[Dnsmasq-discuss] [PATCH v2 1/1] fix comment
Simon Kelley
simon at thekelleys.org.uk
Sat Mar 29 21:44:36 UTC 2025
Applied, with the exception of the boxen -> boxes.
I'm old enough to remember when "boxen" was suitable slang replacement
for "boxes" c.f. ox and oxen. So I kept it in for old times' sake.
Cheers,
Simon.
On 3/26/25 22:19, Paul Donald wrote:
> ---
> CHANGELOG | 32 ++++++++++++++++----------------
> man/dnsmasq.8 | 2 +-
> src/dhcp6.c | 2 +-
> src/forward.c | 2 +-
> src/option.c | 4 ++--
> src/poll.c | 2 +-
> src/radv.c | 6 +++---
> src/rfc2131.c | 2 +-
> src/slaac.c | 2 +-
> src/tftp.c | 4 ++--
> 10 files changed, 29 insertions(+), 29 deletions(-)
>
> diff --git a/CHANGELOG b/CHANGELOG
> index 6bb2649..02c639f 100644
> --- a/CHANGELOG
> +++ b/CHANGELOG
> @@ -1,13 +1,13 @@
> version 2.92
> - Redesign the interaction between DNSSEC vaildation and per-domain
> + Redesign the interaction between DNSSEC validation and per-domain
> servers, specified as --server=/<domain>/<ip-address>. This should
> just work in all cases now. If the normal chain-of-trust exists into
> the delegated domain then whether the domain is signed or not, DNSSEC
> - validation will function normally. In the case the delgated domain
> + validation will function normally. In the case the delegated domain
> is an "overlay" on top of the global DNS and no NS and/or DS records
> exist connecting it to the global dns, then if the domain is
> unsigned the situation will be handled by synthesising a
> - proof-of-non-existance-of-DS for the domain and queries will be
> + proof-of-non-existence-of-DS for the domain and queries will be
> answered unvalidated; this action will be logged. A signed domain
> without chain-of-trust can be validated if a suitable trust-anchor
> is provided using --trust-anchor. This change should be backwards
> @@ -141,7 +141,7 @@ version 2.91
> changing the behaviour of an installation with --no-x20-encode.
>
> Fix a long-standing problem when two queries which are identical
> - in every repect _except_ case, get combined by dnsmasq. If
> + in every respect _except_ case, get combined by dnsmasq. If
> dnsmasq gets eg, two queries for example.com and Example.com
> in quick succession it will get the answer for example.com from
> upstream and send that answer to both requestors. This means that
> @@ -159,7 +159,7 @@ version 2.90
> for a particular domain. Thanks to Daniel Danzberger for
> spotting this bug.
>
> - Set the default maximum DNS UDP packet sice to 1232. This
> + Set the default maximum DNS UDP packet size to 1232. This
> has been the recommended value since 2020 because it's the
> largest value that avoid fragmentation, and fragmentation
> is just not reliable on the modern internet, especially
> @@ -167,14 +167,14 @@ version 2.90
> --edns-packet-max for special circumstances.
>
> Add --no-dhcpv4-interface and --no-dhcpv6-interface for
> - better control over which inetrfaces are providing DHCP service.
> + better control over which interfaces are providing DHCP service.
>
> Fix issue with stale caching: After replying with stale data,
> dnsmasq sends the query upstream to refresh the cache asynchronously
> and sometimes sends the wrong packet: packet length can be wrong,
> and if an EDE marking stale data is added to the answer that can
> end up in the query also. This bug only seems to cause problems
> - when the usptream server is a DOH/DOT proxy. Thanks to Justin He
> + when the upstream server is a DOH/DOT proxy. Thanks to Justin He
> for the bug report.
>
> Add configurable caching for arbitrary RR-types.
> @@ -212,7 +212,7 @@ version 2.90
> Applied Cybersecurity ATHENE for finding this vulnerability.
>
> CVE 2023-50387 and CVE 2023-50868 apply.
> - Note that the is a security vulnerablity only when DNSSEC validation
> + Note that this a security vulnerability only when DNSSEC validation
> is enabled.
>
> Fix memory-leak when attempting to cache SRV records with zero TTL.
> @@ -298,7 +298,7 @@ version 2.88
> upstream servers from /etc/resolv.conf or other sources that
> can change dnsmasq tries to avoid memory fragmentation by re-using
> existing records that are being re-read unchanged. This involves
> - seaching all the server records for each new one installed.
> + searching all the server records for each new one installed.
> During startup this search is pointless, and can cause long
> start times with thousands of --server options because the work
> needed is O(n^2). Handle this case more intelligently.
> @@ -361,7 +361,7 @@ version 2.87
>
> Enhance --domain to accept, for instance,
> --domain=net2.thekelleys.org.uk,eth2 so that hosts get a domain
> - which relects the interface they are attached to in a way which
> + which reflects the interface they are attached to in a way which
> doesn't require hard-coding addresses. Thanks to Sten Spans for
> the idea.
