From 88706ca80156a2449b72506868f56bab72d23358 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 07 2019 12:02:39 +0000 Subject: import dnsmasq-2.79-6.el8 --- diff --git a/SOURCES/dnsmasq-2.76-rh1752569.patch b/SOURCES/dnsmasq-2.76-rh1752569.patch new file mode 100644 index 0000000..b46fcd3 --- /dev/null +++ b/SOURCES/dnsmasq-2.76-rh1752569.patch @@ -0,0 +1,75 @@ +From 3d27384fc5f2a437b7bce128c8ba62e8d6e12df7 Mon Sep 17 00:00:00 2001 +From: Brian Haley +Date: Wed, 28 Aug 2019 16:13:23 -0400 +Subject: [PATCH] Change dhcp_release to use default address when no IP subnet + matches + +Currently, dhcp_release will only send a 'fake' release +when the address given is in the same subnet as an IP +on the interface that was given. + +This doesn't work in an environment where dnsmasq is +managing leases for remote subnets via a DHCP relay, as +running dhcp_release locally will just cause it to +silently exit without doing anything, leaving the lease +in the database. + +Change it to use the default IP on the interface, as the +dnsmasq source code at src/dhcp.c does, if no matching subnet +IP is found, as a fall-back. This fixes an issue we are +seeing in certain Openstack deployments where we are using +dnsmasq to provision baremetal systems in a datacenter. + +While using Dbus might have seemed like an obvious solution, +because of our extensive use of network namespaces (which +Dbus doesn't support), this seemed like a better solution +than creating system.d policy files for each dnsmasq we +might spawn and using --enable-dbus=$id in order to isolate +messages to specific dnsmasq instances. + +Signed-off-by: Brian Haley +(cherry picked from commit d9f882bea2806799bf3d1f73937f5e72d0bfc650) +--- + contrib/lease-tools/dhcp_release.c | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +diff --git a/contrib/lease-tools/dhcp_release.c b/contrib/lease-tools/dhcp_release.c +index a51f04b..1dd8d32 100644 +--- a/contrib/lease-tools/dhcp_release.c ++++ b/contrib/lease-tools/dhcp_release.c +@@ -178,7 +178,7 @@ static int is_same_net(struct in_addr a, struct in_addr b, struct in_addr mask) + return (a.s_addr & mask.s_addr) == (b.s_addr & mask.s_addr); + } + +-static struct in_addr find_interface(struct in_addr client, int fd, unsigned int index) ++static struct in_addr find_interface(struct in_addr client, int fd, unsigned int index, int ifrfd, struct ifreq *ifr) + { + struct sockaddr_nl addr; + struct nlmsghdr *h; +@@ -218,7 +218,13 @@ static struct in_addr find_interface(struct in_addr client, int fd, unsigned int + + for (h = (struct nlmsghdr *)iov.iov_base; NLMSG_OK(h, (size_t)len); h = NLMSG_NEXT(h, len)) + if (h->nlmsg_type == NLMSG_DONE) +- exit(0); ++ { ++ /* No match found, return first address as src/dhcp.c code does */ ++ ifr->ifr_addr.sa_family = AF_INET; ++ if (ioctl(ifrfd, SIOCGIFADDR, ifr) != -1) ++ return ((struct sockaddr_in *)&ifr->ifr_addr)->sin_addr; ++ exit(0); ++ } + else if (h->nlmsg_type == RTM_NEWADDR) + { + struct ifaddrmsg *ifa = NLMSG_DATA(h); +@@ -284,7 +290,7 @@ int main(int argc, char **argv) + } + + lease.s_addr = inet_addr(argv[2]); +- server = find_interface(lease, nl, if_nametoindex(argv[1])); ++ server = find_interface(lease, nl, if_nametoindex(argv[1]), fd, &ifr); + + memset(&packet, 0, sizeof(packet)); + +-- +2.20.1 + diff --git a/SOURCES/dnsmasq-2.79-rh1749092-fail.patch b/SOURCES/dnsmasq-2.79-rh1749092-fail.patch new file mode 100644 index 0000000..3550d61 --- /dev/null +++ b/SOURCES/dnsmasq-2.79-rh1749092-fail.patch @@ -0,0 +1,34 @@ +From 8fda4b4620ca2b23152ca805d14c7cde1083fe31 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Tue, 1 Oct 2019 16:08:28 +0200 +Subject: [PATCH] Report error on dhcp_release + +If no IPv4 address is present on given interface, the tool would not +send any request. It would not report any error at the same time. Report +error if request send failed. + +Signed-off-by: Petr Mensik +--- + contrib/lease-tools/dhcp_release.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/contrib/lease-tools/dhcp_release.c b/contrib/lease-tools/dhcp_release.c +index c866cd9..30e77c6 100644 +--- a/contrib/lease-tools/dhcp_release.c ++++ b/contrib/lease-tools/dhcp_release.c +@@ -223,7 +223,11 @@ static struct in_addr find_interface(struct in_addr client, int fd, unsigned int + ifr->ifr_addr.sa_family = AF_INET; + if (ioctl(ifrfd, SIOCGIFADDR, ifr) != -1) + return ((struct sockaddr_in *)&ifr->ifr_addr)->sin_addr; +- exit(0); ++ else ++ { ++ fprintf(stderr, "error: local IPv4 address not found\n"); ++ exit(1); ++ } + } + else if (h->nlmsg_type == RTM_NEWADDR) + { +-- +2.20.1 + diff --git a/SPECS/dnsmasq.spec b/SPECS/dnsmasq.spec index eb72645..1bd3e4d 100644 --- a/SPECS/dnsmasq.spec +++ b/SPECS/dnsmasq.spec @@ -13,7 +13,7 @@ Name: dnsmasq Version: 2.79 -Release: 5%{?extraversion:.%{extraversion}}%{?dist} +Release: 6%{?extraversion:.%{extraversion}}%{?dist} Summary: A lightweight DHCP/caching DNS server License: GPLv2 or GPLv3 @@ -29,6 +29,10 @@ Patch4: dnsmasq-2.80-dnssec.patch Patch5: dnsmasq-2.79-rh1602477.patch # Few changes not yet in upstream Patch6: dnsmasq-2.79-rh1602477-2.patch +# commit 60ac10d8d86e6f95ab0f06abe6c42596adcedcb8 +Patch7: dnsmasq-2.76-rh1752569.patch +# Report failure when no release would be sent +Patch8: dnsmasq-2.79-rh1749092-fail.patch # This is workaround to nettle bug #1549190 # https://bugzilla.redhat.com/show_bug.cgi?id=1549190 @@ -68,7 +72,8 @@ server's leases. %patch4 -p1 -b .dnssec %patch5 -p1 -b .rh1602477 %patch6 -p1 -b .rh1602477-2 - +%patch7 -p1 -b .rh1752569 +%patch8 -p1 -b .rh1752569 # use /var/lib/dnsmasq instead of /var/lib/misc for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do @@ -169,6 +174,9 @@ install -Dpm 644 %{SOURCE2} %{buildroot}%{_sysusersdir}/dnsmasq.conf %{_mandir}/man1/dhcp_* %changelog +* Mon Sep 30 2019 Petr Menšík - 2.79-6 +- Send dhcp_release even for addresses not on local network (#1749092) + * Thu Jul 18 2019 Petr Menšík - 2.79-5 - Fix Coverity detected issues (#1602477)