From 37b050fb9c0fcc126e9ea741c772ba38d136cdd6 Mon Sep 17 00:00:00 2001
From: Matthias Andree <mandree@FreeBSD.org>
Date: Fri, 12 Aug 2022 20:55:37 +0200
Subject: [PATCH] dns/dnsmasq-devel: update to 2.87test9

CHANGELOG difference in Git between test8 and test9

* Enhance --domain to accept, for instance,
  --domain=net2.thekelleys.org.uk,eth2 so that hosts get a domain
  which relects the interface they are attached to in a way which
  doesn't require hard-coding addresses. Thanks to Sten Spans for
  the idea.

* Fix write-after-free error in DHCPv6 server code.
  CVE-2022-0934 refers.

* Add the ability to specify destination port in
  DHCP-relay mode. This change also removes a previous bug
  where --dhcp-alternate-port would affect the port used
  to relay _to_ as well as the port being listened on.
  The new feature allows configuration to provide bug-for-bug
  compatibility, if required. Thanks to Damian Kaczkowski
  for the feature suggestion.

* Bound the value of UDP packet size in the EDNS0 header of
  forwarded queries to the configured or default value of
  edns-packet-max. There's no point letting a client set a larger
  value if we're unable to return the answer. Thanks to Bertie
  Taylor for pointing out the problem and supplying the patch.

* Fix problem with the configuration

      --server=/some.domain/# --address=/#/<ip> --server=<server_ip>

  This would return <ip> for queries in some.domain, rather than
  forwarding the query via the default server.
---
 dns/dnsmasq-devel/Makefile                  |   4 +-
 dns/dnsmasq-devel/distinfo                  |   6 +-
 dns/dnsmasq-devel/files/patch-CVE-2022-0934 | 175 --------------------
 3 files changed, 5 insertions(+), 180 deletions(-)
 delete mode 100644 dns/dnsmasq-devel/files/patch-CVE-2022-0934