>
> @@ -735,22 +735,22 @@ version 2.80
> but those which used the default of no checking will need to be
> altered to explicitly select no checking. The new default is
> because switching off checking for unsigned replies is
> - inherently dangerous. Not only does it open the possiblity of forged
> + inherently dangerous. Not only does it open the possibility of forged
> replies, but it allows everything to appear to be working even
> when the upstream namesevers do not support DNSSEC, and in this
> - case no DNSSEC validation at all is occuring.
> + case no DNSSEC validation at all is occurring.
>
> Fix DHCP broken-ness when --no-ping AND --dhcp-sequential-ip
> are set. Thanks to Daniel Miess for help with this.
>
> - Add a facilty to store DNS packets sent/recieved in a
> + Add a facility to store DNS packets sent/received in a
> pcap-format file for later debugging. The file location
> is given by the --dumpfile option, and a bitmap controlling
> which packets should be dumped is given by the --dumpmask
> option.
>
> Handle the case of both standard and constructed dhcp-ranges on the
> - same interface better. We don't now contruct a dhcp-range if there's
> + same interface better. We don't now construct a dhcp-range if there's
> already one specified. This allows the specified interface to
> have different parameters and avoids advertising the same
> prefix twice. Thanks to Luis Marsano for spotting this case.
> @@ -1220,7 +1220,7 @@ version 2.73
>
> Use inotify for checking on updates to /etc/resolv.conf and
> friends under Linux. This fixes race conditions when the files are
> - updated rapidly and saves CPU by noy polling. To build
> + updated rapidly and saves CPU by not polling. To build
> a binary that runs on old Linux kernels without inotify,
> use make COPTS=-DNO_INOTIFY
>
> @@ -1560,7 +1560,7 @@ version 2.68
> are dynamic and works much better than the previous
> work-around which exempted constructed DHCP ranges from the
> IP address filtering. As a consequence, that work-around
> - is removed. Under certain circumstances, this change wil
> + is removed. Under certain circumstances, this change will
> break existing configuration: if you're relying on the
> constructed-range exception, you need to change --auth-zone
> to specify the same interface as is used to construct your
> diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
> index f448ed2..d0ccd2a 100644
> --- a/man/dnsmasq.8
> +++ b/man/dnsmasq.8
> @@ -873,7 +873,7 @@ Set the maximum number of concurrent DNS queries. The default value is
> 150, which should be fine for most setups. The only known situation
> where this needs to be increased is when using web-server log file
> resolvers, which can generate large numbers of concurrent queries. This
> -parameter actually controls the number of concurrent queries per server group, where a server group is the set of server(s) associated with a single domain. So if a domain has it's own server via --server=/example.com/1.2.3.4 and 1.2.3.4 is not responding, but queries for *.example.com cannot go elsewhere, then other queries will not be affected. On configurations with many such server groups and tight resources, this value may need to be reduced.
> +parameter actually controls the number of concurrent queries per server group, where a server group is the set of server(s) associated with a single domain. So if a domain has its own server via --server=/example.com/1.2.3.4 and 1.2.3.4 is not responding, but queries for *.example.com cannot go elsewhere, then other queries will not be affected. On configurations with many such server groups and tight resources, this value may need to be reduced.
> .TP
> .B --dnssec
> Validate DNS replies and cache DNSSEC data. When forwarding DNS queries, dnsmasq requests the
> diff --git a/src/dhcp6.c b/src/dhcp6.c
> index 93c846a..06285d6 100644
> --- a/src/dhcp6.c
> +++ b/src/dhcp6.c
> @@ -812,7 +812,7 @@ void dhcp_construct_contexts(time_t now)
> {
> if ((context->flags & CONTEXT_RA) || option_bool(OPT_RA))
> {
> - /* previously constructed context has gone. advertise it's demise */
> + /* previously constructed context has gone; advertise its demise */
> context->flags |= CONTEXT_OLD;
> context->address_lost_time = now;
> /* Apply same ceiling of configured lease time as in radv.c */
> diff --git a/src/forward.c b/src/forward.c
> index 54ed326..2907e6a 100644
> --- a/src/forward.c
> +++ b/src/forward.c
> @@ -801,7 +801,7 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
> if (daemon->doctors && do_doctor(header, n, daemon->namebuff))
