1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-14 03:10:47 +00:00
Commit Graph

122 Commits

Author SHA1 Message Date
Matthias Andree
01056f3da5 Update to 2.75
Critical bug fix for --dhcp-script
2015-07-31 17:43:30 +00:00
Matthias Andree
11a1a5944f New dnsmasq upstream release 2.74 (bugfixes)
version 2.74
            Fix reversion in 2.73 where --conf-file would attempt to
            read the default file, rather than no file.

            Fix inotify code to handle dangling symlinks better and
            not SEGV in some circumstances.

            DNSSEC fix. In the case of a signed CNAME generated by a
            wildcard which pointed to an unsigned domain, the wrong
            status would be logged, and some necessary checks omitted.
2015-07-30 18:47:33 +00:00
Matthias Andree
bc024d4800 Upgrade dnsmasq to new release 2.73.
Changelog: http://www.thekelleys.org.uk/dnsmasq/CHANGELOGDisable dnsmasq-devel (older than stable).
Switch to using @sample keyword [1].

PR:           200717 [1]
Submitted by: Jimmy Olgeni
2015-06-16 00:48:01 +00:00
Renato Botelho
a1a664a4e1 - Add a patch to fix CVE-2015-3294
- Bump PORTREVISION

PR:		199999
Approved by:	mandree@ (maintainer)
Obtained from:	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=ad4a8ff7d9097008d7623df8543df435bfddeac8
MFH:		2015Q2
Security:	CVE-2015-3294
Sponsored by:	Netgate
2015-05-06 19:59:08 +00:00
Dmitry Marakasov
fa172456e6 - Add CPE info
Approved by:	portmgr blanket
2015-04-18 02:43:51 +00:00
Matthias Andree
f51674ab77 Update to new upstream version 2.72, disabling dnsmasq-devel again.
Remove @dir* stuff from pkg-plist.  @sample isn't documented properly
and isn't up to handling files with non-.sample suffix, so stay
away from that part of pkg-plist.

ChangeLog:	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
2014-09-25 18:27:56 +00:00
Matthias Andree
f6f9566eaa Remove excess output from pre-configure. 2014-09-10 20:30:07 +00:00
Tijl Coosemans
f1655c7b7a dns/libidn:
- Add USES=libtool and bump dependent ports
- Add INSTALL_TARGET=install-strip
- Always install libidn-components.png because it is used by libidn.info
- Add -lintl to Libs.private instead of Libs in libidn.pc
2014-08-30 18:18:14 +00:00
Matthias Andree
f815aa2af0 Add ldconfig to rc.d script requisites to make sure we can link to,
say, libnettle.so.

Submitted by:	Allen Hewes
2014-07-31 17:56:45 +00:00
Adam Weinberger
123723612f Add DOCS to OPTIONS_DEFINE to ports that check for PORT_OPTIONS:MDOCS. 2014-07-15 15:09:58 +00:00
Matthias Andree
d9762a73ad Fix build with DNSSEC and without NLS/DBUS options.
PR:		190149
Submitted by:	Kevin Zheng
2014-05-23 21:11:02 +00:00
Matthias Andree
7240ff336f Upgrade to new upstream version 2.71. Upstream's changelog:
version 2.71
            Subtle change to error handling to help DNSSEC validation
	    when servers fail to provide NODATA answers for
	    non-existent DS records.

	    Tweak code which removes DNSSEC records from answers when
	    not required. Fixes broken answers when additional section
	    has real records in it. Thanks to Marco Davids for the bug
	    report.

	    Fix DNSSEC validation of ANY queries. Thanks to Marco Davids
	    for spotting that too.

	    Fix total DNS failure and 100% CPU use if cachesize set to zero,
	    regression introduced in 2.69. Thanks to James Hunt and
	    the Ubuntu crowd for assistance in fixing this.
2014-05-18 22:17:30 +00:00
Matthias Andree
9aab20fca0 Upgrade to new upstream version 2.70. Upstream changelog:
Fix crash, introduced in 2.69, on TCP request when dnsmasq compiled
   with DNSSEC support, but running without DNSSEC enabled. Thanks to
   Manish Sing for spotting that one.

