pemensik pushed to dnsmasq (master). "Listen only localhost in
default configuration (..more)"
by notifications@fedoraproject.org
Notification time stamped 2020-06-30 17:13:53 UTC
From 744ba31be775c11b1f52104d6285509b06b81035 Mon Sep 17 00:00:00 2001
From: Petr Menšík <pemensik(a)redhat.com>
Date: Jun 30 2020 17:13:15 +0000
Subject: Listen only localhost in default configuration
Require manual configuration to enable either local-service for any
connected networks or interface to listen all hosts on interface.
---
diff --git a/dnsmasq-2.81-configuration.patch b/dnsmasq-2.81-configuration.patch
new file mode 100644
index 0000000..0cf66c7
--- /dev/null
+++ b/dnsmasq-2.81-configuration.patch
@@ -0,0 +1,79 @@
+From d07d1bcdd739da00d0acb8c4561c33bc4d27a0da Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik(a)redhat.com>
+Date: Tue, 30 Jun 2020 18:06:29 +0200
+Subject: [PATCH] Modify upstream configuration to safe defaults
+
+Most important change would be to listen only on localhost. Default
+configuration should not listen to request from remote hosts. Match also
+user and paths to directories shipped in Fedora.
+---
+ dnsmasq.conf.example | 18 ++++++++++++++----
+ 1 file changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/dnsmasq.conf.example b/dnsmasq.conf.example
+index bf19424..a130118 100644
+--- a/dnsmasq.conf.example
++++ b/dnsmasq.conf.example
+@@ -22,7 +22,7 @@
+
+ # Uncomment these to enable DNSSEC validation and caching:
+ # (Requires dnsmasq to be built with DNSSEC option.)
+-#conf-file=%%PREFIX%%/share/dnsmasq/trust-anchors.conf
++#conf-file=/usr/share/dnsmasq/trust-anchors.conf
+ #dnssec
+
+ # Replies which are not DNSSEC signed may be legitimate, because the domain
+@@ -96,14 +96,16 @@
+
+ # If you want dnsmasq to change uid and gid to something other
+ # than the default, edit the following lines.
+-#user=
+-#group=
++user=dnsmasq
++group=dnsmasq
+
+ # If you want dnsmasq to listen for DHCP and DNS requests only on
+ # specified interfaces (and the loopback) give the name of the
+ # interface (eg eth0) here.
+ # Repeat the line for more than one interface.
+ #interface=
++# Listen only on localhost by default
++interface=lo
+ # Or you can specify which interface _not_ to listen on
+ #except-interface=
+ # Or which to listen on by address (remember to include 127.0.0.1 if
+@@ -114,6 +116,10 @@
+ # disable DHCP and TFTP on it.
+ #no-dhcp-interface=
+
++# Serve DNS and DHCP only to networks directly connected to this machine.
++# Any interface= line will override it.
++#local-service
++
+ # On systems which support it, dnsmasq binds the wildcard address,
+ # even when it is listening on only some interfaces. It then discards
+ # requests that it shouldn't reply to. This has the advantage of
+@@ -535,7 +541,7 @@
+ # The DHCP server needs somewhere on disk to keep its lease database.
+ # This defaults to a sane location, but if you want to change it, use
+ # the line below.
+-#dhcp-leasefile=/var/lib/misc/dnsmasq.leases
++#dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases
+
+ # Set the DHCP server to authoritative mode. In this mode it will barge in
+ # and take over the lease for any client which broadcasts on the network,
+@@ -673,7 +679,11 @@
+ # Include all files in a directory which end in .conf
+ #conf-dir=/etc/dnsmasq.d/,*.conf
+
++# Include all files in /etc/dnsmasq.d except RPM backup files
++conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig
++
+ # If a DHCP client claims that its name is "wpad", ignore that.
+ # This fixes a security hole. see CERT Vulnerability VU#598349
+ #dhcp-name-match=set:wpad-ignore,wpad
+ #dhcp-ignore-names=tag:wpad-ignore
++
+--
+2.26.2
+
diff --git a/dnsmasq.spec b/dnsmasq.spec
index 2db0d37..7bc3eb2 100644
--- a/dnsmasq.spec
+++ b/dnsmasq.spec
@@ -20,7 +20,7 @@
Name: dnsmasq
Version: 2.81
-Release: 3%{?extraversion:.%{extraversion}}%{?dist}
+Release: 4%{?extraversion:.%{extraversion}}%{?dist}
Summary: A lightweight DHCP/caching DNS server
License: GPLv2 or GPLv3
@@ -38,6 +38,8 @@ Source4: http://www.thekelleys.org.uk/srkgpg.txt
# https://bugzilla.redhat.com/show_bug.cgi?id=1495409
Patch1: dnsmasq-2.77-underflow.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=1852373
+Patch2: dnsmasq-2.81-configuration.patch
Patch3: dnsmasq-2.78-fips.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1728701
Patch7: dnsmasq-2.80-rh1728701.patch
@@ -106,12 +108,6 @@ for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do
sed -i 's|/var/lib/misc/dnsmasq.leases|/var/lib/dnsmasq/dnsmasq.leases|g' "$file"
done
-# fix the path to the trust anchor
-sed -i 's|%%%%PREFIX%%%%|%{_prefix}|' dnsmasq.conf.example
-
-#set dnsmasq user / group
-sed -i 's|#user=|user=dnsmasq|' dnsmasq.conf.example
-sed -i 's|#group=|group=dnsmasq|' dnsmasq.conf.example
#set default user /group in src/config.h
sed -i 's|#define CHUSER "nobody"|#define CHUSER "dnsmasq"|' src/config.h
sed -i 's|#define CHGRP "dip"|#define CHGRP "dnsmasq"|' src/config.h
@@ -119,14 +115,6 @@ sed -i 's|#define CHGRP "dip"|#define CHGRP "dnsmasq"|' src/config.h
# optional parts
sed -i 's|^COPTS[[:space:]]*=|\0 -DHAVE_DBUS -DHAVE_LIBIDN2 -DHAVE_DNSSEC|' Makefile
-#enable /etc/dnsmasq.d fix bz 526703, ignore RPM backup files
-cat << EOF >> dnsmasq.conf.example
-
-# Include all files in /etc/dnsmasq.d except RPM backup files
-conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig
-EOF
-
-
%build
%make_build CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
%make_build -C contrib/lease-tools CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
@@ -198,6 +186,9 @@ install -Dpm 644 %{SOURCE2} %{buildroot}%{_sysusersdir}/%{name}.conf
%{_mandir}/man1/dhcp_*
%changelog
+* Tue Jun 30 2020 Petr Menšík <pemensik(a)redhat.com> - 2.81-4
+- Accept queries only from localhost (CVE-2020-14312)
+
* Mon May 11 2020 Petr Menšík <pemensik(a)redhat.com> - 2.81-3
- Correct multiple entries with the same mac address (#1834454)
https://src.fedoraproject.org/rpms/dnsmasq/c/744ba31be775c11b1f52104d6285...
3 years, 10 months
pemensik pushed to dnsmasq (f32). "Listen only localhost in default
configuration (..more)"
by notifications@fedoraproject.org
Notification time stamped 2020-06-30 17:18:24 UTC
From 744ba31be775c11b1f52104d6285509b06b81035 Mon Sep 17 00:00:00 2001
From: Petr Menšík <pemensik(a)redhat.com>
Date: Jun 30 2020 17:13:15 +0000
Subject: Listen only localhost in default configuration
Require manual configuration to enable either local-service for any
connected networks or interface to listen all hosts on interface.
---
diff --git a/dnsmasq-2.81-configuration.patch b/dnsmasq-2.81-configuration.patch
new file mode 100644
index 0000000..0cf66c7
--- /dev/null
+++ b/dnsmasq-2.81-configuration.patch
@@ -0,0 +1,79 @@
+From d07d1bcdd739da00d0acb8c4561c33bc4d27a0da Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik(a)redhat.com>
+Date: Tue, 30 Jun 2020 18:06:29 +0200
+Subject: [PATCH] Modify upstream configuration to safe defaults
+
+Most important change would be to listen only on localhost. Default
+configuration should not listen to request from remote hosts. Match also
+user and paths to directories shipped in Fedora.
+---
+ dnsmasq.conf.example | 18 ++++++++++++++----
+ 1 file changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/dnsmasq.conf.example b/dnsmasq.conf.example
+index bf19424..a130118 100644
+--- a/dnsmasq.conf.example
++++ b/dnsmasq.conf.example
+@@ -22,7 +22,7 @@
+
+ # Uncomment these to enable DNSSEC validation and caching:
+ # (Requires dnsmasq to be built with DNSSEC option.)
+-#conf-file=%%PREFIX%%/share/dnsmasq/trust-anchors.conf
++#conf-file=/usr/share/dnsmasq/trust-anchors.conf
+ #dnssec
+
+ # Replies which are not DNSSEC signed may be legitimate, because the domain
+@@ -96,14 +96,16 @@
+
+ # If you want dnsmasq to change uid and gid to something other
+ # than the default, edit the following lines.
+-#user=
+-#group=
++user=dnsmasq
++group=dnsmasq
+
+ # If you want dnsmasq to listen for DHCP and DNS requests only on
+ # specified interfaces (and the loopback) give the name of the
+ # interface (eg eth0) here.
+ # Repeat the line for more than one interface.
+ #interface=
++# Listen only on localhost by default
++interface=lo
+ # Or you can specify which interface _not_ to listen on
+ #except-interface=
+ # Or which to listen on by address (remember to include 127.0.0.1 if
+@@ -114,6 +116,10 @@
+ # disable DHCP and TFTP on it.
+ #no-dhcp-interface=
+
++# Serve DNS and DHCP only to networks directly connected to this machine.
++# Any interface= line will override it.
++#local-service
++
+ # On systems which support it, dnsmasq binds the wildcard address,
+ # even when it is listening on only some interfaces. It then discards
+ # requests that it shouldn't reply to. This has the advantage of
+@@ -535,7 +541,7 @@
+ # The DHCP server needs somewhere on disk to keep its lease database.
+ # This defaults to a sane location, but if you want to change it, use
+ # the line below.
+-#dhcp-leasefile=/var/lib/misc/dnsmasq.leases
++#dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases
+
+ # Set the DHCP server to authoritative mode. In this mode it will barge in
+ # and take over the lease for any client which broadcasts on the network,
+@@ -673,7 +679,11 @@
+ # Include all files in a directory which end in .conf
+ #conf-dir=/etc/dnsmasq.d/,*.conf
+
++# Include all files in /etc/dnsmasq.d except RPM backup files
++conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig
++
+ # If a DHCP client claims that its name is "wpad", ignore that.
