import of dnsmasq-2.47.tar.gz

73a08a24 · Simon Kelley · 9009d746 · 73a08a24 · 73a08a24 · 73a08a24
Commit 73a08a24 authored Feb 05, 2009 by Simon Kelley
37 changed files
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -2638,11 +2638,11 @@ version 2.46
 	    Tighten up data-checking code for DNS packet
 	    handling. Thanks to Steve Dodd who found certain illegal
 	    packets which could crash dnsmasq. No memory overwrite was
-	    possible, so this is not a security issue beond the DoS
+	    possible, so this is not a security issue beyond the DoS
 	    potential.  
 	    Update example config dhcp option 47, the previous
-	    suggestion generated and illegal, zero-length,
+	    suggestion generated an illegal, zero-length,
 	    option. Thanks to Matthias Andree for finding this.
 	    Rewrite hosts-file reading code to remove the limit of
@@ -2692,3 +2692,91 @@ version 2.46
 	    Force re-reading of /etc/resolv.conf when an "interface
 	    up" event occurs.
+version 2.47
+	    Updated French translation. Thanks to Gildas Le Nadan.
+	    Fixed interface enumeration code to work on NetBSD
+	    5.0. Thanks to Roy Marples for the patch. 
+	    Updated config.h to use the same location for the lease
+	    file on NetBSD as the other *BSD variants. Also allow
+	    LEASEFILE and CONFFILE symbols to be overriden in CFLAGS.  
+            Handle duplicate address detection on IPv6 more
+            intelligently. In IPv6, an interface can have an address
+            which is not usable, because it is still undergoing DAD
+            (such addresses are marked "tentative"). Attempting to
+            bind to an address in this state returns an error,
+            EADDRNOTAVAIL. Previously, on getting such an error,
+            dnsmasq would silently abandon the address, and never
+            listen on it. Now, it retries once per second for 20
+            seconds before generating a fatal error. 20 seconds should
+            be long enough for any DAD process to complete, but can be
+            adjusted in src/config.h if necessary. Thanks to Martin
+            Krafft for the bug report.
+	    Add DBus introspection. Patch from Jeremy Laine.
+	    Update Dbus configuration file. Patch from Colin Walters.
+	    Fix for this bug:
+            http://bugs.freedesktop.org/show_bug.cgi?id=18961
+	    Support arbitrarily encapsulated DHCP options, suggestion
+	    and initial patch from Samium Gromoff. This is useful for
+	    (eg) gPXE, which expect all its private options to be
+	    encapsulated inside a single option 175. So, eg, 
+            dhcp-option = encap:175, 190, "iscsi-client0"
+            dhcp-option = encap:175, 191, "iscsi-client0-secret"
+	    will provide iSCSI parameters to gPXE.
+	    Enhance --dhcp-match to allow testing of the contents of a
+	    client-sent option, as well as its presence. This
+	    application in mind for this is RFC 4578
+	    client-architecture specifiers, but it's generally useful.
+	    Joey Korkames suggested the enhancement. 
+	    Move from using the IP_XMIT_IF ioctl to IP_BOUND_IF on
+	    OpenSolaris. Thanks to Bastian Machek for the heads-up.
+	    No longer complain about blank lines in
+	    /etc/ethers. Thanks to Jon Nelson for the patch.
+	    Fix binding of servers to physical devices, eg
+	    --server=/domain/1.2.3.4@eth0 which was broken from 2.43
+	    onwards unless --query-port=0 set. Thanks to Peter Naulls
+	    for the bug report.
+	    Reply to DHCPINFORM requests even when the supplied ciaddr
+	    doesn't fall in any dhcp-range. In this case it's not
+	    possible to supply a complete configuration, but
+	    individually-configured options (eg PAC) may be useful.
+	    Allow the source address of an alias to be a range:
+	    --alias=192.168.0.0,10.0.0.0,255.255.255.0 maps the whole
+	    subnet 192.168.0.0->192.168.0.255 to 10.0.0.0->10.0.0.255,
+	    as before.
