6093a9496 commit hash: 7bf80ce8165de85b5c550ea7aba984c6093a9496 commit hash: 7bf80ce8165de85b5c550ea7aba984c6093a9496 commit hash: 7bf80ce8165de85b5c550ea7aba984c6093a9496 7bf80ce
Wednesday, 7 Sep 2022
21:10 Stefan Eßer (se) search for other commits by this committer
Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

This commit implements such a proposal and moves one of the WWW: entries
of each pkg-descr file into the respective port's Makefile. A heuristic
attempts to identify the most relevant URL in case there is more than
one WWW: entry in some pkg-descr file. URLs that are not moved into the
Makefile are prefixed with "See also:" instead of "WWW:" in the pkg-descr
files in order to preserve them.

There are 1256 ports that had no WWW: entries in pkg-descr files. These
ports will not be touched in this commit.

The portlint port has been adjusted to expect a WWW entry in each port
Makefile, and to flag any remaining "WWW:" lines in pkg-descr files as
deprecated.

Approved by:		portmgr (tcberner)
commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 b7f0544
Wednesday, 20 Jul 2022
14:21 Tobias C. Berner (tcberner) search for other commits by this committer
dns: remove 'Created by' lines

A big Thank You to the original contributors of these ports:

  *  Aaron Dalton <aaron@FreeBSD.org>
  *  Akinori MUSHA aka knu <knu@idaemons.org>
  *  Alex Samorukov <samm@freebsd.org>
  *  Alexey Dokuchaev <danfe@FreeBSD.org>
  *  Allan Jude <allanjude@freebsd.org>
  *  Amar Takhar <verm@drunkmonk.net>
  *  Anders Nordby <anders@fix.no>
  *  Andrew Greenwood <greenwood.andy@gmail.com>
  *  Anton Berezin <tobez@FreeBSD.org>
  *  Ashish SHUKLA <ashish@FreeBSD.org>
  *  Attila Nagy <bra@fsn.hu>
  *  Bas Kruit <baskruit@bsltwr.dhis.org>
  *  Bruce M. Simpson <bms@FreeBSD.org>
  *  Carlos J Puga Medina <cpm@fbsd.es>
  *  Chris St Denis (<chris@ctgameinfo.com>)
  *  Clement Laforet <clement@FreeBSD.org>
  *  Clement Laforet <sheepkiller@cultdeadsheep.org>
  *  Dan Langille <dvl@FreeBSD.org>
  *  Dan Pelleg <daniel+mdnsd@pelleg.org>
  *  Dan Smith <dan@algenta.com>
  *  David O'Brien (obrien@NUXI.com)
  *  Dean Hollister <dean@odyssey.apana.org.au>
  *  Dirk Froemberg <dirk@FreeBSD.org>
  *  Dmitry Pryadko <d.pryadko@rambler-co.ru>
  *  Dmitry Sivachenko <mitya@yandex-team.ru>
  *  Dominik Brettnacher <domi@saargate.de>
  *  Douglas Thrift <douglas@douglasthrift.net>
  *  Edwin Groothuis (edwin@mavetju.org)
  *  Edwin Groothuis <edwin@mavetju.org>
  *  Emanuel Haupt <ehaupt@FreeBSD.org>
  *  Emanuel Haupt <ehaupt@critical.ch>
  *  Eyal Soha <esoha@attbi.com>
  *  Filip Parag <filip@parag.rs>
  *  Filippo Natali <filippo.natali@gmail.com>
  *  Frank Behrens
  *  Gea-Suan Lin <gslin@gslin.org>
  *  Geoffroy Desvernay <dgeo@centrale-marseille.fr>
  *  George Reid <greid@ukug.uk.freebsd.org>
  *  Goran Mekić <meka@tilda.center>
  *  Hajimu UMEMOTO <ume@FreeBSD.org>
  *  Herve Quiroz <hq@FreeBSD.org>
  *  Hirohisa Yamaguchi <umq@ueo.co.jp>
  *  Hye-Shik Chang <perky@fallin.lv>
  *  Jaap Akkerhuis <jaap@NLnetLabs.nl>
  *  James FitzGibbon <jfitz@FreeBSD.org>
  *  Jase Thew <freebsd@beardz.net>
  *  Jimmy Bergman jimmy@sigint.se
  *  Jin-Shan Tseng <tjs@cdpa.nsysu.edu.tw>
  *  Joe Barbish
  *  Jov <amutu@amutu.com>
  *  Jui-Nan Lin <jnlin@freebsd.cs.nctu.edu.tw>
  *  Karl Dietz (Karl.Dietz@frankfurt.netsurf.de)
  *  Kirill Ponomarew <ponomarew@oberon.net>
  *  Koen Martens <gmc@sonologic.nl>
  *  Konstantin Saurbier <saurbier@math.uni-bielefeld.de>
  *  Kostya Lukin <lukin@okbmei.msk.su>
  *  Kris Kennaway <kris@FreeBSD.org>
  *  Kubilay Kocak <koobs@FreeBSD.org>
  *  Kurt Jaeger <fbsd-ports@opsec.eu>
  *  Leo Vandewoestijne <freebsd@dns-lab.com>
  *  Leo Vandewoestijne <freebsd@dns.company>
  *  MIHIRA Yoshiro <sanpei@jp.FreeBSD.org>
  *  Marcin Gondek <drixter@e-utp.net>
  *  Mario Sergio Fujikawa Ferreira <lioux@FreeBSD.org>
  *  Mark Felder <feld@FreeBSD.org>
  *  Mark Linimon <linimon@lonesome.com>
  *  Mark Pulford <mark@kyne.com.au>
  *  Martin Matuska <mm@FreeBSD.org>
  *  Martin Wilke <miwi@FreeBSD.org>
  *  Matthew Hunt <mph@pobox.com>
  *  Matthew Seaman
  *  Michael Cardell Widerkrantz <mc@hack.org>
  *  Moritz Warning <moritzwarning@web.de>
  *  Natacha Porte <natbsd@instinctive.eu>
  *  Neil Blakey-Milner
  *  Olivier Duchateau
  *  Paul Chvostek <paul@it.ca>
  *  Paul Dlug <paul@aps.org>
  *  Philippe Pepiot <phil@philpep.org>
  *  Piotr Kubaj <pkubaj@FreeBSD.org>
  *  Piotr Kubaj <pkubaj@anongoth.pl>
  *  Po-Chuan Hsieh <sunpoet@FreeBSD.org>
  *  Rafal Lesniak <fbsd@grid.einherjar.de>
  *  Roman Shterenzon <roman@xpert.com>
  *  Rong-En Fan <rafan@FreeBSD.org>
  *  Roy Marples <roy@marples.name>
  *  Ryan Steinmetz <rpsfa@rit.edu>
  *  Ryan Steinmetz <zi@FreeBSD.org>
  *  Sahil Tandon <sahil@tandon.net>
  *  Seamus Venasse <svenasse@polaris.ca>
  *  Sergei Kolobov <sergei@FreeBSD.org>
  *  Sergei Kolobov <sergei@kolobov.com>
  *  Sergey Matveychuk <sem@FreeBSD.org>
  *  Sergey Skvortsov <skv@protey.ru>
  *  Simon Dick <simond@irrelevant.org>
  *  Stefan Esser <se@FreeBSD.org>
  *  Steve Wills <swills@FreeBSD.org>
  *  Steve Wills <swills@freebsd.org>
  *  Steven Honson
  *  Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org>
  *  Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
  *  Timothy Beyer <beyert@cs.ucr.edu>
  *  Waitman Gobble <waitman@waitman.net>
  *  Wen Heping <wen@FreeBSD.org>
  *  Wen Heping <wenheping@gmail.com>
  *  Zane C, Bowers <vvelox@vvelox.net>
  *  adamw
  *  alexis
  *  andrew@ugh.net.au
  *  bkhl
  *  clsung
  *  clsung@dragon2.net
  *  dglo@ssec.wisc.edu
  *  dnscheckengine-port@academ.com (Stan Barber)
  *  fenner
  *  geniusj@ods.org
  *  ijliao
  *  ismail.yenigul@endersys.com.tr
  *  krion
  *  mark@foster.cc
  *  n@nectar.com
  *  roam@FreeBSD.org
  *  rodrigc@FreeBSD.org
  *  rpsfa@rit.edu
  *  sten@blinkenlights.nl

