I've just created the first release candidate for dnsmasq-2.85.
Since 2.84 this has a couple of stand-alone configuration enhancements,
a fix for DNS retries which addresses a regression in 2.84, and a large
fix which address a historic error.
Way back, when Dan Kaminsky revealed the birthday att
On Wed, Mar 17, 2021 at 2:55 PM Simon Kelley wrote:
>
> I've just created the first release candidate for dnsmasq-2.85.
>
[snip]
> TL;DR
>
> There's no problem unless you use
>
> server=8.8.8.8@eth0 or server=8.8.8.8@1.2.3.4
>
> (or their DBus equivalents)
>
> OR if you use NetWorkManager with d
2.85 will go into Debian unstable on the day it's released and into
testing after the normal delay.
A backport to the 2.80 package in Buster will happen, but may take a
little longer.
Simon.
On 17/03/2021 23:11, Amit wrote:
> On Wed, Mar 17, 2021 at 2:55 PM Simon Kelley wrote:
>>
>> I've just c
Am 17.03.21 um 22:48 schrieb Simon Kelley:
> Please download
>
> https://thekelleys.org.uk/dnsmasq/release-candidates/dnsmasq-2.85rc1.tar.gz
>
> and test it thoroughly. Then look at the diff at
Simon,
thanks for your and Petr's efforts on this.
Unfortunately, 2.85rc1 does not compile on FreeBSD
Following up on my own message,
I have added a FreeBSD port named dnsmasq-devel that is at 2.85rc1
currently and includes the added rename of ifr_ifindex to ifr_index to
make it compile,
for testing purposes.
Will there be an official, terser, security advisory? I have for now
written ⅔s of FreeBS
Hello
Le 17/03/2021 à 22:48, Simon Kelley a écrit :
[...]
https://thekelleys.org.uk/dnsmasq/release-candidates/dnsmasq-2.85rc1.tar.gz
Thanks Simon. FYI I didn't get it compiled (as well as 2,84) on Debian
Buster getting
cc -o dnsmasq cache.o rfc1035.o util.o option.o forward.o network.o
Feel free to use RH bug [1] or vulnerability page [2], if that helps.
1. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2021-3448
2. https://access.redhat.com/security/cve/CVE-2021-3448
On 3/18/21 1:17 AM, Matthias Andree wrote:
> Following up on my own message,
> I have added a FreeBSD port nam
Hi.
It seems this should be reported to nettle (development) package.
"pkg-config --libs nettle hogweed" should report all required
libraries. I am not sure how it could be improved on dnsmasq side.
Does it use any defines enabling gmp usage on compilation time?
On 3/18/21 9:38 AM, Daniel via D
Hi Matthias,
I am attaching candidate patch. We already use if_nametoindex for IPv6
scope, I think it should be used here as well. Because no good error
recovery is available, use ifindex just if it has correct value. Reduces
a few lines.
Regards,
Petr
On 3/18/21 12:53 AM, Matthias Andree wrote:
Hi
Le 18/03/2021 à 13:04, Petr Menšík a écrit :
Hi.
It seems this should be reported to nettle (development) package.
"pkg-config --libs nettle hogweed" should report all required
libraries. I am not sure how it could be improved on dnsmasq side.
Does it use any defines enabling gmp usage on
On 18/03/2021 08:38, Daniel via Dnsmasq-discuss wrote:
> Hello
>
> Le 17/03/2021 à 22:48, Simon Kelley a écrit :
>> [...]
