import of dnsmasq-2.52.tar.gz

CHANGELOG

+version 2.52
+            Work around a Linux kernel bug which insists that the 
+	    length of the option passed to setsockopt must be at least
+            sizeof(int) bytes, even if we're calling SO_BINDTODEVICE
+            and the device name is "lo".  Note that this is fixed 
+	    in kernel 2.6.31, but the workaround is harmless and 
+	    allows earlier kernels to be used. Also fix dnsmasq 
+	    bug which reported the wrong address when this failed. 
+	    Thanks to Fedor for finding this.
+
+	    The API for IPv6 PKTINFO changed around Linux kernel
+	    2.6.14. Workaround the case where dnsmasq is compiled
+	    against newer headers, but then run on an old kernel:
+	    necessary for some *WRT distros.
+
+	    Re-read the set of network interfaces when re-loading
+	    /etc/resolv.conf if --bind-interfaces is not set. This
+	    handles the case that loopback interfaces do not exist
+	    when dnsmasq is first started.
+
+	    Tweak the PXE code to support port 4011. This should
+	    reduce broadcasts and make things more reliable when other
+	    servers are around. It also improves inter-operability
+	    with certain clients.
+
+	    Make a pxe-service configuration with no filename or boot 
+	    service type legal: this does a local boot. eg.
+	    pxe-service=x86PC, "Local boot" 
+
+	    Be more conservative in detecting "A for A"
+	    queries. Dnsmasq checks if the name in a type=A query looks
+	    like a dotted-quad IP address and answers the query itself
+	    if so, rather than forwarding it. Previously dnsmasq
+	    relied in the library function inet_addr() to convert
+	    addresses, and that will accept some things which are
+	    confusing in this context, like 1.2.3 or even just
+	    1234. Now we only do A for A processing for four decimal
+	    numbers delimited by dots.
+
+	    A couple of tweaks to fix compilation on Solaris. Thanks
+	    to Joel Macklow for help with this.
+
+	    Another Solaris compilation tweak, needed for Solaris
+	    2009.06. Thanks to Lee Essen for that.
+
+	    Added extract packaging stuff from Lee Essen to 
+	    contrib/Solaris10.
+          
+            Increased the default limit on number of leases to 1000
+            (from 150). This is mainly a defence against DoS attacks,
+            and for the average "one for two class C networks"
+            installation, IP address exhaustion does that just as
+            well. Making the limit greater than the number of IP
+            addresses available in such an installation removes a
+            surprise which otherwise can catch people out.
+
+	    Removed extraneous trailing space in the value of the
+	    DNSMASQ_TIME_REMAINING DNSMASQ_LEASE_LENGTH and
+	    DNSMASQ_LEASE_EXPIRES environment variables. Thanks to
+	    Gildas Le Nadan for spotting this.
+
+	    Provide the network-id tags for a DHCP transaction to 
+	    the lease-change script in the environment variable
+	    DNSMASQ_TAGS. A good suggestion from Gildas Le Nadan.  
+
+	    Add support for RFC3925 "Vendor-Identifying Vendor
+	    Options". The syntax looks like this:  
+	    --dhcp-option=vi-encap:<enterprise number>, .........
+
+	    Add support to --dhcp-match to allow matching against
+	    RFC3925 "Vendor-Identifying Vendor Classes". The syntax
+	    looks like this:
+	    --dhcp-match=tag,vi-encap<enterprise number>, <value>
+	    
+	    Add some application specific code to assist in
+	    implementing the Broadband forum TR069 CPE-WAN
+	    specification. The details are in contrib/CPE-WAN/README
+
+	    Increase the default DNS packet size limit to 4096, as
+	    recommended by RFC5625 section 4.4.3. This can be
+	    reconfigured using --edns-packet-max if needed. Thanks to
+	    Francis Dupont for pointing this out.
+
+	    Rewrite query-ids even for DNSSEC signed packets, since
+	    this is allowed by RFC5625 section 4.5.
+	    
+	    Use getopt_long by default on OS X. It has been supported
+	    since version 10.3.0. Thanks to Arek Dreyer for spotting
+	    this.
+
+	    Added up-to-date startup configuration for MacOSX/launchd
+	    in contrib/MacOSX-launchd. Thanks to Arek Dreyer for
+	    providing this.
+
+	    Fix link error when including Dbus but excluding DHCP. 
+	    Thanks to Oschtan for the bug report.
+
+            Updated French translation. Thanks to Gildas Le Nadan.
+ 
+            Updated Polish translation. Thanks to Jan Psota.
+
+	    Updated Spanish translation. Thanks to Chris Chatham.
+
+
 version 2.51
             Add support for internationalised DNS. Non-ASCII characters
             in domain names found in /etc/hosts, /etc/ethers and 

Makefile

-# dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+# dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 #
 #  This program is free software; you can redistribute it and/or modify
 #  it under the terms of the GNU General Public License as published by
@@ -18,29 +18,33 @@ BINDIR = ${PREFIX}/sbin
 MANDIR = ${PREFIX}/share/man
 LOCALEDIR = ${PREFIX}/share/locale
 
-SRC = src
-PO = po
-MAN = man
-
 PKG_CONFIG = pkg-config
 INSTALL = install
 MSGMERGE = msgmerge
 MSGFMT = msgfmt
 XGETTEXT = xgettext
 
+CFLAGS = -Wall -W -O2
+
 #################################################################
 
+SRC = src
+PO = po
+MAN = man
+
 DNSMASQ_CFLAGS=`echo $(COPTS) | ../bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --cflags dbus-1` 
 DNSMASQ_LIBS=  `echo $(COPTS) | ../bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --libs dbus-1` 
 SUNOS_LIBS= `if uname | grep SunOS 2>&1 >/dev/null; then echo -lsocket -lnsl -lposix4; fi`
 
-all :   dnsmasq
+OBJS = cache.o rfc1035.o util.o option.o forward.o network.o \
+       dnsmasq.o dhcp.o lease.o rfc2131.o netlink.o dbus.o bpf.o \
+       helper.o tftp.o log.o
 
-dnsmasq :
+all :
 	@cd $(SRC) && $(MAKE) \
- DNSMASQ_CFLAGS="$(DNSMASQ_CFLAGS)" \
- DNSMASQ_LIBS="$(DNSMASQ_LIBS) $(SUNOS_LIBS)" \
- -f ../bld/Makefile dnsmasq 
+ BUILD_CFLAGS="$(DNSMASQ_CFLAGS)" \
+ BUILD_LIBS="$(DNSMASQ_LIBS) $(SUNOS_LIBS)" \
+ -f ../Makefile dnsmasq 
 
 clean :
 	rm -f *~ $(SRC)/*.mo contrib/*/*~ */*~ $(SRC)/*.pot 
@@ -56,13 +60,12 @@ install-common :
 all-i18n :
 	@cd $(SRC) && $(MAKE) \
  I18N=-DLOCALEDIR='\"$(LOCALEDIR)\"' \
- DNSMASQ_CFLAGS="$(DNSMASQ_CFLAGS) `$(PKG_CONFIG) --cflags libidn`" \
- DNSMASQ_LIBS="$(DNSMASQ_LIBS) $(SUNOS_LIBS) `$(PKG_CONFIG) --libs libidn`"  \
- -f ../bld/Makefile dnsmasq 
+ BUILD_CFLAGS="$(DNSMASQ_CFLAGS) `$(PKG_CONFIG) --cflags libidn`" \
+ BUILD_LIBS="$(DNSMASQ_LIBS) $(SUNOS_LIBS) `$(PKG_CONFIG) --libs libidn`"  \
+ -f ../Makefile dnsmasq
 	@cd $(PO); for f in *.po; do \
 		cd ../$(SRC) && $(MAKE) \
- MSGMERGE=$(MSGMERGE) MSGFMT=$(MSGFMT) XGETTEXT=$(XGETTEXT) \
- -f ../bld/Makefile $${f%.po}.mo; \
+ -f ../Makefile $${f%.po}.mo; \
 	done
 