With hat:	portmgr
commit hash: 66ee090ccad0160bf913ee776daa9c3bfdab1868 commit hash: 66ee090ccad0160bf913ee776daa9c3bfdab1868 commit hash: 66ee090ccad0160bf913ee776daa9c3bfdab1868 commit hash: 66ee090ccad0160bf913ee776daa9c3bfdab1868 66ee090
Sunday, 3 Apr 2022
11:15 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq: fix CVE-2022-0934 DHCPv6 vuln

Security:	3f321a5a-b33b-11ec-80c2-1bb2c6a00592
Security:	CVE-2022-0934
MFH:		2022Q2
commit hash: 03b5b25346d359e29c16da94772d41637320bdf2 commit hash: 03b5b25346d359e29c16da94772d41637320bdf2 commit hash: 03b5b25346d359e29c16da94772d41637320bdf2 commit hash: 03b5b25346d359e29c16da94772d41637320bdf2 03b5b25
Sunday, 6 Feb 2022
11:23 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq: cherry-pick 2.86-related man update

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=10cd342f5c847a5e0226d6f0f9ff4ca16db610a5

Obtained from:	Simon Kelley's upstream git repository
commit hash: 41b0378ad42663d34174e79f2fc0c5e091efabad commit hash: 41b0378ad42663d34174e79f2fc0c5e091efabad commit hash: 41b0378ad42663d34174e79f2fc0c5e091efabad commit hash: 41b0378ad42663d34174e79f2fc0c5e091efabad 41b0378
Saturday, 11 Dec 2021
09:51 Matthias Andree (mandree) search for other commits by this committer Author: Olivier Cochard
dns/dnsmasq: fix error "config error is REFUSED (EDE: not ready)"

Fix --address=/#/...... which was lost in 2.86

ML message:
https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg15508.html

Git commit:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=26bbf5a314d833beaf0f147d24409969f05f3dba

PR:		260331
Obtained from:	Simon Kelley (upstream maintainer)
commit hash: 1f05895ca06edbf6ba8bdf7e221c8a1057c0fd71 commit hash: 1f05895ca06edbf6ba8bdf7e221c8a1057c0fd71 commit hash: 1f05895ca06edbf6ba8bdf7e221c8a1057c0fd71 commit hash: 1f05895ca06edbf6ba8bdf7e221c8a1057c0fd71 1f05895
09:51 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq: pull in three more upstream fixes

Cherry-pick these Git commits from the upstream:

--local should behave as --server, not as --address [...]
Fix confusion in DNS retries and --strict-order.
Fix confusion with log-IDs and DNS retries.

loosely prompted by Olivier's
PR:		260331
commit hash: f727ae28aad85b8545ca5e2ee1752c006d63aa47 commit hash: f727ae28aad85b8545ca5e2ee1752c006d63aa47 commit hash: f727ae28aad85b8545ca5e2ee1752c006d63aa47 commit hash: f727ae28aad85b8545ca5e2ee1752c006d63aa47 f727ae2
Thursday, 25 Nov 2021
21:40 Stefan Eßer (se) search for other commits by this committer
*/*: Remove redundant '-*' from CONFLICTS definitions

The conflict checks compare the patterns first against the package
names without version (as reported by "pkg query "%n"), then - if
there was no match - agsinst the full package names including the
version (as reported by "pkg query "%n-%v").

Approved by: portmgr (blanket)
commit hash: 04b9da414081a733478d3def4e1e3777908536c6 commit hash: 04b9da414081a733478d3def4e1e3777908536c6 commit hash: 04b9da414081a733478d3def4e1e3777908536c6 commit hash: 04b9da414081a733478d3def4e1e3777908536c6 04b9da4
Thursday, 9 Sep 2021
15:48 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq: update to v2.86, ignore dnsmasq-devel

Changelog:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=v2.86
commit hash: d8ba06237d5018b525a15ae5823f2e1fb9900854 commit hash: d8ba06237d5018b525a15ae5823f2e1fb9900854 commit hash: d8ba06237d5018b525a15ae5823f2e1fb9900854 commit hash: d8ba06237d5018b525a15ae5823f2e1fb9900854 d8ba062
Sunday, 6 Jun 2021
08:09 Tobias Kortkamp (tobik) search for other commits by this committer
*: Clean up some things

- Fix typos
- Remove duplicate variables
- Remove nop variables
- Sort categories
- Add missing USES

Reported by:	portscan
commit hash: 89893207e7cd5b2328e72dd2a2ba2b7250ac037f commit hash: 89893207e7cd5b2328e72dd2a2ba2b7250ac037f commit hash: 89893207e7cd5b2328e72dd2a2ba2b7250ac037f commit hash: 89893207e7cd5b2328e72dd2a2ba2b7250ac037f 8989320
Saturday, 15 May 2021
09:24 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq: cherry-pick upstream-fixes

