From 68b093d00b1584e6820c33f21f1e9ff4ab234e42 Mon Sep 17 00:00:00 2001 From: "W. Michael Petullo" Date: Sun, 28 Apr 2019 01:25:02 -0400 Subject: [PATCH] mdnsresponder: update to IETF104 Signed-off-by: W. Michael Petullo --- net/mdnsresponder/Makefile | 6 +- .../patches/001-cross_compile.patch | 114 -------- .../patches/100-linux_fixes.patch | 262 ------------------ .../patches/120-reproducible-builds.patch | 52 ---- 4 files changed, 3 insertions(+), 431 deletions(-) delete mode 100644 net/mdnsresponder/patches/001-cross_compile.patch delete mode 100644 net/mdnsresponder/patches/100-linux_fixes.patch delete mode 100644 net/mdnsresponder/patches/120-reproducible-builds.patch diff --git a/net/mdnsresponder/Makefile b/net/mdnsresponder/Makefile index 5072a45b6..e209b8ff7 100644 --- a/net/mdnsresponder/Makefile +++ b/net/mdnsresponder/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mDNSResponder -PKG_VERSION:=878.200.35 +PKG_VERSION:=IETF104 PKG_RELEASE:=1 PKG_SOURCE:=mDNSResponder-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://opensource.apple.com/tarballs/mDNSResponder/ -PKG_HASH:=e777b4d7dbf5eb1552cb80090ad1ede319067ab6e45e3990d68aabf6e8b3f5a0 +PKG_SOURCE_URL:=https://opensource.apple.com/tarballs/mDNSResponder/IETF/ +PKG_HASH:=b3a76fd35cf2d561546c2fbeaea1e5998b7e04b8330afb918ea5fbdeb202162c PKG_MAINTAINER:= PKG_LICENSE:=Apache-2.0 diff --git a/net/mdnsresponder/patches/001-cross_compile.patch b/net/mdnsresponder/patches/001-cross_compile.patch deleted file mode 100644 index aa90eb98b..000000000 --- a/net/mdnsresponder/patches/001-cross_compile.patch +++ /dev/null @@ -1,114 +0,0 @@ ---- a/Clients/Makefile -+++ b/Clients/Makefile -@@ -27,6 +27,8 @@ - - ############################################################################# - -+CC = @cc -+ - # On OS X the dns_sd library functions are included in libSystem, which is implicitly linked with every executable - # If /usr/lib/libSystem.dylib exists, then we're on OS X, so we don't need also to link the "dns_sd" shared library - ifneq "$(wildcard /usr/lib/libSystem.dylib)" "" -@@ -46,10 +48,10 @@ build: - mkdir build - - build/dns-sd: build dns-sd.c ClientCommon.c -- $(CC) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ -+ $(CC) $(CFLAGS) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ - - build/dns-sd64: build dns-sd.c ClientCommon.c -- $(CC) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ -m64 -+ $(CC) $(CFLAGS) $(filter %.c %.o, $+) $(LIBS) -I../mDNSShared -Wall -o $@ -m64 - - # Note, we can make a 'fat' version of dns-sd using 'lipo', as shown below, but we - # don't, because we don't want or need a 'fat' version of dns-sd, because it will ---- a/mDNSPosix/Makefile -+++ b/mDNSPosix/Makefile -@@ -54,11 +54,12 @@ COREDIR = ../mDNSCore - SHAREDDIR ?