From patchwork Wed Apr 29 07:39:06 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kevin Darbyshire-Bryant X-Patchwork-Id: 465912 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from arrakis.dune.hu (arrakis.dune.hu [78.24.191.176]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 1D8CE140320 for ; Wed, 29 Apr 2015 17:39:40 +1000 (AEST) Received: from arrakis.dune.hu (localhost [127.0.0.1]) by arrakis.dune.hu (Postfix) with ESMTP id E114C28A70D; Wed, 29 Apr 2015 09:38:28 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on arrakis.dune.hu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00 autolearn=unavailable version=3.3.2 Received: from arrakis.dune.hu (localhost [127.0.0.1]) by arrakis.dune.hu (Postfix) with ESMTP id F2D7828A1AA for ; Wed, 29 Apr 2015 09:38:21 +0200 (CEST) X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 HELO_IP_IN_CL_SUBNET=-1.2 (check from: .darbyshire-bryant. - helo: .emea01-am1-obe.outbound.protection.outlook. - helo-domain: .outlook.) FROM/MX_MATCHES_HELO(DOMAIN)=-2; rate: -7.7 Received: from emea01-am1-obe.outbound.protection.outlook.com (mail-am1on0058.outbound.protection.outlook.com [157.56.112.58]) by arrakis.dune.hu (Postfix) with ESMTPS for ; Wed, 29 Apr 2015 09:38:20 +0200 (CEST) Authentication-Results: lists.openwrt.org; dkim=none (message not signed) header.d=none; Received: from [192.168.235.234] (151.227.238.44) by VI1PR07MB0943.eurprd07.prod.outlook.com (25.161.110.148) with Microsoft SMTP Server (TLS) id 15.1.148.16; Wed, 29 Apr 2015 07:39:21 +0000 Message-ID: <55408A9A.9050301@darbyshire-bryant.me.uk> Date: Wed, 29 Apr 2015 08:39:06 +0100 From: Kevin Darbyshire-Bryant User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: X-Originating-IP: [151.227.238.44] X-ClientProxiedBy: CY1PR13CA0001.namprd13.prod.outlook.com (25.162.30.139) To VI1PR07MB0943.eurprd07.prod.outlook.com (25.161.110.148) X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:VI1PR07MB0943; X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(5005006)(3002001); SRVR:VI1PR07MB0943; BCL:0; PCL:0; RULEID:; SRVR:VI1PR07MB0943; X-Forefront-PRVS: 05610E64EE X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6049001)(6009001)(288314003)(65806001)(229853001)(2351001)(110136001)(74482002)(46102003)(50986999)(5890100001)(54356999)(512874002)(33656002)(65956001)(19580405001)(87266999)(84326002)(87976001)(1720100001)(65816999)(59896002)(64126003)(42186005)(77096005)(62966003)(122386002)(77156002)(15975445007)(86362001)(92566002)(450100001)(19580395003)(36756003)(40100003)(107886001)(117156001)(568964001)(66066001); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR07MB0943; H:[192.168.235.234]; FPR:; SPF:None; MLV:sfv; LANG:en; X-OriginatorOrg: darbyshire-bryant.me.uk X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Apr 2015 07:39:21.4894 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB0943 Subject: [OpenWrt-Devel] [PATCH] dnsmasq: bump to dnsmasq2.73rc7 X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openwrt-devel-bounces@lists.openwrt.org Sender: "openwrt-devel" Bump dnsmasq to v2.73rc7 Fixes DNSSEC over TCP issue Also include patch from dnsmasq upstream to include RRSIG RR replies in ANY queries Signed-off-by: Kevin Darbyshire-Bryant Tested Archer C7 Maybe I even get this one right :-) diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile index b962470..8f55274 100644 --- a/package/network/services/dnsmasq/Makefile +++ b/package/network/services/dnsmasq/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dnsmasq -PKG_VERSION:=2.73rc6 +PKG_VERSION:=2.73rc7 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/release-candidates -PKG_MD5SUM:=9ee735fe4f1250620f007039a034710f +PKG_MD5SUM:=526f7d51b71e07e6e431f5ea48f4b5be PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=COPYING diff --git a/package/network/services/dnsmasq/patches/001-include-RRSIG-RR-answers-to-ANY-queries.patch b/package/network/services/dnsmasq/patches/001-include-RRSIG-RR-answers-to-ANY-queries.patch new file mode 100644 index 0000000..40ccd1a --- /dev/null +++ b/package/network/services/dnsmasq/patches/001-include-RRSIG-RR-answers-to-ANY-queries.patch @@ -0,0 +1,29 @@ +From 2ed162ac204f3609fe4d9f9a0430baeaa352d88f Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Tue, 28 Apr 2015 21:26:35 +0100 +Subject: [PATCH] Don't remove RRSIG RR from answers to ANY queries when the + do bit is not set. + +--- + src/rfc1035.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/rfc1035.c b/src/rfc1035.c +index 32df31a..5828055 100644 +--- a/src/rfc1035.c ++++ b/src/rfc1035.c +@@ -1608,6 +1608,11 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen, + GETSHORT(qtype, p); + GETSHORT(qclass, p); + ++ /* Don't filter RRSIGS from answers to ANY queries, even if do-bit ++ not set. */ ++ if (qtype == T_ANY) ++ *do_bit = 1; ++ + ans = 0; /* have we answered this question */ + + if (qtype == T_TXT || qtype == T_ANY) +-- +1.7.10.4 +