+ # This fixes a security hole. see CERT Vulnerability VU#598349
+ #dhcp-name-match=set:wpad-ignore,wpad
+ #dhcp-ignore-names=tag:wpad-ignore
++
+--
+2.26.2
+
diff --git a/dnsmasq.spec b/dnsmasq.spec
index 2db0d37..7bc3eb2 100644
--- a/dnsmasq.spec
+++ b/dnsmasq.spec
@@ -20,7 +20,7 @@
Name: dnsmasq
Version: 2.81
-Release: 3%{?extraversion:.%{extraversion}}%{?dist}
+Release: 4%{?extraversion:.%{extraversion}}%{?dist}
Summary: A lightweight DHCP/caching DNS server
License: GPLv2 or GPLv3
@@ -38,6 +38,8 @@ Source4: http://www.thekelleys.org.uk/srkgpg.txt
# https://bugzilla.redhat.com/show_bug.cgi?id=1495409
Patch1: dnsmasq-2.77-underflow.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=1852373
+Patch2: dnsmasq-2.81-configuration.patch
Patch3: dnsmasq-2.78-fips.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1728701
Patch7: dnsmasq-2.80-rh1728701.patch
@@ -106,12 +108,6 @@ for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do
sed -i 's|/var/lib/misc/dnsmasq.leases|/var/lib/dnsmasq/dnsmasq.leases|g' "$file"
done
-# fix the path to the trust anchor
-sed -i 's|%%%%PREFIX%%%%|%{_prefix}|' dnsmasq.conf.example
-
-#set dnsmasq user / group
-sed -i 's|#user=|user=dnsmasq|' dnsmasq.conf.example
-sed -i 's|#group=|group=dnsmasq|' dnsmasq.conf.example
#set default user /group in src/config.h
sed -i 's|#define CHUSER "nobody"|#define CHUSER "dnsmasq"|' src/config.h
sed -i 's|#define CHGRP "dip"|#define CHGRP "dnsmasq"|' src/config.h
@@ -119,14 +115,6 @@ sed -i 's|#define CHGRP "dip"|#define CHGRP "dnsmasq"|' src/config.h
# optional parts
sed -i 's|^COPTS[[:space:]]*=|\0 -DHAVE_DBUS -DHAVE_LIBIDN2 -DHAVE_DNSSEC|' Makefile
-#enable /etc/dnsmasq.d fix bz 526703, ignore RPM backup files
-cat << EOF >> dnsmasq.conf.example
-
-# Include all files in /etc/dnsmasq.d except RPM backup files
-conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig
-EOF
-
-
%build
%make_build CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
%make_build -C contrib/lease-tools CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
@@ -198,6 +186,9 @@ install -Dpm 644 %{SOURCE2} %{buildroot}%{_sysusersdir}/%{name}.conf
%{_mandir}/man1/dhcp_*
%changelog
+* Tue Jun 30 2020 Petr Menšík <pemensik(a)redhat.com> - 2.81-4
+- Accept queries only from localhost (CVE-2020-14312)
+
* Mon May 11 2020 Petr Menšík <pemensik(a)redhat.com> - 2.81-3
- Correct multiple entries with the same mac address (#1834454)
https://src.fedoraproject.org/rpms/dnsmasq/c/744ba31be775c11b1f52104d6285...
3 years, 10 months
rpms/dnsmasq/devel dnsmasq-newglibc.patch, NONE, 1.1 dnsmasq.spec, 1.31, 1.32
by fedora-extras-commits@redhat.com
Author: jima
Update of /cvs/pkgs/rpms/dnsmasq/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12644
Modified Files:
dnsmasq.spec
Added Files:
dnsmasq-newglibc.patch
Log Message:
* Wed Feb 13 2008 Patrick "Jima" Laughton <jima(a)beer.tclug.org> 2.41-0.8
- Added upstream-authored patch for newer glibc (thanks Simon!)
dnsmasq-newglibc.patch:
--- NEW FILE dnsmasq-newglibc.patch ---
diff -urN dnsmasq-2.41/CHANGELOG dnsmasq-2.42test1/CHANGELOG
--- dnsmasq-2.41/CHANGELOG 2008-02-11 05:48:46.000000000 -0600
+++ dnsmasq-2.42test1/CHANGELOG 2008-02-13 15:06:43.000000000 -0600
@@ -2462,6 +2462,9 @@
when debug mode is set. Thanks to cedric Duval for the
patch.
+version 2.42 (backported fix)
+ Define __USE_GNU to avoid problems with later glibc
+ headers. Thanks to Jima for spotting the problem.
diff -urN dnsmasq-2.41/src/config.h dnsmasq-2.42test1/src/config.h
--- dnsmasq-2.41/src/config.h 2008-02-12 05:03:28.000000000 -0600
+++ dnsmasq-2.42test1/src/config.h 2008-02-13 15:07:05.000000000 -0600
@@ -85,13 +85,6 @@
#endif
-/* Get linux C library versions. */
-#if defined(__linux__) && !defined(__UCLIBC__) && !defined(__uClinux__)
-/*# include <libio.h> */
-# include <features.h>
-#endif
-
-
/* Follows system specific switches. If you run on a
new system, you may want to edit these.
May replace this with Autoconf one day.
diff -urN dnsmasq-2.41/src/dnsmasq.h dnsmasq-2.42test1/src/dnsmasq.h
--- dnsmasq-2.41/src/dnsmasq.h 2008-02-01 15:42:35.000000000 -0600
+++ dnsmasq-2.42test1/src/dnsmasq.h 2008-02-13 14:38:39.000000000 -0600
@@ -17,6 +17,17 @@
#define COPYRIGHT "Copyright (C) 2000-2008 Simon Kelley"
/* get these before config.h for IPv6 stuff... */
+/* Get linux C library versions. */
+#ifdef __linux__
+# include <features.h>
+#endif
+
+#ifdef __GLIBC__
+/* needed for in6_pktinfo on later glibc releases */
+# define __USE_GNU
+# define _GNU_SOURCE
+#endif
+
#include <sys/types.h>
#include <netinet/in.h>
Index: dnsmasq.spec
===================================================================
RCS file: /cvs/pkgs/rpms/dnsmasq/devel/dnsmasq.spec,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- dnsmasq.spec 13 Feb 2008 15:21:24 -0000 1.31
+++ dnsmasq.spec 14 Feb 2008 03:05:21 -0000 1.32
@@ -11,15 +11,16 @@
Name: dnsmasq
Version: 2.41
-Release: 0.7%{?extraversion}%{?dist}
+Release: 0.8%{?extraversion}%{?dist}
Summary: A lightweight DHCP/caching DNS server
Group: System Environment/Daemons
-License: GPLv2
+License: GPLv2 or GPLv3
URL: http://www.thekelleys.org.uk/dnsmasq/
Source0: http://www.thekelleys.org.uk/dnsmasq/%{?extrapath}%{name}-%{version}%{?ex...
Patch0: %{name}-2.33-initscript.patch
Patch1: %{name}-configuration.patch
+Patch2: %{name}-newglibc.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: dbus-devel
@@ -46,6 +47,7 @@
%setup -q -n %{name}-%{version}%{?extraversion}
%patch0 -p1
%patch1 -p1
+%patch2 -p1
%build
make %{?_smp_mflags}
@@ -109,6 +111,9 @@
%changelog
+* Wed Feb 13 2008 Patrick "Jima" Laughton <jima(a)beer.tclug.org> 2.41-0.8
+- Added upstream-authored patch for newer glibc (thanks Simon!)
+
* Wed Feb 13 2008 Patrick "Jima" Laughton <jima(a)beer.tclug.org> 2.41-0.7
- New upstream release
16 years, 2 months
[dnsmasq/f21] Fix typo in default configuration (#1149459)
by Tomas Hozza
commit c0cb2fb4293bc9028371f4c3b5fb684334c9da03
Author: Tomas Hozza <thozza(a)redhat.com>
Date: Mon Oct 6 10:35:08 2014 +0200
Fix typo in default configuration (#1149459)
Signed-off-by: Tomas Hozza <thozza(a)redhat.com>
dnsmasq-2.72-configuration.patch | 10 ++++++++++
dnsmasq.spec | 8 +++++++-
2 files changed, 17 insertions(+), 1 deletions(-)
---
diff --git a/dnsmasq-2.72-configuration.patch b/dnsmasq-2.72-configuration.patch
new file mode 100644
index 0000000..109235b
--- /dev/null
+++ b/dnsmasq-2.72-configuration.patch
@@ -0,0 +1,10 @@
+diff -up dnsmasq-2.72/dnsmasq.conf.example.syntax_err dnsmasq-2.72/dnsmasq.conf.example
+--- dnsmasq-2.72/dnsmasq.conf.example.syntax_err 2014-10-06 10:30:31.841567305 +0200
++++ dnsmasq-2.72/dnsmasq.conf.example 2014-10-06 10:33:51.195697413 +0200
+@@ -645,4 +645,4 @@
+ #conf-dir=/etc/dnsmasq.d,.bak
+
+ # Include all files in a directory which end in .conf
+-#conf-dir=/etc/dnsmasq.d/*.conf
+\ No newline at end of file
++#conf-dir=/etc/dnsmasq.d/,*.conf
diff --git a/dnsmasq.spec b/dnsmasq.spec
index 84a5860..537f39d 100644
--- a/dnsmasq.spec
+++ b/dnsmasq.spec
@@ -13,7 +13,7 @@
Name: dnsmasq
Version: 2.72
-Release: 1%{?extraversion:.%{extraversion}}%{?dist}
+Release: 2%{?extraversion:.%{extraversion}}%{?dist}
Summary: A lightweight DHCP/caching DNS server
Group: System Environment/Daemons
@@ -23,6 +23,7 @@ Source0: http://www.thekelleys.org.uk/dnsmasq/%{?extrapath}%{name}-%{vers
Source1: %{name}.service
# Patches
+Patch1: dnsmasq-2.72-configuration.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -59,6 +60,8 @@ query/remove a DHCP server's leases.
%prep
%setup -q -n %{name}-%{version}%{?extraversion}
+%patch1 -p1 -b .syntax_err
+
# use /var/lib/dnsmasq instead of /var/lib/misc
for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do
sed -i 's|/var/lib/misc/dnsmasq.leases|/var/lib/dnsmasq/dnsmasq.leases|g' "$file"
@@ -141,6 +144,9 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man1/dhcp_*
%changelog
+* Mon Oct 06 2014 Tomas Hozza <thozza(a)redhat.com> - 2.72-2
+- Fix typo in default configuration (#1149459)
+
* Thu Sep 25 2014 Tomas Hozza <thozza(a)redhat.com> - 2.72-1
- Update to 2.72 stable
9 years, 7 months
pemensik pushed to dnsmasq (master). "Do not include stdio.h before
dnsmasq.h (..more)"
by notifications@fedoraproject.org
From d528970d82e8db95c8620b7dd072c406148e1704 Mon Sep 17 00:00:00 2001
From: Petr Menšík <pemensik(a)redhat.com>
Date: Oct 02 2017 15:25:16 +0000
Subject: Do not include stdio.h before dnsmasq.h
We define some constants in dnsmasq.h, which have an influence on
stdio.h. So do not include stdio.h before dnsmasq.h.
