1st release candidate for v2.81 after 18 months.
Refresh patches & remove all upstreamed leaving:
110-ipset-remove-old-kernel-support.patch
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
include $(TOPDIR)/rules.mk
PKG_NAME:=dnsmasq
-PKG_UPSTREAM_VERSION:=2.80
+PKG_UPSTREAM_VERSION:=2.81rc1
PKG_VERSION:=$(subst test,~~test,$(subst rc,~rc,$(PKG_UPSTREAM_VERSION)))
-PKG_RELEASE:=18
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_UPSTREAM_VERSION).tar.xz
-PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq
-PKG_HASH:=cdaba2785e92665cf090646cba6f94812760b9d7d8c8d0cfb07ac819377a63bb
+PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/release-candidates
+PKG_HASH:=47afc967fb3d673d1700ebfa2192ab1436197fa6e135e335f0d0ef17cdb2f0fc
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
TARGET_CFLAGS += -flto
TARGET_LDFLAGS += -flto=jobserver
-COPTS = -DHAVE_UBUS \
+COPTS = -DHAVE_UBUS -DHAVE_POLL_H \
$(if $(CONFIG_IPV6),,-DNO_IPV6)
ifeq ($(BUILD_VARIANT),nodhcpv6)
+++ /dev/null
-From a799ca0c6314ad73a97bc6c89382d2712a9c0b0e Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Thu, 18 Oct 2018 19:35:29 +0100
-Subject: [PATCH 01/32] Impove cache behaviour for TCP connections.
-
-For ease of implementaion, dnsmasq has always forked a new process to
-handle each incoming TCP connection. A side-effect of this is that any
-DNS queries answered from TCP connections are not cached: when TCP
-connections were rare, this was not a problem. With the coming of
-DNSSEC, it's now the case that some DNSSEC queries have answers which
-spill to TCP, and if, for instance, this applies to the keys for the
-root then those never get cached, and performance is very bad. This
-fix passes cache entries back from the TCP child process to the main
-server process, and fixes the problem.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- CHANGELOG | 14 ++++
- src/blockdata.c | 37 ++++++++-
- src/cache.c | 196 ++++++++++++++++++++++++++++++++++++++++++++++--
- src/dnsmasq.c | 58 ++++++++++++--
- src/dnsmasq.h | 5 ++
- 5 files changed, 291 insertions(+), 19 deletions(-)
-
---- a/CHANGELOG
-+++ b/CHANGELOG
-@@ -1,3 +1,17 @@
-+version 2.81
-+ Impove cache behaviour for TCP connections. For ease of
-+ implementaion, dnsmasq has always forked a new process to handle
-+ each incoming TCP connection. A side-effect of this is that
-+ any DNS queries answered from TCP connections are not cached:
-+ when TCP connections were rare, this was not a problem.
-+ With the coming of DNSSEC, it's now the case that some
-+ DNSSEC queries have answers which spill to TCP, and if,
-+ for instance, this applies to the keys for the root then
-+ those never get cached, and performance is very bad.
-+ This fix passes cache entries back from the TCP child process to
-+ the main server process, and fixes the problem.
-+
-+
- version 2.80
- Add support for RFC 4039 DHCP rapid commit. Thanks to Ashram Method
- for the initial patch and motivation.
---- a/src/blockdata.c
-+++ b/src/blockdata.c
-@@ -61,7 +61,7 @@ void blockdata_report(void)
- blockdata_alloced * sizeof(struct blockdata));
- }
-
--struct blockdata *blockdata_alloc(char *data, size_t len)
-+static struct blockdata *blockdata_alloc_real(int fd, char *data, size_t len)
- {
- struct blockdata *block, *ret = NULL;
- struct blockdata **prev = &ret;
-@@ -89,8 +89,17 @@ struct blockdata *blockdata_alloc(char *
- blockdata_hwm = blockdata_count;
-
- blen = len > KEYBLOCK_LEN ? KEYBLOCK_LEN : len;
-- memcpy(block->key, data, blen);
-- data += blen;
-+ if (data)
-+ {
-+ memcpy(block->key, data, blen);
-+ data += blen;
-+ }
-+ else if (!read_write(fd, block->key, blen, 1))
-+ {
-+ /* failed read free partial chain */
-+ blockdata_free(ret);
-+ return NULL;
-+ }
- len -= blen;
- *prev = block;
- prev = &block->next;
-@@ -100,6 +109,10 @@ struct blockdata *blockdata_alloc(char *
- return ret;
- }
-
-+struct blockdata *blockdata_alloc(char *data, size_t len)
-+{
-+ return blockdata_alloc_real(0, data, len);
-+}
-
- void blockdata_free(struct blockdata *blocks)
- {
-@@ -148,5 +161,21 @@ void *blockdata_retrieve(struct blockdat
-
- return data;
- }
--
-+
-+
-+void blockdata_write(struct blockdata *block, size_t len, int fd)
-+{
-+ for (; len > 0 && block; block = block->next)
-+ {
-+ size_t blen = len > KEYBLOCK_LEN ? KEYBLOCK_LEN : len;
-+ read_write(fd, block->key, blen, 0);
-+ len -= blen;
-+ }
-+}
-+
-+struct blockdata *blockdata_read(int fd, size_t len)
-+{
-+ return blockdata_alloc_real(fd, NULL, len);
-+}
-+
- #endif
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -26,6 +26,8 @@ static union bigname *big_free = NULL;
- static int bignames_left, hash_size;
-
- static void make_non_terminals(struct crec *source);
-+static struct crec *really_insert(char *name, struct all_addr *addr,
-+ time_t now, unsigned long ttl, unsigned short flags);
-
- /* type->string mapping: this is also used by the name-hash function as a mixing table. */
- static const struct {
-@@ -464,16 +466,10 @@ void cache_start_insert(void)
- new_chain = NULL;
- insert_error = 0;
- }
--
-+
- struct crec *cache_insert(char *name, struct all_addr *addr,
- time_t now, unsigned long ttl, unsigned short flags)
- {
-- struct crec *new, *target_crec = NULL;
-- union bigname *big_name = NULL;
-- int freed_all = flags & F_REVERSE;
-- int free_avail = 0;
-- unsigned int target_uid;
--
- /* Don't log DNSSEC records here, done elsewhere */
- if (flags & (F_IPV4 | F_IPV6 | F_CNAME))
- {
-@@ -484,7 +480,20 @@ struct crec *cache_insert(char *name, st
- if (daemon->min_cache_ttl != 0 && daemon->min_cache_ttl > ttl)
- ttl = daemon->min_cache_ttl;
- }
-+
-+ return really_insert(name, addr, now, ttl, flags);
-+}
-
-+
-+static struct crec *really_insert(char *name, struct all_addr *addr,
-+ time_t now, unsigned long ttl, unsigned short flags)
-+{
-+ struct crec *new, *target_crec = NULL;
-+ union bigname *big_name = NULL;
-+ int freed_all = flags & F_REVERSE;
-+ int free_avail = 0;
-+ unsigned int target_uid;
-+
- /* if previous insertion failed give up now. */
- if (insert_error)
- return NULL;
-@@ -645,12 +654,185 @@ void cache_end_insert(void)
- cache_hash(new_chain);
- cache_link(new_chain);
- daemon->metrics[METRIC_DNS_CACHE_INSERTED]++;
-+
-+ /* If we're a child process, send this cache entry up the pipe to the master.
-+ The marshalling process is rather nasty. */
-+ if (daemon->pipe_to_parent != -1)
-+ {
-+ char *name = cache_get_name(new_chain);
-+ ssize_t m = strlen(name);
-+ unsigned short flags = new_chain->flags;
-+#ifdef HAVE_DNSSEC
-+ u16 class = new_chain->uid;
-+#endif
-+
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&m, sizeof(m), 0);
-+ read_write(daemon->pipe_to_parent, (unsigned char *)name, m, 0);
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->ttd, sizeof(new_chain->ttd), 0);
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&flags, sizeof(flags), 0);
-+
-+ if (flags & (F_IPV4 | F_IPV6))
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr, sizeof(new_chain->addr), 0);
-+#ifdef HAVE_DNSSEC
-+ else if (flags & F_DNSKEY)
-+ {
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&class, sizeof(class), 0);
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.key.algo, sizeof(new_chain->addr.key.algo), 0);
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.key.keytag, sizeof(new_chain->addr.key.keytag), 0);
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.key.flags, sizeof(new_chain->addr.key.flags), 0);
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.key.keylen, sizeof(new_chain->addr.key.keylen), 0);
-+ blockdata_write(new_chain->addr.key.keydata, new_chain->addr.key.keylen, daemon->pipe_to_parent);
-+ }
-+ else if (flags & F_DS)
-+ {
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&class, sizeof(class), 0);
-+ /* A negative DS entry is possible and has no data, obviously. */
-+ if (!(flags & F_NEG))
-+ {
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.ds.algo, sizeof(new_chain->addr.ds.algo), 0);
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.ds.keytag, sizeof(new_chain->addr.ds.keytag), 0);
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.ds.digest, sizeof(new_chain->addr.ds.digest), 0);
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.ds.keylen, sizeof(new_chain->addr.ds.keylen), 0);
-+ blockdata_write(new_chain->addr.ds.keydata, new_chain->addr.ds.keylen, daemon->pipe_to_parent);
-+ }
-+ }
-+#endif
-+
-+ }
- }
-+
- new_chain = tmp;
- }
-+
-+ /* signal end of cache insert in master process */
-+ if (daemon->pipe_to_parent != -1)
-+ {
-+ ssize_t m = -1;
-+ read_write(daemon->pipe_to_parent, (unsigned char *)&m, sizeof(m), 0);
-+ }
-+
- new_chain = NULL;
- }
-
-+
-+/* A marshalled cache entry arrives on fd, read, unmarshall and insert into cache of master process. */
-+int cache_recv_insert(time_t now, int fd)
-+{
-+ ssize_t m;
-+ struct all_addr addr;
-+ unsigned long ttl;
-+ time_t ttd;
-+ unsigned short flags;
-+ struct crec *crecp = NULL;
-+
-+ cache_start_insert();
-+
-+ while(1)
-+ {
-+
-+ if (!read_write(fd, (unsigned char *)&m, sizeof(m), 1))
-+ return 0;
-+
-+ if (m == -1)
-+ {
-+ cache_end_insert();
-+ return 1;
-+ }
-+
-+ if (!read_write(fd, (unsigned char *)daemon->namebuff, m, 1) ||
-+ !read_write(fd, (unsigned char *)&ttd, sizeof(ttd), 1) ||
-+ !read_write(fd, (unsigned char *)&flags, sizeof(flags), 1))
-+ return 0;
-+
-+ daemon->namebuff[m] = 0;
-+
-+ ttl = difftime(ttd, now);
-+
-+ if (flags & (F_IPV4 | F_IPV6))
-+ {
-+ if (!read_write(fd, (unsigned char *)&addr, sizeof(addr), 1))
-+ return 0;
-+ crecp = really_insert(daemon->namebuff, &addr, now, ttl, flags);
-+ }
-+ else if (flags & F_CNAME)
-+ {
-+ struct crec *newc = really_insert(daemon->namebuff, NULL, now, ttl, flags);
-+ /* This relies on the fact the the target of a CNAME immediately preceeds
-+ it because of the order of extraction in extract_addresses, and
-+ the order reversal on the new_chain. */
-+ if (newc)
-+ {
-+ if (!crecp)
-+ {
-+ newc->addr.cname.target.cache = NULL;
-+ /* anything other than zero, to avoid being mistaken for CNAME to interface-name */
-+ newc->addr.cname.uid = 1;
-+ }
-+ else
-+ {
-+ next_uid(crecp);
-+ newc->addr.cname.target.cache = crecp;
-+ newc->addr.cname.uid = crecp->uid;
-+ }
-+ }
-+ }
-+#ifdef HAVE_DNSSEC
-+ else if (flags & (F_DNSKEY | F_DS))
-+ {
-+ unsigned short class, keylen, keyflags, keytag;
-+ unsigned char algo, digest;
-+ struct blockdata *keydata;
-+
-+ if (!read_write(fd, (unsigned char *)&class, sizeof(class), 1))
-+ return 0;
-+ /* Cache needs to known class for DNSSEC stuff */
-+ addr.addr.dnssec.class = class;
-+
-+ crecp = really_insert(daemon->namebuff, &addr, now, ttl, flags);
-+
-+ if (flags & F_DNSKEY)
-+ {
-+ if (!read_write(fd, (unsigned char *)&algo, sizeof(algo), 1) ||
-+ !read_write(fd, (unsigned char *)&keytag, sizeof(keytag), 1) ||
-+ !read_write(fd, (unsigned char *)&keyflags, sizeof(keyflags), 1) ||
-+ !read_write(fd, (unsigned char *)&keylen, sizeof(keylen), 1) ||
-+ !(keydata = blockdata_read(fd, keylen)))
-+ return 0;
-+ }
-+ else if (!(flags & F_NEG))
-+ {
-+ if (!read_write(fd, (unsigned char *)&algo, sizeof(algo), 1) ||
-+ !read_write(fd, (unsigned char *)&keytag, sizeof(keytag), 1) ||
-+ !read_write(fd, (unsigned char *)&digest, sizeof(digest), 1) ||
-+ !read_write(fd, (unsigned char *)&keylen, sizeof(keylen), 1) ||
-+ !(keydata = blockdata_read(fd, keylen)))
-+ return 0;
-+ }
-+
-+ if (crecp)
-+ {
-+ if (flags & F_DNSKEY)
-+ {
-+ crecp->addr.key.algo = algo;
-+ crecp->addr.key.keytag = keytag;
-+ crecp->addr.key.flags = flags;
-+ crecp->addr.key.keylen = keylen;
-+ crecp->addr.key.keydata = keydata;
-+ }
-+ else if (!(flags & F_NEG))
-+ {
-+ crecp->addr.ds.algo = algo;
-+ crecp->addr.ds.keytag = keytag;
-+ crecp->addr.ds.digest = digest;
-+ crecp->addr.ds.keylen = keylen;
-+ crecp->addr.ds.keydata = keydata;
-+ }
-+ }
-+ }
-+#endif
-+ }
-+}
-+
- int cache_find_non_terminal(char *name, time_t now)
- {
- struct crec *crecp;
---- a/src/dnsmasq.c
-+++ b/src/dnsmasq.c
-@@ -930,6 +930,10 @@ int main (int argc, char **argv)
- check_servers();
-
- pid = getpid();
-+
-+ daemon->pipe_to_parent = -1;
-+ for (i = 0; i < MAX_PROCS; i++)
-+ daemon->tcp_pipes[i] = -1;
-
- #ifdef HAVE_INOTIFY
- /* Using inotify, have to select a resolv file at startup */
-@@ -1611,7 +1615,7 @@ static int set_dns_listeners(time_t now)
- we don't need to explicitly arrange to wake up here */
- if (listener->tcpfd != -1)
- for (i = 0; i < MAX_PROCS; i++)
-- if (daemon->tcp_pids[i] == 0)
-+ if (daemon->tcp_pids[i] == 0 && daemon->tcp_pipes[i] == -1)
- {
- poll_listen(listener->tcpfd, POLLIN);
- break;
-@@ -1624,6 +1628,13 @@ static int set_dns_listeners(time_t now)
-
- }
-
-+#ifndef NO_FORK
-+ if (!option_bool(OPT_DEBUG))
-+ for (i = 0; i < MAX_PROCS; i++)
-+ if (daemon->tcp_pipes[i] != -1)
-+ poll_listen(daemon->tcp_pipes[i], POLLIN);
-+#endif
-+
- return wait;
- }
-
-@@ -1632,7 +1643,10 @@ static void check_dns_listeners(time_t n
- struct serverfd *serverfdp;
- struct listener *listener;
- int i;
--
-+#ifndef NO_FORK
-+ int pipefd[2];
-+#endif
-+
- for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
- if (poll_check(serverfdp->fd, POLLIN))
- reply_query(serverfdp->fd, serverfdp->source_addr.sa.sa_family, now);
-@@ -1642,7 +1656,26 @@ static void check_dns_listeners(time_t n
- if (daemon->randomsocks[i].refcount != 0 &&
- poll_check(daemon->randomsocks[i].fd, POLLIN))
- reply_query(daemon->randomsocks[i].fd, daemon->randomsocks[i].family, now);
--
-+
-+#ifndef NO_FORK
-+ /* Races. The child process can die before we read all of the data from the
-+ pipe, or vice versa. Therefore send tcp_pids to zero when we wait() the
-+ process, and tcp_pipes to -1 and close the FD when we read the last
-+ of the data - indicated by cache_recv_insert returning zero.
-+ The order of these events is indeterminate, and both are needed
-+ to free the process slot. Once the child process has gone, poll()
-+ returns POLLHUP, not POLLIN, so have to check for both here. */
-+ if (!option_bool(OPT_DEBUG))
-+ for (i = 0; i < MAX_PROCS; i++)
-+ if (daemon->tcp_pipes[i] != -1 &&
-+ poll_check(daemon->tcp_pipes[i], POLLIN | POLLHUP) &&
-+ !cache_recv_insert(now, daemon->tcp_pipes[i]))
-+ {
-+ close(daemon->tcp_pipes[i]);
-+ daemon->tcp_pipes[i] = -1;
-+ }
-+#endif
-+
- for (listener = daemon->listeners; listener; listener = listener->next)
- {
- if (listener->fd != -1 && poll_check(listener->fd, POLLIN))
-@@ -1736,15 +1769,20 @@ static void check_dns_listeners(time_t n
- while (retry_send(close(confd)));
- }
- #ifndef NO_FORK
-- else if (!option_bool(OPT_DEBUG) && (p = fork()) != 0)
-+ else if (!option_bool(OPT_DEBUG) && pipe(pipefd) == 0 && (p = fork()) != 0)
- {
-- if (p != -1)
-+ close(pipefd[1]); /* parent needs read pipe end. */
-+ if (p == -1)
-+ close(pipefd[0]);
-+ else
- {
- int i;
-+
- for (i = 0; i < MAX_PROCS; i++)
-- if (daemon->tcp_pids[i] == 0)
-+ if (daemon->tcp_pids[i] == 0 && daemon->tcp_pipes[i] == -1)
- {
- daemon->tcp_pids[i] = p;
-+ daemon->tcp_pipes[i] = pipefd[0];
- break;
- }
- }
-@@ -1761,7 +1799,7 @@ static void check_dns_listeners(time_t n
- int flags;
- struct in_addr netmask;
- int auth_dns;
--
-+
- if (iface)
- {
- netmask = iface->netmask;
-@@ -1777,7 +1815,11 @@ static void check_dns_listeners(time_t n
- /* Arrange for SIGALRM after CHILD_LIFETIME seconds to
- terminate the process. */
- if (!option_bool(OPT_DEBUG))
-- alarm(CHILD_LIFETIME);
-+ {
-+ alarm(CHILD_LIFETIME);
-+ close(pipefd[0]); /* close read end in child. */
-+ daemon->pipe_to_parent = pipefd[1];
-+ }
- #endif
-
- /* start with no upstream connections. */
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -1091,6 +1091,8 @@ extern struct daemon {
- size_t packet_len; /* " " */
- struct randfd *rfd_save; /* " " */
- pid_t tcp_pids[MAX_PROCS];
-+ int tcp_pipes[MAX_PROCS];
-+ int pipe_to_parent;
- struct randfd randomsocks[RANDOM_SOCKS];
- int v6pktinfo;
- struct addrlist *interface_addrs; /* list of all addresses/prefix lengths associated with all local interfaces */
-@@ -1152,6 +1154,7 @@ struct crec *cache_find_by_name(struct c
- char *name, time_t now, unsigned int prot);
- void cache_end_insert(void);
- void cache_start_insert(void);
-+int cache_recv_insert(time_t now, int fd);
- struct crec *cache_insert(char *name, struct all_addr *addr,
- time_t now, unsigned long ttl, unsigned short flags);
- void cache_reload(void);
-@@ -1174,6 +1177,8 @@ void blockdata_init(void);
- void blockdata_report(void);
- struct blockdata *blockdata_alloc(char *data, size_t len);
- void *blockdata_retrieve(struct blockdata *block, size_t len, void *data);
-+struct blockdata *blockdata_read(int fd, size_t len);
-+void blockdata_write(struct blockdata *block, size_t len, int fd);
- void blockdata_free(struct blockdata *blocks);
- #endif
-
+++ /dev/null
-From a220545c4277cba534be5ef4638b5076fc7d2cf4 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Mon, 22 Oct 2018 18:21:48 +0100
-Subject: [PATCH 02/32] Ensure that AD bit is reset on answers from
- --address=/<domain>/<address>.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/rfc1035.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
---- a/src/rfc1035.c
-+++ b/src/rfc1035.c
-@@ -938,9 +938,9 @@ size_t setup_reply(struct dns_header *he
- return 0;
-
- /* clear authoritative and truncated flags, set QR flag */
-- header->hb3 = (header->hb3 & ~(HB3_AA | HB3_TC)) | HB3_QR;
-- /* set RA flag */
-- header->hb4 |= HB4_RA;
-+ header->hb3 = (header->hb3 & ~(HB3_AA | HB3_TC )) | HB3_QR;
-+ /* clear AD flag, set RA flag */
-+ header->hb4 = (header->hb4 & ~HB4_AD) | HB4_RA;
-
- header->nscount = htons(0);
- header->arcount = htons(0);
+++ /dev/null
-From ee8750451b49d27b180517a4e35b636be0fae575 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Tue, 23 Oct 2018 22:10:17 +0100
-Subject: [PATCH 03/32] Remove ability to compile without IPv6 support.
-
-This was the source of a large number of #ifdefs, originally
-included for use with old embedded libc versions. I'm
-sure no-one wants or needs IPv6-free code these days, so this
-is a move towards more maintainable code.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/arp.c | 13 ----------
- src/auth.c | 53 ++++++++++----------------------------
- src/bpf.c | 10 ++------
- src/cache.c | 31 ++++------------------
- src/config.h | 30 +++-------------------
- src/conntrack.c | 2 --
- src/dbus.c | 4 ---
- src/dnsmasq.c | 6 ++---
- src/dnsmasq.h | 20 ++-------------
- src/domain.c | 28 +++-----------------
- src/dump.c | 4 ---
- src/edns0.c | 14 +---------
- src/forward.c | 68 ++++---------------------------------------------
- src/helper.c | 8 ------
- src/ipset.c | 9 +------
- src/netlink.c | 5 +---
- src/network.c | 54 +++------------------------------------
- src/option.c | 34 -------------------------
- src/rfc1035.c | 50 +++++++-----------------------------
- src/tables.c | 3 +--
- src/tftp.c | 17 ++-----------
- src/util.c | 13 +---------
- 22 files changed, 57 insertions(+), 419 deletions(-)
-
---- a/src/arp.c
-+++ b/src/arp.c
-@@ -44,11 +44,6 @@ static int filter_mac(int family, char *
- if (maclen > DHCP_CHADDR_MAX)
- return 1;
-
--#ifndef HAVE_IPV6
-- if (family != AF_INET)
-- return 1;
--#endif
--
- /* Look for existing entry */
- for (arp = arps; arp; arp = arp->next)
- {
-@@ -60,13 +55,11 @@ static int filter_mac(int family, char *
- if (arp->addr.addr.addr4.s_addr != ((struct in_addr *)addrp)->s_addr)
- continue;
- }
--#ifdef HAVE_IPV6
- else
- {
- if (!IN6_ARE_ADDR_EQUAL(&arp->addr.addr.addr6, (struct in6_addr *)addrp))
- continue;
- }
--#endif
-
- if (arp->status == ARP_EMPTY)
- {
-@@ -103,10 +96,8 @@ static int filter_mac(int family, char *
- memcpy(arp->hwaddr, mac, maclen);
- if (family == AF_INET)
- arp->addr.addr.addr4.s_addr = ((struct in_addr *)addrp)->s_addr;
--#ifdef HAVE_IPV6
- else
- memcpy(&arp->addr.addr.addr6, addrp, IN6ADDRSZ);
--#endif
- }
-
- return 1;
-@@ -136,11 +127,9 @@ int find_mac(union mysockaddr *addr, uns
- arp->addr.addr.addr4.s_addr != addr->in.sin_addr.s_addr)
- continue;
-
--#ifdef HAVE_IPV6
- if (arp->family == AF_INET6 &&
- !IN6_ARE_ADDR_EQUAL(&arp->addr.addr.addr6, &addr->in6.sin6_addr))
- continue;
--#endif
-
- /* Only accept positive entries unless in lazy mode. */
- if (arp->status != ARP_EMPTY || lazy || updated)
-@@ -203,10 +192,8 @@ int find_mac(union mysockaddr *addr, uns
-
- if (addr->sa.sa_family == AF_INET)
- arp->addr.addr.addr4.s_addr = addr->in.sin_addr.s_addr;
--#ifdef HAVE_IPV6
- else
- memcpy(&arp->addr.addr.addr6, &addr->in6.sin6_addr, IN6ADDRSZ);
--#endif
- }
-
- return 0;
---- a/src/auth.c
-+++ b/src/auth.c
-@@ -33,10 +33,8 @@ static struct addrlist *find_addrlist(st
- if (is_same_net(addr, list->addr.addr.addr4, netmask))
- return list;
- }
--#ifdef HAVE_IPV6
- else if (is_same_net6(&(addr_u->addr.addr6), &list->addr.addr.addr6, list->prefixlen))
- return list;
--#endif
-
- } while ((list = list->next));
-
-@@ -189,7 +187,6 @@ size_t answer_auth(struct dns_header *he
- while (intr->next && strcmp(intr->intr, intr->next->intr) == 0)
- intr = intr->next;
- }
--#ifdef HAVE_IPV6
- else if (flag == F_IPV6)
- for (intr = daemon->int_names; intr; intr = intr->next)
- {
-@@ -205,7 +202,6 @@ size_t answer_auth(struct dns_header *he
- while (intr->next && strcmp(intr->intr, intr->next->intr) == 0)
- intr = intr->next;
- }
--#endif
-
- if (intr)
- {
-@@ -378,10 +374,8 @@ size_t answer_auth(struct dns_header *he
- if (qtype == T_A)
- flag = F_IPV4;
-
--#ifdef HAVE_IPV6
- if (qtype == T_AAAA)
- flag = F_IPV6;
--#endif
-
- for (intr = daemon->int_names; intr; intr = intr->next)
- if ((rc = hostname_issubdomain(name, intr->name)))
-@@ -395,10 +389,9 @@ size_t answer_auth(struct dns_header *he
- if (((addrlist->flags & ADDRLIST_IPV6) ? T_AAAA : T_A) == qtype &&
- (local_query || filter_zone(zone, flag, &addrlist->addr)))
- {
--#ifdef HAVE_IPV6
- if (addrlist->flags & ADDRLIST_REVONLY)
- continue;
--#endif
-+
- found = 1;
- log_query(F_FORWARD | F_CONFIG | flag, name, &addrlist->addr, NULL);
- if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
-@@ -424,13 +417,11 @@ size_t answer_auth(struct dns_header *he
-
- if (peer_addr->sa.sa_family == AF_INET)
- peer_addr->in.sin_port = 0;
--#ifdef HAVE_IPV6
- else
- {
- peer_addr->in6.sin6_port = 0;
- peer_addr->in6.sin6_scope_id = 0;
- }
--#endif
-
- for (peers = daemon->auth_peers; peers; peers = peers->next)
- if (sockaddr_isequal(peer_addr, &peers->addr))
-@@ -442,10 +433,8 @@ size_t answer_auth(struct dns_header *he
- {
- if (peer_addr->sa.sa_family == AF_INET)
- inet_ntop(AF_INET, &peer_addr->in.sin_addr, daemon->addrbuff, ADDRSTRLEN);
--#ifdef HAVE_IPV6
- else
- inet_ntop(AF_INET6, &peer_addr->in6.sin6_addr, daemon->addrbuff, ADDRSTRLEN);
--#endif
-
- my_syslog(LOG_WARNING, _("ignoring zone transfer request from %s"), daemon->addrbuff);
- return 0;
-@@ -603,7 +592,6 @@ size_t answer_auth(struct dns_header *he
- p += sprintf(p, "%u.in-addr.arpa", a & 0xff);
-
- }
--#ifdef HAVE_IPV6
- else
- {
- char *p = name;
-@@ -617,7 +605,6 @@ size_t answer_auth(struct dns_header *he
- p += sprintf(p, "ip6.arpa");
-
- }
--#endif
- }
-
- /* handle NS and SOA in auth section or for explicit queries */
-@@ -754,14 +741,12 @@ size_t answer_auth(struct dns_header *he
- daemon->auth_ttl, NULL, T_A, C_IN, "4", cut ? intr->name : NULL, &addrlist->addr))
- anscount++;
-
--#ifdef HAVE_IPV6
- for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
- if ((addrlist->flags & ADDRLIST_IPV6) &&
- (local_query || filter_zone(zone, F_IPV6, &addrlist->addr)) &&
- add_resource_record(header, limit, &trunc, -axfroffset, &ansp,
- daemon->auth_ttl, NULL, T_AAAA, C_IN, "6", cut ? intr->name : NULL, &addrlist->addr))
- anscount++;
--#endif
-
- /* restore config data */
- if (cut)
-@@ -798,18 +783,11 @@ size_t answer_auth(struct dns_header *he
- {
- char *cache_name = cache_get_name(crecp);
- if (!strchr(cache_name, '.') &&
-- (local_query || filter_zone(zone, (crecp->flags & (F_IPV6 | F_IPV4)), &(crecp->addr.addr))))
-- {
-- qtype = T_A;
--#ifdef HAVE_IPV6
-- if (crecp->flags & F_IPV6)
-- qtype = T_AAAA;
--#endif
-- if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp,
-- daemon->auth_ttl, NULL, qtype, C_IN,
-- (crecp->flags & F_IPV4) ? "4" : "6", cache_name, &crecp->addr))
-- anscount++;
-- }
-+ (local_query || filter_zone(zone, (crecp->flags & (F_IPV6 | F_IPV4)), &(crecp->addr.addr))) &&
-+ add_resource_record(header, limit, &trunc, -axfroffset, &ansp,
-+ daemon->auth_ttl, NULL, (crecp->flags & F_IPV6) ? T_AAAA : T_A, C_IN,
-+ (crecp->flags & F_IPV4) ? "4" : "6", cache_name, &crecp->addr))
-+ anscount++;
- }
-
- if ((crecp->flags & F_HOSTS) || (((crecp->flags & F_DHCP) && option_bool(OPT_DHCP_FQDN))))
-@@ -818,18 +796,13 @@ size_t answer_auth(struct dns_header *he
- if (in_zone(zone, name, &cut) &&
- (local_query || filter_zone(zone, (crecp->flags & (F_IPV6 | F_IPV4)), &(crecp->addr.addr))))
- {
-- qtype = T_A;
--#ifdef HAVE_IPV6
-- if (crecp->flags & F_IPV6)
-- qtype = T_AAAA;
--#endif
-- if (cut)
-- *cut = 0;
--
-- if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp,
-- daemon->auth_ttl, NULL, qtype, C_IN,
-- (crecp->flags & F_IPV4) ? "4" : "6", cut ? name : NULL, &crecp->addr))
-- anscount++;
-+ if (cut)
-+ *cut = 0;
-+
-+ if (add_resource_record(header, limit, &trunc, -axfroffset, &ansp,
-+ daemon->auth_ttl, NULL, (crecp->flags & F_IPV6) ? T_AAAA : T_A, C_IN,
-+ (crecp->flags & F_IPV4) ? "4" : "6", cut ? name : NULL, &crecp->addr))
-+ anscount++;
- }
- }
- }
---- a/src/bpf.c
-+++ b/src/bpf.c
-@@ -31,9 +31,7 @@
- # include <net/if_var.h>
- #endif
- #include <netinet/in_var.h>
--#ifdef HAVE_IPV6
--# include <netinet6/in6_var.h>
--#endif
-+#include <netinet6/in6_var.h>
-
- #ifndef SA_SIZE
- #define SA_SIZE(sa) \
-@@ -121,7 +119,7 @@ int iface_enumerate(int family, void *pa
- if (getifaddrs(&head) == -1)
- return 0;
-
--#if defined(HAVE_BSD_NETWORK) && defined(HAVE_IPV6)
-+#if defined(HAVE_BSD_NETWORK)
- if (family == AF_INET6)
- fd = socket(PF_INET6, SOCK_DGRAM, 0);
- #endif
-@@ -152,7 +150,6 @@ int iface_enumerate(int family, void *pa
- if (!((*callback)(addr, iface_index, NULL, netmask, broadcast, parm)))
- goto err;
- }
--#ifdef HAVE_IPV6
- else if (family == AF_INET6)
- {
- struct in6_addr *addr = &((struct sockaddr_in6 *) addrs->ifa_addr)->sin6_addr;
-@@ -219,7 +216,6 @@ int iface_enumerate(int family, void *pa
- (int) preferred, (int)valid, parm)))
- goto err;
- }
--#endif /* HAVE_IPV6 */
-
- #ifdef HAVE_DHCP6
- else if (family == AF_LINK)
-@@ -427,10 +423,8 @@ void route_sock(void)
- del_family = sa->sa_family;
- if (del_family == AF_INET)
- del_addr.addr.addr4 = ((struct sockaddr_in *)sa)->sin_addr;
--#ifdef HAVE_IPV6
- else if (del_family == AF_INET6)
- del_addr.addr.addr6 = ((struct sockaddr_in6 *)sa)->sin6_addr;
--#endif
- else
- del_family = 0;
- }
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -410,11 +410,8 @@ static struct crec *cache_scan_free(char
- else
- {
- int i;
--#ifdef HAVE_IPV6
- int addrlen = (flags & F_IPV6) ? IN6ADDRSZ : INADDRSZ;
--#else
-- int addrlen = INADDRSZ;
--#endif
-+
- for (i = 0; i < hash_size; i++)
- for (crecp = hash_table[i], up = &hash_table[i];
- crecp && ((crecp->flags & F_REVERSE) || !(crecp->flags & F_IMMORTAL));
-@@ -512,11 +509,9 @@ static struct crec *really_insert(char *
- if ((flags & F_IPV4) && (new->flags & F_IPV4) &&
- new->addr.addr.addr.addr4.s_addr == addr->addr.addr4.s_addr)
- return new;
--#ifdef HAVE_IPV6
- else if ((flags & F_IPV6) && (new->flags & F_IPV6) &&
- IN6_ARE_ADDR_EQUAL(&new->addr.addr.addr.addr6, &addr->addr.addr6))
- return new;
--#endif
- }
-
- insert_error = 1;
-@@ -938,11 +933,7 @@ struct crec *cache_find_by_addr(struct c
- time_t now, unsigned int prot)
- {
- struct crec *ans;
--#ifdef HAVE_IPV6
- int addrlen = (prot == F_IPV6) ? IN6ADDRSZ : INADDRSZ;
--#else
-- int addrlen = INADDRSZ;
--#endif
-
- if (crecp) /* iterating */
- ans = crecp->next;
-@@ -1171,14 +1162,12 @@ int read_hostsfile(char *filename, unsig
- addrlen = INADDRSZ;
- domain_suffix = get_domain(addr.addr.addr4);
- }
--#ifdef HAVE_IPV6
- else if (inet_pton(AF_INET6, token, &addr) > 0)
- {
- flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV6;
- addrlen = IN6ADDRSZ;
- domain_suffix = get_domain6(&addr.addr.addr6);
- }
--#endif
- else
- {
- my_syslog(LOG_ERR, _("bad address at %s line %d"), filename, lineno);
-@@ -1343,7 +1332,7 @@ void cache_reload(void)
- cache->flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV4 | F_NAMEP | F_CONFIG;
- add_hosts_entry(cache, (struct all_addr *)&hr->addr, INADDRSZ, SRC_CONFIG, (struct crec **)daemon->packet, revhashsz);
- }
--#ifdef HAVE_IPV6
-+
- if (!IN6_IS_ADDR_UNSPECIFIED(&hr->addr6) &&
- (cache = whine_malloc(SIZEOF_POINTER_CREC)))
- {
-@@ -1352,7 +1341,6 @@ void cache_reload(void)
- cache->flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV6 | F_NAMEP | F_CONFIG;
- add_hosts_entry(cache, (struct all_addr *)&hr->addr6, IN6ADDRSZ, SRC_CONFIG, (struct crec **)daemon->packet, revhashsz);
- }
--#endif
- }
-
- if (option_bool(OPT_NO_HOSTS) && !daemon->addn_hosts)
-@@ -1451,13 +1439,11 @@ void cache_add_dhcp_entry(char *host_nam
- int in_hosts = 0;
- size_t addrlen = sizeof(struct in_addr);
-
--#ifdef HAVE_IPV6
- if (prot == AF_INET6)
- {
- flags = F_IPV6;
- addrlen = sizeof(struct in6_addr);
- }
--#endif
-
- inet_ntop(prot, host_address, daemon->addrbuff, ADDRSTRLEN);
-
-@@ -1810,10 +1796,8 @@ void dump_cache(time_t now)
- a = daemon->addrbuff;
- if (cache->flags & F_IPV4)
- inet_ntop(AF_INET, &cache->addr.addr, a, ADDRSTRLEN);
--#ifdef HAVE_IPV6
- else if (cache->flags & F_IPV6)
- inet_ntop(AF_INET6, &cache->addr.addr, a, ADDRSTRLEN);
--#endif
- }
-
- if (cache->flags & F_IPV4)
-@@ -1954,14 +1938,9 @@ void log_query(unsigned int flags, char
- sprintf(daemon->addrbuff, "%u", rcode);
- }
- else
-- {
--#ifdef HAVE_IPV6
-- inet_ntop(flags & F_IPV4 ? AF_INET : AF_INET6,
-- addr, daemon->addrbuff, ADDRSTRLEN);
--#else
-- strncpy(daemon->addrbuff, inet_ntoa(addr->addr.addr4), ADDRSTRLEN);
--#endif
-- }
-+ inet_ntop(flags & F_IPV4 ? AF_INET : AF_INET6,
-+ addr, daemon->addrbuff, ADDRSTRLEN);
-+
- }
- else
- dest = arg;
---- a/src/config.h
-+++ b/src/config.h
-@@ -131,7 +131,6 @@ HAVE_INOTIFY
-
- NO_ID
- Don't report *.bind CHAOS info to clients, forward such requests upstream instead.
--NO_IPV6
- NO_TFTP
- NO_DHCP
- NO_DHCP6
-@@ -141,8 +140,8 @@ NO_AUTH
- NO_DUMPFILE
- NO_INOTIFY
- these are available to explicitly disable compile time options which would
-- otherwise be enabled automatically (HAVE_IPV6, >2Gb file sizes) or
-- which are enabled by default in the distributed source tree. Building dnsmasq
-+ otherwise be enabled automatically or which are enabled by default
-+ in the distributed source tree. Building dnsmasq
- with something like "make COPTS=-DNO_SCRIPT" will do the trick.
- NO_GMP
- Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp.