 install-i18n : all-i18n install-common
@@ -70,9 +73,25 @@ install-i18n : all-i18n install-common
 	cd $(MAN); ../bld/install-man $(DESTDIR)$(MANDIR) $(INSTALL)
 
 merge :
-	@cd $(SRC) && $(MAKE) XGETTEXT=$(XGETTEXT) -f ../bld/Makefile dnsmasq.pot
+	@cd $(SRC) && $(MAKE) -f ../Makefile dnsmasq.pot
 	@cd $(PO); for f in *.po; do \
 		echo -n msgmerge $$f && $(MSGMERGE) --no-wrap -U $$f ../$(SRC)/dnsmasq.pot; \
 	done
 
 
+# rules below are targets in recusive makes with cwd=$(SRC)
+
+.c.o:
+	$(CC) $(CFLAGS) $(COPTS) $(I18N) $(BUILD_CFLAGS) $(RPM_OPT_FLAGS) -c $<
+
+dnsmasq : $(OBJS)
+	$(CC) $(LDFLAGS) -o $@ $(OBJS) $(BUILD_LIBS) $(LIBS) 
+
+dnsmasq.pot : $(OBJS:.o=.c) dnsmasq.h config.h
+	$(XGETTEXT) -d dnsmasq --foreign-user --omit-header --keyword=_ -o $@ -i $(OBJS:.o=.c)
+
+%.mo : ../po/%.po dnsmasq.pot
+	$(MSGMERGE) -o - ../po/$*.po dnsmasq.pot | $(MSGFMT) -o $*.mo -
+
+
+.PHONY : all clean install install-common all-i18n install-i18n merge 

bld/Makefile

-CFLAGS = -Wall -W -O2
-
-OBJS = cache.o rfc1035.o util.o option.o forward.o network.o \
-       dnsmasq.o dhcp.o lease.o rfc2131.o netlink.o dbus.o bpf.o \
-       helper.o tftp.o log.o
-
-.c.o:
-	$(CC) $(CFLAGS) $(COPTS) $(I18N) $(DNSMASQ_CFLAGS) $(RPM_OPT_FLAGS) -c $<
-
-dnsmasq : $(OBJS)
-	$(CC) $(LDFLAGS) -o $@  $(OBJS) $(DNSMASQ_LIBS) $(LIBS) 
- 
-dnsmasq.pot : $(OBJS:.o=.c) dnsmasq.h config.h
-	$(XGETTEXT) -d dnsmasq --foreign-user --omit-header --keyword=_ -o $@ -i $(OBJS:.o=.c)
-
-%.mo : ../po/%.po dnsmasq.pot
-	$(MSGMERGE) -o - ../po/$*.po dnsmasq.pot | $(MSGFMT) -o $*.mo -

contrib/CPE-WAN/README

+Dnsmasq from version 2.52 has a couple of rather application-specific
+features designed to allow for implementation of the DHCP part of CPE
+WAN management protocol.
+
+http://www.broadband-forum.org/technical/download/TR-069_Amendment-2.pdf
+http://en.wikipedia.org/wiki/TR-069
+
+The relevant sections are F.2.1 "Gateway Requirements" and F.2.5 "DHCP
+Vendor Options".
+
+First, dnsmasq checks for DHCP requests which contain an option-125
+vendor-class option which in turn holds a vendor section for IANA
+enterprise number 3561 which contains sub-options codes 1 and 2. If
+this is present  then the network-tag "cpewan-id" is set. 
+This allows dnsmasq to be configured to reply with the correct 
+GatewayManufacturerOUI, GatewaySerialNumber and GatewayProductClass like this:
+
+dhcp-option=cpewan-id,vi-encap:3561,4,"<GatewayManufacturerOUI>"
+dhcp-option=cpewan-id,vi-encap:3561,5,"<SerialNumber>"
+dhcp-option=cpewan-id,vi-encap:3561,6,"<ProductClass>"
+
+Second, the received sub-options 1, 2, and 3 are passed to the DHCP
+lease-change script as the environment variables DNSMASQ_CPEWAN_OUI,
+DNSMASQ_CPEWAN_SERIAL, and DNSMASQ_CPEWAN_CLASS respectively. This allows
+the script to be used to maintain a ManageableDevice table as
+specified in F.2.1. Note that this data is not retained in dnsmasq's
+internal DHCP lease database, so it is not available on every call to 
+the script (this is the same as some other data such as vendor and
+user classes). It will however be available for at least the "add"
+call, and should be stored then against the IP address as primary 
+key for future use.
+
+
+This feature was added to dnsmasq under sponsorship from Ericsson.
+
+

contrib/MacOSX-launchd/launchd-README.txt

+This is a launchd item for Mac OS X and Mac OS X Server.
+For more information about launchd, the
+"System wide and per-user daemon/agent manager", see the launchd
+man page, or the wikipedia page: http://en.wikipedia.org/wiki/Launchd
+
+This launchd item uses the following flags:
+--keep-in-foreground - this is crucial for use with launchd
+--log-queries - this is optional and you can remove it
+--log-facility=/var/log/dnsmasq.log - again optional instead of system.log
+
+To use this launchd item for dnsmasq:
+
+If you don't already have a folder /Library/LaunchDaemons, then create one:
+sudo mkdir /Library/LaunchDaemons
+sudo chown root:admin /Library/LaunchDaemons
+sudo chmod 775 /Library/LaunchDaemons 
+
+Copy uk.org.thekelleys.dnsmasq.plist there and then set ownership/permissions:
+sudo cp uk.org.thekelleys.dnsmasq.plist /Library/LaunchDaemons/
+sudo chown root:admin /Library/LaunchDaemons/uk.org.thekelleys.dnsmasq.plist
+sudo chmod 644 /Library/LaunchDaemons/uk.org.thekelleys.dnsmasq.plist
+
+Optionally, edit your dnsmasq configuration file to your liking.
+
+To start the launchd job, which starts dnsmaq, reboot or use the command:
+sudo launchctl load /Library/LaunchDaemons/uk.org.thekelleys.dnsmasq.plist
+
+To stop the launchd job, which stops dnsmasq, use the command:
+sudo launchctl unload /Library/LaunchDaemons/uk.org.thekelleys.dnsmasq.plist
+
+If you want to permanently stop the launchd job, so it doesn't start the job even after a reboot, use the following command:
+sudo launchctl unload -w /Library/LaunchDaemons/uk.org.thekelleys.dnsmasq.plist
+
+If you make a change to the configuration file, you should relaunch dnsmasq;
+to do this unload and then load again:
+
+sudo launchctl unload /Library/LaunchDaemons/uk.org.thekelleys.dnsmasq.plist
+sudo launchctl load /Library/LaunchDaemons/uk.org.thekelleys.dnsmasq.plist