= ../mDNSShared - JDK = /usr/jdk - --CC = @cc -+CC = @gcc - BISON = @bison - FLEX = @flex - ST = @strip --LD = ld -shared -+LD = @ld -+SOOPTS = -shared - CP = cp - RM = rm - LN = ln -s -f -@@ -92,7 +93,7 @@ CFLAGS_DEBUG = -O0 -DMDNS_DEBUGMSGS=0 - CFLAGS_OS = -DNOT_HAVE_DAEMON -DNOT_HAVE_SA_LEN -DNOT_HAVE_SOCKLEN_T -DNOT_HAVE_IF_NAMETOINDEX \ - -DLOG_PERROR=0 -D_XPG4_2 -D__EXTENSIONS__ -DHAVE_BROKEN_RECVIF_NAME -DTARGET_OS_SOLARIS - CC = gcc --LD = gcc -shared -+LD = gcc - LINKOPTS = -lsocket -lnsl -lresolv - JAVACFLAGS_OS += -I$(JDK)/include/solaris - ifneq ($(DEBUG),1) -@@ -149,7 +150,8 @@ -D__MAC_OS_X_VERSION_MIN_REQUIRED=__MAC_OS_X_VERSION_10_4 \ - -DHAVE_STRLCPY=1 \ - -D__APPLE_USE_RFC_2292 #-Wunreachable-code - CC = gcc --LD = $(CC) -dynamiclib -+LD = $(CC) -+SOOPTS= -dynamiclib - LINKOPTS = -lSystem - LDSUFFIX = dylib - JDK = /System/Library/Frameworks/JavaVM.framework/Home -@@ -172,8 +174,9 @@ NSSLIBFILE := $(NSSLIBNAME)-$(NSSVERSIO - NSSLINKNAME := $(NSSLIBNAME).so.2 - NSSINSTPATH := /lib - --# If not otherwise defined, we install into /usr/lib and /usr/include -+# If not otherwise defined, we install into /usr/lib, /usr/include and /etc - # and our startup script is called mdns (e.g. /etc/init.d/mdns) -+ETCBASE?=/etc - INSTBASE?=/usr - STARTUPSCRIPTNAME?=mdns - -@@ -259,7 +262,7 @@ libdns_sd: setup $(BUILDDIR)/libdns_sd.$ - CLIENTLIBOBJS = $(OBJDIR)/dnssd_clientlib.c.so.o $(OBJDIR)/dnssd_clientstub.c.so.o $(OBJDIR)/dnssd_ipc.c.so.o - - $(BUILDDIR)/libdns_sd.$(LDSUFFIX): $(CLIENTLIBOBJS) -- @$(LD) $(LINKOPTS) -o $@ $+ -+ @$(LD) $(SOOPTS) $(LINKOPTS) -o $@ $+ - @$(STRIP) $@ - - Clients: setup libdns_sd ../Clients/build/dns-sd -@@ -294,7 +297,7 @@ InstalledManPages: $(MANPATH)/man8/mdnsd - InstalledClients: $(INSTBASE)/bin/dns-sd - @echo $+ " installed" - --InstalledNSS: $(NSSINSTPATH)/$(NSSLINKNAME) /etc/nss_mdns.conf $(MANPATH)/man5/nss_mdns.conf.5 $(MANPATH)/man8/libnss_mdns.8 -+InstalledNSS: $(NSSINSTPATH)/$(NSSLINKNAME) $(ETCBASE)/nss_mdns.conf $(MANPATH)/man5/nss_mdns.conf.5 $(MANPATH)/man8/libnss_mdns.8 - @echo $+ " installed" - - # Note: If daemon already installed, we make sure it's stopped before overwriting it -@@ -347,19 +350,21 @@ $(INSTBASE)/bin/dns-sd: ../Clients/build - - $(NSSINSTPATH)/$(NSSLINKNAME): $(NSSINSTPATH)/$(NSSLIBFILE) - $(LN) $< $@ -- ldconfig -+ifdef LDCONFIG -+ $(LDCONFIG) -+endif - - $(NSSINSTPATH)/$(NSSLIBFILE): $(BUILDDIR)/$(NSSLIBFILE) - $(CP) $< $@ - chmod 444 $@ - --/etc/nss_mdns.conf: nss_mdns.conf -+$(ETCBASE)/nss_mdns.conf: nss_mdns.conf - $(CP) $< $@ - chmod 444 $@ - # Check the nsswitch.conf file. - # If 'mdns' does not already appear on the "hosts:" line, then add it right before 'dns' -- cp -f /etc/nsswitch.conf /etc/nsswitch.conf.pre-mdns -- sed -e '/mdns/!s/^\(hosts:.*\)dns\(.*\)/\1mdns dns\2/' /etc/nsswitch.conf.pre-mdns > /etc/nsswitch.conf -+ -[ -f $(ETCBASE)/nsswitch.conf ] && cp -f $(ETCBASE)/nsswitch.conf $(ETCBASE)/nsswitch.conf.pre-mdns -+ -[ -f $(ETCBASE)/nsswitch.conf ] && sed -e '/mdns/!s/^\(hosts:.