diff --git a/dns/dnsmasq/Makefile b/dns/dnsmasq/Makefile index 96ca52b022e8..027ec8c2b4a2 100644 --- a/dns/dnsmasq/Makefile +++ b/dns/dnsmasq/Makefile @@ -1,142 +1,142 @@ PORTNAME= dnsmasq DISTVERSION= 2.91 # Leave the PORTREVISION in even if 0 to avoid accidental PORTEPOCH bumps: -PORTREVISION= 0 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= dns MASTER_SITES= https://www.thekelleys.org.uk/dnsmasq/ \ LOCAL/mandree/ MAINTAINER= mandree@FreeBSD.org COMMENT= Lightweight DNS forwarder, DHCP, and TFTP server WWW= https://www.thekelleys.org.uk/dnsmasq/doc.html LICENSE= GPLv2 USES= cpe shebangfix tar:xz CPE_VENDOR= thekelleys SHEBANG_FILES= contrib/dnslist/dnslist.pl \ contrib/dynamic-dnsmasq/dynamic-dnsmasq.pl MAKE_ARGS= CC="${CC}" \ CFLAGS="${CFLAGS}" \ COPTS="${CFLAGS}" \ LIBS="${LDFLAGS}" \ PREFIX="${PREFIX}" \ RPM_OPT_FLAGS="${CPPFLAGS}" CFLAGS+= -Wall -Wno-unused-function -Wno-unused-parameter \ -Wno-unused-value -Wno-unused-variable CPPFLAGS+= -I${LOCALBASE}/include CONFLICTS_INSTALL= dnsmasq-devel SUB_FILES= pkg-message PORTDOCS= CHANGELOG CHANGELOG.archive FAQ doc.html setup.html OPTIONS_DEFINE= DBUS DNSSEC DOCS IPSET IPV6 LUA OPTIONS_DEFAULT= DNSSEC IPSET OPTIONS_RADIO= INTL OPTIONS_RADIO_INTL= IDN NLS OPTIONS_EXCLUDE+= EXAMPLES DNSSEC_DESC= Enable DNSSEC caching and validation (needs nettle) IDN_DESC= IDN: Int'l Domain Names WITHOUT full NLS INTL_DESC= Internationalization Support Level IPSET_DESC= Dynamic firewall management of resolved names (needs PF) LUA_DESC= Support lease-change scripts written in Lua NLS_DESC= IDN+NLS: Int'l Domain Names & National Language support IPSET_CFLAGS_OFF= -DNO_IPSET IPV6_CFLAGS_OFF= -DNO_IPV6 .include .if ${PORT_OPTIONS:MNLS} USES+= gettext gmake iconv pkgconfig CFLAGS+= -DHAVE_LIBIDN2 LIB_DEPENDS+= libidn2.so:dns/libidn2 PLIST_SUB+= NLS="" ALL_TARGET= all-i18n _intllibs= -lidn2 -lintl .else _intllibs= PLIST_SUB+= NLS="@comment " .if ${PORT_OPTIONS:MIDN} USES+= iconv CFLAGS+= -DHAVE_LIBIDN2 LIB_DEPENDS+= libidn2.so:dns/libidn2 _intllibs+= -lidn2 .endif .endif .if ${PORT_OPTIONS:MDBUS} LIB_DEPENDS+= libdbus-1.so:devel/dbus USES+= pkgconfig CPPFLAGS+= `pkg-config --cflags dbus-1` CFLAGS+= -DHAVE_DBUS LDFLAGS+= `pkg-config --libs dbus-1` .endif .if ${PORT_OPTIONS:MLUA} CPPFLAGS+= -I${LUA_INCDIR} CFLAGS+= -DHAVE_LUASCRIPT LDFLAGS+= -L${LUA_LIBDIR} -llua-${LUA_VER} USES+= lua pkgconfig .endif .if ${PORT_OPTIONS:MDNSSEC} CFLAGS+= -DHAVE_DNSSEC -I${LOCALBASE}/include USES+= pkgconfig LIB_DEPENDS+= libgmp.so:math/gmp \ libnettle.so:security/nettle .endif USE_RC_SUBR= dnsmasq .include LDFLAGS+= -L${LOCALBASE}/lib ${_intllibs} ${ICONV_LIB} post-patch: ${REINPLACE_CMD} -e '/^LUA /s/lua/lua-${LUA_VER}/' ${WRKSRC}/Makefile pre-configure: pretty-print-config .if ${PORT_OPTIONS:MIDN} .if empty(PORT_OPTIONS:MNLS) @if ${READELF} -d ${LOCALBASE}/lib/libidn2.so \ | ${EGREP} -q '\.