+	    --alias=192.168.0.10-192.168.0.40,10.0.0.0,255.255.255.0
+	    maps only the 192.168.0.10->192.168.0.40 region. Thanks to
+	    Ib Uhrskov for the suggestion.
+	    Don't dynamically allocate DHCP addresses which may break
+	    Windows.  Addresses which end in .255 or .0 are broken in
+	    Windows even when using supernetting.
+	    --dhcp-range=192.168.0.1,192.168.1.254,255,255,254.0 means 
+	    192.168.0.255 is a valid IP address, but not for Windows. 
+	    See Microsoft KB281579. We therefore no longer allocate 
+	    these addresses to avoid hard-to-diagnose problems. 
+	    Update Polish translation. Thanks to Jan Psota.
+	    Delete the PID-file when dnsmasq shuts down. Note that by
+	    this time, dnsmasq is normally not running as root, so
+	    this will fail if the PID-file is stored in a root-owned
+	    directory; such failure is silently ignored. To take
+	    advantage of this feature, the PID-file must be stored in a
+	    directory owned and write-able by the user running
+	    dnsmasq.
--- a/Makefile
+++ b/Makefile
-# dnsmasq is Copyright (c) 2000-2008 Simon Kelley
+# dnsmasq is Copyright (c) 2000-2009 Simon Kelley
 #
 #  This program is free software; you can redistribute it and/or modify
 #  it under the terms of the GNU General Public License as published by
@@ -10,8 +10,8 @@
 #  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 #  GNU General Public License for more details.
 #    
-# You should have received a copy of the GNU General Public License
+#  You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 PREFIX = /usr/local
 BINDIR = ${PREFIX}/sbin

--- a/contrib/lease-access/README
+++ b/contrib/lease-access/README
+Hello,
+For some specific application I needed to deny access to a MAC address
+to a lease. For this reason I modified the dhcp-script behavior and is
+called with an extra parameter "access" once a dhcp request or discover
+is received. In that case if the exit code of the script is zero,
+dnsmasq continues normally, and if non-zero the packet is ignored.
+This was not added as a security feature but as a mean to handle
+differently some addresses. It is also quite intrusive since it requires
+changes in several other subsystems.
+It attach the patch in case someone is interested.
+regards,
+Nikos
+nmav@gennetsa.com
--- a/contrib/lease-access/lease.access.patch
+++ b/contrib/lease-access/lease.access.patch
--- a/dbus/dnsmasq.conf
+++ b/dbus/dnsmasq.conf
@@ -5,12 +5,10 @@
 	<policy user="root">
 		<allow own="uk.org.thekelleys.dnsmasq"/>
 		<allow send_destination="uk.org.thekelleys.dnsmasq"/>
-                <allow send_interface="uk.org.thekelleys.dnsmasq"/>
 	</policy>
 	<policy context="default">
                <deny own="uk.org.thekelleys.dnsmasq"/>
                <deny send_destination="uk.org.thekelleys.dnsmasq"/>
-                <deny send_interface="uk.org.thekelleys.dnsmasq"/>
        </policy>
 </busconfig>
--- a/dnsmasq.conf.example
+++ b/dnsmasq.conf.example
@@ -342,6 +342,22 @@
 #dhcp-boot=net:#gpxe,undionly.kpxe
 #dhcp-boot=mybootimage
+# Encapsulated options for Etherboot gPXE. All the options are
+# encapsulated within option 175
+#dhcp-option=encap:175, 1, 5b         # priority code
+#dhcp-option=encap:175, 176, 1b       # no-proxydhcp 
+#dhcp-option=encap:175, 177, string   # bus-id 
+#dhcp-option=encap:175, 189, 1b       # BIOS drive code
+#dhcp-option=encap:175, 190, user     # iSCSI username
+#dhcp-option=encap:175, 191, pass     # iSCSI password
+# Test for the architecture of a netboot client. PXE clients are
+# supposed to send their architecture as option 93. (See RFC 4578)