diff --git a/dns/dnsmasq-devel/Makefile b/dns/dnsmasq-devel/Makefile
index b2f80e76ed392..fb272a07027e5 100644
--- a/dns/dnsmasq-devel/Makefile
+++ b/dns/dnsmasq-devel/Makefile
@@ -1,7 +1,7 @@
 PORTNAME=	dnsmasq
-DISTVERSION=	2.87test8
+DISTVERSION=	2.87test9
 # Leave the PORTREVISION in even if 0 to avoid accidental PORTEPOCH bumps:
-PORTREVISION=	1
+PORTREVISION=	0
 PORTEPOCH=	4 # attn - different between -devel and dnsmasq ports!
 CATEGORIES=	dns
 #MASTER_SITES=	https://www.thekelleys.org.uk/dnsmasq/release-candidates/ \
diff --git a/dns/dnsmasq-devel/distinfo b/dns/dnsmasq-devel/distinfo
index f2db25c3ecba6..5b531933cfc66 100644
--- a/dns/dnsmasq-devel/distinfo
+++ b/dns/dnsmasq-devel/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1644432655
-SHA256 (dnsmasq-2.87test8.tar.xz) = cb7245f4726d5692dd27d8c5f8ece8b88c9995fc0d649fd76d2870f80b852369
-SIZE (dnsmasq-2.87test8.tar.xz) = 558724
+TIMESTAMP = 1660330300
+SHA256 (dnsmasq-2.87test9.tar.xz) = 325d2b953e06273cd7e0ed921b464203a4a26fae7a1afedd9b26528d25951fdf
+SIZE (dnsmasq-2.87test9.tar.xz) = 560708
diff --git a/dns/dnsmasq-devel/files/patch-CVE-2022-0934 b/dns/dnsmasq-devel/files/patch-CVE-2022-0934
deleted file mode 100644
index c063e15b2e348..0000000000000
--- a/dns/dnsmasq-devel/files/patch-CVE-2022-0934
+++ /dev/null
@@ -1,175 +0,0 @@
-From dcc62a514092c8afeab4e502db9e65f03c2e1d47 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
-Date: Tue, 22 Feb 2022 00:45:01 +0100
-Subject: [PATCH] Change message type by dedicated function
-
-Long-term pointer to beginning of message does not work well. I case
-outpacket is reallocated in any new_opt6() section, original outmsgtypep
-pointer becomes invalid. Instead of using that pointer use dedicated
-function, which will change just the first byte of the message.
-
-This makes sure correct beginning of packet is always used.
----
- src/dnsmasq.h   |  1 +
- src/outpacket.c | 11 +++++++++++
- src/rfc3315.c   | 29 ++++++++++++++---------------
- 3 files changed, 26 insertions(+), 15 deletions(-)
-
-diff --git a/src/dnsmasq.h b/src/dnsmasq.h
-index 51a1aa6..c1c75c1 100644
---- a/src/dnsmasq.h
-+++ b/src/dnsmasq.h
-@@ -1736,6 +1736,7 @@ void put_opt6_long(unsigned int val);
- void put_opt6_short(unsigned int val);
- void put_opt6_char(unsigned int val);
- void put_opt6_string(char *s);
-+void put_msgtype6(unsigned int val);
- #endif
- 
- /* radv.c */
-diff --git a/src/outpacket.c b/src/outpacket.c
-index abb3a3a..f322811 100644
---- a/src/outpacket.c
-+++ b/src/outpacket.c
-@@ -115,4 +115,15 @@ void put_opt6_string(char *s)
-   put_opt6(s, strlen(s));
- }
- 
-+void put_msgtype6(unsigned int val)
-+{
-+  if (outpacket_counter == 0)
-+    put_opt6_char(val);
-+  else
-+    {
-+      unsigned char *p = daemon->outpacket.iov_base;
-+      *p = val;
-+    }
-+}
-+
- #endif
-diff --git a/src/rfc3315.c b/src/rfc3315.c
-index cee8382..baeb51e 100644
---- a/src/rfc3315.c
-+++ b/src/rfc3315.c
-@@ -110,7 +110,6 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz,
-   void *end = inbuff + sz;
-   void *opts = inbuff + 34;
-   int msg_type = *((unsigned char *)inbuff);
--  unsigned char *outmsgtypep;
-   void *opt;
-   struct dhcp_vendor *vendor;
- 
-@@ -192,9 +191,9 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz,
-     return 0;
-   
-   /* copy header stuff into reply message and set type to reply */
--  if (!(outmsgtypep = put_opt6(inbuff, 34)))
-+  if (!put_opt6(inbuff, 34))
-     return 0;
--  *outmsgtypep = DHCP6RELAYREPL;
-+  put_msgtype6(DHCP6RELAYREPL);
- 
-   /* look for relay options and set tags if found. */
-   for (vendor = daemon->dhcp_vendors; vendor; vendor = vendor->next)
-@@ -267,7 +266,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-   struct dhcp_netid *tagif;
-   struct dhcp_config *config = NULL;
-   struct dhcp_netid known_id, iface_id, v6_id;
--  unsigned char *outmsgtypep;
-+  unsigned char *xid;
-   struct dhcp_vendor *vendor;
-   struct dhcp_context *context_tmp;
-   struct dhcp_mac *mac_opt;
-@@ -297,10 +296,10 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-   state->tags = &v6_id;
- 
-   /* copy over transaction-id, and save pointer to message type */
--  if (!(outmsgtypep = put_opt6(inbuff, 4)))
-+  if (!(xid = put_opt6(inbuff, 4)))
-     return 0;
-   start_opts = save_counter(-1);
--  state->xid = outmsgtypep[3] | outmsgtypep[2] << 8 | outmsgtypep[1] << 16;
-+  state->xid = xid[3] | xid[2] << 8 | xid[1] << 16;
-    
-   /* We're going to be linking tags from all context we use. 
-      mark them as unused so we don't link one twice and break the list */
-@@ -347,7 +346,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-       (msg_type == DHCP6REQUEST || msg_type == DHCP6RENEW || msg_type == DHCP6RELEASE || msg_type == DHCP6DECLINE))
-     
-     {  
--      *outmsgtypep = DHCP6REPLY;
-+      put_msgtype6(DHCP6REPLY);
-       o1 = new_opt6(OPTION6_STATUS_CODE);
-       put_opt6_short(DHCP6USEMULTI);
-       put_opt6_string("Use multicast");
-@@ -619,11 +618,11 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
- 	struct dhcp_netid *solicit_tags;
- 	struct dhcp_context *c;
- 	
--	*outmsgtypep = DHCP6ADVERTISE;
-+	put_msgtype6(DHCP6ADVERTISE);
- 	
- 	if (opt6_find(state->packet_options, state->end, OPTION6_RAPID_COMMIT, 0))
- 	  {
--	    *outmsgtypep = DHCP6REPLY;
-+	    put_msgtype6(DHCP6REPLY);
- 	    state->lease_allocate = 1;
- 	    o = new_opt6(OPTION6_RAPID_COMMIT);
- 	    end_opt6(o);
-@@ -809,7 +808,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
- 	int start = save_counter(-1);
- 
- 	/* set reply message type */
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 	state->lease_allocate = 1;
- 
- 	log6_quiet(state, "DHCPREQUEST", NULL, ignore ? _("ignored") : NULL);
-@@ -924,7 +923,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
- 	int address_assigned = 0;
- 
- 	/* set reply message type */
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 	
- 	log6_quiet(state, msg_type == DHCP6RENEW ? "DHCPRENEW" : "DHCPREBIND", NULL, NULL);
- 
-@@ -1057,7 +1056,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
- 	int good_addr = 0;
- 
- 	/* set reply message type */
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 	
- 	log6_quiet(state, "DHCPCONFIRM", NULL, NULL);
- 	
-@@ -1121,7 +1120,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
- 	log6_quiet(state, "DHCPINFORMATION-REQUEST", NULL, ignore ? _("ignored") : state->hostname);
- 	if (ignore)
- 	  return 0;
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 	tagif = add_options(state, 1);
- 	break;
-       }
-@@ -1130,7 +1129,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-     case DHCP6RELEASE:
-       {
- 	/* set reply message type */
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 
- 	log6_quiet(state, "DHCPRELEASE", NULL, NULL);
- 
-@@ -1195,7 +1194,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
-     case DHCP6DECLINE:
-       {
- 	/* set reply message type */
--	*outmsgtypep = DHCP6REPLY;
-+	put_msgtype6(DHCP6REPLY);
- 	
- 	log6_quiet(state, "DHCPDECLINE", NULL, NULL);
- 
--- 
-2.34.1
-