+++ /dev/null
---- a/Clients/Makefile
-+++ b/Clients/Makefile
-@@ -27,6 +27,8 @@
-
- #############################################################################
-
-+CC = @cc
-+
- # On OS X the dns_sd library functions are included in libSystem, which is implicitly linked with every executable
- # If /usr/lib/libSystem.dylib exists, then we're on OS X, so we don't need also to link the "dns_sd" shared library
- ifneq "$(wildcard /usr/lib/libSystem.dylib)" ""
-@@ -46,10 +48,10 @@ build:
- mkdir build
-
- build/dns-sd: build dns-sd.c ClientCommon.c
-- $(CC) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@
-+ $(CC) $(CFLAGS) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@
-
- build/dns-sd64: build dns-sd.c ClientCommon.c
-- $(CC) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ -m64
-+ $(CC) $(CFLAGS) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ -m64
-
- # Note, we can make a 'fat' version of dns-sd using 'lipo', as shown below, but we
- # don't, because we don't want or need a 'fat' version of dns-sd, because it will
---- a/mDNSPosix/Makefile
-+++ b/mDNSPosix/Makefile
-@@ -54,11 +54,12 @@ COREDIR = ../mDNSCore
- SHAREDDIR ?= ../mDNSShared
- JDK = /usr/jdk
-
--CC = @cc
-+CC = @gcc
- BISON = @bison
- FLEX = @flex
- ST = @strip
--LD = ld -shared
-+LD = @ld
-+SOOPTS = -shared
- CP = cp
- RM = rm
- LN = ln -s -f
-@@ -92,7 +93,7 @@ CFLAGS_DEBUG = -O0 -DMDNS_DEBUGMSGS=0
- CFLAGS_OS = -DNOT_HAVE_DAEMON -DNOT_HAVE_SA_LEN -DNOT_HAVE_SOCKLEN_T -DNOT_HAVE_IF_NAMETOINDEX \
- -DLOG_PERROR=0 -D_XPG4_2 -D__EXTENSIONS__ -DHAVE_BROKEN_RECVIF_NAME -DTARGET_OS_SOLARIS
- CC = gcc
--LD = gcc -shared
-+LD = gcc
- LINKOPTS = -lsocket -lnsl -lresolv
- JAVACFLAGS_OS += -I$(JDK)/include/solaris
- ifneq ($(DEBUG),1)
-@@ -149,7 +150,8 @@ -D__MAC_OS_X_VERSION_MIN_REQUIRED=__MAC_OS_X_VERSION_10_4 \
- -DHAVE_STRLCPY=1 \
- -D__APPLE_USE_RFC_2292 #-Wunreachable-code
- CC = gcc
--LD = $(CC) -dynamiclib
-+LD = $(CC)
-+SOOPTS= -dynamiclib
- LINKOPTS = -lSystem
- LDSUFFIX = dylib
- JDK = /System/Library/Frameworks/JavaVM.framework/Home
-@@ -172,8 +174,9 @@ NSSLIBFILE := $(NSSLIBNAME)-$(NSSVERSIO
- NSSLINKNAME := $(NSSLIBNAME).so.2
- NSSINSTPATH := /lib
-
--# If not otherwise defined, we install into /usr/lib and /usr/include
-+# If not otherwise defined, we install into /usr/lib, /usr/include and /etc
- # and our startup script is called mdns (e.g. /etc/init.d/mdns)
-+ETCBASE?=/etc
- INSTBASE?=/usr
- STARTUPSCRIPTNAME?=mdns
-
-@@ -259,7 +262,7 @@ libdns_sd: setup $(BUILDDIR)/libdns_sd.$
- CLIENTLIBOBJS = $(OBJDIR)/dnssd_clientlib.c.so.o $(OBJDIR)/dnssd_clientstub.c.so.o $(OBJDIR)/dnssd_ipc.c.so.o
-
- $(BUILDDIR)/libdns_sd.$(LDSUFFIX): $(CLIENTLIBOBJS)
-- @$(LD) $(LINKOPTS) -o $@ $+