contrib/MacOSX-launchd/uk.org.thekelleys.dnsmasq.plist

+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>Label</key>
+	<string>uk.org.thekelleys.dnsmasq</string>
+	<key>ProgramArguments</key>
+	<array>
+		<string>/usr/local/sbin/dnsmasq</string>
+		<string>--keep-in-foreground</string>
+		<string>--log-queries</string>
+		<string>--log-facility=/var/log/dnsmasq.log</string>
+	</array>
+	<key>RunAtLoad</key>
+	<true/>
+</dict>
+</plist>

contrib/Solaris10/README.create_package

+Ok, script attached ... seems to be working ok for me, 
+tried to install and remove a few times. It does the
+right thing with the smf when installing, you can then 
+simply enable the service. Upon removal it cleans up the
+files but won't clean up the services (I think until
+a reboot) ... I've only started looking at the new 
+packages stuff in the last day or two, so I could be 
+missing something, but I can't find any way to force
+ a proper cleanup.
+
+It requires that you have a writable repository setup 
+as per the docs on the opensolaris website and it will
+create a dnsmasq package (package name is a variable 
+in the script). The script takes a version number for 
+the package and assumes that it's in the contrib/Solaris10 
+directory, it then works out the base tree directory 
+from $0.
+
+i.e.  $ contrib/Solaris10/create_package 2.52-1
+or   $ cd contrib/Solaris10; ./create_package 2.52-1
+
+It's a bit more complex than it could be because I 
+prefer putting the daemon in /usr/sbin and the config 
+in /etc, so the script will actually create a new 
+version of the existing contrib dnsmasq.xml.

contrib/Solaris10/create_package

+#!/bin/sh
+
+#
+# For our package, and for the SMF script, we need to define where we
+# want things to go...
+#
+BIN_DIR="/usr/sbin"
+CONF_DIR="/etc"
+MAN_DIR="/usr/man/man8"
+
+PACKAGE_NAME="dnsmasq"
+
+#
+# Since we know we are in the contrib directory we can work out where
+# the rest of the tree is...
+#
+BASEDIR="`dirname $0`/../.."
+
+#
+# We need a version number to use for the package creation...
+#
+if [ $# != 1 ]; then
+	echo "Usage: $0 <package_version_number>" >&2
+	exit 1
+fi
+VERSION="$1"
+
+#
+# First thing we do is fix-up the smf file to use the paths we prefer...
+#
+if [ ! -f "${BASEDIR}/contrib/Solaris10/dnsmasq.xml" ]; then
+	echo "$0: unable to find contrib/Solaris10/dnsmasq.xml" >&2
+	exit 1
+fi
+
+echo "Fixing up smf file ... \c"
+cat "${BASEDIR}/contrib/Solaris10/dnsmasq.xml" | \
+	sed 	-e "s%/usr/local/etc%${CONF_DIR}%" \
+		-e "s%/usr/local/sbin%${BIN_DIR}%" \
+		-e "s%/usr/local/man%${MAN_DIR}%" > ${BASEDIR}/contrib/Solaris10/dnsmasq-pkg.xml
+echo "done."
+
+echo "Creating packaging file ... \c"
+cat <<EOF >${BASEDIR}/contrib/Solaris10/dnsmasq_package.inc
+#
+# header
+#
+set name=pkg.name		value="dnsmasq"
+set name=pkg.description	value="dnsmasq daemon - dns, dhcp, tftp etc"
+set name=pkg.detailed_url	value="http://www.thekelleys.org.uk/dnsmasq/doc.html"
+set name=info.maintainer	value="TBD (tbd@tbd.com)"
+set name=info.upstream		value="dnsmasq-discuss@lists.thekelleys.org.uk"
+set name=info.upstream_url	value="http://www.thekelleys.org.uk/dnsmasq/doc.html"
+#
+# dependencies ... none?
+#
+
+#
+# directories
+#
+dir mode=0755 owner=root group=bin path=${BIN_DIR}/
+dir mode=0755 owner=root group=sys path=${CONF_DIR}/
+dir mode=0755 owner=root group=sys path=${MAN_DIR}/
+dir mode=0755 owner=root group=sys path=/var/
+dir mode=0755 owner=root group=sys path=/var/svc
+dir mode=0755 owner=root group=sys path=/var/svc/manifest
+dir mode=0755 owner=root group=sys path=/var/svc/manifest/network
+
+#
+# files
+#
+file ${BASEDIR}/src/dnsmasq mode=0555 owner=root group=bin path=${BIN_DIR}/dnsmasq
+file ${BASEDIR}/man/dnsmasq.8 mode=0555 owner=root group=bin path=${MAN_DIR}/dnsmasq.8
+file ${BASEDIR}/dnsmasq.conf.example mode=0644 owner=root group=sys path=${CONF_DIR}/dnsmasq.conf preserve=strawberry
+file ${BASEDIR}/contrib/Solaris10/dnsmasq-pkg.xml mode=0644 owner=root group=sys path=/var/svc/manifest/network/dnsmasq.xml restart_fmri=svc:/system/manifest-import:default
+
+EOF
+echo "done."
+
+echo "Creating package..."
+eval `pkgsend open ${PACKAGE_NAME}@${VERSION}`
+pkgsend include ${BASEDIR}/contrib/Solaris10/dnsmasq_package.inc
+if [ "$?" = 0 ]; then
+	pkgsend close
+else
+	echo "Errors"
+fi

dnsmasq.conf.example

@@ -365,7 +365,7 @@
 #pxe-prompt="Press F8 for menu.", 60
 
 # Available boot services. for PXE.
-#pxe-service=x86PC, "Boot from local disk", 0
+#pxe-service=x86PC, "Boot from local disk"
 
 # Loads <tftp-root>/pxelinux.0 from dnsmasq TFTP server.
 #pxe-service=x86PC, "Install Linux", pxelinux 

man/dnsmasq.8

@@ -123,8 +123,7 @@ to zero completely disables DNS function, leaving only DHCP and/or TFTP.
 .TP
 .B \-P, --edns-packet-max=<size>
 Specify the largest EDNS.0 UDP packet which is supported by the DNS
-forwarder. Defaults to 1280, which is the RFC2671-recommended maximum
-for ethernet.
+forwarder. Defaults to 4096, which is the RFC5625-recommended size.
 .TP
 .B \-Q, --query-port=<query_port>
 Send outbound DNS queries from, and listen for their replies on, the
@@ -427,7 +426,7 @@ Set the maximum number of concurrent DNS queries. The default value is
 where this needs to be increased is when using web-server log file
 resolvers, which can generate large numbers of concurrent queries.
 .TP
-.B \-F, --dhcp-range=[[net:]network-id,]<start-addr>,<end-addr>[[,<netmask>],<broadcast>][,<lease time>]
+.B \-F, --dhcp-range=[[net:]network-id,]<start-addr>,<end-addr>[,<netmask>[,<broadcast>]][,<lease time>]
 Enable the DHCP server. Addresses will be given out from the range
 <start-addr> to <end-addr> and from statically defined addresses given
 in 
@@ -564,7 +563,7 @@ have exactly the same effect as
 options containing the same information. /etc/ethers is re-read when 
 dnsmasq receives SIGHUP.
 .TP
-.B \-O, --dhcp-option=[<network-id>,[<network-id>,]][encap:<opt>,][vendor:[<vendor-class>],][<opt>|option:<opt-name>],[<value>[,<value>]]
+.B \-O, --dhcp-option=[<network-id>,[<network-id>,]][encap:<opt>,][vi-encap:<enterprise>,][vendor:[<vendor-class>],][<opt>|option:<opt-name>],[<value>[,<value>]]
 Specify different or extra options to DHCP clients. By default,
 dnsmasq sends some standard options to DHCP clients, the netmask and
 broadcast address are set to the same as the host running dnsmasq, and
@@ -632,10 +631,16 @@ options are given which are encapsulated with the same option number
 then they will be correctly combined into one encapsulated option.
 encap: and vendor: are may not both be set in the same dhcp-option.
 