+#dhcp-match=peecees, option:client-arch, 0 #x86-32
+#dhcp-match=itanics, option:client-arch, 2 #IA64
+#dhcp-match=hammers, option:client-arch, 6 #x86-64
+#dhcp-match=mactels, option:client-arch, 7 #EFI x86-64 
 # Enable dnsmasq's built-in TFTP server
 #enable-tftp
@@ -409,7 +425,8 @@
 #alias=1.2.3.4,5.6.7.8
 # and this maps 1.2.3.x to 5.6.7.x
 #alias=1.2.3.0,5.6.7.0,255.255.255.0
+# and this maps 192.168.0.10->192.168.0.40 to 10.0.0.10->10.0.0.40
+#alias=192.168.0.10-192.168.0.40,10.0.0.0,255.255.255.0
 # Change these lines if you want dnsmasq to serve MX records.

--- a/doc.html
+++ b/doc.html
@@ -89,11 +89,11 @@ Dnsmasq is part of the Debian distribution, it can be downloaded from
 <A HREF="http://ftp.debian.org/debian/pool/main/d/dnsmasq/"> here</A> or installed using <TT>apt</TT>.
 <H2>Links.</H2>
-There is an article in German on dnsmasq at <A
+Damien Raude-Morvan has an article in French at <A HREF="http://www.drazzib.com/docs-dnsmasq.html">http://www.drazzib.com/docs-dnsmasq.html</A>
-HREF="http://www.linuxnetmag.com/de/issue7/m7dnsmasq1.html">http://www.linuxnetmag.com/de/issue7/m7dnsmasq1.html</A>
-and Damien Raude-Morvan has one in French at <A HREF="http://www.drazzib.com/docs-dnsmasq.html">http://www.drazzib.com/docs-dnsmasq.html</A>
 There is a good article about dnsmasq at <A
 HREF="http://www.enterprisenetworkingplanet.com/netos/article.php/3377351">http://www.enterprisenetworkingplanet.com/netos/article.php/3377351</A>
+and another at <A
+HREF="http://www.linux.com/articles/149040">http://www.linux.com/articles/149040</A>
 and Ilya Evseev has an article in Russian about dnsmasq to be found at <A HREF="http://ilya-evseev.narod.ru/articles/dnsmasq"> http://ilya-evseev.narod.ru/articles/dnsmasq</A>
 <H2>License.</H2>
 Dnsmasq is distributed under the GPL. See the file COPYING in the distribution 

--- a/man/dnsmasq.8
+++ b/man/dnsmasq.8
@@ -15,8 +15,8 @@ contents of /etc/hosts so that local hostnames
 which do not appear in the global DNS can be resolved and also answers
 DNS queries for DHCP configured hosts.
 .PP
-The dnsmasq DHCP server supports static address assignments, multiple
+The dnsmasq DHCP server supports static address assignments and multiple
-networks, DHCP-relay and RFC3011 subnet specifiers. It automatically
+networks. It automatically
 sends a sensible default set of DHCP options, and can be configured to
 send any desired set of DHCP options, including vendor-encapsulated
 options. It includes a secure, read-only,
@@ -208,13 +208,17 @@ Bogus private reverse lookups. All reverse lookups for private IP ranges (ie 192
 which are not found in /etc/hosts or the DHCP leases file are answered
 with "no such domain" rather than being forwarded upstream.
 .TP
-.B \-V, --alias=<old-ip>,<new-ip>[,<mask>]
+.B \-V, --alias=[<old-ip>]|[<start-ip>-<end-ip>],<new-ip>[,<mask>]
 Modify IPv4 addresses returned from upstream nameservers; old-ip is
 replaced by new-ip. If the optional mask is given then any address
 which matches the masked old-ip will be re-written. So, for instance
 .B --alias=1.2.3.0,6.7.8.0,255.255.255.0 
 will map 1.2.3.56 to 6.7.8.56 and 1.2.3.67 to 6.7.8.67. This is what
-Cisco PIX routers call "DNS doctoring".