 *  Handle DHCPREBIND requests in the DHCPv6 server.
 *  Fix bug in TCP process handling.
commit hash: 505d608290a2efa7d064c4d4f7ca75b17c675405 commit hash: 505d608290a2efa7d064c4d4f7ca75b17c675405 commit hash: 505d608290a2efa7d064c4d4f7ca75b17c675405 commit hash: 505d608290a2efa7d064c4d4f7ca75b17c675405 505d608
Thursday, 15 Apr 2021
08:31 Tobias Kortkamp (tobik) search for other commits by this committer
Clean up some things

- Remove duplicate variables
- Remove nop variables
- Sort categories
- Remove redundant option descriptions that match the default ones

Reported by:	portscan
commit hash: ffbc3bd9376a3672e16eafddf55b233b8fed1674 commit hash: ffbc3bd9376a3672e16eafddf55b233b8fed1674 commit hash: ffbc3bd9376a3672e16eafddf55b233b8fed1674 commit hash: ffbc3bd9376a3672e16eafddf55b233b8fed1674 ffbc3bd
Thursday, 8 Apr 2021
21:54 Matthias Andree (mandree) search for other commits by this committer
dns/dnsmasq: security update to v2.85 release

Changelog:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=v2.85

Configurations where server lines contain a @ character,
f.i. server=1.1.1.1@em0 or server=1.1.1.1@192.0.2.1, disabled
source port randomization, making cache poisoning attacks possible.
v2.85 mitigates this.

MFH:		2021Q2
Security:	CVE-2021-3448
Security:	5b72b1ff-877c-11eb-bd4f-2f1d57dafe46 (VuXML)
commit hash: e0a4c5c8be306418d09950162d513a6cedab613a commit hash: e0a4c5c8be306418d09950162d513a6cedab613a commit hash: e0a4c5c8be306418d09950162d513a6cedab613a commit hash: e0a4c5c8be306418d09950162d513a6cedab613a e0a4c5c
Tuesday, 6 Apr 2021
14:31 Mathieu Arnold (mat) search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
commit hash: 305f148f482daf30dcf728039d03d019f88344eb commit hash: 305f148f482daf30dcf728039d03d019f88344eb commit hash: 305f148f482daf30dcf728039d03d019f88344eb commit hash: 305f148f482daf30dcf728039d03d019f88344eb 305f148
Thursday, 18 Mar 2021
00:12 mandree search for other commits by this committer
dnsmasq-devel: add test release 2.85rc1

This is to fix a port randomization flaw that subjects dnsmasq to a cache
poisoning attack.

ChangeLog:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=155fc966f9542259596b41594f4b85775d1f9c9a;hb=023ace8e54c2e83e88082a1073a281d659f2a860#l1

Add CONFLICTS_INSTALL markers.

Security: CVE-2021-3448
Security: 5b72b1ff-877c-11eb-bd4f-2f1d57dafe46
Original commitRevision:568702 
Tuesday, 26 Jan 2021
19:19 mandree search for other commits by this committer
dns/dnsmasq: upgrade to v2.84 (regression fixes)

Upstream blessed v2.84 rc2 (which 2.83_1 effectively already was)
into v2.84 release, so take it (and patch the upstream bug of
leaving "rc2" in the version out).

MFH:		2021Q1 (regression fixes for security fix release)
Original commitRevision:562980 
Sunday, 24 Jan 2021
11:01 mandree search for other commits by this committer
dns/dnsmasq: regression fixes from upstream Git

Apparently there are situations where dnsmasq 2.83 can confuse
its peers or sockets, and the upstream Git contains fixes for them.

These four fixes essentially take dnsmasq to 2.84test3.

Obtained from:	Simon Kelley <simon@thekelleys.org.uk>'s Git repository
Original commitRevision:562461 
Wednesday, 20 Jan 2021
19:20 mandree search for other commits by this committer
dns/dnsmasq: security update to 2.83

CHANGELOG of version 2.83:

        Use the values of --min-port and --max-port in outgoing
        TCP connections to upstream DNS servers.

        Fix a remote buffer overflow problem in the DNSSEC code. Any
        dnsmasq with DNSSEC compiled in and enabled is vulnerable to this,
        referenced by CVE-2020-25681, CVE-2020-25682, CVE-2020-25683
        CVE-2020-25687.

        Be sure to only accept UDP DNS query replies at the address
        from which the query was originated. This keeps as much entropy
        in the {query-ID, random-port} tuple as possible, to help defeat
        cache poisoning attacks. Refer: CVE-2020-25684.

        Use the SHA-256 hash function to verify that DNS answers
        received are for the questions originally asked. This replaces
        the slightly insecure SHA-1 (when compiled with DNSSEC) or
        the very insecure CRC32 (otherwise). Refer: CVE-2020-25685.

        Handle multiple identical near simultaneous DNS queries better.
        Previously, such queries would all be forwarded
        independently. This is, in theory, inefficent but in practise
        not a problem, _except_ that is means that an answer for any
        of the forwarded queries will be accepted and cached.
        An attacker can send a query multiple times, and for each repeat,
        another {port, ID} becomes capable of accepting the answer he is
        sending in the blind, to random IDs and ports. The chance of a
        succesful attack is therefore multiplied by the number of repeats
        of the query. The new behaviour detects repeated queries and
        merely stores the clients sending repeats so that when the
        first query completes, the answer can be sent to all the
        clients who asked. Refer: CVE-2020-25686.
MFH:		2021Q1
Security:	5b5cf6e5-5b51-11eb-95ac-7f9491278677
Security:	CVE-2020-25684
Security:	CVE-2020-25685
Security:	CVE-2020-25686
Security:	CVE-2020-25681
Security:	CVE-2020-25682
Security:	CVE-2020-25683
Security:	CVE-2020-25687
Original commitRevision:562154 
Sunday, 19 Jul 2020
23:07 mandree search for other commits by this committer
dns/dnsmasq: update to 2.82 (regression and bug fixes)

Quoting Simon Kelley "This fixes a nasty problem
introduced in 2.81 which causes random crashes on systems where there's
significant DNS activity over TCP. It also fixes DNSSEC validation
problems with zero-TTL DNSKEY and DS records."

Changelog:
<http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=e6a223119ffcd9ead6cb15153cd49bd3c61e114f;hb=f60fea1fb0a288011f57a25dfb653b8f6f8b46b9#l1>

MFH:		2020Q3 (regression and bug fixes)
Original commitRevision:542600 
Saturday, 16 May 2020
10:51 sunpoet search for other commits by this committer
Bump PORTREVISION for security/nettle shlib change
Original commitRevision:535391 
Sunday, 12 Apr 2020
02:16 mandree search for other commits by this committer
dns/dnsmasq: repair damage from UNAUTHORIZED UCL conversion of pkg-message

The pkg-message contains a security note that is necessary on
new installs and on updates alike.