+The final variant on encapsulated options is "Vendor-Identifying
+Vendor Options" as specified by RFC3925. These are denoted like this: 
+.B --dhcp-option=vi-encap:2, 10, "text"
+The number in the vi-encap: section is the IANA enterprise number
+used to identify this option.
+
 The address 0.0.0.0 is not treated specially in
 encapsulated options.
 .TP
-.B --dhcp-option-force=[<network-id>,[<network-id>,]][encap:<opt>,][vendor:[<vendor-class>],]<opt>,[<value>[,<value>]]
+.B --dhcp-option-force=[<network-id>,[<network-id>,]][encap:<opt>,][vi-encap:<enterprise>,][vendor:[<vendor-class>],]<opt>,[<value>[,<value>]]
 This works in exactly the same way as
 .B --dhcp-option
 except that the option will always be sent, even if the client does
@@ -687,7 +692,7 @@ agent ID and one provided by a relay agent, the network-id tag is set.
 .B --dhcp-subscrid=<network-id>,<subscriber-id>
 Map from RFC3993 subscriber-id relay agent options to network-id tags.
 .TP
-.B --dhcp-match=<network-id>,<option number>|option:<option name>[,<value>]
+.B --dhcp-match=<network-id>,<option number>|option:<option name>|vi-encap:<enterprise>[,<value>]
 Without a value, set the network-id tag if the client sends a DHCP
 option of the given number or name. When a value is given, set the tag only if
 the option is sent and matches the value. The value may be of the form
@@ -703,6 +708,10 @@ must match, so
 will set the tag "efi-ia32" if the the number 6 appears in the list of
 architectures sent by the client in option 93. (See RFC 4578 for
 details.)  If the value is a string, substring matching is used.
+
+The special form with vi-encap:<enterpise number> matches against
+vendor-identifying vendor classes for the specified enterprise. Please
+see RFC 3925 for more details of the rare and interesting beasts.
 .TP
 .B \-J, --dhcp-ignore=<network-id>[,<network-id>]
 When all the given network-ids match the set of network-ids derived
@@ -736,7 +745,7 @@ If the optional network-id(s) are given,
 they must match for this configuration to be sent. Note that
 network-ids are prefixed by "net:" to distinguish them.
 .TP
-.B --pxe-service=[net:<network-id>,]<CSA>,<menu text>,<basename>|<bootservicetype>[,<server address>]
+.B --pxe-service=[net:<network-id>,]<CSA>,<menu text>[,<basename>|<bootservicetype>][,<server address>]
 Most uses of PXE boot-ROMS simply allow the PXE
 system to obtain an IP address and then download the file specified by
 .B dhcp-boot
@@ -759,8 +768,9 @@ suffix (normally ".0") is supplied by PXE, and should not be added to
 the basename. If an integer boot service type, rather than a basename
 is given, then the PXE client will search for a
 suitable boot service for that type on the network. This search may be done
-by multicast or broadcast, or direct to a server if its IP address is provided.  A boot service
-type of 0 is special, and will abort the net boot procedure and
+by broadcast, or direct to a server if its IP address is provided.  
+If no boot service type or filename is provided (or a boot service type of 0 is specified)
+then the menu entry will abort the net boot procedure and
 continue booting from local media.
 .TP
 .B --pxe-prompt=[net:<network-id>,]<prompt>[,<timeout>]
@@ -865,7 +875,9 @@ ie no name, and the former name is provided in the environment
 variable DNSMASQ_OLD_HOSTNAME. DNSMASQ_INTERFACE stores the name of
 the interface on which the request arrived; this is not set for "old"
 actions when dnsmasq restarts. DNSMASQ_RELAY_ADDRESS is set if the client
-used a DHCP relay to contact dnsmasq and the IP address of the relay is known.
+used a DHCP relay to contact dnsmasq and the IP address of the relay
+is known. DNSMASQ_TAGS contains all the network-id tags set during the
+DHCP transaction, separated by spaces.
 All file descriptors are
 closed except stdin, stdout and stderr which are open to /dev/null
 (except in debug mode).

man/fr/dnsmasq.8

@@ -140,8 +140,7 @@ que le DHCP ou le TFTP.
 .TP
 .B \-P, --edns-packet-max=<taille>
 Spécifie la taille maximum de paquet UDP EDNS.0 supporté par le relai DNS. Le
-défaut est de 1280, qui est la valeur maximale
-recommandée pour ethernet dans la RFC2671.
+défaut est de 4096, qui est la valeur recommandée dans la RFC5625.
 .TP
 .B \-Q, --query-port=<numéro de port>
 Envoie et écoute les requêtes DNS sortantes depuis le port UDP spécifié par
@@ -503,7 +502,7 @@ lorsqu'un serveur web a la résolution de nom activée pour l'enregistrement de
 son journal des requêtes, ce qui peut générer un nombre important de requêtes
 simultanées.
 .TP
-.B \-F, --dhcp-range=[[net:]identifiant de réseau,]<adresse de début>,<adresse de fin>[[,<masque de réseau>],<broadcast>][,<durée de bail>]
+.B \-F, --dhcp-range=[[net:]identifiant de réseau,]<adresse de début>,<adresse de fin>[,<masque de réseau>[,<broadcast>]][,<durée de bail>]
 Active le serveur DHCP. Les adresses seront données dans la plage comprise entre
 <adresse de début> et <adresse de fin> et à partir des adresses définies
 statiquement dans l'option
@@ -650,7 +649,7 @@ par Dnsmasq, ces lignes ont exactement le même effet que l'option
 contenant les mêmes informations. /etc/ethers est relu à la réception d'un
 signal SIGHUP par Dnsmasq.
 .TP
-.B \-O, --dhcp-option=[<identifiant_de_réseau>,[<identifiant_de_réseau>,]][encap:<option>,][vendor:[<classe_vendeur>],][<option>|option:<nom d'option>],[<valeur>[,<valeur>]]
+.B \-O, --dhcp-option=[<identifiant_de_réseau>,[<identifiant_de_réseau>,]][encap:<option>,][vi-encap:<entreprise>,][vendor:[<classe_vendeur>],][<option>|option:<nom d'option>],[<valeur>[,<valeur>]]
 Spécifie des options différentes ou supplémentaires pour des clients DHCP. Par
 défaut, Dnsmasq envoie un ensemble standard d'options aux clients DHCP : le
 masque de réseau et l'adresse de broadcast sont les mêmes que pour l'hôte
@@ -729,10 +728,17 @@ Plusieurs options encapsulées avec le même numéro d'option seront correctemen
 combinées au sein d'une seule option encapsulée. Il n'est pas possible de
 spécifier encap: et vendor: au sein d'une même option dhcp.
 