Signed-off-by: Petr Menšík <pemensik(a)redhat.com>
---
diff --git a/dnsmasq-2.77-stdio.h.patch b/dnsmasq-2.77-stdio.h.patch
new file mode 100644
index 0000000..dc53025
--- /dev/null
+++ b/dnsmasq-2.77-stdio.h.patch
@@ -0,0 +1,44 @@
+From b476faf1c4f96c093ea1a8a0c824dea9f55b665f Mon Sep 17 00:00:00 2001
+From: Christian Hesse <list(a)eworm.de>
+Date: Mon, 25 Sep 2017 17:36:24 +0100
+Subject: [PATCH] Do not include stdio.h before dnsmasq.h
+
+We define some constants in dnsmasq.h, which have an influence on
+stdio.h. So do not include stdio.h before dnsmasq.h.
+---
+ src/dnsmasq.h | 6 ++++++
+ src/helper.c | 1 -
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/dnsmasq.h b/src/dnsmasq.h
+index 7a18898..421488b 100644
+--- a/src/dnsmasq.h
++++ b/src/dnsmasq.h
+@@ -16,6 +16,12 @@
+
+ #define COPYRIGHT "Copyright (c) 2000-2016 Simon Kelley"
+
++/* We do defines that influence behavior of stdio.h, so complain
++ if included too early. */
++#ifdef _STDIO_H
++# error "Header file stdio.h included too early!"
++#endif
++
+ #ifndef NO_LARGEFILE
+ /* Ensure we can use files >2GB (log files may grow this big) */
+ # define _LARGEFILE_SOURCE 1
+diff --git a/src/helper.c b/src/helper.c
+index 4fffa27..68ce9a7 100644
+--- a/src/helper.c
++++ b/src/helper.c
+@@ -14,7 +14,6 @@
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+-#include <stdio.h>
+ #include "dnsmasq.h"
+
+ #ifdef HAVE_SCRIPT
+--
+2.9.5
+
diff --git a/dnsmasq.spec b/dnsmasq.spec
index ffd75ec..7e861f3 100644
--- a/dnsmasq.spec
+++ b/dnsmasq.spec
@@ -31,6 +31,7 @@ Patch6: dnsmasq-2.77-CVE-2017-14496.patch
Patch7: dnsmasq-2.77-CVE-2017-14495.patch
Patch8: dnsmasq-2.77-misc-cleanups.patch
Patch9: dnsmasq-2.77-CVE-2017-14491-2.patch
+Patch10: dnsmasq-2.77-stdio.h.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -74,6 +75,7 @@ query/remove a DHCP server's leases.
%patch7 -p1 -b .CVE-2017-14495
%patch8 -p1 -b .misc-cleanups
%patch9 -p1 -b .CVE-2017-14491-2
+%patch10 -p1 -b .stdio.h
# use /var/lib/dnsmasq instead of /var/lib/misc
for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do
@@ -168,6 +170,7 @@ rm -rf $RPM_BUILD_ROOT
- Security fix, CVE-2017-14496, Integer underflow in DNS response creation
- Security fix, CVE-2017-14495, OOM in DNS response creation
- Misc code cleanups arising from Google analysis
+- Do not include stdio.h before dnsmasq.h
* Thu Sep 14 2017 Petr Menšík <pemensik(a)redhat.com> - 2.77-7
- Fix CVE-2017-13704
https://src.fedoraproject.org/rpms/dnsmasq/c/d528970d82e8db95c8620b7dd072...
6 years, 7 months
pemensik pushed to dnsmasq (f27). "Do not include stdio.h before
dnsmasq.h (..more)"
by notifications@fedoraproject.org
From d528970d82e8db95c8620b7dd072c406148e1704 Mon Sep 17 00:00:00 2001
From: Petr Menšík <pemensik(a)redhat.com>
Date: Oct 02 2017 15:25:16 +0000
Subject: Do not include stdio.h before dnsmasq.h
We define some constants in dnsmasq.h, which have an influence on
stdio.h. So do not include stdio.h before dnsmasq.h.
Signed-off-by: Petr Menšík <pemensik(a)redhat.com>
---
diff --git a/dnsmasq-2.77-stdio.h.patch b/dnsmasq-2.77-stdio.h.patch
new file mode 100644
index 0000000..dc53025
--- /dev/null
+++ b/dnsmasq-2.77-stdio.h.patch
@@ -0,0 +1,44 @@
+From b476faf1c4f96c093ea1a8a0c824dea9f55b665f Mon Sep 17 00:00:00 2001
+From: Christian Hesse <list(a)eworm.de>
+Date: Mon, 25 Sep 2017 17:36:24 +0100
+Subject: [PATCH] Do not include stdio.h before dnsmasq.h
+
+We define some constants in dnsmasq.h, which have an influence on
+stdio.h. So do not include stdio.h before dnsmasq.h.
+---
+ src/dnsmasq.h | 6 ++++++
+ src/helper.c | 1 -
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/dnsmasq.h b/src/dnsmasq.h
+index 7a18898..421488b 100644
+--- a/src/dnsmasq.h
++++ b/src/dnsmasq.h
+@@ -16,6 +16,12 @@
+
+ #define COPYRIGHT "Copyright (c) 2000-2016 Simon Kelley"
+
++/* We do defines that influence behavior of stdio.h, so complain
++ if included too early. */
++#ifdef _STDIO_H
++# error "Header file stdio.h included too early!"
++#endif
++
+ #ifndef NO_LARGEFILE
+ /* Ensure we can use files >2GB (log files may grow this big) */
+ # define _LARGEFILE_SOURCE 1
+diff --git a/src/helper.c b/src/helper.c
+index 4fffa27..68ce9a7 100644
+--- a/src/helper.c
++++ b/src/helper.c
+@@ -14,7 +14,6 @@
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+-#include <stdio.h>
+ #include "dnsmasq.h"
+
+ #ifdef HAVE_SCRIPT
+--
+2.9.5
+
diff --git a/dnsmasq.spec b/dnsmasq.spec
index ffd75ec..7e861f3 100644
--- a/dnsmasq.spec
+++ b/dnsmasq.spec
@@ -31,6 +31,7 @@ Patch6: dnsmasq-2.77-CVE-2017-14496.patch
Patch7: dnsmasq-2.77-CVE-2017-14495.patch
Patch8: dnsmasq-2.77-misc-cleanups.patch
Patch9: dnsmasq-2.77-CVE-2017-14491-2.patch
+Patch10: dnsmasq-2.77-stdio.h.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -74,6 +75,7 @@ query/remove a DHCP server's leases.
%patch7 -p1 -b .CVE-2017-14495
%patch8 -p1 -b .misc-cleanups
%patch9 -p1 -b .CVE-2017-14491-2
+%patch10 -p1 -b .stdio.h
# use /var/lib/dnsmasq instead of /var/lib/misc
for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do
@@ -168,6 +170,7 @@ rm -rf $RPM_BUILD_ROOT
- Security fix, CVE-2017-14496, Integer underflow in DNS response creation
- Security fix, CVE-2017-14495, OOM in DNS response creation
- Misc code cleanups arising from Google analysis
+- Do not include stdio.h before dnsmasq.h
* Thu Sep 14 2017 Petr Menšík <pemensik(a)redhat.com> - 2.77-7
- Fix CVE-2017-13704
https://src.fedoraproject.org/rpms/dnsmasq/c/d528970d82e8db95c8620b7dd072...
6 years, 7 months
rpms/dnsmasq/devel import.log, NONE, 1.1 .cvsignore, 1.26, 1.27 dnsmasq.spec, 1.43, 1.44 sources, 1.26, 1.27 dnsmasq-2.48-tftp-server-vulnerabilities.patch, 1.1, NONE
by Itamar Reis Peixoto
Author: itamarjp
Update of /cvs/pkgs/rpms/dnsmasq/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv13297/devel
Modified Files:
.cvsignore dnsmasq.spec sources
Added Files:
import.log
Removed Files:
dnsmasq-2.48-tftp-server-vulnerabilities.patch
Log Message:
- new version 2.51
--- NEW FILE import.log ---
dnsmasq-2_51-1_fc12:HEAD:dnsmasq-2.51-1.fc12.src.rpm:1255825544
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/dnsmasq/devel/.cvsignore,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -p -r1.26 -r1.27
--- .cvsignore 12 Aug 2009 17:05:49 -0000 1.26
+++ .cvsignore 18 Oct 2009 00:28:38 -0000 1.27
@@ -1 +1 @@
-dnsmasq-2.48.tar.lzma
+dnsmasq-2.51.tar.lzma
Index: dnsmasq.spec
===================================================================
RCS file: /cvs/pkgs/rpms/dnsmasq/devel/dnsmasq.spec,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -p -r1.43 -r1.44
--- dnsmasq.spec 17 Oct 2009 23:08:16 -0000 1.43
+++ dnsmasq.spec 18 Oct 2009 00:28:38 -0000 1.44
@@ -10,8 +10,8 @@
%endif
Name: dnsmasq
-Version: 2.48
-Release: 5%{?extraversion}%{?dist}
+Version: 2.51
+Release: 1%{?extraversion}%{?dist}
Summary: A lightweight DHCP/caching DNS server
Group: System Environment/Daemons
@@ -19,7 +19,6 @@ License: GPLv2 or GPLv3
URL: http://www.thekelleys.org.uk/dnsmasq/
Source0: http://www.thekelleys.org.uk/dnsmasq/%{?extrapath}%{name}-%{version}%{?ex...