Since per the porter's handbook, the UCL does not support enumeration
of types, and this is not relevant on removal, the UCL change must be
reverted.  While here, remove formatting.

Failure inducing commit:
|------------------------------------------------------------------------
|r508835 | mat | 2019-08-13 18:01:59 +0200 (Tue, 13 Aug 2019) | 2 lines
|
|Convert to UCL & cleanup pkg-message (categories d)
|
|------------------------------------------------------------------------

NOTE: The UCL conversion of files/pkg-message.in was not authorized
and damaging and no heads-up was sent to the maintainer.

portmgr@ MUST act more carefully with sweeping changes and hand them out
for review first.
Original commitRevision:531475 
01:59 mandree search for other commits by this committer
dns/dnsmasq: update to 2.81, unlink dnsmasq-devel

Update dns/dnsmasq to the new upstream version 2.81.
The Makefile has been rearranged with portfmt, except the
LDFLAGS+=..._intllibs... line that portfmt does not recognize.

Changelog:
<http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG;h=60b08d015b2d5a979f39b8ad43633b419135cb64;hb=7ddb99d251c3f5870c8c308a98bb8f283c831872#l1>
(or see CHANGELOG in the package)

Unlink dnsmasq-devel from the build, but keep the sources,
and mark it IGNORE and list dnsmasq-devel in MOVED.
Original commitRevision:531473 
Sunday, 23 Feb 2020
13:50 mandree search for other commits by this committer
dns/dnsmasq: Remove obsolete REINPLACE_CMD line.

Reported by:	swills@ (IRC)
Original commitRevision:526921 
Sunday, 13 Oct 2019
15:25 mandree search for other commits by this committer
dns/dnsmasq: Fix TFTP regression on recent FreeBSD versions.

Add a patch taken from upstream. Tested successfully on 11.3-RELEASE amd64.

The upstream fix is an extended version of a fix proposed by
Dave Mueller in the PR.

See also:
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2019q4/013412.html

PR:		241068
Reported by:	Phil Chadwick
Obtained from:	Simon Kelley,
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=936bd82755e8f75fc09c1e9a67fb390175b157d4
MFH:		2019Q4
Original commitRevision:514404 
Wednesday, 9 Oct 2019
10:34 bapt search for other commits by this committer
Drop the ipv6 virtual category for d* category as it is not relevant anymore
Original commitRevision:514130 
Tuesday, 9 Jul 2019
17:13 sunpoet search for other commits by this committer
Update security/nettle to 3.5.1

- Bump PORTREVISION of dependent ports for shlib change
- Fix build of devel/pijul [1]

Changes:	https://git.lysator.liu.se/nettle/nettle/blob/master/NEWS
PR:		238991
Exp-run by:	antoine
Thanks to:	tobik [1]
Original commitRevision:506289 
Saturday, 9 Feb 2019
23:25 sunpoet search for other commits by this committer
Update dns/libidn2 to 2.1.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://gitlab.com/libidn/libidn2/blob/master/NEWS
Original commitRevision:492534 
Sunday, 6 Jan 2019
20:39 sunpoet search for other commits by this committer
Update dns/libidn2 to 2.1.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://gitlab.com/libidn/libidn2/blob/master/NEWS
Original commitRevision:489529 
Friday, 19 Oct 2018
17:47 mandree search for other commits by this committer
Upgrade dns/dnsmasq to v2.80.

Security: the installed example configuration file shows a way of
disabling WPAD hijacking, but leaves it commented out. Extend pkg-message.

Changelog: 	<http://thekelleys.org.uk/dnsmasq/CHANGELOG>

Since installing v2.80 isn't a fix against the vulnerability, and fixing
it needs administrator intervention on upgrades, I am not marking this in
vuxml for now, since we'd need to mark v2.80 vulnerable, too.

MFH:		2018Q4
Security:	CERT VU#598349
Original commitRevision:482439 
Monday, 19 Mar 2018
21:10 mandree search for other commits by this committer
dns/dnsmasq update to release v2.79

Note there are a few incompatible changes. For details, please see the...
Changelog: <http://thekelleys.org.uk/dnsmasq/CHANGELOG>
Original commitRevision:465034 
Monday, 2 Oct 2017
18:40 brnrd search for other commits by this committer
dns/dnsmasq: Security update to 2.78

PR:		222739
Approved by:	ports-secteam
MFH:		2017Q4
Security:	b77b5646-a778-11e7-ac58-b499baebfeaf
Original commitRevision:451095 
Wednesday, 7 Jun 2017
20:00 mandree search for other commits by this committer
Fix up pxelogic.0 suffix logic.

Regression in v2.77 caused by a patch proposed by yours truly.

Reported by:	Steven Shiau (via upstream dnsmasq-discuss mailing list)
Obtained from:	Chris Novakovich and Simon Kelley
Pointyhat to:	mandree@
Original commitRevision:442888 
Thursday, 1 Jun 2017
17:55 mandree search for other commits by this committer
Update to new release 2.77.

Changelog: <http://thekelleys.org.uk/dnsmasq/CHANGELOG>
Original commitRevision:442303 
Tuesday, 21 Mar 2017
22:45 mandree search for other commits by this committer
Correct placement of option helpers.

Related to:
PR: 217900
Original commitRevision:436661 
22:43 mandree search for other commits by this committer
Allow build on PF-less (NO_IPSET) systems.

This adds a new ports option, IPSET, defaulting to on.

Use the opportunity to use the options helpers OPT_CFLAGS[_OFF] on the
trivial options.

PR:		217900
Submitted by:	Oliver Pinter <oliver.pinter@hardenedbsd.org>
Original commitRevision:436660 
Thursday, 9 Feb 2017
00:18 mandree search for other commits by this committer
Use readelf instead of objdump, unbreaking arm64 build.

Submitted by:	emaste@
Differential Revision:	https://reviews.freebsd.org/D7881
Original commitRevision:433702 
Monday, 23 May 2016
20:35 amdmi3 search for other commits by this committer
Remove NLS, DOCS, EXAMPLES and IPV6 from OPTIONS_DEFAULT, they are enabled by
default anyway and don't need to be listed

Approved by:	portmgr blanket
Original commitRevision:415742 
Wednesday, 18 May 2016
22:17 mandree search for other commits by this committer
Update, new upstream feature+bugfix release v2.76

The upstream maintainer's change log is here, and in the installed
CHANGELOG file:
<http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=v2.76>

Drop two patch files that were previously cherry-picked from the
post-v2.75 upstream repository and should no longer be needed.
Original commitRevision:415466 
Friday, 1 Apr 2016
14:00 mat search for other commits by this committer
Remove ${PORTSDIR}/ from dependencies, categories d, e, f, and g.