> cache_secure = 0;
>
> - /* check_for_bogus_wildcard() does it's own caching, so
> + /* check_for_bogus_wildcard() does its own caching, so
> don't call extract_addresses() if it triggers. */
> if (daemon->bogus_addr && rcode != NXDOMAIN &&
> check_for_bogus_wildcard(header, n, daemon->namebuff, now))
> diff --git a/src/option.c b/src/option.c
> index 0cc76a3..3f7e123 100644
> --- a/src/option.c
> +++ b/src/option.c
> @@ -961,7 +961,7 @@ char *parse_server(char *arg, struct server_details *sdetails)
> hints.ai_family = AF_UNSPEC;
>
> /* Get addresses suitable for sending datagrams. We assume that we can use the
> - same addresses for TCP connections. Settting this to zero gets each address
> + same addresses for TCP connections. Setting this to zero gets each address
> threes times, for SOCK_STREAM, SOCK_RAW and SOCK_DGRAM, which is not useful. */
> hints.ai_socktype = SOCK_DGRAM;
>
> @@ -3987,7 +3987,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
> while (arg)
> {
> comma = split(arg);
> - if (strchr(arg, ':')) /* ethernet address, netid or binary CLID */
> + if (strchr(arg, ':')) /* Ethernet address, netid or binary CLID */
> {
> if ((arg[0] == 'i' || arg[0] == 'I') &&
> (arg[1] == 'd' || arg[1] == 'D') &&
> diff --git a/src/poll.c b/src/poll.c
> index 8fff2d7..ff46a71 100644
> --- a/src/poll.c
> +++ b/src/poll.c
> @@ -98,7 +98,7 @@ void poll_listen(int fd, short event)
> {
> if (arrsize == nfds)
> {
> - /* Array too small, extend. */
> + /* Array too small. Extend. */
> struct pollfd *new;
>
> arrsize = (arrsize == 0) ? 64 : arrsize * 2;
> diff --git a/src/radv.c b/src/radv.c
> index a5d0109..f7c01ed 100644
> --- a/src/radv.c
> +++ b/src/radv.c
> @@ -411,7 +411,7 @@ static void send_ra_alias(time_t now, int iface, char *iface_name, struct in6_ad
> if (!old_prefix && !parm.found_context)
> return;
>
> - /* If we're sending router address instead of prefix in at least on prefix,
> + /* If we're sending router address instead of prefix in at least one prefix,
> include the advertisement interval option. */
> if (parm.adv_router)
> {
> @@ -825,10 +825,10 @@ time_t periodic_ra(time_t now)
> }
> else if (iface_enumerate(AF_INET6, ¶m, (callback_t){.af_inet6=iface_search}))
> /* There's a context overdue, but we can't find an interface
> - associated with it, because it's for a subnet we dont
> + associated with it, because it's for a subnet we don't
> have an interface on. Probably we're doing DHCP on
> a remote subnet via a relay. Zero the timer, since we won't
> - ever be able to send ra's and satisfy it. */
> + ever be able to send RAs to satisfy it. */
> context->ra_time = 0;
>
> if (param.iface != 0 &&
> diff --git a/src/rfc2131.c b/src/rfc2131.c
> index c54c255..5c5c90d 100644
> --- a/src/rfc2131.c
> +++ b/src/rfc2131.c
> @@ -1345,7 +1345,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
> else if (!lease && (ltmp = lease_find_by_addr(mess->yiaddr)))
> {
> /* If a host is configured with more than one MAC address, it's OK to 'nix
> - a lease from one of it's MACs to give the address to another. */
> + a lease from one of its MACs to give the address to another. */
> if (config && config_has_mac(config, ltmp->hwaddr, ltmp->hwaddr_len, ltmp->hwaddr_type))
> {
> inet_ntop(AF_INET, <mp->addr, daemon->addrbuff, ADDRSTRLEN);
> diff --git a/src/slaac.c b/src/slaac.c
> index 4586825..8b089c8 100644
> --- a/src/slaac.c
> +++ b/src/slaac.c
> @@ -61,7 +61,7 @@ void slaac_add_addrs(struct dhcp_lease *lease, time_t now, int force)
> else if (lease->clid_len == 9 &&
> lease->clid[0] == ARPHRD_EUI64 &&
> lease->hwaddr_type == ARPHRD_IEEE1394)
> - /* firewire has EUI-64 identifier as clid */
> + /* FireWire has EUI-64 identifier as clid */
> memcpy(&addr.s6_addr[8], &lease->clid[1], 8);
> #endif
> else
> diff --git a/src/tftp.c b/src/tftp.c
> index 62a365a..5745634 100644
> --- a/src/tftp.c
> +++ b/src/tftp.c
> @@ -274,7 +274,7 @@ void tftp_request(struct listener *listen, time_t now)
> }
>
> /* Enforce simultaneous transfer limit. In non-single-port mode
> - this is doene by not listening on the server socket when
> + this is done by not listening on the server socket when
> too many transfers are in progress. */
> if (!transfer && tftp_cnt >= daemon->tftp_max)
> return;
> @@ -401,7 +401,7 @@ void tftp_request(struct listener *listen, time_t now)
> }
> }
>
> - /* cope with backslashes from windows boxen. */
> + /* cope with backslashes from windows boxes. */
> for (p = filename; *p; p++)
> if (*p == '\\')
> *p = '/';
More information about the Dnsmasq-discuss
mailing list