[Dnsmasq-discuss] Announce 2.85rc1 and security warning.

Petr Menšík pemensik at redhat.com
Fri Mar 19 08:27:32 UTC 2021 

Hi Matthias,

I am attaching candidate patch. We already use if_nametoindex for IPv6
scope, I think it should be used here as well. Because no good error
recovery is available, use ifindex just if it has correct value. Reduces
a few lines.

Regards,
Petr

On 3/18/21 12:53 AM, Matthias Andree wrote:
> Am 17.03.21 um 22:48 schrieb Simon Kelley:
>> Please download
>>
>> https://thekelleys.org.uk/dnsmasq/release-candidates/dnsmasq-2.85rc1.tar.gz
>>
>> and test it thoroughly. Then look at the diff at
> 
> Simon,
> 
> thanks for your and Petr's efforts on this.
> 
> Unfortunately, 2.85rc1 does not compile on FreeBSD 12.2 out of the box.
> 
>> cc -O2 -pipe  -Wall -Wno-unused-function -Wno-unused-parameter
>> -Wno-unused-value -Wno-unused-variable -DHAVE_LIBIDN2 -DHAVE_DNSSEC
>> -I/usr/local/include -DLIBICONV_PLUG -fstack-protector-strong
>> -fno-strict-aliasing  -O2 -pipe  -Wall -Wno-unused-function
>> -Wno-unused-parameter -Wno-unused-value -Wno-unused-variable
>> -DHAVE_LIBIDN2 -DHAVE_DNSSEC -I/usr/local/include -DLIBICONV_PLUG
>> -fstack-protector-strong -fno-strict-aliasing 
>> -DLOCALEDIR='"/usr/local/share/locale"' -DVERSION='"2.85rc1"'  
>> -I/usr/local/include       -I/usr/local/include  -I/usr/local/include
>> -DLIBICONV_PLUG -c network.c    
>> network.c:729:25: error: no member named 'ifr_ifindex' in 'struct ifreq'
>>            serv->ifindex = ifr.ifr_ifindex;
>>                            ~~~ ^
>> 1 error generated.
> 
> This name isn't defined on FreeBSD, but it does have this:
> 
> /usr/include/net/if.h:427:#define       ifr_index      
> ifr_ifru.ifru_index     /* interface index */
> 
> What would be a good smoke test to see if this works as intended, how do
> I need to stimulate dnsmasq?
> 
> Regards,
> Matthias

-- 
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Update-server-ifindex-in-platform-independent-way.patch
Type: text/x-patch
Size: 1243 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210319/2e45846c/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210319/2e45846c/attachment.sig>

More information about the Dnsmasq-discuss mailing list