*\)dns\(.*\)/\1mdns dns\2/' $(ETCBASE)/nsswitch.conf.pre-mdns > $(ETCBASE)/nsswitch.conf - - ############################################################################# diff --git a/net/mdnsresponder/patches/100-linux_fixes.patch b/net/mdnsresponder/patches/100-linux_fixes.patch deleted file mode 100644 index cb623824b..000000000 --- a/net/mdnsresponder/patches/100-linux_fixes.patch +++ /dev/null @@ -1,262 +0,0 @@ -diff --git a/Clients/Makefile b/Clients/Makefile -index 383af31..925c20e 100755 ---- a/Clients/Makefile -+++ b/Clients/Makefile -@@ -36,7 +36,7 @@ TARGETS = build/dns-sd build/dns-sd64 - LIBS = - else - TARGETS = build/dns-sd --LIBS = -L../mDNSPosix/build/prod/ -ldns_sd -+LIBS ?= -L../mDNSPosix/build/prod/ -ldns_sd - endif - - all: $(TARGETS) -diff --git a/mDNSPosix/PosixDaemon.c b/mDNSPosix/PosixDaemon.c -index 88b3292..e86a6c7 100644 ---- a/mDNSPosix/PosixDaemon.c -+++ b/mDNSPosix/PosixDaemon.c -@@ -37,6 +37,11 @@ - #include - #include - #include -+#ifdef __linux__ -+#include /* !!! We require libcap-dev for this. Oh well. */ -+/* prctl is required to enable inheriting of capabilities across setuid */ -+#include -+#endif /* __linux__ */ - - #if __APPLE__ - #undef daemon -@@ -184,16 +189,50 @@ int main(int argc, char **argv) - - Reconfigure(&mDNSStorage); - -+#ifdef __linux__ -+ /* -+ * SO_BINDTODEVICE is privileged operation; however, we can get -+ * around it using capabilities instead of remaining root. -+ */ -+ if (mStatus_NoError == err) -+ { -+ if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) -+ perror("prctl PR_SET_KEEPCAPS"); -+ } -+#endif /* __linux__ */ -+ - // Now that we're finished with anything privileged, switch over to running as "nobody" - if (mStatus_NoError == err) - { - const struct passwd *pw = getpwnam("nobody"); - if (pw != NULL) -+ { - setuid(pw->pw_uid); -+#ifdef __linux__ -+ struct __user_cap_header_struct ch; -+ struct __user_cap_data_struct cd[_LINUX_CAPABILITY_U32S_3]; -+ -+ memset(&ch, 0, sizeof(ch)); -+ ch.version = _LINUX_CAPABILITY_VERSION_3; -+ ch.pid = getpid(); -+ memset(&cd[0], 0, sizeof(cd)); -+ /* CAP_NET_RAW is required to use SO_BINDTODEVICE */ -+ int caps = CAP_TO_MASK(CAP_NET_RAW); -+ cd[0].permitted = caps; -+ cd[0].effective = caps; -+ if (capset(&ch, &cd[0]) < 0) -+ perror("capset"); -+#endif /* __linux__ */ -+ } - else - LogMsg("WARNING: mdnsd continuing as root because user \"nobody\" does not exist"); - } - -+#ifdef __linux__ -+ if (mStatus_NoError == err) -+ err = mDNSPlatformPosixRefreshInterfaceList(&mDNSStorage); -+#endif /* __linux__ */ -+ - if (mStatus_NoError == err) - err = MainLoop(&mDNSStorage); - -diff --git a/mDNSPosix/mDNSPosix.c b/mDNSPosix/mDNSPosix.c -index 6effa12..7c1d6eb 100755 ---- a/mDNSPosix/mDNSPosix.c -+++ b/mDNSPosix/mDNSPosix.c -@@ -733,6 +741,29 @@ mDNSlocal int SetupSocket(struct sockaddr *intfAddr, mDNSIPPort port, int interf - if (err < 0) { err = errno; perror("setsockopt - IP_MULTICAST_TTL"); } - } - -+#ifdef __linux__ -+#ifdef SO_BINDTODEVICE -+ if (err == 0 && interfaceIndex) -+ { -+ char ifname[IFNAMSIZ]; -+ if (if_indextoname(interfaceIndex, ifname)) -+ { -+ err = setsockopt(*sktPtr, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname)); -+ if (err < 0) -+ { -+ err = errno; -+ perror("setsockopt - SO_BINDTODEVICE"); -+ } -+ } -+ else -+ { -+ err = errno; -+ perror("if_indextoname"); -+ } -+ } -+#endif /* SO_BINDTODEVICE */ -+#endif /* __linux__ */ -+ - // And start listening for packets - if (err == 0) - { -@@ -814,6 +845,29 @@ mDNSlocal int SetupSocket(struct sockaddr *intfAddr, mDNSIPPort port, int interf - if (err < 0) { err = errno; perror("setsockopt - IPV6_MULTICAST_HOPS"); } - } - -+#ifdef __linux__ -+#ifdef SO_BINDTODEVICE -+ if (err == 0 && interfaceIndex) -+ { -+ char ifname[IFNAMSIZ]; -+ if (if_indextoname(interfaceIndex, ifname)) -+ { -+ err = setsockopt(*sktPtr, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname)); -+ if (err < 0) -+ { -+ err = errno; -+ perror("setsockopt - SO_BINDTODEVICE"); -+ } -+ } -+ else -+ { -+ err = errno; -+ perror("if_indextoname"); -+ } -+ } -+#endif /* SO_BINDTODEVICE */ -+#endif /* __linux__ */ -+ - // And start listening for packets - if (err == 0) - { -@@ -958,19 +1017,14 @@ mDNSlocal int SetupInterfaceList(mDNS *const m) - int err = 0; - struct ifi_info *intfList = get_ifi_info(AF_INET, mDNStrue); - struct ifi_info *firstLoopback = NULL; -+ struct ifi_info **p = &intfList; - - assert(m != NULL); - debugf("SetupInterfaceList"); - -- if (intfList == NULL) err = ENOENT; -- - #if HAVE_IPV6 -- if (err == 0) /* Link the IPv6 list to the end of the IPv4 list */ -- { -- struct ifi_info **p = &intfList; -- while (*p) p = &(*p)->ifi_next; -- *p = get_ifi_info(AF_INET6, mDNStrue); -- } -+ while (*p) p = &(*p)->ifi_next; -+ *p = get_ifi_info(AF_INET6, mDNStrue); - #endif - - if (err == 0) -@@ -1046,7 +1100,7 @@ mDNSlocal mStatus OpenIfNotifySocket(int *pFD) - /* Subscribe the socket to Link & IP addr notifications. */ - mDNSPlatformMemZero(&snl, sizeof snl); - snl.nl_family = AF_NETLINK; -- snl.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR; -+ snl.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR | RTMGRP_IPV6_IFADDR; - ret = bind(sock, (struct sockaddr *) &snl, sizeof snl); - if (0 == ret) - *pFD = sock; -@@ -1124,11 +1178,18 @@ mDNSlocal mDNSu32 ProcessRoutingNotification(int sd) - PrintNetLinkMsg(pNLMsg); - #endif - -+ // this result isn't used anywhere as a number, just as -+ // non-zero - however, I have seen devices with more than 32 -+ // interfaces at some point.. -+ // (on Linux, every tunnel increases index for example) -+ - // Process the NetLink message - if (pNLMsg->nlmsg_type == RTM_GETLINK || pNLMsg->nlmsg_type == RTM_NEWLINK) -- result |= 1 << ((struct ifinfomsg*) NLMSG_DATA(pNLMsg))->ifi_index; -+ result |= 1; -+ // << ((struct ifinfomsg*) NLMSG_DATA(pNLMsg))->ifi_index; - else if (pNLMsg->nlmsg_type == RTM_DELADDR || pNLMsg->nlmsg_type == RTM_NEWADDR) -- result |= 1 << ((struct ifaddrmsg*) NLMSG_DATA(pNLMsg))->ifa_index; -+ result |= 1; -+ // << ((struct ifaddrmsg*) NLMSG_DATA(pNLMsg))->ifa_index; - - // Advance pNLMsg to the next message in the buffer - if ((pNLMsg->nlmsg_flags & NLM_F_MULTI) != 0 && pNLMsg->nlmsg_type != NLMSG_DONE) -@@ -1299,8 +1360,12 @@ mDNSexport mStatus mDNSPlatformInit(mDNS *const m) - if (err == mStatus_NoError) err = SetupSocket(&sa, zeroIPPort, 0, &m->p->unicastSocket6); - #endif - -+ // In Linux case, we can't set up sockets with different owner - -+ // it blows up SO_REUSEPORT. So we do this step bit later. -+#ifndef __linux__ - // Tell mDNS core about the network interfaces on this machine. - if (err == mStatus_NoError) err = SetupInterfaceList(m); -+#endif /* !__linux__ */ - - // Tell mDNS core about DNS Servers - mDNS_Lock(m); -diff --git a/mDNSPosix/mDNSUNP.c b/mDNSPosix/mDNSUNP.c -index b392fc7..f551ad5 100755 ---- a/mDNSPosix/mDNSUNP.c -+++ b/mDNSPosix/mDNSUNP.c -@@ -63,6 +63,7 @@ - #if defined(AF_INET6) && HAVE_IPV6 && HAVE_LINUX - #include - #include -+#include - - /* Converts a prefix length to IPv6 network mask */ - void plen_to_mask(int plen, char *addr) { -@@ -127,6 +128,8 @@ - nitems = fscanf(fp, ifnameFmt, ifname); - if (nitems != 1) break; - -+ if (flags & IFA_F_DEPRECATED) continue; -+ - if (strcmp(lastname, ifname) == 0) { - if (doaliases == 0) - continue; /* already processed this interface */ -diff --git a/mDNSShared/dnsextd_parser.y b/mDNSShared/dnsextd_parser.y -index 18c5990..d4b63ce 100644 ---- a/mDNSShared/dnsextd_parser.y -+++ b/mDNSShared/dnsextd_parser.y -@@ -15,6 +15,8 @@ - * limitations under the License. - */ - -+%parse-param { void *context } -+ - %{ - #include - #include -@@ -23,7 +25,7 @@ - #include "DebugServices.h" - #include "dnsextd.h" - --void yyerror( const char* error ); -+void yyerror( void *context, const char* error ); - int yylex(void); - - -@@ -409,7 +419,7 @@ int yywrap(void); - - extern int yylineno; - --void yyerror( const char *str ) -+void yyerror( void *context, const char *str ) - { - fprintf( stderr,"%s:%d: error: %s\n", g_filename, yylineno, str ); - } diff --git a/net/mdnsresponder/patches/120-reproducible-builds.patch b/net/mdnsresponder/patches/120-reproducible-builds.patch deleted file mode 100644 index 16b2cc99a..000000000 --- a/net/mdnsresponder/patches/120-reproducible-builds.patch +++ /dev/null @@ -1,52 +0,0 @@ ---- a/Clients/dns-sd.c -+++ b/Clients/dns-sd.c -@@ -2281,7 +2281,7 @@ Fail: - - // NOT static -- otherwise the compiler may optimize it out - // The "@(#) " pattern is a