diff --git a/dnsmasq-2.65-fix-so_reuseport-issue.patch b/dnsmasq-2.65-fix-so_reuseport-issue.patch new file mode 100644 index 0000000..6663bee --- /dev/null +++ b/dnsmasq-2.65-fix-so_reuseport-issue.patch @@ -0,0 +1,78 @@ +From 56a1142f033234e3ee3b6361e9a1bcdbe606f816 Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Tue, 2 Apr 2013 17:02:58 +0100 +Subject: [PATCH 1/1] SO_REUSEPORT may be defined, but not supported. + +--- + src/dhcp.c | 16 ++++++++++++---- + src/dhcp6.c | 18 +++++++++++++----- + 2 files changed, 25 insertions(+), 9 deletions(-) + +diff --git a/src/dhcp.c b/src/dhcp.c +index 6b8b803..dd25632 100644 +--- a/src/dhcp.c ++++ b/src/dhcp.c +@@ -65,14 +65,22 @@ static int make_fd(int port) + + /* When bind-interfaces is set, there might be more than one dnmsasq + instance binding port 67. That's OK if they serve different networks. +- Need to set REUSEADDR to make this posible, or REUSEPORT on *BSD. */ ++ Need to set REUSEADDR|REUSEPORT to make this posible. ++ Handle the case that REUSEPORT is defined, but the kernel doesn't ++ support it. This handles the introduction of REUSEPORT on Linux. */ + if (option_bool(OPT_NOWILD) || option_bool(OPT_CLEVERBIND)) + { ++ int rc = -1, porterr = 0; ++ + #ifdef SO_REUSEPORT +- int rc = setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &oneopt, sizeof(oneopt)); +-#else +- int rc = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &oneopt, sizeof(oneopt)); ++ if ((rc = setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &oneopt, sizeof(oneopt))) == -1 && ++ errno != ENOPROTOOPT) ++ porterr = 1; + #endif ++ ++ if (rc == -1 && !porterr) ++ rc = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &oneopt, sizeof(oneopt)); ++ + if (rc == -1) + die(_("failed to set SO_REUSE{ADDR|PORT} on DHCP socket: %s"), NULL, EC_BADNET); + } +diff --git a/src/dhcp6.c b/src/dhcp6.c +index dd53f86..a827b2f 100644 +--- a/src/dhcp6.c ++++ b/src/dhcp6.c +@@ -48,16 +48,24 @@ void dhcp6_init(void) + !set_ipv6pktinfo(fd)) + die (_("cannot create DHCPv6 socket: %s"), NULL, EC_BADNET); + +- /* When bind-interfaces is set, there might be more than one dnmsasq ++ /* When bind-interfaces is set, there might be more than one dnmsasq + instance binding port 547. That's OK if they serve different networks. +- Need to set REUSEADDR to make this posible, or REUSEPORT on *BSD. */ ++ Need to set REUSEADDR|REUSEPORT to make this posible. ++ Handle the case that REUSEPORT is defined, but the kernel doesn't ++ support it. This handles the introduction of REUSEPORT on Linux. */ + if (option_bool(OPT_NOWILD) || option_bool(OPT_CLEVERBIND)) + { ++ int rc = -1, porterr = 0; ++ + #ifdef SO_REUSEPORT +- int rc = setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &oneopt, sizeof(oneopt)); +-#else +- int rc = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &oneopt, sizeof(oneopt)); ++ if ((rc = setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &oneopt, sizeof(oneopt))) == -1 && ++ errno != ENOPROTOOPT) ++ porterr = 1; + #endif ++ ++ if (rc == -1 && !porterr) ++ rc = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &oneopt, sizeof(oneopt)); ++ + if (rc == -1) + die(_("failed to set SO_REUSE{ADDR|PORT} on DHCPv6 socket: %s"), NULL, EC_BADNET); + } +-- +1.7.2.5 + diff --git a/dnsmasq.spec b/dnsmasq.spec index a99eaa1..9fb40e3 100644 --- a/dnsmasq.spec +++ b/dnsmasq.spec @@ -13,7 +13,7 @@ Name: dnsmasq Version: 2.65 -Release: 6%{?extraversion}%{?dist} +Release: 7%{?extraversion}%{?dist} Summary: A lightweight DHCP/caching DNS server Group: System Environment/Daemons @@ -29,6 +29,8 @@ Patch1: %{name}-2.65-Handle-wrong-interface-for-locally-routed-packets.p # Code has been completely rewritten in new version # http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2013q1/006967.html Patch2: %{name}-2.65-Allocate-dhcp_buff-ers-also-if-deamon-ra_contexts.patch +# http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=patch;h=56a1142f033234e3ee3b6361e9a1bcdbe606f816;hp=5b37aa8c19a6ec3379518370661a659807758872 +Patch3: %{name}-2.65-fix-so_reuseport-issue.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -66,6 +68,7 @@ query/remove a DHCP server's leases. %patch0 -p1 -b .CVE-2013-0198 %patch1 -p1 -b .local_queries %patch2 -p2 -b .SIGSEGV +%patch3 -p1 -b .so_reuseport # use /var/lib/dnsmasq instead of /var/lib/misc for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do @@ -143,6 +146,9 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man1/dhcp_* %changelog +* Tue Jul 16 2013 Tomas Hozza - 2.65-7 +- Don't use SO_REUSEPORT if it's not suported (#950755) + * Tue Jun 11 2013 Tomas Hozza - 2.65-6 - use _hardened_build macro (#972968)