-+ @$(LD) $(SOOPTS) $(LINKOPTS) -o $@ $+
- @$(STRIP) $@
-
- Clients: setup libdns_sd ../Clients/build/dns-sd
-@@ -294,7 +297,7 @@ InstalledManPages: $(MANPATH)/man8/mdnsd
- InstalledClients: $(INSTBASE)/bin/dns-sd
- @echo $+ " installed"
-
--InstalledNSS: $(NSSINSTPATH)/$(NSSLINKNAME) /etc/nss_mdns.conf $(MANPATH)/man5/nss_mdns.conf.5 $(MANPATH)/man8/libnss_mdns.8
-+InstalledNSS: $(NSSINSTPATH)/$(NSSLINKNAME) $(ETCBASE)/nss_mdns.conf $(MANPATH)/man5/nss_mdns.conf.5 $(MANPATH)/man8/libnss_mdns.8
- @echo $+ " installed"
-
- # Note: If daemon already installed, we make sure it's stopped before overwriting it
-@@ -347,19 +350,21 @@ $(INSTBASE)/bin/dns-sd: ../Clients/build
-
- $(NSSINSTPATH)/$(NSSLINKNAME): $(NSSINSTPATH)/$(NSSLIBFILE)
- $(LN) $< $@
-- ldconfig
-+ifdef LDCONFIG
-+ $(LDCONFIG)
-+endif
-
- $(NSSINSTPATH)/$(NSSLIBFILE): $(BUILDDIR)/$(NSSLIBFILE)
- $(CP) $< $@
- chmod 444 $@
-
--/etc/nss_mdns.conf: nss_mdns.conf
-+$(ETCBASE)/nss_mdns.conf: nss_mdns.conf
- $(CP) $< $@
- chmod 444 $@
- # Check the nsswitch.conf file.
- # If 'mdns' does not already appear on the "hosts:" line, then add it right before 'dns'
-- cp -f /etc/nsswitch.conf /etc/nsswitch.conf.pre-mdns
-- sed -e '/mdns/!s/^\(hosts:.*\)dns\(.*\)/\1mdns dns\2/' /etc/nsswitch.conf.pre-mdns > /etc/nsswitch.conf
-+ -[ -f $(ETCBASE)/nsswitch.conf ] && cp -f $(ETCBASE)/nsswitch.conf $(ETCBASE)/nsswitch.conf.pre-mdns
-+ -[ -f $(ETCBASE)/nsswitch.conf ] && sed -e '/mdns/!s/^\(hosts:.*\)dns\(.*\)/\1mdns dns\2/' $(ETCBASE)/nsswitch.conf.pre-mdns > $(ETCBASE)/nsswitch.conf
-
- #############################################################################
+++ /dev/null
-diff --git a/Clients/Makefile b/Clients/Makefile
-index 383af31..925c20e 100755
---- a/Clients/Makefile
-+++ b/Clients/Makefile
-@@ -36,7 +36,7 @@ TARGETS = build/dns-sd build/dns-sd64
- LIBS =
- else
- TARGETS = build/dns-sd
--LIBS = -L../mDNSPosix/build/prod/ -ldns_sd
-+LIBS ?= -L../mDNSPosix/build/prod/ -ldns_sd
- endif
-
- all: $(TARGETS)
-diff --git a/mDNSPosix/PosixDaemon.c b/mDNSPosix/PosixDaemon.c
-index 88b3292..e86a6c7 100644
---- a/mDNSPosix/PosixDaemon.c
-+++ b/mDNSPosix/PosixDaemon.c
-@@ -37,6 +37,11 @@
- #include <fcntl.h>
- #include <pwd.h>
- #include <sys/types.h>
-+#ifdef __linux__
-+#include <sys/capability.h> /* !!! We require libcap-dev for this. Oh well. */
-+/* prctl is required to enable inheriting of capabilities across setuid */
-+#include <sys/prctl.h>
-+#endif /* __linux__ */
-
- #if __APPLE__
- #undef daemon
-@@ -184,16 +189,50 @@ int main(int argc, char **argv)
-
- Reconfigure(&mDNSStorage);
-
-+#ifdef __linux__
-+ /*
-+ * SO_BINDTODEVICE is privileged operation; however, we can get
-+ * around it using capabilities instead of remaining root.
