openwrt-packages-dist/net/mdnsresponder/patches/100-linux_fixes.patch

--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+Clients/build
+mDNSPosix/build
+mDNSPosix/objects
+
--- a/mDNSPosix/PosixDaemon.c
+++ b/mDNSPosix/PosixDaemon.c
@@ -37,6 +37,11 @@
 #include <fcntl.h>
 #include <pwd.h>
 #include <sys/types.h>
+#ifdef __linux__
+#include <sys/capability.h> /* !!! We require libcap-dev for this. Oh well. */
+/* prctl is required to enable inheriting of capabilities across setuid */
+#include <sys/prctl.h>
+#endif /* __linux__ */
 
 #if __APPLE__
 #undef daemon
@@ -184,16 +189,50 @@ int main(int argc, char **argv)
 
     Reconfigure(&mDNSStorage);
 
+#ifdef __linux__
+    /*
+     * SO_BINDTODEVICE is privileged operation; however, we can get
+     * around it using capabilities instead of remaining root.
+     */
+    if (mStatus_NoError == err)
+      {
+        if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0)
+          perror("prctl PR_SET_KEEPCAPS");
+      }
+#endif /* __linux__ */
+
     // Now that we're finished with anything privileged, switch over to running as "nobody"
     if (mStatus_NoError == err)
     {
         const struct passwd *pw = getpwnam("nobody");
         if (pw != NULL)
+          {
             setuid(pw->pw_uid);
+#ifdef __linux__
+            struct __user_cap_header_struct ch;
+            struct __user_cap_data_struct cd[_LINUX_CAPABILITY_U32S_3];
+
+            memset(&ch, 0, sizeof(ch));
+            ch.version = _LINUX_CAPABILITY_VERSION_3;
+            ch.pid = getpid();
+            memset(&cd[0], 0, sizeof(cd));
+            /* CAP_NET_RAW is required to use SO_BINDTODEVICE */
+            int caps = CAP_TO_MASK(CAP_NET_RAW);
+            cd[0].permitted = caps;
+            cd[0].effective = caps;
+            if (capset(&ch, &cd[0]) < 0)
+              perror("capset");
+#endif /* __linux__ */
+          }
         else
             LogMsg("WARNING: mdnsd continuing as root because user \"nobody\" does not exist");
     }
 
+#ifdef __linux__
+    if (mStatus_NoError == err)
+      err = mDNSPlatformPosixRefreshInterfaceList(&mDNSStorage);
+#endif /* __linux__ */
+
     if (mStatus_NoError == err)
         err = MainLoop(&mDNSStorage);
 
--- a/mDNSPosix/Responder.c
+++ b/mDNSPosix/Responder.c
@@ -603,7 +603,8 @@ static mStatus RegisterServicesInFile(co
         status = mStatus_UnknownErr;
     }
 
-    assert(0 == fclose(fp));
+    int rv = fclose(fp);
+    assert(0 == rv);
 
     return status;
 }
--- a/mDNSPosix/mDNSPosix.c
+++ b/mDNSPosix/mDNSPosix.c
@@ -138,7 +138,7 @@ mDNSlocal void SockAddrTomDNSAddr(const
 
 // mDNS core calls this routine when it needs to send a packet.
 mDNSexport mStatus mDNSPlatformSendUDP(const mDNS *const m, const void *const msg, const mDNSu8 *const end,
-                                       mDNSInterfaceID InterfaceID, UDPSocket *src, const mDNSAddr *dst, 
+                                       mDNSInterfaceID InterfaceID, UDPSocket *src, const mDNSAddr *dst,
                                        mDNSIPPort dstPort, mDNSBool useBackgroundTrafficClass)
 {
     int err = 0;
@@ -583,9 +583,17 @@ mDNSlocal void FreePosixNetworkInterface
 {
     assert(intf != NULL);
     if (intf->intfName != NULL) free((void *)intf->intfName);
-    if (intf->multicastSocket4 != -1) assert(close(intf->multicastSocket4) == 0);
+    if (intf->multicastSocket4 != -1)
+      {
+        int rv = close(intf->multicastSocket4);
+        assert(rv == 0);
+      }
 #if HAVE_IPV6
-    if (intf->multicastSocket6 != -1) assert(close(intf->multicastSocket6) == 0);
+    if (intf->multicastSocket6 != -1)
+      {
+        int rv = close(intf->multicastSocket6);
+        assert(rv == 0);
+      }
 #endif
 
