From nobody Fri Aug 12 18:57:34 2022
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M4Cbf49Prz4YhXd;
	Fri, 12 Aug 2022 18:57:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4M4Cbf3ZkPz3d4G;
	Fri, 12 Aug 2022 18:57:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1660330654;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mXFOS7H02H6fVevfiAmTjeTVaao5gxEmSJc1b5Rj4I4=;
	b=izljr7cQzz5Yosu164m0sEepuYpNRk1aCfpveMjp6jJYHGKNSW0KUu7UrFXEYkf5stUci9
	yTKm/acbXBFrkYS/k7VDTKG5CtymZ/b22oRGLZ1Fj5/cTz8uPstS1ea0hQyugC10zvOKJh
	8uK2X6hf9Vg17SOd9jseptkjjrIJ3LGo0TaZ3Ik/gAOQPBgX+t374YSu1XI7Oa9MHL4H5P
	jUmPTwtj3xFWtV4iQei5uIA1VyDRYC8dZlVadSiAJd2nd2NRlXsQ+hOBAMzciqJGEDGhI3
	ei0x+W3w7kYP86467GCJdVYHQLUIHES9daX6VnKvD+8Vy1kxU4tYjawxhs1vKw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4M4Cbf2blFzhqb;
	Fri, 12 Aug 2022 18:57:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 27CIvYOR014583;
	Fri, 12 Aug 2022 18:57:34 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 27CIvYs7014582;
	Fri, 12 Aug 2022 18:57:34 GMT
	(envelope-from git)
Date: Fri, 12 Aug 2022 18:57:34 GMT
Message-Id: <202208121857.27CIvYs7014582@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Matthias Andree <mandree@FreeBSD.org>
Subject: git: 37b050fb9c0f - main - dns/dnsmasq-devel: update to 2.87test9
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-main@freebsd.org
X-BeenThere: dev-commits-ports-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mandree
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 37b050fb9c0fcc126e9ea741c772ba38d136cdd6
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1660330654;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mXFOS7H02H6fVevfiAmTjeTVaao5gxEmSJc1b5Rj4I4=;
	b=Ysn0M5EFf1c3Js9q2vIxXnNy2xB/MdKqLr0mGAzTmVuahH156pf9blL8Uabl70AQFGhfkB
	JPqUWUiAMirBEHulmSHXPuXiOmxPQXvkW38tH4uazlskRTfRlVJxz3qDFIgdGeEDmqC14r
	/ceRGoP8VsKJO58zdldfpldBk7LdHlGIqQG/iR8ZBYQ8xAfcg7mOeZmPzC5hhIfbzOQppy
	kKxH76HcEHBIFw4/VlBoCLmu+upWMc1/RWuJXOc+K1OXdH1O+Kvsn4Y687/Qvxbe/VyqOi
	s0gjDyIgTJcee+Vbs1wV//ACAudDaoBWF6Q1grOZhm5CDP7OEp9xeqYMUONx9g==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660330654; a=rsa-sha256; cv=none;
	b=XJLqBYel3atTePwI698HYP6GrxKugF8bglHCo5yUme2J8FdCqrhXpuH9J78hWb5mq2Frbz
	dFFeQBDpgOwlAIwdPMK/ZmDPWzwR8uw9geaJChlEkY7IbsYK17SN79+sEYcTRe9BWTYwT2
	dWS9gtKCgjoyJMhyjNktbxU6RGkmyhI/3H1wVIL4I6DooGFExLVR4XBR1uVoH8JJlaboAG
	T8N/O3loq7vH4l05IziE6eRnwZbrDMrfZZeX83uZvzswC2G7aHf5HwWay7OzXS+96R7lF1
	u6awxCrbcGSfjdASI56asaTRzHA56JSyIj+ZK/jd1iO0CKs4pQfketGrRhSdtQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by mandree:

URL: https://cgit.FreeBSD.org/ports/commit/?id=37b050fb9c0fcc126e9ea741c772ba38d136cdd6

commit 37b050fb9c0fcc126e9ea741c772ba38d136cdd6
Author:     Matthias Andree <mandree@FreeBSD.org>
AuthorDate: 2022-08-12 18:55:37 +0000
Commit:     Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2022-08-12 18:57:23 +0000

    dns/dnsmasq-devel: update to 2.87test9
    
    CHANGELOG difference in Git between test8 and test9
    
    * Enhance --domain to accept, for instance,
      --domain=net2.thekelleys.org.uk,eth2 so that hosts get a domain
      which relects the interface they are attached to in a way which
      doesn't require hard-coding addresses. Thanks to Sten Spans for
      the idea.
    
    * Fix write-after-free error in DHCPv6 server code.
      CVE-2022-0934 refers.
    