-+ */
-+ if (mStatus_NoError == err)
-+ {
-+ if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0)
-+ perror("prctl PR_SET_KEEPCAPS");
-+ }
-+#endif /* __linux__ */
-+
- // Now that we're finished with anything privileged, switch over to running as "nobody"
- if (mStatus_NoError == err)
- {
- const struct passwd *pw = getpwnam("nobody");
- if (pw != NULL)
-+ {
- setuid(pw->pw_uid);
-+#ifdef __linux__
-+ struct __user_cap_header_struct ch;
-+ struct __user_cap_data_struct cd[_LINUX_CAPABILITY_U32S_3];
-+
-+ memset(&ch, 0, sizeof(ch));
-+ ch.version = _LINUX_CAPABILITY_VERSION_3;
-+ ch.pid = getpid();
-+ memset(&cd[0], 0, sizeof(cd));
-+ /* CAP_NET_RAW is required to use SO_BINDTODEVICE */
-+ int caps = CAP_TO_MASK(CAP_NET_RAW);
-+ cd[0].permitted = caps;
-+ cd[0].effective = caps;
-+ if (capset(&ch, &cd[0]) < 0)
-+ perror("capset");
-+#endif /* __linux__ */
-+ }
- else
- LogMsg("WARNING: mdnsd continuing as root because user \"nobody\" does not exist");
- }
-
-+#ifdef __linux__
-+ if (mStatus_NoError == err)
-+ err = mDNSPlatformPosixRefreshInterfaceList(&mDNSStorage);
-+#endif /* __linux__ */
-+
- if (mStatus_NoError == err)
- err = MainLoop(&mDNSStorage);
-
-diff --git a/mDNSPosix/mDNSPosix.c b/mDNSPosix/mDNSPosix.c
-index 6effa12..7c1d6eb 100755
---- a/mDNSPosix/mDNSPosix.c
-+++ b/mDNSPosix/mDNSPosix.c
-@@ -733,6 +741,29 @@ mDNSlocal int SetupSocket(struct sockaddr *intfAddr, mDNSIPPort port, int interf
- if (err < 0) { err = errno; perror("setsockopt - IP_MULTICAST_TTL"); }
- }
-
-+#ifdef __linux__
-+#ifdef SO_BINDTODEVICE
-+ if (err == 0 && interfaceIndex)
-+ {
-+ char ifname[IFNAMSIZ];
-+ if (if_indextoname(interfaceIndex, ifname))
-+ {
-+ err = setsockopt(*sktPtr, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname));
-+ if (err < 0)
-+ {
-+ err = errno;
-+ perror("setsockopt - SO_BINDTODEVICE");
-+ }
-+ }
-+ else
-+ {
-+ err = errno;
-+ perror("if_indextoname");
-+ }
-+ }
-+#endif /* SO_BINDTODEVICE */
-+#endif /* __linux__ */
-+
- // And start listening for packets
- if (err == 0)
- {
-@@ -814,6 +845,29 @@ mDNSlocal int SetupSocket(struct sockaddr *intfAddr, mDNSIPPort port, int interf
- if (err < 0) { err = errno; perror("setsockopt - IPV6_MULTICAST_HOPS"); }
- }
-
-+#ifdef __linux__
-+#ifdef SO_BINDTODEVICE
-+ if (err == 0 && interfaceIndex)
-+ {
-+ char ifname[IFNAMSIZ];
-+ if (if_indextoname(interfaceIndex, ifname))
-+ {
-+ err = setsockopt(*sktPtr, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname));
-+ if (err < 0)
-+ {
-+ err = errno;
-+ perror("setsockopt - SO_BINDTODEVICE");
-+ }
-+ }
-+ else
-+ {
-+ err = errno;
-+ perror("if_indextoname");
-+ }
-+ }
-+#endif /* SO_BINDTODEVICE */
-+#endif /* __linux__ */
-+
- // And start listening for packets
- if (err == 0)
- {
-@@ -958,19 +1017,14 @@ mDNSlocal int SetupInterfaceList(mDNS *const m)
- int err = 0;
- struct ifi_info *intfList = get_ifi_info(AF_INET, mDNStrue);
- struct ifi_info *firstLoopback = NULL;
-+ struct ifi_info **p = &intfList;
-
- assert(m != NULL);
- debugf("SetupInterfaceList");
-
-- if (intfList == NULL) err = ENOENT;
--
- #if HAVE_IPV6
-- if (err == 0) /* Link the IPv6 list to the end of the IPv4 list */
-- {
-- struct ifi_info **p = &intfList;
-- while (*p) p = &(*p)->ifi_next;
-- *p = get_ifi_info(AF_INET6, mDNStrue);
-- }
-+ while (*p) p = &(*p)->ifi_next;
-+ *p = get_ifi_info(AF_INET6, mDNStrue);
- #endif
-
- if (err == 0)
-@@ -1046,7 +1100,7 @@ mDNSlocal mStatus OpenIfNotifySocket(int *pFD)
- /* Subscribe the socket to Link & IP addr notifications. */
- mDNSPlatformMemZero(&snl, sizeof snl);
- snl.nl_family = AF_NETLINK;
-- snl.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR;
-+ snl.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR | RTMGRP_IPV6_IFADDR;
- ret = bind(sock, (struct sockaddr *) &snl, sizeof snl);
- if (0 == ret)
- *pFD = sock;
-@@ -1124,11 +1178,18 @@ mDNSlocal mDNSu32 ProcessRoutingNotification(int sd)
- PrintNetLinkMsg(pNLMsg);
- #endif
-
-+ // this result isn't used anywhere as a number, just as
-+ // non-zero - however, I have seen devices with more than 32
-+ // interfaces at some point..