   Fix regression which broke ipset functionality. Thanks to Wang Jian
   for the bug report.

Submitted by:	Herbert J. Skuhra
2014-04-27 21:05:59 +00:00
Baptiste Daroussin
fcc4bbdec1 Switch to use lua 5.2 2014-04-21 21:56:54 +00:00
Matthias Andree
17f98171f7 Propose local-service option in default .example configuration.
PR:		ports/188548
Submitted by:	Jeroen van der Ham <jeroen@1sand0s.nl>
2014-04-15 17:40:46 +00:00
Matthias Andree
a05fe28717 Update to new upstream 2.69 release. Adds DNSSEC support.
Full changelog: <http://www.thekelleys.org.uk/dnsmasq/CHANGELOG>
2014-04-10 20:44:29 +00:00
Matthias Andree
02da201c86 Upgrade dnsmasq to new stable 2.68 release.
Fixes bind-interfaces with IPv6 on FreeBSD.

version 2.68
            Use random addresses for DHCPv6 temporary address
            allocations, instead of algorithmically determined stable
            addresses.

    Fix bug which meant that the DHCPv6 DUID was not available
    in DHCP script runs during the lifetime of the dnsmasq
    process which created the DUID de-novo. Once the DUID was
    created and stored in the lease file and dnsmasq
    restarted, this bug disappeared.

    Fix bug introduced in 2.67 which could result in erroneous
    NXDOMAIN returns to CNAME queries.

    Fix build failures on MacOS X and openBSD.

    Allow subnet specifications in --auth-zone to be interface
    names as well as address literals. This makes it possible
    to configure authoritative DNS when local address ranges
    are dynamic and works much better than the previous
    work-around which exempted contructed DHCP ranges from the
    IP address filtering. As a consequence, that work-around
    is removed. Under certain circumstances, this change wil
    break existing configuration: if you're relying on the
    contructed-range exception, you need to change --auth-zone
    to specify the same interface as is used to construct your
    DHCP ranges, probably with a trailing /6 like this:
    --auth-zone=example.com,eth0/6 to limit the addresses to
    IPv6 addresses of eth0.

    Fix problems when advertising deleted IPv6 prefixes. If
    the prefix is deleted (rather than replaced), it doesn't
    get advertised with zero preferred time. Thanks to Tsachi
    for the bug report.

    Fix segfault with some locally configured CNAMEs. Thanks
    to Andrew Childs for spotting the problem.

    Fix memory leak on re-reading /etc/hosts and friends,
    introduced in 2.67.

    Check the arrival interface of incoming DNS and TFTP
    requests via IPv6, even in --bind-interfaces mode. This
    isn't possible for IPv4 and can generate scary warnings,
    but as it's always possible for IPv6 (the API always
    exists) then we should do it always.

    Tweak the rules on prefix-lengths in --dhcp-range for
    IPv6. The new rule is that the specified prefix length
    must be larger than or equal to the prefix length of the
    corresponding address on the local interface.
2013-12-08 18:05:35 +00:00
Matthias Andree
ad0d127d37 Assorted fixes to dependencies on various build options,
particularly with NLS enabled when libidn was built without NLS.

While here, group OPTIONS and clean up things a bit, and print
configuration of port and libidn port for debugging.

The particular build failure was
Reported by:	Yuri Vorobyev
2013-10-27 15:30:32 +00:00
Matthias Andree
75cdf011ff Upgrade dnsmasq to new upstream release 2.67.
Changelog: <http://www.thekelleys.org.uk/dnsmasq/CHANGELOG>
Enable NLS and IPV6 options by default.
Use shebangfix on files that need it.