With hat:	portmgr
Sponsored by:	Absolight
Original commitRevision:412346 
Saturday, 23 Jan 2016
21:14 johans search for other commits by this committer
Bump versions to chase Nettle shared library update
Original commitRevision:407058 
Thursday, 7 Jan 2016
23:44 mandree search for other commits by this committer
Cherry-pick two upstream fixes for crashers.

(But bump PORTREVISION instead of PORTEPOCH ;-))

http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=0007ee90646a5a78a96ee729932e89d31c69513a
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=41a8d9e99be9f2cc8b02051dd322cb45e0faac87

Submitted by:	garga@
Obtained from:	Edwin Torok, Simon Kelley
Differential Revision:	D4813
Original commitRevision:405491 
Tuesday, 29 Dec 2015
11:15 mandree search for other commits by this committer
Quench unused-parameter warnings during build.
Original commitRevision:404736 
Friday, 31 Jul 2015
17:43 mandree search for other commits by this committer
Update to 2.75

Critical bug fix for --dhcp-script
Original commitRevision:393361 
Thursday, 30 Jul 2015
18:47 mandree search for other commits by this committer
New dnsmasq upstream release 2.74 (bugfixes)

version 2.74
            Fix reversion in 2.73 where --conf-file would attempt to
            read the default file, rather than no file.

            Fix inotify code to handle dangling symlinks better and
            not SEGV in some circumstances.

            DNSSEC fix. In the case of a signed CNAME generated by a
            wildcard which pointed to an unsigned domain, the wrong
            status would be logged, and some necessary checks omitted.
Original commitRevision:393256 
Tuesday, 16 Jun 2015
00:48 mandree search for other commits by this committer
Upgrade dnsmasq to new release 2.73.

Changelog: http://www.thekelleys.org.uk/dnsmasq/CHANGELOGDisable dnsmasq-devel
(older than stable).
Switch to using @sample keyword [1].

PR:           200717 [1]
Submitted by: Jimmy Olgeni
Original commitRevision:389788 
Wednesday, 6 May 2015
19:59 garga search for other commits by this committer
- Add a patch to fix CVE-2015-3294
- Bump PORTREVISION

PR:		199999
Approved by:	mandree@ (maintainer)
Obtained
from:	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=ad4a8ff7d9097008d7623df8543df435bfddeac8
MFH:		2015Q2
Security:	CVE-2015-3294
Sponsored by:	Netgate
Original commitRevision:385553 
Saturday, 18 Apr 2015
02:43 amdmi3 search for other commits by this committer
- Add CPE info

Approved by:	portmgr blanket
Original commitRevision:384203 
Thursday, 25 Sep 2014
18:27 mandree search for other commits by this committer
Update to new upstream version 2.72, disabling dnsmasq-devel again.

Remove @dir* stuff from pkg-plist.  @sample isn't documented properly
and isn't up to handling files with non-.sample suffix, so stay
away from that part of pkg-plist.

ChangeLog:	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
Original commitRevision:369281 
Wednesday, 10 Sep 2014
20:30 mandree search for other commits by this committer
Remove excess output from pre-configure.
Original commitRevision:367886 
Saturday, 30 Aug 2014
18:18 tijl search for other commits by this committer
dns/libidn:
- Add USES=libtool and bump dependent ports
- Add INSTALL_TARGET=install-strip
- Always install libidn-components.png because it is used by libidn.info
- Add -lintl to Libs.private instead of Libs in libidn.pc
Original commitRevision:366659 
Thursday, 31 Jul 2014
17:56 mandree search for other commits by this committer
Add ldconfig to rc.d script requisites to make sure we can link to,
say, libnettle.so.

Submitted by:	Allen Hewes
Original commitRevision:363645 
Tuesday, 15 Jul 2014
15:09 adamw search for other commits by this committer
Add DOCS to OPTIONS_DEFINE to ports that check for PORT_OPTIONS:MDOCS.
Original commitRevision:361941 
Friday, 23 May 2014
21:11 mandree search for other commits by this committer
Fix build with DNSSEC and without NLS/DBUS options.

PR:		190149
Submitted by:	Kevin Zheng
Original commitRevision:354963 
Sunday, 18 May 2014
22:17 mandree search for other commits by this committer
Upgrade to new upstream version 2.71.  Upstream's changelog:

version 2.71
            Subtle change to error handling to help DNSSEC validation
	    when servers fail to provide NODATA answers for
	    non-existent DS records.

	    Tweak code which removes DNSSEC records from answers when
	    not required. Fixes broken answers when additional section
	    has real records in it. Thanks to Marco Davids for the bug
	    report.

	    Fix DNSSEC validation of ANY queries. Thanks to Marco Davids
	    for spotting that too.

	    Fix total DNS failure and 100% CPU use if cachesize set to zero,
	    regression introduced in 2.69. Thanks to James Hunt and
	    the Ubuntu crowd for assistance in fixing this.
Original commitRevision:354476 
Sunday, 27 Apr 2014
21:05 mandree search for other commits by this committer
Upgrade to new upstream version 2.70. Upstream changelog:

   Fix crash, introduced in 2.69, on TCP request when dnsmasq compiled
   with DNSSEC support, but running without DNSSEC enabled. Thanks to
   Manish Sing for spotting that one.

   Fix regression which broke ipset functionality. Thanks to Wang Jian
   for the bug report.

Submitted by:	Herbert J. Skuhra
Original commitRevision:352463 
Monday, 21 Apr 2014
21:56 bapt search for other commits by this committer
Switch to use lua 5.2
Original commitRevision:351724 
Tuesday, 15 Apr 2014
17:40 mandree search for other commits by this committer
Propose local-service option in default .example configuration.

PR:		ports/188548
Submitted by:	Jeroen van der Ham <jeroen@1sand0s.nl>
Original commitRevision:351356 
Thursday, 10 Apr 2014
20:44 mandree search for other commits by this committer
Update to new upstream 2.69 release. Adds DNSSEC support.

Full changelog: <http://www.thekelleys.org.uk/dnsmasq/CHANGELOG>
Original commitRevision:350849 
Sunday, 8 Dec 2013
18:05 mandree search for other commits by this committer
Upgrade dnsmasq to new stable 2.68 release.

Fixes bind-interfaces with IPv6 on FreeBSD.

version 2.68
            Use random addresses for DHCPv6 temporary address
            allocations, instead of algorithmically determined stable
            addresses.

    Fix bug which meant that the DHCPv6 DUID was not available
    in DHCP script runs during the lifetime of the dnsmasq
    process which created the DUID de-novo. Once the DUID was
    created and stored in the lease file and dnsmasq
    restarted, this bug disappeared.

    Fix bug introduced in 2.67 which could result in erroneous
    NXDOMAIN returns to CNAME queries.