     // Move interface to the RecentInterfaces list for a minute
@@ -724,6 +732,29 @@ mDNSlocal int SetupSocket(struct sockadd
             if (err < 0) { err = errno; perror("setsockopt - IP_MULTICAST_TTL"); }
         }
 
+#ifdef __linux__
+#ifdef SO_BINDTODEVICE
+        if (err == 0 && interfaceIndex)
+        {
+            char ifname[IFNAMSIZ];
+            if (if_indextoname(interfaceIndex, ifname))
+              {
+                err = setsockopt(*sktPtr, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname));
+                if (err < 0)
+                  {
+                    err = errno;
+                    perror("setsockopt - SO_BINDTODEVICE");
+                  }
+              }
+            else
+              {
+                err = errno;
+                perror("if_indextoname");
+              }
+        }
+#endif /* SO_BINDTODEVICE */
+#endif /* __linux__ */
+
         // And start listening for packets
         if (err == 0)
         {
@@ -805,6 +836,29 @@ mDNSlocal int SetupSocket(struct sockadd
             if (err < 0) { err = errno; perror("setsockopt - IPV6_MULTICAST_HOPS"); }
         }
 
+#ifdef __linux__
+#ifdef SO_BINDTODEVICE
+        if (err == 0 && interfaceIndex)
+        {
+            char ifname[IFNAMSIZ];
+            if (if_indextoname(interfaceIndex, ifname))
+              {
+                err = setsockopt(*sktPtr, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname));
+                if (err < 0)
+                  {
+                    err = errno;
+                    perror("setsockopt - SO_BINDTODEVICE");
+                  }
+              }
+            else
+              {
+                err = errno;
+                perror("if_indextoname");
+              }
+        }
+#endif /* SO_BINDTODEVICE */
+#endif /* __linux__ */
+
         // And start listening for packets
         if (err == 0)
         {
@@ -836,7 +890,12 @@ mDNSlocal int SetupSocket(struct sockadd
     }
 
     // Clean up
-    if (err != 0 && *sktPtr != -1) { assert(close(*sktPtr) == 0); *sktPtr = -1; }
+    if (err != 0 && *sktPtr != -1)
+      {
+        int rv = close(*sktPtr);
+        assert(rv == 0);
+        *sktPtr = -1;
+      }
     assert((err == 0) == (*sktPtr != -1));
     return err;
 }
@@ -1026,7 +1085,7 @@ mDNSlocal mStatus OpenIfNotifySocket(int
     /* Subscribe the socket to Link & IP addr notifications. */
     mDNSPlatformMemZero(&snl, sizeof snl);
     snl.nl_family = AF_NETLINK;
-    snl.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR;
+    snl.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR | RTMGRP_IPV6_IFADDR;
     ret = bind(sock, (struct sockaddr *) &snl, sizeof snl);
     if (0 == ret)
         *pFD = sock;
@@ -1104,11 +1163,18 @@ mDNSlocal mDNSu32       ProcessRoutingNo
         PrintNetLinkMsg(pNLMsg);
 #endif
 
+        // this result isn't used anywhere as a number, just as
+        // non-zero - however, I have seen devices with more than 32
+        // interfaces at some point..
+        // (on Linux, every tunnel increases index for example)
+
         // Process the NetLink message
         if (pNLMsg->nlmsg_type == RTM_GETLINK || pNLMsg->nlmsg_type == RTM_NEWLINK)
-            result |= 1 << ((struct ifinfomsg*) NLMSG_DATA(pNLMsg))->ifi_index;
+          result |= 1;
+        // << ((struct ifinfomsg*) NLMSG_DATA(pNLMsg))->ifi_index;
         else if (pNLMsg->nlmsg_type == RTM_DELADDR || pNLMsg->nlmsg_type == RTM_NEWADDR)
-            result |= 1 << ((struct ifaddrmsg*) NLMSG_DATA(pNLMsg))->ifa_index;
+          result |= 1;
+        // << ((struct ifaddrmsg*) NLMSG_DATA(pNLMsg))->ifa_index;
 
         // Advance pNLMsg to the next message in the buffer
         if ((pNLMsg->nlmsg_flags & NLM_F_MULTI) != 0 && pNLMsg->nlmsg_type != NLMSG_DONE)
@@ -1279,8 +1345,12 @@ mDNSexport mStatus mDNSPlatformInit(mDNS
     if (err == mStatus_NoError) err = SetupSocket(&sa, zeroIPPort, 0, &m->p->unicastSocket6);
 #endif
 