Mark dnsmasq-devel (older than release) IGNORE.
2013-10-25 22:27:59 +00:00
Matthias Andree
b9940e2dda Convert to support STAGEDIR; misc. LIB_DEPENDS cleanups. 2013-09-30 16:44:41 +00:00
Baptiste Daroussin
24a1652ff4 Add NO_STAGE all over the place in preparation for the staging support (cat: dns) 2013-09-20 16:31:57 +00:00
Alex Kozlov
d4041784dc - Remove MAKE_JOBS_SAFE variable
Approved by:	portmgr (bdrewery)
2013-08-14 22:35:50 +00:00
Baptiste Daroussin
9dbc02d2c5 Convert USE_GETTEXT -> USES=gettext
While here:
- Trim headers
- Remove some useless pre.mk/post.mk
- Convert to optionsng
2013-04-26 15:10:57 +00:00
Baptiste Daroussin
3bc475b29f Convert dns to USES=pkgconfig 2013-04-23 07:24:02 +00:00
Matthias Andree
77a9c5b3f0 Kill blank line at EOF, to please portlint.
Feature safe: yes
2013-04-17 17:50:27 +00:00
Matthias Andree
8ecfdfa5cd Update to new upstream release 2.66.
New DHCPv6 stuff, ability to act as authoritative server for local data.

Changelog: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

Feature safe: yes
2013-04-17 17:49:50 +00:00
Matthias Andree
76038d925e Tidy up Makefile header. 2013-03-11 18:22:57 +00:00
Matthias Andree
1fc75bfed6 Drop default options, to keep the Makefile tidy.
Submitted by:	bapt@
2013-03-11 18:21:51 +00:00
Matthias Andree
18f6bd438d Update to new upstream release 2.65.
Upstream changes:

    Fix regression which broke forwarding of queries sent via
    TCP which are not for A and AAAA and which were directed to
    non-default servers. Thanks to Niax for the bug report.

    Fix failure to build with DHCP support excluded. Thanks to
    Gustavo Zacarias for the patch.

    Fix nasty regression in 2.64 which completely broke cacheing.
2012-12-15 16:34:11 +00:00
Matthias Andree
637692fcb9 Update to new upstream release 2.65.
Upstream changes:

    TCP which are not for A and AAAA and which were directed to
    non-default servers. Thanks to Niax for the bug report.

    Fix failure to build with DHCP support excluded. Thanks to
    Gustavo Zacarias for the patch.

    Fix nasty regression in 2.64 which completely broke cacheing.
2012-12-15 16:33:08 +00:00
Matthias Andree
7ba3466186 Update to new upstream release 2.64.
Feature safe:	yes

Changelog for version 2.64:

Handle DHCP FQDN options with all flag bits zero and --dhcp-client-update set.
Thanks to Bernd Krumbroeck for spotting the problem.

Finesse the check for /etc/hosts names which conflict with DHCP names.
Previously a name/address pair in /etc/hosts which didn't match the
name/address of a DHCP lease would generate a warning. Now that only
happesn if there is not also a match. This allows multiple addresses for
a name in /etc/hosts with one of them assigned via DHCP.

Fix broken vendor-option processing for BOOTP. Thanks to Hans-Joachim
Baader for the bug report.

Don't report spurious netlink errors, regression in 2.63. Thanks to
Vladislav Grishenko for the patch.

Flag DHCP or DHCPv6 in starup logging. Thanks to Vladislav Grishenko for
the patch.

Add SetServersEx method in DBus interface. Thanks to Dan Williams for
the patch.

Add SetDomainServers method in DBus interface. Thanks to Roy Marples for
the patch.

Fix build with later Lua libraries. Thansk to Cristian Rodriguez for the
patch.

Add --max-cache-ttl option. Thanks to Dennis Kaarsemaker for the patch.

Fix breakage of --host-record parsing, resulting in infinte loop at
startup. Regression in 2.63. Thanks to Haim Gelfenbeyn for spotting
this.

Set SO_REUSEADDRESS and SO_V6ONLY options on the DHCPv6 socket, this
allows multiple instances of dnsmasq on a single machine, in the same
way as for DHCPv4. Thanks to Gene Czarcinski and Vladislav Grishenko for
work on this.

Fix DHCPv6 to do access control correctly when it's configured with
--listen-address. Thanks to Gene Czarcinski for sorting this out.

Add a "wildcard" dhcp-range which works for any IPv6 subnet,
--dhcp-range=::,static Useful for Stateless DHCPv6. Thanks to Vladislav
Grishenko for the patch.