+La dernière variante pour les options encapsulées est "l'option de Vendeur
+identifiant le vendeur" ("Vendor-Identifying Vendor Options") telle que
+décrite dans le RFC3925. Celles-ci sont spécifiées comme suit :
+.B --dhcp-option=vi-encap:2, 10, "text"
+Le numéro dans la section vi-encap: est le numéro IANA de l'entreprise servant
+à identifier cette option.
+
 L'adresse 0.0.0.0 n'est pas traitée de manière particulière lorsque fournie dans
 une option encapsulée.
 .TP
-.B --dhcp-option-force=[<identifiant de réseau>,[<identifiant de réseau>,]][encap:<option>,][vendor:[<classe de vendeur>],]<option>,[<valeur>[,<valeur>]]
+.B --dhcp-option-force=[<identifiant de réseau>,[<identifiant de réseau>,]][encap:<option>,][vi-encap:<entreprise>,][vendor:[<classe de vendeur>],]<option>,[<valeur>[,<valeur>]]
 Cela fonctionne exactement de la même façon que
 .B --dhcp-option
 sauf que cette option sera toujours envoyée, même si le client ne la demande pas
@@ -794,7 +800,7 @@ relais DHCP, alors l'identifiant de réseau est positionné.
 Associe des options de relais DHCP issues de la RFC3993 à des identifiants de
 réseau.
 .TP
-.B --dhcp-match=<identifiant de réseau>,<numéro d'option>|option:<nom d'option>[,<valeur>]
+.B --dhcp-match=<identifiant de réseau>,<numéro d'option>|option:<nom d'option>|vi-encap:<entreprise>[,<valeur>]
 Si aucune valeur n'est spécifiée, associe l'identifiant de réseau si le client
 envoie une option DHCP avec le numéro ou le nom spécifié. Lorsqu'une valeur est
 fournie, positionne le label seulement dans le cas où l'option est fournie et
@@ -811,6 +817,11 @@ spécifie le label "efi-ia32" si le numéro 6 apparaît dnas la liste
 d'architectures envoyé par le client au sein de l'option 93. (se réferer
 au RFC 4578 pour plus de détails). Si la valeur est un chaine de caractères,
 celle-ci est recherchée (correspondance en temps que sous-chaîne).
+
+Pour la forme particulière vi-encap:<numéro d'entreprise>, la comparaison se
+fait avec les classes de vendeur "identifiant de vendeur" ("vendor-identifying
+vendor classes") pour l'entreprise dont le numéro est fourni en option.
+Veuillez vous réferer à la RFC 3925 pour plus de détail.
 .TP
 .B \-J, --dhcp-ignore=<identifiant de réseau>[,<identifiant de réseau>]
 Lorsque tous les identifiants de réseau fournis coïncident avec la liste
@@ -847,7 +858,7 @@ Si d'éventuels identifiants de réseau sont fournis, ils doivent coïncider ave
 ceux du client pour que cet élement de configuration lui soit envoyé. Il est à
 noter que les identifiants de réseau doivent-être préfixés par "net:".
 .TP
-.B --pxe-service=[net:<identifiant de réseau>,]<CSA>,<entrée de menu>,<nom de fichier>|<type de service de démarrage>[,<adresse de serveur>]
+.B --pxe-service=[net:<identifiant de réseau>,]<CSA>,<entrée de menu>[,<nom de fichier>|<type de service de démarrage>][,<adresse de serveur>]
 La plupart des ROMS de démarrage PXE ne permettent au système PXE que la simple
 obtention d'une adresse IP, le téléchargement du fichier spécifié dans
 .B dhcp-boot
@@ -870,10 +881,12 @@ Veuillez noter que le suffixe de "couche" (en principe ".0") est fourni par PXE
 et ne doit pas être rajouté au nom de fichier. Si une valeur numérique entière
 est fournir pour le type de démarrage, en remplacement du nom de fichier, le
 client PXE devra chercher un service de démarrage de ce type sur le réseau.
-Cette recherche peut être faite via multicast ou broadcast, ou directement
-auprès d'un serveur si son adresse IP est fournie dans l'option. Un service de
-démarrage de type 0 est spécial et provoquera une interruption du démarrage par
-le réseau ainsi que la poursuite du démarrage sur un média local.
+Cette recherche peut être faite via broadcast ou directement auprès d'un
+serveur si son adresse IP est fournie dans l'option.
+Si aucun nom de fichier n'est donné ni aucune valeur de type de service de
+démarrage n'est fournie (ou qu'une valeur de 0 est donnée pour le type de
+service), alors l'entrée de menu provoque l'interruption du démarrage par
+le réseau et la poursuite du démarrage sur un média local.
 .TP
 .B --pxe-prompt=[net:<identifiant de réseau>,]<invite>[,<délai>]
 Cette option permet d'afficher une invite à la suite du démarrage PXE. Si un
@@ -984,7 +997,9 @@ DNSMASQ_INTERFACE contient le nom de l'interface sur laquelle la requête est
 arrivée; ceci n'est pas renseigné dans le cas des actions "old" ayant lieu
 après un redémarrage de dnsmasq. La variable DNSMASQ_RELAY_ADDRESS est
 renseignée si le client a utilisé un relai DHCP pour contacter Dnsmasq, si
-l'adresse IP du relai est connue.
+l'adresse IP du relai est connue. DNSMASQ_TAGS contient tous les labels
+d'identifiants de réseau fournis pendant la transaction DHCP, séparés par des
+espaces.
 Tous les descripteurs de fichiers sont fermés, sauf stdin, stdout et stderr qui
 sont ouverts sur /dev/null (sauf en mode déverminage).
 Le script n'est pas lancé de manière concurrente : si un autre changement de
@@ -1421,6 +1436,25 @@ ou d'un fichier d'hôte additionnel. Cette liste peut-être très longue, Dnsmas
 ayant été testé avec succès avec un million de noms. Cette taille de fichier
 nécessite un processeur à 1 Ghz et environ 60 Mo de RAM.
 
+.SH INTERNATIONALISATION
+Dnsmasq peut être compilé pour supporter l'internationalisation. Pour cela,
+les cibles "all-i18n" et "install-i18n" doivent être données à make, en lieu
+et place des cibles standards "all" et "install". Lorsque compilé avec le
+support de l'internationalisation, dnsmasq supporte les noms de domaines
+internationalisés ("internationalised domain names" ou IDN), et les messages de
+traces ("logs") sont écrits dans la langue locale. Les noms de domaines dans
+/etc/hosts, /etc/ethers et /etc/dnsmasq.conf contenant des caractères
+non-ASCII seront transformés selon la représentation punycode interne
+aux DNS. Veuillez noter que dnsmasq détermine la langue pour les messages
+ainsi que le jeu de caractères susceptible d'être utilisé dans les fichiers
+de configuration à partir de la variable d'environnement LANG. Ceci devrait
+être configuré à la valeur par défaut du système par les scripts démarrant
+dnsmasq. Lorsque les fichiers de configuration sont édités, veuillez faire
+attention à le faire en utilisant la valeur de locale par défaut du système
+et non une valeur spécifique à l'utilisateur, puisque dnsmasq n'a aucun
+moyen de déterminer directement la valeur de jeu de caractère utilisé,
+et assume de ce fait qu'il s'agit de la valeur par défaut du système.
+
 .SH FICHIERS
 .IR /etc/dnsmasq.conf 
 

src/bpf.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by

src/cache.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by

src/config.h

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -14,19 +14,19 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-#define VERSION "2.51"
+#define VERSION "2.52"
 
