------------------------------------------------------------------- Sun Jun 24 03:51:58 UTC 2012 - crrodriguez@opensuse.org - Update to version 2.62, misc bugfixes - Fix CFLAGS/LDFLAGS usage - fix the small cache size problem in a different way by tweaking the build config instead. ------------------------------------------------------------------- Sat Jun 23 03:53:32 UTC 2012 - crrodriguez@opensuse.org - The default cache size is way too small (150 entries) use a sane default of 2000 as used in *WRT embeeded routers which is still very conservative for a desktop/server machine. - use async logging ------------------------------------------------------------------- Sun Apr 29 19:16:43 UTC 2012 - pascal.bleser@opensuse.org - update to 2.61: * add ra-names, ra-stateless and slaac keywords for DHCPv6: dnsmasq can now synthesise AAAA records for dual-stack hosts which get IPv6 addresses via SLAAC; it is also now possible to use SLAAC and stateless DHCPv6, and to tell clients to use SLAAC addresses as well as DHCP ones * add --dhcp-duid to allow DUID-EN uids to be used * explicity send DHCPv6 replies to the correct port, instead of relying on clients to send requests with the correct source address, since at least one client in the wild gets this wrong * send a preference value of 255 in DHCPv6 replies when --dhcp-authoritative is in effect: his tells clients not to wait around for other DHCP servers * better logging of DHCPv6 options * add --host-record * invoke the DHCP script with action "tftp" when a TFTP file transfer completes: the size of the file, address to which it was sent and complete pathname are supplied; note that version 2.60 introduced some script incompatibilties associated with DHCPv6, and this is a further change; to be safe, scripts should ignore unknown actions, and if not IPv6-aware, should exit if the environment variable DNSMASQ_IAID is set; the use-case for this is to track netboot/install * update contrib/port-forward/dnsmasq-portforward to reflect the above * set the environment variable DNSMASQ_LOG_DHCP when running the script id --log-dhcp is in effect, so that script can taylor their logging verbosity * arrange that addresses specified with --listen-address work even if there is no interface carrying the address; this is chiefly useful for IPv4 loopback addresses, where any address in 127.0.0.0/8 is a valid loopback address, but normally only 127.0.0.1 appears on the lo interface * fix crash, introduced in 2.60, when a DHCPINFORM is received from a network which has no valid dhcp-range * add a new DHCP lease time keyword, "deprecated" for --dhcp-range: this is only valid for IPv6, and sets the preffered lease time for both DHCP and RA to zero; the effect is that clients can continue to use the address for existing connections, but new connections will use other addresses, if they exist; this makes hitless renumbering at least possible * fix bug in address6_available() which caused DHCPv6 lease aquistion to fail if more than one dhcp-range in use * provide RDNSS and DNSSL data in router advertisements, using the settings provided for DHCP options option6:domain-search and option6:dns-server * don't cache data from non-recursive nameservers, since it may erroneously look like a valid CNAME to a non-exitant name * call SO_BINDTODEVICE on the DHCP socket(s) when doing DHCP on exacly one interface and --bind-interfaces is set; this makes the OpenStack use-case of one dnsmasq per virtual interface work * give correct from-cache answers to explict CNAME queries * add --tftp-lowercase option * ensure that the DBus DhcpLeaseUpdated events are generated when a lease goes through INIT_REBOOT state, even if the dhcp-script is not in use ------------------------------------------------------------------- Tue Mar 6 10:13:09 CET 2012 - ug@suse.de - some dhcp fixes - Add Lua integration - Set TOS on DHCP sockets - Improve start-up speed when reading large hosts files - Fix problem if dnsmasq is started without the stdin - Allow the TFP server or boot server in --pxe-service - Support DHCPv6. Support is there for the sort of things the existing v4 server does, including tags, options, static addresses and relay support - Support IPv6 router advertisements - Fix long-standing wrinkle with --localise-queries that could result in wrong answers when DNS packets arrive via an interface other than the