Don't include lease-time in DHCPACK replies to DHCPINFORM queries, since
RFC-2131 says we shouldn't. Thanks to Wouter Ibens for pointing this
out.

Makefile tweak to do dependency checking on header files.  Thanks to
Johan Peeters for the patch.

Check interface for outgoing unsolicited router advertisements, rather
than relying on interface address configuration. Thanks to Gene
Czarinski for the patch.

Handle better attempts to transmit on interfaces which are still doing
DAD, and specifically do not just transmit without setting source
address and interface, since this can cause very puzzling effects when a
router advertisement goes astray. Thanks again to Gene Czarinski.

Get RA timers right when there is more than one dhcp-range on a subnet.
2012-12-04 22:29:10 +00:00
Matthias Andree
0d9f10ff48 Demote USE_PKGCONFIG to =build (was =yes). 2012-08-20 20:40:29 +00:00
Matthias Andree
6a12857837 Update to 2.63.
Changelog: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
2012-08-20 20:33:27 +00:00
Matthias Andree
3db34ff5cb Add new dnsmasq-devel version, for development/test/release candidate versions.
This port is based on dns/dnsmasq 2.62_1,1 and has been updated to 2.63rc2.

Description (by Simon Kelley, the upstream maintainer):
Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP server.
It is designed to provide DNS and, optionally, DHCP, to a small network. It
can serve the names of local machines which are not in the global DNS. The
DHCP server integrates with the DNS server and allows machines with
DHCP-allocated addresses to appear in the DNS with names configured either
in each host or in a central configuration file. Dnsmasq supports static and
dynamic DHCP leases and BOOTP/TFTP/PXE for network booting of diskless
machines.
2012-08-07 22:22:11 +00:00
Doug Barton
9aac569eaa Move the rc.d scripts of the form *.sh.in to *.in
Where necessary add $FreeBSD$ to the file

No PORTREVISION bump necessary because this is a no-op
2012-08-05 23:19:36 +00:00
Baptiste Daroussin
9346b215f0 new devel/pkgconf added to replace devel/pkg-config. new version of pkg-config
are no more self hosting so we are stuck with 0.25 version while pkgconf provide
the same set of features as 0.27 and a compatible frontend. A symlink to
pkg-config has been added for convenience and compatibility

This also introduces a new macro to use pkgconf in your ports:
USE_PKGCONFIG

it can take the following arguments:
 - yes (meaning build only dep)
 - build (meaning build only dep)
 - run (meaning run only dep)
 - both (meaning run and build dep)

From now USE_GNOME= pkgconfig is deprecated in favour of USE_PKGCONFIG
The old gnome macro has been modified to use pkgconf but still the sameway: run
and build dep to avoid large breakage.

While here fix some ports relying on pkg-config but not specifying it, fix some
ports broken because testing wrong .pc files, and fix ports using pkg-config
--version to determine pkg-config version instead of
pkg-config --modversion pkg-config like recommanded by pkg-config

With Hat:	portmgr
Exp-runs by:	bapt (pointhat-west), beat (pointyhat)
2012-07-26 05:40:22 +00:00
Carlo Strub
d5fda8cb2c Fix typos in COMMENT 2012-07-25 06:32:06 +00:00
Matthias Andree
781a77fac7 Fix inverted PORT_OPTIONS:MDOCS logic, regression from optionsNG migration.
Reported by: Spil Oss
Reported by: pointyhat (by way of pav@)
2012-06-11 20:49:30 +00:00
Matthias Andree
8821d2dc0b Update to bug-fix release 2.62.
Changelog: http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

Convert to OptionsNG.
2012-06-08 14:34:16 +00:00
Matthias Andree
19f87ebe0d Update to new upstream release 2.61. Changes are, per Simon Kelley:
Re-write interface discovery code on *BSD to use getifaddrs. This
is more portable, more straightforward, and allows us to find the
prefix length for IPv6 addresses.