+Cisco PIX routers call "DNS doctoring". If the old IP is given as
+range, then only addresses in the range, rather than a whole subnet,
+are re-written. So 
+.B --alias=192.168.0.10-192.168.0.40,10.0.0.0,255.255.255.0
+maps 192.168.0.10->192.168.0.40 to 10.0.0.10->10.0.0.40
 .TP 
 .B \-B, --bogus-nxdomain=<ipaddr>
 Transform replies which contain the IP address given into "No such
@@ -513,13 +517,15 @@ Token-Ring hardware address, since the ARP-address type for token ring
 is 6. 
 As a special case, it is possible to include more than one
-hardware address. This allows an IP address to be associated with
+hardware address. eg:
+.B --dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,192.168.0.2
+This allows an IP address to be associated with
 multiple hardware addresses, and gives dnsmasq permission to abandon a
 DHCP lease to one of the hardware addresses when another one asks for
 a lease. Beware that this is a dangerous thing to do, it will only
 work reliably if only one of the hardware addresses is active at any
-time and there is no way for dnsmasq to enforce this. It is, however
+time and there is no way for dnsmasq to enforce this. It is, for instance,
-useful, for instance to allocate a stable IP address to a laptop which
+useful to allocate a stable IP address to a laptop which
 has both wired and wireless interfaces.
 .TP
 .B --dhcp-hostsfile=<file>
@@ -543,7 +549,7 @@ have exactly the same effect as
 options containing the same information. /etc/ethers is re-read when 
 dnsmasq receives SIGHUP.
 .TP
-.B \-O, --dhcp-option=[<network-id>,[<network-id>,]][vendor:[<vendor-class>],][<opt>|option:<opt-name>],[<value>[,<value>]]
+.B \-O, --dhcp-option=[<network-id>,[<network-id>,]][encap:<opt>,][vendor:[<vendor-class>],][<opt>|option:<opt-name>],[<value>[,<value>]]
 Specify different or extra options to DHCP clients. By default,
 dnsmasq sends some standard options to DHCP clients, the netmask and
 broadcast address are set to the same as the host running dnsmasq, and
@@ -603,10 +609,18 @@ client. It is
 possible to omit the vendorclass completely;
 .B --dhcp-option=vendor:,1,0.0.0.0
 in which case the encapsulated option is always sent.
+Options may be encapsulated within other options: for instance
+.B --dhcp-option=encap:175, 190, "iscsi-client0"
+will send option 175, within which is the option 190. If multiple
+options are given which are encapsulated with the same option number
+then they will be correctly combined into one encapsulated option.
+encap: and vendor: are may not both be set in the same dhcp-option.
 The address 0.0.0.0 is not treated specially in
-encapsulated vendor class options.
+encapsulated options.
 .TP
-.B --dhcp-option-force=[<network-id>,[<network-id>,]][vendor:[<vendor-class>],]<opt>,[<value>[,<value>]]
+.B --dhcp-option-force=[<network-id>,[<network-id>,]][encap:<opt>,][vendor:[<vendor-class>],]<opt>,[<value>[,<value>]]
 This works in exactly the same way as
 .B --dhcp-option
 except that the option will always be sent, even if the client does
@@ -658,10 +672,22 @@ agent ID and one provided by a relay agent, the network-id tag is set.
 .B --dhcp-subscrid=<network-id>,<subscriber-id>
 Map from RFC3993 subscriber-id relay agent options to network-id tags.
 .TP
-.B --dhcp-match=<network-id>,<option number>
+.B --dhcp-match=<network-id>,<option number>|option:<option name>[,<value>]
-Set the network-id tag if the client sends a DHCP option of the given
+Without a value, set the network-id tag if the client sends a DHCP
-number. This can be used to identify particular clients which send
+option of the given number or name. When a value is given, set the tag only if
-information using private option numbers.
+the option is sent and matches the value. The value may be of the form
+"01:ff:*:02" in which case the value must match (apart from widcards)
+but the option sent may have unmatched data past the end of the
+value. The value may also be of the same form as in 
+.B dhcp-option
+in which case the option sent is treated as an array, and one element
+must match, so
+--dhcp-match=efi-ia32,option:client-arch,6
+will set the tag "efi-ia32" if the the number 6 appears in the list of
+architectures sent by the client in option 93. (See RFC 4578 for
+details.)  If the value is a string, substring matching is used. 
