Accepting request 807964 from network

OBS-URL: https://build.opensuse.org/request/show/807964
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dnsmasq?expand=0&rev=77

0001-fix-build-after-y2038-changes-in-glibc.patch

@@ -1,27 +0,0 @@
-From: Jiri Slaby <jslaby@suse.cz>
-Date: Wed, 10 Jul 2019 08:19:06 +0200
-Subject: fix build after y2038 changes in glibc
-Patch-mainline: submitted on 2019/07/10
-
-SIOCGSTAMP is defined in linux/sockios.h, not asm/sockios.h now.
-
-Signed-off-by: Jiri Slaby <jslaby@suse.cz>
----
- src/dnsmasq.h | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/dnsmasq.h b/src/dnsmasq.h
-index ff3204a..3ef04ad 100644
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -137,6 +137,7 @@ typedef unsigned long long u64;
- #endif
- 
- #if defined(HAVE_LINUX_NETWORK)
-+#include <linux/sockios.h>
- #include <linux/capability.h>
- /* There doesn't seem to be a universally-available 
-    userspace header for these. */
--- 
-2.21.0
-

Fix-build-with-libnettle-3.5.patch

@@ -1,41 +0,0 @@
-From: Vladislav Grishenko <themiron@mail.ru>
-Date: Wed, 26 Jun 2019 15:27:11 +0000 (+0500)
-Subject: Fix build with libnettle 3.5
-X-Git-Url: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff_plain;h=ab73a746a0d6fcac2e682c5548eeb87fb9c9c82e;hp=69bc94779c2f035a9fffdb5327a54c3aeca73ed5
-
-Fix build with libnettle 3.5
----
-
-diff --git a/src/crypto.c b/src/crypto.c
-index ebb871e..fecc64a 100644
---- a/src/crypto.c
-+++ b/src/crypto.c
-@@ -275,6 +275,10 @@ static int dnsmasq_ecdsa_verify(struct blockdata *key_data, unsigned int key_len
-   static struct ecc_point *key_256 = NULL, *key_384 = NULL;
-   static mpz_t x, y;
-   static struct dsa_signature *sig_struct;
-+#if NETTLE_VERSION_MAJOR == 3 && NETTLE_VERSION_MINOR < 4
-+#define nettle_get_secp_256r1() (&nettle_secp_256r1)
-+#define nettle_get_secp_384r1() (&nettle_secp_384r1)
-+#endif
-   
-   if (!sig_struct)
-     {
-@@ -294,7 +298,7 @@ static int dnsmasq_ecdsa_verify(struct blockdata *key_data, unsigned int key_len
- 	  if (!(key_256 = whine_malloc(sizeof(struct ecc_point))))
- 	    return 0;
- 	  
--	  nettle_ecc_point_init(key_256, &nettle_secp_256r1);
-+	  nettle_ecc_point_init(key_256, nettle_get_secp_256r1());
- 	}
-       
-       key = key_256;
-@@ -307,7 +311,7 @@ static int dnsmasq_ecdsa_verify(struct blockdata *key_data, unsigned int key_len
- 	  if (!(key_384 = whine_malloc(sizeof(struct ecc_point))))
- 	    return 0;
- 	  
--	  nettle_ecc_point_init(key_384, &nettle_secp_384r1);
-+	  nettle_ecc_point_init(key_384, nettle_get_secp_384r1());
- 	}
-       
-       key = key_384;

dnsmasq-2.80.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:cdaba2785e92665cf090646cba6f94812760b9d7d8c8d0cfb07ac819377a63bb
-size 501072