-@@ -308,29 +307,9 @@ HAVE_SOCKADDR_SA_LEN
-
- #endif
-
--/* Decide if we're going to support IPv6 */
--/* We assume that systems which don't have IPv6
-- headers don't have ntop and pton either */
--
--#if defined(INET6_ADDRSTRLEN) && defined(IPV6_V6ONLY)
--# define HAVE_IPV6
--# define ADDRSTRLEN INET6_ADDRSTRLEN
--#else
--# if !defined(INET_ADDRSTRLEN)
--# define INET_ADDRSTRLEN 16 /* 4*3 + 3 dots + NULL */
--# endif
--# undef HAVE_IPV6
--# define ADDRSTRLEN INET_ADDRSTRLEN
--#endif
--
--
- /* rules to implement compile-time option dependencies and
- the NO_XXX flags */
-
--#ifdef NO_IPV6
--#undef HAVE_IPV6
--#endif
--
- #ifdef NO_TFTP
- #undef HAVE_TFTP
- #endif
-@@ -340,7 +319,7 @@ HAVE_SOCKADDR_SA_LEN
- #undef HAVE_DHCP6
- #endif
-
--#if defined(NO_DHCP6) || !defined(HAVE_IPV6)
-+#if defined(NO_DHCP6)
- #undef HAVE_DHCP6
- #endif
-
-@@ -385,9 +364,6 @@ HAVE_SOCKADDR_SA_LEN
- #ifdef DNSMASQ_COMPILE_OPTS
-
- static char *compile_opts =
--#ifndef HAVE_IPV6
--"no-"
--#endif
- "IPv6 "
- #ifndef HAVE_GETOPT_LONG
- "no-"
---- a/src/conntrack.c
-+++ b/src/conntrack.c
-@@ -36,7 +36,6 @@ int get_incoming_mark(union mysockaddr *
- nfct_set_attr_u8(ct, ATTR_L4PROTO, istcp ? IPPROTO_TCP : IPPROTO_UDP);
- nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(daemon->port));
-
--#ifdef HAVE_IPV6
- if (peer_addr->sa.sa_family == AF_INET6)
- {
- nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET6);
-@@ -45,7 +44,6 @@ int get_incoming_mark(union mysockaddr *
- nfct_set_attr(ct, ATTR_IPV6_DST, local_addr->addr.addr6.s6_addr);
- }
- else
--#endif
- {
- nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
- nfct_set_attr_u32(ct, ATTR_IPV4_SRC, peer_addr->in.sin_addr.s_addr);
---- a/src/dbus.c
-+++ b/src/dbus.c
-@@ -185,9 +185,6 @@ static void dbus_read_servers(DBusMessag
- }
- }
-
--#ifndef HAVE_IPV6
-- my_syslog(LOG_WARNING, _("attempt to set an IPv6 server address via DBus - no IPv6 support"));
--#else
- if (i == sizeof(struct in6_addr))
- {
- memcpy(&addr.in6.sin6_addr, p, sizeof(struct in6_addr));
-@@ -202,7 +199,6 @@ static void dbus_read_servers(DBusMessag
- source_addr.in6.sin6_port = htons(daemon->query_port);
- skip = 0;
- }
--#endif
- }
- else
- /* At the end */
---- a/src/dnsmasq.c
-+++ b/src/dnsmasq.c
-@@ -1730,11 +1730,11 @@ static void check_dns_listeners(time_t n
- indextoname(listener->tcpfd, if_index, intr_name))
- {
- struct all_addr addr;
-- addr.addr.addr4 = tcp_addr.in.sin_addr;
--#ifdef HAVE_IPV6
-+
- if (tcp_addr.sa.sa_family == AF_INET6)
- addr.addr.addr6 = tcp_addr.in6.sin6_addr;
--#endif
-+ else
-+ addr.addr.addr4 = tcp_addr.in.sin_addr;
-
- for (iface = daemon->interfaces; iface; iface = iface->next)
- if (iface->index == if_index)
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -126,9 +126,7 @@ typedef unsigned long long u64;
- #include <net/if_arp.h>
- #include <netinet/in_systm.h>
- #include <netinet/ip.h>
--#ifdef HAVE_IPV6
- #include <netinet/ip6.h>
--#endif
- #include <netinet/ip_icmp.h>
- #include <sys/uio.h>
- #include <syslog.h>
-@@ -159,6 +157,8 @@ extern int capget(cap_user_header_t head
- /* daemon is function in the C library.... */
- #define daemon dnsmasq_daemon
-
-+#define ADDRSTRLEN INET6_ADDRSTRLEN
-+
- /* Async event queue */
- struct event_desc {
- int event, data, msg_sz;
-@@ -273,9 +273,7 @@ struct event_desc {
- struct all_addr {
- union {
- struct in_addr addr4;
--#ifdef HAVE_IPV6
- struct in6_addr addr6;
--#endif
- /* for log_query */
- struct {
- unsigned short keytag, algo, digest;
-@@ -383,9 +381,7 @@ struct host_record {
- struct name_list *next;
- } *names;
- struct in_addr addr;
--#ifdef HAVE_IPV6
- struct in6_addr addr6;
--#endif
- struct host_record *next;
- };
-
-@@ -496,9 +492,7 @@ struct crec {
- union mysockaddr {
- struct sockaddr sa;
- struct sockaddr_in in;
--#if defined(HAVE_IPV6)
- struct sockaddr_in6 in6;
--#endif
- };
-
- /* bits in flag param to IPv6 callbacks from iface_enumerate() */
-@@ -660,9 +654,7 @@ struct frec {
- struct all_addr dest;
- struct server *sentto; /* NULL means free */
- struct randfd *rfd4;
--#ifdef HAVE_IPV6
- struct randfd *rfd6;
--#endif
- unsigned int iface;
- unsigned short orig_id, new_id;
- int log_id, fd, forwardall, flags;
-@@ -877,9 +869,7 @@ struct dhcp_bridge {
- struct cond_domain {
- char *domain, *prefix;
- struct in_addr start, end;
--#ifdef HAVE_IPV6
- struct in6_addr start6, end6;
--#endif
- int is6, indexed;
- struct cond_domain *next;
- };
-@@ -1184,9 +1174,7 @@ void blockdata_free(struct blockdata *bl
-
- /* domain.c */
- char *get_domain(struct in_addr addr);
--#ifdef HAVE_IPV6
- char *get_domain6(struct in6_addr *addr);
--#endif
- int is_name_synthetic(int flags, char *name, struct all_addr *addr);
- int is_rev_synth(int flag, struct all_addr *addr, char *name);
-
-@@ -1270,11 +1258,9 @@ int hostname_issubdomain(char *a, char *
- time_t dnsmasq_time(void);
- int netmask_length(struct in_addr mask);
- int is_same_net(struct in_addr a, struct in_addr b, struct in_addr mask);
--#ifdef HAVE_IPV6
- int is_same_net6(struct in6_addr *a, struct in6_addr *b, int prefixlen);
- u64 addr6part(struct in6_addr *addr);
- void setaddr6part(struct in6_addr *addr, u64 host);
--#endif
- int retry_send(ssize_t rc);
- void prettyprint_time(char *buf, unsigned int t);
- int prettyprint_addr(union mysockaddr *addr, char *buf);
-@@ -1353,9 +1339,7 @@ int loopback_exception(int fd, int famil
- int label_exception(int index, int family, struct all_addr *addr);
- int fix_fd(int fd);
- int tcp_interface(int fd, int af);
--#ifdef HAVE_IPV6
- int set_ipv6pktinfo(int fd);
--#endif
- #ifdef HAVE_DHCP6
- void join_multicast(int dienow);
- #endif
---- a/src/domain.c
-+++ b/src/domain.c
-@@ -18,21 +18,14 @@
-
-
- static struct cond_domain *search_domain(struct in_addr addr, struct cond_domain *c);
--#ifdef HAVE_IPV6
- static struct cond_domain *search_domain6(struct in6_addr *addr, struct cond_domain *c);
--#endif
-
-
- int is_name_synthetic(int flags, char *name, struct all_addr *addr)
- {
- char *p;
- struct cond_domain *c = NULL;
-- int prot = AF_INET;
--
--#ifdef HAVE_IPV6
-- if (flags & F_IPV6)
-- prot = AF_INET6;
--#endif
-+ int prot = (flags & F_IPV6) ? AF_INET6 : AF_INET;
-
- for (c = daemon->synth_domains; c; c = c->next)
- {
-@@ -83,8 +76,7 @@ int is_name_synthetic(int flags, char *n
- addr->addr.addr4.s_addr = htonl(ntohl(c->start.s_addr) + index);
- found = 1;
- }
-- }
--#ifdef HAVE_IPV6
-+ }
- else
- {
- u64 index = atoll(tail);
-@@ -98,7 +90,6 @@ int is_name_synthetic(int flags, char *n
- found = 1;
- }
- }
--#endif
- }
- }
- else
-@@ -111,10 +102,8 @@ int is_name_synthetic(int flags, char *n
- if ((c >='0' && c <= '9') || c == '-')
- continue;
-
--#ifdef HAVE_IPV6
- if (prot == AF_INET6 && ((c >='A' && c <= 'F') || (c >='a' && c <= 'f')))
- continue;
--#endif
-
- break;
- }
-@@ -124,7 +113,6 @@ int is_name_synthetic(int flags, char *n
-
- *p = 0;
-
--#ifdef HAVE_IPV6
- if (prot == AF_INET6 && strstr(tail, "--ffff-") == tail)
- {
- /* special hack for v4-mapped. */
-@@ -134,7 +122,6 @@ int is_name_synthetic(int flags, char *n
- *p = '.';
- }
- else
--#endif
- {
- /* swap . or : for - */
- for (p = tail; *p; p++)
-@@ -142,10 +129,8 @@ int is_name_synthetic(int flags, char *n
- {
- if (prot == AF_INET)
- *p = '.';
--#ifdef HAVE_IPV6
- else
- *p = ':';
--#endif
- }
- }
-
-@@ -158,7 +143,6 @@ int is_name_synthetic(int flags, char *n
- ntohl(addr->addr.addr4.s_addr) <= ntohl(c->end.s_addr))
- found = 1;
- }
--#ifdef HAVE_IPV6
- else
- {
- u64 addrpart = addr6part(&addr->addr.addr6);
-@@ -169,7 +153,6 @@ int is_name_synthetic(int flags, char *n
- addrpart <= addr6part(&c->end6))
- found = 1;
- }
--#endif
- }
-
- }
-@@ -221,8 +204,7 @@ int is_rev_synth(int flag, struct all_ad
- return 1;
- }
-
--#ifdef HAVE_IPV6
-- if (flag & F_IPV6 && (c = search_domain6(&addr->addr.addr6, daemon->synth_domains)))
-+ if ((flag & F_IPV6) && (c = search_domain6(&addr->addr.addr6, daemon->synth_domains)))
- {
- char *p;
-
-@@ -259,7 +241,6 @@ int is_rev_synth(int flag, struct all_ad
-
- return 1;
- }
--#endif
-
- return 0;
- }
-@@ -286,7 +267,7 @@ char *get_domain(struct in_addr addr)
- return daemon->domain_suffix;
- }
-
--#ifdef HAVE_IPV6
-+
- static struct cond_domain *search_domain6(struct in6_addr *addr, struct cond_domain *c)
- {
- u64 addrpart = addr6part(addr);
-@@ -310,4 +291,3 @@ char *get_domain6(struct in6_addr *addr)
-
- return daemon->domain_suffix;
- }
--#endif
---- a/src/dump.c
-+++ b/src/dump.c
-@@ -82,10 +82,8 @@ void dump_init(void)
- void dump_packet(int mask, void *packet, size_t len, union mysockaddr *src, union mysockaddr *dst)
- {
- struct ip ip;
--#ifdef HAVE_IPV6
- struct ip6_hdr ip6;
- int family;
--#endif
- struct udphdr {
- u16 uh_sport; /* source port */
- u16 uh_dport; /* destination port */
-@@ -105,7 +103,6 @@ void dump_packet(int mask, void *packet,
- /* So wireshark can Id the packet. */
- udp.uh_sport = udp.uh_dport = htons(NAMESERVER_PORT);
-
--#ifdef HAVE_IPV6
- if (src)
- family = src->sa.sa_family;
- else
-@@ -139,7 +136,6 @@ void dump_packet(int mask, void *packet,
- sum += ((u16 *)&ip6.ip6_src)[i];
- }
- else
--#endif
- {
- iphdr = &ip;
- ipsz = sizeof(ip);
---- a/src/edns0.c
-+++ b/src/edns0.c
-@@ -301,20 +301,14 @@ static size_t add_mac(struct dns_header
-
- struct subnet_opt {
- u16 family;
-- u8 source_netmask, scope_netmask;
--#ifdef HAVE_IPV6
-+ u8 source_netmask, scope_netmask;
- u8 addr[IN6ADDRSZ];
--#else
-- u8 addr[INADDRSZ];
--#endif
- };
-
- static void *get_addrp(union mysockaddr *addr, const short family)
- {
--#ifdef HAVE_IPV6
- if (family == AF_INET6)
- return &addr->in6.sin6_addr;
--#endif
-
- return &addr->in.sin_addr;
- }
-@@ -330,7 +324,6 @@ static size_t calc_subnet_opt(struct sub
- opt->source_netmask = 0;
- opt->scope_netmask = 0;
-
--#ifdef HAVE_IPV6
- if (source->sa.sa_family == AF_INET6 && daemon->add_subnet6)
- {
- opt->source_netmask = daemon->add_subnet6->mask;
-@@ -342,7 +335,6 @@ static size_t calc_subnet_opt(struct sub
- else
- addrp = &source->in6.sin6_addr;
- }
--#endif
-
- if (source->sa.sa_family == AF_INET && daemon->add_subnet4)
- {
-@@ -356,11 +348,7 @@ static size_t calc_subnet_opt(struct sub
- addrp = &source->in.sin_addr;
- }
-
--#ifdef HAVE_IPV6
- opt->family = htons(sa_family == AF_INET6 ? 2 : 1);
--#else
-- opt->family = htons(1);
--#endif
-
- len = 0;
-
---- a/src/forward.c
-+++ b/src/forward.c
-@@ -38,9 +38,7 @@ int send_from(int fd, int nowild, char *
- #elif defined(IP_SENDSRCADDR)
- char control[CMSG_SPACE(sizeof(struct in_addr))];
- #endif
--#ifdef HAVE_IPV6
- char control6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
--#endif
- } control_u;
-
- iov[0].iov_base = packet;
-@@ -79,7 +77,6 @@ int send_from(int fd, int nowild, char *
- #endif
- }
- else
--#ifdef HAVE_IPV6
- {
- struct in6_pktinfo p;
- p.ipi6_ifindex = iface; /* Need iface for IPv6 to handle link-local addrs */
-@@ -89,9 +86,6 @@ int send_from(int fd, int nowild, char *
- cmptr->cmsg_type = daemon->v6pktinfo;
- cmptr->cmsg_level = IPPROTO_IPV6;
- }
--#else
-- (void)iface; /* eliminate warning */
--#endif
- }
-
- while (retry_send(sendmsg(fd, &msg, 0)));
-@@ -144,10 +138,8 @@ static unsigned int search_servers(time_
- flags = sflag;
- if (serv->addr.sa.sa_family == AF_INET)
- *addrpp = (struct all_addr *)&serv->addr.in.sin_addr;
--#ifdef HAVE_IPV6
- else
- *addrpp = (struct all_addr *)&serv->addr.in6.sin6_addr;
--#endif
- }
- else if (!flags || (flags & F_NXDOMAIN))
- flags = F_NOERR;
-@@ -204,10 +196,8 @@ static unsigned int search_servers(time_
- flags = sflag;
- if (serv->addr.sa.sa_family == AF_INET)
- *addrpp = (struct all_addr *)&serv->addr.in.sin_addr;
--#ifdef HAVE_IPV6
- else
- *addrpp = (struct all_addr *)&serv->addr.in6.sin6_addr;
--#endif
- }
- else if (!flags || (flags & F_NXDOMAIN))
- flags = F_NOERR;
-@@ -236,10 +226,8 @@ static unsigned int search_servers(time_
- /* handle F_IPV4 and F_IPV6 set on ANY query to 0.0.0.0/:: domain. */
- if (flags & F_IPV4)
- log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV6, qdomain, *addrpp, NULL);
--#ifdef HAVE_IPV6
- if (flags & F_IPV6)
- log_query((flags | F_CONFIG | F_FORWARD) & ~F_IPV4, qdomain, *addrpp, NULL);
--#endif
- }
- }
- else if ((*type) & SERV_USE_RESOLV)
-@@ -302,20 +290,17 @@ static int forward_query(int udpfd, unio
-
- if (forward->sentto->addr.sa.sa_family == AF_INET)
- log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, "retry", (struct all_addr *)&forward->sentto->addr.in.sin_addr, "dnssec");
--#ifdef HAVE_IPV6
- else
- log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, "retry", (struct all_addr *)&forward->sentto->addr.in6.sin6_addr, "dnssec");
--#endif
-+
-
- if (forward->sentto->sfd)
- fd = forward->sentto->sfd->fd;
- else
- {
--#ifdef HAVE_IPV6
- if (forward->sentto->addr.sa.sa_family == AF_INET6)
- fd = forward->rfd6->fd;
- else
--#endif
- fd = forward->rfd4->fd;
- }
-
-@@ -475,7 +460,6 @@ static int forward_query(int udpfd, unio
- fd = start->sfd->fd;
- else
- {
--#ifdef HAVE_IPV6
- if (start->addr.sa.sa_family == AF_INET6)
- {
- if (!forward->rfd6 &&
-@@ -485,7 +469,6 @@ static int forward_query(int udpfd, unio
- fd = forward->rfd6->fd;
- }
- else
--#endif
- {
- if (!forward->rfd4 &&
- !(forward->rfd4 = allocate_rfd(AF_INET)))
-@@ -541,11 +524,9 @@ static int forward_query(int udpfd, unio
- if (start->addr.sa.sa_family == AF_INET)
- log_query(F_SERVER | F_IPV4 | F_FORWARD, daemon->namebuff,
- (struct all_addr *)&start->addr.in.sin_addr, NULL);
--#ifdef HAVE_IPV6
- else
- log_query(F_SERVER | F_IPV6 | F_FORWARD, daemon->namebuff,
- (struct all_addr *)&start->addr.in6.sin6_addr, NULL);
--#endif
- start->queries++;
- forwarded = 1;
- forward->sentto = start;
-@@ -788,11 +769,8 @@ void reply_query(int fd, int family, tim
- daemon->srv_save = NULL;
-
- /* Determine the address of the server replying so that we can mark that as good */
-- serveraddr.sa.sa_family = family;
--#ifdef HAVE_IPV6
-- if (serveraddr.sa.sa_family == AF_INET6)
-+ if ((serveraddr.sa.sa_family = family) == AF_INET6)
- serveraddr.in6.sin6_flowinfo = 0;
--#endif
-
- header = (struct dns_header *)daemon->packet;
-
-@@ -878,7 +856,6 @@ void reply_query(int fd, int family, tim
- fd = start->sfd->fd;
- else
- {
--#ifdef HAVE_IPV6
- if (start->addr.sa.sa_family == AF_INET6)
- {
- /* may have changed family */
-@@ -887,7 +864,6 @@ void reply_query(int fd, int family, tim
- fd = forward->rfd6->fd;
- }
- else
--#endif
- {
- /* may have changed family */
- if (!forward->rfd4)
-@@ -902,10 +878,8 @@ void reply_query(int fd, int family, tim
-
- if (start->addr.sa.sa_family == AF_INET)
- log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, "retry", (struct all_addr *)&start->addr.in.sin_addr, "dnssec");
--#ifdef HAVE_IPV6
- else
- log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, "retry", (struct all_addr *)&start->addr.in6.sin6_addr, "dnssec");
--#endif
-
- return;
- }
-@@ -1099,9 +1073,7 @@ void reply_query(int fd, int family, tim
-
- new->sentto = server;
- new->rfd4 = NULL;
--#ifdef HAVE_IPV6
- new->rfd6 = NULL;
--#endif
- new->flags &= ~(FREC_DNSKEY_QUERY | FREC_DS_QUERY | FREC_HAS_EXTRADATA);
- new->forwardall = 0;
-
-@@ -1125,11 +1097,9 @@ void reply_query(int fd, int family, tim
- if (server->addr.sa.sa_family == AF_INET)
- log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, daemon->keyname, (struct all_addr *)&(server->addr.in.sin_addr),
- querystr("dnssec-query", querytype));
--#ifdef HAVE_IPV6
- else
- log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, daemon->keyname, (struct all_addr *)&(server->addr.in6.sin6_addr),
- querystr("dnssec-query", querytype));
--#endif
-
- if ((hash = hash_questions(header, nn, daemon->namebuff)))
- memcpy(new->hash, hash, HASH_SIZE);
-@@ -1147,14 +1117,12 @@ void reply_query(int fd, int family, tim
- else
- {
- fd = -1;
--#ifdef HAVE_IPV6
- if (server->addr.sa.sa_family == AF_INET6)
- {
- if (new->rfd6 || (new->rfd6 = allocate_rfd(AF_INET6)))
- fd = new->rfd6->fd;
- }
- else
--#endif
- {
- if (new->rfd4 || (new->rfd4 = allocate_rfd(AF_INET)))
- fd = new->rfd4->fd;
-@@ -1290,9 +1258,7 @@ void receive_query(struct listener *list
- struct cmsghdr *cmptr;
- union {
- struct cmsghdr align; /* this ensures alignment */
--#ifdef HAVE_IPV6
- char control6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
--#endif
- #if defined(HAVE_LINUX_NETWORK)
- char control[CMSG_SPACE(sizeof(struct in_pktinfo))];
- #elif defined(IP_RECVDSTADDR) && defined(HAVE_SOLARIS_NETWORK)
-@@ -1303,12 +1269,8 @@ void receive_query(struct listener *list
- CMSG_SPACE(sizeof(struct sockaddr_dl))];
- #endif
- } control_u;
--#ifdef HAVE_IPV6
- /* Can always get recvd interface for IPv6 */
- int check_dst = !option_bool(OPT_NOWILD) || listen->family == AF_INET6;
--#else
-- int check_dst = !option_bool(OPT_NOWILD);
--#endif
-
- /* packet buffer overwritten */
- daemon->srv_save = NULL;
-@@ -1359,7 +1321,6 @@ void receive_query(struct listener *list
- if (source_addr.in.sin_port == 0)
- return;
- }
--#ifdef HAVE_IPV6
- else
- {
- /* Source-port == 0 is an error, we can't send back to that. */
-@@ -1367,13 +1328,12 @@ void receive_query(struct listener *list
- return;
- source_addr.in6.sin6_flowinfo = 0;
- }
--#endif
-
- /* We can be configured to only accept queries from at-most-one-hop-away addresses. */
- if (option_bool(OPT_LOCAL_SERVICE))
- {
- struct addrlist *addr;
--#ifdef HAVE_IPV6
-+
- if (listen->family == AF_INET6)
- {
- for (addr = daemon->interface_addrs; addr; addr = addr->next)
-@@ -1382,7 +1342,6 @@ void receive_query(struct listener *list
- break;
- }
- else
--#endif
- {
- struct in_addr netmask;
- for (addr = daemon->interface_addrs; addr; addr = addr->next)
-@@ -1451,7 +1410,6 @@ void receive_query(struct listener *list
- }
- #endif
-
--#ifdef HAVE_IPV6
- if (listen->family == AF_INET6)
- {
- for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
-@@ -1467,7 +1425,6 @@ void receive_query(struct listener *list
- if_index = p.p->ipi6_ifindex;
- }
- }
--#endif
-
- /* enforce available interface configuration */
-
-@@ -1531,11 +1488,9 @@ void receive_query(struct listener *list
- if (listen->family == AF_INET)
- log_query(F_QUERY | F_IPV4 | F_FORWARD, daemon->namebuff,
- (struct all_addr *)&source_addr.in.sin_addr, types);
--#ifdef HAVE_IPV6
- else
- log_query(F_QUERY | F_IPV6 | F_FORWARD, daemon->namebuff,
- (struct all_addr *)&source_addr.in6.sin6_addr, types);
--#endif
-
- #ifdef HAVE_AUTH
- /* find queries for zones we're authoritative for, and answer them directly */
-@@ -1744,11 +1699,9 @@ static int tcp_key_recurse(time_t now, i
- if (server->addr.sa.sa_family == AF_INET)
- log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, keyname, (struct all_addr *)&(server->addr.in.sin_addr),
- querystr("dnssec-query", new_status == STAT_NEED_KEY ? T_DNSKEY : T_DS));
--#ifdef HAVE_IPV6
- else
- log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, keyname, (struct all_addr *)&(server->addr.in6.sin6_addr),
- querystr("dnssec-query", new_status == STAT_NEED_KEY ? T_DNSKEY : T_DS));
--#endif
-
- server->flags |= SERV_GOT_TCP;
-
-@@ -1813,11 +1766,10 @@ unsigned char *tcp_request(int confd, ti
- if (option_bool(OPT_CONNTRACK))
- {
- struct all_addr local;
--#ifdef HAVE_IPV6
-+
- if (local_addr->sa.sa_family == AF_INET6)
- local.addr.addr6 = local_addr->in6.sin6_addr;
- else
--#endif
- local.addr.addr4 = local_addr->in.sin_addr;
-
- have_mark = get_incoming_mark(&peer_addr, &local, 1, &mark);
-@@ -1828,7 +1780,7 @@ unsigned char *tcp_request(int confd, ti
- if (option_bool(OPT_LOCAL_SERVICE))
- {
- struct addrlist *addr;
--#ifdef HAVE_IPV6
-+
- if (peer_addr.sa.sa_family == AF_INET6)
- {
- for (addr = daemon->interface_addrs; addr; addr = addr->next)
-@@ -1837,7 +1789,6 @@ unsigned char *tcp_request(int confd, ti
- break;
- }
- else
--#endif
- {
- struct in_addr netmask;
- for (addr = daemon->interface_addrs; addr; addr = addr->next)
-@@ -1892,11 +1843,9 @@ unsigned char *tcp_request(int confd, ti
- if (peer_addr.sa.sa_family == AF_INET)
- log_query(F_QUERY | F_IPV4 | F_FORWARD, daemon->namebuff,
- (struct all_addr *)&peer_addr.in.sin_addr, types);
--#ifdef HAVE_IPV6
- else
- log_query(F_QUERY | F_IPV6 | F_FORWARD, daemon->namebuff,
- (struct all_addr *)&peer_addr.in6.sin6_addr, types);
--#endif
-
- #ifdef HAVE_AUTH
- /* find queries for zones we're authoritative for, and answer them directly */
-@@ -2072,11 +2021,9 @@ unsigned char *tcp_request(int confd, ti
- if (last_server->addr.sa.sa_family == AF_INET)
- log_query(F_SERVER | F_IPV4 | F_FORWARD, daemon->namebuff,
- (struct all_addr *)&last_server->addr.in.sin_addr, NULL);
--#ifdef HAVE_IPV6
- else
- log_query(F_SERVER | F_IPV6 | F_FORWARD, daemon->namebuff,
- (struct all_addr *)&last_server->addr.in6.sin6_addr, NULL);
--#endif
-
- #ifdef HAVE_DNSSEC
- if (option_bool(OPT_DNSSEC_VALID) && !checking_disabled && (last_server->flags & SERV_DO_DNSSEC))
-@@ -2175,9 +2122,7 @@ static struct frec *allocate_frec(time_t
- f->sentto = NULL;
- f->rfd4 = NULL;
- f->flags = 0;
--#ifdef HAVE_IPV6
- f->rfd6 = NULL;
--#endif
- #ifdef HAVE_DNSSEC
- f->dependent = NULL;
- f->blocking_query = NULL;
-@@ -2237,11 +2182,8 @@ static void free_frec(struct frec *f)
- f->rfd4 = NULL;
- f->sentto = NULL;
- f->flags = 0;
--
--#ifdef HAVE_IPV6
- free_rfd(f->rfd6);
- f->rfd6 = NULL;
--#endif
-
- #ifdef HAVE_DNSSEC
- if (f->stash)
---- a/src/helper.c
-+++ b/src/helper.c
-@@ -64,9 +64,7 @@ struct script_data
- #ifdef HAVE_TFTP
- off_t file_len;
- #endif
--#ifdef HAVE_IPV6
- struct in6_addr addr6;
--#endif
- #ifdef HAVE_DHCP6
- int iaid, vendorclass_count;
- #endif
-@@ -302,10 +300,8 @@ int create_helper(int event_fd, int err_
-
- if (!is6)
- inet_ntop(AF_INET, &data.addr, daemon->addrbuff, ADDRSTRLEN);
--#ifdef HAVE_IPV6
- else
- inet_ntop(AF_INET6, &data.addr6, daemon->addrbuff, ADDRSTRLEN);
--#endif
-
- #ifdef HAVE_TFTP
- /* file length */
-@@ -826,10 +822,8 @@ void queue_tftp(off_t file_len, char *fi
-
- if ((buf->flags = peer->sa.sa_family) == AF_INET)
- buf->addr = peer->in.sin_addr;
--#ifdef HAVE_IPV6
- else
- buf->addr6 = peer->in6.sin6_addr;
--#endif
-
- memcpy((unsigned char *)(buf+1), filename, filename_len);
-
-@@ -851,10 +845,8 @@ void queue_arp(int action, unsigned char
- buf->hwaddr_type = ARPHRD_ETHER;
- if ((buf->flags = family) == AF_INET)
- buf->addr = addr->addr.addr4;
--#ifdef HAVE_IPV6
- else
- buf->addr6 = addr->addr.addr6;
--#endif
-
- memcpy(buf->hwaddr, mac, maclen);
-
---- a/src/ipset.c
-+++ b/src/ipset.c
-@@ -120,13 +120,8 @@ static int new_add_to_ipset(const char *
- struct my_nfgenmsg *nfg;
- struct my_nlattr *nested[2];
- uint8_t proto;
-- int addrsz = INADDRSZ;
-+ int addrsz = (af == AF_INET6) ? INADDRSZ : IN6ADDRSZ;
-
--#ifdef HAVE_IPV6
-- if (af == AF_INET6)
-- addrsz = IN6ADDRSZ;
--#endif
--
- if (strlen(setname) >= IPSET_MAXNAMELEN)
- {
- errno = ENAMETOOLONG;
-@@ -213,7 +208,6 @@ int add_to_ipset(const char *setname, co
- {
- int ret = 0, af = AF_INET;
-
--#ifdef HAVE_IPV6
- if (flags & F_IPV6)
- {
- af = AF_INET6;
-@@ -224,7 +218,6 @@ int add_to_ipset(const char *setname, co
- ret = -1;
- }
- }
--#endif
-
- if (ret != -1)
- ret = old_kernel ? old_add_to_ipset(setname, ipaddr, remove) : new_add_to_ipset(setname, ipaddr, af, remove);
---- a/src/netlink.c
-+++ b/src/netlink.c
-@@ -51,11 +51,10 @@ void netlink_init(void)
- addr.nl_groups = RTMGRP_IPV4_ROUTE;
- if (option_bool(OPT_CLEVERBIND))
- addr.nl_groups |= RTMGRP_IPV4_IFADDR;
--#ifdef HAVE_IPV6
- addr.nl_groups |= RTMGRP_IPV6_ROUTE;
- if (option_bool(OPT_CLEVERBIND))
- addr.nl_groups |= RTMGRP_IPV6_IFADDR;
--#endif
-+
- #ifdef HAVE_DHCP6
- if (daemon->doing_ra || daemon->doing_dhcp6)
- addr.nl_groups |= RTMGRP_IPV6_IFADDR;
-@@ -235,7 +234,6 @@ int iface_enumerate(int family, void *pa
- if (!((*callback)(addr, ifa->ifa_index, label, netmask, broadcast, parm)))
- callback_ok = 0;
- }
--#ifdef HAVE_IPV6
- else if (ifa->ifa_family == AF_INET6)
- {
- struct in6_addr *addrp = NULL;
-@@ -270,7 +268,6 @@ int iface_enumerate(int family, void *pa
- (int) preferred, (int)valid, parm)))
- callback_ok = 0;
- }
--#endif
- }
- }
- else if (h->nlmsg_type == RTM_NEWNEIGH && family == AF_UNSPEC)
---- a/src/network.c
-+++ b/src/network.c
-@@ -137,12 +137,10 @@ int iface_check(int family, struct all_a
- if (family == AF_INET &&
- tmp->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
- ret = match_addr = tmp->used = 1;
--#ifdef HAVE_IPV6
- else if (family == AF_INET6 &&
- IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr,
- &addr->addr.addr6))
- ret = match_addr = tmp->used = 1;
--#endif
- }
- }
-
-@@ -162,11 +160,9 @@ int iface_check(int family, struct all_a
- else if (addr && tmp->addr.sa.sa_family == AF_INET && family == AF_INET &&
- tmp->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
- break;
--#ifdef HAVE_IPV6
- else if (addr && tmp->addr.sa.sa_family == AF_INET6 && family == AF_INET6 &&
- IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr, &addr->addr.addr6))
- break;
--#endif
-
- if (tmp && auth)
- {
-@@ -200,11 +196,8 @@ int loopback_exception(int fd, int famil
- if (iface->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
- return 1;
- }
--#ifdef HAVE_IPV6
- else if (IN6_ARE_ADDR_EQUAL(&iface->addr.in6.sin6_addr, &addr->addr.addr6))
- return 1;
--#endif
--
- }
- }
- return 0;
-@@ -292,19 +285,15 @@ static int iface_allowed(struct iface_pa
- al->addr.addr.addr4 = addr->in.sin_addr;
- al->flags = 0;
- }
--#ifdef HAVE_IPV6
- else
- {
- al->addr.addr.addr6 = addr->in6.sin6_addr;
- al->flags = ADDRLIST_IPV6;
- }
--#endif
- }
- }
-
--#ifdef HAVE_IPV6
- if (addr->sa.sa_family != AF_INET6 || !IN6_IS_ADDR_LINKLOCAL(&addr->in6.sin6_addr))
--#endif
- {
- struct interface_name *int_name;
- struct addrlist *al;
-@@ -337,7 +326,6 @@ static int iface_allowed(struct iface_pa
- }
- }
-
--#ifdef HAVE_IPV6
- if (addr->sa.sa_family == AF_INET6 && (name->flags & AUTH6))
- {
- if (param->spare)
-@@ -357,8 +345,6 @@ static int iface_allowed(struct iface_pa
- al->flags = ADDRLIST_IPV6;
- }
- }
--#endif
--
- }
- #endif
-
-@@ -386,7 +372,6 @@ static int iface_allowed(struct iface_pa
- al->addr.addr.addr4 = addr->in.sin_addr;
- al->flags = 0;
- }
--#ifdef HAVE_IPV6
- else
- {
- al->addr.addr.addr6 = addr->in6.sin6_addr;
-@@ -396,7 +381,6 @@ static int iface_allowed(struct iface_pa
- if (!(iface_flags & IFACE_PERMANENT) || (iface_flags & (IFACE_DEPRECATED | IFACE_TENTATIVE)))
- al->flags |= ADDRLIST_REVONLY;
- }
--#endif
- }
- }
- }
-@@ -438,11 +422,9 @@ static int iface_allowed(struct iface_pa
- !iface_check(AF_INET, (struct all_addr *)&addr->in.sin_addr, label, &auth_dns))
- return 1;
-
--#ifdef HAVE_IPV6
- if (addr->sa.sa_family == AF_INET6 &&
- !iface_check(AF_INET6, (struct all_addr *)&addr->in6.sin6_addr, label, &auth_dns))
- return 1;
--#endif
-
- #ifdef HAVE_DHCP
- /* No DHCP where we're doing auth DNS. */
-@@ -501,7 +483,6 @@ static int iface_allowed(struct iface_pa
- return 0;
- }
-
--#ifdef HAVE_IPV6
- static int iface_allowed_v6(struct in6_addr *local, int prefix,
- int scope, int if_index, int flags,
- int preferred, int valid, void *vparam)
-@@ -529,7 +510,6 @@ static int iface_allowed_v6(struct in6_a
-
- return iface_allowed((struct iface_param *)vparam, if_index, NULL, &addr, netmask, prefix, flags);
- }
--#endif
-
- static int iface_allowed_v4(struct in_addr local, int if_index, char *label,
- struct in_addr netmask, struct in_addr broadcast, void *vparam)
-@@ -633,9 +613,7 @@ int enumerate_interfaces(int reset)
-
- param.spare = spare;
-
--#ifdef HAVE_IPV6
- ret = iface_enumerate(AF_INET6, ¶m, iface_allowed_v6);
--#endif
-
- if (ret)
- ret = iface_enumerate(AF_INET, ¶m, iface_allowed_v4);
-@@ -740,10 +718,8 @@ static int make_sock(union mysockaddr *a
- if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 || !fix_fd(fd))
- goto err;
-
--#ifdef HAVE_IPV6
- if (family == AF_INET6 && setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &opt, sizeof(opt)) == -1)
- goto err;
--#endif
-
- if ((rc = bind(fd, (struct sockaddr *)addr, sa_len(addr))) == -1)
- goto err;
-@@ -767,15 +743,12 @@ static int make_sock(union mysockaddr *a
- #endif
- }
- }
--#ifdef HAVE_IPV6
- else if (!set_ipv6pktinfo(fd))
- goto err;
--#endif
-
- return fd;
- }
-
--#ifdef HAVE_IPV6
- int set_ipv6pktinfo(int fd)
- {
- int opt = 1;
-@@ -802,7 +775,6 @@ int set_ipv6pktinfo(int fd)
-
- return 0;
- }
--#endif
-
-
- /* Find the interface on which a TCP connection arrived, if possible, or zero otherwise. */
-@@ -842,7 +814,6 @@ int tcp_interface(int fd, int af)
- }
- }
- }
--#ifdef HAVE_IPV6
- else
- {
- /* Only the RFC-2292 API has the ability to find the interface for TCP connections,
-@@ -874,7 +845,6 @@ int tcp_interface(int fd, int af)
- }
- }
- }
--#endif /* IPV6 */
- #endif /* Linux */
-
- return if_index;
-@@ -904,7 +874,6 @@ static struct listener *create_listeners
- tftpfd = make_sock(addr, SOCK_DGRAM, dienow);
- addr->in.sin_port = save;
- }
--# ifdef HAVE_IPV6
- else
- {
- short save = addr->in6.sin6_port;
-@@ -912,7 +881,6 @@ static struct listener *create_listeners
- tftpfd = make_sock(addr, SOCK_DGRAM, dienow);
- addr->in6.sin6_port = save;
- }
--# endif
- }
- #endif
-
-@@ -945,11 +913,10 @@ void create_wildcard_listeners(void)
-
- l = create_listeners(&addr, !!option_bool(OPT_TFTP), 1);
-
--#ifdef HAVE_IPV6
- memset(&addr, 0, sizeof(addr));
--# ifdef HAVE_SOCKADDR_SA_LEN
-+#ifdef HAVE_SOCKADDR_SA_LEN
- addr.in6.sin6_len = sizeof(addr.in6);
--# endif
-+#endif
- addr.in6.sin6_family = AF_INET6;
- addr.in6.sin6_addr = in6addr_any;
- addr.in6.sin6_port = htons(daemon->port);
-@@ -959,7 +926,6 @@ void create_wildcard_listeners(void)
- l->next = l6;
- else
- l = l6;
--#endif
-
- daemon->listeners = l;
- }
-@@ -1159,7 +1125,6 @@ int random_sock(int family)
- addr.in.sin_len = sizeof(struct sockaddr_in);
- #endif
- }
--#ifdef HAVE_IPV6
- else
- {
- addr.in6.sin6_addr = in6addr_any;
-@@ -1168,7 +1133,6 @@ int random_sock(int family)
- addr.in6.sin6_len = sizeof(struct sockaddr_in6);
- #endif
- }
--#endif
-
- if (bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == 0)
- return fd;
-@@ -1193,10 +1157,8 @@ int local_bind(int fd, union mysockaddr
- {
- if (addr_copy.sa.sa_family == AF_INET)
- addr_copy.in.sin_port = 0;
--#ifdef HAVE_IPV6
- else
- addr_copy.in6.sin6_port = 0;
--#endif
- }
-
- if (bind(fd, (struct sockaddr *)&addr_copy, sa_len(&addr_copy)) == -1)
-@@ -1211,7 +1173,7 @@ int local_bind(int fd, union mysockaddr
- return setsockopt(fd, IPPROTO_IP, IP_UNICAST_IF, &ifindex_opt, sizeof(ifindex_opt)) == 0;
- }
- #endif
--#if defined(HAVE_IPV6) && defined (IPV6_UNICAST_IF)
-+#if defined (IPV6_UNICAST_IF)
- if (addr_copy.sa.sa_family == AF_INET6)
- {
- uint32_t ifindex_opt = htonl(ifindex);
-@@ -1247,12 +1209,10 @@ static struct serverfd *allocate_sfd(uni
- addr->in.sin_port == htons(0))
- return NULL;
-
--#ifdef HAVE_IPV6
- if (addr->sa.sa_family == AF_INET6 &&
- memcmp(&addr->in6.sin6_addr, &in6addr_any, sizeof(in6addr_any)) == 0 &&
- addr->in6.sin6_port == htons(0))
- return NULL;
--#endif
- }
-
- if (intname && strlen(intname) != 0)
-@@ -1315,7 +1275,7 @@ void pre_allocate_sfds(void)
- #endif
- if ((sfd = allocate_sfd(&addr, "")))
- sfd->preallocated = 1;
--#ifdef HAVE_IPV6
-+
- memset(&addr, 0, sizeof(addr));
- addr.in6.sin6_family = AF_INET6;
- addr.in6.sin6_addr = in6addr_any;
-@@ -1325,7 +1285,6 @@ void pre_allocate_sfds(void)
- #endif
- if ((sfd = allocate_sfd(&addr, "")))
- sfd->preallocated = 1;
--#endif
- }
-
- for (srv = daemon->servers; srv; srv = srv->next)
-@@ -1658,7 +1617,6 @@ int reload_servers(char *fname)
- source_addr.in.sin_addr.s_addr = INADDR_ANY;
- source_addr.in.sin_port = htons(daemon->query_port);
- }
--#ifdef HAVE_IPV6
- else
- {
- int scope_index = 0;
-@@ -1686,10 +1644,6 @@ int reload_servers(char *fname)
- else
- continue;
- }
--#else /* IPV6 */
-- else
-- continue;
--#endif
-
- add_update_server(SERV_FROM_RESOLV, &addr, &source_addr, NULL, NULL);
- gotone = 1;
---- a/src/option.c
-+++ b/src/option.c
-@@ -764,10 +764,8 @@ static char *parse_mysockaddr(char *arg,
- {
- if (inet_pton(AF_INET, arg, &addr->in.sin_addr) > 0)
- addr->sa.sa_family = AF_INET;
--#ifdef HAVE_IPV6
- else if (inet_pton(AF_INET6, arg, &addr->in6.sin6_addr) > 0)
- addr->sa.sa_family = AF_INET6;
--#endif
- else
- return _("bad address");
-
-@@ -779,10 +777,8 @@ char *parse_server(char *arg, union myso
- int source_port = 0, serv_port = NAMESERVER_PORT;
- char *portno, *source;
- char *interface_opt = NULL;
--#ifdef HAVE_IPV6
- int scope_index = 0;
- char *scope_id;
--#endif
-
- if (!arg || strlen(arg) == 0)
- {
-@@ -800,9 +796,7 @@ char *parse_server(char *arg, union myso
- !atoi_check16(portno, &serv_port))
- return _("bad port");
-
--#ifdef HAVE_IPV6
- scope_id = split_chr(arg, '%');
--#endif
-
- if (source) {
- interface_opt = split_chr(source, '@');
-@@ -846,7 +840,6 @@ char *parse_server(char *arg, union myso
- }
- }
- }
--#ifdef HAVE_IPV6
- else if (inet_pton(AF_INET6, arg, &addr->in6.sin6_addr) > 0)
- {
- if (scope_id && (scope_index = if_nametoindex(scope_id)) == 0)
-@@ -881,7 +874,6 @@ char *parse_server(char *arg, union myso
- }
- }
- }
--#endif
- else
- return _("bad address");
-
-@@ -1914,10 +1906,8 @@ static int one_opt(int option, char *arg
- unhide_metas(arg);
- if (inet_pton(AF_INET, arg, &new->addr.in.sin_addr) > 0)
- new->addr.sa.sa_family = AF_INET;
--#ifdef HAVE_IPV6
- else if (inet_pton(AF_INET6, arg, &new->addr.in6.sin6_addr) > 0)
- new->addr.sa.sa_family = AF_INET6;
--#endif
- else
- {
- char *fam = split_chr(arg, '/');
-@@ -1927,10 +1917,8 @@ static int one_opt(int option, char *arg
- {
- if (strcmp(fam, "4") == 0)
- new->addr.sa.sa_family = AF_INET;
--#ifdef HAVE_IPV6
- else if (strcmp(fam, "6") == 0)
- new->addr.sa.sa_family = AF_INET6;
--#endif
- else
- ret_err(gen_err);
- }
-@@ -1996,14 +1984,12 @@ static int one_opt(int option, char *arg
- subnet->prefixlen = (prefixlen == 0) ? 24 : prefixlen;
- subnet->flags = ADDRLIST_LITERAL;
- }
--#ifdef HAVE_IPV6
- else if (inet_pton(AF_INET6, arg, &addr.addr.addr6))
- {
- subnet = opt_malloc(sizeof(struct addrlist));
- subnet->prefixlen = (prefixlen == 0) ? 64 : prefixlen;
- subnet->flags = ADDRLIST_LITERAL | ADDRLIST_IPV6;
- }
--#endif
- else
- {
- struct auth_name_list *name = opt_malloc(sizeof(struct auth_name_list));
-@@ -2015,10 +2001,8 @@ static int one_opt(int option, char *arg