expected one - 2.60 ------------------------------------------------------------------- Wed Feb 8 16:56:35 CET 2012 - ug@suse.de - added correct group for tftp (bnc#738905) ------------------------------------------------------------------- Mon Feb 6 22:25:05 UTC 2012 - crrodriguez@opensuse.org - Use systemd macros correctly - build with PIE and full RELRO. ------------------------------------------------------------------- Thu Jan 19 04:22:44 UTC 2012 - crrodriguez@opensuse.org - --enable-dbus must be explicit in systemd unit - default user is provided in config file or takes defaults on group_and_isc.diff ------------------------------------------------------------------- Wed Jan 18 21:34:25 UTC 2012 - crrodriguez@opensuse.org - dnsmasq has dbus support, use it for systemd service. ------------------------------------------------------------------- Fri Nov 25 13:14:41 CET 2011 - ug@suse.de - removed systemd config for pre-12.1 ------------------------------------------------------------------- Thu Nov 24 20:45:37 UTC 2011 - crrodriguez@opensuse.org - Must be of type forking and change uid to dnsmasq ------------------------------------------------------------------- Thu Nov 24 20:19:11 UTC 2011 - crrodriguez@opensuse.org - Add systemd startup script ------------------------------------------------------------------- Thu Oct 20 15:58:50 CEST 2011 - ug@suse.de - dnsmasq still announced itself as 2.59-RC1 no other code changes than just the correct version string ------------------------------------------------------------------- Tue Oct 18 23:13:12 CEST 2011 - ug@suse.de - fixed binding to IPv6 link-local addresses (regression from 2.58) - 2.59 ------------------------------------------------------------------- Sun Sep 18 17:17:12 UTC 2011 - jengelh@medozas.de - Remove redundant tags/sections from specfile (cf. packaging guidelines) - Use %_smp_mflags for parallel build ------------------------------------------------------------------- Fri Aug 26 21:12:04 CEST 2011 - ug@suse.de - Support scope-ids in IPv6 addresses of nameservers from /etc/resolv.conf and in --server options - Fix bug which resulted in truncated files and timeouts for some TFTP transfers - Allow the TFTP-server address in --dhcp-boot to be a domain-name which is looked up in /etc/hosts - Tweak the behaviour of --domain-needed - Add support for Linux conntrack connection marking - Don't return NXDOMAIN to an AAAA query if we have CNAME which points to an A record only - logging fixes - many DHCP fixes and features (see Changelog) - update to 2.58 ------------------------------------------------------------------- Wed Mar 2 09:52:12 CET 2011 - ug@suse.de - Add IPv6 support to the TFTP server - Log DNS queries at level LOG_INFO - Add --add-mac option - some logging fixes - Don't complain about strings longer than 255 characters in txt records - extended the --domain option - Never cache DNS replies which have the 'cd' bit set - Add --proxy-dnssec flag - Allow a filename of "-" for --conf-file - some smaller bugfixes - update to 2.57 ------------------------------------------------------------------- Tue Jun 8 09:31:21 CEST 2010 - ug@suse.de * Fix crash when /etc/ethers is in use. * Fix crash in netlink_multicast(). * Allow the empty domain "." in dhcp domain-search (119) options. * 2.55 (there was no 2.54) ------------------------------------------------------------------- Mon Jun 7 11:47:58 CEST 2010 - ug@suse.de * Fixed bug which caused bad things to happen if a resolv.conf file which exists is subsequently removed * Rationalised the DHCP tag system * Added --tag-if to allow boolean operations on tags * Add broadcast/unicast information to DHCP logging * Allow --dhcp-broadcast to be unconditional * Fixed incorrect behaviour with NOT conditionals in dhcp-options * If we send vendor-class encapsulated options based on the vendor-class supplied by the client, and no explicit vendor-class option is given, echo back the vendor-class from the client. * Fix bug which stopped dnsmasq from matching both a circuitid and a remoteid * Add --dhcp-proxy * Added interface: part to dhcp-range * and a lot more ... checke the CHANGELOG in the package * 2.53 ------------------------------------------------------------------- Mon Jan 25 09:31:02 CET 2010 - ug@suse.de * adds support for RFC 3925 vendor identifying vendor options. * has some minor enhancements to