packages/dnsmasq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Package init

Browse Source
This commit is contained in:
dogsheng 2019-12-25 15:44:46 +08:00
parent 66e7df5712
commit 61c0570c17
4 changed files with 264 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
0141-Fix-memory-leak-in-helper.c.patch Normal file
View File

@ -0,0 +1,46 @@
From 69bc94779c2f035a9fffdb5327a54c3aeca73ed5 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 14 Aug 2019 20:44:50 +0100
Subject: [PATCH 141/156] Fix memory leak in helper.c
Thanks to Xu Mingjie <xumingjie1995@outlook.com> for spotting this.
---
src/helper.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/helper.c b/src/helper.c
index 33ba120..c392eec 100644
--- a/src/helper.c
+++ b/src/helper.c
@@ -80,7 +80,8 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
pid_t pid;
int i, pipefd[2];
struct sigaction sigact;
-
+ unsigned char *alloc_buff = NULL;
+
/* create the pipe through which the main program sends us commands,
then fork our process. */
if (pipe(pipefd) == -1 || !fix_fd(pipefd[1]) || (pid = fork()) == -1)
@@ -186,11 +187,16 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
struct script_data data;
char *p, *action_str, *hostname = NULL, *domain = NULL;
unsigned char *buf = (unsigned char *)daemon->namebuff;
- unsigned char *end, *extradata, *alloc_buff = NULL;
+ unsigned char *end, *extradata;
int is6, err = 0;
int pipeout[2];
- free(alloc_buff);
+ /* Free rarely-allocated memory from previous iteration. */
+ if (alloc_buff)
+ {
+ free(alloc_buff);
+ alloc_buff = NULL;
+ }
/* we read zero bytes when pipe closed: this is our signal to exit */
if (!read_write(pipefd[0], (unsigned char *)&data, sizeof(data), 1))
--
1.8.3.1