Add ra-names, ra-stateless and slaac keywords for DHCPv6.  Dnsmasq
can now synthesise AAAA records for dual-stack hosts which get IPv6
addresses via SLAAC. It is also now possible to use SLAAC and
stateless DHCPv6, and to tell clients to use SLAAC addresses as
well as DHCP ones.  Thanks to Dave Taht for help with this.

Add --dhcp-duid to allow DUID-EN uids to be used.

Explicity send DHCPv6 replies to the correct port, instead of relying
on clients to send requests with the correct source address, since
at least one client in the wild gets this wrong. Thanks to Conrda
Kostecki for help tracking this down.

Send a preference value of 255 in DHCPv6 replies when --dhcp-authoritative
is in effect. This tells clients not to wait around for other DHCP
servers.

Better logging of DHCPv6 options.

Add --host-record. Thanks to Rob Zwissler for the suggestion.

Invoke the DHCP script with action "tftp" when a TFTP file transfer
completes. The size of the file, address to which it was sent and
complete pathname are supplied. Note that version 2.60 introduced
some script incompatibilties associated with DHCPv6, and this is a
further change. To be safe, scripts should ignore unknown actions,
and if not IPv6-aware, should exit if the environment variable
DNSMASQ_IAID is set. The use-case for this is to track netboot/install.
Suggestion from Shantanu Gadgil.

Update contrib/port-forward/dnsmasq-portforward to reflect the
above.

Set the environment variable DNSMASQ_LOG_DHCP when running the
script id --log-dhcp is in effect, so that script can taylor their
logging verbosity. Suggestion from Malte Forkel.

Arrange that addresses specified with --listen-address work even
if there is no interface carrying the address. This is chiefly
useful for IPv4 loopback addresses, where any address in 127.0.0.0/8
is a valid loopback address, but normally only 127.0.0.1 appears
on the lo interface. Thanks to Mathieu Trudel-Lapierre for the idea
and initial patch.

Fix crash, introduced in 2.60, when a DHCPINFORM is received from
a network which has no valid dhcp-range.  Thanks to Stephane Glondu
for the bug report.

Add a new DHCP lease time keyword, "deprecated" for --dhcp-range.
This is only valid for IPv6, and sets the preffered lease time for
both DHCP and RA to zero. The effect is that clients can continue
to use the address for existing connections, but new connections
will use other addresses, if they exist. This makes hitless renumbering
at least possible.

Fix bug in address6_available() which caused DHCPv6 lease aquisition
to fail if more than one dhcp-range in use.

Provide RDNSS and DNSSL data in router advertisements, using the
settings provided for DHCP options option6:domain-search and
option6:dns-server.

Tweak logo/favicon.ico to add some transparency. Thanks to SamLT
for work on this.

Don't cache data from non-recursive nameservers, since it may
erroneously look like a valid CNAME to a non-exitant name. Thanks
to Ben Winslow for finding this.

Call SO_BINDTODEVICE on the DHCP socket(s) when doing DHCP on exactly
one interface and --bind-interfaces is set. This makes the OpenStack
use-case of one dnsmasq per virtual interface work. This is only
available on Linux; it's not supported on other platforms. Thanks
to Vishvananda Ishaya and the OpenStack team for the suggestion.

Updated French translation. Thanks to Gildas Le Nadan.

Give correct from-cache answers to explict CNAME queries.  Thanks
to Rob Zwissler for spotting this.

Add --tftp-lowercase option. Thanks to Oliver Rath for the patch.

Ensure that the DBus DhcpLeaseUpdated events are generated when a
lease goes through INIT_REBOOT state, even if the dhcp-script is
not in use. thanks to Antoaneta-Ecaterina Ene for the patch.

Fix failure of TFTP over IPv4 on OpenBSD platform. Thanks to Brad
Smith for spotting this.
2012-04-30 20:38:13 +00:00
Matthias Andree
34c815a522 Fix a rare configuration-dependent crash. Simon Kelley, upstream
maintainer, wrote in message <4F70361B.7080306@thekelleys.org.uk>:

    A bug has been found in dnsmasq 2.60 that can cause crashes. This is
    configuration dependent: it either crashes frequently or not at all.
    The configuration required is one which allows dnsmasq to receive
    DHCPINFORM requests for which there is no valid dhcp-range. This is
    rare.