the PXE subsystem and external hooks for tracking DHCP leases. * 2.52 ------------------------------------------------------------------- Fri Nov 20 16:07:32 CET 2009 - ug@suse.de * Add support for internationalised DNS. * Add two more environment variables for lease-change scripts: First, DNSMASQ_SUPPLIED_HOSTNAME; this is set to the hostname supplied by a client, even if the actual hostname used is over-ridden by dhcp-host or dhcp-ignore-names directives. Also DNSMASQ_RELAY_ADDRESS which gives the address of a DHCP relay, if used. * Fix regression which broke echo of relay-agent options. Thanks to Michael Rack for spotting this. * Don't treat option 67 as being interchangeable with dhcp-boot parameters if it's specified as dhcp-option-force. * Make the code to call scripts on lease-change compile-time optional. It can be switched off by editing src/config.h or building with "make COPTS=-DNO_SCRIPT". * Make the TFTP server cope with filenames from Windows/DOS which use '\' as pathname separator. Thanks to Ralf for the patch. * Warn if an IP address is duplicated in /etc/ethers. * Teach --conf-dir to take an option list of file suffices which will be ignored when scanning the directory. Useful for backup files etc. Thanks to Helmut Hullen for the suggestion. * Add new DHCP option named tftpserver-address * Don't do any PXE processing, even for clients with the correct vendorclass, unless at least one pxe-prompt or pxe-service option is given. * Limit the blocksize used for TFTP transfers to a value which avoids packet fragmentation, based on the MTU of the local interface. Many netboot ROMs can't cope with fragmented packets. * Honour dhcp-ignore configuration for PXE and proxy-PXE requests. * 2.51 ------------------------------------------------------------------- Tue Nov 3 19:09:13 UTC 2009 - coolo@novell.com - updated patches to apply with fuzz=0 ------------------------------------------------------------------- Tue Sep 1 10:30:14 CEST 2009 - ug@suse.de - Fix security problem which allowed any host permitted to do TFTP to possibly compromise dnsmasq by remote buffer overflow when TFTP enabled. - version 2.50 ------------------------------------------------------------------- Tue Jun 16 10:57:25 CEST 2009 - ug@suse.de - Fix regression in 2.48 which disables the lease-change script - version 2.49 ------------------------------------------------------------------- Fri Jun 5 10:29:10 CEST 2009 - ug@suse.de -Fixed bug which broke binding of servers to physical interfaces when interface names were longer than four characters. - Fixed netlink code - Don't read included configuration files more than once - Mark log messages from the various subsystems in dnsmasq - Fix possible infinite DHCP protocol loop when an IP address nailed to a hostname - Allow --addn-hosts to take a directory - Support --bridge-interface on all platforms - Added support for advanced PXE functions - Improvements to DHCP logging - Added --test command-line switch - version 2.48 ------------------------------------------------------------------- Mon Mar 16 09:57:55 CET 2009 - ug@suse.de - dbus documentation added ------------------------------------------------------------------- Tue Mar 10 16:24:17 CET 2009 - ug@suse.de - Enable dbus support by jnelson ------------------------------------------------------------------- Fri Feb 6 10:09:35 CET 2009 - ug@suse.de - Handle duplicate address detection on IPv6 more intelligently - Add DBus introspection - Update Dbus configuration file - Support arbitrarily encapsulated DHCP options - dhcp-option = encap:175, 190, "iscsi-client0" - dhcp-option = encap:175, 191, "iscsi-client0-secret" - Enhance --dhcp-match to allow testing of the contents of a client-sent option, as well as its presence - No longer complain about blank lines in /etc/ethers - Fix binding of servers to physical devices - Reply to DHCPINFORM requests even when the supplied ciaddr doesn't fall in any dhcp-range - Allow the source address of an alias to be a range - version 2.47 ------------------------------------------------------------------- Tue Nov 11 13:57:17 CET 2008 - kukuk@suse.de - Add /usr/sbin/useradd to PreReq ------------------------------------------------------------------- Sat Sep 13 00:51:49 CEST 2008 - mrueckert@suse.de - fix manpage.diff to actually apply - mark files below /etc as config - do not install README.SUSE