+    // In Linux case, we can't set up sockets with different owner -
+    // it blows up SO_REUSEPORT. So we do this step bit later.
+#ifndef __linux__
     // Tell mDNS core about the network interfaces on this machine.
     if (err == mStatus_NoError) err = SetupInterfaceList(m);
+#endif /* !__linux__ */
 
     // Tell mDNS core about DNS Servers
     mDNS_Lock(m);
@@ -1313,9 +1383,17 @@ mDNSexport void mDNSPlatformClose(mDNS *
 {
     assert(m != NULL);
     ClearInterfaceList(m);
-    if (m->p->unicastSocket4 != -1) assert(close(m->p->unicastSocket4) == 0);
+    if (m->p->unicastSocket4 != -1)
+      {
+        int rv = close(m->p->unicastSocket4);
+        assert(rv == 0);
+      }
 #if HAVE_IPV6
-    if (m->p->unicastSocket6 != -1) assert(close(m->p->unicastSocket6) == 0);
+    if (m->p->unicastSocket6 != -1)
+      {
+        int rv = close(m->p->unicastSocket6);
+        assert(rv == 0);
+      }
 #endif
 }
 
@@ -1571,14 +1649,14 @@ mDNSexport mStatus    mDNSPlatformClearS
 mDNSexport mDNSu16 mDNSPlatformGetUDPPort(UDPSocket *sock)
 {
     (void) sock; // unused
- 
+
     return (mDNSu16)-1;
 }
 
 mDNSexport mDNSBool mDNSPlatformInterfaceIsD2D(mDNSInterfaceID InterfaceID)
 {
     (void) InterfaceID; // unused
-    
+
     return mDNSfalse;
 }
 
--- a/mDNSPosix/mDNSUNP.c
+++ b/mDNSPosix/mDNSUNP.c
@@ -61,154 +61,86 @@
 #endif
 
 #if defined(AF_INET6) && HAVE_IPV6 && HAVE_LINUX
-#include <netdb.h>
-#include <arpa/inet.h>
+#include <sys/types.h>
+#include <ifaddrs.h>
 
-/* Converts a prefix length to IPv6 network mask */
-void plen_to_mask(int plen, char *addr) {
-    int i;
-    int colons=7; /* Number of colons in IPv6 address */
-    int bits_in_block=16; /* Bits per IPv6 block */
-    for(i=0; i<=colons; i++) {
-        int block, ones=0xffff, ones_in_block;
-        if (plen>bits_in_block) ones_in_block=bits_in_block;
-        else ones_in_block=plen;
-        block = ones & (ones << (bits_in_block-ones_in_block));
-        i==0 ? sprintf(addr, "%x", block) : sprintf(addr, "%s:%x", addr, block);
-        plen -= ones_in_block;
-    }
-}
 