- {
- if (prefixlen == 4)
- name->flags &= ~AUTH6;
--#ifdef HAVE_IPV6
- else if (prefixlen == 6)
- name->flags &= ~AUTH4;
--#endif
- else
- ret_err(gen_err);
- }
-@@ -2139,7 +2123,6 @@ static int one_opt(int option, char *arg
- }
- }
- }
--#ifdef HAVE_IPV6
- else if (inet_pton(AF_INET6, comma, &new->start6))
- {
- u64 mask = (1LLU << (128 - msize)) - 1LLU;
-@@ -2183,7 +2166,6 @@ static int one_opt(int option, char *arg
- }
- }
- }
--#endif
- else
- ret_err(gen_err);
- }
-@@ -2201,7 +2183,6 @@ static int one_opt(int option, char *arg
- else if (!inet_pton(AF_INET, arg, &new->end))
- ret_err(gen_err);
- }
--#ifdef HAVE_IPV6
- else if (inet_pton(AF_INET6, comma, &new->start6))
- {
- new->is6 = 1;
-@@ -2210,7 +2191,6 @@ static int one_opt(int option, char *arg
- else if (!inet_pton(AF_INET6, arg, &new->end6))
- ret_err(gen_err);
- }
--#endif
- else
- ret_err(gen_err);
-
-@@ -2369,7 +2349,6 @@ static int one_opt(int option, char *arg
- new->addr.in.sin_len = sizeof(new->addr.in);
- #endif
- }
--#ifdef HAVE_IPV6
- else if (arg && inet_pton(AF_INET6, arg, &new->addr.in6.sin6_addr) > 0)
- {
- new->addr.sa.sa_family = AF_INET6;
-@@ -2380,7 +2359,6 @@ static int one_opt(int option, char *arg
- new->addr.in6.sin6_len = sizeof(new->addr.in6);
- #endif
- }
--#endif
- else
- ret_err(gen_err);
-
-@@ -2493,9 +2471,7 @@ static int one_opt(int option, char *arg
- int size;
- struct server *serv;
- struct in_addr addr4;
--#ifdef HAVE_IPV6
- struct in6_addr addr6;
--#endif
-
- unhide_metas(arg);
- if (!arg || !(comma=split(arg)) || !(string = split_chr(arg, '/')) || !atoi_check(string, &size))
-@@ -2507,10 +2483,8 @@ static int one_opt(int option, char *arg
- if (!serv)
- ret_err(_("bad prefix"));
- }
--#ifdef HAVE_IPV6
- else if (inet_pton(AF_INET6, arg, &addr6))
- serv = add_rev6(&addr6, size);
--#endif
- else
- ret_err(gen_err);
-
-@@ -3863,10 +3837,8 @@ err:
- {
- if (strcmp(arg, "4") == 0)
- new->family = AF_INET;
--#ifdef HAVE_IPV6
- else if (strcmp(arg, "6") == 0)
- new->family = AF_INET6;
--#endif
- else
- ret_err(gen_err);
- }
-@@ -4156,10 +4128,8 @@ err:
- new->ttl = atoi(arg);
- else if (inet_pton(AF_INET, arg, &addr))
- new->addr = addr.addr.addr4;
--#ifdef HAVE_IPV6
- else if (inet_pton(AF_INET6, arg, &addr))
- new->addr6 = addr.addr.addr6;
--#endif
- else
- {
- int nomem;
-@@ -4866,10 +4836,8 @@ void read_opts(int argc, char **argv, ch
- {
- if (tmp->source_addr.sa.sa_family == AF_INET)
- tmp->source_addr.in.sin_port = htons(daemon->query_port);
--#ifdef HAVE_IPV6
- else if (tmp->source_addr.sa.sa_family == AF_INET6)
- tmp->source_addr.in6.sin6_port = htons(daemon->query_port);
--#endif
- }
- }
-
-@@ -4930,10 +4898,8 @@ void read_opts(int argc, char **argv, ch
- for(tmp = daemon->if_addrs; tmp; tmp = tmp->next)
- if (tmp->addr.sa.sa_family == AF_INET)
- tmp->addr.in.sin_port = htons(daemon->port);
--#ifdef HAVE_IPV6
- else if (tmp->addr.sa.sa_family == AF_INET6)
- tmp->addr.in6.sin6_port = htons(daemon->port);
--#endif /* IPv6 */
- }
-
- /* create default, if not specified */
---- a/src/rfc1035.c
-+++ b/src/rfc1035.c
-@@ -198,7 +198,6 @@ int in_arpa_name_2_addr(char *namein, st
-
- return F_IPV4;
- }
--#ifdef HAVE_IPV6
- else if (hostname_isequal(penchunk, "ip6") &&
- (hostname_isequal(lastchunk, "int") || hostname_isequal(lastchunk, "arpa")))
- {
-@@ -243,7 +242,6 @@ int in_arpa_name_2_addr(char *namein, st
- return F_IPV6;
- }
- }
--#endif
-
- return 0;
- }
-@@ -426,7 +424,6 @@ int private_net(struct in_addr addr, int
- ((ip_addr & 0xFFFFFFFF) == 0xFFFFFFFF) /* 255.255.255.255/32 (broadcast)*/ ;
- }
-
--#ifdef HAVE_IPV6
- static int private_net6(struct in6_addr *a)
- {
- return
-@@ -436,8 +433,6 @@ static int private_net6(struct in6_addr
- ((unsigned char *)a)[0] == 0xfd || /* RFC 6303 4.4 */
- ((u32 *)a)[0] == htonl(0x20010db8); /* RFC 6303 4.6 */
- }
--#endif
--
-
- static unsigned char *do_doctor(unsigned char *p, int count, struct dns_header *header, size_t qlen, char *name, int *doctored)
- {
-@@ -738,13 +733,11 @@ int extract_addresses(struct dns_header
- addrlen = INADDRSZ;
- flags |= F_IPV4;
- }
--#ifdef HAVE_IPV6
- else if (qtype == T_AAAA)
- {
- addrlen = IN6ADDRSZ;
- flags |= F_IPV6;
- }
--#endif
- else
- continue;
-
-@@ -818,7 +811,6 @@ int extract_addresses(struct dns_header
- private_net(addr.addr.addr4, !option_bool(OPT_LOCAL_REBIND)))
- return 1;
-
--#ifdef HAVE_IPV6
- if ((flags & F_IPV6) &&
- IN6_IS_ADDR_V4MAPPED(&addr.addr.addr6))
- {
-@@ -827,7 +819,6 @@ int extract_addresses(struct dns_header
- if (private_net(v4, !option_bool(OPT_LOCAL_REBIND)))
- return 1;
- }
--#endif
- }
-
- #ifdef HAVE_IPSET
-@@ -966,7 +957,6 @@ size_t setup_reply(struct dns_header *he
- add_resource_record(header, NULL, NULL, sizeof(struct dns_header), &p, ttl, NULL, T_A, C_IN, "4", addrp);
- }
-
--#ifdef HAVE_IPV6
- if (flags & F_IPV6)
- {
- SET_RCODE(header, NOERROR);
-@@ -974,7 +964,6 @@ size_t setup_reply(struct dns_header *he
- header->hb3 |= HB3_AA;
- add_resource_record(header, NULL, NULL, sizeof(struct dns_header), &p, ttl, NULL, T_AAAA, C_IN, "6", addrp);
- }
--#endif
- }
- else /* nowhere to forward to */
- {
-@@ -1164,14 +1153,12 @@ int add_resource_record(struct dns_heade
- for (; *format; format++)
- switch (*format)
- {
--#ifdef HAVE_IPV6
- case '6':
- CHECK_LIMIT(IN6ADDRSZ);
- sval = va_arg(ap, char *);
- memcpy(p, sval, IN6ADDRSZ);
- p += IN6ADDRSZ;
- break;
--#endif
-
- case '4':
- CHECK_LIMIT(INADDRSZ);
-@@ -1413,7 +1400,6 @@ size_t answer_request(struct dns_header
- while (intr->next && strcmp(intr->intr, intr->next->intr) == 0)
- intr = intr->next;
- }
--#ifdef HAVE_IPV6
- else if (is_arpa == F_IPV6)
- for (intr = daemon->int_names; intr; intr = intr->next)
- {
-@@ -1429,7 +1415,6 @@ size_t answer_request(struct dns_header
- while (intr->next && strcmp(intr->intr, intr->next->intr) == 0)
- intr = intr->next;
- }
--#endif
-
- if (intr)
- {
-@@ -1521,9 +1506,7 @@ size_t answer_request(struct dns_header
- }
- }
- else if (option_bool(OPT_BOGUSPRIV) && (
--#ifdef HAVE_IPV6
- (is_arpa == F_IPV6 && private_net6(&addr.addr.addr6)) ||
--#endif
- (is_arpa == F_IPV4 && private_net(addr.addr.addr4, 1))))
- {
- struct server *serv;
-@@ -1564,16 +1547,9 @@ size_t answer_request(struct dns_header
-
- for (flag = F_IPV4; flag; flag = (flag == F_IPV4) ? F_IPV6 : 0)
- {
-- unsigned short type = T_A;
-+ unsigned short type = (flag == F_IPV6) ? T_AAAA : T_A;
- struct interface_name *intr;
-
-- if (flag == F_IPV6)
--#ifdef HAVE_IPV6
-- type = T_AAAA;
--#else
-- break;
--#endif
--
- if (qtype != type && qtype != T_ANY)
- continue;
-
-@@ -1596,31 +1572,26 @@ size_t answer_request(struct dns_header
- for (intr = daemon->int_names; intr; intr = intr->next)
- if (hostname_isequal(name, intr->name))
- for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
--#ifdef HAVE_IPV6
-- if (!(addrlist->flags & ADDRLIST_IPV6))
--#endif
-- if (is_same_net(*((struct in_addr *)&addrlist->addr), local_addr, local_netmask))
-- {
-- localise = 1;
-- break;
-- }
-+ if (!(addrlist->flags & ADDRLIST_IPV6) &&
-+ is_same_net(*((struct in_addr *)&addrlist->addr), local_addr, local_netmask))
-+ {
-+ localise = 1;
-+ break;
-+ }
-
- for (intr = daemon->int_names; intr; intr = intr->next)
- if (hostname_isequal(name, intr->name))
- {
- for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
--#ifdef HAVE_IPV6
- if (((addrlist->flags & ADDRLIST_IPV6) ? T_AAAA : T_A) == type)
--#endif
- {
- if (localise &&
- !is_same_net(*((struct in_addr *)&addrlist->addr), local_addr, local_netmask))
- continue;
-
--#ifdef HAVE_IPV6
- if (addrlist->flags & ADDRLIST_REVONLY)
- continue;
--#endif
-+
- ans = 1;
- sec_data = 0;
- if (!dryrun)
-@@ -1904,11 +1875,8 @@ size_t answer_request(struct dns_header
- crecp = NULL;
- while ((crecp = cache_find_by_name(crecp, rec->target, now, F_IPV4 | F_IPV6)))
- {
--#ifdef HAVE_IPV6
- int type = crecp->flags & F_IPV4 ? T_A : T_AAAA;
--#else
-- int type = T_A;
--#endif
-+
- if (crecp->flags & F_NEG)
- continue;
-
---- a/src/tables.c
-+++ b/src/tables.c
-@@ -108,7 +108,7 @@ int add_to_ipset(const char *setname, co
- my_syslog(LOG_INFO, _("info: table created"));
-
- bzero(&addr, sizeof(addr));
--#ifdef HAVE_IPV6
-+
- if (flags & F_IPV6)
- {
- addr.pfra_af = AF_INET6;
-@@ -116,7 +116,6 @@ int add_to_ipset(const char *setname, co
- memcpy(&(addr.pfra_ip6addr), &(ipaddr->addr), sizeof(struct in6_addr));
- }
- else
--#endif
- {
- addr.pfra_af = AF_INET;
- addr.pfra_net = 0x20;
---- a/src/tftp.c
-+++ b/src/tftp.c
-@@ -60,17 +60,11 @@ void tftp_request(struct listener *liste
- char *prefix = daemon->tftp_prefix;
- struct tftp_prefix *pref;
- struct all_addr addra;
--#ifdef HAVE_IPV6
- /* Can always get recvd interface for IPv6 */
- int check_dest = !option_bool(OPT_NOWILD) || listen->family == AF_INET6;
--#else
-- int check_dest = !option_bool(OPT_NOWILD);
--#endif
- union {
- struct cmsghdr align; /* this ensures alignment */
--#ifdef HAVE_IPV6
- char control6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
--#endif
- #if defined(HAVE_LINUX_NETWORK)
- char control[CMSG_SPACE(sizeof(struct in_pktinfo))];
- #elif defined(HAVE_SOLARIS_NETWORK)
-@@ -174,7 +168,6 @@ void tftp_request(struct listener *liste
-
- #endif
-
--#ifdef HAVE_IPV6
- if (listen->family == AF_INET6)
- {
- for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
-@@ -190,7 +183,6 @@ void tftp_request(struct listener *liste
- if_index = p.p->ipi6_ifindex;
- }
- }
--#endif
-
- if (!indextoname(listen->tftpfd, if_index, namebuff))
- return;
-@@ -199,10 +191,8 @@ void tftp_request(struct listener *liste
-
- addra.addr.addr4 = addr.in.sin_addr;
-
--#ifdef HAVE_IPV6
- if (listen->family == AF_INET6)
- addra.addr.addr6 = addr.in6.sin6_addr;
--#endif
-
- if (daemon->tftp_interfaces)
- {
-@@ -262,7 +252,6 @@ void tftp_request(struct listener *liste
- addr.in.sin_len = sizeof(addr.in);
- #endif
- }
--#ifdef HAVE_IPV6
- else
- {
- addr.in6.sin6_port = htons(port);
-@@ -272,7 +261,6 @@ void tftp_request(struct listener *liste
- addr.in6.sin6_len = sizeof(addr.in6);
- #endif
- }
--#endif
-
- if (!(transfer = whine_malloc(sizeof(struct tftp_transfer))))
- return;
-@@ -310,10 +298,9 @@ void tftp_request(struct listener *liste
- {
- if (listen->family == AF_INET)
- addr.in.sin_port = htons(port);
--#ifdef HAVE_IPV6
- else
-- addr.in6.sin6_port = htons(port);
--#endif
-+ addr.in6.sin6_port = htons(port);
-+
- continue;
- }
- my_syslog(MS_TFTP | LOG_ERR, _("unable to get free port for TFTP"));
---- a/src/util.c
-+++ b/src/util.c
-@@ -320,13 +320,12 @@ int sockaddr_isequal(union mysockaddr *s
- s1->in.sin_port == s2->in.sin_port &&
- s1->in.sin_addr.s_addr == s2->in.sin_addr.s_addr)
- return 1;
--#ifdef HAVE_IPV6
-+
- if (s1->sa.sa_family == AF_INET6 &&
- s1->in6.sin6_port == s2->in6.sin6_port &&
- s1->in6.sin6_scope_id == s2->in6.sin6_scope_id &&
- IN6_ARE_ADDR_EQUAL(&s1->in6.sin6_addr, &s2->in6.sin6_addr))
- return 1;
--#endif
- }
- return 0;
- }
-@@ -336,11 +335,9 @@ int sa_len(union mysockaddr *addr)
- #ifdef HAVE_SOCKADDR_SA_LEN
- return addr->sa.sa_len;
- #else
--#ifdef HAVE_IPV6
- if (addr->sa.sa_family == AF_INET6)
- return sizeof(addr->in6);
- else
--#endif
- return sizeof(addr->in);
- #endif
- }
-@@ -437,7 +434,6 @@ int is_same_net(struct in_addr a, struct
- return (a.s_addr & mask.s_addr) == (b.s_addr & mask.s_addr);
- }
-
--#ifdef HAVE_IPV6
- int is_same_net6(struct in6_addr *a, struct in6_addr *b, int prefixlen)
- {
- int pfbytes = prefixlen >> 3;
-@@ -476,15 +472,12 @@ void setaddr6part(struct in6_addr *addr,
- }
- }
-
--#endif
--
-
- /* returns port number from address */
- int prettyprint_addr(union mysockaddr *addr, char *buf)
- {
- int port = 0;
-
--#ifdef HAVE_IPV6
- if (addr->sa.sa_family == AF_INET)
- {
- inet_ntop(AF_INET, &addr->in.sin_addr, buf, ADDRSTRLEN);
-@@ -503,10 +496,6 @@ int prettyprint_addr(union mysockaddr *a
- }
- port = ntohs(addr->in6.sin6_port);
- }
--#else
-- strcpy(buf, inet_ntoa(addr->in.sin_addr));
-- port = ntohs(addr->in.sin_port);
--#endif
-
- return port;
- }
+++ /dev/null
-From cf5984367bc6a949e3803a576512c5a7bc48ebab Mon Sep 17 00:00:00 2001
-From: Vladislav Grishenko <themiron@mail.ru>
-Date: Thu, 18 Oct 2018 04:55:21 +0500
-Subject: [PATCH 04/32] Don't forward *.bind/*.server queries upstream
-
-Chaos .bind and .server (RFC4892) zones are local, therefore
-don't forward queries upstream to avoid mixing with supported
-locally and false replies with NO_ID enabled.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/rfc1035.c | 15 ++++++++++++++-
- 1 file changed, 14 insertions(+), 1 deletion(-)
-
---- a/src/rfc1035.c
-+++ b/src/rfc1035.c
-@@ -1276,7 +1276,7 @@ size_t answer_request(struct dns_header
- int q, ans, anscount = 0, addncount = 0;
- int dryrun = 0;
- struct crec *crecp;
-- int nxdomain = 0, auth = 1, trunc = 0, sec_data = 1;
-+ int nxdomain = 0, notimp = 0, auth = 1, trunc = 0, sec_data = 1;
- struct mx_srv_record *rec;
- size_t len;
-
-@@ -1355,6 +1355,17 @@ size_t answer_request(struct dns_header
- }
- }
-
-+ if (qclass == C_CHAOS)
-+ {
-+ /* don't forward *.bind and *.server chaos queries */
-+ if (hostname_issubdomain("bind", name) || hostname_issubdomain("server", name))
-+ {
-+ if (!ans)
-+ notimp = 1, auth = 0;
-+ ans = 1;
-+ }
-+ }
-+
- if (qclass == C_IN)
- {
- struct txt_record *t;
-@@ -1903,6 +1914,8 @@ size_t answer_request(struct dns_header
-
- if (nxdomain)
- SET_RCODE(header, NXDOMAIN);
-+ else if (notimp)
-+ SET_RCODE(header, NOTIMP);
- else
- SET_RCODE(header, NOERROR); /* no error */
- header->ancount = htons(anscount);
+++ /dev/null
-From cbb5b17ad8e03e08ade62376a4f6a2066e55960d Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Tue, 23 Oct 2018 23:45:57 +0100
-Subject: [PATCH 05/32] Fix logging in cf5984367bc6a949e3803a576512c5a7bc48ebab
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/rfc1035.c | 27 ++++++++++++++++++---------
- 1 file changed, 18 insertions(+), 9 deletions(-)
-
---- a/src/rfc1035.c
-+++ b/src/rfc1035.c
-@@ -1335,7 +1335,6 @@ size_t answer_request(struct dns_header
- {
- unsigned long ttl = daemon->local_ttl;
- int ok = 1;
-- log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>");
- #ifndef NO_ID
- /* Dynamically generate stat record */
- if (t->stat != 0)
-@@ -1345,11 +1344,14 @@ size_t answer_request(struct dns_header
- ok = 0;
- }
- #endif
-- if (ok && add_resource_record(header, limit, &trunc, nameoffset, &ansp,
-- ttl, NULL,
-- T_TXT, t->class, "t", t->len, t->txt))
-- anscount++;
--
-+ if (ok)
-+ {
-+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<TXT>");
-+ if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
-+ ttl, NULL,
-+ T_TXT, t->class, "t", t->len, t->txt))
-+ anscount++;
-+ }
- }
- }
- }
-@@ -1357,12 +1359,19 @@ size_t answer_request(struct dns_header
-
- if (qclass == C_CHAOS)
- {
-- /* don't forward *.bind and *.server chaos queries */
-+ /* don't forward *.bind and *.server chaos queries - always reply with NOTIMP */
- if (hostname_issubdomain("bind", name) || hostname_issubdomain("server", name))
- {
- if (!ans)
-- notimp = 1, auth = 0;
-- ans = 1;
-+ {
-+ notimp = 1, auth = 0;
-+ if (!dryrun)
-+ {
-+ addr.addr.rcode.rcode = NOTIMP;
-+ log_query(F_CONFIG | F_RCODE, name, &addr, NULL);
-+ }
-+ ans = 1;
-+ }
- }
- }
-
+++ /dev/null
-From 6f7812d97bc8f87004c0a5069c6c94c64af78106 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Tue, 23 Oct 2018 23:54:44 +0100
-Subject: [PATCH 06/32] Fix spurious AD flags in some DNS replies from local
- config.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/rfc1035.c | 42 ++++++++++++++++++++++++------------------
- 1 file changed, 24 insertions(+), 18 deletions(-)
-
---- a/src/rfc1035.c
-+++ b/src/rfc1035.c
-@@ -1330,7 +1330,7 @@ size_t answer_request(struct dns_header
- {
- if (t->class == qclass && hostname_isequal(name, t->name))
- {
-- ans = 1;
-+ ans = 1, sec_data = 0;
- if (!dryrun)
- {
- unsigned long ttl = daemon->local_ttl;
-@@ -1370,7 +1370,7 @@ size_t answer_request(struct dns_header
- addr.addr.rcode.rcode = NOTIMP;
- log_query(F_CONFIG | F_RCODE, name, &addr, NULL);
- }
-- ans = 1;
-+ ans = 1, sec_data = 0;
- }
- }
- }
-@@ -1725,7 +1725,7 @@ size_t answer_request(struct dns_header
- }
- else if (is_name_synthetic(flag, name, &addr))
- {
-- ans = 1;
-+ ans = 1, sec_data = 0;
- if (!dryrun)
- {
- log_query(F_FORWARD | F_CONFIG | flag, name, &addr, NULL);
-@@ -1763,25 +1763,27 @@ size_t answer_request(struct dns_header
- for (rec = daemon->mxnames; rec; rec = rec->next)
- if (!rec->issrv && hostname_isequal(name, rec->name))
- {
-- ans = found = 1;
-- if (!dryrun)
-- {
-- int offset;
-- log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
-- if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
-- &offset, T_MX, C_IN, "sd", rec->weight, rec->target))
-- {
-- anscount++;
-- if (rec->target)
-- rec->offset = offset;
-- }
-- }
-+ ans = found = 1;
-+ sec_data = 0;
-+ if (!dryrun)
-+ {
-+ int offset;
-+ log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
-+ if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, daemon->local_ttl,
-+ &offset, T_MX, C_IN, "sd", rec->weight, rec->target))
-+ {
-+ anscount++;
-+ if (rec->target)
-+ rec->offset = offset;
-+ }
-+ }
- }
-
- if (!found && (option_bool(OPT_SELFMX) || option_bool(OPT_LOCALMX)) &&
- cache_find_by_name(NULL, name, now, F_HOSTS | F_DHCP | F_NO_RR))
- {
- ans = 1;
-+ sec_data = 0;
- if (!dryrun)
- {
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<MX>");
-@@ -1802,6 +1804,7 @@ size_t answer_request(struct dns_header
- if (rec->issrv && hostname_isequal(name, rec->name))
- {
- found = ans = 1;
-+ sec_data = 0;
- if (!dryrun)
- {
- int offset;
-@@ -1838,6 +1841,7 @@ size_t answer_request(struct dns_header
- if (!found && option_bool(OPT_FILTER) && (qtype == T_SRV || (qtype == T_ANY && strchr(name, '_'))))
- {
- ans = 1;
-+ sec_data = 0;
- if (!dryrun)
- log_query(F_CONFIG | F_NEG, name, NULL, NULL);
- }
-@@ -1850,6 +1854,7 @@ size_t answer_request(struct dns_header
- if (hostname_isequal(name, na->name))
- {
- ans = 1;
-+ sec_data = 0;
- if (!dryrun)
- {
- log_query(F_CONFIG | F_RRNAME, name, NULL, "<NAPTR>");
-@@ -1862,11 +1867,12 @@ size_t answer_request(struct dns_header
- }
-
- if (qtype == T_MAILB)
-- ans = 1, nxdomain = 1;
-+ ans = 1, nxdomain = 1, sec_data = 0;
-
- if (qtype == T_SOA && option_bool(OPT_FILTER))
- {
-- ans = 1;
-+ ans = 1;
-+ sec_data = 0;
- if (!dryrun)
- log_query(F_CONFIG | F_NEG, name, &addr, NULL);
- }
+++ /dev/null
-From 24b87607c1353e94689e8a2190571ab3f3b36f31 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
-Date: Wed, 24 Oct 2018 22:30:18 +0100
-Subject: [PATCH 07/32] Do not rely on dead code elimination, use array
- instead. Make options bits derived from size and count. Use size of option
- bits and last supported bit in computation. No new change would be required
- when new options are added. Just change OPT_LAST constant.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/dnsmasq.h | 11 +++++++----
- src/option.c | 10 ++--------
- 2 files changed, 9 insertions(+), 12 deletions(-)
-
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -200,9 +200,6 @@ struct event_desc {
- #define EC_MISC 5
- #define EC_INIT_OFFSET 10
-
--/* Trust the compiler dead-code eliminator.... */
--#define option_bool(x) (((x) < 32) ? daemon->options & (1u << (x)) : daemon->options2 & (1u << ((x) - 32)))
--
- #define OPT_BOGUSPRIV 0
- #define OPT_FILTER 1
- #define OPT_LOG 2
-@@ -264,6 +261,12 @@ struct event_desc {
- #define OPT_UBUS 58
- #define OPT_LAST 59
-
-+#define OPTION_BITS (sizeof(unsigned int)*8)
-+#define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
-+#define option_var(x) (daemon->options[(x) / OPTION_BITS])
-+#define option_val(x) ((1u) << ((x) % OPTION_BITS))
-+#define option_bool(x) (option_var(x) & option_val(x))
-+
- /* extra flags for my_syslog, we use a couple of facilities since they are known
- not to occupy the same bits as priorities, no matter how syslog.h is set up. */
- #define MS_TFTP LOG_USER
-@@ -978,7 +981,7 @@ extern struct daemon {
- config file arguments. All set (including defaults)
- in option.c */
-
-- unsigned int options, options2;
-+ unsigned int options[OPTION_SIZE];
- struct resolvc default_resolv, *resolv_files;
- time_t last_resolv;
- char *servers_file;
---- a/src/option.c
-+++ b/src/option.c
-@@ -1490,18 +1490,12 @@ static int parse_dhcp_opt(char *errstr,
-
- void set_option_bool(unsigned int opt)
- {
-- if (opt < 32)
-- daemon->options |= 1u << opt;
-- else
-- daemon->options2 |= 1u << (opt - 32);
-+ option_var(opt) |= option_val(opt);
- }
-
- void reset_option_bool(unsigned int opt)
- {
-- if (opt < 32)
-- daemon->options &= ~(1u << opt);
-- else
-- daemon->options2 &= ~(1u << (opt - 32));
-+ option_var(opt) &= ~(option_val(opt));
- }
-
- static int one_opt(int option, char *arg, char *errstr, char *gen_err, int command_line, int servers_only)
+++ /dev/null
-From 3a5a84cdd1488bad118eeac72d09a60299bca744 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Wed, 31 Oct 2018 21:30:13 +0000
-Subject: [PATCH 08/32] Fix Makefile lines generating UBUS linker config.
-
-If arg2 of pkg-wrapper is "--copy", then arg1 is NOT the name of
-the package manager (--copy doesn't invoke it) it's a secondary
-config string that inhibts the copy if found. This patch allows that
-to be the empty string, for unconditional copy, and modifies the
-ubus linker config to use it. It worked by coincidence before, because
-there was no config string called "pkg-config".
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- Makefile | 2 +-
- bld/pkg-wrapper | 14 ++++++++------
- 2 files changed, 9 insertions(+), 7 deletions(-)
-
---- a/Makefile
-+++ b/Makefile
-@@ -53,7 +53,7 @@ top?=$(CURDIR)
-
- dbus_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --cflags dbus-1`
- dbus_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --libs dbus-1`
--ubus_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_UBUS $(PKG_CONFIG) --copy -lubox -lubus`
-+ubus_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_UBUS "" --copy -lubox -lubus`
- idn_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --cflags libidn`
- idn_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --libs libidn`
- idn2_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LIBIDN2 $(PKG_CONFIG) --cflags libidn2`
---- a/bld/pkg-wrapper
-+++ b/bld/pkg-wrapper
-@@ -11,23 +11,25 @@ in=`cat`
-
- if grep "^\#[[:space:]]*define[[:space:]]*$search" config.h >/dev/null 2>&1 || \
- echo $in | grep $search >/dev/null 2>&1; then
--# Nasty, nasty, in --copy, arg 2 is another config to search for, use with NO_GMP
-+# Nasty, nasty, in --copy, arg 2 (if non-empty) is another config to search for, used with NO_GMP
- if [ $op = "--copy" ]; then
-- if grep "^\#[[:space:]]*define[[:space:]]*$pkg" config.h >/dev/null 2>&1 || \
-- echo $in | grep $pkg >/dev/null 2>&1; then
-+ if [ -z "$pkg" ]; then
-+ pkg="$*"
-+ elif grep "^\#[[:space:]]*define[[:space:]]*$pkg" config.h >/dev/null 2>&1 || \
-+ echo $in | grep $pkg >/dev/null 2>&1; then
- pkg=""
- else
- pkg="$*"
- fi
- elif grep "^\#[[:space:]]*define[[:space:]]*${search}_STATIC" config.h >/dev/null 2>&1 || \
-- echo $in | grep ${search}_STATIC >/dev/null 2>&1; then
-+ echo $in | grep ${search}_STATIC >/dev/null 2>&1; then
- pkg=`$pkg --static $op $*`
- else
- pkg=`$pkg $op $*`
- fi
--
-+
- if grep "^\#[[:space:]]*define[[:space:]]*${search}_STATIC" config.h >/dev/null 2>&1 || \
-- echo $in | grep ${search}_STATIC >/dev/null 2>&1; then
-+ echo $in | grep ${search}_STATIC >/dev/null 2>&1; then
- if [ $op = "--libs" ] || [ $op = "--copy" ]; then
- echo "-Wl,-Bstatic $pkg -Wl,-Bdynamic"
- else
+++ /dev/null
-From 122392e0b352507cabb9e982208d35d2e56902e0 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Wed, 31 Oct 2018 22:24:02 +0000
-Subject: [PATCH 09/32] Revert 68f6312d4bae30b78daafcd6f51dc441b8685b1e
-
-The above is intended to increase robustness, but actually does the
-opposite. The problem is that by ignoring SERVFAIL messages and hoping
-for a better answer from another of the servers we've forwarded to,
-we become vulnerable in the case that one or more of the configured
-servers is down or not responding.
-
-Consider the case that a domain is indeed BOGUS, and we've send the
-query to n servers. With 68f6312d4bae30b78daafcd6f51dc441b8685b1e
-we ignore the first n-1 SERVFAIL replies, and only return the
-final n'th answer to the client. Now, if one of the servers we are
-forwarding to is down, then we won't get all n replies, and the
-client will never get an answer! This is a far more likely scenario
-than a temporary SERVFAIL from only one of a set of notionally identical
-servers, so, on the ground of robustness, we have to believe
-any SERVFAIL answers we get, and return them to the client.
-
-The client could be using the same recursive servers we are,
-so it should, in theory, retry on SERVFAIL anyway.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/forward.c | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
---- a/src/forward.c
-+++ b/src/forward.c
-@@ -957,8 +957,7 @@ void reply_query(int fd, int family, tim
- we get a good reply from another server. Kill it when we've
- had replies from all to avoid filling the forwarding table when
- everything is broken */
-- if (forward->forwardall == 0 || --forward->forwardall == 1 ||
-- (RCODE(header) != REFUSED && RCODE(header) != SERVFAIL))
-+ if (forward->forwardall == 0 || --forward->forwardall == 1 || RCODE(header) != REFUSED)
- {
- int check_rebind = 0, no_cache_dnssec = 0, cache_secure = 0, bogusanswer = 0;
-
+++ /dev/null
-From 48d12f14c9c0fc8cf943b52774c3892517dd72d4 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Fri, 2 Nov 2018 21:55:04 +0000
-Subject: [PATCH 10/32] Remove the NO_FORK compile-time option, and support for
- uclinux.
-
-In an era where everything has an MMU, this looks like
-an anachronism, and it adds to (Ok, multiplies!) the
-combinatorial explosion of compile-time options.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- CHANGELOG | 6 ++++++
- src/config.h | 21 ++-------------------
- src/dnsmasq.c | 14 --------------
- src/option.c | 4 +---
- 4 files changed, 9 insertions(+), 36 deletions(-)
-
---- a/CHANGELOG
-+++ b/CHANGELOG
-@@ -11,6 +11,12 @@ version 2.81
- This fix passes cache entries back from the TCP child process to
- the main server process, and fixes the problem.
-
-+ Remove the NO_FORK compile-time option, and support for uclinux.
-+ In an era where everything has an MMU, this looks like
-+ an anachronism, and it adds to (Ok, multiplies!) the
-+ combinatorial explosion of compile-time options. Thanks to
-+ Kevin Darbyshire-Bryant for the patch.
-+
-
- version 2.80
- Add support for RFC 4039 DHCP rapid commit. Thanks to Ashram Method
---- a/src/config.h
-+++ b/src/config.h
-@@ -239,27 +239,13 @@ HAVE_SOCKADDR_SA_LEN
- defined if struct sockaddr has sa_len field (*BSD)
- */
-
--/* Must precede __linux__ since uClinux defines __linux__ too. */
--#if defined(__uClinux__)
--#define HAVE_LINUX_NETWORK
--#define HAVE_GETOPT_LONG
--#undef HAVE_SOCKADDR_SA_LEN
--/* Never use fork() on uClinux. Note that this is subtly different from the
-- --keep-in-foreground option, since it also suppresses forking new
-- processes for TCP connections and disables the call-a-script on leasechange
-- system. It's intended for use on MMU-less kernels. */
--#define NO_FORK
--
--#elif defined(__UCLIBC__)
-+#if defined(__UCLIBC__)
- #define HAVE_LINUX_NETWORK
- #if defined(__UCLIBC_HAS_GNU_GETOPT__) || \
- ((__UCLIBC_MAJOR__==0) && (__UCLIBC_MINOR__==9) && (__UCLIBC_SUBLEVEL__<21))
- # define HAVE_GETOPT_LONG
- #endif
- #undef HAVE_SOCKADDR_SA_LEN
--#if !defined(__ARCH_HAS_MMU__) && !defined(__UCLIBC_HAS_MMU__)
--# define NO_FORK
--#endif
- #if defined(__UCLIBC_HAS_IPV6__)
- # ifndef IPV6_V6ONLY
- # define IPV6_V6ONLY 26
-@@ -328,7 +314,7 @@ HAVE_SOCKADDR_SA_LEN
- #define HAVE_DHCP
- #endif
-
--#if defined(NO_SCRIPT) || defined(NO_FORK)
-+#if defined(NO_SCRIPT)
- #undef HAVE_SCRIPT
- #undef HAVE_LUASCRIPT
- #endif
-@@ -372,9 +358,6 @@ static char *compile_opts =
- #ifdef HAVE_BROKEN_RTC
- "no-RTC "
- #endif
--#ifdef NO_FORK
--"no-MMU "
--#endif
- #ifndef HAVE_DBUS
- "no-"
- #endif
---- a/src/dnsmasq.c
-+++ b/src/dnsmasq.c
-@@ -485,7 +485,6 @@ int main (int argc, char **argv)
- if (chdir("/") != 0)
- die(_("cannot chdir to filesystem root: %s"), NULL, EC_MISC);
-
--#ifndef NO_FORK
- if (!option_bool(OPT_NO_FORK))
- {
- pid_t pid;
-@@ -525,7 +524,6 @@ int main (int argc, char **argv)
- if (pid != 0)
- _exit(0);
- }
--#endif
-
- /* write pidfile _after_ forking ! */
- if (daemon->runfile)
-@@ -1628,12 +1626,10 @@ static int set_dns_listeners(time_t now)
-
- }
-
--#ifndef NO_FORK
- if (!option_bool(OPT_DEBUG))
- for (i = 0; i < MAX_PROCS; i++)
- if (daemon->tcp_pipes[i] != -1)
- poll_listen(daemon->tcp_pipes[i], POLLIN);
--#endif
-
- return wait;
- }
-@@ -1643,9 +1639,7 @@ static void check_dns_listeners(time_t n
- struct serverfd *serverfdp;
- struct listener *listener;
- int i;
--#ifndef NO_FORK
- int pipefd[2];
--#endif
-
- for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
- if (poll_check(serverfdp->fd, POLLIN))
-@@ -1657,7 +1651,6 @@ static void check_dns_listeners(time_t n
- poll_check(daemon->randomsocks[i].fd, POLLIN))
- reply_query(daemon->randomsocks[i].fd, daemon->randomsocks[i].family, now);
-
--#ifndef NO_FORK
- /* Races. The child process can die before we read all of the data from the
- pipe, or vice versa. Therefore send tcp_pids to zero when we wait() the
- process, and tcp_pipes to -1 and close the FD when we read the last
-@@ -1674,7 +1667,6 @@ static void check_dns_listeners(time_t n
- close(daemon->tcp_pipes[i]);
- daemon->tcp_pipes[i] = -1;
- }
--#endif
-
- for (listener = daemon->listeners; listener; listener = listener->next)
- {
-@@ -1768,7 +1760,6 @@ static void check_dns_listeners(time_t n
- shutdown(confd, SHUT_RDWR);
- while (retry_send(close(confd)));
- }
--#ifndef NO_FORK
- else if (!option_bool(OPT_DEBUG) && pipe(pipefd) == 0 && (p = fork()) != 0)
- {
- close(pipefd[1]); /* parent needs read pipe end. */
-@@ -1791,7 +1782,6 @@ static void check_dns_listeners(time_t n
- /* The child can use up to TCP_MAX_QUERIES ids, so skip that many. */
- daemon->log_id += TCP_MAX_QUERIES;
- }
--#endif
- else
- {
- unsigned char *buff;
-@@ -1811,7 +1801,6 @@ static void check_dns_listeners(time_t n
- auth_dns = 0;
- }
-
--#ifndef NO_FORK
- /* Arrange for SIGALRM after CHILD_LIFETIME seconds to
- terminate the process. */
- if (!option_bool(OPT_DEBUG))
-@@ -1820,7 +1809,6 @@ static void check_dns_listeners(time_t n
- close(pipefd[0]); /* close read end in child. */
- daemon->pipe_to_parent = pipefd[1];
- }
--#endif
-
- /* start with no upstream connections. */
- for (s = daemon->servers; s; s = s->next)
-@@ -1846,13 +1834,11 @@ static void check_dns_listeners(time_t n
- shutdown(s->tcpfd, SHUT_RDWR);
- while (retry_send(close(s->tcpfd)));
- }
--#ifndef NO_FORK
- if (!option_bool(OPT_DEBUG))
- {
- flush_log();
- _exit(0);
- }
--#endif
- }
- }
- }
---- a/src/option.c
-+++ b/src/option.c
-@@ -1828,9 +1828,7 @@ static int one_opt(int option, char *arg
- /* Sorry about the gross pre-processor abuse */
- case '6': /* --dhcp-script */
- case LOPT_LUASCRIPT: /* --dhcp-luascript */
--# if defined(NO_FORK)
-- ret_err(_("cannot run scripts under uClinux"));
--# elif !defined(HAVE_SCRIPT)
-+# if !defined(HAVE_SCRIPT)
- ret_err(_("recompile with HAVE_SCRIPT defined to enable lease-change scripts"));
- # else
- if (option == LOPT_LUASCRIPT)
+++ /dev/null
-From 59e470381f84f2fdf0640c7bc67827f3f0c64784 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
-Date: Fri, 2 Nov 2018 22:39:39 +0000
-Subject: [PATCH 11/32] Free config file values on parsing errors.
-
-This time I have a little bit more controversal patches. But I think
-still useful. They fixes memory leaks that might occur in some cases.
-Most dnsmasq errors is fatal, so it does not matter. But some are not.
-Some parts are reloaded on SIGHUP signal, so it might leak more than once.
-
-Some example when it changes the failures. Use dhcp-options file with
-this content:
-
-tag:error,vendor:redhat
-option:ntp-server,1.2.3.4.5
-option6:ntp-server,[:::]
-
-Is not fatal and dnsmasq will start. On each reload command, it would
-leak some memory. I validated it using valgrind --leak-check=full
-dnsmasq -d. This patch fixes it. It introduces something that might be
-considered constructor and destructor of selected structures.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/option.c | 533 ++++++++++++++++++++++++++++++++++-----------------
- 1 file changed, 352 insertions(+), 181 deletions(-)
-
---- a/src/option.c
-+++ b/src/option.c
-@@ -577,14 +577,15 @@ static void *opt_malloc(size_t size)
- return ret;
- }
-
--static char *opt_string_alloc(char *cp)
-+static char *opt_string_alloc(const char *cp)
- {
- char *ret = NULL;
-+ size_t len;
-
-- if (cp && strlen(cp) != 0)
-+ if (cp && (len = strlen(cp)) != 0)
- {
-- ret = opt_malloc(strlen(cp)+1);
-- strcpy(ret, cp);
-+ ret = opt_malloc(len+1);
-+ memcpy(ret, cp, len+1);
-
- /* restore hidden metachars */
- unhide_metas(ret);
-@@ -759,6 +760,8 @@ static void do_usage(void)
- }
-
- #define ret_err(x) do { strcpy(errstr, (x)); return 0; } while (0)
-+#define ret_err_free(x,m) do { strcpy(errstr, (x)); free((m)); return 0; } while (0)
-+#define goto_err(x) do { strcpy(errstr, (x)); goto on_error; } while (0)
-
- static char *parse_mysockaddr(char *arg, union mysockaddr *addr)
- {
-@@ -904,6 +907,8 @@ static struct server *add_rev4(struct in
- p += sprintf(p, "%d.", (a >> 24) & 0xff);
- break;
- default:
-+ free(serv->domain);
-+ free(serv);
- return NULL;
- }
-
-@@ -958,6 +963,97 @@ static char *set_prefix(char *arg)
- return arg;
- }
-
-+static struct dhcp_netid *
-+dhcp_netid_create(const char *net, struct dhcp_netid *next)
-+{
-+ struct dhcp_netid *tt;
-+ tt = opt_malloc(sizeof (struct dhcp_netid));
-+ tt->net = opt_string_alloc(net);
-+ tt->next = next;
-+ return tt;
-+}
-+
-+static void dhcp_netid_free(struct dhcp_netid *nid)
-+{
-+ while (nid)
-+ {
-+ struct dhcp_netid *tmp = nid;
-+ nid = nid->next;
-+ free(tmp->net);
-+ free(tmp);
-+ }
-+}
-+
-+/* Parse one or more tag:s before parameters.