Adding the patch he offers for download.

Feature safe: yes
2012-04-01 11:18:18 +00:00
Matthias Andree
375fa2ae28 Update to new upstream release 2.60. Notable new features are:
- The LUA port option enables Lua support for DHCP lease-change scripts
- DHCPv6 support
- IPv6 Router Advertisement support

Changelog:    http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
Feature safe: yes
2012-03-11 23:59:44 +00:00
Doug Barton
83eb2c3700 In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
2012-01-14 08:57:23 +00:00
Matthias Andree
a8550101df Fix BUILD_DEPENDS (use += not =) creation in port.
Upgrade to new upstream regression fix release 2.59:

	    Fix regression in 2.58 which caused failure to start up
	    with some combinations of dnsmasq config and IPv6 kernel
	    network config. Thanks to Brielle Bruns for the bug
	    report.

	    Improve dnsmasq's behaviour when network interfaces are
	    still doing duplicate address detection (DAD). Previously,
	    dnsmasq would wait up to 20 seconds at start-up for the
	    DAD state to terminate. This is broken for bridge
	    interfaces on recent Linux kernels, which don't start DAD
	    until the bridge comes up, and so can take arbitrary
	    time. The new behaviour lets dnsmasq poll for an arbitrary
	    time whilst providing service on other interfaces. Thanks
	    to Stephen Hemminger for pointing out the problem.

Note the 2.59.tar.lzma tarball causes the startup banner to print
2.59rc1 which I deem harmless.
2011-10-18 22:24:47 +00:00
Matthias Andree
0bd5efa950 Update to new upstream release 2.58
Changes: http://thekelleys.org.uk/dnsmasq/CHANGELOG

Suggested by: Loic Pefferkorn.
2011-08-26 22:32:47 +00:00
Wen Heping
43721c23d5 - Bump PORTREVISION to chase the update of dns/libidn 2011-03-14 08:40:06 +00:00
Matthias Andree
a4a731547c Update dnsmasq rc.d script again (sorry for the churn with portrev. 1)
- Start before named, to unbreak named_wait if /etc/resolv.conf points
  to dnsmasq (when named is the resolver that dnsmasq forwards to).
  Is also more robust/maintenance friendly if other scripts depend on "named".

- Track if the configuration has changed since start, and upgrade reload
  to restart by default in that case (can be disabled with
  dnsmasq_restart="NO" in /etc/rc.conf[.local]), to work around dnsmasq
  shortcoming

- Add a "logstats" action to the rcscript, and document it.

- Document the "reload" action and the new dnsmasq_restart variable.

- Properly quote variable expansions.

- Enhance pkg-message to point to the rcfile for feature documentation.

- Bump PORTREVISION to 2.
2011-02-22 19:20:17 +00:00
Matthias Andree
85662e5623 Change rc.d file to ensure proper startup order:
- depend on named, in case dnsmasq uses named as resolver
- start before ntpdate and rpcbase (which require named).

Bump PORTREVISION.
2011-02-22 17:19:28 +00:00
Matthias Andree
fbd2a84e40 Upgrade to new upstream release 2.57.
Remove support for FreeBSD releases 6.X.

Allow build with IDN but without NLS (this requires that dns/libidn
is also built WITHOUT_NLS) to expose an upstream change. Useful for embedded
devices.

Warn user if this is requested but libidn needs NLS libraries
because in that case dnsmasq inherits the NLS dependencies from libidn.

Remove files/patch-aa, it was a preview patch from a 2.57 test release,
fixing a regression in 2.56 that caused hex constants to be rejected in
the configuratino if they contained the '*' wildcard.

Further upstream changes:
- use own header for DNS protocol, rather than using arpa/nameser.h
- correct ctype.h function argument casts (isdigit(), isxdigit(), etc.)
- Accept extra empty arguments on command line to avoid libvirt breakage.
2011-02-21 08:50:57 +00:00
Matthias Andree
ca7718476b Expand NLS/IDN comment. 2011-02-16 15:57:59 +00:00