    * Add the ability to specify destination port in
      DHCP-relay mode. This change also removes a previous bug
      where --dhcp-alternate-port would affect the port used
      to relay _to_ as well as the port being listened on.
      The new feature allows configuration to provide bug-for-bug
      compatibility, if required. Thanks to Damian Kaczkowski
      for the feature suggestion.
    
    * Bound the value of UDP packet size in the EDNS0 header of
      forwarded queries to the configured or default value of
      edns-packet-max. There's no point letting a client set a larger
      value if we're unable to return the answer. Thanks to Bertie
      Taylor for pointing out the problem and supplying the patch.
    
    * Fix problem with the configuration
    
          --server=/some.domain/# --address=/#/<ip> --server=<server_ip>
    
      This would return <ip> for queries in some.domain, rather than
      forwarding the query via the default server.
---
 dns/dnsmasq-devel/Makefile                  |   4 +-
 dns/dnsmasq-devel/distinfo                  |   6 +-
 dns/dnsmasq-devel/files/patch-CVE-2022-0934 | 175 ----------------------------
 3 files changed, 5 insertions(+), 180 deletions(-)

diff --git a/dns/dnsmasq-devel/Makefile b/dns/dnsmasq-devel/Makefile
index b2f80e76ed39..fb272a07027e 100644
--- a/dns/dnsmasq-devel/Makefile
+++ b/dns/dnsmasq-devel/Makefile
@@ -1,7 +1,7 @@
 PORTNAME=	dnsmasq
-DISTVERSION=	2.87test8
+DISTVERSION=	2.87test9
 # Leave the PORTREVISION in even if 0 to avoid accidental PORTEPOCH bumps:
-PORTREVISION=	1
+PORTREVISION=	0
 PORTEPOCH=	4 # attn - different between -devel and dnsmasq ports!
 CATEGORIES=	dns
 #MASTER_SITES=	https://www.thekelleys.org.uk/dnsmasq/release-candidates/ \
diff --git a/dns/dnsmasq-devel/distinfo b/dns/dnsmasq-devel/distinfo
index f2db25c3ecba..5b531933cfc6 100644
--- a/dns/dnsmasq-devel/distinfo
+++ b/dns/dnsmasq-devel/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1644432655
-SHA256 (dnsmasq-2.87test8.tar.xz) = cb7245f4726d5692dd27d8c5f8ece8b88c9995fc0d649fd76d2870f80b852369
-SIZE (dnsmasq-2.87test8.tar.xz) = 558724
+TIMESTAMP = 1660330300
+SHA256 (dnsmasq-2.87test9.tar.xz) = 325d2b953e06273cd7e0ed921b464203a4a26fae7a1afedd9b26528d25951fdf
+SIZE (dnsmasq-2.87test9.tar.xz) = 560708
diff --git a/dns/dnsmasq-devel/files/patch-CVE-2022-0934 b/dns/dnsmasq-devel/files/patch-CVE-2022-0934
deleted file mode 100644
index c063e15b2e34..000000000000
--- a/dns/dnsmasq-devel/files/patch-CVE-2022-0934
+++ /dev/null
@@ -1,175 +0,0 @@
-From dcc62a514092c8afeab4e502db9e65f03c2e1d47 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
-Date: Tue, 22 Feb 2022 00:45:01 +0100
-Subject: [PATCH] Change message type by dedicated function
-
-Long-term pointer to beginning of message does not work well. I case
-outpacket is reallocated in any new_opt6() section, original outmsgtypep
-pointer becomes invalid. Instead of using that pointer use dedicated
-function, which will change just the first byte of the message.
-
-This makes sure correct beginning of packet is always used.
----
- src/dnsmasq.h   |  1 +
- src/outpacket.c | 11 +++++++++++
- src/rfc3315.c   | 29 ++++++++++++++---------------
- 3 files changed, 26 insertions(+), 15 deletions(-)
-
-diff --git a/src/dnsmasq.h b/src/dnsmasq.h
-index 51a1aa6..c1c75c1 100644
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -1736,6 +1736,7 @@ void put_opt6_long(unsigned int val);
- void put_opt6_short(unsigned int val);
- void put_opt6_char(unsigned int val);
- void put_opt6_string(char *s);
-+void put_msgtype6(unsigned int val);
- #endif
- 
- /* radv.c */
-diff --git a/src/outpacket.c b/src/outpacket.c
-index abb3a3a..f322811 100644
---- a/src/outpacket.c
-+++ b/src/outpacket.c
-@@ -115,4 +115,15 @@ void put_opt6_string(char *s)
-   put_opt6(s, strlen(s));
- }
- 
-+void put_msgtype6(unsigned int val)
-+{
-+  if (outpacket_counter == 0)
-+    put_opt6_char(val);
-+  else
-+    {
-+      unsigned char *p = daemon->outpacket.iov_base;
-+      *p = val;
-+    }
-+}
-+
- #endif
-diff --git a/src/rfc3315.c b/src/rfc3315.c
-index cee8382..baeb51e 100644
---- a/src/rfc3315.c