Source1: %{name}.init
-Patch2: %{name}-2.48-tftp-server-vulnerabilities.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: dbus-devel
@@ -56,7 +55,6 @@ sed -i 's|/* #define HAVE_DBUS */|#defin
#enable /etc/dnsmasq.d fix bz 526703
sed -i 's|#conf-dir=/etc/dnsmasq.d|conf-dir=/etc/dnsmasq.d|g' dnsmasq.conf.example
-%patch2 -p1
%build
make %{?_smp_mflags}
@@ -120,11 +118,12 @@ fi
%changelog
-* Sat Oct 17 2009 Itamar Reis Peixoto <itamar(a)ispbrasil.com.br> - 2.48-5
+* Sat Oct 17 2009 Itamar Reis Peixoto <itamar(a)ispbrasil.com.br> - 2.51-1
- move initscript from patch to a plain text file
- drop (dnsmasq-configuration.patch) and use sed instead
- enable /etc/dnsmasq.d fix bz 526703
- change requires to package name instead of file
+- new version 2.51
* Mon Oct 5 2009 Mark McLoughlin <markmc(a)redhat.com> - 2.48-4
- Fix multiple TFTP server vulnerabilities (CVE-2009-2957, CVE-2009-2958)
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/dnsmasq/devel/sources,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -p -r1.26 -r1.27
--- sources 12 Aug 2009 17:05:49 -0000 1.26
+++ sources 18 Oct 2009 00:28:38 -0000 1.27
@@ -1 +1 @@
-014eae223140ec283b4301165db0509a dnsmasq-2.48.tar.lzma
+0f048f3fd1f3888876867809d162cd89 dnsmasq-2.51.tar.lzma
--- dnsmasq-2.48-tftp-server-vulnerabilities.patch DELETED ---
14 years, 6 months
[dnsmasq/f19] New stable version dnsmasq-2.66
by Tomas Hozza
commit 609b978ebe1fe4fda53b13c322b4299937185ae5
Author: Tomas Hozza <thozza(a)redhat.com>
Date: Thu Apr 18 09:27:37 2013 +0200
New stable version dnsmasq-2.66
+ Drop of merged patch
Signed-off-by: Tomas Hozza <thozza(a)redhat.com>
.gitignore | 1 +
...5-Fix-crash-on-exceeding-DHCP-lease-limit.patch | 61 --------------------
dnsmasq.spec | 13 ++--
sources | 2 +-
4 files changed, 8 insertions(+), 69 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 66c2e52..5382b85 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@ dnsmasq-2.52.tar.lzma
/dnsmasq-2.65.tar.gz
/dnsmasq-2.66rc1.tar.gz
/dnsmasq-2.66rc5.tar.gz
+/dnsmasq-2.66.tar.gz
diff --git a/dnsmasq.spec b/dnsmasq.spec
index 2cf2be7..505f75c 100644
--- a/dnsmasq.spec
+++ b/dnsmasq.spec
@@ -1,5 +1,5 @@
%define testrelease 0
-%define releasecandidate 1
+%define releasecandidate 0
%if 0%{testrelease}
%define extrapath test-releases/
%define extraversion test30
@@ -11,7 +11,7 @@
Name: dnsmasq
Version: 2.66
-Release: 1.%{?extraversion}%{?dist}
+Release: 2%{?extraversion}%{?dist}
Summary: A lightweight DHCP/caching DNS server
Group: System Environment/Daemons
@@ -20,9 +20,6 @@ URL: http://www.thekelleys.org.uk/dnsmasq/
Source0: http://www.thekelleys.org.uk/dnsmasq/%{?extrapath}%{name}-%{version}%{?ex...
Source1: %{name}.service
-# Upstream fix after dnsmasq-2.66rc5 - commit 56a1142f033234e3ee3b6361e9a1bcdbe606f816
-Patch0: dnsmasq-2.66.rc5-Fix-crash-on-exceeding-DHCP-lease-limit.patch
-
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: dbus-devel
@@ -57,8 +54,6 @@ query/remove a DHCP server's leases.
%prep
%setup -q -n %{name}-%{version}%{?extraversion}
-%patch0 -p1 -b .lease-limit
-
# use /var/lib/dnsmasq instead of /var/lib/misc
for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do
sed -i 's|/var/lib/misc/dnsmasq.leases|/var/lib/dnsmasq/dnsmasq.leases|g' "$file"
@@ -138,6 +133,10 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man1/dhcp_*
%changelog
+* Thu Apr 18 2013 Tomas Hozza <thozza(a)redhat.com> - 2.66-2
+- New stable version dnsmasq-2.66
+- Drop of merged patch
+
* Fri Apr 12 2013 Tomas Hozza <thozza(a)redhat.com> - 2.66-1.rc5
- Update to latest dnsmasq-2.66rc5
- Include fix for segfault when lease limit is reached
diff --git a/sources b/sources
index 4f4ade2..ee41294 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-9c9fe3f9b0d6afb6a0a5d2f5c4eb1867 dnsmasq-2.66rc5.tar.gz
+c5eb8fb88847a5e9bf18db67c74efd47 dnsmasq-2.66.tar.gz
11 years
thaller pushed to NetworkManager (master). "clear cache of dnsmasq
when updating DNS configuration (rh#1338731)"
by notifications@fedoraproject.org
From 3ce491100f84a1dc3dc92215f16f5cb5c48bff71 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller(a)redhat.com>
Date: Thu, 2 Jun 2016 19:29:56 +0200
Subject: clear cache of dnsmasq when updating DNS configuration (rh#1338731)
---
...dnsmasq-clear-cache-and-restart-rh1338731.patch | 531 +++++++++++++++++++++
NetworkManager.spec | 15 +-
2 files changed, 544 insertions(+), 2 deletions(-)
create mode 100644 0001-dnsmasq-clear-cache-and-restart-rh1338731.patch
diff --git a/0001-dnsmasq-clear-cache-and-restart-rh1338731.patch b/0001-dnsmasq-clear-cache-and-restart-rh1338731.patch
new file mode 100644
index 0000000..bc5162c
--- /dev/null
+++ b/0001-dnsmasq-clear-cache-and-restart-rh1338731.patch
@@ -0,0 +1,531 @@
+From 594a225264fe501ec78a8d20ee5447d18e1175b5 Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani(a)redhat.com>
+Date: Tue, 31 May 2016 17:04:03 +0200
+Subject: [PATCH 1/6] core: fix some memory leaks
+
+(cherry picked from commit ec53ed2cbaab754ddf1283658b5adfba8134e757)
+(cherry picked from commit 70d194c159c80266140157db535700f8e44dbe0b)
+---
+ src/dhcp-manager/nm-dhcp-client.c | 2 ++
+ src/nm-manager.c | 2 +-
+ src/nm-policy.c | 1 +
+ 3 files changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/dhcp-manager/nm-dhcp-client.c b/src/dhcp-manager/nm-dhcp-client.c
+index 9f4cdf3..c102581 100644
+--- a/src/dhcp-manager/nm-dhcp-client.c
++++ b/src/dhcp-manager/nm-dhcp-client.c
+@@ -884,7 +884,9 @@ dispose (GObject *object)
+
+ g_clear_pointer (&priv->iface, g_free);
+ g_clear_pointer (&priv->hostname, g_free);
++ g_clear_pointer (&priv->fqdn, g_free);
+ g_clear_pointer (&priv->uuid, g_free);
++ g_clear_pointer (&priv->client_id, g_bytes_unref);
+
+ if (priv->hwaddr) {
+ g_byte_array_free (priv->hwaddr, TRUE);
+diff --git a/src/nm-manager.c b/src/nm-manager.c
+index e64c68a..04b70cb 100644
+--- a/src/nm-manager.c
++++ b/src/nm-manager.c
+@@ -3268,7 +3268,7 @@ validate_activation_request (NMManager *self,
+ NM_MANAGER_ERROR,
+ NM_MANAGER_ERROR_CONNECTION_NOT_AVAILABLE,
+ "Sharing IPv6 connections is not supported yet.");
+- return NULL;
++ goto error;
+ }
+
+ /* Check whether it's a VPN or not */
+diff --git a/src/nm-policy.c b/src/nm-policy.c
+index 07bcce8..cb04f21 100644
+--- a/src/nm-policy.c
++++ b/src/nm-policy.c
+@@ -913,6 +913,7 @@ block_autoconnect_for_device (NMPolicy *self, NMDevice *device)
+ NM_DEVICE_STATE_REASON_USER_REQUESTED);
+ }
+ }
++ g_slist_free (connections);
+ }
+
+ static void
+--
+2.5.5
+
+
+From f5a98215c616a8a7f4acb9a3e03667444b8fda6e Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani(a)redhat.com>
+Date: Tue, 24 May 2016 13:41:44 +0200
+Subject: [PATCH 2/6] dns/dnsmasq: cancel pending update on dispose
+
+There might be a pending "SetServersEx" D-Bus call when the plugin is
+destroyed, ensure it gets canceled.
+
+(cherry picked from commit d376787ce1a9e8c4990ed98be143ab892c9d29ed)
+(cherry picked from commit 7541ca0692668070e48adfc5fa8e4c6501600e16)
+---
+ src/dns-manager/nm-dns-dnsmasq.c | 21 ++++++++++++++++-----
+ 1 file changed, 16 insertions(+), 5 deletions(-)
+
+diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
+index 4cee160..1df01e3 100644
+--- a/src/dns-manager/nm-dns-dnsmasq.c
++++ b/src/dns-manager/nm-dns-dnsmasq.c
+@@ -48,6 +48,7 @@ G_DEFINE_TYPE (NMDnsDnsmasq, nm_dns_dnsmasq, NM_TYPE_DNS_PLUGIN)
+ typedef struct {
+ GDBusProxy *dnsmasq;
+ GCancellable *dnsmasq_cancellable;
++ GCancellable *update_cancellable;
+ gboolean running;
+
+ GVariant *set_server_ex_args;
+@@ -265,14 +266,20 @@ add_ip6_config (NMDnsDnsmasq *self, GVariantBuilder *servers, NMIP6Config *ip6,
+ }
+
+ static void
+-dnsmasq_update_done (GObject *source, GAsyncResult *res, gpointer user_data)
++dnsmasq_update_done (GDBusProxy *proxy, GAsyncResult *res, gpointer user_data)
+ {
+- NMDnsDnsmasq *self = NM_DNS_DNSMASQ (user_data);
+- NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
++ NMDnsDnsmasq *self;
++ NMDnsDnsmasqPrivate *priv;
+ gs_free_error GError *error = NULL;
+ gs_unref_variant GVariant *response = NULL;
+
+- response = g_dbus_proxy_call_finish (priv->dnsmasq, res, &error);
++ response = g_dbus_proxy_call_finish (proxy, res, &error);
++ if (g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
++ return;
++
++ self = NM_DNS_DNSMASQ (user_data);
++ priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
++
+ if (!response)
+ _LOGW ("dnsmasq update failed: %s", error->message);
+ else
+@@ -290,12 +297,15 @@ send_dnsmasq_update (NMDnsDnsmasq *self)
+ if (priv->running) {
+ _LOGD ("trying to update dnsmasq nameservers");
+
++ nm_clear_g_cancellable (&priv->update_cancellable);
++ priv->update_cancellable = g_cancellable_new ();
++
+ g_dbus_proxy_call (priv->dnsmasq,
+ "SetServersEx",
+ priv->set_server_ex_args,
+ G_DBUS_CALL_FLAGS_NONE,
+ -1,
+- NULL,
++ priv->update_cancellable,
+ (GAsyncReadyCallback) dnsmasq_update_done,
+ self);
+ g_clear_pointer (&priv->set_server_ex_args, g_variant_unref);
+@@ -559,6 +569,7 @@ dispose (GObject *object)
+ NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (object);
+
+ nm_clear_g_cancellable (&priv->dnsmasq_cancellable);
++ nm_clear_g_cancellable (&priv->update_cancellable);
+
+ g_clear_object (&priv->dnsmasq);
+
+--
+2.5.5
+
+
+From ac4bfce7dde54a607c896e90a3269633a90f3bee Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani(a)redhat.com>
+Date: Tue, 24 May 2016 14:14:25 +0200
+Subject: [PATCH 3/6] dns: clear dnsmasq cache after an update
+
+When the list of DNS servers changes, old DNS entries cached by
+dnsmasq must be invalidated as the answers returned by new servers may
+be different (especially, old NXDOMAIN entries may now be valid). Call
+the dnsmasq "ClearCache" D-Bus method to achieve this.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1338731
+(cherry picked from commit 4feb58b50b9fd6caceda83bab907ad107ad8ed01)
+(cherry picked from commit a701e5b7ba35a0730d756ab0c1b15f0414bee592)
+---
+ src/dns-manager/nm-dns-dnsmasq.c | 31 +++++++++++++++++++++++++++++--