dnsmasq-2.80.tar.xz.asc

@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2
-
-iQIcBAABCAAGBQJbyM91AAoJEBXN2mrhkTWi4AoP/0u8jQUHT6452+VKZRWsskJo
-Msfvi1XXVRC+Srt0Vzt4FQaLCDZsBChXtRzWgbmroLfwnqshIKE/jSbiAd5vz4SH
-czfA4Y9BZHImfornkr3WIaO1V8Y2W0UrB1q84JfhCv/CK+vg29GEMK57vXZJQkUe
-tFWifHRx9eb8vIodTUuVzsNzC9ggEzDrPbe/heJeiNNEfAF24gdFh0XJCfCiYKuv
-tF9vBfLVHR8xp3pIEtS95tKhbUdtb4iWrWrYLICBw38lhD+yfGKslwle5lFqXBHe
-wNTX1Ynzlio7iWQBv6SSfBA91UUPdsFP9DwaOv024k9knpn3wpCWDjOupKOrbMWv
-YsyPOC4LaUBFxuvhlwsrN2gsfhTmxrnzj5raB5Gcf/K60WcOLIkN6aLa1etBFIpQ
-N748IppqIm5nU199K8XSFJe2VxlQ2nH7xgL2/JNSzmOQZwkk6XfSBvL0ZtL7uAos
-X8U3MheRZv4aKY0cQSVN1M8cprIS290N64xpYRt3k+zpfW9zyYhjTAf/YHTRnTTt
-p8q2LxibzF9sd7N01Vp7rq7pMbFlQ3WKOy0QY0i7poxyYTO6v1V3kQFkTkC0U2P1
-5qlx/j5Sq4/Sr/zO/v7ejpc8XZexKIUYCjjsHm4/qJyTMkgWGayHq7a2aIuY9T6M
-N+rWUqRpj5o49g3zcd+d
-=PMEN
------END PGP SIGNATURE-----

dnsmasq-2.81.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:749ca903537c5197c26444ac24b0dce242cf42595fdfe6b9a5b9e4c7ad32f8fb
+size 510648

dnsmasq-2.81.tar.xz.asc

@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iQIcBAABCAAGBQJekkKsAAoJEBXN2mrhkTWiPIUQAKn8QayVwrx7G9H6iY8cMp6p
+yTmZ7XZyKUb+RY5ZZr1dUV9vdv5nNDbkNYOdViwjlzNficaxwJk+9jW7fz4lxGuS
+eIU5BdejCKoRJH2L6JAnUwRz742O7/TfoyyjyDLGW52qx3tlWyD5VMCsYmu5/7Mb
+yVLifBCgvOKCGhXxJV7cWU/zCWGR0vDKu1kYvMbRnz3HzNVtOPLHA8PjQ6aDGbRf
+PBygCQzyvsNIpEDmCfWwgSp8WBenpHmcR9amPIrTPUAmZ3TLtF7yBhZ1sGPqd+Sn
+RXnjc5LyZw0MdK/3/g1SLt8z1kgvl1eNQIVvonG0sxg3m7RqWIcrM76uw03voW9B
+Fkx+xe+nIKgu8fTSnvJxWE7j4d4pDjte/uQoZhr8RxqRnmOpz+NteC5hzGS5Qk1p
+a+Nt3MjW1sfKHHtLwszgwHjnqLGHOFNE6BQjKuQj1WQ+SJv16sele/gKRo8J8hMG
+HRfH1JTr48ikvXLBrUOJ8zCcw/HBcimvv4Awmw6pyIVup5zYztjVDPLXcjINj8t4
+UXji3WcEjevZ0LA4Dz/S4jlz5NR/ne5Grqvsv42FKXBn7AoOVzHmQqiX1rZL8G5u
+1aCiM8FdUJaoysSxSNGMpISE4lAhO/vjbZD0tCzCQSpfW8erYPKKBYG/dY9p/Di1
+Bysh+4glD6m578lOw67q
+=EWoa
+-----END PGP SIGNATURE-----

dnsmasq-CVE-2019-14834.patch

@@ -1,33 +0,0 @@
-X-Git-Url: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blobdiff_plain;f=src%2Fhelper.c;h=c392eeced3e73762d3ea6a2f9fa27ab5ae389241;hp=33ba120ab39e3788719a18796b5b58338972e1e8;hb=69bc94779c2f035a9fffdb5327a54c3aeca73ed5;hpb=3052ce208acf602f0163166dcefb7330d537cedb
-
---- src/helper.c.orig
-+++ src/helper.c
-@@ -82,7 +82,8 @@ int create_helper(int event_fd, int err_
-   pid_t pid;
-   int i, pipefd[2];
-   struct sigaction sigact;
--
-+  unsigned char *alloc_buff = NULL;
-+  
-   /* create the pipe through which the main program sends us commands,
-      then fork our process. */
-   if (pipe(pipefd) == -1 || !fix_fd(pipefd[1]) || (pid = fork()) == -1)
-@@ -188,11 +189,16 @@ int create_helper(int event_fd, int err_
-       struct script_data data;
-       char *p, *action_str, *hostname = NULL, *domain = NULL;
-       unsigned char *buf = (unsigned char *)daemon->namebuff;
--      unsigned char *end, *extradata, *alloc_buff = NULL;
-+      unsigned char *end, *extradata;
-       int is6, err = 0;
-       int pipeout[2];
- 
--      free(alloc_buff);
-+      /* Free rarely-allocated memory from previous iteration. */
-+      if (alloc_buff)
-+	{
-+	  free(alloc_buff);
-+	  alloc_buff = NULL;
-+	}
-       
-       /* we read zero bytes when pipe closed: this is our signal to exit */ 
-       if (!read_write(pipefd[0], (unsigned char *)&data, sizeof(data), 1))