-/* Gets IPv6 interface information from the /proc filesystem in linux*/
-struct ifi_info *get_ifi_info_linuxv6(int family, int doaliases)
+/* Correct way to deal with this is just to use getifaddrs (glibc
+ * 2.3.3+ and various BSDs, but BSDs are 'slightly different' just to
+ * make life interesting). We assume Linux getifaddrs is available,
+ * and if not, please upgrade. */
+struct ifi_info *get_ifi_info_linuxv6(int doaliases)
 {
-    struct ifi_info *ifi, *ifihead, **ifipnext, *ifipold, **ifiptr;
-    FILE *fp;
-    char addr[8][5];
-    int flags, myflags, index, plen, scope;
-    char ifname[9], lastname[IFNAMSIZ];
-    char addr6[32+7+1]; /* don't forget the seven ':' */
-    struct addrinfo hints, *res0;
-    struct sockaddr_in6 *sin6;
-    struct in6_addr *addrptr;
-    int err;
-    int sockfd = -1;
-    struct ifreq ifr;
-
-    res0=NULL;
-    ifihead = NULL;
-    ifipnext = &ifihead;
-    lastname[0] = 0;
-
-    if ((fp = fopen(PROC_IFINET6_PATH, "r")) != NULL) {
-        sockfd = socket(AF_INET6, SOCK_DGRAM, 0);
-        if (sockfd < 0) {
-            goto gotError;
-        }
-        while (fscanf(fp,
-                      "%4s%4s%4s%4s%4s%4s%4s%4s %02x %02x %02x %02x %8s\n",
-                      addr[0],addr[1],addr[2],addr[3],
-                      addr[4],addr[5],addr[6],addr[7],
-                      &index, &plen, &scope, &flags, ifname) != EOF) {
-
-            myflags = 0;
-            if (strncmp(lastname, ifname, IFNAMSIZ) == 0) {
-                if (doaliases == 0)
-                    continue;   /* already processed this interface */
-                myflags = IFI_ALIAS;
-            }
-            memcpy(lastname, ifname, IFNAMSIZ);
-            ifi = (struct ifi_info*)calloc(1, sizeof(struct ifi_info));
-            if (ifi == NULL) {
-                goto gotError;
-            }
-
-            ifipold   = *ifipnext;       /* need this later */
-            ifiptr    = ifipnext;
-            *ifipnext = ifi;            /* prev points to this new one */
-            ifipnext = &ifi->ifi_next;  /* pointer to next one goes here */
-
-            sprintf(addr6, "%s:%s:%s:%s:%s:%s:%s:%s",
-                    addr[0],addr[1],addr[2],addr[3],
-                    addr[4],addr[5],addr[6],addr[7]);
-
-            /* Add address of the interface */
-            memset(&hints, 0, sizeof(hints));
-            hints.ai_family = AF_INET6;
-            hints.ai_flags = AI_NUMERICHOST;
-            err = getaddrinfo(addr6, NULL, &hints, &res0);
-            if (err) {
-                goto gotError;
-            }
-            ifi->ifi_addr = calloc(1, sizeof(struct sockaddr_in6));
-            if (ifi->ifi_addr == NULL) {
-                goto gotError;
-            }
-            memcpy(ifi->ifi_addr, res0->ai_addr, sizeof(struct sockaddr_in6));
-
-            /* Add netmask of the interface */
-            char ipv6addr[INET6_ADDRSTRLEN];
-            plen_to_mask(plen, ipv6addr);
-            ifi->ifi_netmask = calloc(1, sizeof(struct sockaddr_in6));
-            if (ifi->ifi_addr == NULL) {
-                goto gotError;
-            }
-            sin6=calloc(1, sizeof(struct sockaddr_in6));
-            addrptr=calloc(1, sizeof(struct in6_addr));
-            inet_pton(family, ipv6addr, addrptr);
-            sin6->sin6_family=family;
-            sin6->sin6_addr=*addrptr;
-            sin6->sin6_scope_id=scope;
-            memcpy(ifi->ifi_netmask, sin6, sizeof(struct sockaddr_in6));
-            free(sin6);
-
-
-            /* Add interface name */
-            memcpy(ifi->ifi_name, ifname, IFI_NAME);
-
-            /* Add interface index */
-            ifi->ifi_index = index;
-
-            /* Add interface flags*/
-            memcpy(ifr.ifr_name, ifname, IFNAMSIZ);
-            if (ioctl(sockfd, SIOCGIFFLAGS, &ifr) < 0) {
-                if (errno == EADDRNOTAVAIL) {
-                    /*
-                     * If the main interface is configured with no IP address but
-                     * an alias interface exists with an IP address, you get
-                     * EADDRNOTAVAIL for the main interface
-                     */
-                    free(ifi->ifi_addr);
-                    free(ifi);
-                    ifipnext  = ifiptr;
-                    *ifipnext = ifipold;
-                    continue;
-                } else {
-                    goto gotError;
-                }
-            }
-            ifi->ifi_flags = ifr.ifr_flags;
-            freeaddrinfo(res0);
-            res0=NULL;
-        }
-    }
-    goto done;
+  struct ifaddrs *ifap, *ifa;
+  struct ifi_info *ifi = NULL, *head = NULL;
 