+ 1 file changed, 29 insertions(+), 2 deletions(-)
+
+diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
+index 1df01e3..dd1234d 100644
+--- a/src/dns-manager/nm-dns-dnsmasq.c
++++ b/src/dns-manager/nm-dns-dnsmasq.c
+@@ -266,6 +266,25 @@ add_ip6_config (NMDnsDnsmasq *self, GVariantBuilder *servers, NMIP6Config *ip6,
+ }
+
+ static void
++dnsmasq_clear_cache_done (GDBusProxy *proxy, GAsyncResult *res, gpointer user_data)
++{
++ NMDnsDnsmasq *self;
++ gs_free_error GError *error = NULL;
++ gs_unref_variant GVariant *response = NULL;
++
++ response = g_dbus_proxy_call_finish (proxy, res, &error);
++ if (g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
++ return;
++
++ self = NM_DNS_DNSMASQ (user_data);
++
++ if (!response)
++ _LOGW ("dnsmasq cache clear failed: %s", error->message);
++ else
++ _LOGD ("dnsmasq update successful, cache cleared");
++}
++
++static void
+ dnsmasq_update_done (GDBusProxy *proxy, GAsyncResult *res, gpointer user_data)
+ {
+ NMDnsDnsmasq *self;
+@@ -282,8 +301,16 @@ dnsmasq_update_done (GDBusProxy *proxy, GAsyncResult *res, gpointer user_data)
+
+ if (!response)
+ _LOGW ("dnsmasq update failed: %s", error->message);
+- else
+- _LOGD ("dnsmasq update successful");
++ else {
++ g_dbus_proxy_call (priv->dnsmasq,
++ "ClearCache",
++ NULL,
++ G_DBUS_CALL_FLAGS_NONE,
++ -1,
++ priv->update_cancellable,
++ (GAsyncReadyCallback) dnsmasq_clear_cache_done,
++ self);
++ }
+ }
+
+ static void
+--
+2.5.5
+
+
+From b71ce01f5aa5af2851a4c5516a1c11b86b65b4b8 Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani(a)redhat.com>
+Date: Sun, 1 May 2016 22:24:41 +0200
+Subject: [PATCH 4/6] core: introduce nm_utils_dnsmasq_status_to_string()
+
+(cherry picked from commit c0d322720a3956a40831c09f78a1dfbaf6fd9294)
+(cherry picked from commit 84b0bb5ec82661a2b47928cc49879ed49fa18602)
+---
+ src/dns-manager/nm-dns-dnsmasq.c | 23 ++------------------
+ src/dnsmasq-manager/nm-dnsmasq-manager.c | 36 ++++---------------------------
+ src/nm-core-utils.c | 37 ++++++++++++++++++++++++++++++++
+ src/nm-core-utils.h | 2 ++
+ 4 files changed, 45 insertions(+), 53 deletions(-)
+
+diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
+index dd1234d..aaa6a3e 100644
+--- a/src/dns-manager/nm-dns-dnsmasq.c
++++ b/src/dns-manager/nm-dns-dnsmasq.c
+@@ -519,24 +519,6 @@ update (NMDnsPlugin *plugin,
+
+ /****************************************************************/
+
+-static const char *
+-dm_exit_code_to_msg (int status)
+-{
+- if (status == 1)
+- return "Configuration problem";
+- else if (status == 2)
+- return "Network access problem (address in use; permissions; etc)";
+- else if (status == 3)
+- return "Filesystem problem (missing file/directory; permissions; etc)";
+- else if (status == 4)
+- return "Memory allocation failure";
+- else if (status == 5)
+- return "Other problem";
+- else if (status >= 11)
+- return "Lease-script 'init' process failure";
+- return "Unknown error";
+-}
+-
+ static void
+ child_quit (NMDnsPlugin *plugin, gint status)
+ {
+@@ -547,9 +529,8 @@ child_quit (NMDnsPlugin *plugin, gint status)
+ if (WIFEXITED (status)) {
+ err = WEXITSTATUS (status);
+ if (err) {
+- _LOGW ("dnsmasq exited with error: %s (%d)",
+- dm_exit_code_to_msg (err),
+- err);
++ _LOGW ("dnsmasq exited with error: %s",
++ nm_utils_dnsmasq_status_to_string (err, NULL, 0));
+ } else
+ failed = FALSE;
+ } else if (WIFSTOPPED (status))
+diff --git a/src/dnsmasq-manager/nm-dnsmasq-manager.c b/src/dnsmasq-manager/nm-dnsmasq-manager.c
+index 764aba2..12395db 100644
+--- a/src/dnsmasq-manager/nm-dnsmasq-manager.c
++++ b/src/dnsmasq-manager/nm-dnsmasq-manager.c
+@@ -165,36 +165,6 @@ nm_cmd_line_add_string (NMCmdLine *cmd, const char *str)
+ /*******************************************/
+
+ static void
+-dm_exit_code (guint dm_exit_status)
+-{
+- char *msg = "Unknown error";
+-
+- switch (dm_exit_status) {
+- case 1:
+- msg = "Configuration problem";
+- break;
+- case 2:
+- msg = "Network access problem (address in use; permissions; etc)";
+- break;
+- case 3:
+- msg = "Filesystem problem (missing file/directory; permissions; etc)";
+- break;
+- case 4:
+- msg = "Memory allocation failure";
+- break;
+- case 5:
+- msg = "Other problem";
+- break;
+- default:
+- if (dm_exit_status >= 11)
+- msg = "Lease-script 'init' process failure";
+- break;
+- }
+-
+- _LOGW ("dnsmasq exited with error: %s (%d)", msg, dm_exit_status);
+-}
+-
+-static void
+ dm_watch_cb (GPid pid, gint status, gpointer user_data)
+ {
+ NMDnsMasqManager *manager = NM_DNSMASQ_MANAGER (user_data);
+@@ -203,8 +173,10 @@ dm_watch_cb (GPid pid, gint status, gpointer user_data)
+
+ if (WIFEXITED (status)) {
+ err = WEXITSTATUS (status);
+- if (err != 0)
+- dm_exit_code (err);
++ if (err != 0) {
++ _LOGW ("dnsmasq exited with error: %s",
++ nm_utils_dnsmasq_status_to_string (err, NULL, 0));
++ }
+ } else if (WIFSTOPPED (status)) {
+ _LOGW ("dnsmasq stopped unexpectedly with signal %d", WSTOPSIG (status));
+ } else if (WIFSIGNALED (status)) {
+diff --git a/src/nm-core-utils.c b/src/nm-core-utils.c
+index ef44a13..a2fbdfb 100644
+--- a/src/nm-core-utils.c
++++ b/src/nm-core-utils.c
+@@ -3085,3 +3085,40 @@ nm_utils_lifetime_get (guint32 timestamp,
+ return TRUE;
+ }
+
++const char *
++nm_utils_dnsmasq_status_to_string (int status, char *dest, guint size)
++{
++ static char buffer[128];
++ char *msg, *ret;
++ gs_free char *msg_free = NULL;
++ int len;
++
++ if (status == 0)
++ msg = "Success";
++ else if (status == 1)
++ msg = "Configuration problem";
++ else if (status == 2)
++ msg = "Network access problem (address in use, permissions)";
++ else if (status == 3)
++ msg = "Filesystem problem (missing file/directory, permissions)";
++ else if (status == 4)
++ msg = "Memory allocation failure";
++ else if (status == 5)
++ msg = "Other problem";
++ else if (status >= 11)
++ msg = msg_free = g_strdup_printf ("Lease script failed with error %d", status - 10);
++ else
++ msg = "Unknown problem";
++
++ if (dest) {
++ ret = dest;
++ len = size;
++ } else {
++ ret = buffer;
++ len = sizeof (buffer);
++ }
++
++ g_snprintf (ret, len, "%s (%d)", msg, status);
++
++ return ret;
++}
+diff --git a/src/nm-core-utils.h b/src/nm-core-utils.h
+index ad0f995..b5083ac 100644
+--- a/src/nm-core-utils.h
++++ b/src/nm-core-utils.h
+@@ -394,4 +394,6 @@ gboolean nm_utils_lifetime_get (guint32 timestamp,
+
+ gboolean nm_utils_ip4_address_is_link_local (in_addr_t addr);
+
++const char *nm_utils_dnsmasq_status_to_string (int status, char *dest, guint size);
++
+ #endif /* __NM_CORE_UTILS_H__ */
+--
+2.5.5
+
+
+From 4e78e89ac35954d38ff107c42295b1418042a13c Mon Sep 17 00:00:00 2001
+From: Thomas Haller <thaller(a)redhat.com>
+Date: Mon, 30 May 2016 12:52:23 +0200
+Subject: [PATCH 5/6] dns: log when dnsmasq process exits normally
+
+(cherry picked from commit a64d70f0df586d398aa1bcd74be131ed6dc75450)
+(cherry picked from commit 2deee5286726fb2933822e105ffce634df695b35)
+---
+ src/dns-manager/nm-dns-dnsmasq.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
+index aaa6a3e..f8b2dd3 100644
+--- a/src/dns-manager/nm-dns-dnsmasq.c
++++ b/src/dns-manager/nm-dns-dnsmasq.c
+@@ -531,8 +531,10 @@ child_quit (NMDnsPlugin *plugin, gint status)
+ if (err) {
+ _LOGW ("dnsmasq exited with error: %s",
+ nm_utils_dnsmasq_status_to_string (err, NULL, 0));
+- } else
++ } else {
++ _LOGD ("dnsmasq exited normally");
+ failed = FALSE;
++ }
+ } else if (WIFSTOPPED (status))
+ _LOGW ("dnsmasq stopped unexpectedly with signal %d", WSTOPSIG (status));
+ else if (WIFSIGNALED (status))
+--
+2.5.5
+
+
+From 3061adfc7d962ef645f2844dfce7df5e359509b5 Mon Sep 17 00:00:00 2001
+From: Thomas Haller <thaller(a)redhat.com>
+Date: Mon, 30 May 2016 12:58:57 +0200
+Subject: [PATCH 6/6] dnsmasq: properly handling respawning of dnsmask
+
+Otherwise, when killing dnsmasq it does not get respawned:
+
+ dnsmasq[0x560dd7e43cf0]: dnsmasq exited normally
+ dns-mgr: plugin dnsmasq child quit unexpectedly
+ dns-mgr: update-dns: updating resolv.conf
+ dns-mgr: config: 100 best v4 enp0s25
+ dns-mgr: config: 100 best v6 enp0s25
+ dns-mgr: config: 100 default v6 lo
+ dns-mgr: config: 100 default v4 lo
+ dns-mgr: update-dns: updating plugin dnsmasq
+ dnsmasq[0x560dd7e43cf0]: adding nameserver '192.168.0.2@enp0s25'
+ dnsmasq[0x560dd7e43cf0]: trying to update dnsmasq nameservers
+ dns-mgr: update-resolv-conf: write internal file /var/run/NetworkManager/resolv.conf succeeded but don't update /etc/resolv.conf as it points to resolv.conf.nm
+ dnsmasq[0x560dd7e43cf0]: dnsmasq disappeared
+
+Previously, we would create priv->dnsmasq proxy only once,
+and not respawn the process at all.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=766996
+(cherry picked from commit 2e7f4aeb60579b092641cc8d65973baecbd5335b)
+(cherry picked from commit 1f8ba33d8716858cc27cf319c85e176bcf11afa3)
+---
+ src/dns-manager/nm-dns-dnsmasq.c | 21 ++++++++++++++++++---
+ src/dns-manager/nm-dns-plugin.c | 11 +++++++++++
+ src/dns-manager/nm-dns-plugin.h | 2 ++
+ 3 files changed, 31 insertions(+), 3 deletions(-)
+
+diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
+index f8b2dd3..a9fcc88 100644
+--- a/src/dns-manager/nm-dns-dnsmasq.c
++++ b/src/dns-manager/nm-dns-dnsmasq.c
+@@ -410,11 +410,16 @@ start_dnsmasq (NMDnsDnsmasq *self)
+ NMBusManager *dbus_mgr;
+ GDBusConnection *connection;
+
++ if (priv->running) {
++ /* the dnsmasq process is running. Nothing to do. */
++ return;
++ }
+
+- if ( priv->running
+- || priv->dnsmasq
+- || priv->dnsmasq_cancellable)
++ if (nm_dns_plugin_child_pid ((NMDnsPlugin *) self) > 0) {
++ /* if we already have a child process spawned, don't do
++ * it again. */
+ return;
++ }
+
+ dm_binary = nm_utils_find_helper ("dnsmasq", DNSMASQ_PATH, NULL);
+ if (!dm_binary) {
+@@ -446,6 +451,13 @@ start_dnsmasq (NMDnsDnsmasq *self)
+ if (!pid)
+ return;
+
++ if ( priv->dnsmasq
++ || priv->dnsmasq_cancellable) {
++ /* we already have a proxy or are about to create it.