139
bugfix-allow-binding-mac-with-ipv6.patch Normal file
View File

@ -0,0 +1,139 @@
From 7d8a6199730a2fd0cd2a7cfa4fdb73b8399f110a Mon Sep 17 00:00:00 2001
From: Shufeng Cao <caoshufeng@huawei.com>
Date: Tue, 27 Nov 2018 15:03:59 +0800
Subject: [PATCH 1/2] allow binding mac address with ipv6
This change introduces a new option --bind-mac-with-ip6, when this
option is enabled, a client of same mac address will always get the
bound ipv6 address, even when it's duid has been changed.
---
src/dnsmasq.c | 1 +
src/dnsmasq.h | 4 +++-
src/option.c | 3 +++
src/rfc3315.c | 34 +++++++++++++++++++++++++++++++++-
4 files changed, 40 insertions(+), 2 deletions(-)
diff --git a/src/dnsmasq.c b/src/dnsmasq.c
index 9f6c020..32a4d22 100644
--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
@@ -243,6 +243,7 @@ int main (int argc, char **argv)
if (daemon->dhcp6)
{
daemon->doing_ra = option_bool(OPT_RA);
+ daemon->bind_mac_with_ip6 = option_bool(OPT_BIND_MAC_IP6);
for (context = daemon->dhcp6; context; context = context->next)
{
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index 6773b69..8b31d42 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -250,7 +250,8 @@ struct event_desc {
#define OPT_MAC_B64 54
#define OPT_MAC_HEX 55
#define OPT_TFTP_APREF_MAC 56
-#define OPT_LAST 57
+#define OPT_BIND_MAC_IP6 57
+#define OPT_LAST 58
/* extra flags for my_syslog, we use a couple of facilities since they are known
not to occupy the same bits as priorities, no matter how syslog.h is set up. */
@@ -1000,6 +1001,7 @@ extern struct daemon {
int override;
int enable_pxe;
int doing_ra, doing_dhcp6;
+ int bind_mac_with_ip6;
struct dhcp_netid_list *dhcp_ignore, *dhcp_ignore_names, *dhcp_gen_names;
struct dhcp_netid_list *force_broadcast, *bootp_dynamic;
struct hostsfile *dhcp_hosts_file, *dhcp_opts_file, *dynamic_dirs;
diff --git a/src/option.c b/src/option.c
index d358d99..919e5a3 100644
--- a/src/option.c
+++ b/src/option.c
@@ -160,6 +160,7 @@ struct myoption {
#define LOPT_DHCPTTL 348
#define LOPT_TFTP_MTU 349
#define LOPT_REPLY_DELAY 350
+#define LOPT_BIND_MAC_IP6 351
#ifdef HAVE_GETOPT_LONG
static const struct option opts[] =
@@ -325,6 +326,7 @@ static const struct myoption opts[] =
{ "script-arp", 0, 0, LOPT_SCRIPT_ARP },
{ "dhcp-ttl", 1, 0 , LOPT_DHCPTTL },
{ "dhcp-reply-delay", 1, 0, LOPT_REPLY_DELAY },
+ { "bind-mac-with-ip6", 0, 0 , LOPT_BIND_MAC_IP6 },
{ NULL, 0, 0, 0 }
};
@@ -497,6 +499,7 @@ static struct {
{ LOPT_IGNORE_ADDR, ARG_DUP, "<ipaddr>", gettext_noop("Ignore DNS responses containing ipaddr."), NULL },
{ LOPT_DHCPTTL, ARG_ONE, "<ttl>", gettext_noop("Set TTL in DNS responses with DHCP-derived addresses."), NULL },
{ LOPT_REPLY_DELAY, ARG_ONE, "<integer>", gettext_noop("Delay DHCP replies for at least number of seconds."), NULL },
+ { LOPT_BIND_MAC_IP6, OPT_BIND_MAC_IP6, NULL, gettext_noop("Bind mac with ipv6 address. This is an experimental feature and it conflicts with rfc3315."), NULL },
{ 0, 0, NULL, NULL, NULL }
};
diff --git a/src/rfc3315.c b/src/rfc3315.c
index 21fcd9b..defd966 100644
--- a/src/rfc3315.c
+++ b/src/rfc3315.c
@@ -55,6 +55,7 @@ static struct prefix_class *prefix_class_from_context(struct dhcp_context *conte
static void mark_context_used(struct state *state, struct in6_addr *addr);
static void mark_config_used(struct dhcp_context *context, struct in6_addr *addr);
static int check_address(struct state *state, struct in6_addr *addr);
+static int check_and_try_preempte_address(struct state *state, struct in6_addr *addr, time_t now, struct dhcp_config *config);
static void add_address(struct state *state, struct dhcp_context *context, unsigned int lease_time, void *ia_option,
unsigned int *min_time, struct in6_addr *addr, time_t now);
static void update_leases(struct state *state, struct dhcp_context *context, struct in6_addr *addr, unsigned int lease_time, time_t now);
@@ -746,7 +747,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
if (!(c->flags & CONTEXT_CONF_USED) &&
match_netid(c->filter, solicit_tags, plain_range) &&
config_valid(config, c, &addr) &&
- check_address(state, &addr))
+ check_and_try_preempte_address(state, &addr, now, config))
{
mark_config_used(state->context, &addr);
if (have_config(config, CONFIG_TIME))
@@ -1744,6 +1745,37 @@ static int check_address(struct state *state, struct in6_addr *addr)
return 1;
}
+static int check_and_try_preempte_address(struct state *state, struct in6_addr *addr, time_t now, struct dhcp_config *config)
+{
+ struct dhcp_lease *lease;
+
+ if (!(lease = lease6_find_by_addr(addr, 128, 0)))
+ {
+ return 1;
+ }
+
+
+ if(daemon->bind_mac_with_ip6) {
+ // break rfc3315 here
+ // bind mac address with a lease
+ if ((state->mac) && !(config->flags & CONFIG_CLID) &&
+ config_has_mac(config, state->mac, state->mac_len, state->mac_type)) {
+ lease_prune(lease, now);
+ return 1;
+ }
+ }
+
+ // what rfc3315 do
+ if (lease->clid_len != state->clid_len ||
+ memcmp(lease->clid, state->clid, state->clid_len) != 0 ||
+ lease->iaid != state->iaid)
+ {
+ return 0;
+ }
+
+ return 1;
+}
+
/* Calculate valid and preferred times to send in leases/renewals.
--
2.19.1