in %install as %doc will clean the directory anyway. ------------------------------------------------------------------- Fri Sep 12 15:10:55 CEST 2008 - ug@suse.de - user dnsmasq moved to group nogroup (bnc#401648) - added README.SUSE - added warning to init script when /etc/ppp is in use since it's not readable anymore ------------------------------------------------------------------- Tue Aug 19 10:41:48 CEST 2008 - ug@suse.de - init script fixed ------------------------------------------------------------------- Mon Aug 11 16:32:03 CEST 2008 - ug@suse.de - Fix crash when unknown client attempts to renew a DHCP lease, problem introduced in version 2.43. Thanks to Carlos Carvalho for help chasing this down. - Fix potential crash when a host which doesn't have a lease does DHCPINFORM. Again introduced in 2.43. This bug has never been reported in the wild. - Fix crash in netlink code introduced in 2.43. Thanks to Jean Wolter for finding this. - Change implementation of min_port to work even if min-port as large. - 2.4.45 ------------------------------------------------------------------- Mon Jul 14 09:45:15 CEST 2008 - ug@suse.de - This release fixes the DNS spoofing vulnerabilities announced in CERT VU#800113. It adds source port randomization for communication with upstream nameservers and replaces the C library PRNG with stronger code. It makes failure to drop root privileges a hard error (previous versions would log the error and continue, running as root.) Other changes include an update to avoid triggering Linux kernel messages about an out-of-date capabilities ABI, support for NAPTR records, and RFC 5107 server-id-override. - 2.43 ------------------------------------------------------------------- Thu Jun 19 16:42:54 CEST 2008 - ug@suse.de - running as user dnsmasq now (bnc#401643) ------------------------------------------------------------------- Thu Jun 5 15:33:40 CEST 2008 - ug@suse.de * Add --dhcp-alternate-port option. Thanks to Jan Psota for the suggestion. * Updated Polish translations - thank to Jan Psota. * Provide --dhcp-bridge on all BSD variants. * Define _LARGEFILE_SOURCE which removes an arbitrary 2GB limit on logfiles. Thanks to Paul Chambers for spotting the problem. * Fix RFC3046 agent-id echo code, broken for many releases. Thanks to Jeremy Laine for spotting the problem and providing a patch. * Add --dhcp-scriptuser option. * Support new capability interface on suitable Linux kernels, removes "legacy support in use" messages. Thanks to Jorge Bastos for pointing this out. * Fix subtle bug in cache code which could cause dnsmasq to lock spinning CPU in rare circumstances. Thanks to Alex Chekholko for bug reports and help debugging. * Support netascii transfer mode for TFTP. - 2.42 ------------------------------------------------------------------- Wed Feb 13 09:54:14 CET 2008 - ug@suse.de - Allow the DNS function to be completely disabled, by setting the port to zero "--port=0" - Fix a bug where NXDOMAIN could be returned for a query even if the name's value was known for a different query type. - Fixed possible crash bug in DBus IPv6 code - Add --dhcp-no-override option - Add --tftp-port-range option - Add --stop-dns-rebind option - Added --all-servers option - Add --dhcp-optsfile option - Fixed broken --alias functionality - Add --dhcp-match flag - Added --dhcp-broadcast, to force broadcast replies - multiple bugs fixed - 2.41 ------------------------------------------------------------------- Fri Jan 4 06:32:08 CET 2008 - crrodriguez@suse.de - bzip tarball - use find_lang macro. ------------------------------------------------------------------- Thu Dec 6 17:21:05 CET 2007 - ug@suse.de - version 2.40 - Fix handling of fully-qualified names in --dhcp-host - Fixed error in manpage - Fixed misaligned memory access which caused problems on Blackfin CPUs - lots of new options (see changelog for details) ------------------------------------------------------------------- Wed May 2 10:17:37 CEST 2007 - ug@suse.de - version 2.39 - names like "localhost." in /etc/hosts with trailing period are treated as fully-qualified. - Tolerate and ignore spaces around commas in the configuration file in all circumstances - /a is no longer a valid escape in quoted strings. - Added symbolic DHCP option names - Overhauled the log code - --log-facility can now take a file-name - Added --log-dhcp flag - Added 127.0.0.0/8 and 169.254.0.0/16 to the address ranges affected by --bogus-priv - Fixed failure of TFTP server with --listen-address - Added --dhcp-circuitid and --dhcp-remoteid for RFC3046 - Added --dhcp-subscrid for RFC3993 subscriber-id relay - Corrected garbage-collection - Allow absolute paths for TFTP transfers even when --tftp-root is set, as long as the path matches the root - Updated translations - Added --interface-name option ------------------------------------------------------------------- Thu Mar 15 16:00:11 CET 2007 - ug@suse.de - SuSEFirewall service files fixed and enhanced ------------------------------------------------------------------- Tue Mar 6 11:55:37 CET 2007 - ug@suse.de - SuSEFirewall service file added ------------------------------------------------------------------- Tue Feb 13 09:33:37 CET 2007 - ug@suse.de - version 2.38 Don't send length zero DHCP option 43 and cope with encapsulated options whose total length exceeds 255 octets by splitting them into multiple option 43 pieces. Avoid queries being retried forever when --strict-order is set and an upstream server returns a SERVFAIL error. Thanks to Johannes Stezenbach for spotting this. Fix BOOTP support, broken in version 2.37. Add example dhcp-options for Etherboot. Add \e (for ASCII ESCape) to the set of valid escapes in config-file strings. Added --dhcp-option-force flag and examples in the configuration file which use this to control PXELinux. Added --tftp-no-blocksize option. Set netid tag "bootp" when BOOTP (rather than DHCP) is in use. This makes it easy to customise which options are sent to BOOTP clients. (BOOTP allows only 64 octets for options, so it can be necessary to trim things.) Fix rare hang in cache code, a 2.37 regression. This probably needs an infinite DHCP lease and some bad luck to trigger. Thanks to Detlef Reichelt for bug reports and testing. ------------------------------------------------------------------- Mon Feb 5 16:29:39 CET 2007 - ug@suse.de Add better support for RFC-2855 DHCP-over-firewire and RFC -4390 DHCP-over-InfiniBand. A good suggestion from Karl Svec. Some efficiency tweaks to the cache code for very large /etc/hosts files. Should improve reverse (address->name) lookups and garbage collection. Thanks to Jan 'RedBully' Seiffert for input on this. Fix regression in 2.36 which made bogus-nxdomain and DNS caching unreliable. Thanks to Dennis DeDonatis and Jan Seiffert for bug reports. Make DHCP encapsulated vendor-class options sane. Be warned that some conceivable existing configurations using these may break, but they work in a much simpler and more logical way now. Prepending "vendor:" to an option encapsulates it in option 43, and the option is sent only if the client-supplied vendor-class substring-matches with the given client-id. Thanks to Dennis DeDonatis for help with this. Apply patch from Jan Seiffert to tidy up tftp.c Add support for overloading the filename and servername fields in DHCP packet. This gives extra option-space when these fields are not being used or with a modern client which supports moving them into options. Added a LIMITS section to the man-page, with guidance on maximum numbers of clients, file sizes and tuning. - version 2.37 ------------------------------------------------------------------- Mon Jan 22 15:20:06 CET 2007 - ug@suse.de - version 2.36 ------------------------------------------------------------------- Mon Oct 30 09:28:53 CET 2006 - ug@suse.de - version 2.35 - better performance on parsing huge /etc/hosts files ------------------------------------------------------------------- Tue Oct 17 09:14:10 CEST 2006 - ug@suse.de - version 2.34 - Tweak network-determination code - Improve handling of high DNS loads - Fixed intermittent infinite loop when re-reading /etc/ethers after SIGHUP - Provide extra information to the lease-change script - Run the lease change script as root - Add contrib/port-forward/* which is a script to set up port-forwards using the DHCP lease-change script - Fix unaligned access problem - Fixed problem with DHCPRELEASE - Updated French translation - Upgraded the name hash function in the DNS cache - Added --clear-on-reload flag - Treat a nameserver address of 0.0.0.0 as "nothing" - Added Webmin module in contrib/webmin ------------------------------------------------------------------- Fri Aug 11 10:17:41 CEST 2006 - ug@suse.de - init-script more LSB conform patch by Matthias Andree ------------------------------------------------------------------- Mon Aug 7 09:10:16 CEST 2006 - ug@suse.de - version 2.33 - Provide extra information to lease-change script - Fix breakage with some DHCP relay implementations - compilation warning fixes - minor DNS and DHCP fixes and enhancements ------------------------------------------------------------------- Mon Jun 12 13:49:39 CEST 2006 - ug@suse.de - version 2.32 ------------------------------------------------------------------- Wed May 17 13:51:37 CEST 2006 - ug@suse.de - version 2.31 ------------------------------------------------------------------- Wed Jan 25 21:35:31 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Mon Jan 23 14:45:47 CET 2006 - ug@suse.de - Fixed crash when attempting to send a DHCP NAK to a host which believes it has a lease on an unknown network. That bug was invented in 2.25 - version 2.26 ------------------------------------------------------------------- Mon Jan 16 12:29:50 CET 2006 - ug@suse.de - moved dnsmasq.no to dnsmasq.np see bug #42748 ------------------------------------------------------------------- Mon Jan 16 10:15:13 CET 2006 - ug@suse.de - version update to 2.25 ------------------------------------------------------------------- Mon Nov 28 11:57:20 CET 2005 - ug@suse.de - version update to 2.24 ------------------------------------------------------------------- Mon Oct 17 14:41:02 CEST 2005 - ug@suse.de - "-fno-strict-aliasing" now ------------------------------------------------------------------- Wed Oct 12 17:02:29 CEST 2005 - ug@suse.de - version update to 2.23 ------------------------------------------------------------------- Wed Aug 24 10:26:55 CEST 2005 - ug@suse.de - Fix DNS query forwarding for empty queries and forward queries even when the recursion-desired bit is clear. This allows "dig +trace" to work Bug #106717 ------------------------------------------------------------------- Fri Aug 5 10:38:00 CEST 2005 - cthiel@suse.de - update to version 2.22 ------------------------------------------------------------------- Wed Apr 13 14:04:44 CEST 2005 - mls@suse.de - fix slp registration ------------------------------------------------------------------- Mon Jan 24 10:56:13 CET 2005 - ug@suse.de - version update from 2.19 to 2.20 - Allow more than one instance of dnsmasq to run on a machine, each providing DHCP service on a different interface - Protect against overlong names and overlong labels in configuration and from DHCP. - Fix interesting corner case in CNAME handling. This occurs when a CNAME has a target which "shadowed" by a name in /etc/hosts or from DHCP - Added support for SRV records - Fixed sign confusion in the vendor-id matching code - Added the ability to match the netid tag in a dhcp-range - Added preference values for MX records - Added the --localise-queries option. ------------------------------------------------------------------- Fri Jan 21 10:33:00 CET 2005 - ug@suse.de - version update to 2.19 - minor fixes in IPV6 and DHCP Code ------------------------------------------------------------------- Fri Nov 26 13:53:00 CET 2004 - ug@suse.de - version update to 2.18 - lots of DHCP fixes - some IPV6 fixes ------------------------------------------------------------------- Fri Nov 19 15:50:11 CET 2004 - ug@suse.de - SLP support via /etc/slp.reg.d/dnsmasq.reg file added ------------------------------------------------------------------- Fri Aug 20 10:52:05 CEST 2004 - ug@suse.de - version update from 2.11 to 2.13 - Added extra checks to ensure that DHCP created DNS entries cannot generate multiple DNS address->name entries. - Don't set the the filterwin2k option in the example config file and add warnings that is breaks Kerberos. - Log types of incoming queries as well as source and domain. - Log NODATA replies generated as a result of the filterwin2k option. ------------------------------------------------------------------- Mon Aug 9 12:12:24 CEST 2004 - ug@suse.de - version update from 2.8 to 2.11 ------------------------------------------------------------------- Tue Jun 1 17:09:51 CEST 2004 - ug@suse.de - chgrp to "dialout" and not to "dip" - backward compatibility turned off ------------------------------------------------------------------- Mon May 24 17:28:52 CEST 2004 - ug@suse.de - added to distribution