++ * We are done. */
++ return;
++ }
++
+ dbus_mgr = nm_bus_manager_get ();
+ g_return_if_fail (dbus_mgr);
+
+@@ -523,6 +535,7 @@ static void
+ child_quit (NMDnsPlugin *plugin, gint status)
+ {
+ NMDnsDnsmasq *self = NM_DNS_DNSMASQ (plugin);
++ NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
+ gboolean failed = TRUE;
+ int err;
+
+@@ -542,6 +555,8 @@ child_quit (NMDnsPlugin *plugin, gint status)
+ else
+ _LOGW ("dnsmasq died from an unknown cause");
+
++ priv->running = FALSE;
++
+ if (failed)
+ g_signal_emit_by_name (self, NM_DNS_PLUGIN_FAILED);
+ }
+diff --git a/src/dns-manager/nm-dns-plugin.c b/src/dns-manager/nm-dns-plugin.c
+index d5cb882..f45b47f 100644
+--- a/src/dns-manager/nm-dns-plugin.c
++++ b/src/dns-manager/nm-dns-plugin.c
+@@ -182,6 +182,17 @@ watch_cb (GPid pid, gint status, gpointer user_data)
+ }
+
+ GPid
++nm_dns_plugin_child_pid (NMDnsPlugin *self)
++{
++ NMDnsPluginPrivate *priv;
++
++ g_return_val_if_fail (NM_IS_DNS_PLUGIN (self), 0);
++
++ priv = NM_DNS_PLUGIN_GET_PRIVATE (self);
++ return priv->pid;
++}
++
++GPid
+ nm_dns_plugin_child_spawn (NMDnsPlugin *self,
+ const char **argv,
+ const char *pidfile,
+diff --git a/src/dns-manager/nm-dns-plugin.h b/src/dns-manager/nm-dns-plugin.h
+index 7ecaa42..b328218 100644
+--- a/src/dns-manager/nm-dns-plugin.h
++++ b/src/dns-manager/nm-dns-plugin.h
+@@ -111,6 +111,8 @@ GPid nm_dns_plugin_child_spawn (NMDnsPlugin *self,
+ const char *pidfile,
+ const char *kill_match);
+
++GPid nm_dns_plugin_child_pid (NMDnsPlugin *self);
++
+ gboolean nm_dns_plugin_child_kill (NMDnsPlugin *self);
+
+ #endif /* __NETWORKMANAGER_DNS_PLUGIN_H__ */
+--
+2.5.5
+
diff --git a/NetworkManager.spec b/NetworkManager.spec
index e02fa31..6c5fc59 100644
--- a/NetworkManager.spec
+++ b/NetworkManager.spec
@@ -11,7 +11,7 @@
%global git_sha %{nil}
%global rpm_version 1.2.2
%global real_version 1.2.2
-%global release_version 1
+%global release_version 2
%global epoch_version 1
%global obsoletes_nmver 1:0.9.9.95-1
@@ -97,6 +97,9 @@ Source1: NetworkManager.conf
Source2: 00-server.conf
Source3: 20-connectivity-fedora.conf
+#Patch1: 0001-some.patch
+Patch1: 0001-dnsmasq-clear-cache-and-restart-rh1338731.patch
+
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
@@ -193,7 +196,7 @@ This package contains NetworkManager support for ADSL devices.
Summary: Bluetooth device plugin for NetworkManager
Group: System Environment/Base
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
-Requires: NetworkManager-wwan
+Requires: NetworkManager-wwan = %{epoch}:%{version}-%{release}
Requires: bluez >= 4.101-5
Obsoletes: NetworkManager < %{obsoletes_nmver}
Obsoletes: NetworkManager-bt
@@ -336,6 +339,8 @@ by nm-connection-editor and nm-applet in a non-graphical environment.
%prep
%setup -q -n NetworkManager-%{real_version}
+%patch1 -p1
+
%build
gtkdocize
autoreconf --install --force
@@ -637,6 +642,12 @@ fi
%endif
%changelog
+* Thu Jun 2 2016 Thomas Haller <thaller(a)redhat.com> - 1:1.2.2-2
+- dns: clear cache of dnsmasq when updating DNS configuration (rh#1338731)
+- dns: fix restarting dnsmasq instance
+- spec: depend bluetooth subpackage on exact wwan version
+- all: fix some memleaks
+
* Wed May 11 2016 Lubomir Rintel <lkundrak(a)v3.sk> - 1:1.2.2-1
- Update to NetworkManager 1.2.2 release
--
cgit v0.12
http://pkgs.fedoraproject.org/cgit/NetworkManager.git/commit/?h=master&id...
7 years, 11 months
thaller pushed to NetworkManager (f24). "clear cache of dnsmasq when
updating DNS configuration (rh#1338731)"
by notifications@fedoraproject.org
From 3ce491100f84a1dc3dc92215f16f5cb5c48bff71 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller(a)redhat.com>
Date: Thu, 2 Jun 2016 19:29:56 +0200
Subject: clear cache of dnsmasq when updating DNS configuration (rh#1338731)
---
...dnsmasq-clear-cache-and-restart-rh1338731.patch | 531 +++++++++++++++++++++
NetworkManager.spec | 15 +-
2 files changed, 544 insertions(+), 2 deletions(-)
create mode 100644 0001-dnsmasq-clear-cache-and-restart-rh1338731.patch
diff --git a/0001-dnsmasq-clear-cache-and-restart-rh1338731.patch b/0001-dnsmasq-clear-cache-and-restart-rh1338731.patch
new file mode 100644
index 0000000..bc5162c
--- /dev/null
+++ b/0001-dnsmasq-clear-cache-and-restart-rh1338731.patch
@@ -0,0 +1,531 @@
+From 594a225264fe501ec78a8d20ee5447d18e1175b5 Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani(a)redhat.com>
+Date: Tue, 31 May 2016 17:04:03 +0200
+Subject: [PATCH 1/6] core: fix some memory leaks
+
+(cherry picked from commit ec53ed2cbaab754ddf1283658b5adfba8134e757)
+(cherry picked from commit 70d194c159c80266140157db535700f8e44dbe0b)
+---
+ src/dhcp-manager/nm-dhcp-client.c | 2 ++
+ src/nm-manager.c | 2 +-
+ src/nm-policy.c | 1 +
+ 3 files changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/dhcp-manager/nm-dhcp-client.c b/src/dhcp-manager/nm-dhcp-client.c
+index 9f4cdf3..c102581 100644
+--- a/src/dhcp-manager/nm-dhcp-client.c
++++ b/src/dhcp-manager/nm-dhcp-client.c
+@@ -884,7 +884,9 @@ dispose (GObject *object)
+
+ g_clear_pointer (&priv->iface, g_free);
+ g_clear_pointer (&priv->hostname, g_free);
++ g_clear_pointer (&priv->fqdn, g_free);
+ g_clear_pointer (&priv->uuid, g_free);
++ g_clear_pointer (&priv->client_id, g_bytes_unref);
+
+ if (priv->hwaddr) {
+ g_byte_array_free (priv->hwaddr, TRUE);
+diff --git a/src/nm-manager.c b/src/nm-manager.c
+index e64c68a..04b70cb 100644
+--- a/src/nm-manager.c
++++ b/src/nm-manager.c
+@@ -3268,7 +3268,7 @@ validate_activation_request (NMManager *self,
+ NM_MANAGER_ERROR,
+ NM_MANAGER_ERROR_CONNECTION_NOT_AVAILABLE,
+ "Sharing IPv6 connections is not supported yet.");
+- return NULL;
++ goto error;
+ }
+
+ /* Check whether it's a VPN or not */
+diff --git a/src/nm-policy.c b/src/nm-policy.c
+index 07bcce8..cb04f21 100644
+--- a/src/nm-policy.c
++++ b/src/nm-policy.c
+@@ -913,6 +913,7 @@ block_autoconnect_for_device (NMPolicy *self, NMDevice *device)
+ NM_DEVICE_STATE_REASON_USER_REQUESTED);
+ }
+ }
++ g_slist_free (connections);
+ }
+
+ static void
+--
+2.5.5
+
+
+From f5a98215c616a8a7f4acb9a3e03667444b8fda6e Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani(a)redhat.com>
+Date: Tue, 24 May 2016 13:41:44 +0200
+Subject: [PATCH 2/6] dns/dnsmasq: cancel pending update on dispose
+
+There might be a pending "SetServersEx" D-Bus call when the plugin is
+destroyed, ensure it gets canceled.