-+ * Moves arg to the end of tags. */
-+static struct dhcp_netid * dhcp_tags(char **arg)
-+{
-+ struct dhcp_netid *id = NULL;
-+
-+ while (is_tag_prefix(*arg))
-+ {
-+ char *comma = split(*arg);
-+ id = dhcp_netid_create((*arg)+4, id);
-+ *arg = comma;
-+ };
-+ if (!*arg)
-+ {
-+ dhcp_netid_free(id);
-+ id = NULL;
-+ }
-+ return id;
-+}
-+
-+static void dhcp_netid_list_free(struct dhcp_netid_list *netid)
-+{
-+ while (netid)
-+ {
-+ struct dhcp_netid_list *tmplist = netid;
-+ netid = netid->next;
-+ dhcp_netid_free(tmplist->list);
-+ free(tmplist);
-+ }
-+}
-+
-+static void dhcp_config_free(struct dhcp_config *config)
-+{
-+ if (config)
-+ {
-+ struct hwaddr_config *hwaddr = config->hwaddr;
-+ while (hwaddr)
-+ {
-+ struct hwaddr_config *tmp = hwaddr;
-+ hwaddr = hwaddr->next;
-+ free(tmp);
-+ }
-+ dhcp_netid_list_free(config->netid);
-+ if (config->flags & CONFIG_CLID)
-+ free(config->clid);
-+ free(config);
-+ }
-+}
-+
-+static void dhcp_context_free(struct dhcp_context *ctx)
-+{
-+ if (ctx)
-+ {
-+ dhcp_netid_free(ctx->filter);
-+ free(ctx->netid.net);
-+ free(ctx->template_interface);
-+ free(ctx);
-+ }
-+}
-+
-+static void dhcp_opt_free(struct dhcp_opt *opt)
-+{
-+ if (opt->flags & DHOPT_VENDOR)
-+ free(opt->u.vendor_class);
-+ dhcp_netid_free(opt->netid);
-+ free(opt->val);
-+ free(opt);
-+}
-+
-+
- /* This is too insanely large to keep in-line in the switch */
- static int parse_dhcp_opt(char *errstr, char *arg, int flags)
- {
-@@ -965,7 +1061,6 @@ static int parse_dhcp_opt(char *errstr,
- char lenchar = 0, *cp;
- int addrs, digs, is_addr, is_addr6, is_hex, is_dec, is_string, dots;
- char *comma = NULL;
-- struct dhcp_netid *np = NULL;
- u16 opt_len = 0;
- int is6 = 0;
- int option_ok = 0;
-@@ -1052,14 +1147,9 @@ static int parse_dhcp_opt(char *errstr,
- }
- else
- {
-- new->netid = opt_malloc(sizeof (struct dhcp_netid));
- /* allow optional "net:" or "tag:" for consistency */
-- if (is_tag_prefix(arg))
-- new->netid->net = opt_string_alloc(arg+4);
-- else
-- new->netid->net = opt_string_alloc(set_prefix(arg));
-- new->netid->next = np;
-- np = new->netid;
-+ const char *name = (is_tag_prefix(arg)) ? arg+4 : set_prefix(arg);
-+ new->netid = dhcp_netid_create(name, new->netid);
- }
-
- arg = comma;
-@@ -1069,7 +1159,7 @@ static int parse_dhcp_opt(char *errstr,
- if (is6)
- {
- if (new->flags & (DHOPT_VENDOR | DHOPT_ENCAPSULATE))
-- ret_err(_("unsupported encapsulation for IPv6 option"));
-+ goto_err(_("unsupported encapsulation for IPv6 option"));
-
- if (opt_len == 0 &&
- !(new->flags & DHOPT_RFC3925))
-@@ -1083,7 +1173,7 @@ static int parse_dhcp_opt(char *errstr,
-
- /* option may be missing with rfc3925 match */
- if (!option_ok)
-- ret_err(_("bad dhcp-option"));
-+ goto_err(_("bad dhcp-option"));
-
- if (comma)
- {
-@@ -1151,10 +1241,10 @@ static int parse_dhcp_opt(char *errstr,
- is_string = is_dec = is_hex = 0;
-
- if (!is6 && (!is_addr || dots == 0))
-- ret_err(_("bad IP address"));
-+ goto_err(_("bad IP address"));
-
- if (is6 && !is_addr6)
-- ret_err(_("bad IPv6 address"));
-+ goto_err(_("bad IPv6 address"));
- }
- /* or names */
- else if (opt_len & (OT_NAME | OT_RFC1035_NAME | OT_CSTRING))
-@@ -1247,7 +1337,7 @@ static int parse_dhcp_opt(char *errstr,
- comma = split(cp);
- slash = split_chr(cp, '/');
- if (!inet_pton(AF_INET, cp, &in))
-- ret_err(_("bad IPv4 address"));
-+ goto_err(_("bad IPv4 address"));
- if (!slash)
- {
- memcpy(op, &in, INADDRSZ);
-@@ -1292,8 +1382,8 @@ static int parse_dhcp_opt(char *errstr,
- op += IN6ADDRSZ;
- continue;
- }
--
-- ret_err(_("bad IPv6 address"));
-+
-+ goto_err(_("bad IPv6 address"));
- }
- new->len = op - new->val;
- }
-@@ -1320,7 +1410,7 @@ static int parse_dhcp_opt(char *errstr,
- if (strcmp (arg, ".") != 0)
- {
- if (!(dom = canonicalise_opt(arg)))
-- ret_err(_("bad domain in dhcp-option"));
-+ goto_err(_("bad domain in dhcp-option"));
-
- domlen = strlen(dom) + 2;
- }
-@@ -1414,7 +1504,7 @@ static int parse_dhcp_opt(char *errstr,
- {
- char *dom = canonicalise_opt(arg);
- if (!dom)
-- ret_err(_("bad domain in dhcp-option"));
-+ goto_err(_("bad domain in dhcp-option"));
-
- newp = opt_malloc(len + strlen(dom) + 2);
-
-@@ -1452,14 +1542,14 @@ static int parse_dhcp_opt(char *errstr,
- ((new->len > 255) ||
- (new->len > 253 && (new->flags & (DHOPT_VENDOR | DHOPT_ENCAPSULATE))) ||
- (new->len > 250 && (new->flags & DHOPT_RFC3925))))
-- ret_err(_("dhcp-option too long"));
-+ goto_err(_("dhcp-option too long"));
-
- if (flags == DHOPT_MATCH)
- {
- if ((new->flags & (DHOPT_ENCAPSULATE | DHOPT_VENDOR)) ||
- !new->netid ||
- new->netid->next)
-- ret_err(_("illegal dhcp-match"));
-+ goto_err(_("illegal dhcp-match"));
-
- if (is6)
- {
-@@ -1484,6 +1574,9 @@ static int parse_dhcp_opt(char *errstr,
- }
-
- return 1;
-+on_error:
-+ dhcp_opt_free(new);
-+ return 0;
- }
-
- #endif
-@@ -1498,6 +1591,16 @@ void reset_option_bool(unsigned int opt)
- option_var(opt) &= ~(option_val(opt));
- }
-
-+static void server_list_free(struct server *list)
-+{
-+ while (list)
-+ {
-+ struct server *tmp = list;
-+ list = list->next;
-+ free(tmp);
-+ }
-+}
-+
- static int one_opt(int option, char *arg, char *errstr, char *gen_err, int command_line, int servers_only)
- {
- int i;
-@@ -1679,13 +1782,13 @@ static int one_opt(int option, char *arg
- /* has subnet+len */
- err = parse_mysockaddr(arg, &new->addr);
- if (err)
-- ret_err(err);
-+ ret_err_free(err, new);
- if (!atoi_check(end, &new->mask))
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
- new->addr_used = 1;
- }
- else if (!atoi_check(arg, &new->mask))
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
-
- daemon->add_subnet4 = new;
-
-@@ -1697,15 +1800,15 @@ static int one_opt(int option, char *arg
- /* has subnet+len */
- err = parse_mysockaddr(comma, &new->addr);
- if (err)
-- ret_err(err);
-+ ret_err_free(err, new);
- if (!atoi_check(end, &new->mask))
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
- new->addr_used = 1;
- }
- else
- {
- if (!atoi_check(comma, &new->mask))
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
- }
-
- daemon->add_subnet6 = new;
-@@ -1912,7 +2015,10 @@ static int one_opt(int option, char *arg
- else if (strcmp(fam, "6") == 0)
- new->addr.sa.sa_family = AF_INET6;
- else
-- ret_err(gen_err);
-+ {
-+ free(new->name);
-+ ret_err_free(gen_err, new);
-+ }
- }
- }
- new->next = daemon->authinterface;
-@@ -2077,7 +2183,7 @@ static int one_opt(int option, char *arg
-
- arg = split(netpart);
- if (!atoi_check(netpart, &msize))
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
- else if (inet_pton(AF_INET, comma, &new->start))
- {
- int mask = (1 << (32 - msize)) - 1;
-@@ -2090,18 +2196,18 @@ static int one_opt(int option, char *arg
- {
- if (!(new->prefix = canonicalise_opt(arg)) ||
- strlen(new->prefix) > MAXLABEL - INET_ADDRSTRLEN)
-- ret_err(_("bad prefix"));
-+ ret_err_free(_("bad prefix"), new);
- }
- else if (strcmp(arg, "local") != 0 ||
- (msize != 8 && msize != 16 && msize != 24))
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
- else
- {
- /* generate the equivalent of
- local=/xxx.yyy.zzz.in-addr.arpa/ */
- struct server *serv = add_rev4(new->start, msize);
- if (!serv)
-- ret_err(_("bad prefix"));
-+ ret_err_free(_("bad prefix"), new);
-
- serv->flags |= SERV_NO_ADDR;
-
-@@ -2130,17 +2236,17 @@ static int one_opt(int option, char *arg
- setaddr6part(&new->end6, addrpart | mask);
-
- if (msize < 64)
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
- else if (arg)
- {
- if (option != 's')
- {
- if (!(new->prefix = canonicalise_opt(arg)) ||
- strlen(new->prefix) > MAXLABEL - INET6_ADDRSTRLEN)
-- ret_err(_("bad prefix"));
-+ ret_err_free(_("bad prefix"), new);
- }
- else if (strcmp(arg, "local") != 0 || ((msize & 4) != 0))
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
- else
- {
- /* generate the equivalent of
-@@ -2159,7 +2265,7 @@ static int one_opt(int option, char *arg
- }
- }
- else
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
- }
- else
- {
-@@ -2173,7 +2279,7 @@ static int one_opt(int option, char *arg
- if (!arg)
- new->end.s_addr = new->start.s_addr;
- else if (!inet_pton(AF_INET, arg, &new->end))
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
- }
- else if (inet_pton(AF_INET6, comma, &new->start6))
- {
-@@ -2181,16 +2287,16 @@ static int one_opt(int option, char *arg
- if (!arg)
- memcpy(&new->end6, &new->start6, IN6ADDRSZ);
- else if (!inet_pton(AF_INET6, arg, &new->end6))
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
- }
- else
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
-
- if (option != 's' && prefstr)
- {
- if (!(new->prefix = canonicalise_opt(prefstr)) ||
- strlen(new->prefix) > MAXLABEL - INET_ADDRSTRLEN)
-- ret_err(_("bad prefix"));
-+ ret_err_free(_("bad prefix"), new);
- }
- }
-
-@@ -2352,7 +2458,7 @@ static int one_opt(int option, char *arg
- #endif
- }
- else
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
-
- new->used = 0;
- if (option == 'a')
-@@ -2423,7 +2529,10 @@ static int one_opt(int option, char *arg
- {
- newlist->flags |= SERV_LITERAL_ADDRESS;
- if (!(newlist->flags & SERV_TYPE))
-- ret_err(gen_err);
-+ {
-+ server_list_free(newlist);
-+ ret_err(gen_err);
-+ }
- }
- else if (option == LOPT_NO_REBIND)
- newlist->flags |= SERV_NO_REBIND;
-@@ -2440,7 +2549,10 @@ static int one_opt(int option, char *arg
- {
- char *err = parse_server(arg, &newlist->addr, &newlist->source_addr, newlist->interface, &newlist->flags);
- if (err)
-- ret_err(err);
-+ {
-+ server_list_free(newlist);
-+ ret_err(err);
-+ }
- }
-
- serv = newlist;
-@@ -2776,21 +2888,19 @@ static int one_opt(int option, char *arg
- {
- if (is_tag_prefix(arg))
- {
-- struct dhcp_netid *tt = opt_malloc(sizeof (struct dhcp_netid));
-- tt->net = opt_string_alloc(arg+4);
-- tt->next = new->filter;
- /* ignore empty tag */
-- if (tt->net)
-- new->filter = tt;
-+ if (arg[4])
-+ new->filter = dhcp_netid_create(arg+4, new->filter);
- }
- else
- {
- if (new->netid.net)
-- ret_err(_("only one tag allowed"));
-- else if (strstr(arg, "set:") == arg)
-- new->netid.net = opt_string_alloc(arg+4);
-+ {
-+ dhcp_context_free(new);
-+ ret_err(_("only one tag allowed"));
-+ }
- else
-- new->netid.net = opt_string_alloc(arg);
-+ new->netid.net = opt_string_alloc(set_prefix(arg));
- }
- arg = comma;
- }
-@@ -2806,7 +2916,10 @@ static int one_opt(int option, char *arg
- break;
-
- if (k < 2)
-- ret_err(_("bad dhcp-range"));
-+ {
-+ dhcp_context_free(new);
-+ ret_err(_("bad dhcp-range"));
-+ }
-
- if (inet_pton(AF_INET, a[0], &new->start))
- {
-@@ -2818,7 +2931,10 @@ static int one_opt(int option, char *arg
- else if (strcmp(a[1], "proxy") == 0)
- new->flags |= CONTEXT_PROXY;
- else if (!inet_pton(AF_INET, a[1], &new->end))
-- ret_err(_("bad dhcp-range"));
-+ {
-+ dhcp_context_free(new);
-+ ret_err(_("bad dhcp-range"));
-+ }
-
- if (ntohl(new->start.s_addr) > ntohl(new->end.s_addr))
- {
-@@ -2833,7 +2949,10 @@ static int one_opt(int option, char *arg
- new->flags |= CONTEXT_NETMASK;
- leasepos = 3;
- if (!is_same_net(new->start, new->end, new->netmask))
-- ret_err(_("inconsistent DHCP range"));
-+ {
-+ dhcp_context_free(new);
-+ ret_err(_("inconsistent DHCP range"));
-+ }
-
-
- if (k >= 4 && strchr(a[3], '.') &&
-@@ -2847,6 +2966,8 @@ static int one_opt(int option, char *arg
- #ifdef HAVE_DHCP6
- else if (inet_pton(AF_INET6, a[0], &new->start6))
- {
-+ const char *err = NULL;
-+
- new->flags |= CONTEXT_V6;
- new->prefix = 64; /* default */
- new->end6 = new->start6;
-@@ -2892,19 +3013,24 @@ static int one_opt(int option, char *arg
- }
- }
-
-- if (new->prefix != 64)
-+ if (new->prefix > 64)
- {
- if (new->flags & CONTEXT_RA)
-- ret_err(_("prefix length must be exactly 64 for RA subnets"));
-+ err=(_("prefix length must be exactly 64 for RA subnets"));
- else if (new->flags & CONTEXT_TEMPLATE)
-- ret_err(_("prefix length must be exactly 64 for subnet constructors"));
-+ err=(_("prefix length must be exactly 64 for subnet constructors"));
- }
--
-- if (new->prefix < 64)
-- ret_err(_("prefix length must be at least 64"));
-+ else if (new->prefix < 64)
-+ err=(_("prefix length must be at least 64"));
-
-- if (!is_same_net6(&new->start6, &new->end6, new->prefix))
-- ret_err(_("inconsistent DHCPv6 range"));
-+ if (!err && !is_same_net6(&new->start6, &new->end6, new->prefix))
-+ err=(_("inconsistent DHCPv6 range"));
-+
-+ if (err)
-+ {
-+ dhcp_context_free(new);
-+ ret_err(err);
-+ }
-
- /* dhcp-range=:: enables DHCP stateless on any interface */
- if (IN6_IS_ADDR_UNSPECIFIED(&new->start6) && !(new->flags & CONTEXT_TEMPLATE))
-@@ -2915,7 +3041,10 @@ static int one_opt(int option, char *arg
- struct in6_addr zero;
- memset(&zero, 0, sizeof(zero));
- if (!is_same_net6(&zero, &new->start6, new->prefix))
-- ret_err(_("prefix must be zero with \"constructor:\" argument"));
-+ {
-+ dhcp_context_free(new);
-+ ret_err(_("prefix must be zero with \"constructor:\" argument"));
-+ }
- }
-
- if (addr6part(&new->start6) > addr6part(&new->end6))
-@@ -2927,12 +3056,18 @@ static int one_opt(int option, char *arg
- }
- #endif
- else
-- ret_err(_("bad dhcp-range"));
-+ {
-+ dhcp_context_free(new);
-+ ret_err(_("bad dhcp-range"));
-+ }
-
- if (leasepos < k)
- {
- if (leasepos != k-1)
-- ret_err(_("bad dhcp-range"));
-+ {
-+ dhcp_context_free(new);
-+ ret_err(_("bad dhcp-range"));
-+ }
-
- if (strcmp(a[leasepos], "infinite") == 0)
- new->lease_time = 0xffffffff;
-@@ -2971,7 +3106,7 @@ static int one_opt(int option, char *arg
- break;
-
- if (*cp || (leasepos+1 < k))
-- ret_err(_("bad dhcp-range"));
-+ ret_err_free(_("bad dhcp-range"), new);
-
- new->lease_time = atoi(a[leasepos]) * fac;
- /* Leases of a minute or less confuse
-@@ -2998,6 +3133,7 @@ static int one_opt(int option, char *arg
- new->flags = (option == LOPT_BANK) ? CONFIG_BANK : 0;
- new->hwaddr = NULL;
- new->netid = NULL;
-+ new->clid = NULL;
-
- if ((a[0] = arg))
- for (k = 1; k < 7; k++)
-@@ -3028,7 +3164,10 @@ static int one_opt(int option, char *arg
- }
-
- if (len == -1)
-- ret_err(_("bad hex constant"));
-+ {
-+ dhcp_config_free(new);
-+ ret_err(_("bad hex constant"));
-+ }
- else if ((new->clid = opt_malloc(len)))
- {
- new->flags |= CONFIG_CLID;
-@@ -3040,17 +3179,17 @@ static int one_opt(int option, char *arg
- /* dhcp-host has strange backwards-compat needs. */
- else if (strstr(arg, "net:") == arg || strstr(arg, "set:") == arg)
- {
-- struct dhcp_netid *newtag = opt_malloc(sizeof(struct dhcp_netid));
- struct dhcp_netid_list *newlist = opt_malloc(sizeof(struct dhcp_netid_list));
-- newtag->net = opt_malloc(strlen(arg + 4) + 1);
- newlist->next = new->netid;
- new->netid = newlist;
-- newlist->list = newtag;
-- strcpy(newtag->net, arg+4);
-- unhide_metas(newtag->net);
-+ newlist->list = dhcp_netid_create(arg+4, NULL);
- }
- else if (strstr(arg, "tag:") == arg)
-- ret_err(_("cannot match tags in --dhcp-host"));
-+ {
-+
-+ dhcp_config_free(new);
-+ ret_err(_("cannot match tags in --dhcp-host"));
-+ }
- #ifdef HAVE_DHCP6
- else if (arg[0] == '[' && arg[strlen(arg)-1] == ']')
- {
-@@ -3058,7 +3197,10 @@ static int one_opt(int option, char *arg
- arg++;
-
- if (!inet_pton(AF_INET6, arg, &new->addr6))
-- ret_err(_("bad IPv6 address"));
-+ {
-+ dhcp_config_free(new);
-+ ret_err(_("bad IPv6 address"));
-+ }
-
- for (i= 0; i < 8; i++)
- if (new->addr6.s6_addr[i] != 0)
-@@ -3076,10 +3218,13 @@ static int one_opt(int option, char *arg
- struct hwaddr_config *newhw = opt_malloc(sizeof(struct hwaddr_config));
- if ((newhw->hwaddr_len = parse_hex(a[j], newhw->hwaddr, DHCP_CHADDR_MAX,
- &newhw->wildcard_mask, &newhw->hwaddr_type)) == -1)
-- ret_err(_("bad hex constant"));
-+ {
-+ free(newhw);
-+ dhcp_config_free(new);
-+ ret_err(_("bad hex constant"));
-+ }
- else
- {
--
- newhw->next = new->hwaddr;
- new->hwaddr = newhw;
- }
-@@ -3156,7 +3301,10 @@ static int one_opt(int option, char *arg
- {
- if (!(new->hostname = canonicalise_opt(a[j])) ||
- !legal_hostname(new->hostname))
-- ret_err(_("bad DHCP host name"));
-+ {
-+ dhcp_config_free(new);
-+ ret_err(_("bad DHCP host name"));
-+ }
-
- new->flags |= CONFIG_NAME;
- new->domain = strip_hostname(new->hostname);
-@@ -3209,10 +3357,7 @@ static int one_opt(int option, char *arg
- }
- else
- {
-- struct dhcp_netid *newtag = opt_malloc(sizeof(struct dhcp_netid));
-- newtag->net = opt_malloc(len - 3);
-- strcpy(newtag->net, arg+4);
-- unhide_metas(newtag->net);
-+ struct dhcp_netid *newtag = dhcp_netid_create(arg+4, NULL);
-
- if (strstr(arg, "set:") == arg)
- {
-@@ -3229,7 +3374,7 @@ static int one_opt(int option, char *arg
- else
- {
- new->set = NULL;
-- free(newtag);
-+ dhcp_netid_free(newtag);
- break;
- }
- }
-@@ -3238,7 +3383,11 @@ static int one_opt(int option, char *arg
- }
-
- if (!new->set)
-- ret_err(_("bad tag-if"));
-+ {
-+ dhcp_netid_free(new->tag);
-+ dhcp_netid_list_free(new->set);
-+ ret_err_free(_("bad tag-if"), new);
-+ }
-
- break;
- }
-@@ -3281,19 +3430,12 @@ static int one_opt(int option, char *arg
-
- case 'M': /* --dhcp-boot */
- {
-- struct dhcp_netid *id = NULL;
-- while (is_tag_prefix(arg))
-- {
-- struct dhcp_netid *newid = opt_malloc(sizeof(struct dhcp_netid));
-- newid->next = id;
-- id = newid;
-- comma = split(arg);
-- newid->net = opt_string_alloc(arg+4);
-- arg = comma;
-- };
-+ struct dhcp_netid *id = dhcp_tags(&arg);
-
-- if (!arg)
-- ret_err(gen_err);
-+ if (!id)
-+ {
-+ ret_err(gen_err);
-+ }
- else
- {
- char *dhcp_file, *dhcp_sname = NULL, *tftp_sname = NULL;
-@@ -3339,19 +3481,12 @@ static int one_opt(int option, char *arg
-
- case LOPT_REPLY_DELAY: /* --dhcp-reply-delay */
- {
-- struct dhcp_netid *id = NULL;
-- while (is_tag_prefix(arg))
-- {
-- struct dhcp_netid *newid = opt_malloc(sizeof(struct dhcp_netid));
-- newid->next = id;
-- id = newid;
-- comma = split(arg);
-- newid->net = opt_string_alloc(arg+4);
-- arg = comma;
-- };
-+ struct dhcp_netid *id = dhcp_tags(&arg);
-
-- if (!arg)
-- ret_err(gen_err);
-+ if (!id)
-+ {
-+ ret_err(gen_err);
-+ }
- else
- {
- struct delay_config *new;
-@@ -3376,19 +3511,13 @@ static int one_opt(int option, char *arg
-
- new->netid = NULL;
- new->opt = 10; /* PXE_MENU_PROMPT */
--
-- while (is_tag_prefix(arg))
-- {
-- struct dhcp_netid *nn = opt_malloc(sizeof (struct dhcp_netid));
-- comma = split(arg);
-- nn->next = new->netid;
-- new->netid = nn;
-- nn->net = opt_string_alloc(arg+4);
-- arg = comma;
-- }
-+ new->netid = dhcp_tags(&arg);
-
-- if (!arg)
-- ret_err(gen_err);
-+ if (!new->netid)
-+ {
-+ dhcp_opt_free(new);
-+ ret_err(gen_err);
-+ }
- else
- {
- comma = split(arg);
-@@ -3424,17 +3553,8 @@ static int one_opt(int option, char *arg
- new->netid = NULL;
- new->sname = NULL;
- new->server.s_addr = 0;
-+ new->netid = dhcp_tags(&arg);
-
-- while (is_tag_prefix(arg))
-- {
-- struct dhcp_netid *nn = opt_malloc(sizeof (struct dhcp_netid));
-- comma = split(arg);
-- nn->next = new->netid;
-- new->netid = nn;
-- nn->net = opt_string_alloc(arg+4);
-- arg = comma;
-- }
--
- if (arg && (comma = split(arg)))
- {
- for (i = 0; CSA[i]; i++)
-@@ -3511,7 +3631,10 @@ static int one_opt(int option, char *arg
- unhide_metas(comma);
- new->hwaddr_len = parse_hex(comma, new->hwaddr, DHCP_CHADDR_MAX, &new->mask, &new->hwaddr_type);
- if (new->hwaddr_len == -1)
-- ret_err(gen_err);
-+ {
-+ free(new->netid.net);
-+ ret_err_free(gen_err, new);
-+ }
- else
- {
- new->next = daemon->dhcp_macs;
-@@ -3528,7 +3651,7 @@ static int one_opt(int option, char *arg
-
- if (!(comma = split(arg)) ||
- !atoi_check16(comma, &new->class))
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
-
- new->tag.net = opt_string_alloc(set_prefix(arg));
- new->next = daemon->prefix_classes;
-@@ -3550,7 +3673,7 @@ static int one_opt(int option, char *arg
- struct dhcp_vendor *new = opt_malloc(sizeof(struct dhcp_vendor));
-
- if (!(comma = split(arg)))
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
-
- new->netid.net = opt_string_alloc(set_prefix(arg));
- /* check for hex string - must digits may include : must not have nothing else,
-@@ -3560,7 +3683,10 @@ static int one_opt(int option, char *arg
- if ((comma = split(arg)))
- {
- if (option != 'U' || strstr(arg, "enterprise:") != arg)
-- ret_err(gen_err);
-+ {
-+ free(new->netid.net);
-+ ret_err_free(gen_err, new);
-+ }
- else
- new->enterprise = atoi(arg+11);
- }
-@@ -3662,14 +3788,8 @@ static int one_opt(int option, char *arg
- }
-
- while (arg) {
-- struct dhcp_netid *member = opt_malloc(sizeof(struct dhcp_netid));
- comma = split(arg);
-- member->next = list;
-- list = member;
-- if (is_tag_prefix(arg))
-- member->net = opt_string_alloc(arg+4);
-- else
-- member->net = opt_string_alloc(arg);
-+ list = dhcp_netid_create(is_tag_prefix(arg) ? arg+4 :arg, list);
- arg = comma;
- }
-
-@@ -3683,7 +3803,7 @@ static int one_opt(int option, char *arg
- struct addr_list *new = opt_malloc(sizeof(struct addr_list));
- comma = split(arg);
- if (!(inet_pton(AF_INET, arg, &new->addr) > 0))
-- ret_err(_("bad dhcp-proxy address"));
-+ ret_err_free(_("bad dhcp-proxy address"), new);
- new->next = daemon->override_relays;
- daemon->override_relays = new;
- arg = comma;
-@@ -3709,7 +3829,10 @@ static int one_opt(int option, char *arg
- }
- #endif
- else
-- ret_err(_("Bad dhcp-relay"));
-+ {
-+ free(new->interface);
-+ ret_err_free(_("Bad dhcp-relay"), new);
-+ }
-
- break;
- }
-@@ -3749,8 +3872,11 @@ static int one_opt(int option, char *arg
- arg = split(comma);
- if (!atoi_check(comma, &new->interval) ||
- (arg && !atoi_check(arg, &new->lifetime)))
-+ {
- err:
-- ret_err(_("bad RA-params"));
-+ free(new->name);
-+ ret_err_free(_("bad RA-params"), new);
-+ }
-
- new->next = daemon->ra_interfaces;
- daemon->ra_interfaces = new;
-@@ -3799,7 +3925,7 @@ err:
- (!(inet_pton(AF_INET, dash, &new->end) > 0) ||
- !is_same_net(new->in, new->end, new->mask) ||
- ntohl(new->in.s_addr) > ntohl(new->end.s_addr)))
-- ret_err(_("invalid alias range"));
-+ ret_err_free(_("invalid alias range"), new);
-
- break;
- }
-@@ -3832,7 +3958,7 @@ err:
- else if (strcmp(arg, "6") == 0)
- new->family = AF_INET6;
- else
-- ret_err(gen_err);
-+ ret_err_free(gen_err, new);
- }
- new->intr = opt_string_alloc(comma);
- break;
-@@ -3864,11 +3990,19 @@ err:
- alias = canonicalise_opt(arg);
-
- if (!alias || !target)
-- ret_err(_("bad CNAME"));
-+ {
-+ free(target);
-+ free(alias);
-+ ret_err(_("bad CNAME"));
-+ }
-
- for (new = daemon->cnames; new; new = new->next)
- if (hostname_isequal(new->alias, alias))
-- ret_err(_("duplicate CNAME"));
-+ {
-+ free(target);
-+ free(alias);
-+ ret_err(_("duplicate CNAME"));
-+ }
- new = opt_malloc(sizeof(struct cname));
- new->next = daemon->cnames;
- daemon->cnames = new;
-@@ -3891,7 +4025,11 @@ err:
-
- if (!(dom = canonicalise_opt(arg)) ||
- (comma && !(target = canonicalise_opt(comma))))
-- ret_err(_("bad PTR record"));
-+ {
-+ free(dom);
-+ free(target);
-+ ret_err(_("bad PTR record"));
-+ }
- else
- {
- new = opt_malloc(sizeof(struct ptr_record));
-@@ -3909,7 +4047,7 @@ err:
- int k = 0;
- struct naptr *new;
- int order, pref;
-- char *name, *replace = NULL;
-+ char *name=NULL, *replace = NULL;
-
- if ((a[0] = arg))
- for (k = 1; k < 7; k++)
-@@ -3922,7 +4060,11 @@ err:
- !atoi_check16(a[1], &order) ||
- !atoi_check16(a[2], &pref) ||
- (k == 7 && !(replace = canonicalise_opt(a[6]))))
-- ret_err(_("bad NAPTR record"));
-+ {
-+ free(name);
-+ free(replace);
-+ ret_err(_("bad NAPTR record"));
-+ }
- else
- {
- new = opt_malloc(sizeof(struct naptr));
-@@ -3944,22 +4086,26 @@ err:
- struct txt_record *new;
- size_t len = 0;
- char *data;
-- int val;
-+ int class;
-
- comma = split(arg);
- data = split(comma);
-
- new = opt_malloc(sizeof(struct txt_record));
-- new->next = daemon->rr;
-- daemon->rr = new;
-+ new->name = NULL;
-
-- if (!atoi_check(comma, &val) ||
-+ if (!atoi_check(comma, &class) ||
- !(new->name = canonicalise_opt(arg)) ||
- (data && (len = parse_hex(data, (unsigned char *)data, -1, NULL, NULL)) == -1U))
-- ret_err(_("bad RR record"));
--
-- new->class = val;
-+ {
-+ free(new->name);
-+ ret_err_free(_("bad RR record"), new);
-+ }
-+
- new->len = 0;
-+ new->class = class;
-+ new->next = daemon->rr;
-+ daemon->rr = new;
-
- if (data)
- {
-@@ -4011,14 +4157,14 @@ err:
- comma = split(arg);
-
- new = opt_malloc(sizeof(struct txt_record));
-- new->next = daemon->txt;
-- daemon->txt = new;
- new->class = C_IN;
- new->stat = 0;
-
- if (!(new->name = canonicalise_opt(arg)))
-- ret_err(_("bad TXT record"));
-+ ret_err_free(_("bad TXT record"), new);
-
-+ new->next = daemon->txt;
-+ daemon->txt = new;
- len = comma ? strlen(comma) : 0;
- len += (len/255) + 1; /* room for extra counts */
- new->txt = p = opt_malloc(len);
-@@ -4065,24 +4211,32 @@ err:
- arg = comma;
- comma = split(arg);
- if (!(target = canonicalise_opt(arg)))
-- ret_err(_("bad SRV target"));
-+ ret_err_free(_("bad SRV target"), name);
-
- if (comma)
- {
- arg = comma;
- comma = split(arg);
- if (!atoi_check16(arg, &port))
-- ret_err(_("invalid port number"));
-+ {
-+ free(name);
-+ ret_err_free(_("invalid port number"), target);
-+ }
-
- if (comma)
- {
- arg = comma;
- comma = split(arg);
- if (!atoi_check16(arg, &priority))
-- ret_err(_("invalid priority"));
--
-+ {
-+ free(name);
-+ ret_err_free(_("invalid priority"), target);
-+ }
- if (comma && !atoi_check16(comma, &weight))
-- ret_err(_("invalid weight"));
-+ {
-+ free(name);
-+ ret_err_free(_("invalid weight"), target);
-+ }
- }
- }
- }
-@@ -4101,13 +4255,15 @@ err:
-
- case LOPT_HOST_REC: /* --host-record */
- {
-- struct host_record *new = opt_malloc(sizeof(struct host_record));
-- memset(new, 0, sizeof(struct host_record));
-- new->ttl = -1;
-+ struct host_record *new;
-
- if (!arg || !(comma = split(arg)))
- ret_err(_("Bad host-record"));
-
-+ new = opt_malloc(sizeof(struct host_record));
-+ memset(new, 0, sizeof(struct host_record));
-+ new->ttl = -1;
-+
- while (arg)
- {
- struct all_addr addr;
-@@ -4126,10 +4282,19 @@ err:
- {
- int nomem;
- char *canon = canonicalise(arg, &nomem);
-- struct name_list *nl = opt_malloc(sizeof(struct name_list));
-+ struct name_list *nl;
- if (!canon)
-- ret_err(_("Bad name in host-record"));
-+ {
-+ struct name_list *tmp = new->names, *next;
-+ for (tmp = new->names; tmp; tmp = next)
-+ {
-+ next = tmp->next;
-+ free(tmp);
-+ }
-+ ret_err_free(_("Bad name in host-record"), new);
-+ }
-
-+ nl = opt_malloc(sizeof(struct name_list));
- nl->name = canon;
- /* keep order, so that PTR record goes to first name */
- nl->next = NULL;
-@@ -4179,6 +4344,7 @@ err:
- int len;
-
- new->class = C_IN;
-+ new->name = NULL;
-
- if ((comma = split(arg)) && (algo = split(comma)))
- {
-@@ -4203,7 +4369,7 @@ err:
- !atoi_check8(algo, &new->algo) ||
- !atoi_check8(digest, &new->digest_type) ||
- !(new->name = canonicalise_opt(arg)))
-- ret_err(_("bad trust anchor"));
-+ ret_err_free(_("bad trust anchor"), new);
-
- /* Upper bound on length */
- len = (2*strlen(keyhex))+1;
-@@ -4217,7 +4383,10 @@ err:
- else
- cp++;
- if ((new->digestlen = parse_hex(keyhex, (unsigned char *)new->digest, len, NULL, NULL)) == -1)
-- ret_err(_("bad HEX in trust anchor"));
-+ {
-+ free(new->name);
-+ ret_err_free(_("bad HEX in trust anchor"), new);
-+ }
-
- new->next = daemon->ds;
- daemon->ds = new;
-@@ -4686,8 +4855,8 @@ void read_opts(int argc, char **argv, ch
- size_t argbuf_size = MAXDNAME;
- char *argbuf = opt_malloc(argbuf_size);
- char *buff = opt_malloc(MAXDNAME);
-- int option, conffile_opt = '7', testmode = 0;
-- char *arg, *conffile = CONFFILE;
-+ int option, testmode = 0;
-+ char *arg, *conffile = NULL;
-
- opterr = 0;
-
-@@ -4796,7 +4965,8 @@ void read_opts(int argc, char **argv, ch
- }
- else if (option == 'C')
- {
-- conffile_opt = 0; /* file must exist */
-+ if (conffile)
-+ free(conffile);
- conffile = opt_string_alloc(arg);
- }
- else
-@@ -4814,10 +4984,11 @@ void read_opts(int argc, char **argv, ch
-
- if (conffile)
- {
-- one_file(conffile, conffile_opt);
-- if (conffile_opt == 0)
-- free(conffile);
-+ one_file(conffile, 0);
-+ free(conffile);
- }
-+ else
-+ one_file(CONFFILE, '7');
-
- /* port might not be known when the address is parsed - fill in here */
- if (daemon->servers)
+++ /dev/null
-From 07e25da5bf26d46aad4f1d2eb19b260789182004 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Sun, 16 Dec 2018 18:21:58 +0000
-Subject: [PATCH 13/32] Treat DS and DNSKEY queries being forwarded the same as
- those locally originated.
-
-The queries will not be forwarded to a server for a domain, unless
-there's a trust anchor provided for that domain. This allows, especially,
-suitable proof of non-existance for DS records to come from
-the parent domain for domains which are not signed.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/rfc1035.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
---- a/src/rfc1035.c
-+++ b/src/rfc1035.c
-@@ -916,6 +916,13 @@ unsigned int extract_request(struct dns_
- if (qtype == T_ANY)
- return F_IPV4 | F_IPV6;
- }
-+
-+ /* F_DNSSECOK as agument to search_servers() inhibits forwarding
-+ to servers for domains without a trust anchor. This make the
-+ behaviour for DS and DNSKEY queries we forward the same
-+ as for DS and DNSKEY queries we originate. */
-+ if (qtype == T_DS || qtype == T_DNSKEY)
-+ return F_DNSSECOK;
-
- return F_QUERY;
- }
+++ /dev/null
-From 137e9f878fafb38369eab7d9dfe84e4228ff5f89 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
-Date: Sun, 16 Dec 2018 21:25:29 +0000
-Subject: [PATCH 14/32] Fix option parsing errors introduced in
- 59e470381f84f2fdf0640c7bc67827f3f0c64784
-
-Thanks to Kevin Darbyshire-Bryant for spotting this.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/option.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
---- a/src/option.c
-+++ b/src/option.c
-@@ -3432,7 +3432,7 @@ static int one_opt(int option, char *arg
- {
- struct dhcp_netid *id = dhcp_tags(&arg);
-
-- if (!id)
-+ if (!arg)
- {
- ret_err(gen_err);
- }
-@@ -3483,7 +3483,7 @@ static int one_opt(int option, char *arg
- {
- struct dhcp_netid *id = dhcp_tags(&arg);
-
-- if (!id)
-+ if (!arg)
- {
- ret_err(gen_err);
- }
-@@ -3513,7 +3513,7 @@ static int one_opt(int option, char *arg
- new->opt = 10; /* PXE_MENU_PROMPT */
- new->netid = dhcp_tags(&arg);
-
-- if (!new->netid)
-+ if (!arg)
- {
- dhcp_opt_free(new);
- ret_err(gen_err);
+++ /dev/null
-From 3becf468bad699bfdcb2d18d553bc72d4c79e23c Mon Sep 17 00:00:00 2001
-From: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
-Date: Wed, 12 Dec 2018 12:00:19 +0000
-Subject: [PATCH 15/32] fix ipv6 ipset bug in master
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Hi Simon,
-
-Another one fallen out of the openwrt tree shake :-)
-
-ipv6 ipset addresses weren’t being set correctly. patch attached
-
-Cheers,
-
-Kevin D-B
-
-012C ACB2 28C6 C53E 9775 9123 B3A2 389B 9DE2 334A
-From b50fc0491e374186f982b019f293379955afd203 Mon Sep 17 00:00:00 2001
-From: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
-Date: Wed, 12 Dec 2018 11:35:12 +0000
-Subject: [PATCH] ipset fix ternary order swap
-
-ee87504 Remove ability to compile without IPv6 support introduced a
-ternary operator for ip address size. Unfortunately the true/false
-order was incorrect which meant ipv6 ipset addresses were added
-incorrectly.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/ipset.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/src/ipset.c
-+++ b/src/ipset.c
-@@ -120,7 +120,7 @@ static int new_add_to_ipset(const char *
- struct my_nfgenmsg *nfg;
- struct my_nlattr *nested[2];
- uint8_t proto;
-- int addrsz = (af == AF_INET6) ? INADDRSZ : IN6ADDRSZ;
-+ int addrsz = (af == AF_INET6) ? IN6ADDRSZ : INADDRSZ;
-
- if (strlen(setname) >= IPSET_MAXNAMELEN)
- {
+++ /dev/null
-From b683cf37f9f3dd3dc5d95d621ee75850d559b2e4 Mon Sep 17 00:00:00 2001
-From: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
-Date: Mon, 10 Dec 2018 10:34:35 +0000
-Subject: [PATCH 16/32] build failure on master with NO_DHCPv6 and fix....
-
-Hi Simon,
-
-master has a build error when building without HAVE_DHCPv6
-
-option.c: In function 'dhcp_context_free':
-option.c:1042:15: error: 'struct dhcp_context' has no member named 'template_interface'
- free(ctx->template_interface);
-
-Sadly, need to put in a little conditional compilation ifdef'erey
-
-Simplest patch in the world attached
-
-Cheers,
-
-Kevin D-B
-
-012C ACB2 28C6 C53E 9775 9123 B3A2 389B 9DE2 334A
-
-From 061eb8599636bb360e0b7fa5986935b86db39497 Mon Sep 17 00:00:00 2001
-From: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
-Date: Mon, 10 Dec 2018 10:07:33 +0000
-Subject: [PATCH] option: fix non DHCPv6 build error
-
-option.c: In function 'dhcp_context_free':
-option.c:1042:15: error: 'struct dhcp_context' has no member named 'template_interface'
- free(ctx->template_interface);
- ^~
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/option.c | 2 ++
- 1 file changed, 2 insertions(+)
-
---- a/src/option.c
-+++ b/src/option.c
-@@ -1039,7 +1039,9 @@ static void dhcp_context_free(struct dhc
- {
- dhcp_netid_free(ctx->filter);
- free(ctx->netid.net);
-+#ifdef HAVE_DHCP6
- free(ctx->template_interface);
-+#endif
- free(ctx);
- }
- }
+++ /dev/null
-From e7bfd556c079c8b5e7425aed44abc35925b24043 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Mon, 31 Dec 2018 20:51:15 +0000
-Subject: [PATCH 17/32] Alter DHCP address selection after DECLINE in
- consec-addr mode. Avoid offering the same address after a recieving a DECLINE
- message to stop an infinite protocol loop. This has long been done in default
- address allocation mode: this adds similar behaviour when allocaing addresses
- consecutively.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/dhcp.c | 13 +++++++++++++
- src/dhcp6.c | 11 +++++++++--
- 2 files changed, 22 insertions(+), 2 deletions(-)
-
---- a/src/dhcp.c
-+++ b/src/dhcp.c
-@@ -754,6 +754,19 @@ int address_allocate(struct dhcp_context
- if (addr.s_addr == d->router.s_addr)
- break;
-
-+ /* in consec-ip mode, skip addresses equal to
-+ the number of addresses rejected by clients. This
-+ should avoid the same client being offered the same
-+ address after it has rjected it. */
-+ if (option_bool(OPT_CONSEC_ADDR))
-+ {
-+ if (c->addr_epoch)
-+ {
-+ c->addr_epoch--;
-+ d = context; /* d non-NULL skips the address. */
-+ }
-+ }
-+
- /* Addresses which end in .255 and .0 are broken in Windows even when using
- supernetting. ie dhcp-range=192.168.0.1,192.168.1.254,255,255,254.0
- then 192.168.0.255 is a valid IP address, but not for Windows as it's
---- a/src/dhcp6.c
-+++ b/src/dhcp6.c
-@@ -431,8 +431,15 @@ struct dhcp_context *address6_allocate(s
- else
- {
- if (!temp_addr && option_bool(OPT_CONSEC_ADDR))
-- /* seed is largest extant lease addr in this context */
-- start = lease_find_max_addr6(c) + serial;
-+ {
-+ /* seed is largest extant lease addr in this context,
-+ skip addresses equal to the number of addresses rejected
-+ by clients. This should avoid the same client being offered the same
-+ address after it has rjected it. */
-+ start = lease_find_max_addr6(c) + serial + c->addr_epoch;
-+ if (c->addr_epoch)
-+ c->addr_epoch--;
-+ }
- else
- {
- u64 range = 1 + addr6part(&c->end6) - addr6part(&c->start6);
+++ /dev/null
-From bde46476ee06c96e821653dfdb8fa11fe7326998 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Mon, 31 Dec 2018 23:28:24 +0000
-Subject: [PATCH 18/32] Tidy all_addr union, merge log and rcode fields.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/cache.c | 2 +-
- src/dnsmasq.h | 6 +-----
- src/forward.c | 2 +-
- src/rfc1035.c | 6 +++---
- 4 files changed, 6 insertions(+), 10 deletions(-)
-
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -1926,7 +1926,7 @@ void log_query(unsigned int flags, char
- sprintf(daemon->addrbuff, arg, addr->addr.log.keytag, addr->addr.log.algo, addr->addr.log.digest);
- else if (flags & F_RCODE)
- {
-- unsigned int rcode = addr->addr.rcode.rcode;
-+ unsigned int rcode = addr->addr.log.rcode;
-
- if (rcode == SERVFAIL)
- dest = "SERVFAIL";
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -279,12 +279,8 @@ struct all_addr {
- struct in6_addr addr6;
- /* for log_query */
- struct {
-- unsigned short keytag, algo, digest;
-+ unsigned short keytag, algo, digest, rcode;
- } log;
-- /* for log_query */
-- struct {
-- unsigned int rcode;
-- } rcode;
- /* for cache_insert of DNSKEY, DS */
- struct {
- unsigned short class, type;
---- a/src/forward.c
-+++ b/src/forward.c
-@@ -658,7 +658,7 @@ static size_t process_reply(struct dns_h
- if (rcode != NOERROR && rcode != NXDOMAIN)
- {
- struct all_addr a;
-- a.addr.rcode.rcode = rcode;
-+ a.addr.log.rcode = rcode;
- log_query(F_UPSTREAM | F_RCODE, "error", &a, NULL);
-
- return resize_packet(header, n, pheader, plen);
---- a/src/rfc1035.c
-+++ b/src/rfc1035.c
-@@ -950,7 +950,7 @@ size_t setup_reply(struct dns_header *he
- else if (flags == F_SERVFAIL)
- {
- struct all_addr a;
-- a.addr.rcode.rcode = SERVFAIL;
-+ a.addr.log.rcode = SERVFAIL;
- log_query(F_CONFIG | F_RCODE, "error", &a, NULL);
- SET_RCODE(header, SERVFAIL);
- }
-@@ -975,7 +975,7 @@ size_t setup_reply(struct dns_header *he
- else /* nowhere to forward to */
- {
- struct all_addr a;
-- a.addr.rcode.rcode = REFUSED;
-+ a.addr.log.rcode = REFUSED;
- log_query(F_CONFIG | F_RCODE, "error", &a, NULL);
- SET_RCODE(header, REFUSED);
- }
-@@ -1374,7 +1374,7 @@ size_t answer_request(struct dns_header
- notimp = 1, auth = 0;
- if (!dryrun)
- {
-- addr.addr.rcode.rcode = NOTIMP;
-+ addr.addr.log.rcode = NOTIMP;
- log_query(F_CONFIG | F_RCODE, name, &addr, NULL);
- }
- ans = 1, sec_data = 0;
+++ /dev/null
-From 65a01b71bb433c9466e4c78a73a8d8ed218ed4e8 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Mon, 31 Dec 2018 23:56:33 +0000
-Subject: [PATCH 19/32] Tidy address-union handling: move class into explicit
- argument.
-
-This moves the class argument to cache-insert into an argument,
-rather then overloading a union in the address argument. Note that
-tha class is NOT stored in the cache other than for DS/DNSKEY entries,
-so must always be C_IN except for these. The data-extraction code
-ensures this as it only attempts to cache C_IN class records.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/cache.c | 57 ++++++++++++++++++++++-----------------------------
- src/dnsmasq.h | 2 +-
- src/dnssec.c | 13 +++---------
- src/rfc1035.c | 12 +++++------
- 4 files changed, 34 insertions(+), 50 deletions(-)
-
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -26,7 +26,7 @@ static union bigname *big_free = NULL;
- static int bignames_left, hash_size;
-
- static void make_non_terminals(struct crec *source);
--static struct crec *really_insert(char *name, struct all_addr *addr,
-+static struct crec *really_insert(char *name, struct all_addr *addr, unsigned short class,
- time_t now, unsigned long ttl, unsigned short flags);
-
- /* type->string mapping: this is also used by the name-hash function as a mixing table. */
-@@ -330,8 +330,8 @@ static int is_expired(time_t now, struct
- return 1;
- }
-
--static struct crec *cache_scan_free(char *name, struct all_addr *addr, time_t now, unsigned short flags,
-- struct crec **target_crec, unsigned int *target_uid)
-+static struct crec *cache_scan_free(char *name, struct all_addr *addr, unsigned short class, time_t now,
-+ unsigned short flags, struct crec **target_crec, unsigned int *target_uid)
- {
- /* Scan and remove old entries.
