git: 156fb7b95d82 - main - dns/dnsmasq*: update to v2.89, and disable -devel port
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 06 Feb 2023 22:00:25 UTC
The branch main has been updated by mandree: URL: https://cgit.FreeBSD.org/ports/commit/?id=156fb7b95d82fbedecb72e54e58257275d4f713c commit 156fb7b95d82fbedecb72e54e58257275d4f713c Author: Matthias Andree <mandree@FreeBSD.org> AuthorDate: 2023-02-06 21:56:22 +0000 Commit: Matthias Andree <mandree@FreeBSD.org> CommitDate: 2023-02-06 22:00:20 +0000 dns/dnsmasq*: update to v2.89, and disable -devel port Changelog: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob_plain;f=CHANGELOG;hb=v2.89 MFH: 2023Q1 --- dns/dnsmasq-devel/Makefile | 4 +- dns/dnsmasq/Makefile | 4 +- dns/dnsmasq/distinfo | 6 +-- dns/dnsmasq/files/patch-zgf172fdb | 85 --------------------------------------- 4 files changed, 7 insertions(+), 92 deletions(-) diff --git a/dns/dnsmasq-devel/Makefile b/dns/dnsmasq-devel/Makefile index 3c573b4f84d7..ee7a5d95d55f 100644 --- a/dns/dnsmasq-devel/Makefile +++ b/dns/dnsmasq-devel/Makefile @@ -16,8 +16,8 @@ WWW= https://www.thekelleys.org.uk/dnsmasq/doc.html LICENSE= GPLv2 -DEPRECATED= Short-lived test branch, to be removed after v2.89 release -#IGNORE= please use dns/dnsmasq, which is newer +#DEPRECATED= Short-lived test branch, to be removed after v2.89 release +IGNORE= please use dns/dnsmasq, which is newer USES= cpe shebangfix tar:xz CPE_VENDOR= thekelleys diff --git a/dns/dnsmasq/Makefile b/dns/dnsmasq/Makefile index ba26d1ec62a8..3752dda7c16d 100644 --- a/dns/dnsmasq/Makefile +++ b/dns/dnsmasq/Makefile @@ -1,7 +1,7 @@ PORTNAME= dnsmasq -DISTVERSION= 2.88 +DISTVERSION= 2.89 # Leave the PORTREVISION in even if 0 to avoid accidental PORTEPOCH bumps: -PORTREVISION= 1 +PORTREVISION= 0 PORTEPOCH= 1 CATEGORIES= dns MASTER_SITES= https://www.thekelleys.org.uk/dnsmasq/ \ diff --git a/dns/dnsmasq/distinfo b/dns/dnsmasq/distinfo index 132b712d1028..356a1b606020 100644 --- a/dns/dnsmasq/distinfo +++ b/dns/dnsmasq/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1670269342 -SHA256 (dnsmasq-2.88.tar.xz) = 23544deda10340c053bea6f15a93fed6ea7f5aaa85316bfc671ffa6d22fbc1b3 -SIZE (dnsmasq-2.88.tar.xz) = 560640 +TIMESTAMP = 1675552402 +SHA256 (dnsmasq-2.89.tar.xz) = 02bd230346cf0b9d5909f5e151df168b2707103785eb616b56685855adebb609 +SIZE (dnsmasq-2.89.tar.xz) = 562700 diff --git a/dns/dnsmasq/files/patch-zgf172fdb b/dns/dnsmasq/files/patch-zgf172fdb deleted file mode 100644 index f3128f57d55f..000000000000 --- a/dns/dnsmasq/files/patch-zgf172fdb +++ /dev/null @@ -1,85 +0,0 @@ -From f172fdbb77c422e27d3b7530f3fe95b98d1608e7 Mon Sep 17 00:00:00 2001 -From: Simon Kelley <simon@thekelleys.org.uk> -Date: Wed, 11 Jan 2023 23:23:40 +0000 -Subject: [PATCH] Fix bug which can break the invariants on the order of a hash - chain. - -If there are multiple cache records with the same name but different -F_REVERSE and/or F_IMMORTAL flags, the code added in fe9a134b could -concievable break the REVERSE-FORWARD-IMMORTAL order invariant. - -Reproducing this is damn near impossible, but it is responsible -for rare and otherwise inexplicable reversion between 2.87 and 2.88 -which manifests itself as a cache internal error. All observed -cases have depended on DNSSEC being enabled, but the bug could in -theory manifest itself without DNSSEC - -Thanks to Timo van Roermund for reporting the bug and huge -efforts to isolate it. ---- - CHANGELOG | 16 +++++++++++++++- - src/cache.c | 14 +++++++++----- - 2 files changed, 24 insertions(+), 6 deletions(-) - -diff --git a/CHANGELOG b/CHANGELOG -index 0f36a0f..d6e6753 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -1,6 +1,20 @@ -+version 2.98 -+ Fix bug introduced in 2.88 (commit fe91134b) which can result -+ in corruption of the DNS cache internal data structures and -+ logging of "cache internal error". This has only been seen -+ in one place in the wild, and it took considerable effort -+ to even generate a test case to reproduce it, but there's -+ no way to be sure it won't strike, and the effect to to break -+ the cache badly. Installations with DNSSEC enabled are more -+ likely to see the problem, but not running DNSSEC does not -+ guarantee that it won't happen. Thanks to Timo van Roermund -+ for reporting the bug and for his great efforts in chasing -+ it down. -+ -+ - version 2.88 - Fix bug in --dynamic-host when an interface has /16 IPv4 -- address. Thanks to Mark Dietzer for spotting this. -+ address. Thanks to Mark Dietzer for spotting this. - - Add --fast-dns-retry option. This gives dnsmasq the ability - to originate retries for upstream DNS queries itself, rather -diff --git a/src/cache.c b/src/cache.c -index 42283bc..0a5fd14 100644 ---- a/src/cache.c -+++ b/src/cache.c -@@ -236,19 +236,23 @@ static void cache_hash(struct crec *crecp) - - char *name = cache_get_name(crecp); - struct crec **up = hash_bucket(name); -- -- if (!(crecp->flags & F_REVERSE)) -+ unsigned int flags = crecp->flags & (F_IMMORTAL | F_REVERSE); -+ -+ if (!(flags & F_REVERSE)) - { - while (*up && ((*up)->flags & F_REVERSE)) - up = &((*up)->hash_next); - -- if (crecp->flags & F_IMMORTAL) -+ if (flags & F_IMMORTAL) - while (*up && !((*up)->flags & F_IMMORTAL)) - up = &((*up)->hash_next); - } - -- /* Preserve order when inserting the same name multiple times. */ -- while (*up && hostname_isequal(cache_get_name(*up), name)) -+ /* Preserve order when inserting the same name multiple times. -+ Do not mess up the flag invariants. */ -+ while (*up && -+ hostname_isequal(cache_get_name(*up), name) && -+ flags == ((*up)->flags & (F_IMMORTAL | F_REVERSE))) - up = &((*up)->hash_next); - - crecp->hash_next = *up; --- -2.20.1 -