+
+(cherry picked from commit d376787ce1a9e8c4990ed98be143ab892c9d29ed)
+(cherry picked from commit 7541ca0692668070e48adfc5fa8e4c6501600e16)
+---
+ src/dns-manager/nm-dns-dnsmasq.c | 21 ++++++++++++++++-----
+ 1 file changed, 16 insertions(+), 5 deletions(-)
+
+diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
+index 4cee160..1df01e3 100644
+--- a/src/dns-manager/nm-dns-dnsmasq.c
++++ b/src/dns-manager/nm-dns-dnsmasq.c
+@@ -48,6 +48,7 @@ G_DEFINE_TYPE (NMDnsDnsmasq, nm_dns_dnsmasq, NM_TYPE_DNS_PLUGIN)
+ typedef struct {
+ GDBusProxy *dnsmasq;
+ GCancellable *dnsmasq_cancellable;
++ GCancellable *update_cancellable;
+ gboolean running;
+
+ GVariant *set_server_ex_args;
+@@ -265,14 +266,20 @@ add_ip6_config (NMDnsDnsmasq *self, GVariantBuilder *servers, NMIP6Config *ip6,
+ }
+
+ static void
+-dnsmasq_update_done (GObject *source, GAsyncResult *res, gpointer user_data)
++dnsmasq_update_done (GDBusProxy *proxy, GAsyncResult *res, gpointer user_data)
+ {
+- NMDnsDnsmasq *self = NM_DNS_DNSMASQ (user_data);
+- NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
++ NMDnsDnsmasq *self;
++ NMDnsDnsmasqPrivate *priv;
+ gs_free_error GError *error = NULL;
+ gs_unref_variant GVariant *response = NULL;
+
+- response = g_dbus_proxy_call_finish (priv->dnsmasq, res, &error);
++ response = g_dbus_proxy_call_finish (proxy, res, &error);
++ if (g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
++ return;
++
++ self = NM_DNS_DNSMASQ (user_data);
++ priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
++
+ if (!response)
+ _LOGW ("dnsmasq update failed: %s", error->message);
+ else
+@@ -290,12 +297,15 @@ send_dnsmasq_update (NMDnsDnsmasq *self)
+ if (priv->running) {
+ _LOGD ("trying to update dnsmasq nameservers");
+
++ nm_clear_g_cancellable (&priv->update_cancellable);
++ priv->update_cancellable = g_cancellable_new ();
++
+ g_dbus_proxy_call (priv->dnsmasq,
+ "SetServersEx",
+ priv->set_server_ex_args,
+ G_DBUS_CALL_FLAGS_NONE,
+ -1,
+- NULL,
++ priv->update_cancellable,
+ (GAsyncReadyCallback) dnsmasq_update_done,
+ self);
+ g_clear_pointer (&priv->set_server_ex_args, g_variant_unref);
+@@ -559,6 +569,7 @@ dispose (GObject *object)
+ NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (object);
+
+ nm_clear_g_cancellable (&priv->dnsmasq_cancellable);
++ nm_clear_g_cancellable (&priv->update_cancellable);
+
+ g_clear_object (&priv->dnsmasq);
+
+--
+2.5.5
+
+
+From ac4bfce7dde54a607c896e90a3269633a90f3bee Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani(a)redhat.com>
+Date: Tue, 24 May 2016 14:14:25 +0200
+Subject: [PATCH 3/6] dns: clear dnsmasq cache after an update
+
+When the list of DNS servers changes, old DNS entries cached by
+dnsmasq must be invalidated as the answers returned by new servers may
+be different (especially, old NXDOMAIN entries may now be valid). Call
+the dnsmasq "ClearCache" D-Bus method to achieve this.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1338731
+(cherry picked from commit 4feb58b50b9fd6caceda83bab907ad107ad8ed01)
+(cherry picked from commit a701e5b7ba35a0730d756ab0c1b15f0414bee592)
+---
+ src/dns-manager/nm-dns-dnsmasq.c | 31 +++++++++++++++++++++++++++++--
+ 1 file changed, 29 insertions(+), 2 deletions(-)
+
+diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
+index 1df01e3..dd1234d 100644
+--- a/src/dns-manager/nm-dns-dnsmasq.c
++++ b/src/dns-manager/nm-dns-dnsmasq.c
+@@ -266,6 +266,25 @@ add_ip6_config (NMDnsDnsmasq *self, GVariantBuilder *servers, NMIP6Config *ip6,
+ }
+
+ static void
++dnsmasq_clear_cache_done (GDBusProxy *proxy, GAsyncResult *res, gpointer user_data)
++{
++ NMDnsDnsmasq *self;
++ gs_free_error GError *error = NULL;
++ gs_unref_variant GVariant *response = NULL;
++
++ response = g_dbus_proxy_call_finish (proxy, res, &error);
++ if (g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
++ return;
++
++ self = NM_DNS_DNSMASQ (user_data);
++
++ if (!response)
++ _LOGW ("dnsmasq cache clear failed: %s", error->message);
++ else
++ _LOGD ("dnsmasq update successful, cache cleared");
++}
++
++static void
+ dnsmasq_update_done (GDBusProxy *proxy, GAsyncResult *res, gpointer user_data)
+ {
+ NMDnsDnsmasq *self;
+@@ -282,8 +301,16 @@ dnsmasq_update_done (GDBusProxy *proxy, GAsyncResult *res, gpointer user_data)
+
+ if (!response)
+ _LOGW ("dnsmasq update failed: %s", error->message);
+- else
+- _LOGD ("dnsmasq update successful");
++ else {
++ g_dbus_proxy_call (priv->dnsmasq,
++ "ClearCache",
++ NULL,
++ G_DBUS_CALL_FLAGS_NONE,
++ -1,
++ priv->update_cancellable,
++ (GAsyncReadyCallback) dnsmasq_clear_cache_done,
++ self);
++ }
+ }
+
+ static void
+--
+2.5.5
+
+
+From b71ce01f5aa5af2851a4c5516a1c11b86b65b4b8 Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani(a)redhat.com>
+Date: Sun, 1 May 2016 22:24:41 +0200
+Subject: [PATCH 4/6] core: introduce nm_utils_dnsmasq_status_to_string()
+
+(cherry picked from commit c0d322720a3956a40831c09f78a1dfbaf6fd9294)
+(cherry picked from commit 84b0bb5ec82661a2b47928cc49879ed49fa18602)
+---
+ src/dns-manager/nm-dns-dnsmasq.c | 23 ++------------------
+ src/dnsmasq-manager/nm-dnsmasq-manager.c | 36 ++++---------------------------
+ src/nm-core-utils.c | 37 ++++++++++++++++++++++++++++++++
+ src/nm-core-utils.h | 2 ++
+ 4 files changed, 45 insertions(+), 53 deletions(-)
+
+diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
+index dd1234d..aaa6a3e 100644
+--- a/src/dns-manager/nm-dns-dnsmasq.c
++++ b/src/dns-manager/nm-dns-dnsmasq.c
+@@ -519,24 +519,6 @@ update (NMDnsPlugin *plugin,
+
+ /****************************************************************/
+
+-static const char *
+-dm_exit_code_to_msg (int status)
+-{
+- if (status == 1)
+- return "Configuration problem";
+- else if (status == 2)
+- return "Network access problem (address in use; permissions; etc)";
+- else if (status == 3)
+- return "Filesystem problem (missing file/directory; permissions; etc)";
+- else if (status == 4)
+- return "Memory allocation failure";
+- else if (status == 5)
+- return "Other problem";
+- else if (status >= 11)
+- return "Lease-script 'init' process failure";
+- return "Unknown error";
+-}
+-
+ static void
+ child_quit (NMDnsPlugin *plugin, gint status)
+ {
+@@ -547,9 +529,8 @@ child_quit (NMDnsPlugin *plugin, gint status)
+ if (WIFEXITED (status)) {
+ err = WEXITSTATUS (status);
+ if (err) {
+- _LOGW ("dnsmasq exited with error: %s (%d)",
+- dm_exit_code_to_msg (err),
+- err);
++ _LOGW ("dnsmasq exited with error: %s",
++ nm_utils_dnsmasq_status_to_string (err, NULL, 0));
+ } else
+ failed = FALSE;
+ } else if (WIFSTOPPED (status))
+diff --git a/src/dnsmasq-manager/nm-dnsmasq-manager.c b/src/dnsmasq-manager/nm-dnsmasq-manager.c
+index 764aba2..12395db 100644
+--- a/src/dnsmasq-manager/nm-dnsmasq-manager.c
++++ b/src/dnsmasq-manager/nm-dnsmasq-manager.c
+@@ -165,36 +165,6 @@ nm_cmd_line_add_string (NMCmdLine *cmd, const char *str)
+ /*******************************************/
+
+ static void
+-dm_exit_code (guint dm_exit_status)
+-{
+- char *msg = "Unknown error";
+-
+- switch (dm_exit_status) {
+- case 1:
+- msg = "Configuration problem";
+- break;
+- case 2:
+- msg = "Network access problem (address in use; permissions; etc)";
+- break;
+- case 3:
+- msg = "Filesystem problem (missing file/directory; permissions; etc)";
+- break;
+- case 4:
+- msg = "Memory allocation failure";
+- break;
+- case 5:
+- msg = "Other problem";
+- break;
+- default:
+- if (dm_exit_status >= 11)
+- msg = "Lease-script 'init' process failure";
+- break;
+- }
+-
+- _LOGW ("dnsmasq exited with error: %s (%d)", msg, dm_exit_status);
+-}
+-
+-static void
+ dm_watch_cb (GPid pid, gint status, gpointer user_data)
+ {
+ NMDnsMasqManager *manager = NM_DNSMASQ_MANAGER (user_data);
+@@ -203,8 +173,10 @@ dm_watch_cb (GPid pid, gint status, gpointer user_data)
+
+ if (WIFEXITED (status)) {
+ err = WEXITSTATUS (status);
+- if (err != 0)
+- dm_exit_code (err);
++ if (err != 0) {
++ _LOGW ("dnsmasq exited with error: %s",
++ nm_utils_dnsmasq_status_to_string (err, NULL, 0));
++ }
+ } else if (WIFSTOPPED (status)) {
+ _LOGW ("dnsmasq stopped unexpectedly with signal %d", WSTOPSIG (status));
+ } else if (WIFSIGNALED (status)) {
+diff --git a/src/nm-core-utils.c b/src/nm-core-utils.c
+index ef44a13..a2fbdfb 100644