    Fix build failures on MacOS X and openBSD.

    Allow subnet specifications in --auth-zone to be interface
    names as well as address literals. This makes it possible
    to configure authoritative DNS when local address ranges
    are dynamic and works much better than the previous
    work-around which exempted contructed DHCP ranges from the
    IP address filtering. As a consequence, that work-around
    is removed. Under certain circumstances, this change wil
    break existing configuration: if you're relying on the
    contructed-range exception, you need to change --auth-zone
    to specify the same interface as is used to construct your
    DHCP ranges, probably with a trailing /6 like this:
    --auth-zone=example.com,eth0/6 to limit the addresses to
    IPv6 addresses of eth0.

    Fix problems when advertising deleted IPv6 prefixes. If
    the prefix is deleted (rather than replaced), it doesn't
    get advertised with zero preferred time. Thanks to Tsachi
    for the bug report.

    Fix segfault with some locally configured CNAMEs. Thanks
    to Andrew Childs for spotting the problem.

    Fix memory leak on re-reading /etc/hosts and friends,
    introduced in 2.67.

    Check the arrival interface of incoming DNS and TFTP
    requests via IPv6, even in --bind-interfaces mode. This
    isn't possible for IPv4 and can generate scary warnings,
    but as it's always possible for IPv6 (the API always
    exists) then we should do it always.

    Tweak the rules on prefix-lengths in --dhcp-range for
    IPv6. The new rule is that the specified prefix length
    must be larger than or equal to the prefix length of the
    corresponding address on the local interface.
Original commitRevision:335916 
Sunday, 27 Oct 2013
15:30 mandree search for other commits by this committer
Assorted fixes to dependencies on various build options,
particularly with NLS enabled when libidn was built without NLS.

While here, group OPTIONS and clean up things a bit, and print
configuration of port and libidn port for debugging.

The particular build failure was
Reported by:	Yuri Vorobyev
Original commitRevision:331782 
Friday, 25 Oct 2013
22:27 mandree search for other commits by this committer
Upgrade dnsmasq to new upstream release 2.67.
Changelog: <http://www.thekelleys.org.uk/dnsmasq/CHANGELOG>
Enable NLS and IPV6 options by default.
Use shebangfix on files that need it.

Mark dnsmasq-devel (older than release) IGNORE.
Original commitRevision:331639 
Monday, 30 Sep 2013
16:44 mandree search for other commits by this committer
Convert to support STAGEDIR; misc. LIB_DEPENDS cleanups.
Original commitRevision:328831 
Friday, 20 Sep 2013
16:31 bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
dns)
Original commitRevision:327719 
Wednesday, 14 Aug 2013
22:35 ak search for other commits by this committer
- Remove MAKE_JOBS_SAFE variable

Approved by:	portmgr (bdrewery)
Original commitRevision:324744 
Friday, 26 Apr 2013
15:10 bapt search for other commits by this committer
Convert USE_GETTEXT -> USES=gettext

While here:
- Trim headers
- Remove some useless pre.mk/post.mk
- Convert to optionsng
Original commitRevision:316620 
Tuesday, 23 Apr 2013
07:24 bapt search for other commits by this committer
Convert dns to USES=pkgconfig
Original commitRevision:316315 
Wednesday, 17 Apr 2013
17:50 mandree search for other commits by this committer
Kill blank line at EOF, to please portlint.

Feature safe: yes
Original commitRevision:315999 
17:49 mandree search for other commits by this committer
Update to new upstream release 2.66.
New DHCPv6 stuff, ability to act as authoritative server for local data.

Changelog: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

Feature safe: yes
Original commitRevision:315998 
Monday, 11 Mar 2013
18:22 mandree search for other commits by this committer
Tidy up Makefile header.
Original commitRevision:313926 
18:21 mandree search for other commits by this committer
Drop default options, to keep the Makefile tidy.

Submitted by:	bapt@
Original commitRevision:313925 
Saturday, 15 Dec 2012
16:34 mandree search for other commits by this committer
Update to new upstream release 2.65.

Upstream changes:

    Fix regression which broke forwarding of queries sent via
    TCP which are not for A and AAAA and which were directed to
    non-default servers. Thanks to Niax for the bug report.

    Fix failure to build with DHCP support excluded. Thanks to
    Gustavo Zacarias for the patch.

    Fix nasty regression in 2.64 which completely broke cacheing.
Original commitRevision:308953 
16:33 mandree search for other commits by this committer
Update to new upstream release 2.65.

Upstream changes:

    TCP which are not for A and AAAA and which were directed to
    non-default servers. Thanks to Niax for the bug report.

    Fix failure to build with DHCP support excluded. Thanks to
    Gustavo Zacarias for the patch.

    Fix nasty regression in 2.64 which completely broke cacheing.
Original commitRevision:308952 
Tuesday, 4 Dec 2012
22:29 mandree search for other commits by this committer
Update to new upstream release 2.64.

Feature safe:	yes

Changelog for version 2.64:

Handle DHCP FQDN options with all flag bits zero and --dhcp-client-update set.
Thanks to Bernd Krumbroeck for spotting the problem.

Finesse the check for /etc/hosts names which conflict with DHCP names.
Previously a name/address pair in /etc/hosts which didn't match the
name/address of a DHCP lease would generate a warning. Now that only
happesn if there is not also a match. This allows multiple addresses for
a name in /etc/hosts with one of them assigned via DHCP.

Fix broken vendor-option processing for BOOTP. Thanks to Hans-Joachim
Baader for the bug report.

Don't report spurious netlink errors, regression in 2.63. Thanks to
Vladislav Grishenko for the patch.

Flag DHCP or DHCPv6 in starup logging. Thanks to Vladislav Grishenko for
the patch.

Add SetServersEx method in DBus interface. Thanks to Dan Williams for
the patch.

Add SetDomainServers method in DBus interface. Thanks to Roy Marples for
the patch.

Fix build with later Lua libraries. Thansk to Cristian Rodriguez for the
patch.

Add --max-cache-ttl option. Thanks to Dennis Kaarsemaker for the patch.

Fix breakage of --host-record parsing, resulting in infinte loop at
startup. Regression in 2.63. Thanks to Haim Gelfenbeyn for spotting
this.

Set SO_REUSEADDRESS and SO_V6ONLY options on the DHCPv6 socket, this
allows multiple instances of dnsmasq on a single machine, in the same
way as for DHCPv4. Thanks to Gene Czarcinski and Vladislav Grishenko for
work on this.

Fix DHCPv6 to do access control correctly when it's configured with
--listen-address. Thanks to Gene Czarcinski for sorting this out.