- If (flags & F_FORWARD) then remove any forward entries for name and any expired
-@@ -350,6 +350,8 @@ static struct crec *cache_scan_free(char
- This entry will get re-used with the same name, to preserve CNAMEs. */
-
- struct crec *crecp, **up;
-+
-+ (void)class;
-
- if (flags & F_FORWARD)
- {
-@@ -381,7 +383,7 @@ static struct crec *cache_scan_free(char
-
- #ifdef HAVE_DNSSEC
- /* Deletion has to be class-sensitive for DS and DNSKEY */
-- if ((flags & crecp->flags & (F_DNSKEY | F_DS)) && crecp->uid == addr->addr.dnssec.class)
-+ if ((flags & crecp->flags & (F_DNSKEY | F_DS)) && crecp->uid == class)
- {
- if (crecp->flags & F_CONFIG)
- return crecp;
-@@ -464,7 +466,7 @@ void cache_start_insert(void)
- insert_error = 0;
- }
-
--struct crec *cache_insert(char *name, struct all_addr *addr,
-+struct crec *cache_insert(char *name, struct all_addr *addr, unsigned short class,
- time_t now, unsigned long ttl, unsigned short flags)
- {
- /* Don't log DNSSEC records here, done elsewhere */
-@@ -478,11 +480,11 @@ struct crec *cache_insert(char *name, st
- ttl = daemon->min_cache_ttl;
- }
-
-- return really_insert(name, addr, now, ttl, flags);
-+ return really_insert(name, addr, class, now, ttl, flags);
- }
-
-
--static struct crec *really_insert(char *name, struct all_addr *addr,
-+static struct crec *really_insert(char *name, struct all_addr *addr, unsigned short class,
- time_t now, unsigned long ttl, unsigned short flags)
- {
- struct crec *new, *target_crec = NULL;
-@@ -497,7 +499,7 @@ static struct crec *really_insert(char *
-
- /* First remove any expired entries and entries for the name/address we
- are currently inserting. */
-- if ((new = cache_scan_free(name, addr, now, flags, &target_crec, &target_uid)))
-+ if ((new = cache_scan_free(name, addr, class, now, flags, &target_crec, &target_uid)))
- {
- /* We're trying to insert a record over one from
- /etc/hosts or DHCP, or other config. If the
-@@ -553,21 +555,14 @@ static struct crec *really_insert(char *
-
- if (freed_all)
- {
-- struct all_addr free_addr = new->addr.addr;;
--
--#ifdef HAVE_DNSSEC
-- /* For DNSSEC records, addr holds class. */
-- if (new->flags & (F_DS | F_DNSKEY))
-- free_addr.addr.dnssec.class = new->uid;
--#endif
--
-+ /* For DNSSEC records, uid holds class. */
- free_avail = 1; /* Must be free space now. */
-- cache_scan_free(cache_get_name(new), &free_addr, now, new->flags, NULL, NULL);
-+ cache_scan_free(cache_get_name(new), &new->addr.addr, new->uid, now, new->flags, NULL, NULL);
- daemon->metrics[METRIC_DNS_CACHE_LIVE_FREED]++;
- }
- else
- {
-- cache_scan_free(NULL, NULL, now, 0, NULL, NULL);
-+ cache_scan_free(NULL, NULL, class, now, 0, NULL, NULL);
- freed_all = 1;
- }
- }
-@@ -615,15 +610,13 @@ static struct crec *really_insert(char *
- else
- *cache_get_name(new) = 0;
-
-- if (addr)
-- {
- #ifdef HAVE_DNSSEC
-- if (flags & (F_DS | F_DNSKEY))
-- new->uid = addr->addr.dnssec.class;
-- else
-+ if (flags & (F_DS | F_DNSKEY))
-+ new->uid = class;
- #endif
-- new->addr.addr = *addr;
-- }
-+
-+ if (addr)
-+ new->addr.addr = *addr;
-
- new->ttd = now + (time_t)ttl;
- new->next = new_chain;
-@@ -747,11 +740,11 @@ int cache_recv_insert(time_t now, int fd
- {
- if (!read_write(fd, (unsigned char *)&addr, sizeof(addr), 1))
- return 0;
-- crecp = really_insert(daemon->namebuff, &addr, now, ttl, flags);
-+ crecp = really_insert(daemon->namebuff, &addr, C_IN, now, ttl, flags);
- }
- else if (flags & F_CNAME)
- {
-- struct crec *newc = really_insert(daemon->namebuff, NULL, now, ttl, flags);
-+ struct crec *newc = really_insert(daemon->namebuff, NULL, C_IN, now, ttl, flags);
- /* This relies on the fact the the target of a CNAME immediately preceeds
- it because of the order of extraction in extract_addresses, and
- the order reversal on the new_chain. */
-@@ -780,10 +773,8 @@ int cache_recv_insert(time_t now, int fd
-
- if (!read_write(fd, (unsigned char *)&class, sizeof(class), 1))
- return 0;
-- /* Cache needs to known class for DNSSEC stuff */
-- addr.addr.dnssec.class = class;
--
-- crecp = really_insert(daemon->namebuff, &addr, now, ttl, flags);
-+
-+ crecp = really_insert(daemon->namebuff, NULL, class, now, ttl, flags);
-
- if (flags & F_DNSKEY)
- {
-@@ -1463,7 +1454,7 @@ void cache_add_dhcp_entry(char *host_nam
- }
- else if (!(crec->flags & F_DHCP))
- {
-- cache_scan_free(host_name, NULL, 0, crec->flags & (flags | F_CNAME | F_FORWARD), NULL, NULL);
-+ cache_scan_free(host_name, NULL, C_IN, 0, crec->flags & (flags | F_CNAME | F_FORWARD), NULL, NULL);
- /* scan_free deletes all addresses associated with name */
- break;
- }
-@@ -1490,7 +1481,7 @@ void cache_add_dhcp_entry(char *host_nam
- if (crec->flags & F_NEG)
- {
- flags |= F_REVERSE;
-- cache_scan_free(NULL, (struct all_addr *)host_address, 0, flags, NULL, NULL);
-+ cache_scan_free(NULL, (struct all_addr *)host_address, C_IN, 0, flags, NULL, NULL);
- }
- }
- else
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -1144,7 +1144,7 @@ struct crec *cache_find_by_name(struct c
- void cache_end_insert(void);
- void cache_start_insert(void);
- int cache_recv_insert(time_t now, int fd);
--struct crec *cache_insert(char *name, struct all_addr *addr,
-+struct crec *cache_insert(char *name, struct all_addr *addr, unsigned short class,
- time_t now, unsigned long ttl, unsigned short flags);
- void cache_reload(void);
- void cache_add_dhcp_entry(char *host_name, int prot, struct all_addr *host_address, time_t ttd);
---- a/src/dnssec.c
-+++ b/src/dnssec.c
-@@ -798,12 +798,9 @@ int dnssec_validate_by_ds(time_t now, st
- algo = *p++;
- keytag = dnskey_keytag(algo, flags, p, rdlen - 4);
-
-- /* Cache needs to known class for DNSSEC stuff */
-- a.addr.dnssec.class = class;
--
- if ((key = blockdata_alloc((char*)p, rdlen - 4)))
- {
-- if (!(recp1 = cache_insert(name, &a, now, ttl, F_FORWARD | F_DNSKEY | F_DNSSECOK)))
-+ if (!(recp1 = cache_insert(name, &a, class, now, ttl, F_FORWARD | F_DNSKEY | F_DNSSECOK)))
- {
- blockdata_free(key);
- return STAT_BOGUS;
-@@ -927,12 +924,9 @@ int dnssec_validate_ds(time_t now, struc
- algo = *p++;
- digest = *p++;
-
-- /* Cache needs to known class for DNSSEC stuff */
-- a.addr.dnssec.class = class;
--
- if ((key = blockdata_alloc((char*)p, rdlen - 4)))
- {
-- if (!(crecp = cache_insert(name, &a, now, ttl, F_FORWARD | F_DS | F_DNSSECOK)))
-+ if (!(crecp = cache_insert(name, NULL, class, now, ttl, F_FORWARD | F_DS | F_DNSSECOK)))
- {
- blockdata_free(key);
- return STAT_BOGUS;
-@@ -1021,8 +1015,7 @@ int dnssec_validate_ds(time_t now, struc
- {
- cache_start_insert();
-
-- a.addr.dnssec.class = class;
-- if (!cache_insert(name, &a, now, ttl, flags))
-+ if (!cache_insert(name, NULL, class, now, ttl, flags))
- return STAT_BOGUS;
-
- cache_end_insert();
---- a/src/rfc1035.c
-+++ b/src/rfc1035.c
-@@ -701,7 +701,7 @@ int extract_addresses(struct dns_header
- goto cname_loop;
- }
-
-- cache_insert(name, &addr, now, cttl, name_encoding | secflag | F_REVERSE);
-+ cache_insert(name, &addr, C_IN, now, cttl, name_encoding | secflag | F_REVERSE);
- found = 1;
- }
-
-@@ -719,7 +719,7 @@ int extract_addresses(struct dns_header
- ttl = find_soa(header, qlen, NULL, doctored);
- }
- if (ttl)
-- cache_insert(NULL, &addr, now, ttl, name_encoding | F_REVERSE | F_NEG | flags | (secure ? F_DNSSECOK : 0));
-+ cache_insert(NULL, &addr, C_IN, now, ttl, name_encoding | F_REVERSE | F_NEG | flags | (secure ? F_DNSSECOK : 0));
- }
- }
- else
-@@ -773,7 +773,7 @@ int extract_addresses(struct dns_header
- {
- if (!cname_count--)
- return 0; /* looped CNAMES */
-- newc = cache_insert(name, NULL, now, attl, F_CNAME | F_FORWARD | secflag);
-+ newc = cache_insert(name, NULL, C_IN, now, attl, F_CNAME | F_FORWARD | secflag);
- if (newc)
- {
- newc->addr.cname.target.cache = NULL;
-@@ -833,7 +833,7 @@ int extract_addresses(struct dns_header
- }
- #endif
-
-- newc = cache_insert(name, &addr, now, attl, flags | F_FORWARD | secflag);
-+ newc = cache_insert(name, &addr, C_IN, now, attl, flags | F_FORWARD | secflag);
- if (newc && cpp)
- {
- next_uid(newc);
-@@ -860,7 +860,7 @@ int extract_addresses(struct dns_header
- pointing at this, inherit its TTL */
- if (ttl || cpp)
- {
-- newc = cache_insert(name, NULL, now, ttl ? ttl : cttl, F_FORWARD | F_NEG | flags | (secure ? F_DNSSECOK : 0));
-+ newc = cache_insert(name, NULL, C_IN, now, ttl ? ttl : cttl, F_FORWARD | F_NEG | flags | (secure ? F_DNSSECOK : 0));
- if (newc && cpp)
- {
- next_uid(newc);
-@@ -1054,7 +1054,7 @@ int check_for_bogus_wildcard(struct dns_
- /* Found a bogus address. Insert that info here, since there no SOA record
- to get the ttl from in the normal processing */
- cache_start_insert();
-- cache_insert(name, NULL, now, ttl, F_IPV4 | F_FORWARD | F_NEG | F_NXDOMAIN);
-+ cache_insert(name, NULL, C_IN, now, ttl, F_IPV4 | F_FORWARD | F_NEG | F_NXDOMAIN);
- cache_end_insert();
-
- return 1;
+++ /dev/null
-From ab194ed7ca433e4e2e8b2ec338bfa4e6aa886a4b Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Tue, 1 Jan 2019 01:35:30 +0000
-Subject: [PATCH 20/32] Futher address union tidying.
-
-Pass DNSKEY and DS data into cache_insert via the address argument,
-now these data types are included in struct all_addr.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/cache.c | 116 ++++++++++++++++----------------------------------
- src/dnsmasq.h | 26 +++++------
- src/dnssec.c | 53 +++++++++++------------
- 3 files changed, 73 insertions(+), 122 deletions(-)
-
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -202,9 +202,9 @@ static void cache_hash(struct crec *crec
- static void cache_blockdata_free(struct crec *crecp)
- {
- if (crecp->flags & F_DNSKEY)
-- blockdata_free(crecp->addr.key.keydata);
-+ blockdata_free(crecp->addr.addr.addr.key.keydata);
- else if ((crecp->flags & F_DS) && !(crecp->flags & F_NEG))
-- blockdata_free(crecp->addr.ds.keydata);
-+ blockdata_free(crecp->addr.addr.addr.ds.keydata);
- }
- #endif
-
-@@ -659,33 +659,22 @@ void cache_end_insert(void)
- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->ttd, sizeof(new_chain->ttd), 0);
- read_write(daemon->pipe_to_parent, (unsigned char *)&flags, sizeof(flags), 0);
-
-- if (flags & (F_IPV4 | F_IPV6))
-+ if (flags & (F_IPV4 | F_IPV6 | F_DNSKEY | F_DS))
- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr, sizeof(new_chain->addr), 0);
- #ifdef HAVE_DNSSEC
-- else if (flags & F_DNSKEY)
-+ if (flags & F_DNSKEY)
- {
- read_write(daemon->pipe_to_parent, (unsigned char *)&class, sizeof(class), 0);
-- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.key.algo, sizeof(new_chain->addr.key.algo), 0);
-- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.key.keytag, sizeof(new_chain->addr.key.keytag), 0);
-- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.key.flags, sizeof(new_chain->addr.key.flags), 0);
-- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.key.keylen, sizeof(new_chain->addr.key.keylen), 0);
-- blockdata_write(new_chain->addr.key.keydata, new_chain->addr.key.keylen, daemon->pipe_to_parent);
-+ blockdata_write(new_chain->addr.addr.addr.key.keydata, new_chain->addr.addr.addr.key.keylen, daemon->pipe_to_parent);
- }
- else if (flags & F_DS)
- {
- read_write(daemon->pipe_to_parent, (unsigned char *)&class, sizeof(class), 0);
- /* A negative DS entry is possible and has no data, obviously. */
- if (!(flags & F_NEG))
-- {
-- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.ds.algo, sizeof(new_chain->addr.ds.algo), 0);
-- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.ds.keytag, sizeof(new_chain->addr.ds.keytag), 0);
-- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.ds.digest, sizeof(new_chain->addr.ds.digest), 0);
-- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr.ds.keylen, sizeof(new_chain->addr.ds.keylen), 0);
-- blockdata_write(new_chain->addr.ds.keydata, new_chain->addr.ds.keylen, daemon->pipe_to_parent);
-- }
-+ blockdata_write(new_chain->addr.addr.addr.ds.keydata, new_chain->addr.addr.addr.ds.keylen, daemon->pipe_to_parent);
- }
- #endif
--
- }
- }
-
-@@ -736,11 +725,30 @@ int cache_recv_insert(time_t now, int fd
-
- ttl = difftime(ttd, now);
-
-- if (flags & (F_IPV4 | F_IPV6))
-+ if (flags & (F_IPV4 | F_IPV6 | F_DNSKEY | F_DS))
- {
-+ unsigned short class = C_IN;
-+
- if (!read_write(fd, (unsigned char *)&addr, sizeof(addr), 1))
- return 0;
-- crecp = really_insert(daemon->namebuff, &addr, C_IN, now, ttl, flags);
-+
-+#ifdef HAVE_DNSSEC
-+ if (flags & F_DNSKEY)
-+ {
-+ if (!read_write(fd, (unsigned char *)&class, sizeof(class), 1) ||
-+ !(addr.addr.key.keydata = blockdata_read(fd, addr.addr.key.keylen)))
-+ return 0;
-+ }
-+ else if (flags & F_DS)
-+ {
-+ if (!read_write(fd, (unsigned char *)&class, sizeof(class), 1) ||
-+ (flags & F_NEG) ||
-+ !(addr.addr.key.keydata = blockdata_read(fd, addr.addr.key.keylen)))
-+ return 0;
-+ }
-+#endif
-+
-+ crecp = really_insert(daemon->namebuff, &addr, class, now, ttl, flags);
- }
- else if (flags & F_CNAME)
- {
-@@ -764,58 +772,6 @@ int cache_recv_insert(time_t now, int fd
- }
- }
- }
--#ifdef HAVE_DNSSEC
-- else if (flags & (F_DNSKEY | F_DS))
-- {
-- unsigned short class, keylen, keyflags, keytag;
-- unsigned char algo, digest;
-- struct blockdata *keydata;
--
-- if (!read_write(fd, (unsigned char *)&class, sizeof(class), 1))
-- return 0;
--
-- crecp = really_insert(daemon->namebuff, NULL, class, now, ttl, flags);
--
-- if (flags & F_DNSKEY)
-- {
-- if (!read_write(fd, (unsigned char *)&algo, sizeof(algo), 1) ||
-- !read_write(fd, (unsigned char *)&keytag, sizeof(keytag), 1) ||
-- !read_write(fd, (unsigned char *)&keyflags, sizeof(keyflags), 1) ||
-- !read_write(fd, (unsigned char *)&keylen, sizeof(keylen), 1) ||
-- !(keydata = blockdata_read(fd, keylen)))
-- return 0;
-- }
-- else if (!(flags & F_NEG))
-- {
-- if (!read_write(fd, (unsigned char *)&algo, sizeof(algo), 1) ||
-- !read_write(fd, (unsigned char *)&keytag, sizeof(keytag), 1) ||
-- !read_write(fd, (unsigned char *)&digest, sizeof(digest), 1) ||
-- !read_write(fd, (unsigned char *)&keylen, sizeof(keylen), 1) ||
-- !(keydata = blockdata_read(fd, keylen)))
-- return 0;
-- }
--
-- if (crecp)
-- {
-- if (flags & F_DNSKEY)
-- {
-- crecp->addr.key.algo = algo;
-- crecp->addr.key.keytag = keytag;
-- crecp->addr.key.flags = flags;
-- crecp->addr.key.keylen = keylen;
-- crecp->addr.key.keydata = keydata;
-- }
-- else if (!(flags & F_NEG))
-- {
-- crecp->addr.ds.algo = algo;
-- crecp->addr.ds.keytag = keytag;
-- crecp->addr.ds.digest = digest;
-- crecp->addr.ds.keylen = keylen;
-- crecp->addr.ds.keydata = keydata;
-- }
-- }
-- }
--#endif
- }
- }
-
-@@ -1290,15 +1246,15 @@ void cache_reload(void)
- #ifdef HAVE_DNSSEC
- for (ds = daemon->ds; ds; ds = ds->next)
- if ((cache = whine_malloc(SIZEOF_POINTER_CREC)) &&
-- (cache->addr.ds.keydata = blockdata_alloc(ds->digest, ds->digestlen)))
-+ (cache->addr.addr.addr.ds.keydata = blockdata_alloc(ds->digest, ds->digestlen)))
- {
- cache->flags = F_FORWARD | F_IMMORTAL | F_DS | F_CONFIG | F_NAMEP;
- cache->ttd = daemon->local_ttl;
- cache->name.namep = ds->name;
-- cache->addr.ds.keylen = ds->digestlen;
-- cache->addr.ds.algo = ds->algo;
-- cache->addr.ds.keytag = ds->keytag;
-- cache->addr.ds.digest = ds->digest_type;
-+ cache->addr.addr.addr.ds.keylen = ds->digestlen;
-+ cache->addr.addr.addr.ds.algo = ds->algo;
-+ cache->addr.addr.addr.ds.keytag = ds->keytag;
-+ cache->addr.addr.addr.ds.digest = ds->digest_type;
- cache->uid = ds->class;
- cache_hash(cache);
- make_non_terminals(cache);
-@@ -1775,12 +1731,12 @@ void dump_cache(time_t now)
- else if (cache->flags & F_DS)
- {
- if (!(cache->flags & F_NEG))
-- sprintf(a, "%5u %3u %3u", cache->addr.ds.keytag,
-- cache->addr.ds.algo, cache->addr.ds.digest);
-+ sprintf(a, "%5u %3u %3u", cache->addr.addr.addr.ds.keytag,
-+ cache->addr.addr.addr.ds.algo, cache->addr.addr.addr.ds.digest);
- }
- else if (cache->flags & F_DNSKEY)
-- sprintf(a, "%5u %3u %3u", cache->addr.key.keytag,
-- cache->addr.key.algo, cache->addr.key.flags);
-+ sprintf(a, "%5u %3u %3u", cache->addr.addr.addr.key.keytag,
-+ cache->addr.addr.addr.key.algo, cache->addr.addr.addr.key.flags);
- #endif
- else if (!(cache->flags & F_NEG) || !(cache->flags & F_FORWARD))
- {
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -277,14 +277,21 @@ struct all_addr {
- union {
- struct in_addr addr4;
- struct in6_addr addr6;
-+ struct {
-+ struct blockdata *keydata;
-+ unsigned short keylen, flags, keytag;
-+ unsigned char algo;
-+ } key;
-+ struct {
-+ struct blockdata *keydata;
-+ unsigned short keylen, keytag;
-+ unsigned char algo;
-+ unsigned char digest;
-+ } ds;
- /* for log_query */
- struct {
- unsigned short keytag, algo, digest, rcode;
- } log;
-- /* for cache_insert of DNSKEY, DS */
-- struct {
-- unsigned short class, type;
-- } dnssec;
- } addr;
- };
-
-@@ -414,17 +421,6 @@ struct crec {
- } target;
- unsigned int uid; /* 0 if union is interface-name */
- } cname;
-- struct {
-- struct blockdata *keydata;
-- unsigned short keylen, flags, keytag;
-- unsigned char algo;
-- } key;
-- struct {
-- struct blockdata *keydata;
-- unsigned short keylen, keytag;
-- unsigned char algo;
-- unsigned char digest;
-- } ds;
- } addr;
- time_t ttd; /* time to die */
- /* used as class if DNSKEY/DS, index to source for F_HOSTS */
---- a/src/dnssec.c
-+++ b/src/dnssec.c
-@@ -628,10 +628,10 @@ static int validate_rrset(time_t now, st
- {
- /* iterate through all possible keys 4035 5.3.1 */
- for (; crecp; crecp = cache_find_by_name(crecp, keyname, now, F_DNSKEY))
-- if (crecp->addr.key.algo == algo &&
-- crecp->addr.key.keytag == key_tag &&
-+ if (crecp->addr.addr.addr.key.algo == algo &&
-+ crecp->addr.addr.addr.key.keytag == key_tag &&
- crecp->uid == (unsigned int)class &&
-- verify(crecp->addr.key.keydata, crecp->addr.key.keylen, sig, sig_len, digest, hash->digest_size, algo))
-+ verify(crecp->addr.addr.addr.key.keydata, crecp->addr.addr.addr.key.keylen, sig, sig_len, digest, hash->digest_size, algo))
- return (labels < name_labels) ? STAT_SECURE_WILDCARD : STAT_SECURE;
- }
- }
-@@ -728,10 +728,10 @@ int dnssec_validate_by_ds(time_t now, st
- const struct nettle_hash *hash;
- int sigcnt, rrcnt;
-
-- if (recp1->addr.ds.algo == algo &&
-- recp1->addr.ds.keytag == keytag &&
-+ if (recp1->addr.addr.addr.ds.algo == algo &&
-+ recp1->addr.addr.addr.ds.keytag == keytag &&
- recp1->uid == (unsigned int)class &&
-- (hash = hash_find(ds_digest_name(recp1->addr.ds.digest))) &&
-+ (hash = hash_find(ds_digest_name(recp1->addr.addr.addr.ds.digest))) &&
- hash_init(hash, &ctx, &digest))
-
- {
-@@ -746,9 +746,9 @@ int dnssec_validate_by_ds(time_t now, st
- from_wire(name);
-
- if (!(recp1->flags & F_NEG) &&
-- recp1->addr.ds.keylen == (int)hash->digest_size &&
-- (ds_digest = blockdata_retrieve(recp1->addr.key.keydata, recp1->addr.ds.keylen, NULL)) &&
-- memcmp(ds_digest, digest, recp1->addr.ds.keylen) == 0 &&
-+ recp1->addr.addr.addr.ds.keylen == (int)hash->digest_size &&
-+ (ds_digest = blockdata_retrieve(recp1->addr.addr.addr.ds.keydata, recp1->addr.addr.addr.ds.keylen, NULL)) &&
-+ memcmp(ds_digest, digest, recp1->addr.addr.addr.ds.keylen) == 0 &&
- explore_rrset(header, plen, class, T_DNSKEY, name, keyname, &sigcnt, &rrcnt) &&
- sigcnt != 0 && rrcnt != 0 &&
- validate_rrset(now, header, plen, class, T_DNSKEY, sigcnt, rrcnt, name, keyname,
-@@ -800,7 +800,13 @@ int dnssec_validate_by_ds(time_t now, st
-
- if ((key = blockdata_alloc((char*)p, rdlen - 4)))
- {
-- if (!(recp1 = cache_insert(name, &a, class, now, ttl, F_FORWARD | F_DNSKEY | F_DNSSECOK)))
-+ a.addr.key.keylen = rdlen - 4;
-+ a.addr.key.keydata = key;
-+ a.addr.key.algo = algo;
-+ a.addr.key.keytag = keytag;
-+ a.addr.key.flags = flags;
-+
-+ if (!cache_insert(name, &a, class, now, ttl, F_FORWARD | F_DNSKEY | F_DNSSECOK))
- {
- blockdata_free(key);
- return STAT_BOGUS;
-@@ -813,12 +819,6 @@ int dnssec_validate_by_ds(time_t now, st
- log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu");
- else
- log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu (not supported)");
--
-- recp1->addr.key.keylen = rdlen - 4;
-- recp1->addr.key.keydata = key;
-- recp1->addr.key.algo = algo;
-- recp1->addr.key.keytag = keytag;
-- recp1->addr.key.flags = flags;
- }
- }
- }
-@@ -915,8 +915,7 @@ int dnssec_validate_ds(time_t now, struc
- int algo, digest, keytag;
- unsigned char *psave = p;
- struct blockdata *key;
-- struct crec *crecp;
--
-+
- if (rdlen < 4)
- return STAT_BOGUS; /* bad packet */
-
-@@ -926,7 +925,13 @@ int dnssec_validate_ds(time_t now, struc
-
- if ((key = blockdata_alloc((char*)p, rdlen - 4)))
- {
-- if (!(crecp = cache_insert(name, NULL, class, now, ttl, F_FORWARD | F_DS | F_DNSSECOK)))
-+ a.addr.ds.digest = digest;
-+ a.addr.ds.keydata = key;
-+ a.addr.ds.algo = algo;
-+ a.addr.ds.keytag = keytag;
-+ a.addr.ds.keylen = rdlen - 4;
-+
-+ if (!cache_insert(name, &a, class, now, ttl, F_FORWARD | F_DS | F_DNSSECOK))
- {
- blockdata_free(key);
- return STAT_BOGUS;
-@@ -940,12 +945,6 @@ int dnssec_validate_ds(time_t now, struc
- log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu");
- else
- log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu (not supported)");
--
-- crecp->addr.ds.digest = digest;
-- crecp->addr.ds.keydata = key;
-- crecp->addr.ds.algo = algo;
-- crecp->addr.ds.keytag = keytag;
-- crecp->addr.ds.keylen = rdlen - 4;
- }
- }
-
-@@ -1711,8 +1710,8 @@ static int zone_status(char *name, int c
- do
- {
- if (crecp->uid == (unsigned int)class &&
-- ds_digest_name(crecp->addr.ds.digest) &&
-- algo_digest_name(crecp->addr.ds.algo))
-+ ds_digest_name(crecp->addr.addr.addr.ds.digest) &&
-+ algo_digest_name(crecp->addr.addr.addr.ds.algo))
- break;
- }
- while ((crecp = cache_find_by_name(crecp, keyname, now, F_DS)));
+++ /dev/null
-From cc921df9ceac79acf9f1c477d015a3d88275422d Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Wed, 2 Jan 2019 22:48:59 +0000
-Subject: [PATCH 21/32] Remove nested struct/union in cache records and
- all_addr.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/arp.c | 18 ++++-----
- src/auth.c | 36 ++++++++---------
- src/bpf.c | 10 ++---
- src/cache.c | 98 +++++++++++++++++++++++-----------------------
- src/conntrack.c | 6 +--
- src/dbus.c | 24 ++++++------
- src/dhcp-common.c | 14 +++----
- src/dhcp.c | 20 +++++-----
- src/dhcp6.c | 2 +-
- src/dnsmasq.c | 6 +--
- src/dnsmasq.h | 99 ++++++++++++++++++++++++-----------------------
- src/dnssec.c | 56 +++++++++++++--------------
- src/domain.c | 32 +++++++--------
- src/forward.c | 88 ++++++++++++++++++++---------------------
- src/helper.c | 6 +--
- src/ipset.c | 10 ++---
- src/lease.c | 22 +++++------
- src/network.c | 36 ++++++++---------
- src/option.c | 16 ++++----
- src/rfc1035.c | 46 +++++++++++-----------
- src/rfc3315.c | 12 +++---
- src/tables.c | 6 +--
- src/tftp.c | 8 ++--
- 23 files changed, 336 insertions(+), 335 deletions(-)
-
---- a/src/arp.c
-+++ b/src/arp.c
-@@ -28,7 +28,7 @@ struct arp_record {
- unsigned short hwlen, status;
- int family;
- unsigned char hwaddr[DHCP_CHADDR_MAX];
-- struct all_addr addr;
-+ union all_addr addr;
- struct arp_record *next;
- };
-
-@@ -52,12 +52,12 @@ static int filter_mac(int family, char *
-
- if (family == AF_INET)
- {
-- if (arp->addr.addr.addr4.s_addr != ((struct in_addr *)addrp)->s_addr)
-+ if (arp->addr.addr4.s_addr != ((struct in_addr *)addrp)->s_addr)
- continue;
- }
- else
- {
-- if (!IN6_ARE_ADDR_EQUAL(&arp->addr.addr.addr6, (struct in6_addr *)addrp))
-+ if (!IN6_ARE_ADDR_EQUAL(&arp->addr.addr6, (struct in6_addr *)addrp))
- continue;
- }
-
-@@ -95,9 +95,9 @@ static int filter_mac(int family, char *
- arp->family = family;
- memcpy(arp->hwaddr, mac, maclen);
- if (family == AF_INET)
-- arp->addr.addr.addr4.s_addr = ((struct in_addr *)addrp)->s_addr;
-+ arp->addr.addr4.s_addr = ((struct in_addr *)addrp)->s_addr;
- else
-- memcpy(&arp->addr.addr.addr6, addrp, IN6ADDRSZ);
-+ memcpy(&arp->addr.addr6, addrp, IN6ADDRSZ);
- }
-
- return 1;
-@@ -124,11 +124,11 @@ int find_mac(union mysockaddr *addr, uns
- continue;
-
- if (arp->family == AF_INET &&
-- arp->addr.addr.addr4.s_addr != addr->in.sin_addr.s_addr)
-+ arp->addr.addr4.s_addr != addr->in.sin_addr.s_addr)
- continue;
-
- if (arp->family == AF_INET6 &&
-- !IN6_ARE_ADDR_EQUAL(&arp->addr.addr.addr6, &addr->in6.sin6_addr))
-+ !IN6_ARE_ADDR_EQUAL(&arp->addr.addr6, &addr->in6.sin6_addr))
- continue;
-
- /* Only accept positive entries unless in lazy mode. */
-@@ -191,9 +191,9 @@ int find_mac(union mysockaddr *addr, uns
- arp->hwlen = 0;
-
- if (addr->sa.sa_family == AF_INET)
-- arp->addr.addr.addr4.s_addr = addr->in.sin_addr.s_addr;
-+ arp->addr.addr4.s_addr = addr->in.sin_addr.s_addr;
- else
-- memcpy(&arp->addr.addr.addr6, &addr->in6.sin6_addr, IN6ADDRSZ);
-+ memcpy(&arp->addr.addr6, &addr->in6.sin6_addr, IN6ADDRSZ);
- }
-
- return 0;
---- a/src/auth.c
-+++ b/src/auth.c
-@@ -18,22 +18,22 @@
-
- #ifdef HAVE_AUTH
-
--static struct addrlist *find_addrlist(struct addrlist *list, int flag, struct all_addr *addr_u)
-+static struct addrlist *find_addrlist(struct addrlist *list, int flag, union all_addr *addr_u)
- {
- do {
- if (!(list->flags & ADDRLIST_IPV6))
- {
-- struct in_addr netmask, addr = addr_u->addr.addr4;
-+ struct in_addr netmask, addr = addr_u->addr4;
-
- if (!(flag & F_IPV4))
- continue;
-
- netmask.s_addr = htonl(~(in_addr_t)0 << (32 - list->prefixlen));
-
-- if (is_same_net(addr, list->addr.addr.addr4, netmask))
-+ if (is_same_net(addr, list->addr.addr4, netmask))
- return list;
- }
-- else if (is_same_net6(&(addr_u->addr.addr6), &list->addr.addr.addr6, list->prefixlen))
-+ else if (is_same_net6(&(addr_u->addr6), &list->addr.addr6, list->prefixlen))
- return list;
-
- } while ((list = list->next));
-@@ -41,7 +41,7 @@ static struct addrlist *find_addrlist(st
- return NULL;
- }
-
--static struct addrlist *find_subnet(struct auth_zone *zone, int flag, struct all_addr *addr_u)
-+static struct addrlist *find_subnet(struct auth_zone *zone, int flag, union all_addr *addr_u)
- {
- if (!zone->subnet)
- return NULL;
-@@ -49,7 +49,7 @@ static struct addrlist *find_subnet(stru
- return find_addrlist(zone->subnet, flag, addr_u);
- }
-
--static struct addrlist *find_exclude(struct auth_zone *zone, int flag, struct all_addr *addr_u)
-+static struct addrlist *find_exclude(struct auth_zone *zone, int flag, union all_addr *addr_u)
- {
- if (!zone->exclude)
- return NULL;
-@@ -57,7 +57,7 @@ static struct addrlist *find_exclude(str
- return find_addrlist(zone->exclude, flag, addr_u);
- }
-
--static int filter_zone(struct auth_zone *zone, int flag, struct all_addr *addr_u)
-+static int filter_zone(struct auth_zone *zone, int flag, union all_addr *addr_u)
- {
- if (find_exclude(zone, flag, addr_u))
- return 0;
-@@ -113,7 +113,7 @@ size_t answer_auth(struct dns_header *he
- struct txt_record *txt;
- struct interface_name *intr;
- struct naptr *na;
-- struct all_addr addr;
-+ union all_addr addr;
- struct cname *a, *candidate;
- unsigned int wclen;
-
-@@ -178,7 +178,7 @@ size_t answer_auth(struct dns_header *he
- struct addrlist *addrlist;
-
- for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
-- if (!(addrlist->flags & ADDRLIST_IPV6) && addr.addr.addr4.s_addr == addrlist->addr.addr.addr4.s_addr)
-+ if (!(addrlist->flags & ADDRLIST_IPV6) && addr.addr4.s_addr == addrlist->addr.addr4.s_addr)
- break;
-
- if (addrlist)
-@@ -193,7 +193,7 @@ size_t answer_auth(struct dns_header *he
- struct addrlist *addrlist;
-
- for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
-- if ((addrlist->flags & ADDRLIST_IPV6) && IN6_ARE_ADDR_EQUAL(&addr.addr.addr6, &addrlist->addr.addr.addr6))
-+ if ((addrlist->flags & ADDRLIST_IPV6) && IN6_ARE_ADDR_EQUAL(&addr.addr6, &addrlist->addr.addr6))
- break;
-
- if (addrlist)
-@@ -468,10 +468,10 @@ size_t answer_auth(struct dns_header *he
- {
- nxdomain = 0;
- if ((crecp->flags & flag) &&
-- (local_query || filter_zone(zone, flag, &(crecp->addr.addr))))
-+ (local_query || filter_zone(zone, flag, &(crecp->addr))))
- {
- *cut = '.'; /* restore domain part */
-- log_query(crecp->flags, name, &crecp->addr.addr, record_source(crecp->uid));
-+ log_query(crecp->flags, name, &crecp->addr, record_source(crecp->uid));
- *cut = 0; /* remove domain part */
- found = 1;
- if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
-@@ -491,9 +491,9 @@ size_t answer_auth(struct dns_header *he
- do
- {
- nxdomain = 0;
-- if ((crecp->flags & flag) && (local_query || filter_zone(zone, flag, &(crecp->addr.addr))))
-+ if ((crecp->flags & flag) && (local_query || filter_zone(zone, flag, &(crecp->addr))))
- {
-- log_query(crecp->flags, name, &crecp->addr.addr, record_source(crecp->uid));
-+ log_query(crecp->flags, name, &crecp->addr, record_source(crecp->uid));
- found = 1;
- if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
- daemon->auth_ttl, NULL, qtype, C_IN,
-@@ -580,7 +580,7 @@ size_t answer_auth(struct dns_header *he
-
- if (!(subnet->flags & ADDRLIST_IPV6))
- {
-- in_addr_t a = ntohl(subnet->addr.addr.addr4.s_addr) >> 8;
-+ in_addr_t a = ntohl(subnet->addr.addr4.s_addr) >> 8;
- char *p = name;
-
- if (subnet->prefixlen >= 24)
-@@ -599,7 +599,7 @@ size_t answer_auth(struct dns_header *he
-
- for (i = subnet->prefixlen-1; i >= 0; i -= 4)
- {
-- int dig = ((unsigned char *)&subnet->addr.addr.addr6)[i>>3];
-+ int dig = ((unsigned char *)&subnet->addr.addr6)[i>>3];
- p += sprintf(p, "%.1x.", (i>>2) & 1 ? dig & 15 : dig >> 4);
- }
- p += sprintf(p, "ip6.arpa");
-@@ -783,7 +783,7 @@ size_t answer_auth(struct dns_header *he
- {
- char *cache_name = cache_get_name(crecp);
- if (!strchr(cache_name, '.') &&
-- (local_query || filter_zone(zone, (crecp->flags & (F_IPV6 | F_IPV4)), &(crecp->addr.addr))) &&
-+ (local_query || filter_zone(zone, (crecp->flags & (F_IPV6 | F_IPV4)), &(crecp->addr))) &&
- add_resource_record(header, limit, &trunc, -axfroffset, &ansp,
- daemon->auth_ttl, NULL, (crecp->flags & F_IPV6) ? T_AAAA : T_A, C_IN,
- (crecp->flags & F_IPV4) ? "4" : "6", cache_name, &crecp->addr))
-@@ -794,7 +794,7 @@ size_t answer_auth(struct dns_header *he
- {
- strcpy(name, cache_get_name(crecp));
- if (in_zone(zone, name, &cut) &&
-- (local_query || filter_zone(zone, (crecp->flags & (F_IPV6 | F_IPV4)), &(crecp->addr.addr))))
-+ (local_query || filter_zone(zone, (crecp->flags & (F_IPV6 | F_IPV4)), &(crecp->addr))))
- {
- if (cut)
- *cut = 0;
---- a/src/bpf.c
-+++ b/src/bpf.c
-@@ -42,7 +42,7 @@
-
- #ifdef HAVE_BSD_NETWORK
- static int del_family = 0;
--static struct all_addr del_addr;
-+static union all_addr del_addr;
- #endif
-
- #if defined(HAVE_BSD_NETWORK) && !defined(__APPLE__)
-@@ -139,7 +139,7 @@ int iface_enumerate(int family, void *pa
- struct in_addr addr, netmask, broadcast;
- addr = ((struct sockaddr_in *) addrs->ifa_addr)->sin_addr;
- #ifdef HAVE_BSD_NETWORK
-- if (del_family == AF_INET && del_addr.addr.addr4.s_addr == addr.s_addr)
-+ if (del_family == AF_INET && del_addr.addr4.s_addr == addr.s_addr)
- continue;
- #endif
- netmask = ((struct sockaddr_in *) addrs->ifa_netmask)->sin_addr;
-@@ -159,7 +159,7 @@ int iface_enumerate(int family, void *pa
- u32 valid = 0xffffffff, preferred = 0xffffffff;
- int flags = 0;
- #ifdef HAVE_BSD_NETWORK
-- if (del_family == AF_INET6 && IN6_ARE_ADDR_EQUAL(&del_addr.addr.addr6, addr))
-+ if (del_family == AF_INET6 && IN6_ARE_ADDR_EQUAL(&del_addr.addr6, addr))
- continue;
- #endif
- #if defined(HAVE_BSD_NETWORK) && !defined(__APPLE__)
-@@ -422,9 +422,9 @@ void route_sock(void)
- {
- del_family = sa->sa_family;
- if (del_family == AF_INET)
-- del_addr.addr.addr4 = ((struct sockaddr_in *)sa)->sin_addr;
-+ del_addr.addr4 = ((struct sockaddr_in *)sa)->sin_addr;
- else if (del_family == AF_INET6)
-- del_addr.addr.addr6 = ((struct sockaddr_in6 *)sa)->sin6_addr;
-+ del_addr.addr6 = ((struct sockaddr_in6 *)sa)->sin6_addr;
- else
- del_family = 0;
- }
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -26,7 +26,7 @@ static union bigname *big_free = NULL;
- static int bignames_left, hash_size;
-
- static void make_non_terminals(struct crec *source);
--static struct crec *really_insert(char *name, struct all_addr *addr, unsigned short class,
-+static struct crec *really_insert(char *name, union all_addr *addr, unsigned short class,
- time_t now, unsigned long ttl, unsigned short flags);
-
- /* type->string mapping: this is also used by the name-hash function as a mixing table. */
-@@ -202,9 +202,9 @@ static void cache_hash(struct crec *crec
- static void cache_blockdata_free(struct crec *crecp)
- {
- if (crecp->flags & F_DNSKEY)
-- blockdata_free(crecp->addr.addr.addr.key.keydata);
-+ blockdata_free(crecp->addr.key.keydata);
- else if ((crecp->flags & F_DS) && !(crecp->flags & F_NEG))
-- blockdata_free(crecp->addr.addr.addr.ds.keydata);
-+ blockdata_free(crecp->addr.ds.keydata);
- }
- #endif
-
-@@ -330,7 +330,7 @@ static int is_expired(time_t now, struct
- return 1;
- }
-
--static struct crec *cache_scan_free(char *name, struct all_addr *addr, unsigned short class, time_t now,
-+static struct crec *cache_scan_free(char *name, union all_addr *addr, unsigned short class, time_t now,
- unsigned short flags, struct crec **target_crec, unsigned int *target_uid)
- {
- /* Scan and remove old entries.