>>
>> https://thekelleys.org.uk/dnsmasq/release-candidates/dnsmasq-2.85rc1.tar.gz
>>
>
> Thanks Simon. FYI I didn't get it compiled (as well as 2,84) on Debian
> Buster gettin
On 17/03/2021 23:53, Matthias Andree wrote:
> Am 17.03.21 um 22:48 schrieb Simon Kelley:
>> Please download
>>
>> https://thekelleys.org.uk/dnsmasq/release-candidates/dnsmasq-2.85rc1.tar.gz
>>
>> and test it thoroughly. Then look at the diff at
>
> Simon,
>
> thanks for your and Petr's efforts on
Am 19.03.21 um 23:20 schrieb Simon Kelley:
> On 17/03/2021 23:53, Matthias Andree wrote:
>> Am 17.03.21 um 22:48 schrieb Simon Kelley:
>>> Please download
>>>
>>> https://thekelleys.org.uk/dnsmasq/release-candidates/dnsmasq-2.85rc1.tar.gz
>>>
>>> and test it thoroughly. Then look at the diff at
>>
>>
>> 2) On *BSD this is moot anyway, since the index we're deriving is used
>> for binding a UDP socket to an interface, and *BSD doesn't, as far as I
>> know, have an equivalent of the SO_BINDTODEVICE linux ioctl, so it's not
>> supported. Matthias, you can't test any code, since to do so you'
Le 19/03/2021 à 23:37, Simon Kelley a écrit :
On 18/03/2021 08:38, Daniel via Dnsmasq-discuss wrote:
Hello
Le 17/03/2021 à 22:48, Simon Kelley a écrit :
[...]
https://thekelleys.org.uk/dnsmasq/release-candidates/dnsmasq-2.85rc1.tar.gz
Thanks Simon. FYI I didn't get it compiled (as well as
On 20/03/2021 11:11, Daniel via Dnsmasq-discuss wrote:
>
> Le 19/03/2021 à 23:37, Simon Kelley a écrit :
>> On 18/03/2021 08:38, Daniel via Dnsmasq-discuss wrote:
>>> Hello
>>>
>>> Le 17/03/2021 à 22:48, Simon Kelley a écrit :
[...]
https://thekelleys.org.uk/dnsmasq/release-candid
Le 20/03/2021 à 22:55, Simon Kelley a écrit :
On 20/03/2021 11:11, Daniel via Dnsmasq-discuss wrote:
Le 19/03/2021 à 23:37, Simon Kelley a écrit :
On 18/03/2021 08:38, Daniel via Dnsmasq-discuss wrote:
Hello
Le 17/03/2021 à 22:48, Simon Kelley a écrit :
[...]
https://thekelleys.org.uk/dns
On 21/03/2021 12:12, Daniel via Dnsmasq-discuss wrote:
>
> Le 20/03/2021 à 22:55, Simon Kelley a écrit :
>>
>> On 20/03/2021 11:11, Daniel via Dnsmasq-discuss wrote:
>>> Le 19/03/2021 à 23:37, Simon Kelley a écrit :
On 18/03/2021 08:38, Daniel via Dnsmasq-discuss wrote:
> Hello
>
>>
Le 21/03/2021 à 23:39, Simon Kelley a écrit :
On 21/03/2021 12:12, Daniel via Dnsmasq-discuss wrote:
Le 20/03/2021 à 22:55, Simon Kelley a écrit :
On 20/03/2021 11:11, Daniel via Dnsmasq-discuss wrote:
Le 19/03/2021 à 23:37, Simon Kelley a écrit :
On 18/03/2021 08:38, Daniel via Dnsmasq-dis
-DHAVE_CRYPTOHASH is needed only when -DHAVE_DNSSEC is NOT enabled.
Please turn off either DNSSEC or CRYPTOHASH. When DNSSEC is enabled,
CRYPTOHASH is always used without explicit declaration. It is there to
use cryptohash only without DNSSEC support compiled in.
It is unsolved corner case in my s
Hi Petr
Le 22/03/2021 à 13:56, Petr Menšík a écrit :
-DHAVE_CRYPTOHASH is needed only when -DHAVE_DNSSEC is NOT enabled.
Please turn off either DNSSEC or CRYPTOHASH. When DNSSEC is enabled,
CRYPTOHASH is always used without explicit declaration. It is there to
use cryptohash only without DNSSEC
Hi,
More below...
On 3/20/21 10:26 AM, Simon Kelley wrote:
>
>
>>>
>>> 2) On *BSD this is moot anyway, since the index we're deriving is used
>>> for binding a UDP socket to an interface, and *BSD doesn't, as far as I
>>> know, have an equivalent of the SO_BINDTODEVICE linux ioctl, so it's not
>
22 matches
Mail list logo