66
bugfix-deal-with-CONFRIM-when-binding-mac-with-ipv6.patch Normal file
View File

@ -0,0 +1,66 @@
From c4a283365bdd56e4552e7205fbfba17ca298fc3a Mon Sep 17 00:00:00 2001
From: Shufeng Cao <caoshufeng@huawei.com>
Date: Fri, 14 Dec 2018 20:02:31 +0800
Subject: [PATCH 2/2] binding mac with ipv6: dealing with invalid CONFIRM
package
---
src/rfc3315.c | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
diff --git a/src/rfc3315.c b/src/rfc3315.c
index defd966..f8ba7e4 100644
--- a/src/rfc3315.c
+++ b/src/rfc3315.c
@@ -1087,11 +1087,31 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
case DHCP6CONFIRM:
{
int good_addr = 0;
+ int find_bind = 0;
+ struct dhcp_config *find_config = NULL;
/* set reply message type */
*outmsgtypep = DHCP6REPLY;
log6_quiet(state, "DHCPCONFIRM", NULL, NULL);
+
+ if(daemon->bind_mac_with_ip6) {
+ if(state->mac) {
+ for (find_config = daemon->dhcp_conf; find_config; find_config = find_config->next)
+ if (config_has_mac(find_config, state->mac, state->mac_len, state->mac_type) && have_config(find_config, CONFIG_ADDR6)) {
+ find_bind = 1;
+ break;
+ }
+ }
+ /* requires all mac has binding ipv6 address. */
+ if (find_bind == 0) {
+ o1 = new_opt6(OPTION6_STATUS_CODE);
+ put_opt6_short(DHCP6NOTONLINK);
+ put_opt6_string(_("confirm failed, no binding found"));
+ end_opt6(o1);
+ return 1;
+ }
+ }
for (opt = state->packet_options; opt; opt = opt6_next(opt, state->end))
{
@@ -1112,6 +1132,16 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
return 1;
}
+ if(daemon->bind_mac_with_ip6) {
+ if (!is_same_net6(req_addr, &find_config->addr6, 128)) {
+ o1 = new_opt6(OPTION6_STATUS_CODE);
+ put_opt6_short(DHCP6NOTONLINK);
+ put_opt6_string(_("confirm failed, not binding to this address"));
+ end_opt6(o1);
+ return 1;
+ }
+ }
+
good_addr = 1;
log6_quiet(state, "DHCPREPLY", req_addr, state->hostname);
}
--
2.19.1

14
dnsmasq.spec
View File

@ -1,6 +1,6 @@
Name: dnsmasq
Version: 2.79
Release: 10
Release: 11
Summary: Dnsmasq provides network infrastructure for small networks
License: GPLv2 or GPLv3
URL: http://www.thekelleys.org.uk/dnsmasq/
@ -13,6 +13,10 @@ Patch0001: dnsmasq-2.77-underflow.patch
Patch0002: dnsmasq-2.78-fips.patch
Patch0003: dnsmasq-2.80-dnssec.patch
Patch6000: 0141-Fix-memory-leak-in-helper.c.patch
Patch9000: bugfix-allow-binding-mac-with-ipv6.patch
Patch9001: bugfix-deal-with-CONFRIM-when-binding-mac-with-ipv6.patch
BuildRequires: dbus-devel pkgconfig libidn2-devel nettle-devel systemd
Requires: nettle >= 3.4
Provides: dnsmasq-utils
@ -105,6 +109,14 @@ install -Dpm644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysusersdir}/dnsmasq.conf
%{_mandir}/man8/dnsmasq*
%changelog
* Sat Dec 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.79-11
- Type:bugfix
- Id:NA
- SUG:NA
- DESC:Fix memory leak in helper.c;
Allow binding mac with ipv6;
Deal with CONFRIM when binding mac with ipv6
* Mon Nov 4 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.79-10
- Type:bugfix
- Id:NA