-+ // (on Linux, every tunnel increases index for example)
-+
- // Process the NetLink message
- if (pNLMsg->nlmsg_type == RTM_GETLINK || pNLMsg->nlmsg_type == RTM_NEWLINK)
-- result |= 1 << ((struct ifinfomsg*) NLMSG_DATA(pNLMsg))->ifi_index;
-+ result |= 1;
-+ // << ((struct ifinfomsg*) NLMSG_DATA(pNLMsg))->ifi_index;
- else if (pNLMsg->nlmsg_type == RTM_DELADDR || pNLMsg->nlmsg_type == RTM_NEWADDR)
-- result |= 1 << ((struct ifaddrmsg*) NLMSG_DATA(pNLMsg))->ifa_index;
-+ result |= 1;
-+ // << ((struct ifaddrmsg*) NLMSG_DATA(pNLMsg))->ifa_index;
-
- // Advance pNLMsg to the next message in the buffer
- if ((pNLMsg->nlmsg_flags & NLM_F_MULTI) != 0 && pNLMsg->nlmsg_type != NLMSG_DONE)
-@@ -1299,8 +1360,12 @@ mDNSexport mStatus mDNSPlatformInit(mDNS *const m)
- if (err == mStatus_NoError) err = SetupSocket(&sa, zeroIPPort, 0, &m->p->unicastSocket6);
- #endif
-
-+ // In Linux case, we can't set up sockets with different owner -
-+ // it blows up SO_REUSEPORT. So we do this step bit later.
-+#ifndef __linux__
- // Tell mDNS core about the network interfaces on this machine.
- if (err == mStatus_NoError) err = SetupInterfaceList(m);
-+#endif /* !__linux__ */
-
- // Tell mDNS core about DNS Servers
- mDNS_Lock(m);
-diff --git a/mDNSPosix/mDNSUNP.c b/mDNSPosix/mDNSUNP.c
-index b392fc7..f551ad5 100755
---- a/mDNSPosix/mDNSUNP.c
-+++ b/mDNSPosix/mDNSUNP.c
-@@ -63,6 +63,7 @@
- #if defined(AF_INET6) && HAVE_IPV6 && HAVE_LINUX
- #include <netdb.h>
- #include <arpa/inet.h>
-+#include <linux/if_addr.h>
-
- /* Converts a prefix length to IPv6 network mask */
- void plen_to_mask(int plen, char *addr) {
-@@ -127,6 +128,8 @@
- nitems = fscanf(fp, ifnameFmt, ifname);
- if (nitems != 1) break;
-
-+ if (flags & IFA_F_DEPRECATED) continue;
-+
- if (strcmp(lastname, ifname) == 0) {
- if (doaliases == 0)
- continue; /* already processed this interface */
-diff --git a/mDNSShared/dnsextd_parser.y b/mDNSShared/dnsextd_parser.y
-index 18c5990..d4b63ce 100644
---- a/mDNSShared/dnsextd_parser.y
-+++ b/mDNSShared/dnsextd_parser.y
-@@ -15,6 +15,8 @@
- * limitations under the License.