-@@ -430,7 +430,7 @@ static struct crec *cache_scan_free(char
- else if (!(crecp->flags & (F_HOSTS | F_DHCP | F_CONFIG)) &&
- (flags & crecp->flags & F_REVERSE) &&
- (flags & crecp->flags & (F_IPV4 | F_IPV6)) &&
-- memcmp(&crecp->addr.addr, addr, addrlen) == 0)
-+ memcmp(&crecp->addr, addr, addrlen) == 0)
- {
- *up = crecp->hash_next;
- cache_unlink(crecp);
-@@ -466,7 +466,7 @@ void cache_start_insert(void)
- insert_error = 0;
- }
-
--struct crec *cache_insert(char *name, struct all_addr *addr, unsigned short class,
-+struct crec *cache_insert(char *name, union all_addr *addr, unsigned short class,
- time_t now, unsigned long ttl, unsigned short flags)
- {
- /* Don't log DNSSEC records here, done elsewhere */
-@@ -484,7 +484,7 @@ struct crec *cache_insert(char *name, st
- }
-
-
--static struct crec *really_insert(char *name, struct all_addr *addr, unsigned short class,
-+static struct crec *really_insert(char *name, union all_addr *addr, unsigned short class,
- time_t now, unsigned long ttl, unsigned short flags)
- {
- struct crec *new, *target_crec = NULL;
-@@ -509,10 +509,10 @@ static struct crec *really_insert(char *
- if ((flags & (F_IPV4 | F_IPV6)) && (flags & F_FORWARD) && addr)
- {
- if ((flags & F_IPV4) && (new->flags & F_IPV4) &&
-- new->addr.addr.addr.addr4.s_addr == addr->addr.addr4.s_addr)
-+ new->addr.addr4.s_addr == addr->addr4.s_addr)
- return new;
- else if ((flags & F_IPV6) && (new->flags & F_IPV6) &&
-- IN6_ARE_ADDR_EQUAL(&new->addr.addr.addr.addr6, &addr->addr.addr6))
-+ IN6_ARE_ADDR_EQUAL(&new->addr.addr6, &addr->addr6))
- return new;
- }
-
-@@ -557,7 +557,7 @@ static struct crec *really_insert(char *
- {
- /* For DNSSEC records, uid holds class. */
- free_avail = 1; /* Must be free space now. */
-- cache_scan_free(cache_get_name(new), &new->addr.addr, new->uid, now, new->flags, NULL, NULL);
-+ cache_scan_free(cache_get_name(new), &new->addr, new->uid, now, new->flags, NULL, NULL);
- daemon->metrics[METRIC_DNS_CACHE_LIVE_FREED]++;
- }
- else
-@@ -616,7 +616,7 @@ static struct crec *really_insert(char *
- #endif
-
- if (addr)
-- new->addr.addr = *addr;
-+ new->addr = *addr;
-
- new->ttd = now + (time_t)ttl;
- new->next = new_chain;
-@@ -665,14 +665,14 @@ void cache_end_insert(void)
- if (flags & F_DNSKEY)
- {
- read_write(daemon->pipe_to_parent, (unsigned char *)&class, sizeof(class), 0);
-- blockdata_write(new_chain->addr.addr.addr.key.keydata, new_chain->addr.addr.addr.key.keylen, daemon->pipe_to_parent);
-+ blockdata_write(new_chain->addr.key.keydata, new_chain->addr.key.keylen, daemon->pipe_to_parent);
- }
- else if (flags & F_DS)
- {
- read_write(daemon->pipe_to_parent, (unsigned char *)&class, sizeof(class), 0);
- /* A negative DS entry is possible and has no data, obviously. */
- if (!(flags & F_NEG))
-- blockdata_write(new_chain->addr.addr.addr.ds.keydata, new_chain->addr.addr.addr.ds.keylen, daemon->pipe_to_parent);
-+ blockdata_write(new_chain->addr.ds.keydata, new_chain->addr.ds.keylen, daemon->pipe_to_parent);
- }
- #endif
- }
-@@ -696,7 +696,7 @@ void cache_end_insert(void)
- int cache_recv_insert(time_t now, int fd)
- {
- ssize_t m;
-- struct all_addr addr;
-+ union all_addr addr;
- unsigned long ttl;
- time_t ttd;
- unsigned short flags;
-@@ -736,14 +736,14 @@ int cache_recv_insert(time_t now, int fd
- if (flags & F_DNSKEY)
- {
- if (!read_write(fd, (unsigned char *)&class, sizeof(class), 1) ||
-- !(addr.addr.key.keydata = blockdata_read(fd, addr.addr.key.keylen)))
-+ !(addr.key.keydata = blockdata_read(fd, addr.key.keylen)))
- return 0;
- }
- else if (flags & F_DS)
- {
- if (!read_write(fd, (unsigned char *)&class, sizeof(class), 1) ||
- (flags & F_NEG) ||
-- !(addr.addr.key.keydata = blockdata_read(fd, addr.addr.key.keylen)))
-+ !(addr.key.keydata = blockdata_read(fd, addr.key.keylen)))
- return 0;
- }
- #endif
-@@ -876,7 +876,7 @@ struct crec *cache_find_by_name(struct c
- return NULL;
- }
-
--struct crec *cache_find_by_addr(struct crec *crecp, struct all_addr *addr,
-+struct crec *cache_find_by_addr(struct crec *crecp, union all_addr *addr,
- time_t now, unsigned int prot)
- {
- struct crec *ans;
-@@ -900,7 +900,7 @@ struct crec *cache_find_by_addr(struct c
- if (!is_expired(now, crecp))
- {
- if ((crecp->flags & prot) &&
-- memcmp(&crecp->addr.addr, addr, addrlen) == 0)
-+ memcmp(&crecp->addr, addr, addrlen) == 0)
- {
- if (crecp->flags & (F_HOSTS | F_DHCP | F_CONFIG))
- {
-@@ -931,7 +931,7 @@ struct crec *cache_find_by_addr(struct c
- if (ans &&
- (ans->flags & F_REVERSE) &&
- (ans->flags & prot) &&
-- memcmp(&ans->addr.addr, addr, addrlen) == 0)
-+ memcmp(&ans->addr, addr, addrlen) == 0)
- return ans;
-
- return NULL;
-@@ -961,7 +961,7 @@ static void add_hosts_cname(struct crec
- }
- }
-
--static void add_hosts_entry(struct crec *cache, struct all_addr *addr, int addrlen,
-+static void add_hosts_entry(struct crec *cache, union all_addr *addr, int addrlen,
- unsigned int index, struct crec **rhash, int hashsz)
- {
- struct crec *lookup = cache_find_by_name(NULL, cache_get_name(cache), 0, cache->flags & (F_IPV4 | F_IPV6));
-@@ -972,7 +972,7 @@ static void add_hosts_entry(struct crec
- if (lookup && (lookup->flags & F_HOSTS))
- {
- nameexists = 1;
-- if (memcmp(&lookup->addr.addr, addr, addrlen) == 0)
-+ if (memcmp(&lookup->addr, addr, addrlen) == 0)
- {
- free(cache);
- return;
-@@ -1004,7 +1004,7 @@ static void add_hosts_entry(struct crec
-
- for (lookup = rhash[j]; lookup; lookup = lookup->next)
- if ((lookup->flags & cache->flags & (F_IPV4 | F_IPV6)) &&
-- memcmp(&lookup->addr.addr, addr, addrlen) == 0)
-+ memcmp(&lookup->addr, addr, addrlen) == 0)
- {
- cache->flags &= ~F_REVERSE;
- break;
-@@ -1026,7 +1026,7 @@ static void add_hosts_entry(struct crec
- }
-
- cache->uid = index;
-- memcpy(&cache->addr.addr, addr, addrlen);
-+ memcpy(&cache->addr, addr, addrlen);
- cache_hash(cache);
- make_non_terminals(cache);
-
-@@ -1088,7 +1088,7 @@ int read_hostsfile(char *filename, unsig
- char *token = daemon->namebuff, *domain_suffix = NULL;
- int addr_count = 0, name_count = cache_size, lineno = 0;
- unsigned short flags = 0;
-- struct all_addr addr;
-+ union all_addr addr;
- int atnl, addrlen = 0;
-
- if (!f)
-@@ -1107,13 +1107,13 @@ int read_hostsfile(char *filename, unsig
- {
- flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV4;
- addrlen = INADDRSZ;
-- domain_suffix = get_domain(addr.addr.addr4);
-+ domain_suffix = get_domain(addr.addr4);
- }
- else if (inet_pton(AF_INET6, token, &addr) > 0)
- {
- flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV6;
- addrlen = IN6ADDRSZ;
-- domain_suffix = get_domain6(&addr.addr.addr6);
-+ domain_suffix = get_domain6(&addr.addr6);
- }
- else
- {
-@@ -1246,15 +1246,15 @@ void cache_reload(void)
- #ifdef HAVE_DNSSEC
- for (ds = daemon->ds; ds; ds = ds->next)
- if ((cache = whine_malloc(SIZEOF_POINTER_CREC)) &&
-- (cache->addr.addr.addr.ds.keydata = blockdata_alloc(ds->digest, ds->digestlen)))
-+ (cache->addr.ds.keydata = blockdata_alloc(ds->digest, ds->digestlen)))
- {
- cache->flags = F_FORWARD | F_IMMORTAL | F_DS | F_CONFIG | F_NAMEP;
- cache->ttd = daemon->local_ttl;
- cache->name.namep = ds->name;
-- cache->addr.addr.addr.ds.keylen = ds->digestlen;
-- cache->addr.addr.addr.ds.algo = ds->algo;
-- cache->addr.addr.addr.ds.keytag = ds->keytag;
-- cache->addr.addr.addr.ds.digest = ds->digest_type;
-+ cache->addr.ds.keylen = ds->digestlen;
-+ cache->addr.ds.algo = ds->algo;
-+ cache->addr.ds.keytag = ds->keytag;
-+ cache->addr.ds.digest = ds->digest_type;
- cache->uid = ds->class;
- cache_hash(cache);
- make_non_terminals(cache);
-@@ -1277,7 +1277,7 @@ void cache_reload(void)
- cache->name.namep = nl->name;
- cache->ttd = hr->ttl;
- cache->flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV4 | F_NAMEP | F_CONFIG;
-- add_hosts_entry(cache, (struct all_addr *)&hr->addr, INADDRSZ, SRC_CONFIG, (struct crec **)daemon->packet, revhashsz);
-+ add_hosts_entry(cache, (union all_addr *)&hr->addr, INADDRSZ, SRC_CONFIG, (struct crec **)daemon->packet, revhashsz);
- }
-
- if (!IN6_IS_ADDR_UNSPECIFIED(&hr->addr6) &&
-@@ -1286,7 +1286,7 @@ void cache_reload(void)
- cache->name.namep = nl->name;
- cache->ttd = hr->ttl;
- cache->flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV6 | F_NAMEP | F_CONFIG;
-- add_hosts_entry(cache, (struct all_addr *)&hr->addr6, IN6ADDRSZ, SRC_CONFIG, (struct crec **)daemon->packet, revhashsz);
-+ add_hosts_entry(cache, (union all_addr *)&hr->addr6, IN6ADDRSZ, SRC_CONFIG, (struct crec **)daemon->packet, revhashsz);
- }
- }
-
-@@ -1320,7 +1320,7 @@ struct in_addr a_record_from_hosts(char
-
- while ((crecp = cache_find_by_name(crecp, name, now, F_IPV4)))
- if (crecp->flags & F_HOSTS)
-- return *(struct in_addr *)&crecp->addr;
-+ return crecp->addr.addr4;
-
- my_syslog(MS_DHCP | LOG_WARNING, _("No IPv4 address found for %s"), name);
-
-@@ -1379,7 +1379,7 @@ static void add_dhcp_cname(struct crec *
- }
-
- void cache_add_dhcp_entry(char *host_name, int prot,
-- struct all_addr *host_address, time_t ttd)
-+ union all_addr *host_address, time_t ttd)
- {
- struct crec *crec = NULL, *fail_crec = NULL;
- unsigned short flags = F_IPV4;
-@@ -1403,7 +1403,7 @@ void cache_add_dhcp_entry(char *host_nam
- my_syslog(MS_DHCP | LOG_WARNING,
- _("%s is a CNAME, not giving it to the DHCP lease of %s"),
- host_name, daemon->addrbuff);
-- else if (memcmp(&crec->addr.addr, host_address, addrlen) == 0)
-+ else if (memcmp(&crec->addr, host_address, addrlen) == 0)
- in_hosts = 1;
- else
- fail_crec = crec;
-@@ -1423,7 +1423,7 @@ void cache_add_dhcp_entry(char *host_nam
- /* Name in hosts, address doesn't match */
- if (fail_crec)
- {
-- inet_ntop(prot, &fail_crec->addr.addr, daemon->namebuff, MAXDNAME);
-+ inet_ntop(prot, &fail_crec->addr, daemon->namebuff, MAXDNAME);
- my_syslog(MS_DHCP | LOG_WARNING,
- _("not giving name %s to the DHCP lease of %s because "
- "the name exists in %s with address %s"),
-@@ -1432,12 +1432,12 @@ void cache_add_dhcp_entry(char *host_nam
- return;
- }
-
-- if ((crec = cache_find_by_addr(NULL, (struct all_addr *)host_address, 0, flags)))
-+ if ((crec = cache_find_by_addr(NULL, (union all_addr *)host_address, 0, flags)))
- {
- if (crec->flags & F_NEG)
- {
- flags |= F_REVERSE;
-- cache_scan_free(NULL, (struct all_addr *)host_address, C_IN, 0, flags, NULL, NULL);
-+ cache_scan_free(NULL, (union all_addr *)host_address, C_IN, 0, flags, NULL, NULL);
- }
- }
- else
-@@ -1455,7 +1455,7 @@ void cache_add_dhcp_entry(char *host_nam
- crec->flags |= F_IMMORTAL;
- else
- crec->ttd = ttd;
-- crec->addr.addr = *host_address;
-+ crec->addr = *host_address;
- crec->name.namep = host_name;
- crec->uid = UID_NONE;
- cache_hash(crec);
-@@ -1731,20 +1731,20 @@ void dump_cache(time_t now)
- else if (cache->flags & F_DS)
- {
- if (!(cache->flags & F_NEG))
-- sprintf(a, "%5u %3u %3u", cache->addr.addr.addr.ds.keytag,
-- cache->addr.addr.addr.ds.algo, cache->addr.addr.addr.ds.digest);
-+ sprintf(a, "%5u %3u %3u", cache->addr.ds.keytag,
-+ cache->addr.ds.algo, cache->addr.ds.digest);
- }
- else if (cache->flags & F_DNSKEY)
-- sprintf(a, "%5u %3u %3u", cache->addr.addr.addr.key.keytag,
-- cache->addr.addr.addr.key.algo, cache->addr.addr.addr.key.flags);
-+ sprintf(a, "%5u %3u %3u", cache->addr.key.keytag,
-+ cache->addr.key.algo, cache->addr.key.flags);
- #endif
- else if (!(cache->flags & F_NEG) || !(cache->flags & F_FORWARD))
- {
- a = daemon->addrbuff;
- if (cache->flags & F_IPV4)
-- inet_ntop(AF_INET, &cache->addr.addr, a, ADDRSTRLEN);
-+ inet_ntop(AF_INET, &cache->addr, a, ADDRSTRLEN);
- else if (cache->flags & F_IPV6)
-- inet_ntop(AF_INET6, &cache->addr.addr, a, ADDRSTRLEN);
-+ inet_ntop(AF_INET6, &cache->addr, a, ADDRSTRLEN);
- }
-
- if (cache->flags & F_IPV4)
-@@ -1857,7 +1857,7 @@ char *querystr(char *desc, unsigned shor
- return buff ? buff : "";
- }
-
--void log_query(unsigned int flags, char *name, struct all_addr *addr, char *arg)
-+void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg)
- {
- char *source, *dest = daemon->addrbuff;
- char *verb = "is";
-@@ -1870,10 +1870,10 @@ void log_query(unsigned int flags, char
- if (addr)
- {
- if (flags & F_KEYTAG)
-- sprintf(daemon->addrbuff, arg, addr->addr.log.keytag, addr->addr.log.algo, addr->addr.log.digest);
-+ sprintf(daemon->addrbuff, arg, addr->log.keytag, addr->log.algo, addr->log.digest);
- else if (flags & F_RCODE)
- {
-- unsigned int rcode = addr->addr.log.rcode;
-+ unsigned int rcode = addr->log.rcode;
-
- if (rcode == SERVFAIL)
- dest = "SERVFAIL";
---- a/src/conntrack.c
-+++ b/src/conntrack.c
-@@ -24,7 +24,7 @@ static int gotit = 0; /* yuck */
-
- static int callback(enum nf_conntrack_msg_type type, struct nf_conntrack *ct, void *data);
-
--int get_incoming_mark(union mysockaddr *peer_addr, struct all_addr *local_addr, int istcp, unsigned int *markp)
-+int get_incoming_mark(union mysockaddr *peer_addr, union all_addr *local_addr, int istcp, unsigned int *markp)
- {
- struct nf_conntrack *ct;
- struct nfct_handle *h;
-@@ -41,14 +41,14 @@ int get_incoming_mark(union mysockaddr *
- nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET6);
- nfct_set_attr(ct, ATTR_IPV6_SRC, peer_addr->in6.sin6_addr.s6_addr);
- nfct_set_attr_u16(ct, ATTR_PORT_SRC, peer_addr->in6.sin6_port);
-- nfct_set_attr(ct, ATTR_IPV6_DST, local_addr->addr.addr6.s6_addr);
-+ nfct_set_attr(ct, ATTR_IPV6_DST, local_addr->addr6.s6_addr);
- }
- else
- {
- nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
- nfct_set_attr_u32(ct, ATTR_IPV4_SRC, peer_addr->in.sin_addr.s_addr);
- nfct_set_attr_u16(ct, ATTR_PORT_SRC, peer_addr->in.sin_port);
-- nfct_set_attr_u32(ct, ATTR_IPV4_DST, local_addr->addr.addr4.s_addr);
-+ nfct_set_attr_u32(ct, ATTR_IPV4_DST, local_addr->addr4.s_addr);
- }
-
-
---- a/src/dbus.c
-+++ b/src/dbus.c
-@@ -456,7 +456,7 @@ static DBusMessage *dbus_add_lease(DBusM
- int clid_len, hostname_len, hw_len, hw_type;
- dbus_uint32_t expires, ia_id;
- dbus_bool_t is_temporary;
-- struct all_addr addr;
-+ union all_addr addr;
- time_t now = dnsmasq_time();
- unsigned char dhcp_chaddr[DHCP_CHADDR_MAX];
-
-@@ -526,20 +526,20 @@ static DBusMessage *dbus_add_lease(DBusM
-
- dbus_message_iter_get_basic(&iter, &is_temporary);
-
-- if (inet_pton(AF_INET, ipaddr, &addr.addr.addr4))
-+ if (inet_pton(AF_INET, ipaddr, &addr.addr4))
- {
- if (ia_id != 0 || is_temporary)
- return dbus_message_new_error(message, DBUS_ERROR_INVALID_ARGS,
- "ia_id and is_temporary must be zero for IPv4 lease");
-
-- if (!(lease = lease_find_by_addr(addr.addr.addr4)))
-- lease = lease4_allocate(addr.addr.addr4);
-+ if (!(lease = lease_find_by_addr(addr.addr4)))
-+ lease = lease4_allocate(addr.addr4);
- }
- #ifdef HAVE_DHCP6
-- else if (inet_pton(AF_INET6, ipaddr, &addr.addr.addr6))
-+ else if (inet_pton(AF_INET6, ipaddr, &addr.addr6))
- {
-- if (!(lease = lease6_find_by_addr(&addr.addr.addr6, 128, 0)))
-- lease = lease6_allocate(&addr.addr.addr6,
-+ if (!(lease = lease6_find_by_addr(&addr.addr6, 128, 0)))
-+ lease = lease6_allocate(&addr.addr6,
- is_temporary ? LEASE_TA : LEASE_NA);
- lease_set_iaid(lease, ia_id);
- }
-@@ -570,7 +570,7 @@ static DBusMessage *dbus_del_lease(DBusM
- DBusMessageIter iter;
- const char *ipaddr;
- DBusMessage *reply;
-- struct all_addr addr;
-+ union all_addr addr;
- dbus_bool_t ret = 1;
- time_t now = dnsmasq_time();
-
-@@ -584,11 +584,11 @@ static DBusMessage *dbus_del_lease(DBusM
-
- dbus_message_iter_get_basic(&iter, &ipaddr);
-
-- if (inet_pton(AF_INET, ipaddr, &addr.addr.addr4))
-- lease = lease_find_by_addr(addr.addr.addr4);
-+ if (inet_pton(AF_INET, ipaddr, &addr.addr4))
-+ lease = lease_find_by_addr(addr.addr4);
- #ifdef HAVE_DHCP6
-- else if (inet_pton(AF_INET6, ipaddr, &addr.addr.addr6))
-- lease = lease6_find_by_addr(&addr.addr.addr6, 128, 0);
-+ else if (inet_pton(AF_INET6, ipaddr, &addr.addr6))
-+ lease = lease6_find_by_addr(&addr.addr6, 128, 0);
- #endif
- else
- return dbus_message_new_error_printf(message, DBUS_ERROR_INVALID_ARGS,
---- a/src/dhcp-common.c
-+++ b/src/dhcp-common.c
-@@ -403,30 +403,30 @@ void dhcp_update_configs(struct dhcp_con
- crec = cache_find_by_name(crec, config->hostname, 0, cacheflags);
- if (!crec)
- continue; /* should be never */
-- inet_ntop(prot, &crec->addr.addr, daemon->addrbuff, ADDRSTRLEN);
-+ inet_ntop(prot, &crec->addr, daemon->addrbuff, ADDRSTRLEN);
- my_syslog(MS_DHCP | LOG_WARNING, _("%s has more than one address in hostsfile, using %s for DHCP"),
- config->hostname, daemon->addrbuff);
- }
-
- if (prot == AF_INET &&
-- (!(conf_tmp = config_find_by_address(configs, crec->addr.addr.addr.addr4)) || conf_tmp == config))
-+ (!(conf_tmp = config_find_by_address(configs, crec->addr.addr4)) || conf_tmp == config))
- {
-- config->addr = crec->addr.addr.addr.addr4;
-+ config->addr = crec->addr.addr4;
- config->flags |= CONFIG_ADDR | CONFIG_ADDR_HOSTS;
- continue;
- }
-
- #ifdef HAVE_DHCP6
- if (prot == AF_INET6 &&
-- (!(conf_tmp = config_find_by_address6(configs, &crec->addr.addr.addr.addr6, 128, 0)) || conf_tmp == config))
-+ (!(conf_tmp = config_find_by_address6(configs, &crec->addr.addr6, 128, 0)) || conf_tmp == config))
- {
-- memcpy(&config->addr6, &crec->addr.addr.addr.addr6, IN6ADDRSZ);
-+ memcpy(&config->addr6, &crec->addr.addr6, IN6ADDRSZ);
- config->flags |= CONFIG_ADDR6 | CONFIG_ADDR_HOSTS;
- continue;
- }
- #endif
-
-- inet_ntop(prot, &crec->addr.addr, daemon->addrbuff, ADDRSTRLEN);
-+ inet_ntop(prot, &crec->addr, daemon->addrbuff, ADDRSTRLEN);
- my_syslog(MS_DHCP | LOG_WARNING, _("duplicate IP address %s (%s) in dhcp-config directive"),
- daemon->addrbuff, config->hostname);
-
-@@ -693,7 +693,7 @@ char *option_string(int prot, unsigned i
-
- if (ot[o].size & OT_ADDR_LIST)
- {
-- struct all_addr addr;
-+ union all_addr addr;
- int addr_len = INADDRSZ;
-
- #ifdef HAVE_DHCP6
---- a/src/dhcp.c
-+++ b/src/dhcp.c
-@@ -310,7 +310,7 @@ void dhcp_packet(time_t now, int pxe_fd)
- parm.relay_local.s_addr = 0;
- parm.ind = iface_index;
-
-- if (!iface_check(AF_INET, (struct all_addr *)&iface_addr, ifr.ifr_name, NULL))
-+ if (!iface_check(AF_INET, (union all_addr *)&iface_addr, ifr.ifr_name, NULL))
- {
- /* If we failed to match the primary address of the interface, see if we've got a --listen-address
- for a secondary */
-@@ -558,7 +558,7 @@ static int complete_context(struct in_ad
- }
-
- for (relay = daemon->relay4; relay; relay = relay->next)
-- if (if_index == param->ind && relay->local.addr.addr4.s_addr == local.s_addr && relay->current == relay &&
-+ if (if_index == param->ind && relay->local.addr4.s_addr == local.s_addr && relay->current == relay &&
- (param->relay_local.s_addr == 0 || param->relay_local.s_addr == local.s_addr))
- {
- relay->current = param->relay;
-@@ -984,7 +984,7 @@ char *host_from_dns(struct in_addr addr)
- if (daemon->port == 0)
- return NULL; /* DNS disabled. */
-
-- lookup = cache_find_by_addr(NULL, (struct all_addr *)&addr, 0, F_IPV4);
-+ lookup = cache_find_by_addr(NULL, (union all_addr *)&addr, 0, F_IPV4);
-
- if (lookup && (lookup->flags & F_HOSTS))
- {
-@@ -1013,25 +1013,25 @@ char *host_from_dns(struct in_addr addr)
- static int relay_upstream4(struct dhcp_relay *relay, struct dhcp_packet *mess, size_t sz, int iface_index)
- {
- /* ->local is same value for all relays on ->current chain */
-- struct all_addr from;
-+ union all_addr from;
-
- if (mess->op != BOOTREQUEST)
- return 0;
-
- /* source address == relay address */
-- from.addr.addr4 = relay->local.addr.addr4;
-+ from.addr4 = relay->local.addr4;
-
- /* already gatewayed ? */
- if (mess->giaddr.s_addr)
- {
- /* if so check if by us, to stomp on loops. */
-- if (mess->giaddr.s_addr == relay->local.addr.addr4.s_addr)
-+ if (mess->giaddr.s_addr == relay->local.addr4.s_addr)
- return 1;
- }
- else
- {
- /* plug in our address */
-- mess->giaddr.s_addr = relay->local.addr.addr4.s_addr;
-+ mess->giaddr.s_addr = relay->local.addr4.s_addr;
- }
-
- if ((mess->hops++) > 20)
-@@ -1042,7 +1042,7 @@ static int relay_upstream4(struct dhcp_
- union mysockaddr to;
-
- to.sa.sa_family = AF_INET;
-- to.in.sin_addr = relay->server.addr.addr4;
-+ to.in.sin_addr = relay->server.addr4;
- to.in.sin_port = htons(daemon->dhcp_server_port);
-
- send_from(daemon->dhcpfd, 0, (char *)mess, sz, &to, &from, 0);
-@@ -1050,7 +1050,7 @@ static int relay_upstream4(struct dhcp_
- if (option_bool(OPT_LOG_OPTS))
- {
- inet_ntop(AF_INET, &relay->local, daemon->addrbuff, ADDRSTRLEN);
-- my_syslog(MS_DHCP | LOG_INFO, _("DHCP relay %s -> %s"), daemon->addrbuff, inet_ntoa(relay->server.addr.addr4));
-+ my_syslog(MS_DHCP | LOG_INFO, _("DHCP relay %s -> %s"), daemon->addrbuff, inet_ntoa(relay->server.addr4));
- }
-
- /* Save this for replies */
-@@ -1070,7 +1070,7 @@ static struct dhcp_relay *relay_reply4(s
-
- for (relay = daemon->relay4; relay; relay = relay->next)
- {
-- if (mess->giaddr.s_addr == relay->local.addr.addr4.s_addr)
-+ if (mess->giaddr.s_addr == relay->local.addr4.s_addr)
- {
- if (!relay->interface || wildcard_match(relay->interface, arrival_interface))
- return relay->iface_index != 0 ? relay : NULL;
---- a/src/dhcp6.c
-+++ b/src/dhcp6.c
-@@ -371,7 +371,7 @@ static int complete_context6(struct in6_
- }
-
- for (relay = daemon->relay6; relay; relay = relay->next)
-- if (IN6_ARE_ADDR_EQUAL(local, &relay->local.addr.addr6) && relay->current == relay &&
-+ if (IN6_ARE_ADDR_EQUAL(local, &relay->local.addr6) && relay->current == relay &&
- (IN6_IS_ADDR_UNSPECIFIED(¶m->relay_local) || IN6_ARE_ADDR_EQUAL(local, ¶m->relay_local)))
- {
- relay->current = param->relay;
---- a/src/dnsmasq.c
-+++ b/src/dnsmasq.c
-@@ -1721,12 +1721,12 @@ static void check_dns_listeners(time_t n
- if ((if_index = tcp_interface(confd, tcp_addr.sa.sa_family)) != 0 &&
- indextoname(listener->tcpfd, if_index, intr_name))
- {
-- struct all_addr addr;
-+ union all_addr addr;
-
- if (tcp_addr.sa.sa_family == AF_INET6)
-- addr.addr.addr6 = tcp_addr.in6.sin6_addr;
-+ addr.addr6 = tcp_addr.in6.sin6_addr;
- else
-- addr.addr.addr4 = tcp_addr.in.sin_addr;
-+ addr.addr4 = tcp_addr.in.sin_addr;
-
- for (iface = daemon->interfaces; iface; iface = iface->next)
- if (iface->index == if_index)
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -273,28 +273,39 @@ struct event_desc {
- #define MS_DHCP LOG_DAEMON
- #define MS_SCRIPT LOG_MAIL
-
--struct all_addr {
-- union {
-- struct in_addr addr4;
-- struct in6_addr addr6;
-- struct {
-- struct blockdata *keydata;
-- unsigned short keylen, flags, keytag;
-- unsigned char algo;
-- } key;
-- struct {
-- struct blockdata *keydata;
-- unsigned short keylen, keytag;
-- unsigned char algo;
-- unsigned char digest;
-- } ds;
-- /* for log_query */
-- struct {
-- unsigned short keytag, algo, digest, rcode;
-- } log;
-- } addr;
-+/* Note that this is used widely as a container for IPv4/IPv6 addresses,
-+ so for that reason, was well as to avoid wasting memory in almost every
-+ cache entry, the other variants should not be larger than
-+ sizeof(struct in6_addr) - 16 bytes.
-+*/
-+union all_addr {
-+ struct in_addr addr4;
-+ struct in6_addr addr6;
-+ struct {
-+ union {
-+ struct crec *cache;
-+ struct interface_name *int_name;
-+ } target;
-+ unsigned int uid; /* 0 if union is interface-name */
-+ } cname;
-+ struct {
-+ struct blockdata *keydata;
-+ unsigned short keylen, flags, keytag;
-+ unsigned char algo;
-+ } key;
-+ struct {
-+ struct blockdata *keydata;
-+ unsigned short keylen, keytag;
-+ unsigned char algo;
-+ unsigned char digest;
-+ } ds;
-+ /* for log_query */
-+ struct {
-+ unsigned short keytag, algo, digest, rcode;
-+ } log;
- };
-
-+
- struct bogus_addr {
- struct in_addr addr;
- struct bogus_addr *next;
-@@ -359,7 +370,7 @@ struct ds_config {
- #define ADDRLIST_REVONLY 4
-
- struct addrlist {
-- struct all_addr addr;
-+ union all_addr addr;
- int flags, prefixlen;
- struct addrlist *next;
- };
-@@ -411,17 +422,7 @@ struct blockdata {
-
- struct crec {
- struct crec *next, *prev, *hash_next;
-- /* union is 16 bytes when doing IPv6, 8 bytes on 32 bit machines without IPv6 */
-- union {
-- struct all_addr addr;
-- struct {
-- union {
-- struct crec *cache;
-- struct interface_name *int_name;
-- } target;
-- unsigned int uid; /* 0 if union is interface-name */
-- } cname;
-- } addr;
-+ union all_addr addr;
- time_t ttd; /* time to die */
- /* used as class if DNSKEY/DS, index to source for F_HOSTS */
- unsigned int uid;
-@@ -646,7 +647,7 @@ struct hostsfile {
-
- struct frec {
- union mysockaddr source;
-- struct all_addr dest;
-+ union all_addr dest;
- struct server *sentto; /* NULL means free */
- struct randfd *rfd4;
- struct randfd *rfd6;
-@@ -962,7 +963,7 @@ struct tftp_prefix {
- };
-
- struct dhcp_relay {
-- struct all_addr local, server;
-+ union all_addr local, server;
- char *interface; /* Allowable interface for replies from server, and dest for IPv6 multicast */
- int iface_index; /* working - interface in which requests arrived, for return */
- struct dhcp_relay *current, *next;
-@@ -1128,22 +1129,22 @@ extern struct daemon {
- /* cache.c */
- void cache_init(void);
- void next_uid(struct crec *crecp);
--void log_query(unsigned int flags, char *name, struct all_addr *addr, char *arg);
-+void log_query(unsigned int flags, char *name, union all_addr *addr, char *arg);
- char *record_source(unsigned int index);
- char *querystr(char *desc, unsigned short type);
- int cache_find_non_terminal(char *name, time_t now);
- struct crec *cache_find_by_addr(struct crec *crecp,
-- struct all_addr *addr, time_t now,
-+ union all_addr *addr, time_t now,
- unsigned int prot);
- struct crec *cache_find_by_name(struct crec *crecp,
- char *name, time_t now, unsigned int prot);
- void cache_end_insert(void);
- void cache_start_insert(void);
- int cache_recv_insert(time_t now, int fd);
--struct crec *cache_insert(char *name, struct all_addr *addr, unsigned short class,
-+struct crec *cache_insert(char *name, union all_addr *addr, unsigned short class,
- time_t now, unsigned long ttl, unsigned short flags);
- void cache_reload(void);
--void cache_add_dhcp_entry(char *host_name, int prot, struct all_addr *host_address, time_t ttd);
-+void cache_add_dhcp_entry(char *host_name, int prot, union all_addr *host_address, time_t ttd);
- struct in_addr a_record_from_hosts(char *name, time_t now);
- void cache_unhash_dhcp(void);
- void dump_cache(time_t now);
-@@ -1170,8 +1171,8 @@ void blockdata_free(struct blockdata *bl
- /* domain.c */
- char *get_domain(struct in_addr addr);
- char *get_domain6(struct in6_addr *addr);
--int is_name_synthetic(int flags, char *name, struct all_addr *addr);
--int is_rev_synth(int flag, struct all_addr *addr, char *name);
-+int is_name_synthetic(int flags, char *name, union all_addr *addr);
-+int is_rev_synth(int flag, union all_addr *addr, char *name);
-
- /* rfc1035.c */
- int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
-@@ -1182,7 +1183,7 @@ unsigned char *skip_section(unsigned cha
- unsigned int extract_request(struct dns_header *header, size_t qlen,
- char *name, unsigned short *typep);
- size_t setup_reply(struct dns_header *header, size_t qlen,
-- struct all_addr *addrp, unsigned int flags,
-+ union all_addr *addrp, unsigned int flags,
- unsigned long ttl);
- int extract_addresses(struct dns_header *header, size_t qlen, char *name,
- time_t now, char **ipsets, int is_sign, int check_rebind,
-@@ -1203,7 +1204,7 @@ int add_resource_record(struct dns_heade
- unsigned char *skip_questions(struct dns_header *header, size_t plen);
- int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
- char *name, int isExtract, int extrabytes);
--int in_arpa_name_2_addr(char *namein, struct all_addr *addrp);
-+int in_arpa_name_2_addr(char *namein, union all_addr *addrp);
- int private_net(struct in_addr addr, int ban_localhost);
-
- /* auth.c */
-@@ -1302,7 +1303,7 @@ unsigned char *tcp_request(int confd, ti
- void server_gone(struct server *server);
- struct frec *get_new_frec(time_t now, int *wait, int force);
- int send_from(int fd, int nowild, char *packet, size_t len,
-- union mysockaddr *to, struct all_addr *source,
-+ union mysockaddr *to, union all_addr *source,
- unsigned int iface);
- void resend_query(void);
- struct randfd *allocate_rfd(int family);
-@@ -1329,9 +1330,9 @@ void warn_bound_listeners(void);
- void warn_wild_labels(void);
- void warn_int_names(void);
- int is_dad_listeners(void);
--int iface_check(int family, struct all_addr *addr, char *name, int *auth);
--int loopback_exception(int fd, int family, struct all_addr *addr, char *name);
--int label_exception(int index, int family, struct all_addr *addr);
-+int iface_check(int family, union all_addr *addr, char *name, int *auth);
-+int loopback_exception(int fd, int family, union all_addr *addr, char *name);
-+int label_exception(int index, int family, union all_addr *addr);
- int fix_fd(int fd);
- int tcp_interface(int fd, int af);
- int set_ipv6pktinfo(int fd);
-@@ -1461,7 +1462,7 @@ void ubus_event_bcast(const char *type,
- /* ipset.c */
- #ifdef HAVE_IPSET
- void ipset_init(void);
--int add_to_ipset(const char *setname, const struct all_addr *ipaddr, int flags, int remove);
-+int add_to_ipset(const char *setname, const union all_addr *ipaddr, int flags, int remove);
- #endif
-
- /* helper.c */
-@@ -1474,7 +1475,7 @@ void queue_script(int action, struct dhc
- void queue_tftp(off_t file_len, char *filename, union mysockaddr *peer);
- #endif
- void queue_arp(int action, unsigned char *mac, int maclen,
-- int family, struct all_addr *addr);
-+ int family, union all_addr *addr);
- int helper_buf_empty(void);
- #endif
-
-@@ -1487,7 +1488,7 @@ int do_tftp_script_run(void);
-
- /* conntrack.c */
- #ifdef HAVE_CONNTRACK
--int get_incoming_mark(union mysockaddr *peer_addr, struct all_addr *local_addr,
-+int get_incoming_mark(union mysockaddr *peer_addr, union all_addr *local_addr,
- int istcp, unsigned int *markp);
- #endif
-
---- a/src/dnssec.c
-+++ b/src/dnssec.c
-@@ -628,10 +628,10 @@ static int validate_rrset(time_t now, st
- {
- /* iterate through all possible keys 4035 5.3.1 */
- for (; crecp; crecp = cache_find_by_name(crecp, keyname, now, F_DNSKEY))
-- if (crecp->addr.addr.addr.key.algo == algo &&
-- crecp->addr.addr.addr.key.keytag == key_tag &&
-+ if (crecp->addr.key.algo == algo &&
-+ crecp->addr.key.keytag == key_tag &&
- crecp->uid == (unsigned int)class &&
-- verify(crecp->addr.addr.addr.key.keydata, crecp->addr.addr.addr.key.keylen, sig, sig_len, digest, hash->digest_size, algo))
-+ verify(crecp->addr.key.keydata, crecp->addr.key.keylen, sig, sig_len, digest, hash->digest_size, algo))
- return (labels < name_labels) ? STAT_SECURE_WILDCARD : STAT_SECURE;
- }
- }
-@@ -655,7 +655,7 @@ int dnssec_validate_by_ds(time_t now, st
- struct crec *crecp, *recp1;
- int rc, j, qtype, qclass, ttl, rdlen, flags, algo, valid, keytag;
- struct blockdata *key;
-- struct all_addr a;
-+ union all_addr a;
-
- if (ntohs(header->qdcount) != 1 ||
- !extract_name(header, plen, &p, name, 1, 4))
-@@ -728,10 +728,10 @@ int dnssec_validate_by_ds(time_t now, st
- const struct nettle_hash *hash;
- int sigcnt, rrcnt;
-
-- if (recp1->addr.addr.addr.ds.algo == algo &&
-- recp1->addr.addr.addr.ds.keytag == keytag &&
-+ if (recp1->addr.ds.algo == algo &&
-+ recp1->addr.ds.keytag == keytag &&
- recp1->uid == (unsigned int)class &&
-- (hash = hash_find(ds_digest_name(recp1->addr.addr.addr.ds.digest))) &&
-+ (hash = hash_find(ds_digest_name(recp1->addr.ds.digest))) &&
- hash_init(hash, &ctx, &digest))
-
- {
-@@ -746,9 +746,9 @@ int dnssec_validate_by_ds(time_t now, st
- from_wire(name);
-
- if (!(recp1->flags & F_NEG) &&
-- recp1->addr.addr.addr.ds.keylen == (int)hash->digest_size &&
-- (ds_digest = blockdata_retrieve(recp1->addr.addr.addr.ds.keydata, recp1->addr.addr.addr.ds.keylen, NULL)) &&
-- memcmp(ds_digest, digest, recp1->addr.addr.addr.ds.keylen) == 0 &&
-+ recp1->addr.ds.keylen == (int)hash->digest_size &&
-+ (ds_digest = blockdata_retrieve(recp1->addr.ds.keydata, recp1->addr.ds.keylen, NULL)) &&
-+ memcmp(ds_digest, digest, recp1->addr.ds.keylen) == 0 &&
- explore_rrset(header, plen, class, T_DNSKEY, name, keyname, &sigcnt, &rrcnt) &&
- sigcnt != 0 && rrcnt != 0 &&
- validate_rrset(now, header, plen, class, T_DNSKEY, sigcnt, rrcnt, name, keyname,
-@@ -800,11 +800,11 @@ int dnssec_validate_by_ds(time_t now, st
-
- if ((key = blockdata_alloc((char*)p, rdlen - 4)))
- {
-- a.addr.key.keylen = rdlen - 4;
-- a.addr.key.keydata = key;
-- a.addr.key.algo = algo;
-- a.addr.key.keytag = keytag;
-- a.addr.key.flags = flags;
-+ a.key.keylen = rdlen - 4;
-+ a.key.keydata = key;
-+ a.key.algo = algo;
-+ a.key.keytag = keytag;
-+ a.key.flags = flags;
-
- if (!cache_insert(name, &a, class, now, ttl, F_FORWARD | F_DNSKEY | F_DNSSECOK))
- {
-@@ -813,8 +813,8 @@ int dnssec_validate_by_ds(time_t now, st
- }
- else
- {
-- a.addr.log.keytag = keytag;
-- a.addr.log.algo = algo;
-+ a.log.keytag = keytag;
-+ a.log.algo = algo;
- if (algo_digest_name(algo))
- log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DNSKEY keytag %hu, algo %hu");
- else
-@@ -857,7 +857,7 @@ int dnssec_validate_ds(time_t now, struc
- int qtype, qclass, rc, i, neganswer, nons;
- int aclass, atype, rdlen;
- unsigned long ttl;
-- struct all_addr a;
-+ union all_addr a;
-
- if (ntohs(header->qdcount) != 1 ||
- !(p = skip_name(p, header, plen, 4)))
-@@ -925,11 +925,11 @@ int dnssec_validate_ds(time_t now, struc
-
- if ((key = blockdata_alloc((char*)p, rdlen - 4)))
- {
-- a.addr.ds.digest = digest;
-- a.addr.ds.keydata = key;
-- a.addr.ds.algo = algo;
-- a.addr.ds.keytag = keytag;
-- a.addr.ds.keylen = rdlen - 4;
-+ a.ds.digest = digest;
-+ a.ds.keydata = key;
-+ a.ds.algo = algo;
-+ a.ds.keytag = keytag;
-+ a.ds.keylen = rdlen - 4;
-
- if (!cache_insert(name, &a, class, now, ttl, F_FORWARD | F_DS | F_DNSSECOK))
- {
-@@ -938,9 +938,9 @@ int dnssec_validate_ds(time_t now, struc
- }
- else
- {
-- a.addr.log.keytag = keytag;
-- a.addr.log.algo = algo;
-- a.addr.log.digest = digest;
-+ a.log.keytag = keytag;
-+ a.log.algo = algo;
-+ a.log.digest = digest;
- if (ds_digest_name(digest) && algo_digest_name(algo))
- log_query(F_NOEXTRA | F_KEYTAG | F_UPSTREAM, name, &a, "DS keytag %hu, algo %hu, digest %hu");
- else
-@@ -1710,8 +1710,8 @@ static int zone_status(char *name, int c
- do
- {
- if (crecp->uid == (unsigned int)class &&
-- ds_digest_name(crecp->addr.addr.addr.ds.digest) &&
-- algo_digest_name(crecp->addr.addr.addr.ds.algo))
-+ ds_digest_name(crecp->addr.ds.digest) &&
-+ algo_digest_name(crecp->addr.ds.algo))
- break;
- }
- while ((crecp = cache_find_by_name(crecp, keyname, now, F_DS)));
---- a/src/domain.c
-+++ b/src/domain.c
-@@ -21,7 +21,7 @@ static struct cond_domain *search_domain
- static struct cond_domain *search_domain6(struct in6_addr *addr, struct cond_domain *c);
-
-
--int is_name_synthetic(int flags, char *name, struct all_addr *addr)
-+int is_name_synthetic(int flags, char *name, union all_addr *addr)
- {
- char *p;
- struct cond_domain *c = NULL;
-@@ -73,7 +73,7 @@ int is_name_synthetic(int flags, char *n
- if (!c->is6 &&
- index <= ntohl(c->end.s_addr) - ntohl(c->start.s_addr))
- {
-- addr->addr.addr4.s_addr = htonl(ntohl(c->start.s_addr) + index);
-+ addr->addr4.s_addr = htonl(ntohl(c->start.s_addr) + index);
- found = 1;
- }
- }
-@@ -85,8 +85,8 @@ int is_name_synthetic(int flags, char *n
- index <= addr6part(&c->end6) - addr6part(&c->start6))
- {
- u64 start = addr6part(&c->start6);
-- addr->addr.addr6 = c->start6;
-- setaddr6part(&addr->addr.addr6, start + index);
-+ addr->addr6 = c->start6;
-+ setaddr6part(&addr->addr6, start + index);
- found = 1;
- }
- }
-@@ -139,16 +139,16 @@ int is_name_synthetic(int flags, char *n
- if (prot == AF_INET)
- {
- if (!c->is6 &&
-- ntohl(addr->addr.addr4.s_addr) >= ntohl(c->start.s_addr) &&
-- ntohl(addr->addr.addr4.s_addr) <= ntohl(c->end.s_addr))
-+ ntohl(addr->addr4.s_addr) >= ntohl(c->start.s_addr) &&
-+ ntohl(addr->addr4.s_addr) <= ntohl(c->end.s_addr))
- found = 1;
- }
- else
- {
-- u64 addrpart = addr6part(&addr->addr.addr6);
-+ u64 addrpart = addr6part(&addr->addr6);
-
- if (c->is6 &&
-- is_same_net6(&addr->addr.addr6, &c->start6, 64) &&
-+ is_same_net6(&addr->addr6, &c->start6, 64) &&
- addrpart >= addr6part(&c->start6) &&
- addrpart <= addr6part(&c->end6))
- found = 1;
-@@ -173,18 +173,18 @@ int is_name_synthetic(int flags, char *n
- }
-
-
--int is_rev_synth(int flag, struct all_addr *addr, char *name)
-+int is_rev_synth(int flag, union all_addr *addr, char *name)
- {
- struct cond_domain *c;
-
-- if (flag & F_IPV4 && (c = search_domain(addr->addr.addr4, daemon->synth_domains)))
-+ if (flag & F_IPV4 && (c = search_domain(addr->addr4, daemon->synth_domains)))
- {
- char *p;
-
- *name = 0;
- if (c->indexed)
- {
-- unsigned int index = ntohl(addr->addr.addr4.s_addr) - ntohl(c->start.s_addr);
-+ unsigned int index = ntohl(addr->addr4.s_addr) - ntohl(c->start.s_addr);
- snprintf(name, MAXDNAME, "%s%u", c->prefix ? c->prefix : "", index);
- }
- else
-@@ -192,7 +192,7 @@ int is_rev_synth(int flag, struct all_ad
- if (c->prefix)
- strncpy(name, c->prefix, MAXDNAME - ADDRSTRLEN);
-
-- inet_ntop(AF_INET, &addr->addr.addr4, name + strlen(name), ADDRSTRLEN);
-+ inet_ntop(AF_INET, &addr->addr4, name + strlen(name), ADDRSTRLEN);
- for (p = name; *p; p++)
- if (*p == '.')