dnsmasq.changes

@@ -1,3 +1,44 @@
+-------------------------------------------------------------------
+Tue May  5 11:26:55 UTC 2020 - Paolo Stivanin <info@paolostivanin.com>
+
+- Update to 2.81:
+  *	Improve cache behaviour for TCP connections
+  *	Remove the NO_FORK compile-time option, and support for uclinux
+  *	Fix line-counting when reading /etc/hosts and friends
+  *	Fix bug in DNS non-terminal code, added in 2.80, which could
+	sometimes cause a NODATA rather than an NXDOMAIN reply.
+  *	Support TCP-fastopen (RFC-7413) on both incoming and
+	outgoing TCP connections, if supported and enabled in the OS.
+  *	Improve kernel-capability manipulation code under Linux
+  *	Add --shared-network config. This enables allocation of addresses
+	by the DHCP server in subnets where the server (or relay) does not
+	have an interface on the network in that subnet. Many thanks to
+	kamp.de for sponsoring this feature.
+  *	Fix broken contrib/lease_tools/dhcp_lease_time.c. A packet
+	validation check got borked in commit 2b38e382 and release 2.80.
+	Thanks to Tomasz Szajner for spotting this.
+  *	Fix compilation against nettle version 3.5 and later.
+  *	Fix spurious DNSSEC validation failures when the auth section
+	of a reply contains unsigned RRs from a signed zone,
+	with the exception that NSEC and NSEC3 RRs must always be signed.
+        Thanks to Tore Anderson for spotting and diagnosing the bug.
+  *	Add --dhcp-ignore-clid. This disables reading of DHCP client
+	identifier option (option 61), so clients are only identified by
+	MAC addresses.
+  *	Fix a bug which stopped --dhcp-name-match from working when a hostname
+	is supplied in --dhcp-host. Thanks to James Feeney for spotting this.
+  *	Fix bug which caused very rarely caused zero-length DHCPv6 packets.
+	Thanks to Dereck Higgins for spotting this.
+  *	Add --tftp-single-port option.
+  *	Enhance --conf-dir to load files in a deterministic order
+  * Add filtering by tag of --dhcp-host directives
+  * Remove DSA signature verification from DNSSEC, as specified in
+	RFC 8624
+  *	Add --script-on-renewal option.
+- Remove Fix-build-with-libnettle-3.5.patch
+- Remove 0001-fix-build-after-y2038-changes-in-glibc.patch
+- Remove dnsmasq-CVE-2019-14834.patch
+
 -------------------------------------------------------------------
 Sat Nov 30 12:15:42 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
 

dnsmasq.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package dnsmasq
 #
-# Copyright (c) 2019 SUSE LLC
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -26,7 +26,7 @@ Name:           dnsmasq
 Summary:        DNS Forwarder and DHCP Server
 License:        GPL-2.0-only OR GPL-3.0-only
 Group:          Productivity/Networking/DNS/Servers
-Version:        2.80
+Version:        2.81
 Release:        0
 Provides:       dns_daemon
 URL:            http://www.thekelleys.org.uk/dnsmasq/
@@ -38,10 +38,6 @@ Source4:        dnsmasq.service
 Source5:        rc.dnsmasq-suse
 Source8:        %{name}-rpmlintrc
 Patch0:         dnsmasq-groups.patch
-Patch1:         0001-fix-build-after-y2038-changes-in-glibc.patch
-# PATCH-FIX-UPSTREAM -- http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=ab73a746a0d6fcac2e682c5548eeb87fb9c9c82e
-Patch2:         Fix-build-with-libnettle-3.5.patch
-Patch3:         dnsmasq-CVE-2019-14834.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  dbus-1-devel
 BuildRequires:  dos2unix
@@ -78,9 +74,6 @@ server's leases.
 %prep
 %setup -q
 %patch0
-%patch1 -p1
-%patch2 -p1
-%patch3
 
 # Remove the executable bit from python example files to
 # avoid unwanted automatic dependencies