-+++ b/src/rfc3315.c
-@@ -110,7 +110,6 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz,
-   void *end = inbuff + sz;
-   void *opts = inbuff + 34;
-   int msg_type = *((unsigned char *)inbuff);
--  unsigned char *outmsgtypep;
-   void *opt;
-   struct dhcp_vendor *vendor;
- 
-@@ -192,9 +191,9 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz,
-     return 0;
-   
-   /* copy header stuff into reply message and set type to reply */
--  if (!(outmsgtypep = put_opt6(inbuff, 34)))
-+  if (!put_opt6(inbuff, 34))
-     return 0;
--  *outmsgtypep = DHCP6RELAYREPL;
-+  put_msgtype6(DHCP6RELAYREPL);
- 
-   /* look for relay options and set tags if found. */
-   for (vendor = daemon->dhcp_vendors; vendor; vendor = vendor->next)
-@@ -267,7 +266,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-   struct dhcp_netid *tagif;
-   struct dhcp_config *config = NULL;
-   struct dhcp_netid known_id, iface_id, v6_id;
--  unsigned char *outmsgtypep;
-+  unsigned char *xid;
-   struct dhcp_vendor *vendor;
-   struct dhcp_context *context_tmp;
-   struct dhcp_mac *mac_opt;
-@@ -297,10 +296,10 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-   state->tags = &v6_id;
- 
-   /* copy over transaction-id, and save pointer to message type */
--  if (!(outmsgtypep = put_opt6(inbuff, 4)))
-+  if (!(xid = put_opt6(inbuff, 4)))
-     return 0;
-   start_opts = save_counter(-1);
--  state->xid = outmsgtypep[3] | outmsgtypep[2] << 8 | outmsgtypep[1] << 16;
-+  state->xid = xid[3] | xid[2] << 8 | xid[1] << 16;
-    
-   /* We're going to be linking tags from all context we use. 
-      mark them as unused so we don't link one twice and break the list */
-@@ -347,7 +346,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-       (msg_type == DHCP6REQUEST || msg_type == DHCP6RENEW || msg_type == DHCP6RELEASE || msg_type == DHCP6DECLINE))
-     
-     {  
--      *outmsgtypep = DHCP6REPLY;
-+      put_msgtype6(DHCP6REPLY);
-       o1 = new_opt6(OPTION6_STATUS_CODE);
-       put_opt6_short(DHCP6USEMULTI);
-       put_opt6_string("Use multicast");
-@@ -619,11 +618,11 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
- 	struct dhcp_netid *solicit_tags;
- 	struct dhcp_context *c;
- 	
--	*outmsgtypep = DHCP6ADVERTISE;
-+	put_msgtype6(DHCP6ADVERTISE);
- 	
- 	if (opt6_find(state->packet_options, state->end, OPTION6_RAPID_COMMIT, 0))
- 	  {
--	    *outmsgtypep = DHCP6REPLY;
-+	    put_msgtype6(DHCP6REPLY);
- 	    state->lease_allocate = 1;
- 	    o = new_opt6(OPTION6_RAPID_COMMIT);
- 	    end_opt6(o);
-@@ -809,7 +808,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
- 	int start = save_counter(-1);
- 
- 	/* set reply message type */
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 	state->lease_allocate = 1;
- 
- 	log6_quiet(state, "DHCPREQUEST", NULL, ignore ? _("ignored") : NULL);
-@@ -924,7 +923,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
- 	int address_assigned = 0;
- 
- 	/* set reply message type */
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 	
- 	log6_quiet(state, msg_type == DHCP6RENEW ? "DHCPRENEW" : "DHCPREBIND", NULL, NULL);
- 
-@@ -1057,7 +1056,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
- 	int good_addr = 0;
- 
- 	/* set reply message type */
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 	
- 	log6_quiet(state, "DHCPCONFIRM", NULL, NULL);
- 	
-@@ -1121,7 +1120,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
- 	log6_quiet(state, "DHCPINFORMATION-REQUEST", NULL, ignore ? _("ignored") : state->hostname);
- 	if (ignore)
- 	  return 0;
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 	tagif = add_options(state, 1);
- 	break;
-       }
-@@ -1130,7 +1129,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-     case DHCP6RELEASE:
-       {
- 	/* set reply message type */
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 
- 	log6_quiet(state, "DHCPRELEASE", NULL, NULL);
- 
-@@ -1195,7 +1194,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-     case DHCP6DECLINE:
-       {
- 	/* set reply message type */
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 	
- 	log6_quiet(state, "DHCPDECLINE", NULL, NULL);
- 
--- 
-2.34.1
-