+--- a/src/nm-core-utils.c
++++ b/src/nm-core-utils.c
+@@ -3085,3 +3085,40 @@ nm_utils_lifetime_get (guint32 timestamp,
+ return TRUE;
+ }
+
++const char *
++nm_utils_dnsmasq_status_to_string (int status, char *dest, guint size)
++{
++ static char buffer[128];
++ char *msg, *ret;
++ gs_free char *msg_free = NULL;
++ int len;
++
++ if (status == 0)
++ msg = "Success";
++ else if (status == 1)
++ msg = "Configuration problem";
++ else if (status == 2)
++ msg = "Network access problem (address in use, permissions)";
++ else if (status == 3)
++ msg = "Filesystem problem (missing file/directory, permissions)";
++ else if (status == 4)
++ msg = "Memory allocation failure";
++ else if (status == 5)
++ msg = "Other problem";
++ else if (status >= 11)
++ msg = msg_free = g_strdup_printf ("Lease script failed with error %d", status - 10);
++ else
++ msg = "Unknown problem";
++
++ if (dest) {
++ ret = dest;
++ len = size;
++ } else {
++ ret = buffer;
++ len = sizeof (buffer);
++ }
++
++ g_snprintf (ret, len, "%s (%d)", msg, status);
++
++ return ret;
++}
+diff --git a/src/nm-core-utils.h b/src/nm-core-utils.h
+index ad0f995..b5083ac 100644
+--- a/src/nm-core-utils.h
++++ b/src/nm-core-utils.h
+@@ -394,4 +394,6 @@ gboolean nm_utils_lifetime_get (guint32 timestamp,
+
+ gboolean nm_utils_ip4_address_is_link_local (in_addr_t addr);
+
++const char *nm_utils_dnsmasq_status_to_string (int status, char *dest, guint size);
++
+ #endif /* __NM_CORE_UTILS_H__ */
+--
+2.5.5
+
+
+From 4e78e89ac35954d38ff107c42295b1418042a13c Mon Sep 17 00:00:00 2001
+From: Thomas Haller <thaller(a)redhat.com>
+Date: Mon, 30 May 2016 12:52:23 +0200
+Subject: [PATCH 5/6] dns: log when dnsmasq process exits normally
+
+(cherry picked from commit a64d70f0df586d398aa1bcd74be131ed6dc75450)
+(cherry picked from commit 2deee5286726fb2933822e105ffce634df695b35)
+---
+ src/dns-manager/nm-dns-dnsmasq.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
+index aaa6a3e..f8b2dd3 100644
+--- a/src/dns-manager/nm-dns-dnsmasq.c
++++ b/src/dns-manager/nm-dns-dnsmasq.c
+@@ -531,8 +531,10 @@ child_quit (NMDnsPlugin *plugin, gint status)
+ if (err) {
+ _LOGW ("dnsmasq exited with error: %s",
+ nm_utils_dnsmasq_status_to_string (err, NULL, 0));
+- } else
++ } else {
++ _LOGD ("dnsmasq exited normally");
+ failed = FALSE;
++ }
+ } else if (WIFSTOPPED (status))
+ _LOGW ("dnsmasq stopped unexpectedly with signal %d", WSTOPSIG (status));
+ else if (WIFSIGNALED (status))
+--
+2.5.5
+
+
+From 3061adfc7d962ef645f2844dfce7df5e359509b5 Mon Sep 17 00:00:00 2001
+From: Thomas Haller <thaller(a)redhat.com>
+Date: Mon, 30 May 2016 12:58:57 +0200
+Subject: [PATCH 6/6] dnsmasq: properly handling respawning of dnsmask
+
+Otherwise, when killing dnsmasq it does not get respawned:
+
+ dnsmasq[0x560dd7e43cf0]: dnsmasq exited normally
+ dns-mgr: plugin dnsmasq child quit unexpectedly
+ dns-mgr: update-dns: updating resolv.conf
+ dns-mgr: config: 100 best v4 enp0s25
+ dns-mgr: config: 100 best v6 enp0s25
+ dns-mgr: config: 100 default v6 lo
+ dns-mgr: config: 100 default v4 lo
+ dns-mgr: update-dns: updating plugin dnsmasq
+ dnsmasq[0x560dd7e43cf0]: adding nameserver '192.168.0.2@enp0s25'
+ dnsmasq[0x560dd7e43cf0]: trying to update dnsmasq nameservers
+ dns-mgr: update-resolv-conf: write internal file /var/run/NetworkManager/resolv.conf succeeded but don't update /etc/resolv.conf as it points to resolv.conf.nm
+ dnsmasq[0x560dd7e43cf0]: dnsmasq disappeared
+
+Previously, we would create priv->dnsmasq proxy only once,
+and not respawn the process at all.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=766996
+(cherry picked from commit 2e7f4aeb60579b092641cc8d65973baecbd5335b)
+(cherry picked from commit 1f8ba33d8716858cc27cf319c85e176bcf11afa3)
+---
+ src/dns-manager/nm-dns-dnsmasq.c | 21 ++++++++++++++++++---
+ src/dns-manager/nm-dns-plugin.c | 11 +++++++++++
+ src/dns-manager/nm-dns-plugin.h | 2 ++
+ 3 files changed, 31 insertions(+), 3 deletions(-)
+
+diff --git a/src/dns-manager/nm-dns-dnsmasq.c b/src/dns-manager/nm-dns-dnsmasq.c
+index f8b2dd3..a9fcc88 100644
+--- a/src/dns-manager/nm-dns-dnsmasq.c
++++ b/src/dns-manager/nm-dns-dnsmasq.c
+@@ -410,11 +410,16 @@ start_dnsmasq (NMDnsDnsmasq *self)
+ NMBusManager *dbus_mgr;
+ GDBusConnection *connection;
+
++ if (priv->running) {
++ /* the dnsmasq process is running. Nothing to do. */
++ return;
++ }
+
+- if ( priv->running
+- || priv->dnsmasq
+- || priv->dnsmasq_cancellable)
++ if (nm_dns_plugin_child_pid ((NMDnsPlugin *) self) > 0) {
++ /* if we already have a child process spawned, don't do
++ * it again. */
+ return;
++ }
+
+ dm_binary = nm_utils_find_helper ("dnsmasq", DNSMASQ_PATH, NULL);
+ if (!dm_binary) {
+@@ -446,6 +451,13 @@ start_dnsmasq (NMDnsDnsmasq *self)
+ if (!pid)
+ return;
+
++ if ( priv->dnsmasq
++ || priv->dnsmasq_cancellable) {
++ /* we already have a proxy or are about to create it.
++ * We are done. */
++ return;
++ }
++
+ dbus_mgr = nm_bus_manager_get ();
+ g_return_if_fail (dbus_mgr);
+
+@@ -523,6 +535,7 @@ static void
+ child_quit (NMDnsPlugin *plugin, gint status)
+ {
+ NMDnsDnsmasq *self = NM_DNS_DNSMASQ (plugin);
++ NMDnsDnsmasqPrivate *priv = NM_DNS_DNSMASQ_GET_PRIVATE (self);
+ gboolean failed = TRUE;
+ int err;
+
+@@ -542,6 +555,8 @@ child_quit (NMDnsPlugin *plugin, gint status)
+ else
+ _LOGW ("dnsmasq died from an unknown cause");
+
++ priv->running = FALSE;
++
+ if (failed)
+ g_signal_emit_by_name (self, NM_DNS_PLUGIN_FAILED);
+ }
+diff --git a/src/dns-manager/nm-dns-plugin.c b/src/dns-manager/nm-dns-plugin.c
+index d5cb882..f45b47f 100644
+--- a/src/dns-manager/nm-dns-plugin.c
++++ b/src/dns-manager/nm-dns-plugin.c
+@@ -182,6 +182,17 @@ watch_cb (GPid pid, gint status, gpointer user_data)
+ }
+
+ GPid
++nm_dns_plugin_child_pid (NMDnsPlugin *self)
++{
++ NMDnsPluginPrivate *priv;
++
++ g_return_val_if_fail (NM_IS_DNS_PLUGIN (self), 0);
++
++ priv = NM_DNS_PLUGIN_GET_PRIVATE (self);
++ return priv->pid;
++}
++
++GPid
+ nm_dns_plugin_child_spawn (NMDnsPlugin *self,
+ const char **argv,
+ const char *pidfile,
+diff --git a/src/dns-manager/nm-dns-plugin.h b/src/dns-manager/nm-dns-plugin.h
+index 7ecaa42..b328218 100644
+--- a/src/dns-manager/nm-dns-plugin.h
++++ b/src/dns-manager/nm-dns-plugin.h
+@@ -111,6 +111,8 @@ GPid nm_dns_plugin_child_spawn (NMDnsPlugin *self,
+ const char *pidfile,
+ const char *kill_match);
+
++GPid nm_dns_plugin_child_pid (NMDnsPlugin *self);
++
+ gboolean nm_dns_plugin_child_kill (NMDnsPlugin *self);
+
+ #endif /* __NETWORKMANAGER_DNS_PLUGIN_H__ */
+--
+2.5.5
+
diff --git a/NetworkManager.spec b/NetworkManager.spec
index e02fa31..6c5fc59 100644
--- a/NetworkManager.spec
+++ b/NetworkManager.spec
@@ -11,7 +11,7 @@
%global git_sha %{nil}
%global rpm_version 1.2.2
%global real_version 1.2.2
-%global release_version 1
+%global release_version 2
%global epoch_version 1
%global obsoletes_nmver 1:0.9.9.95-1
@@ -97,6 +97,9 @@ Source1: NetworkManager.conf
Source2: 00-server.conf
Source3: 20-connectivity-fedora.conf
+#Patch1: 0001-some.patch
+Patch1: 0001-dnsmasq-clear-cache-and-restart-rh1338731.patch
+
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
@@ -193,7 +196,7 @@ This package contains NetworkManager support for ADSL devices.
Summary: Bluetooth device plugin for NetworkManager
Group: System Environment/Base
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
-Requires: NetworkManager-wwan
+Requires: NetworkManager-wwan = %{epoch}:%{version}-%{release}
Requires: bluez >= 4.101-5
Obsoletes: NetworkManager < %{obsoletes_nmver}
Obsoletes: NetworkManager-bt
@@ -336,6 +339,8 @@ by nm-connection-editor and nm-applet in a non-graphical environment.
%prep
%setup -q -n NetworkManager-%{real_version}
+%patch1 -p1
+
%build
gtkdocize
autoreconf --install --force
@@ -637,6 +642,12 @@ fi
%endif
%changelog
+* Thu Jun 2 2016 Thomas Haller <thaller(a)redhat.com> - 1:1.2.2-2
+- dns: clear cache of dnsmasq when updating DNS configuration (rh#1338731)
+- dns: fix restarting dnsmasq instance
+- spec: depend bluetooth subpackage on exact wwan version
+- all: fix some memleaks
+
* Wed May 11 2016 Lubomir Rintel <lkundrak(a)v3.sk> - 1:1.2.2-1
- Update to NetworkManager 1.2.2 release
--
cgit v0.12
http://pkgs.fedoraproject.org/cgit/NetworkManager.git/commit/?h=f24&id=3c...
7 years, 11 months