- *p = '-';
-@@ -204,14 +204,14 @@ int is_rev_synth(int flag, struct all_ad
- return 1;
- }
-
-- if ((flag & F_IPV6) && (c = search_domain6(&addr->addr.addr6, daemon->synth_domains)))
-+ if ((flag & F_IPV6) && (c = search_domain6(&addr->addr6, daemon->synth_domains)))
- {
- char *p;
-
- *name = 0;
- if (c->indexed)
- {
-- u64 index = addr6part(&addr->addr.addr6) - addr6part(&c->start6);
-+ u64 index = addr6part(&addr->addr6) - addr6part(&c->start6);
- snprintf(name, MAXDNAME, "%s%llu", c->prefix ? c->prefix : "", index);
- }
- else
-@@ -219,14 +219,14 @@ int is_rev_synth(int flag, struct all_ad
- if (c->prefix)
- strncpy(name, c->prefix, MAXDNAME - ADDRSTRLEN);
-
-- inet_ntop(AF_INET6, &addr->addr.addr6, name + strlen(name), ADDRSTRLEN);
-+ inet_ntop(AF_INET6, &addr->addr6, name + strlen(name), ADDRSTRLEN);
-
- /* IPv6 presentation address can start with ":", but valid domain names
- cannot start with "-" so prepend a zero in that case. */
- if (!c->prefix && *name == ':')
- {
- *name = '0';
-- inet_ntop(AF_INET6, &addr->addr.addr6, name+1, ADDRSTRLEN);
-+ inet_ntop(AF_INET6, &addr->addr6, name+1, ADDRSTRLEN);
- }
-
- /* V4-mapped have periods.... */
---- a/src/forward.c
-+++ b/src/forward.c
-@@ -26,7 +26,7 @@ static void free_frec(struct frec *f);
- /* Send a UDP packet with its source address set as "source"
- unless nowild is true, when we just send it with the kernel default */
- int send_from(int fd, int nowild, char *packet, size_t len,
-- union mysockaddr *to, struct all_addr *source,
-+ union mysockaddr *to, union all_addr *source,
- unsigned int iface)
- {
- struct msghdr msg;
-@@ -64,13 +64,13 @@ int send_from(int fd, int nowild, char *
- #if defined(HAVE_LINUX_NETWORK)
- struct in_pktinfo p;
- p.ipi_ifindex = 0;
-- p.ipi_spec_dst = source->addr.addr4;
-+ p.ipi_spec_dst = source->addr4;
- memcpy(CMSG_DATA(cmptr), &p, sizeof(p));
- msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
- cmptr->cmsg_level = IPPROTO_IP;
- cmptr->cmsg_type = IP_PKTINFO;
- #elif defined(IP_SENDSRCADDR)
-- memcpy(CMSG_DATA(cmptr), &(source->addr.addr4), sizeof(source->addr.addr4));
-+ memcpy(CMSG_DATA(cmptr), &(source->addr4), sizeof(source->addr4));
- msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in_addr));
- cmptr->cmsg_level = IPPROTO_IP;
- cmptr->cmsg_type = IP_SENDSRCADDR;
-@@ -80,7 +80,7 @@ int send_from(int fd, int nowild, char *
- {
- struct in6_pktinfo p;
- p.ipi6_ifindex = iface; /* Need iface for IPv6 to handle link-local addrs */
-- p.ipi6_addr = source->addr.addr6;
-+ p.ipi6_addr = source->addr6;
- memcpy(CMSG_DATA(cmptr), &p, sizeof(p));
- msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
- cmptr->cmsg_type = daemon->v6pktinfo;
-@@ -100,7 +100,7 @@ int send_from(int fd, int nowild, char *
- return 1;
- }
-
--static unsigned int search_servers(time_t now, struct all_addr **addrpp, unsigned int qtype,
-+static unsigned int search_servers(time_t now, union all_addr **addrpp, unsigned int qtype,
- char *qdomain, int *type, char **domain, int *norebind)
-
- {
-@@ -112,7 +112,7 @@ static unsigned int search_servers(time_
- unsigned int matchlen = 0;
- struct server *serv;
- unsigned int flags = 0;
-- static struct all_addr zero;
-+ static union all_addr zero;
-
- for (serv = daemon->servers; serv; serv=serv->next)
- if (qtype == F_DNSSECOK && !(serv->flags & SERV_DO_DNSSEC))
-@@ -137,9 +137,9 @@ static unsigned int search_servers(time_
- {
- flags = sflag;
- if (serv->addr.sa.sa_family == AF_INET)
-- *addrpp = (struct all_addr *)&serv->addr.in.sin_addr;
-+ *addrpp = (union all_addr *)&serv->addr.in.sin_addr;
- else
-- *addrpp = (struct all_addr *)&serv->addr.in6.sin6_addr;
-+ *addrpp = (union all_addr *)&serv->addr.in6.sin6_addr;
- }
- else if (!flags || (flags & F_NXDOMAIN))
- flags = F_NOERR;
-@@ -195,9 +195,9 @@ static unsigned int search_servers(time_
- {
- flags = sflag;
- if (serv->addr.sa.sa_family == AF_INET)
-- *addrpp = (struct all_addr *)&serv->addr.in.sin_addr;
-+ *addrpp = (union all_addr *)&serv->addr.in.sin_addr;
- else
-- *addrpp = (struct all_addr *)&serv->addr.in6.sin6_addr;
-+ *addrpp = (union all_addr *)&serv->addr.in6.sin6_addr;
- }
- else if (!flags || (flags & F_NXDOMAIN))
- flags = F_NOERR;
-@@ -239,13 +239,13 @@ static unsigned int search_servers(time_
- }
-
- static int forward_query(int udpfd, union mysockaddr *udpaddr,
-- struct all_addr *dst_addr, unsigned int dst_iface,
-+ union all_addr *dst_addr, unsigned int dst_iface,
- struct dns_header *header, size_t plen, time_t now,
- struct frec *forward, int ad_reqd, int do_bit)
- {
- char *domain = NULL;
- int type = SERV_DO_DNSSEC, norebind = 0;
-- struct all_addr *addrp = NULL;
-+ union all_addr *addrp = NULL;
- unsigned int flags = 0;
- struct server *start = NULL;
- #ifdef HAVE_DNSSEC
-@@ -289,9 +289,9 @@ static int forward_query(int udpfd, unio
- PUTSHORT(SAFE_PKTSZ, pheader);
-
- if (forward->sentto->addr.sa.sa_family == AF_INET)
-- log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, "retry", (struct all_addr *)&forward->sentto->addr.in.sin_addr, "dnssec");
-+ log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, "retry", (union all_addr *)&forward->sentto->addr.in.sin_addr, "dnssec");
- else
-- log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, "retry", (struct all_addr *)&forward->sentto->addr.in6.sin6_addr, "dnssec");
-+ log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, "retry", (union all_addr *)&forward->sentto->addr.in6.sin6_addr, "dnssec");
-
-
- if (forward->sentto->sfd)
-@@ -523,10 +523,10 @@ static int forward_query(int udpfd, unio
- strcpy(daemon->namebuff, "query");
- if (start->addr.sa.sa_family == AF_INET)
- log_query(F_SERVER | F_IPV4 | F_FORWARD, daemon->namebuff,
-- (struct all_addr *)&start->addr.in.sin_addr, NULL);
-+ (union all_addr *)&start->addr.in.sin_addr, NULL);
- else
- log_query(F_SERVER | F_IPV6 | F_FORWARD, daemon->namebuff,
-- (struct all_addr *)&start->addr.in6.sin6_addr, NULL);
-+ (union all_addr *)&start->addr.in6.sin6_addr, NULL);
- start->queries++;
- forwarded = 1;
- forward->sentto = start;
-@@ -657,8 +657,8 @@ static size_t process_reply(struct dns_h
-
- if (rcode != NOERROR && rcode != NXDOMAIN)
- {
-- struct all_addr a;
-- a.addr.log.rcode = rcode;
-+ union all_addr a;
-+ a.log.rcode = rcode;
- log_query(F_UPSTREAM | F_RCODE, "error", &a, NULL);
-
- return resize_packet(header, n, pheader, plen);
-@@ -877,9 +877,9 @@ void reply_query(int fd, int family, tim
- sa_len(&start->addr))));
-
- if (start->addr.sa.sa_family == AF_INET)
-- log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, "retry", (struct all_addr *)&start->addr.in.sin_addr, "dnssec");
-+ log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, "retry", (union all_addr *)&start->addr.in.sin_addr, "dnssec");
- else
-- log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, "retry", (struct all_addr *)&start->addr.in6.sin6_addr, "dnssec");
-+ log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, "retry", (union all_addr *)&start->addr.in6.sin6_addr, "dnssec");
-
- return;
- }
-@@ -1094,10 +1094,10 @@ void reply_query(int fd, int family, tim
- daemon->keyname, forward->class, querytype, server->edns_pktsz);
-
- if (server->addr.sa.sa_family == AF_INET)
-- log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, daemon->keyname, (struct all_addr *)&(server->addr.in.sin_addr),
-+ log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, daemon->keyname, (union all_addr *)&(server->addr.in.sin_addr),
- querystr("dnssec-query", querytype));
- else
-- log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, daemon->keyname, (struct all_addr *)&(server->addr.in6.sin6_addr),
-+ log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, daemon->keyname, (union all_addr *)&(server->addr.in6.sin6_addr),
- querystr("dnssec-query", querytype));
-
- if ((hash = hash_questions(header, nn, daemon->namebuff)))
-@@ -1244,7 +1244,7 @@ void receive_query(struct listener *list
- union mysockaddr source_addr;
- unsigned char *pheader;
- unsigned short type, udp_size = PACKETSZ; /* default if no EDNS0 */
-- struct all_addr dst_addr;
-+ union all_addr dst_addr;
- struct in_addr netmask, dst_addr_4;
- size_t m;
- ssize_t n;
-@@ -1274,7 +1274,7 @@ void receive_query(struct listener *list
- /* packet buffer overwritten */
- daemon->srv_save = NULL;
-
-- dst_addr_4.s_addr = dst_addr.addr.addr4.s_addr = 0;
-+ dst_addr_4.s_addr = dst_addr.addr4.s_addr = 0;
- netmask.s_addr = 0;
-
- if (option_bool(OPT_NOWILD) && listen->iface)
-@@ -1283,7 +1283,7 @@ void receive_query(struct listener *list
-
- if (listen->family == AF_INET)
- {
-- dst_addr_4 = dst_addr.addr.addr4 = listen->iface->addr.in.sin_addr;
-+ dst_addr_4 = dst_addr.addr4 = listen->iface->addr.in.sin_addr;
- netmask = listen->iface->netmask;
- }
- }
-@@ -1337,7 +1337,7 @@ void receive_query(struct listener *list
- {
- for (addr = daemon->interface_addrs; addr; addr = addr->next)
- if ((addr->flags & ADDRLIST_IPV6) &&
-- is_same_net6(&addr->addr.addr.addr6, &source_addr.in6.sin6_addr, addr->prefixlen))
-+ is_same_net6(&addr->addr.addr6, &source_addr.in6.sin6_addr, addr->prefixlen))
- break;
- }
- else
-@@ -1347,7 +1347,7 @@ void receive_query(struct listener *list
- {
- netmask.s_addr = htonl(~(in_addr_t)0 << (32 - addr->prefixlen));
- if (!(addr->flags & ADDRLIST_IPV6) &&
-- is_same_net(addr->addr.addr.addr4, source_addr.in.sin_addr, netmask))
-+ is_same_net(addr->addr.addr4, source_addr.in.sin_addr, netmask))
- break;
- }
- }
-@@ -1380,7 +1380,7 @@ void receive_query(struct listener *list
- struct in_pktinfo *p;
- } p;
- p.c = CMSG_DATA(cmptr);
-- dst_addr_4 = dst_addr.addr.addr4 = p.p->ipi_spec_dst;
-+ dst_addr_4 = dst_addr.addr4 = p.p->ipi_spec_dst;
- if_index = p.p->ipi_ifindex;
- }
- #elif defined(IP_RECVDSTADDR) && defined(IP_RECVIF)
-@@ -1398,7 +1398,7 @@ void receive_query(struct listener *list
- } p;
- p.c = CMSG_DATA(cmptr);
- if (cmptr->cmsg_level == IPPROTO_IP && cmptr->cmsg_type == IP_RECVDSTADDR)
-- dst_addr_4 = dst_addr.addr.addr4 = *(p.a);
-+ dst_addr_4 = dst_addr.addr4 = *(p.a);
- else if (cmptr->cmsg_level == IPPROTO_IP && cmptr->cmsg_type == IP_RECVIF)
- #ifdef HAVE_SOLARIS_NETWORK
- if_index = *(p.i);
-@@ -1420,7 +1420,7 @@ void receive_query(struct listener *list
- } p;
- p.c = CMSG_DATA(cmptr);
-
-- dst_addr.addr.addr6 = p.p->ipi6_addr;
-+ dst_addr.addr6 = p.p->ipi6_addr;
- if_index = p.p->ipi6_ifindex;
- }
- }
-@@ -1486,10 +1486,10 @@ void receive_query(struct listener *list
-
- if (listen->family == AF_INET)
- log_query(F_QUERY | F_IPV4 | F_FORWARD, daemon->namebuff,
-- (struct all_addr *)&source_addr.in.sin_addr, types);
-+ (union all_addr *)&source_addr.in.sin_addr, types);
- else
- log_query(F_QUERY | F_IPV6 | F_FORWARD, daemon->namebuff,
-- (struct all_addr *)&source_addr.in6.sin6_addr, types);
-+ (union all_addr *)&source_addr.in6.sin6_addr, types);
-
- #ifdef HAVE_AUTH
- /* find queries for zones we're authoritative for, and answer them directly */
-@@ -1696,10 +1696,10 @@ static int tcp_key_recurse(time_t now, i
-
-
- if (server->addr.sa.sa_family == AF_INET)
-- log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, keyname, (struct all_addr *)&(server->addr.in.sin_addr),
-+ log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, keyname, (union all_addr *)&(server->addr.in.sin_addr),
- querystr("dnssec-query", new_status == STAT_NEED_KEY ? T_DNSKEY : T_DS));
- else
-- log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, keyname, (struct all_addr *)&(server->addr.in6.sin6_addr),
-+ log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, keyname, (union all_addr *)&(server->addr.in6.sin6_addr),
- querystr("dnssec-query", new_status == STAT_NEED_KEY ? T_DNSKEY : T_DS));
-
- server->flags |= SERV_GOT_TCP;
-@@ -1764,12 +1764,12 @@ unsigned char *tcp_request(int confd, ti
- /* Get connection mark of incoming query to set on outgoing connections. */
- if (option_bool(OPT_CONNTRACK))
- {
-- struct all_addr local;
-+ union all_addr local;
-
- if (local_addr->sa.sa_family == AF_INET6)
-- local.addr.addr6 = local_addr->in6.sin6_addr;
-+ local.addr6 = local_addr->in6.sin6_addr;
- else
-- local.addr.addr4 = local_addr->in.sin_addr;
-+ local.addr4 = local_addr->in.sin_addr;
-
- have_mark = get_incoming_mark(&peer_addr, &local, 1, &mark);
- }
-@@ -1784,7 +1784,7 @@ unsigned char *tcp_request(int confd, ti
- {
- for (addr = daemon->interface_addrs; addr; addr = addr->next)
- if ((addr->flags & ADDRLIST_IPV6) &&
-- is_same_net6(&addr->addr.addr.addr6, &peer_addr.in6.sin6_addr, addr->prefixlen))
-+ is_same_net6(&addr->addr.addr6, &peer_addr.in6.sin6_addr, addr->prefixlen))
- break;
- }
- else
-@@ -1794,7 +1794,7 @@ unsigned char *tcp_request(int confd, ti
- {
- netmask.s_addr = htonl(~(in_addr_t)0 << (32 - addr->prefixlen));
- if (!(addr->flags & ADDRLIST_IPV6) &&
-- is_same_net(addr->addr.addr.addr4, peer_addr.in.sin_addr, netmask))
-+ is_same_net(addr->addr.addr4, peer_addr.in.sin_addr, netmask))
- break;
- }
- }
-@@ -1841,10 +1841,10 @@ unsigned char *tcp_request(int confd, ti
-
- if (peer_addr.sa.sa_family == AF_INET)
- log_query(F_QUERY | F_IPV4 | F_FORWARD, daemon->namebuff,
-- (struct all_addr *)&peer_addr.in.sin_addr, types);
-+ (union all_addr *)&peer_addr.in.sin_addr, types);
- else
- log_query(F_QUERY | F_IPV6 | F_FORWARD, daemon->namebuff,
-- (struct all_addr *)&peer_addr.in6.sin6_addr, types);
-+ (union all_addr *)&peer_addr.in6.sin6_addr, types);
-
- #ifdef HAVE_AUTH
- /* find queries for zones we're authoritative for, and answer them directly */
-@@ -1900,7 +1900,7 @@ unsigned char *tcp_request(int confd, ti
- if (m == 0)
- {
- unsigned int flags = 0;
-- struct all_addr *addrp = NULL;
-+ union all_addr *addrp = NULL;
- int type = SERV_DO_DNSSEC;
- char *domain = NULL;
- unsigned char *oph = find_pseudoheader(header, size, NULL, NULL, NULL, NULL);
-@@ -2019,10 +2019,10 @@ unsigned char *tcp_request(int confd, ti
-
- if (last_server->addr.sa.sa_family == AF_INET)
- log_query(F_SERVER | F_IPV4 | F_FORWARD, daemon->namebuff,
-- (struct all_addr *)&last_server->addr.in.sin_addr, NULL);
-+ (union all_addr *)&last_server->addr.in.sin_addr, NULL);
- else
- log_query(F_SERVER | F_IPV6 | F_FORWARD, daemon->namebuff,
-- (struct all_addr *)&last_server->addr.in6.sin6_addr, NULL);
-+ (union all_addr *)&last_server->addr.in6.sin6_addr, NULL);
-
- #ifdef HAVE_DNSSEC
- if (option_bool(OPT_DNSSEC_VALID) && !checking_disabled && (last_server->flags & SERV_DO_DNSSEC))
---- a/src/helper.c
-+++ b/src/helper.c
-@@ -831,7 +831,7 @@ void queue_tftp(off_t file_len, char *fi
- }
- #endif
-
--void queue_arp(int action, unsigned char *mac, int maclen, int family, struct all_addr *addr)
-+void queue_arp(int action, unsigned char *mac, int maclen, int family, union all_addr *addr)
- {
- /* no script */
- if (daemon->helperfd == -1)
-@@ -844,9 +844,9 @@ void queue_arp(int action, unsigned char
- buf->hwaddr_len = maclen;
- buf->hwaddr_type = ARPHRD_ETHER;
- if ((buf->flags = family) == AF_INET)
-- buf->addr = addr->addr.addr4;
-+ buf->addr = addr->addr4;
- else
-- buf->addr6 = addr->addr.addr6;
-+ buf->addr6 = addr->addr6;
-
- memcpy(buf->hwaddr, mac, maclen);
-
---- a/src/ipset.c
-+++ b/src/ipset.c
-@@ -114,7 +114,7 @@ void ipset_init(void)
- die (_("failed to create IPset control socket: %s"), NULL, EC_MISC);
- }
-
--static int new_add_to_ipset(const char *setname, const struct all_addr *ipaddr, int af, int remove)
-+static int new_add_to_ipset(const char *setname, const union all_addr *ipaddr, int af, int remove)
- {
- struct nlmsghdr *nlh;
- struct my_nfgenmsg *nfg;
-@@ -152,7 +152,7 @@ static int new_add_to_ipset(const char *
- nested[1]->nla_type = NLA_F_NESTED | IPSET_ATTR_IP;
- add_attr(nlh,
- (af == AF_INET ? IPSET_ATTR_IPADDR_IPV4 : IPSET_ATTR_IPADDR_IPV6) | NLA_F_NET_BYTEORDER,
-- addrsz, &ipaddr->addr);
-+ addrsz, ipaddr);
- nested[1]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void *)nested[1];
- nested[0]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void *)nested[0];
-
-@@ -163,7 +163,7 @@ static int new_add_to_ipset(const char *
- }
-
-
--static int old_add_to_ipset(const char *setname, const struct all_addr *ipaddr, int remove)
-+static int old_add_to_ipset(const char *setname, const union all_addr *ipaddr, int remove)
- {
- socklen_t size;
- struct ip_set_req_adt_get {
-@@ -195,7 +195,7 @@ static int old_add_to_ipset(const char *
- return -1;
- req_adt.op = remove ? 0x102 : 0x101;
- req_adt.index = req_adt_get.set.index;
-- req_adt.ip = ntohl(ipaddr->addr.addr4.s_addr);
-+ req_adt.ip = ntohl(ipaddr->addr4.s_addr);
- if (setsockopt(ipset_sock, SOL_IP, 83, &req_adt, sizeof(req_adt)) < 0)
- return -1;
-
-@@ -204,7 +204,7 @@ static int old_add_to_ipset(const char *
-
-
-
--int add_to_ipset(const char *setname, const struct all_addr *ipaddr, int flags, int remove)
-+int add_to_ipset(const char *setname, const union all_addr *ipaddr, int flags, int remove)
- {
- int ret = 0, af = AF_INET;
-
---- a/src/lease.c
-+++ b/src/lease.c
-@@ -24,7 +24,7 @@ static int dns_dirty, file_dirty, leases
- static int read_leases(time_t now, FILE *leasestream)
- {
- unsigned long ei;
-- struct all_addr addr;
-+ union all_addr addr;
- struct dhcp_lease *lease;
- int clid_len, hw_len, hw_type;
- int items;
-@@ -62,9 +62,9 @@ static int read_leases(time_t now, FILE
- daemon->namebuff, daemon->dhcp_buff, daemon->packet) != 3)
- return 0;
-
-- if (inet_pton(AF_INET, daemon->namebuff, &addr.addr.addr4))
-+ if (inet_pton(AF_INET, daemon->namebuff, &addr.addr4))
- {
-- if ((lease = lease4_allocate(addr.addr.addr4)))
-+ if ((lease = lease4_allocate(addr.addr4)))
- domain = get_domain(lease->addr);
-
- hw_len = parse_hex(daemon->dhcp_buff2, (unsigned char *)daemon->dhcp_buff2, DHCP_CHADDR_MAX, NULL, &hw_type);
-@@ -73,7 +73,7 @@ static int read_leases(time_t now, FILE
- hw_type = ARPHRD_ETHER;
- }
- #ifdef HAVE_DHCP6
-- else if (inet_pton(AF_INET6, daemon->namebuff, &addr.addr.addr6))
-+ else if (inet_pton(AF_INET6, daemon->namebuff, &addr.addr6))
- {
- char *s = daemon->dhcp_buff2;
- int lease_type = LEASE_NA;
-@@ -84,7 +84,7 @@ static int read_leases(time_t now, FILE
- s++;
- }
-
-- if ((lease = lease6_allocate(&addr.addr.addr6, lease_type)))
-+ if ((lease = lease6_allocate(&addr.addr6, lease_type)))
- {
- lease_set_iaid(lease, strtoul(s, NULL, 10));
- domain = get_domain6(&lease->addr6);
-@@ -514,28 +514,28 @@ void lease_update_dns(int force)
- if (slaac->backoff == 0)
- {
- if (lease->fqdn)
-- cache_add_dhcp_entry(lease->fqdn, AF_INET6, (struct all_addr *)&slaac->addr, lease->expires);
-+ cache_add_dhcp_entry(lease->fqdn, AF_INET6, (union all_addr *)&slaac->addr, lease->expires);
- if (!option_bool(OPT_DHCP_FQDN) && lease->hostname)
-- cache_add_dhcp_entry(lease->hostname, AF_INET6, (struct all_addr *)&slaac->addr, lease->expires);
-+ cache_add_dhcp_entry(lease->hostname, AF_INET6, (union all_addr *)&slaac->addr, lease->expires);
- }
- }
-
- if (lease->fqdn)
- cache_add_dhcp_entry(lease->fqdn, prot,
-- prot == AF_INET ? (struct all_addr *)&lease->addr : (struct all_addr *)&lease->addr6,
-+ prot == AF_INET ? (union all_addr *)&lease->addr : (union all_addr *)&lease->addr6,
- lease->expires);
-
- if (!option_bool(OPT_DHCP_FQDN) && lease->hostname)
- cache_add_dhcp_entry(lease->hostname, prot,
-- prot == AF_INET ? (struct all_addr *)&lease->addr : (struct all_addr *)&lease->addr6,
-+ prot == AF_INET ? (union all_addr *)&lease->addr : (union all_addr *)&lease->addr6,
- lease->expires);
-
- #else
- if (lease->fqdn)
-- cache_add_dhcp_entry(lease->fqdn, prot, (struct all_addr *)&lease->addr, lease->expires);
-+ cache_add_dhcp_entry(lease->fqdn, prot, (union all_addr *)&lease->addr, lease->expires);
-
- if (!option_bool(OPT_DHCP_FQDN) && lease->hostname)
-- cache_add_dhcp_entry(lease->hostname, prot, (struct all_addr *)&lease->addr, lease->expires);
-+ cache_add_dhcp_entry(lease->hostname, prot, (union all_addr *)&lease->addr, lease->expires);
- #endif
- }
-
---- a/src/network.c
-+++ b/src/network.c
-@@ -109,7 +109,7 @@ int indextoname(int fd, int index, char
-
- #endif
-
--int iface_check(int family, struct all_addr *addr, char *name, int *auth)
-+int iface_check(int family, union all_addr *addr, char *name, int *auth)
- {
- struct iname *tmp;
- int ret = 1, match_addr = 0;
-@@ -135,11 +135,11 @@ int iface_check(int family, struct all_a
- if (tmp->addr.sa.sa_family == family)
- {
- if (family == AF_INET &&
-- tmp->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
-+ tmp->addr.in.sin_addr.s_addr == addr->addr4.s_addr)
- ret = match_addr = tmp->used = 1;
- else if (family == AF_INET6 &&
- IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr,
-- &addr->addr.addr6))
-+ &addr->addr6))
- ret = match_addr = tmp->used = 1;
- }
- }
-@@ -158,10 +158,10 @@ int iface_check(int family, struct all_a
- break;
- }
- else if (addr && tmp->addr.sa.sa_family == AF_INET && family == AF_INET &&
-- tmp->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
-+ tmp->addr.in.sin_addr.s_addr == addr->addr4.s_addr)
- break;
- else if (addr && tmp->addr.sa.sa_family == AF_INET6 && family == AF_INET6 &&
-- IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr, &addr->addr.addr6))
-+ IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr, &addr->addr6))
- break;
-
- if (tmp && auth)
-@@ -179,7 +179,7 @@ int iface_check(int family, struct all_a
- an interface other than the loopback. Accept packet if it arrived via a loopback
- interface, even when we're not accepting packets that way, as long as the destination
- address is one we're believing. Interface list must be up-to-date before calling. */
--int loopback_exception(int fd, int family, struct all_addr *addr, char *name)
-+int loopback_exception(int fd, int family, union all_addr *addr, char *name)
- {
- struct ifreq ifr;
- struct irec *iface;
-@@ -193,10 +193,10 @@ int loopback_exception(int fd, int famil
- {
- if (family == AF_INET)
- {
-- if (iface->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
-+ if (iface->addr.in.sin_addr.s_addr == addr->addr4.s_addr)
- return 1;
- }
-- else if (IN6_ARE_ADDR_EQUAL(&iface->addr.in6.sin6_addr, &addr->addr.addr6))
-+ else if (IN6_ARE_ADDR_EQUAL(&iface->addr.in6.sin6_addr, &addr->addr6))
- return 1;
- }
- }
-@@ -207,7 +207,7 @@ int loopback_exception(int fd, int famil
- on the relevant address, but the name of the arrival interface, derived from the
- index won't match the config. Check that we found an interface address for the arrival
- interface: daemon->interfaces must be up-to-date. */
--int label_exception(int index, int family, struct all_addr *addr)
-+int label_exception(int index, int family, union all_addr *addr)
- {
- struct irec *iface;
-
-@@ -217,7 +217,7 @@ int label_exception(int index, int famil
-
- for (iface = daemon->interfaces; iface; iface = iface->next)
- if (iface->index == index && iface->addr.sa.sa_family == AF_INET &&
-- iface->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
-+ iface->addr.in.sin_addr.s_addr == addr->addr4.s_addr)
- return 1;
-
- return 0;
-@@ -282,12 +282,12 @@ static int iface_allowed(struct iface_pa
-
- if (addr->sa.sa_family == AF_INET)
- {
-- al->addr.addr.addr4 = addr->in.sin_addr;
-+ al->addr.addr4 = addr->in.sin_addr;
- al->flags = 0;
- }
- else
- {
-- al->addr.addr.addr6 = addr->in6.sin6_addr;
-+ al->addr.addr6 = addr->in6.sin6_addr;
- al->flags = ADDRLIST_IPV6;
- }
- }
-@@ -321,7 +321,7 @@ static int iface_allowed(struct iface_pa
- al->next = zone->subnet;
- zone->subnet = al;
- al->prefixlen = prefixlen;
-- al->addr.addr.addr4 = addr->in.sin_addr;
-+ al->addr.addr4 = addr->in.sin_addr;
- al->flags = 0;
- }
- }
-@@ -341,7 +341,7 @@ static int iface_allowed(struct iface_pa
- al->next = zone->subnet;
- zone->subnet = al;
- al->prefixlen = prefixlen;
-- al->addr.addr.addr6 = addr->in6.sin6_addr;
-+ al->addr.addr6 = addr->in6.sin6_addr;
- al->flags = ADDRLIST_IPV6;
- }
- }
-@@ -369,12 +369,12 @@ static int iface_allowed(struct iface_pa
-
- if (addr->sa.sa_family == AF_INET)
- {
-- al->addr.addr.addr4 = addr->in.sin_addr;
-+ al->addr.addr4 = addr->in.sin_addr;
- al->flags = 0;
- }
- else
- {
-- al->addr.addr.addr6 = addr->in6.sin6_addr;
-+ al->addr.addr6 = addr->in6.sin6_addr;
- al->flags = ADDRLIST_IPV6;
- /* Privacy addresses and addresses still undergoing DAD and deprecated addresses
- don't appear in forward queries, but will in reverse ones. */
-@@ -419,11 +419,11 @@ static int iface_allowed(struct iface_pa
- }
-
- if (addr->sa.sa_family == AF_INET &&
-- !iface_check(AF_INET, (struct all_addr *)&addr->in.sin_addr, label, &auth_dns))
-+ !iface_check(AF_INET, (union all_addr *)&addr->in.sin_addr, label, &auth_dns))
- return 1;
-
- if (addr->sa.sa_family == AF_INET6 &&
-- !iface_check(AF_INET6, (struct all_addr *)&addr->in6.sin6_addr, label, &auth_dns))
-+ !iface_check(AF_INET6, (union all_addr *)&addr->in6.sin6_addr, label, &auth_dns))
- return 1;
-
- #ifdef HAVE_DHCP
---- a/src/option.c
-+++ b/src/option.c
-@@ -2064,7 +2064,7 @@ static int one_opt(int option, char *arg
- int is_exclude = 0;
- char *prefix;
- struct addrlist *subnet = NULL;
-- struct all_addr addr;
-+ union all_addr addr;
-
- comma = split(arg);
- prefix = split_chr(arg, '/');
-@@ -2078,13 +2078,13 @@ static int one_opt(int option, char *arg
- arg = arg+8;
- }
-
-- if (inet_pton(AF_INET, arg, &addr.addr.addr4))
-+ if (inet_pton(AF_INET, arg, &addr.addr4))
- {
- subnet = opt_malloc(sizeof(struct addrlist));
- subnet->prefixlen = (prefixlen == 0) ? 24 : prefixlen;
- subnet->flags = ADDRLIST_LITERAL;
- }
-- else if (inet_pton(AF_INET6, arg, &addr.addr.addr6))
-+ else if (inet_pton(AF_INET6, arg, &addr.addr6))
- {
- subnet = opt_malloc(sizeof(struct addrlist));
- subnet->prefixlen = (prefixlen == 0) ? 64 : prefixlen;
-@@ -4268,7 +4268,7 @@ err:
-
- while (arg)
- {
-- struct all_addr addr;
-+ union all_addr addr;
- char *dig;
-
- for (dig = arg; *dig != 0; dig++)
-@@ -4276,10 +4276,10 @@ err:
- break;
- if (*dig == 0)
- new->ttl = atoi(arg);
-- else if (inet_pton(AF_INET, arg, &addr))
-- new->addr = addr.addr.addr4;
-- else if (inet_pton(AF_INET6, arg, &addr))
-- new->addr6 = addr.addr.addr6;
-+ else if (inet_pton(AF_INET, arg, &addr.addr4))
-+ new->addr = addr.addr4;
-+ else if (inet_pton(AF_INET6, arg, &addr.addr6))
-+ new->addr6 = addr.addr6;
- else
- {
- int nomem;
---- a/src/rfc1035.c
-+++ b/src/rfc1035.c
-@@ -143,7 +143,7 @@ int extract_name(struct dns_header *head
-
- /* Max size of input string (for IPv6) is 75 chars.) */
- #define MAXARPANAME 75
--int in_arpa_name_2_addr(char *namein, struct all_addr *addrp)
-+int in_arpa_name_2_addr(char *namein, union all_addr *addrp)
- {
- int j;
- char name[MAXARPANAME+1], *cp1;
-@@ -153,7 +153,7 @@ int in_arpa_name_2_addr(char *namein, st
- if (strlen(namein) > MAXARPANAME)
- return 0;
-
-- memset(addrp, 0, sizeof(struct all_addr));
-+ memset(addrp, 0, sizeof(union all_addr));
-
- /* turn name into a series of asciiz strings */
- /* j counts no. of labels */
-@@ -234,7 +234,7 @@ int in_arpa_name_2_addr(char *namein, st
- if (*(cp1+1) || !isxdigit((unsigned char)*cp1))
- return 0;
-
-- for (j = sizeof(struct all_addr)-1; j>0; j--)
-+ for (j = sizeof(struct in6_addr)-1; j>0; j--)
- addr[j] = (addr[j] >> 4) | (addr[j-1] << 4);
- addr[0] = (addr[0] >> 4) | (strtol(cp1, NULL, 16) << 4);
- }
-@@ -585,7 +585,7 @@ int extract_addresses(struct dns_header
- unsigned char *p, *p1, *endrr, *namep;
- int i, j, qtype, qclass, aqtype, aqclass, ardlen, res, searched_soa = 0;
- unsigned long ttl = 0;
-- struct all_addr addr;
-+ union all_addr addr;
- #ifdef HAVE_IPSET
- char **ipsets_cur;
- #else
-@@ -808,14 +808,14 @@ int extract_addresses(struct dns_header
- if (check_rebind)
- {
- if ((flags & F_IPV4) &&
-- private_net(addr.addr.addr4, !option_bool(OPT_LOCAL_REBIND)))
-+ private_net(addr.addr4, !option_bool(OPT_LOCAL_REBIND)))
- return 1;
-
- if ((flags & F_IPV6) &&
-- IN6_IS_ADDR_V4MAPPED(&addr.addr.addr6))
-+ IN6_IS_ADDR_V4MAPPED(&addr.addr6))
- {
- struct in_addr v4;
-- v4.s_addr = ((const uint32_t *) (&addr.addr.addr6))[3];
-+ v4.s_addr = ((const uint32_t *) (&addr.addr6))[3];
- if (private_net(v4, !option_bool(OPT_LOCAL_REBIND)))
- return 1;
- }
-@@ -928,7 +928,7 @@ unsigned int extract_request(struct dns_
- }
-
- size_t setup_reply(struct dns_header *header, size_t qlen,
-- struct all_addr *addrp, unsigned int flags, unsigned long ttl)
-+ union all_addr *addrp, unsigned int flags, unsigned long ttl)
- {
- unsigned char *p;
-
-@@ -949,8 +949,8 @@ size_t setup_reply(struct dns_header *he
- SET_RCODE(header, NXDOMAIN);
- else if (flags == F_SERVFAIL)
- {
-- struct all_addr a;
-- a.addr.log.rcode = SERVFAIL;
-+ union all_addr a;
-+ a.log.rcode = SERVFAIL;
- log_query(F_CONFIG | F_RCODE, "error", &a, NULL);
- SET_RCODE(header, SERVFAIL);
- }
-@@ -974,8 +974,8 @@ size_t setup_reply(struct dns_header *he
- }
- else /* nowhere to forward to */
- {
-- struct all_addr a;
-- a.addr.log.rcode = REFUSED;
-+ union all_addr a;
-+ a.log.rcode = REFUSED;
- log_query(F_CONFIG | F_RCODE, "error", &a, NULL);
- SET_RCODE(header, REFUSED);
- }
-@@ -1277,7 +1277,7 @@ size_t answer_request(struct dns_header
- char *name = daemon->namebuff;
- unsigned char *p, *ansp;
- unsigned int qtype, qclass;
-- struct all_addr addr;
-+ union all_addr addr;
- int nameoffset;
- unsigned short flag;
- int q, ans, anscount = 0, addncount = 0;
-@@ -1374,7 +1374,7 @@ size_t answer_request(struct dns_header
- notimp = 1, auth = 0;
- if (!dryrun)
- {
-- addr.addr.log.rcode = NOTIMP;
-+ addr.log.rcode = NOTIMP;
- log_query(F_CONFIG | F_RCODE, name, &addr, NULL);
- }
- ans = 1, sec_data = 0;
-@@ -1418,7 +1418,7 @@ size_t answer_request(struct dns_header
- struct addrlist *addrlist;
-
- for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
-- if (!(addrlist->flags & ADDRLIST_IPV6) && addr.addr.addr4.s_addr == addrlist->addr.addr.addr4.s_addr)
-+ if (!(addrlist->flags & ADDRLIST_IPV6) && addr.addr4.s_addr == addrlist->addr.addr4.s_addr)
- break;
-
- if (addrlist)
-@@ -1433,7 +1433,7 @@ size_t answer_request(struct dns_header
- struct addrlist *addrlist;
-
- for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
-- if ((addrlist->flags & ADDRLIST_IPV6) && IN6_ARE_ADDR_EQUAL(&addr.addr.addr6, &addrlist->addr.addr.addr6))
-+ if ((addrlist->flags & ADDRLIST_IPV6) && IN6_ARE_ADDR_EQUAL(&addr.addr6, &addrlist->addr.addr6))
- break;
-
- if (addrlist)
-@@ -1533,8 +1533,8 @@ size_t answer_request(struct dns_header
- }
- }
- else if (option_bool(OPT_BOGUSPRIV) && (
-- (is_arpa == F_IPV6 && private_net6(&addr.addr.addr6)) ||
-- (is_arpa == F_IPV4 && private_net(addr.addr.addr4, 1))))
-+ (is_arpa == F_IPV6 && private_net6(&addr.addr6)) ||
-+ (is_arpa == F_IPV4 && private_net(addr.addr4, 1))))
- {
- struct server *serv;
- unsigned int namelen = strlen(name);
-@@ -1600,7 +1600,7 @@ size_t answer_request(struct dns_header
- if (hostname_isequal(name, intr->name))
- for (addrlist = intr->addr; addrlist; addrlist = addrlist->next)
- if (!(addrlist->flags & ADDRLIST_IPV6) &&
-- is_same_net(*((struct in_addr *)&addrlist->addr), local_addr, local_netmask))
-+ is_same_net(addrlist->addr.addr4, local_addr, local_netmask))
- {
- localise = 1;
- break;
-@@ -1613,7 +1613,7 @@ size_t answer_request(struct dns_header
- if (((addrlist->flags & ADDRLIST_IPV6) ? T_AAAA : T_A) == type)
- {
- if (localise &&
-- !is_same_net(*((struct in_addr *)&addrlist->addr), local_addr, local_netmask))
-+ !is_same_net(addrlist->addr.addr4, local_addr, local_netmask))
- continue;
-
- if (addrlist->flags & ADDRLIST_REVONLY)
-@@ -1651,7 +1651,7 @@ size_t answer_request(struct dns_header
- struct crec *save = crecp;
- do {
- if ((crecp->flags & F_HOSTS) &&
-- is_same_net(*((struct in_addr *)&crecp->addr), local_addr, local_netmask))
-+ is_same_net(crecp->addr.addr4, local_addr, local_netmask))
- {
- localise = 1;
- break;
-@@ -1710,7 +1710,7 @@ size_t answer_request(struct dns_header
- filter here. */
- if (localise &&
- (crecp->flags & F_HOSTS) &&
-- !is_same_net(*((struct in_addr *)&crecp->addr), local_addr, local_netmask))
-+ !is_same_net(crecp->addr.addr4, local_addr, local_netmask))
- continue;
-
- if (!(crecp->flags & (F_HOSTS | F_DHCP)))
-@@ -1719,7 +1719,7 @@ size_t answer_request(struct dns_header
- ans = 1;
- if (!dryrun)
- {
-- log_query(crecp->flags & ~F_REVERSE, name, &crecp->addr.addr,
-+ log_query(crecp->flags & ~F_REVERSE, name, &crecp->addr,
- record_source(crecp->uid));
-
- if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
---- a/src/rfc3315.c
-+++ b/src/rfc3315.c
-@@ -2120,7 +2120,7 @@ void relay_upstream6(struct dhcp_relay *
- {
- /* ->local is same value for all relays on ->current chain */
-
-- struct all_addr from;
-+ union all_addr from;
- unsigned char *header;
- unsigned char *inbuff = daemon->dhcp_packet.iov_base;
- int msg_type = *inbuff;
-@@ -2133,7 +2133,7 @@ void relay_upstream6(struct dhcp_relay *
- get_client_mac(peer_address, scope_id, mac, &maclen, &mactype, now);
-
- /* source address == relay address */
-- from.addr.addr6 = relay->local.addr.addr6;
-+ from.addr6 = relay->local.addr6;
-
- /* Get hop count from nested relayed message */
- if (msg_type == DHCP6RELAYFORW)
-@@ -2153,7 +2153,7 @@ void relay_upstream6(struct dhcp_relay *
-
- header[0] = DHCP6RELAYFORW;
- header[1] = hopcount;
-- memcpy(&header[2], &relay->local.addr.addr6, IN6ADDRSZ);
-+ memcpy(&header[2], &relay->local.addr6, IN6ADDRSZ);
- memcpy(&header[18], peer_address, IN6ADDRSZ);
-
- /* RFC-6939 */
-@@ -2174,12 +2174,12 @@ void relay_upstream6(struct dhcp_relay *
- union mysockaddr to;
-
- to.sa.sa_family = AF_INET6;
-- to.in6.sin6_addr = relay->server.addr.addr6;
-+ to.in6.sin6_addr = relay->server.addr6;
- to.in6.sin6_port = htons(DHCPV6_SERVER_PORT);
- to.in6.sin6_flowinfo = 0;
- to.in6.sin6_scope_id = 0;
-
-- if (IN6_ARE_ADDR_EQUAL(&relay->server.addr.addr6, &multicast))
-+ if (IN6_ARE_ADDR_EQUAL(&relay->server.addr6, &multicast))
- {
- int multicast_iface;
- if (!relay->interface || strchr(relay->interface, '*') ||
-@@ -2218,7 +2218,7 @@ unsigned short relay_reply6(struct socka
- memcpy(&link, &inbuff[2], IN6ADDRSZ);
-
- for (relay = daemon->relay6; relay; relay = relay->next)
-- if (IN6_ARE_ADDR_EQUAL(&link, &relay->local.addr.addr6) &&
-+ if (IN6_ARE_ADDR_EQUAL(&link, &relay->local.addr6) &&
- (!relay->interface || wildcard_match(relay->interface, arrival_interface)))
- break;
-
---- a/src/tables.c
-+++ b/src/tables.c
-@@ -62,7 +62,7 @@ void ipset_init(void)
- }
- }
-
--int add_to_ipset(const char *setname, const struct all_addr *ipaddr,
-+int add_to_ipset(const char *setname, const union all_addr *ipaddr,
- int flags, int remove)
- {
- struct pfr_addr addr;
-@@ -113,13 +113,13 @@ int add_to_ipset(const char *setname, co
- {
- addr.pfra_af = AF_INET6;
- addr.pfra_net = 0x80;
-- memcpy(&(addr.pfra_ip6addr), &(ipaddr->addr), sizeof(struct in6_addr));
-+ memcpy(&(addr.pfra_ip6addr), ipaddr, sizeof(struct in6_addr));
- }
- else
- {
- addr.pfra_af = AF_INET;
- addr.pfra_net = 0x20;
-- addr.pfra_ip4addr.s_addr = ipaddr->addr.addr4.s_addr;
-+ addr.pfra_ip4addr.s_addr = ipaddr->addr4.s_addr;
- }
-
- bzero(&io, sizeof(io));
---- a/src/tftp.c
-+++ b/src/tftp.c
-@@ -59,7 +59,7 @@ void tftp_request(struct listener *liste
- char *name = NULL;
- char *prefix = daemon->tftp_prefix;
- struct tftp_prefix *pref;
-- struct all_addr addra;
-+ union all_addr addra;
- /* Can always get recvd interface for IPv6 */
- int check_dest = !option_bool(OPT_NOWILD) || listen->family == AF_INET6;
- union {
-@@ -189,10 +189,10 @@ void tftp_request(struct listener *liste
-
- name = namebuff;
-
-- addra.addr.addr4 = addr.in.sin_addr;
-+ addra.addr4 = addr.in.sin_addr;
-
- if (listen->family == AF_INET6)
-- addra.addr.addr6 = addr.in6.sin6_addr;
-+ addra.addr6 = addr.in6.sin6_addr;
-
- if (daemon->tftp_interfaces)
- {
-@@ -212,7 +212,7 @@ void tftp_request(struct listener *liste
- if (!option_bool(OPT_CLEVERBIND))
- enumerate_interfaces(0);
- if (!loopback_exception(listen->tftpfd, listen->family, &addra, name) &&
-- !label_exception(if_index, listen->family, &addra) )
-+ !label_exception(if_index, listen->family, &addra))
- return;
- }
-
+++ /dev/null
-From 2c594732eb7391e7cfa817598e33e61cab71131f Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Thu, 3 Jan 2019 13:42:03 +0000
-Subject: [PATCH 22/32] File logic bug in cache-marshalling code. Introduced a
- couple of commits back.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/cache.c | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -742,8 +742,7 @@ int cache_recv_insert(time_t now, int fd
- else if (flags & F_DS)
- {
- if (!read_write(fd, (unsigned char *)&class, sizeof(class), 1) ||
-- (flags & F_NEG) ||
-- !(addr.key.keydata = blockdata_read(fd, addr.key.keylen)))
-+ (!(flags & F_NEG) && !(addr.key.keydata = blockdata_read(fd, addr.key.keylen))))
- return 0;
- }
- #endif
+++ /dev/null
-From 2daca52b80afdc92e7c976629a2bf8182335a626 Mon Sep 17 00:00:00 2001
-From: Christian Weiske <cweiske@cweiske.de>
-Date: Thu, 3 Jan 2019 20:10:14 +0000
-Subject: [PATCH 23/32] Fix typo in ra-param man page section.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- man/dnsmasq.8 | 2 +-
- man/fr/dnsmasq.8 | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
---- a/man/dnsmasq.8
-+++ b/man/dnsmasq.8
-@@ -1829,7 +1829,7 @@ The interval between router advertisemen
- .B --ra-param=eth0,60.