 #define FTABSIZ 150 /* max number of outstanding requests (default) */
 #define MAX_PROCS 20 /* max no children for TCP requests */
 #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */
-#define EDNS_PKTSZ 1280 /* default max EDNS.0 UDP packet from RFC2671 */
+#define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */
 #define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */
 #define FORWARD_TEST 50 /* try all servers every 50 queries */
 #define FORWARD_TIME 10 /* or 10 seconds */
 #define RANDOM_SOCKS 64 /* max simultaneous random ports */
 #define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */
 #define CACHESIZ 150 /* default cache size */
-#define MAXLEASES 150 /* maximum number of DHCP leases */
+#define MAXLEASES 1000 /* maximum number of DHCP leases */
 #define PING_WAIT 3 /* wait for ping address-in-use test */
 #define PING_CACHE_TIME 30 /* Ping test assumed to be valid this long. */
 #define DECLINE_BACKOFF 600 /* disable DECLINEd static addresses for this long */
@@ -66,6 +66,7 @@
 #define DHCP_CLIENT_PORT 68
 #define DHCP_SERVER_ALTPORT 1067
 #define DHCP_CLIENT_ALTPORT 1068
+#define PXE_PORT 4011
 #define TFTP_PORT 69
 #define TFTP_MAX_CONNECTIONS 50 /* max simultaneous connections */
 #define LOG_MAX 5 /* log-queue length */
@@ -242,7 +243,7 @@ NOTES:
 
 #elif defined(__APPLE__)
 #define HAVE_BSD_NETWORK
-#undef HAVE_GETOPT_LONG
+#define HAVE_GETOPT_LONG
 #define HAVE_ARC4RANDOM
 #define HAVE_SOCKADDR_SA_LEN
 /* Define before sys/socket.h is included so we get socklen_t */
@@ -259,8 +260,6 @@ NOTES:
 #define HAVE_GETOPT_LONG
 #undef HAVE_ARC4RANDOM
 #undef HAVE_SOCKADDR_SA_LEN
-#define _XPG4_2
-#define __EXTENSIONS__
 #define ETHER_ADDR_LEN 6 
  
 #endif

src/dbus.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -390,6 +390,7 @@ void check_dbus_listeners(fd_set *rset, fd_set *wset, fd_set *eset)
     }
 }
 
+#ifdef HAVE_DHCP
 void emit_dbus_signal(int action, struct dhcp_lease *lease, char *hostname)
 {
   DBusConnection *connection = (DBusConnection *)daemon->dbus;
@@ -432,5 +433,6 @@ void emit_dbus_signal(int action, struct dhcp_lease *lease, char *hostname)
   
   dbus_message_unref(message);
 }
+#endif
 
 #endif

src/dhcp.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -27,7 +27,7 @@ struct iface_param {
 static int complete_context(struct in_addr local, int if_index, 
 			    struct in_addr netmask, struct in_addr broadcast, void *vparam);
 
-void dhcp_init(void)
+static int make_fd(int port)
 {
   int fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
   struct sockaddr_in saddr;
@@ -67,7 +67,7 @@ void dhcp_init(void)
   
   memset(&saddr, 0, sizeof(saddr));
   saddr.sin_family = AF_INET;
-  saddr.sin_port = htons(daemon->dhcp_server_port);
+  saddr.sin_port = htons(port);
   saddr.sin_addr.s_addr = INADDR_ANY;
 #ifdef HAVE_SOCKADDR_SA_LEN
   saddr.sin_len = sizeof(struct sockaddr_in);
@@ -76,7 +76,20 @@ void dhcp_init(void)
   if (bind(fd, (struct sockaddr *)&saddr, sizeof(struct sockaddr_in)))
     die(_("failed to bind DHCP server socket: %s"), NULL, EC_BADNET);
 
-  daemon->dhcpfd = fd;
+  return fd;
+}
+
+void dhcp_init(void)
+{
+#if defined(HAVE_BSD_NETWORK)
+  int oneopt = 1;
+#endif
+
+  daemon->dhcpfd = make_fd(daemon->dhcp_server_port);
+  if (daemon->enable_pxe)
+    daemon->pxefd = make_fd(PXE_PORT);
+  else
+    daemon->pxefd = -1;
 
 #if defined(HAVE_BSD_NETWORK)
   /* When we're not using capabilities, we need to do this here before
@@ -99,8 +112,9 @@ void dhcp_init(void)
   daemon->dhcp_packet.iov_base = safe_malloc(daemon->dhcp_packet.iov_len);
 }
   
-void dhcp_packet(time_t now)
+void dhcp_packet(time_t now, int pxe_fd)
 {
+  int fd = pxe_fd ? daemon->pxefd : daemon->dhcpfd;
   struct dhcp_packet *mess;
   struct dhcp_context *context;
   struct iname *tmp;
@@ -135,7 +149,7 @@ void dhcp_packet(time_t now)
   while (1)
     {
       msg.msg_flags = 0;
-      while ((sz = recvmsg(daemon->dhcpfd, &msg, MSG_PEEK | MSG_TRUNC)) == -1 && errno == EINTR);
+      while ((sz = recvmsg(fd, &msg, MSG_PEEK | MSG_TRUNC)) == -1 && errno == EINTR);
       
       if (sz == -1)
 	return;
@@ -165,7 +179,7 @@ void dhcp_packet(time_t now)
   msg.msg_name = &dest;
   msg.msg_namelen = sizeof(dest);
 
-  while ((sz = recvmsg(daemon->dhcpfd, &msg, 0)) == -1 && errno == EINTR);
+  while ((sz = recvmsg(fd, &msg, 0)) == -1 && errno == EINTR);
  
   if ((msg.msg_flags & MSG_TRUNC) || sz < (ssize_t)(sizeof(*mess) - sizeof(mess->options)))
     return;
@@ -243,7 +257,7 @@ void dhcp_packet(time_t now)
     return;
   lease_prune(NULL, now); /* lose any expired leases */
   iov.iov_len = dhcp_reply(parm.current, ifr.ifr_name, iface_index, (size_t)sz, 
-			   now, unicast_dest, &is_inform);
+			   now, unicast_dest, &is_inform, pxe_fd);
   lease_update_file(now);
   lease_update_dns();
     
@@ -264,7 +278,12 @@ void dhcp_packet(time_t now)
   dest.sin_len = sizeof(struct sockaddr_in);
 #endif
      
-  if (mess->giaddr.s_addr)
+  if (pxe_fd)
+    { 
+      if (mess->ciaddr.s_addr != 0)
+	dest.sin_addr = mess->ciaddr;
+    }
+  else if (mess->giaddr.s_addr)
     {
       /* Send to BOOTP relay  */
       dest.sin_port = htons(daemon->dhcp_server_port);
@@ -348,10 +367,10 @@ void dhcp_packet(time_t now)
 #endif
    
 #ifdef HAVE_SOLARIS_NETWORK
-  setsockopt(daemon->dhcpfd, IPPROTO_IP, IP_BOUND_IF, &iface_index, sizeof(iface_index));
+  setsockopt(fd, IPPROTO_IP, IP_BOUND_IF, &iface_index, sizeof(iface_index));
 #endif
   
-  while(sendmsg(daemon->dhcpfd, &msg, 0) == -1 && retry_send());
+  while(sendmsg(fd, &msg, 0) == -1 && retry_send());
 }
  