-gotError:
-    if (ifihead != NULL) {
-        free_ifi_info(ifihead);
-        ifihead = NULL;
-    }
-    if (res0 != NULL) {
-        freeaddrinfo(res0);
-        res0=NULL;
+  /* doaliases seems always true in the calls in current code */
+  assert(doaliases);
+
+  if (getifaddrs(&ifap) < 0)
+    {
+      return NULL;
     }
-done:
-    if (sockfd != -1) {
-        assert(close(sockfd) == 0);
+  for (ifa = ifap ; ifa ; ifa = ifa->ifa_next)
+    {
+      /* Care only about IPv6 addresses on non-point-to-point links. */
+      if (!ifa->ifa_addr
+          || ifa->ifa_addr->sa_family != AF_INET6)
+        continue;
+      ifi = calloc(1, sizeof(*ifi));
+      if (!ifi)
+        break;
+      strncpy(ifi->ifi_name, ifa->ifa_name, IFI_NAME);
+      /* We ignore ifi_{haddr,hlen}, everyone else does too */
+      ifi->ifi_flags = ifa->ifa_flags;
+      /* We ignore ifi_myflags; IFI_ALIAS isn't used anywhere */
+      ifi->ifi_index = if_nametoindex(ifa->ifa_name);
+      if (!(ifi->ifi_addr = malloc(sizeof(struct sockaddr_in6))))
+        break;
+      memcpy(ifi->ifi_addr, ifa->ifa_addr, sizeof(struct sockaddr_in6));
+
+      if (ifa->ifa_netmask)
+        {
+          if (!(ifi->ifi_netmask = malloc(sizeof(struct sockaddr_in6))))
+            break;
+          memcpy(ifi->ifi_netmask, ifa->ifa_netmask,
+                 sizeof(struct sockaddr_in6));
+        }
+
+      if (!(ifi->ifi_addr = malloc(sizeof(struct sockaddr_in6))))
+        break;
+      memcpy(ifi->ifi_addr, ifa->ifa_addr, sizeof(struct sockaddr_in6));
+
+
+      if (ifa->ifa_flags & IFF_POINTOPOINT && ifa->ifa_dstaddr)
+        {
+          if (!(ifi->ifi_dstaddr = malloc(sizeof(struct sockaddr_in6))))
+            break;
+          memcpy(ifi->ifi_dstaddr, ifa->ifa_dstaddr,
+                 sizeof(struct sockaddr_in6));
+        }
+      else if (ifa->ifa_broadaddr)
+        {
+          if (!(ifi->ifi_brdaddr = malloc(sizeof(struct sockaddr_in6))))
+            break;
+          memcpy(ifi->ifi_brdaddr, ifa->ifa_broadaddr,
+                 sizeof(struct sockaddr_in6));
+        }
+      ifi->ifi_next = head;
+      head = ifi;
+      ifi = NULL;
+    };
+  if (ifi)
+    {
+      /* An error occurred. Let's bail out. */
+      ifi->ifi_next = head;
+      free_ifi_info(head);
+      return NULL;
     }
-    return(ifihead);    /* pointer to first structure in linked list */
+  freeifaddrs(ifap);
+  return head;
 }
+
 #endif // defined(AF_INET6) && HAVE_IPV6 && HAVE_LINUX
 
 struct ifi_info *get_ifi_info(int family, int doaliases)
@@ -229,7 +161,7 @@ struct ifi_info *get_ifi_info(int family
 #endif
 
 #if defined(AF_INET6) && HAVE_IPV6 && HAVE_LINUX
-    if (family == AF_INET6) return get_ifi_info_linuxv6(family, doaliases);
+    if (family == AF_INET6) return get_ifi_info_linuxv6(doaliases);
 #endif
 
     sockfd = -1;
--- a/mDNSPosix/mDNSUNP.h
+++ b/mDNSPosix/mDNSUNP.h
@@ -97,8 +97,7 @@ struct ifi_info {
 };
 
 #if defined(AF_INET6) && HAVE_IPV6 && HAVE_LINUX
-#define PROC_IFINET6_PATH "/proc/net/if_inet6"
-extern struct ifi_info  *get_ifi_info_linuxv6(int family, int doaliases);
+extern struct ifi_info  *get_ifi_info_linuxv6(int doaliases);
 #endif
 
 #if defined(AF_INET6) && HAVE_IPV6
--- a/mDNSShared/dnsextd_parser.y
+++ b/mDNSShared/dnsextd_parser.y
@@ -15,6 +15,8 @@
  * limitations under the License.
  */
 
+%parse-param { void *context }
+
 %{
 #include <stdio.h>
 #include <stdlib.h>
@@ -23,7 +25,7 @@
 #include "DebugServices.h"
 #include "dnsextd.h"
 
-void yyerror( const char* error );
+void yyerror( void *context, const char* error );
 int  yylex(void);
 
 
@@ -378,7 +380,7 @@ int yywrap(void);
 
 extern int yylineno;
 
-void yyerror( const char *str )
+void yyerror( void *context, const char *str )
 {
         fprintf( stderr,"%s:%d: error: %s\n", g_filename, yylineno, str );
 }