- The lifetime of the route may be changed or set to zero, which allows
- a router to advertise prefixes but not a route via itself.
--.B --ra-parm=eth0,0,0
-+.B --ra-param=eth0,0,0
- (A value of zero for the interval means the default value.) All four parameters may be set at once.
- .B --ra-param=eth0,mtu:1280,low,60,1200
-
---- a/man/fr/dnsmasq.8
-+++ b/man/fr/dnsmasq.8
-@@ -1774,7 +1774,7 @@ Un intervalle (en secondes) entre les an
- .B --ra-param=eth0,60.
- La durée de vie de la route peut être changée ou mise à zéro, auquel cas
- le routeur peut annoncer les préfixes mais pas de route :
--.B --ra-parm=eth0,0,0
-+.B --ra-param=eth0,0,0
- (une valeur de zéro pour l'intervalle signifie qu'il garde la valeur par défaut).
- Ces quatre paramètres peuvent être configurés en une fois :
- .B --ra-param=eth0,mtu:1280,low,60,1200
+++ /dev/null
-From 5b99eae59d59a8e34a7e512059b98bbd803312f2 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Sun, 6 Jan 2019 23:09:50 +0000
-Subject: [PATCH 24/32] Cache SRV records.
-
-Inpsired by a patch from Jeremy Allison, but completely re-rolled
-by srk. All bugs are mine.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/auth.c | 2 +-
- src/blockdata.c | 12 ++---
- src/cache.c | 64 ++++++++++++++--------
- src/dnsmasq.c | 2 -
- src/dnsmasq.h | 11 ++--
- src/rfc1035.c | 141 ++++++++++++++++++++++++++++++++++++++----------
- 6 files changed, 166 insertions(+), 66 deletions(-)
-
---- a/src/auth.c
-+++ b/src/auth.c
-@@ -129,7 +129,7 @@ size_t answer_auth(struct dns_header *he
-
- for (q = ntohs(header->qdcount); q != 0; q--)
- {
-- unsigned short flag = 0;
-+ unsigned int flag = 0;
- int found = 0;
- int cname_wildcard = 0;
-
---- a/src/blockdata.c
-+++ b/src/blockdata.c
-@@ -16,8 +16,6 @@
-
- #include "dnsmasq.h"
-
--#ifdef HAVE_DNSSEC
--
- static struct blockdata *keyblock_free;
- static unsigned int blockdata_count, blockdata_hwm, blockdata_alloced;
-
-@@ -54,11 +52,10 @@ void blockdata_init(void)
-
- void blockdata_report(void)
- {
-- if (option_bool(OPT_DNSSEC_VALID))
-- my_syslog(LOG_INFO, _("DNSSEC memory in use %u, max %u, allocated %u"),
-- blockdata_count * sizeof(struct blockdata),
-- blockdata_hwm * sizeof(struct blockdata),
-- blockdata_alloced * sizeof(struct blockdata));
-+ my_syslog(LOG_INFO, _("pool memory in use %u, max %u, allocated %u"),
-+ blockdata_count * sizeof(struct blockdata),
-+ blockdata_hwm * sizeof(struct blockdata),
-+ blockdata_alloced * sizeof(struct blockdata));
- }
-
- static struct blockdata *blockdata_alloc_real(int fd, char *data, size_t len)
-@@ -178,4 +175,3 @@ struct blockdata *blockdata_read(int fd,
- return blockdata_alloc_real(fd, NULL, len);
- }
-
--#endif
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -27,7 +27,7 @@ static int bignames_left, hash_size;
-
- static void make_non_terminals(struct crec *source);
- static struct crec *really_insert(char *name, union all_addr *addr, unsigned short class,
-- time_t now, unsigned long ttl, unsigned short flags);
-+ time_t now, unsigned long ttl, unsigned int flags);
-
- /* type->string mapping: this is also used by the name-hash function as a mixing table. */
- static const struct {
-@@ -198,15 +198,17 @@ static void cache_hash(struct crec *crec
- *up = crecp;
- }
-
--#ifdef HAVE_DNSSEC
- static void cache_blockdata_free(struct crec *crecp)
- {
-- if (crecp->flags & F_DNSKEY)
-+ if (crecp->flags & F_SRV)
-+ blockdata_free(crecp->addr.srv.target);
-+#ifdef HAVE_DNSSEC
-+ else if (crecp->flags & F_DNSKEY)
- blockdata_free(crecp->addr.key.keydata);
- else if ((crecp->flags & F_DS) && !(crecp->flags & F_NEG))
- blockdata_free(crecp->addr.ds.keydata);
--}
- #endif
-+}
-
- static void cache_free(struct crec *crecp)
- {
-@@ -230,9 +232,7 @@ static void cache_free(struct crec *crec
- crecp->flags &= ~F_BIGNAME;
- }
-
--#ifdef HAVE_DNSSEC
- cache_blockdata_free(crecp);
--#endif
- }
-
- /* insert a new cache entry at the head of the list (youngest entry) */
-@@ -331,7 +331,7 @@ static int is_expired(time_t now, struct
- }
-
- static struct crec *cache_scan_free(char *name, union all_addr *addr, unsigned short class, time_t now,
-- unsigned short flags, struct crec **target_crec, unsigned int *target_uid)
-+ unsigned int flags, struct crec **target_crec, unsigned int *target_uid)
- {
- /* Scan and remove old entries.
- If (flags & F_FORWARD) then remove any forward entries for name and any expired
-@@ -360,7 +360,7 @@ static struct crec *cache_scan_free(char
- if ((crecp->flags & F_FORWARD) && hostname_isequal(cache_get_name(crecp), name))
- {
- /* Don't delete DNSSEC in favour of a CNAME, they can co-exist */
-- if ((flags & crecp->flags & (F_IPV4 | F_IPV6)) ||
-+ if ((flags & crecp->flags & (F_IPV4 | F_IPV6 | F_SRV)) ||
- (((crecp->flags | flags) & F_CNAME) && !(crecp->flags & (F_DNSKEY | F_DS))))
- {
- if (crecp->flags & (F_HOSTS | F_DHCP | F_CONFIG))
-@@ -467,10 +467,10 @@ void cache_start_insert(void)
- }
-
- struct crec *cache_insert(char *name, union all_addr *addr, unsigned short class,
-- time_t now, unsigned long ttl, unsigned short flags)
-+ time_t now, unsigned long ttl, unsigned int flags)
- {
- /* Don't log DNSSEC records here, done elsewhere */
-- if (flags & (F_IPV4 | F_IPV6 | F_CNAME))
-+ if (flags & (F_IPV4 | F_IPV6 | F_CNAME | F_SRV))
- {
- log_query(flags | F_UPSTREAM, name, addr, NULL);
- /* Don't mess with TTL for DNSSEC records. */
-@@ -485,7 +485,7 @@ struct crec *cache_insert(char *name, un
-
-
- static struct crec *really_insert(char *name, union all_addr *addr, unsigned short class,
-- time_t now, unsigned long ttl, unsigned short flags)
-+ time_t now, unsigned long ttl, unsigned int flags)
- {
- struct crec *new, *target_crec = NULL;
- union bigname *big_name = NULL;
-@@ -649,7 +649,7 @@ void cache_end_insert(void)
- {
- char *name = cache_get_name(new_chain);
- ssize_t m = strlen(name);
-- unsigned short flags = new_chain->flags;
-+ unsigned int flags = new_chain->flags;
- #ifdef HAVE_DNSSEC
- u16 class = new_chain->uid;
- #endif
-@@ -659,8 +659,10 @@ void cache_end_insert(void)
- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->ttd, sizeof(new_chain->ttd), 0);
- read_write(daemon->pipe_to_parent, (unsigned char *)&flags, sizeof(flags), 0);
-
-- if (flags & (F_IPV4 | F_IPV6 | F_DNSKEY | F_DS))
-+ if (flags & (F_IPV4 | F_IPV6 | F_DNSKEY | F_DS | F_SRV))
- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr, sizeof(new_chain->addr), 0);
-+ if (flags & F_SRV)
-+ blockdata_write(new_chain->addr.srv.target, new_chain->addr.srv.targetlen, daemon->pipe_to_parent);
- #ifdef HAVE_DNSSEC
- if (flags & F_DNSKEY)
- {
-@@ -699,7 +701,7 @@ int cache_recv_insert(time_t now, int fd
- union all_addr addr;
- unsigned long ttl;
- time_t ttd;
-- unsigned short flags;
-+ unsigned int flags;
- struct crec *crecp = NULL;
-
- cache_start_insert();
-@@ -725,13 +727,16 @@ int cache_recv_insert(time_t now, int fd
-
- ttl = difftime(ttd, now);
-
-- if (flags & (F_IPV4 | F_IPV6 | F_DNSKEY | F_DS))
-+ if (flags & (F_IPV4 | F_IPV6 | F_DNSKEY | F_DS | F_SRV))
- {
- unsigned short class = C_IN;
-
- if (!read_write(fd, (unsigned char *)&addr, sizeof(addr), 1))
- return 0;
--
-+
-+ if (flags & F_SRV && !(addr.srv.target = blockdata_read(fd, addr.srv.targetlen)))
-+ return 0;
-+
- #ifdef HAVE_DNSSEC
- if (flags & F_DNSKEY)
- {
-@@ -802,7 +807,7 @@ struct crec *cache_find_by_name(struct c
- /* first search, look for relevant entries and push to top of list
- also free anything which has expired */
- struct crec *next, **up, **insert = NULL, **chainp = &ans;
-- unsigned short ins_flags = 0;
-+ unsigned int ins_flags = 0;
-
- for (up = hash_bucket(name), crecp = *up; crecp; crecp = next)
- {
-@@ -1086,7 +1091,7 @@ int read_hostsfile(char *filename, unsig
- FILE *f = fopen(filename, "r");
- char *token = daemon->namebuff, *domain_suffix = NULL;
- int addr_count = 0, name_count = cache_size, lineno = 0;
-- unsigned short flags = 0;
-+ unsigned int flags = 0;
- union all_addr addr;
- int atnl, addrlen = 0;
-
-@@ -1201,9 +1206,8 @@ void cache_reload(void)
- for (i=0; i<hash_size; i++)
- for (cache = hash_table[i], up = &hash_table[i]; cache; cache = tmp)
- {
--#ifdef HAVE_DNSSEC
- cache_blockdata_free(cache);
--#endif
-+
- tmp = cache->hash_next;
- if (cache->flags & (F_HOSTS | F_CONFIG))
- {
-@@ -1381,7 +1385,7 @@ void cache_add_dhcp_entry(char *host_nam
- union all_addr *host_address, time_t ttd)
- {
- struct crec *crec = NULL, *fail_crec = NULL;
-- unsigned short flags = F_IPV4;
-+ unsigned int flags = F_IPV4;
- int in_hosts = 0;
- size_t addrlen = sizeof(struct in_addr);
-
-@@ -1682,9 +1686,8 @@ void dump_cache(time_t now)
- #ifdef HAVE_AUTH
- my_syslog(LOG_INFO, _("queries for authoritative zones %u"), daemon->metrics[METRIC_DNS_AUTH_ANSWERED]);
- #endif
--#ifdef HAVE_DNSSEC
-+
- blockdata_report();
--#endif
-
- /* sum counts from different records for same server */
- for (serv = daemon->servers; serv; serv = serv->next)
-@@ -1726,6 +1729,17 @@ void dump_cache(time_t now)
- p += sprintf(p, "%-30.30s ", sanitise(n));
- if ((cache->flags & F_CNAME) && !is_outdated_cname_pointer(cache))
- a = sanitise(cache_get_cname_target(cache));
-+ else if ((cache->flags & F_SRV) && !(cache->flags & F_NEG))
-+ {
-+ int targetlen = cache->addr.srv.targetlen;
-+ ssize_t len = sprintf(a, "%u %u %u ", cache->addr.srv.priority,
-+ cache->addr.srv.weight, cache->addr.srv.srvport);
-+
-+ if (targetlen > (40 - len))
-+ targetlen = 40 - len;
-+ blockdata_retrieve(cache->addr.srv.target, targetlen, a + len);
-+ a[len + targetlen] = 0;
-+ }
- #ifdef HAVE_DNSSEC
- else if (cache->flags & F_DS)
- {
-@@ -1752,6 +1766,8 @@ void dump_cache(time_t now)
- t = "6";
- else if (cache->flags & F_CNAME)
- t = "C";
-+ else if (cache->flags & F_SRV)
-+ t = "V";
- #ifdef HAVE_DNSSEC
- else if (cache->flags & F_DS)
- t = "S";
-@@ -1913,6 +1929,8 @@ void log_query(unsigned int flags, char
- }
- else if (flags & F_CNAME)
- dest = "<CNAME>";
-+ else if (flags & F_SRV)
-+ dest = "<SRV>";
- else if (flags & F_RRNAME)
- dest = arg;
-
---- a/src/dnsmasq.c
-+++ b/src/dnsmasq.c
-@@ -366,9 +366,7 @@ int main (int argc, char **argv)
- {
- cache_init();
-
--#ifdef HAVE_DNSSEC
- blockdata_init();
--#endif
- }
-
- #ifdef HAVE_INOTIFY
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -299,6 +299,10 @@ union all_addr {
- unsigned char algo;
- unsigned char digest;
- } ds;
-+ struct {
-+ struct blockdata *target;
-+ unsigned short targetlen, srvport, priority, weight;
-+ } srv;
- /* for log_query */
- struct {
- unsigned short keytag, algo, digest, rcode;
-@@ -426,7 +430,7 @@ struct crec {
- time_t ttd; /* time to die */
- /* used as class if DNSKEY/DS, index to source for F_HOSTS */
- unsigned int uid;
-- unsigned short flags;
-+ unsigned int flags;
- union {
- char sname[SMALLDNAME];
- union bigname *bname;
-@@ -470,6 +474,7 @@ struct crec {
- #define F_NOEXTRA (1u<<27)
- #define F_SERVFAIL (1u<<28)
- #define F_RCODE (1u<<29)
-+#define F_SRV (1u<<30)
-
- #define UID_NONE 0
- /* Values of uid in crecs with F_CONFIG bit set. */
-@@ -1142,7 +1147,7 @@ void cache_end_insert(void);
- void cache_start_insert(void);
- int cache_recv_insert(time_t now, int fd);
- struct crec *cache_insert(char *name, union all_addr *addr, unsigned short class,
-- time_t now, unsigned long ttl, unsigned short flags);
-+ time_t now, unsigned long ttl, unsigned int flags);
- void cache_reload(void);
- void cache_add_dhcp_entry(char *host_name, int prot, union all_addr *host_address, time_t ttd);
- struct in_addr a_record_from_hosts(char *name, time_t now);
-@@ -1158,7 +1163,6 @@ int read_hostsfile(char *filename, unsig
- struct crec **rhash, int hashsz);
-
- /* blockdata.c */
--#ifdef HAVE_DNSSEC
- void blockdata_init(void);
- void blockdata_report(void);
- struct blockdata *blockdata_alloc(char *data, size_t len);
-@@ -1166,7 +1170,6 @@ void *blockdata_retrieve(struct blockdat
- struct blockdata *blockdata_read(int fd, size_t len);
- void blockdata_write(struct blockdata *block, size_t len, int fd);
- void blockdata_free(struct blockdata *blocks);
--#endif
-
- /* domain.c */
- char *get_domain(struct in_addr addr);
---- a/src/rfc1035.c
-+++ b/src/rfc1035.c
-@@ -726,7 +726,7 @@ int extract_addresses(struct dns_header
- {
- /* everything other than PTR */
- struct crec *newc;
-- int addrlen;
-+ int addrlen = 0;
-
- if (qtype == T_A)
- {
-@@ -738,7 +738,9 @@ int extract_addresses(struct dns_header
- addrlen = IN6ADDRSZ;
- flags |= F_IPV6;
- }
-- else
-+ else if (qtype == T_SRV)
-+ flags |= F_SRV;
-+ else
- continue;
-
- cname_loop1:
-@@ -799,39 +801,61 @@ int extract_addresses(struct dns_header
- {
- found = 1;
-
-- /* copy address into aligned storage */
-- if (!CHECK_LEN(header, p1, qlen, addrlen))
-- return 0; /* bad packet */
-- memcpy(&addr, p1, addrlen);
--
-- /* check for returned address in private space */
-- if (check_rebind)
-+ if (flags & F_SRV)
- {
-- if ((flags & F_IPV4) &&
-- private_net(addr.addr4, !option_bool(OPT_LOCAL_REBIND)))
-- return 1;
--
-- if ((flags & F_IPV6) &&
-- IN6_IS_ADDR_V4MAPPED(&addr.addr6))
-+ unsigned char *tmp = namep;
-+
-+ if (!CHECK_LEN(header, p1, qlen, 6))
-+ return 0; /* bad packet */
-+ GETSHORT(addr.srv.priority, p1);
-+ GETSHORT(addr.srv.weight, p1);
-+ GETSHORT(addr.srv.srvport, p1);
-+ if (!extract_name(header, qlen, &p1, name, 1, 0))
-+ return 0;
-+ addr.srv.targetlen = strlen(name) + 1; /* include terminating zero */
-+ if (!(addr.srv.target = blockdata_alloc(name, addr.srv.targetlen)))
-+ return 0;
-+
-+ /* we overwrote the original name, so get it back here. */
-+ if (!extract_name(header, qlen, &tmp, name, 1, 0))
-+ return 0;
-+ }
-+ else
-+ {
-+ /* copy address into aligned storage */
-+ if (!CHECK_LEN(header, p1, qlen, addrlen))
-+ return 0; /* bad packet */
-+ memcpy(&addr, p1, addrlen);
-+
-+ /* check for returned address in private space */
-+ if (check_rebind)
- {
-- struct in_addr v4;
-- v4.s_addr = ((const uint32_t *) (&addr.addr6))[3];
-- if (private_net(v4, !option_bool(OPT_LOCAL_REBIND)))
-+ if ((flags & F_IPV4) &&
-+ private_net(addr.addr4, !option_bool(OPT_LOCAL_REBIND)))
- return 1;
-+
-+ if ((flags & F_IPV6) &&
-+ IN6_IS_ADDR_V4MAPPED(&addr.addr6))
-+ {
-+ struct in_addr v4;
-+ v4.s_addr = ((const uint32_t *) (&addr.addr6))[3];
-+ if (private_net(v4, !option_bool(OPT_LOCAL_REBIND)))
-+ return 1;
-+ }
- }
-- }
--
-+
- #ifdef HAVE_IPSET
-- if (ipsets && (flags & (F_IPV4 | F_IPV6)))
-- {
-- ipsets_cur = ipsets;
-- while (*ipsets_cur)
-+ if (ipsets && (flags & (F_IPV4 | F_IPV6)))
- {
-- log_query((flags & (F_IPV4 | F_IPV6)) | F_IPSET, name, &addr, *ipsets_cur);
-- add_to_ipset(*ipsets_cur++, &addr, flags, 0);
-+ ipsets_cur = ipsets;
-+ while (*ipsets_cur)
-+ {
-+ log_query((flags & (F_IPV4 | F_IPV6)) | F_IPSET, name, &addr, *ipsets_cur);
-+ add_to_ipset(*ipsets_cur++, &addr, flags, 0);
-+ }
- }
-- }
- #endif
-+ }
-
- newc = cache_insert(name, &addr, C_IN, now, attl, flags | F_FORWARD | secflag);
- if (newc && cpp)
-@@ -1844,7 +1868,68 @@ size_t answer_request(struct dns_header
- *up = move;
- move->next = NULL;
- }
--
-+
-+ if (!found)
-+ {
-+ cname_srv_restart:
-+ if ((crecp = cache_find_by_name(NULL, name, now, F_CNAME | F_SRV | (dryrun ? F_NO_RR : 0))) &&
-+ (!do_bit || (option_bool(OPT_DNSSEC_VALID) && !(crecp->flags & F_DNSSECOK))))
-+ {
-+ if (!(crecp->flags & F_DNSSECOK))
-+ sec_data = 0;
-+
-+ auth = 0;
-+ found = ans = 1;
-+
-+ do {
-+ if (crecp->flags & F_CNAME)
-+ {
-+ char *cname_target = cache_get_cname_target(crecp);
-+
-+ if (!dryrun)
-+ {
-+ log_query(crecp->flags, name, NULL, record_source(crecp->uid));
-+ if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
-+ crec_ttl(crecp, now), &nameoffset,
-+ T_CNAME, C_IN, "d", cname_target))
-+ anscount++;
-+ }
-+
-+ strcpy(name, cname_target);
-+ goto cname_srv_restart;
-+ }
-+ else if (crecp->flags & F_NEG)
-+ {
-+ if (crecp->flags & F_NXDOMAIN)
-+ nxdomain = 1;
-+ if (!dryrun)
-+ log_query(crecp->flags, name, NULL, NULL);
-+ }
-+ else
-+ {
-+ unsigned char *p1 = ((unsigned char *)header) + nameoffset;
-+
-+ if (!dryrun)
-+ {
-+ log_query(crecp->flags, name, NULL, 0);
-+
-+ blockdata_retrieve(crecp->addr.srv.target, crecp->addr.srv.targetlen, name);
-+ if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
-+ crec_ttl(crecp, now), NULL, T_SRV, C_IN, "sssd",
-+ crecp->addr.srv.priority, crecp->addr.srv.weight, crecp->addr.srv.srvport,
-+ name))
-+ anscount++;
-+
-+
-+ /* restore name we overwrote */
-+ if (!extract_name(header, qlen, &p1, name, 1, 0))
-+ return 0; /* bad packet */
-+ }
-+ }
-+ } while ((crecp = cache_find_by_name(crecp, name, now, F_SRV | F_CNAME)));
-+ }
-+ }
-+
- if (!found && option_bool(OPT_FILTER) && (qtype == T_SRV || (qtype == T_ANY && strchr(name, '_'))))
- {
- ans = 1;
+++ /dev/null
-From a90f09db4cc635941a32b973b57e58c662569625 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Wed, 9 Jan 2019 15:08:16 +0000
-Subject: [PATCH 25/32] Fix crash freeing negative SRV cache entries.
-
-Thanks to Daniel for finding this one.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/cache.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -200,7 +200,7 @@ static void cache_hash(struct crec *crec
-
- static void cache_blockdata_free(struct crec *crecp)
- {
-- if (crecp->flags & F_SRV)
-+ if (crecp->flags & F_SRV && !(crecp->flags & F_NEG))
- blockdata_free(crecp->addr.srv.target);
- #ifdef HAVE_DNSSEC
- else if (crecp->flags & F_DNSKEY)
+++ /dev/null
-From 2896e2485e44c04e73a0b7c9f7cbc9c8515d0800 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Wed, 9 Jan 2019 15:12:34 +0000
-Subject: [PATCH 26/32] Check for not(DS or DNSKEY) in
- is_outdated_cname_pointer()
-
-Previous check was _for_ IPV4, IPv6 CNAME, and I missed adding SRV.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/cache.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -312,7 +312,7 @@ static int is_outdated_cname_pointer(str
- /* NB. record may be reused as DS or DNSKEY, where uid is
- overloaded for something completely different */
- if (crecp->addr.cname.target.cache &&
-- (crecp->addr.cname.target.cache->flags & (F_IPV4 | F_IPV6 | F_CNAME)) &&
-+ !(crecp->addr.cname.target.cache->flags & (F_DNSKEY | F_DS)) &&
- crecp->addr.cname.uid == crecp->addr.cname.target.cache->uid)
- return 0;
-
+++ /dev/null
-From 9c0d445ef4abffa2b9342ad65e85ef425c1f83bb Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Wed, 9 Jan 2019 17:57:56 +0000
-Subject: [PATCH 27/32] Fix e7bfd556c079c8b5e7425aed44abc35925b24043 to
- actually work.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/dhcp.c | 54 +++++++++++++++++++++++++----------------------------
- src/dhcp6.c | 2 +-
- 2 files changed, 26 insertions(+), 30 deletions(-)
-
---- a/src/dhcp.c
-+++ b/src/dhcp.c
-@@ -754,19 +754,6 @@ int address_allocate(struct dhcp_context
- if (addr.s_addr == d->router.s_addr)
- break;
-
-- /* in consec-ip mode, skip addresses equal to
-- the number of addresses rejected by clients. This
-- should avoid the same client being offered the same
-- address after it has rjected it. */
-- if (option_bool(OPT_CONSEC_ADDR))
-- {
-- if (c->addr_epoch)
-- {
-- c->addr_epoch--;
-- d = context; /* d non-NULL skips the address. */
-- }
-- }
--
- /* Addresses which end in .255 and .0 are broken in Windows even when using
- supernetting. ie dhcp-range=192.168.0.1,192.168.1.254,255,255,254.0
- then 192.168.0.255 is a valid IP address, but not for Windows as it's
-@@ -778,24 +765,33 @@ int address_allocate(struct dhcp_context
- (!IN_CLASSC(ntohl(addr.s_addr)) ||
- ((ntohl(addr.s_addr) & 0xff) != 0xff && ((ntohl(addr.s_addr) & 0xff) != 0x0))))
- {
-- struct ping_result *r;
--
-- if ((r = do_icmp_ping(now, addr, j, loopback)))
-- {
-- /* consec-ip mode: we offered this address for another client
-- (different hash) recently, don't offer it to this one. */
-- if (!option_bool(OPT_CONSEC_ADDR) || r->hash == j)
-- {
-- *addrp = addr;
-- return 1;
-- }
-- }
-+ /* in consec-ip mode, skip addresses equal to
-+ the number of addresses rejected by clients. This
-+ should avoid the same client being offered the same
-+ address after it has rjected it. */
-+ if (option_bool(OPT_CONSEC_ADDR) && c->addr_epoch)
-+ c->addr_epoch--;
- else
- {
-- /* address in use: perturb address selection so that we are
-- less likely to try this address again. */
-- if (!option_bool(OPT_CONSEC_ADDR))
-- c->addr_epoch++;
-+ struct ping_result *r;
-+
-+ if ((r = do_icmp_ping(now, addr, j, loopback)))
-+ {
-+ /* consec-ip mode: we offered this address for another client
-+ (different hash) recently, don't offer it to this one. */
-+ if (!option_bool(OPT_CONSEC_ADDR) || r->hash == j)
-+ {
-+ *addrp = addr;
-+ return 1;
-+ }
-+ }
-+ else
-+ {
-+ /* address in use: perturb address selection so that we are
-+ less likely to try this address again. */
-+ if (!option_bool(OPT_CONSEC_ADDR))
-+ c->addr_epoch++;
-+ }
- }
- }
-
---- a/src/dhcp6.c
-+++ b/src/dhcp6.c
-@@ -436,7 +436,7 @@ struct dhcp_context *address6_allocate(s
- skip addresses equal to the number of addresses rejected
- by clients. This should avoid the same client being offered the same
- address after it has rjected it. */
-- start = lease_find_max_addr6(c) + serial + c->addr_epoch;
-+ start = lease_find_max_addr6(c) + 1 + serial + c->addr_epoch;
- if (c->addr_epoch)
- c->addr_epoch--;
- }
+++ /dev/null
-From 4bf62f616b82fad7a7f91195b0204dd64d79a35c Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Thu, 10 Jan 2019 21:54:22 +0000
-Subject: [PATCH 28/32] Tidy cache_blockdata_free()
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/cache.c | 15 +++++++++------
- 1 file changed, 9 insertions(+), 6 deletions(-)
-
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -200,14 +200,17 @@ static void cache_hash(struct crec *crec
-
- static void cache_blockdata_free(struct crec *crecp)
- {
-- if (crecp->flags & F_SRV && !(crecp->flags & F_NEG))
-- blockdata_free(crecp->addr.srv.target);
-+ if (!(crecp->flags & F_NEG))
-+ {
-+ if (crecp->flags & F_SRV)
-+ blockdata_free(crecp->addr.srv.target);
- #ifdef HAVE_DNSSEC
-- else if (crecp->flags & F_DNSKEY)
-- blockdata_free(crecp->addr.key.keydata);
-- else if ((crecp->flags & F_DS) && !(crecp->flags & F_NEG))
-- blockdata_free(crecp->addr.ds.keydata);
-+ else if (crecp->flags & F_DNSKEY)
-+ blockdata_free(crecp->addr.key.keydata);
-+ else if (crecp->flags & F_DS)
-+ blockdata_free(crecp->addr.ds.keydata);
- #endif
-+ }
- }
-
- static void cache_free(struct crec *crecp)
+++ /dev/null
-From f8c77edbdffb8ada7753ea9fa104f0f6da70cfe3 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Thu, 10 Jan 2019 21:58:18 +0000
-Subject: [PATCH 29/32] Fix removal of DHCP_CLIENT_MAC options from DHCPv6
- relay replies.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/rfc3315.c | 30 +++++++++++++++++-------------
- 1 file changed, 17 insertions(+), 13 deletions(-)
-
---- a/src/rfc3315.c
-+++ b/src/rfc3315.c
-@@ -219,21 +219,25 @@ static int dhcp6_maybe_relay(struct stat
- if (opt6_ptr(opt, 0) + opt6_len(opt) > end)
- return 0;
-
-- int o = new_opt6(opt6_type(opt));
-- if (opt6_type(opt) == OPTION6_RELAY_MSG)
-+ /* Don't copy MAC address into reply. */
-+ if (opt6_type(opt) != OPTION6_CLIENT_MAC)
- {
-- struct in6_addr align;
-- /* the packet data is unaligned, copy to aligned storage */
-- memcpy(&align, inbuff + 2, IN6ADDRSZ);
-- state->link_address = &align;
-- /* zero is_unicast since that is now known to refer to the
-- relayed packet, not the original sent by the client */
-- if (!dhcp6_maybe_relay(state, opt6_ptr(opt, 0), opt6_len(opt), client_addr, 0, now))
-- return 0;
-+ int o = new_opt6(opt6_type(opt));
-+ if (opt6_type(opt) == OPTION6_RELAY_MSG)
-+ {
-+ struct in6_addr align;
-+ /* the packet data is unaligned, copy to aligned storage */
-+ memcpy(&align, inbuff + 2, IN6ADDRSZ);
-+ state->link_address = &align;
-+ /* zero is_unicast since that is now known to refer to the
-+ relayed packet, not the original sent by the client */
-+ if (!dhcp6_maybe_relay(state, opt6_ptr(opt, 0), opt6_len(opt), client_addr, 0, now))
-+ return 0;
-+ }
-+ else
-+ put_opt6(opt6_ptr(opt, 0), opt6_len(opt));
-+ end_opt6(o);
- }
-- else if (opt6_type(opt) != OPTION6_CLIENT_MAC)
-- put_opt6(opt6_ptr(opt, 0), opt6_len(opt));
-- end_opt6(o);
- }
-
- return 1;
+++ /dev/null
-From 18eac67c0a15b673c8d27002c248651b308093e4 Mon Sep 17 00:00:00 2001
-From: Steven Siloti <ssiloti@gmail.com>
-Date: Sun, 13 Jan 2019 22:56:36 +0000
-Subject: [PATCH 30/32] Fix entries in /etc/hosts disabling static leases.
-
-It is possible for a config entry to have one address family specified by a
-dhcp-host directive and the other added from /etc/hosts. This is especially
-common on OpenWrt because it uses odhcpd for DHCPv6 and IPv6 leases are
-imported into dnsmasq via a hosts file.
-
-To handle this case there need to be separate *_HOSTS flags for IPv4 and IPv6.
-Otherwise when the hosts file is reloaded it will clear the CONFIG_ADDR(6) flag
-which was set by the dhcp-host directive.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/dhcp-common.c | 8 ++++++--
- src/dnsmasq.h | 1 +
- 2 files changed, 7 insertions(+), 2 deletions(-)
-
---- a/src/dhcp-common.c
-+++ b/src/dhcp-common.c
-@@ -372,7 +372,11 @@ void dhcp_update_configs(struct dhcp_con
-
- for (config = configs; config; config = config->next)
- if (config->flags & CONFIG_ADDR_HOSTS)
-- config->flags &= ~(CONFIG_ADDR | CONFIG_ADDR6 | CONFIG_ADDR_HOSTS);
-+ config->flags &= ~(CONFIG_ADDR | CONFIG_ADDR_HOSTS);
-+#ifdef HAVE_DHCP6
-+ if (config->flags & CONFIG_ADDR6_HOSTS)
-+ config->flags &= ~(CONFIG_ADDR6 | CONFIG_ADDR6_HOSTS);
-+#endif
-
- #ifdef HAVE_DHCP6
- again:
-@@ -421,7 +425,7 @@ void dhcp_update_configs(struct dhcp_con
- (!(conf_tmp = config_find_by_address6(configs, &crec->addr.addr6, 128, 0)) || conf_tmp == config))
- {
- memcpy(&config->addr6, &crec->addr.addr6, IN6ADDRSZ);
-- config->flags |= CONFIG_ADDR6 | CONFIG_ADDR_HOSTS;
-+ config->flags |= CONFIG_ADDR6 | CONFIG_ADDR6_HOSTS;
- continue;
- }
- #endif
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -789,6 +789,7 @@ struct dhcp_config {
- #define CONFIG_BANK 2048 /* from dhcp hosts file */
- #define CONFIG_ADDR6 4096
- #define CONFIG_WILDCARD 8192
-+#define CONFIG_ADDR6_HOSTS 16384 /* address added by from /etc/hosts */
-
- struct dhcp_opt {
- int opt, len, flags;
+++ /dev/null
-From d2d49907435433001ab00698a3e9ca2a7b5b3236 Mon Sep 17 00:00:00 2001
-From: Steven Siloti <ssiloti@gmail.com>
-Date: Thu, 17 Jan 2019 22:52:13 +0000
-Subject: [PATCH 31/32] Fix missing braces in
- 8eac67c0a15b673c8d27002c248651b308093e4
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/dhcp-common.c | 2 ++
- 1 file changed, 2 insertions(+)
-
---- a/src/dhcp-common.c
-+++ b/src/dhcp-common.c
-@@ -371,12 +371,14 @@ void dhcp_update_configs(struct dhcp_con
- int prot = AF_INET;
-
- for (config = configs; config; config = config->next)
-+ {
- if (config->flags & CONFIG_ADDR_HOSTS)
- config->flags &= ~(CONFIG_ADDR | CONFIG_ADDR_HOSTS);
- #ifdef HAVE_DHCP6
- if (config->flags & CONFIG_ADDR6_HOSTS)
- config->flags &= ~(CONFIG_ADDR6 | CONFIG_ADDR6_HOSTS);
- #endif
-+ }
-
- #ifdef HAVE_DHCP6
- again:
+++ /dev/null
-From 28cfe36e1eee9d2c234e0256ad459956b415a3bb Mon Sep 17 00:00:00 2001
-From: Brian Haley <haleyb.dev@gmail.com>
-Date: Thu, 17 Jan 2019 23:21:23 +0000
-Subject: [PATCH 32/32] Change read_leases() to skip invalid entries.
-
-There's no reason to stop reading the existing lease file
-when dnsmasq is started and an invalid entry is found, it
-can just be ignored. This was fallout from an Openstack
-bug where the file was being written incorrectly with []
-around IPv6 addresses.
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/lease.c | 22 +++++++++++++++-------
- 1 file changed, 15 insertions(+), 7 deletions(-)
-
---- a/src/lease.c
-+++ b/src/lease.c
-@@ -60,8 +60,13 @@ static int read_leases(time_t now, FILE
-
- if (fscanf(leasestream, " %64s %255s %764s",
- daemon->namebuff, daemon->dhcp_buff, daemon->packet) != 3)
-- return 0;
--
-+ {
-+ my_syslog(MS_DHCP | LOG_WARNING, _("ignoring invalid line in lease database: %s %s %s %s ..."),
-+ daemon->dhcp_buff3, daemon->dhcp_buff2,
-+ daemon->namebuff, daemon->dhcp_buff);
-+ continue;
-+ }
-+
- if (inet_pton(AF_INET, daemon->namebuff, &addr.addr4))
- {
- if ((lease = lease4_allocate(addr.addr4)))
-@@ -92,7 +97,12 @@ static int read_leases(time_t now, FILE
- }
- #endif
- else
-- return 0;
-+ {
-+ my_syslog(MS_DHCP | LOG_WARNING, _("ignoring invalid line in lease database, bad address: %s"),
-+ daemon->namebuff);
-+ continue;
-+ }
-+
-
- if (!lease)
- die (_("too many stored leases"), NULL, EC_MISC);
-@@ -172,10 +182,8 @@ void lease_init(time_t now)
- if (leasestream)
- {
- if (!read_leases(now, leasestream))
-- my_syslog(MS_DHCP | LOG_ERR, _("failed to parse lease database, invalid line: %s %s %s %s ..."),
-- daemon->dhcp_buff3, daemon->dhcp_buff2,
-- daemon->namebuff, daemon->dhcp_buff);
--
-+ my_syslog(MS_DHCP | LOG_ERR, _("failed to parse lease database cleanly"));
-+
- if (ferror(leasestream))
- die(_("failed to read lease file %s: %s"), daemon->lease_file, EC_FILE);
- }
+++ /dev/null
-From e710c34469af4378c2db6fa0b0be88313adcb68f Mon Sep 17 00:00:00 2001
-From: Alin Nastac <alin.nastac@gmail.com>
-Date: Mon, 30 Sep 2019 15:30:26 +0100
-Subject: [PATCH] Fix crash when negative SRV response over TCP gets stored in
- LRU cache entry.
-
-Patch extended to receive side of pipe by SRK.
----
- src/cache.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
---- a/src/cache.c
-+++ b/src/cache.c
-@@ -665,7 +665,11 @@ void cache_end_insert(void)
- if (flags & (F_IPV4 | F_IPV6 | F_DNSKEY | F_DS | F_SRV))
- read_write(daemon->pipe_to_parent, (unsigned char *)&new_chain->addr, sizeof(new_chain->addr), 0);
- if (flags & F_SRV)
-- blockdata_write(new_chain->addr.srv.target, new_chain->addr.srv.targetlen, daemon->pipe_to_parent);
-+ {
-+ /* A negative SRV entry is possible and has no data, obviously. */
-+ if (!(flags & F_NEG))
-+ blockdata_write(new_chain->addr.srv.target, new_chain->addr.srv.targetlen, daemon->pipe_to_parent);
-+ }
- #ifdef HAVE_DNSSEC
- if (flags & F_DNSKEY)
- {
-@@ -737,7 +741,7 @@ int cache_recv_insert(time_t now, int fd
- if (!read_write(fd, (unsigned char *)&addr, sizeof(addr), 1))
- return 0;
-
-- if (flags & F_SRV && !(addr.srv.target = blockdata_read(fd, addr.srv.targetlen)))
-+ if ((flags & F_SRV) && !(flags & F_NEG) && !(addr.srv.target = blockdata_read(fd, addr.srv.targetlen)))
- return 0;
-
- #ifdef HAVE_DNSSEC
+++ /dev/null
-From 1f55b09dd88bc65b3ee6e3a665bc844a5a9a9e8d Mon Sep 17 00:00:00 2001
-From: Hans Dedecker <dedeckeh@gmail.com>
-Date: Fri, 9 Aug 2019 21:08:17 +0200
-Subject: [PATCH] crypto: use nettle ecc_curve access functions
-
-Nettle 3.5.1 has made ecc_curve definitions (nettle_secp_192r1,
-nettle_secp_224r1, nettle_secp_256r1, ...) private and forces
-users to make use of the accessor functions (nettle_get_secp_192r1,
-...) to retrieve the specific ecc_curve structs.
-
-Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
----
- src/crypto.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
---- a/src/crypto.c
-+++ b/src/crypto.c
-@@ -294,7 +294,7 @@ static int dnsmasq_ecdsa_verify(struct b
- if (!(key_256 = whine_malloc(sizeof(struct ecc_point))))
- return 0;
-
-- nettle_ecc_point_init(key_256, &nettle_secp_256r1);
-+ nettle_ecc_point_init(key_256, nettle_get_secp_256r1());
- }
-
- key = key_256;
-@@ -307,7 +307,7 @@ static int dnsmasq_ecdsa_verify(struct b
- if (!(key_384 = whine_malloc(sizeof(struct ecc_point))))
- return 0;
-
-- nettle_ecc_point_init(key_384, &nettle_secp_384r1);
-+ nettle_ecc_point_init(key_384, nettle_get_secp_384r1());
- }
-
- key = key_384;
+++ /dev/null
-dnsmasq: fix warning with poll.h include on musl
-
-Warning is:
- #warning redirecting incorrect #include <sys/poll.h> to <poll.h>
-
-Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
-
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -95,7 +95,7 @@ typedef unsigned long long u64;
- #if defined(HAVE_SOLARIS_NETWORK)
- # include <sys/sockio.h>
- #endif
--#include <sys/poll.h>
-+#include <poll.h>
- #include <sys/wait.h>
- #include <sys/time.h>
- #include <sys/un.h>
projects / openwrt / staging / ldir.git / commitdiff