 /* This is a complex routine: it gets called with each (address,netmask,broadcast) triple 

src/dnsmasq.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -596,6 +596,11 @@ int main (int argc, char **argv)
 	{
 	  FD_SET(daemon->dhcpfd, &rset);
 	  bump_maxfd(daemon->dhcpfd, &maxfd);
+	  if (daemon->pxefd != -1)
+	    {
+	      FD_SET(daemon->pxefd, &rset);
+	      bump_maxfd(daemon->pxefd, &maxfd);
+	    }
 	}
 #endif
 
@@ -676,8 +681,13 @@ int main (int argc, char **argv)
 #endif      
 
 #ifdef HAVE_DHCP
-      if (daemon->dhcp && FD_ISSET(daemon->dhcpfd, &rset))
-	dhcp_packet(now);
+      if (daemon->dhcp)
+	{
+	  if (FD_ISSET(daemon->dhcpfd, &rset))
+	    dhcp_packet(now, 0);
+	  if (daemon->pxefd != -1 && FD_ISSET(daemon->pxefd, &rset))
+	    dhcp_packet(now, 1);
+	}
 
 #  ifdef HAVE_SCRIPT
       if (daemon->helperfd != -1 && FD_ISSET(daemon->helperfd, &wset))

src/dnsmasq.h

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
  
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -14,7 +14,7 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-#define COPYRIGHT "Copyright (C) 2000-2009 Simon Kelley" 
+#define COPYRIGHT "Copyright (c) 2000-2010 Simon Kelley" 
 
 #ifndef NO_LARGEFILE
 /* Ensure we can use files >2GB (log files may grow this big) */
@@ -28,6 +28,12 @@
 #  include <features.h> 
 #endif
 
+/* Need these defined early */
+#if defined(__sun) || defined(__sun__)
+#  define _XPG4_2
+#  define __EXTENSIONS__
+#endif
+
 /* get these before config.h  for IPv6 stuff... */
 #include <sys/types.h> 
 #include <sys/socket.h>
@@ -58,7 +64,7 @@
 #include <sys/stat.h>
 #include <sys/ioctl.h>
 #if defined(HAVE_SOLARIS_NETWORK)
-#include <sys/sockio.h>
+#  include <sys/sockio.h>
 #endif
 #include <sys/select.h>
 #include <sys/wait.h>
@@ -66,6 +72,10 @@
 #include <sys/un.h>
 #include <limits.h>
 #include <net/if.h>
+#if defined(HAVE_SOLARIS_NETWORK) && !defined(ifr_mtu)
+/* Some solaris net/if./h omit this. */
+#  define ifr_mtu  ifr_ifru.ifru_metric
+#endif
 #include <unistd.h>
 #include <stdio.h>
 #include <string.h>
@@ -411,8 +421,8 @@ struct dhcp_lease {
   int hwaddr_len, hwaddr_type;
   unsigned char hwaddr[DHCP_CHADDR_MAX]; 
   struct in_addr addr, override, giaddr;
-  unsigned char *vendorclass, *userclass, *supplied_hostname;
-  unsigned int vendorclass_len, userclass_len, supplied_hostname_len;
+  unsigned char *extradata;
+  unsigned int extradata_len, extradata_size;
   int last_interface;
   struct dhcp_lease *next;
 };
@@ -482,6 +492,7 @@ struct dhcp_opt {
 #define DHOPT_VENDOR           256
 #define DHOPT_HEX              512
 #define DHOPT_VENDOR_MATCH    1024
+#define DHOPT_RFC3925         2048
 
 struct dhcp_boot {
   char *file, *sname;
@@ -654,9 +665,10 @@ extern struct daemon {
   struct randfd *rfd_save; /*      "        "        */
   pid_t tcp_pids[MAX_PROCS];
   struct randfd randomsocks[RANDOM_SOCKS];
+  int v6pktinfo; 
 
   /* DHCP state */
-  int dhcpfd, helperfd; 
+  int dhcpfd, helperfd, pxefd; 
 #if defined(HAVE_LINUX_NETWORK)
   int netlinkfd;
 #elif defined(HAVE_BSD_NETWORK)
@@ -784,7 +796,7 @@ struct in_addr get_ifaddr(char *intr);
 /* dhcp.c */
 #ifdef HAVE_DHCP
 void dhcp_init(void);
-void dhcp_packet(time_t now);
+void dhcp_packet(time_t now, int pxe_fd);
 struct dhcp_context *address_available(struct dhcp_context *context, 
 				       struct in_addr addr,
 				       struct dhcp_netid *netids);
@@ -832,7 +844,7 @@ void rerun_scripts(void);
 /* rfc2131.c */
 #ifdef HAVE_DHCP
 size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
-		  size_t sz, time_t now, int unicast_dest, int *is_inform);
+		  size_t sz, time_t now, int unicast_dest, int *is_inform, int pxe_fd);
 unsigned char *extended_hwaddr(int hwtype, int hwlen, unsigned char *hwaddr, 
 			       int clid_len, unsigned char *clid, int *len_out);
 #endif
@@ -866,7 +878,9 @@ int iface_enumerate(void *parm, int (*ipv4_callback)(), int (*ipv6_callback)());
 char *dbus_init(void);
 void check_dbus_listeners(fd_set *rset, fd_set *wset, fd_set *eset);
 void set_dbus_listeners(int *maxfdp, fd_set *rset, fd_set *wset, fd_set *eset);
+#  ifdef HAVE_DHCP
 void emit_dbus_signal(int action, struct dhcp_lease *lease, char *hostname);
+#  endif
 #endif
 
 /* helper.c */

src/forward.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -20,7 +20,7 @@ static struct frec *lookup_frec(unsigned short id, unsigned int crc);
 static struct frec *lookup_frec_by_sender(unsigned short id,
 					  union mysockaddr *addr,
 					  unsigned int crc);
-static unsigned short get_id(int force, unsigned short force_id, unsigned int crc);
+static unsigned short get_id(unsigned int crc);
 static void free_frec(struct frec *f);
 static struct randfd *allocate_rfd(int family);
 
@@ -86,7 +86,7 @@ static void send_from(int fd, int nowild, char *packet, size_t len,
 	  pkt->ipi6_ifindex = iface; /* Need iface for IPv6 to handle link-local addrs */
 	  pkt->ipi6_addr = source->addr.addr6;
 	  msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
-	  cmptr->cmsg_type = IPV6_PKTINFO;
+	  cmptr->cmsg_type = daemon->v6pktinfo;
 	  cmptr->cmsg_level = IPV6_LEVEL;
 	}
 #else
@@ -242,15 +242,11 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
       
       if (forward)
 	{
-	  /* force unchanging id for signed packets */
-	  int is_sign;
-	  find_pseudoheader(header, plen, NULL, NULL, &is_sign);
-	  
 	  forward->source = *udpaddr;
 	  forward->dest = *dst_addr;
 	  forward->iface = dst_iface;
 	  forward->orig_id = ntohs(header->id);
-	  forward->new_id = get_id(is_sign, forward->orig_id, crc);
+	  forward->new_id = get_id(crc);
 	  forward->fd = udpfd;
 	  forward->crc = crc;
 	  forward->forwardall = 0;
@@ -661,7 +657,7 @@ void receive_query(struct listener *listen, time_t now)
       if (listen->family == AF_INET6)
 	{
 	  for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
-	    if (cmptr->cmsg_level == IPV6_LEVEL && cmptr->cmsg_type == IPV6_PKTINFO)
+	    if (cmptr->cmsg_level == IPV6_LEVEL && cmptr->cmsg_type == daemon->v6pktinfo)
 	      {
 		dst_addr.addr.addr6 = ((struct in6_pktinfo *)CMSG_DATA(cmptr))->ipi6_addr;
 		if_index =((struct in6_pktinfo *)CMSG_DATA(cmptr))->ipi6_ifindex;
@@ -1066,22 +1062,12 @@ void server_gone(struct server *server)
     daemon->srv_save = NULL;
 }
 