- */
-
-+%parse-param { void *context }
-+
- %{
- #include <stdio.h>
- #include <stdlib.h>
-@@ -23,7 +25,7 @@
- #include "DebugServices.h"
- #include "dnsextd.h"
-
--void yyerror( const char* error );
-+void yyerror( void *context, const char* error );
- int yylex(void);
-
-
-@@ -409,7 +419,7 @@ int yywrap(void);
-
- extern int yylineno;
-
--void yyerror( const char *str )
-+void yyerror( void *context, const char *str )
- {
- fprintf( stderr,"%s:%d: error: %s\n", g_filename, yylineno, str );
- }
+++ /dev/null
---- a/Clients/dns-sd.c
-+++ b/Clients/dns-sd.c
-@@ -2281,7 +2281,7 @@ Fail:
-
- // NOT static -- otherwise the compiler may optimize it out
- // The "@(#) " pattern is a special prefix the "what" command looks for
--const char VersionString_SCCS[] = "@(#) dns-sd " STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")";
-+const char VersionString_SCCS[] = "@(#) dns-sd " STRINGIFY(mDNSResponderVersion);
-
- #if _BUILDING_XCODE_PROJECT_
- // If the process crashes, then this string will be magically included in the automatically-generated crash log
---- a/mDNSPosix/PosixDaemon.c
-+++ b/mDNSPosix/PosixDaemon.c
-@@ -290,9 +290,9 @@ asm (".desc ___crashreporter_info__, 0x1
-
- // For convenience when using the "strings" command, this is the last thing in the file
- #if mDNSResponderVersion > 1
--mDNSexport const char mDNSResponderVersionString_SCCS[] = "@(#) mDNSResponder-" STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")";
-+mDNSexport const char mDNSResponderVersionString_SCCS[] = "@(#) mDNSResponder-" STRINGIFY(mDNSResponderVersion);
- #elif MDNS_VERSIONSTR_NODTS
- mDNSexport const char mDNSResponderVersionString_SCCS[] = "@(#) mDNSResponder (Engineering Build)";
- #else
--mDNSexport const char mDNSResponderVersionString_SCCS[] = "@(#) mDNSResponder (Engineering Build) (" __DATE__ " " __TIME__ ")";
-+mDNSexport const char mDNSResponderVersionString_SCCS[] = "@(#) mDNSResponder (Engineering Build)";
- #endif
---- a/mDNSShared/Java/JNISupport.c
-+++ b/mDNSShared/Java/JNISupport.c
-@@ -1069,4 +1069,4 @@ exit:
-
- // NOT static -- otherwise the compiler may optimize it out
- // The "@(#) " pattern is a special prefix the "what" command looks for
--const char VersionString_SCCS[] = "@(#) libjdns_sd " STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")";
-+const char VersionString_SCCS[] = "@(#) libjdns_sd " STRINGIFY(mDNSResponderVersion);
---- a/mDNSShared/dnsextd.c
-+++ b/mDNSShared/dnsextd.c
-@@ -3136,7 +3136,7 @@ mDNS mDNSStorage;
-
- // For convenience when using the "strings" command, this is the last thing in the file
- // The "@(#) " pattern is a special prefix the "what" command looks for
--const char mDNSResponderVersionString_SCCS[] = "@(#) dnsextd " STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")";
-+const char mDNSResponderVersionString_SCCS[] = "@(#) dnsextd " STRINGIFY(mDNSResponderVersion);
-
- #if _BUILDING_XCODE_PROJECT_
- // If the process crashes, then this string will be magically included in the automatically-generated crash log
---- a/mDNSShared/dnssd_clientlib.c
-+++ b/mDNSShared/dnssd_clientlib.c
-@@ -363,4 +363,4 @@ DNSServiceErrorType DNSSD_API TXTRecordG
-
- // NOT static -- otherwise the compiler may optimize it out
- // The "@(#) " pattern is a special prefix the "what" command looks for
--const char VersionString_SCCS_libdnssd[] DNSSD_USED = "@(#) libdns_sd " STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")";
-+const char VersionString_SCCS_libdnssd[] DNSSD_USED = "@(#) libdns_sd " STRINGIFY(mDNSResponderVersion);