*\[libintl\.so' ; \ then ${ECHO} ; ${ECHO} 'WARNING: dns/libidn2 was compiled with NLS support!' ; \ ${ECHO} 'Recompile libidn2 WITHOUT_NLS to get rid of NLS dependencies.' ; ${ECHO} ; \ fi .else @${ECHO} 'WARNING: IDN and NLS enabled, building IDN WITH NLS.' .endif .endif do-install: ${INSTALL_PROGRAM} ${WRKSRC}/src/dnsmasq ${STAGEDIR}${PREFIX}/sbin ${INSTALL_DATA} ${WRKSRC}/dnsmasq.conf.example ${STAGEDIR}${PREFIX}/etc/dnsmasq.conf.sample ${REINPLACE_CMD} -i '' 's}%%PREFIX%%}${PREFIX}}' ${STAGEDIR}${PREFIX}/etc/dnsmasq.conf.sample ${INSTALL_MAN} ${WRKSRC}/man/${PORTNAME}.8 ${STAGEDIR}${PREFIX}/share/man/man8 ${MKDIR} ${STAGEDIR}${DATADIR} ${INSTALL_DATA} ${WRKSRC}/trust-anchors.conf ${STAGEDIR}${DATADIR}/ .if ${PORT_OPTIONS:MDOCS} @${MKDIR} ${STAGEDIR}${DOCSDIR} cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR} .endif .if ${PORT_OPTIONS:MNLS} .for i in de es fi fr id it no pl pt_BR ro ${MKDIR} ${STAGEDIR}${PREFIX}/share/locale/${i}/LC_MESSAGES ${INSTALL_DATA} ${WRKSRC}/src/${i}.mo \ ${STAGEDIR}${PREFIX}/share/locale/${i}/LC_MESSAGES/${PORTNAME}.mo .endfor .endif ${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/dynamic-dnsmasq ${STAGEDIR}${EXAMPLESDIR}/dnslist ${INSTALL_SCRIPT} ${WRKSRC}/contrib/dynamic-dnsmasq/dynamic-dnsmasq.pl ${STAGEDIR}${EXAMPLESDIR}/dynamic-dnsmasq/ ${INSTALL_SCRIPT} ${WRKSRC}/contrib/dnslist/dnslist.pl ${STAGEDIR}${EXAMPLESDIR}/dnslist/ ${INSTALL_DATA} ${WRKSRC}/contrib/dnslist/dhcp.css ${STAGEDIR}${EXAMPLESDIR}/dnslist/ ${INSTALL_DATA} ${WRKSRC}/contrib/dnslist/dnslist.tt2 ${STAGEDIR}${EXAMPLESDIR}/dnslist/ .include diff --git a/dns/dnsmasq/files/patch-src_util.c b/dns/dnsmasq/files/patch-src_util.c new file mode 100644 index 000000000000..a50483debfeb --- /dev/null +++ b/dns/dnsmasq/files/patch-src_util.c @@ -0,0 +1,73 @@ +commit 15841f187d2b208a6113d4e2d479d3af4275bb1c +Author: Simon Kelley +Date: Sun Jun 22 23:04:36 2025 +0100 + + Fix issue with fast file-descriptor close on *BSD. + + This fixes a problem introduced in 8a5fe8ce6bb6c2bd81f237a0f4a2583722ffbd1c + + On BSD, fdescfs is normally mounted at /dev/fd. However + if it is NOT mounted, devfs creates a directory at /dev/fd + which contains (only) the file descriptors 0,1 and 2. + + Under these conditions, opendir() will succeed, and + if we proceed we will fail to close extant + file descriptors which should be closed. + + Check that there is a filesystem mounted at /dev/fd + by checking that the device changes between /dev/fd + and /dev. If if doesn't, fall back to the dumb path. + + Thanks to Roman Bogorodskiy for spotting the problem + and helping with diagnosis. + +--- src/util.c.orig 2025-03-14 15:09:35 UTC ++++ src/util.c +@@ -34,6 +34,10 @@ + #include + #endif + ++#ifdef HAVE_BSD_NETWORK ++#include ++#endif ++ + /* SURF random number generator */ + + static u32 seed[32]; +@@ -831,9 +835,34 @@ void close_fds(long max_fd, int spare1, int spare2, in + #endif + + #ifdef FDESCFS +- DIR *d; ++ DIR *d = NULL; + +- if ((d = opendir(FDESCFS))) ++# ifdef HAVE_BSD_NETWORK ++ dev_t dirdev = 0; ++ char fdescfs[] = FDESCFS; /* string must be writable */ ++ struct stat statbuf; ++ ++ /* On BSD, fdescfs is normally mounted at /dev/fd. However ++ if it is NOT mounted, devfs creates a directory at /dev/fd ++ which contains (only) the file descriptors 0,1 and 2. ++ ++ Under these conditions, opendir() will succeed, and ++ if we proceed we will fail to close extant ++ file descriptors which should be closed. ++ ++ Check that there is a filesystem mounted at /dev/fd ++ by checking that the device changes between /dev/fd ++ and /dev. If if doesn't, fall back to the dumb path. */ ++ ++ if (stat(fdescfs, &statbuf) != -1) ++ dirdev = statbuf.st_dev; ++ ++ if (stat(dirname(fdescfs), &statbuf) != -1 && ++ dirdev != statbuf.st_dev) ++# endif ++ d = opendir(FDESCFS); ++ ++ if (d) + { + struct dirent *de; +