-/* return unique random ids.
-   For signed packets we can't change the ID without breaking the
-   signing, so we keep the same one. In this case force is set, and this
-   routine degenerates into killing any conflicting forward record. */
-static unsigned short get_id(int force, unsigned short force_id, unsigned int crc)
+/* return unique random ids. */
+static unsigned short get_id(unsigned int crc)
 {
   unsigned short ret = 0;
   
-  if (force)
-    {
-      struct frec *f = lookup_frec(force_id, crc);
-      if (f)
-	free_frec(f); /* free */
-      ret = force_id;
-    }
-  else do 
+  do 
     ret = rand16();
   while (lookup_frec(ret, crc));
   

src/lease.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -564,9 +564,7 @@ int do_script_run(time_t now)
 	  
 	  free(lease->old_hostname); 
 	  free(lease->clid);
-	  free(lease->vendorclass);
-	  free(lease->userclass);
-	  free(lease->supplied_hostname);
+	  free(lease->extradata);
 	  free(lease);
 	    
 	  return 1; 
@@ -599,15 +597,9 @@ int do_script_run(time_t now)
 #endif
 	lease->new = lease->changed = lease->aux_changed = 0;
 	
-	/* these are used for the "add" call, then junked, since they're not in the database */
-	free(lease->vendorclass);
-	lease->vendorclass = NULL;
-	
-	free(lease->userclass);
-	lease->userclass = NULL;
-	
-	free(lease->supplied_hostname);
-	lease->supplied_hostname = NULL;
+	/* this is used for the "add" call, then junked, since they're not in the database */
+	free(lease->extradata);
+	lease->extradata = NULL;
 	
 	return 1;
       }

src/log.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -267,7 +267,12 @@ void my_syslog(int priority, const char *format, ...)
   else if ((LOG_FACMASK & priority) == MS_DHCP)
     func = "-dhcp";
       
+#ifdef LOG_PRI
   priority = LOG_PRI(priority);
+#else
+  /* Solaris doesn't have LOG_PRI */
+  priority &= LOG_PRIMASK;
+#endif
 
   if (log_stderr) 
     {

src/netlink.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by

src/network.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -294,16 +294,35 @@ static int create_ipv6_listener(struct listener **link, int port)
       setsockopt(tcpfd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1 ||
       !fix_fd(fd) ||
       !fix_fd(tcpfd) ||
-#ifdef IPV6_RECVPKTINFO
-      setsockopt(fd, IPV6_LEVEL, IPV6_RECVPKTINFO, &opt, sizeof(opt)) == -1 ||
-#else
-      setsockopt(fd, IPV6_LEVEL, IPV6_PKTINFO, &opt, sizeof(opt)) == -1 ||
-#endif
       bind(tcpfd, (struct sockaddr *)&addr, sa_len(&addr)) == -1 ||
       listen(tcpfd, 5) == -1 ||
       bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == -1) 
     return 0;
 
+  /* The API changed around Linux 2.6.14 but the old ABI is still supported:
+     handle all combinations of headers and kernel.
+     OpenWrt note that this fixes the problem addressed by your very broken patch. */
+
+  daemon->v6pktinfo = IPV6_PKTINFO;
+
+#ifdef IPV6_RECVPKTINFO
+#  ifdef IPV6_2292PKTINFO
+  if (setsockopt(fd, IPV6_LEVEL, IPV6_RECVPKTINFO, &opt, sizeof(opt)) == -1)
+    {
+      if (errno == ENOPROTOOPT && setsockopt(fd, IPV6_LEVEL, IPV6_2292PKTINFO, &opt, sizeof(opt)) != -1)
+	daemon->v6pktinfo = IPV6_2292PKTINFO;
+      else
+	return 0;
+    }
+#  else
+  if (setsockopt(fd, IPV6_LEVEL, IPV6_RECVPKTINFO, &opt, sizeof(opt)) == -1)
+    return 0;
+#  endif 
+#else
+  if (setsockopt(fd, IPV6_LEVEL, IPV6_PKTINFO, &opt, sizeof(opt)) == -1)
+    return 0;
+#endif
+  
   l = safe_malloc(sizeof(struct listener));
   l->fd = fd;
   l->tcpfd = tcpfd;
@@ -553,7 +572,7 @@ int local_bind(int fd, union mysockaddr *addr, char *intname, int is_tcp)
     
 #if defined(SO_BINDTODEVICE)
   if (intname[0] != 0 &&
-      setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, intname, strlen(intname)) == -1)
+      setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, intname, IF_NAMESIZE) == -1)
     return 0;
 #endif
 
@@ -652,7 +671,7 @@ void pre_allocate_sfds(void)
 	errno != 0 &&
 	(daemon->options & OPT_NOWILD))
       {
-	prettyprint_addr(&srv->addr, daemon->namebuff);
+	prettyprint_addr(&srv->source_addr, daemon->namebuff);
 	if (srv->interface[0] != 0)
 	  {
 	    strcat(daemon->namebuff, " ");
@@ -670,6 +689,10 @@ void check_servers(void)
   struct server *new, *tmp, *ret = NULL;
   int port = 0;
 
+  /* interface may be new since startup */
+  if (!(daemon->options & OPT_NOWILD))
+    enumerate_interfaces();
+  
   for (new = daemon->servers; new; new = tmp)
     {
       tmp = new->next;

src/rfc1035.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -1327,12 +1327,34 @@ size_t answer_request(HEADER *header, char *limit, size_t qlen,
 	      if (qtype != type && qtype != T_ANY)
 		continue;
 	      
-	      /* Check for "A for A"  queries */
-	      if (qtype == T_A && (addr.addr.addr4.s_addr = inet_addr(name)) != (in_addr_t) -1)
+	      /* Check for "A for A"  queries; be rather conservative 
+		 about what looks like dotted-quad.  */
+	      if (qtype == T_A)
+		{
+		  char *cp;
+		  unsigned int i, a;
+		  int x;
+
+		  for (cp = name, i = 0, a = 0; *cp; i++)
+		    {
+		      if (!isdigit(*cp) || (x = strtol(cp, &cp, 10)) > 255) 
+			{
+			  i = 5;
+			  break;
+			}
+		      
+		      a = (a << 8) + x;
+		      
+		      if (*cp == '.') 
+			cp++;
+		    }
+		  
+		  if (i == 4)
 		    {
 		      ans = 1;
 		      if (!dryrun)
 			{
+			  addr.addr.addr4.s_addr = htonl(a);
 			  log_query(F_FORWARD | F_CONFIG | F_IPV4, name, &addr, NULL);
 			  if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, 
 						  daemon->local_ttl, NULL, type, C_IN, "4", &addr))
@@ -1340,6 +1362,7 @@ size_t answer_request(HEADER *header, char *limit, size_t qlen,
 			}
 		      continue;
 		    }
+		}
 
 	      /* interface name stuff */
 	      if (qtype == T_A)

src/util.c

-/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2010 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by