Add a "wildcard" dhcp-range which works for any IPv6 subnet,
--dhcp-range=::,static Useful for Stateless DHCPv6. Thanks to Vladislav
Grishenko for the patch.

Don't include lease-time in DHCPACK replies to DHCPINFORM queries, since
RFC-2131 says we shouldn't. Thanks to Wouter Ibens for pointing this
out.

Makefile tweak to do dependency checking on header files.  Thanks to
Johan Peeters for the patch.

Check interface for outgoing unsolicited router advertisements, rather
than relying on interface address configuration. Thanks to Gene
Czarinski for the patch.

Handle better attempts to transmit on interfaces which are still doing
DAD, and specifically do not just transmit without setting source
address and interface, since this can cause very puzzling effects when a
router advertisement goes astray. Thanks again to Gene Czarinski.

Get RA timers right when there is more than one dhcp-range on a subnet.
Original commitRevision:308283 
Monday, 20 Aug 2012
20:40 mandree search for other commits by this committer
Demote USE_PKGCONFIG to =build (was =yes).
Original commit
20:33 mandree search for other commits by this committer
Update to 2.63.

Changelog: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
Original commit
Tuesday, 7 Aug 2012
22:22 mandree search for other commits by this committer
Add new dnsmasq-devel version, for development/test/release candidate versions.
This port is based on dns/dnsmasq 2.62_1,1 and has been updated to 2.63rc2.

Description (by Simon Kelley, the upstream maintainer):
Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP server.
It is designed to provide DNS and, optionally, DHCP, to a small network. It
can serve the names of local machines which are not in the global DNS. The
DHCP server integrates with the DNS server and allows machines with
DHCP-allocated addresses to appear in the DNS with names configured either
in each host or in a central configuration file. Dnsmasq supports static and
dynamic DHCP leases and BOOTP/TFTP/PXE for network booting of diskless
machines.
Original commit
Sunday, 5 Aug 2012
23:19 dougb search for other commits by this committer
Move the rc.d scripts of the form *.sh.in to *.in

Where necessary add $FreeBSD$ to the file

No PORTREVISION bump necessary because this is a no-op
Original commit
Thursday, 26 Jul 2012
05:40 bapt search for other commits by this committer
new devel/pkgconf added to replace devel/pkg-config. new version of pkg-config
are no more self hosting so we are stuck with 0.25 version while pkgconf provide
the same set of features as 0.27 and a compatible frontend. A symlink to
pkg-config has been added for convenience and compatibility

This also introduces a new macro to use pkgconf in your ports:
USE_PKGCONFIG

it can take the following arguments:
 - yes (meaning build only dep)
 - build (meaning build only dep)
 - run (meaning run only dep)
 - both (meaning run and build dep)

From now USE_GNOME= pkgconfig is deprecated in favour of USE_PKGCONFIG
The old gnome macro has been modified to use pkgconf but still the sameway: run
and build dep to avoid large breakage.

While here fix some ports relying on pkg-config but not specifying it, fix some
ports broken because testing wrong .pc files, and fix ports using pkg-config
--version to determine pkg-config version instead of
pkg-config --modversion pkg-config like recommanded by pkg-config

With Hat:	portmgr
Exp-runs by:	bapt (pointhat-west), beat (pointyhat)
Original commit
Wednesday, 25 Jul 2012
06:32 cs search for other commits by this committer
Fix typos in COMMENT
Original commit
Monday, 11 Jun 2012
20:49 mandree search for other commits by this committer
Fix inverted PORT_OPTIONS:MDOCS logic, regression from optionsNG migration.

Reported by: Spil Oss
Reported by: pointyhat (by way of pav@)
Original commit
Friday, 8 Jun 2012
14:34 mandree search for other commits by this committer
Update to bug-fix release 2.62.
Changelog: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

Convert to OptionsNG.
Original commit
Monday, 30 Apr 2012
20:38 mandree search for other commits by this committer
Update to new upstream release 2.61. Changes are, per Simon Kelley:

Re-write interface discovery code on *BSD to use getifaddrs. This
is more portable, more straightforward, and allows us to find the
prefix length for IPv6 addresses.

Add ra-names, ra-stateless and slaac keywords for DHCPv6.  Dnsmasq
can now synthesise AAAA records for dual-stack hosts which get IPv6
addresses via SLAAC. It is also now possible to use SLAAC and
stateless DHCPv6, and to tell clients to use SLAAC addresses as
well as DHCP ones.  Thanks to Dave Taht for help with this.

Add --dhcp-duid to allow DUID-EN uids to be used.

Explicity send DHCPv6 replies to the correct port, instead of relying
on clients to send requests with the correct source address, since
at least one client in the wild gets this wrong. Thanks to Conrda
Kostecki for help tracking this down.

Send a preference value of 255 in DHCPv6 replies when --dhcp-authoritative
is in effect. This tells clients not to wait around for other DHCP
servers.

Better logging of DHCPv6 options.

Add --host-record. Thanks to Rob Zwissler for the suggestion.

Invoke the DHCP script with action "tftp" when a TFTP file transfer
completes. The size of the file, address to which it was sent and
complete pathname are supplied. Note that version 2.60 introduced
some script incompatibilties associated with DHCPv6, and this is a
further change. To be safe, scripts should ignore unknown actions,
and if not IPv6-aware, should exit if the environment variable
DNSMASQ_IAID is set. The use-case for this is to track netboot/install.
Suggestion from Shantanu Gadgil.

Update contrib/port-forward/dnsmasq-portforward to reflect the
above.

Set the environment variable DNSMASQ_LOG_DHCP when running the
script id --log-dhcp is in effect, so that script can taylor their
logging verbosity. Suggestion from Malte Forkel.

Arrange that addresses specified with --listen-address work even
if there is no interface carrying the address. This is chiefly
useful for IPv4 loopback addresses, where any address in 127.0.0.0/8
is a valid loopback address, but normally only 127.0.0.1 appears
on the lo interface. Thanks to Mathieu Trudel-Lapierre for the idea
and initial patch.

Fix crash, introduced in 2.60, when a DHCPINFORM is received from
a network which has no valid dhcp-range.  Thanks to Stephane Glondu
for the bug report.

Add a new DHCP lease time keyword, "deprecated" for --dhcp-range.
This is only valid for IPv6, and sets the preffered lease time for
both DHCP and RA to zero. The effect is that clients can continue
to use the address for existing connections, but new connections
will use other addresses, if they exist. This makes hitless renumbering
at least possible.

Fix bug in address6_available() which caused DHCPv6 lease aquisition
to fail if more than one dhcp-range in use.

Provide RDNSS and DNSSL data in router advertisements, using the
settings provided for DHCP options option6:domain-search and
option6:dns-server.