special prefix the "what" command looks for --const char VersionString_SCCS[] = "@(#) dns-sd " STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")"; -+const char VersionString_SCCS[] = "@(#) dns-sd " STRINGIFY(mDNSResponderVersion); - - #if _BUILDING_XCODE_PROJECT_ - // If the process crashes, then this string will be magically included in the automatically-generated crash log ---- a/mDNSPosix/PosixDaemon.c -+++ b/mDNSPosix/PosixDaemon.c -@@ -290,9 +290,9 @@ asm (".desc ___crashreporter_info__, 0x1 - - // For convenience when using the "strings" command, this is the last thing in the file - #if mDNSResponderVersion > 1 --mDNSexport const char mDNSResponderVersionString_SCCS[] = "@(#) mDNSResponder-" STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")"; -+mDNSexport const char mDNSResponderVersionString_SCCS[] = "@(#) mDNSResponder-" STRINGIFY(mDNSResponderVersion); - #elif MDNS_VERSIONSTR_NODTS - mDNSexport const char mDNSResponderVersionString_SCCS[] = "@(#) mDNSResponder (Engineering Build)"; - #else --mDNSexport const char mDNSResponderVersionString_SCCS[] = "@(#) mDNSResponder (Engineering Build) (" __DATE__ " " __TIME__ ")"; -+mDNSexport const char mDNSResponderVersionString_SCCS[] = "@(#) mDNSResponder (Engineering Build)"; - #endif ---- a/mDNSShared/Java/JNISupport.c -+++ b/mDNSShared/Java/JNISupport.c -@@ -1069,4 +1069,4 @@ exit: - - // NOT static -- otherwise the compiler may optimize it out - // The "@(#) " pattern is a special prefix the "what" command looks for --const char VersionString_SCCS[] = "@(#) libjdns_sd " STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")"; -+const char VersionString_SCCS[] = "@(#) libjdns_sd " STRINGIFY(mDNSResponderVersion); ---- a/mDNSShared/dnsextd.c -+++ b/mDNSShared/dnsextd.c -@@ -3136,7 +3136,7 @@ mDNS mDNSStorage; - - // For convenience when using the "strings" command, this is the last thing in the file - // The "@(#) " pattern is a special prefix the "what" command looks for --const char mDNSResponderVersionString_SCCS[] = "@(#) dnsextd " STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")"; -+const char mDNSResponderVersionString_SCCS[] = "@(#) dnsextd " STRINGIFY(mDNSResponderVersion); - - #if _BUILDING_XCODE_PROJECT_ - // If the process crashes, then this string will be magically included in the automatically-generated crash log ---- a/mDNSShared/dnssd_clientlib.c -+++ b/mDNSShared/dnssd_clientlib.c -@@ -363,4 +363,4 @@ DNSServiceErrorType DNSSD_API TXTRecordG - - // NOT static -- otherwise the compiler may optimize it out - // The "@(#) " pattern is a special prefix the "what" command looks for --const char VersionString_SCCS_libdnssd[] DNSSD_USED = "@(#) libdns_sd " STRINGIFY(mDNSResponderVersion) " (" __DATE__ " " __TIME__ ")"; -+const char VersionString_SCCS_libdnssd[] DNSSD_USED = "@(#) libdns_sd " STRINGIFY(mDNSResponderVersion);