Tweak logo/favicon.ico to add some transparency. Thanks to SamLT
for work on this.

Don't cache data from non-recursive nameservers, since it may
erroneously look like a valid CNAME to a non-exitant name. Thanks
to Ben Winslow for finding this.

Call SO_BINDTODEVICE on the DHCP socket(s) when doing DHCP on exactly
one interface and --bind-interfaces is set. This makes the OpenStack
use-case of one dnsmasq per virtual interface work. This is only
available on Linux; it's not supported on other platforms. Thanks
to Vishvananda Ishaya and the OpenStack team for the suggestion.

Updated French translation. Thanks to Gildas Le Nadan.

Give correct from-cache answers to explict CNAME queries.  Thanks
to Rob Zwissler for spotting this.

Add --tftp-lowercase option. Thanks to Oliver Rath for the patch.

Ensure that the DBus DhcpLeaseUpdated events are generated when a
lease goes through INIT_REBOOT state, even if the dhcp-script is
not in use. thanks to Antoaneta-Ecaterina Ene for the patch.

Fix failure of TFTP over IPv4 on OpenBSD platform. Thanks to Brad
Smith for spotting this.
Original commit
Sunday, 1 Apr 2012
11:18 mandree search for other commits by this committer
Fix a rare configuration-dependent crash.  Simon Kelley, upstream
maintainer, wrote in message <4F70361B.7080306@thekelleys.org.uk>:

    A bug has been found in dnsmasq 2.60 that can cause crashes. This is
    configuration dependent: it either crashes frequently or not at all.
    The configuration required is one which allows dnsmasq to receive
    DHCPINFORM requests for which there is no valid dhcp-range. This is
    rare.

Adding the patch he offers for download.

Feature safe: yes
Original commit
Sunday, 11 Mar 2012
23:59 mandree search for other commits by this committer
Update to new upstream release 2.60.  Notable new features are:
- The LUA port option enables Lua support for DHCP lease-change scripts
- DHCPv6 support
- IPv6 Router Advertisement support

Changelog:    http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
Feature safe: yes
Original commit
Tuesday, 18 Oct 2011
22:24 mandree search for other commits by this committer
Fix BUILD_DEPENDS (use += not =) creation in port.

Upgrade to new upstream regression fix release 2.59:

            Fix regression in 2.58 which caused failure to start up
            with some combinations of dnsmasq config and IPv6 kernel
            network config. Thanks to Brielle Bruns for the bug
            report.

            Improve dnsmasq's behaviour when network interfaces are
            still doing duplicate address detection (DAD). Previously,
            dnsmasq would wait up to 20 seconds at start-up for the
            DAD state to terminate. This is broken for bridge
            interfaces on recent Linux kernels, which don't start DAD
            until the bridge comes up, and so can take arbitrary
            time. The new behaviour lets dnsmasq poll for an arbitrary
            time whilst providing service on other interfaces. Thanks
            to Stephen Hemminger for pointing out the problem.

Note the 2.59.tar.lzma tarball causes the startup banner to print
2.59rc1 which I deem harmless.
Original commit
Friday, 26 Aug 2011
22:32 mandree search for other commits by this committer
Update to new upstream release 2.58
Changes: http://thekelleys.org.uk/dnsmasq/CHANGELOG

Suggested by: Loic Pefferkorn.
Original commit
Monday, 14 Mar 2011
08:40 wen search for other commits by this committer
- Bump PORTREVISION to chase the update of dns/libidn
Original commit
Tuesday, 22 Feb 2011
19:20 mandree search for other commits by this committer
Update dnsmasq rc.d script again (sorry for the churn with portrev. 1)

- Start before named, to unbreak named_wait if /etc/resolv.conf points
  to dnsmasq (when named is the resolver that dnsmasq forwards to).
  Is also more robust/maintenance friendly if other scripts depend on "named".

- Track if the configuration has changed since start, and upgrade reload
  to restart by default in that case (can be disabled with
  dnsmasq_restart="NO" in /etc/rc.conf[.local]), to work around dnsmasq
  shortcoming

- Add a "logstats" action to the rcscript, and document it.

- Document the "reload" action and the new dnsmasq_restart variable.

- Properly quote variable expansions.

- Enhance pkg-message to point to the rcfile for feature documentation.

- Bump PORTREVISION to 2.
Original commit
17:19 mandree search for other commits by this committer
Change rc.d file to ensure proper startup order:
- depend on named, in case dnsmasq uses named as resolver
- start before ntpdate and rpcbase (which require named).

Bump PORTREVISION.
Original commit
Monday, 21 Feb 2011
08:50 mandree search for other commits by this committer
Upgrade to new upstream release 2.57.

Remove support for FreeBSD releases 6.X.

Allow build with IDN but without NLS (this requires that dns/libidn
is also built WITHOUT_NLS) to expose an upstream change. Useful for embedded
devices.

Warn user if this is requested but libidn needs NLS libraries
because in that case dnsmasq inherits the NLS dependencies from libidn.

Remove files/patch-aa, it was a preview patch from a 2.57 test release,
fixing a regression in 2.56 that caused hex constants to be rejected in
the configuratino if they contained the '*' wildcard.

Further upstream changes:
- use own header for DNS protocol, rather than using arpa/nameser.h
- correct ctype.h function argument casts (isdigit(), isxdigit(), etc.)
- Accept extra empty arguments on command line to avoid libvirt breakage.
Original commit
Wednesday, 16 Feb 2011
15:57 mandree search for other commits by this committer
Expand NLS/IDN comment.
Original commit
14:34 mandree search for other commits by this committer
Fix regression in config parser.
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2011q1/004750.html
Original commit
Tuesday, 15 Feb 2011
21:49 mandree search for other commits by this committer
Update to new upstream release 2.56.
Replace uni-paderborn.de master site by MASTER_SITE_LOCAL.
Add LICENSE=GPLv2.
Changelog:
http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
Original commit
Tuesday, 8 Jun 2010
20:01 mandree search for other commits by this committer
Upgrade to upstream bugfix release 2.55, removing version hack.

Note this version fixes two crashes on startup.

Approved by: garga (mentor)
Original commit
Friday, 4 Jun 2010
12:11 mandree search for other commits by this committer
Upgrade to new upstream release dnsmasq 2.53/2.54.

This release was inadvertently dubbed 2.54 in its logging by Simon Kelley,
so adjust our PORTVERSION to match that, but still build the 2.53 tarball.
Simon will treat 2.53 and 2.54 the same and release 2.55 next time.
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q2/004105.html
Check work/dnsmasq-2.53/src/config.h for VERSION after "make extract" to see.

Approved by: garga (mentor)
Original commit

Number of commits found: 160 (showing only 100 on this page)

1 | 2  »