 .TP
 .B \-J, --dhcp-ignore=<network-id>[,<network-id>]
 When all the given network-ids match the set of network-ids derived
@@ -737,15 +763,7 @@ Extra logging for DHCP: log all the options sent to DHCP clients and
 the netid tags used to determine them.
 .TP
 .B \-l, --dhcp-leasefile=<path>
-Use the specified file to store DHCP lease information. If this option
+Use the specified file to store DHCP lease information.
-is given but no dhcp-range option is given then dnsmasq version 1
-behaviour is activated. The file given is assumed to be an ISC dhcpd
-lease file and parsed for leases which are then added to the DNS
-system if they have a hostname. This functionality may have been
-excluded from dnsmasq at compile time, in which case an error will
-occur. In any case note that ISC leasefile integration is a deprecated
-feature. It should not be used in new installations, and will be
-removed in a future release.
 .TP 
 .B \-6 --dhcp-script=<path>
 Whenever a new DHCP lease is created, or an old one destroyed, the

--- a/man/fr/dnsmasq.8
+++ b/man/fr/dnsmasq.8
--- a/po/de.po
+++ b/po/de.po
--- a/po/es.po
+++ b/po/es.po
--- a/po/fi.po
+++ b/po/fi.po
--- a/po/fr.po
+++ b/po/fr.po
--- a/po/id.po
+++ b/po/id.po
--- a/po/it.po
+++ b/po/it.po
--- a/po/no.po
+++ b/po/no.po
--- a/po/pl.po
+++ b/po/pl.po
--- a/po/pt_BR.po
+++ b/po/pt_BR.po
--- a/po/ro.po
+++ b/po/ro.po
--- a/src/bpf.c
+++ b/src/bpf.c
-/* dnsmasq is Copyright (c) 2000-2008 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -10,8 +10,8 @@
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
-  You should have received a copy of the GNU General Public License
+   You should have received a copy of the GNU General Public License
-  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 #include "dnsmasq.h"
@@ -63,16 +63,20 @@ int iface_enumerate(void *parm, int (*ipv4_callback)(), int (*ipv6_callback)())
 	}
    }
-  for (ptr = ifc.ifc_buf; ptr < ifc.ifc_buf + ifc.ifc_len; ptr += len )
+  for (ptr = ifc.ifc_buf; ptr < (char *)(ifc.ifc_buf + ifc.ifc_len); ptr += len)
    {
      /* subsequent entries may not be aligned, so copy into
 	 an aligned buffer to avoid nasty complaints about 
 	 unaligned accesses. */
-#ifdef HAVE_SOCKADDR_SA_LEN
-      len = ((struct ifreq *)ptr)->ifr_addr.sa_len + offsetof(struct ifreq, ifr_ifru);
-#else
      len = sizeof(struct ifreq);
+#ifdef HAVE_SOCKADDR_SA_LEN
+      ifr = (struct ifreq *)ptr;
+      if (ifr->ifr_addr.sa_len > sizeof(ifr->ifr_ifru))
+	len = ifr->ifr_addr.sa_len + offsetof(struct ifreq, ifr_ifru);
 #endif
      if (!expand_buf(&ifreq, len))
 	goto err;

--- a/src/cache.c
+++ b/src/cache.c
-/* dnsmasq is Copyright (c) 2000-2008 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -10,8 +10,8 @@
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
-  You should have received a copy of the GNU General Public License
+   You should have received a copy of the GNU General Public License
-  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 #include "dnsmasq.h"

--- a/src/config.h
+++ b/src/config.h
-/* dnsmasq is Copyright (c) 2000-2008 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -10,11 +10,11 @@
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
-  You should have received a copy of the GNU General Public License
+   You should have received a copy of the GNU General Public License
-  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
-#define VERSION "2.46"
+#define VERSION "2.47"
 #define FTABSIZ 150 /* max number of outstanding requests (default) */
 #define MAX_PROCS 20 /* max no children for TCP requests */
@@ -38,18 +38,25 @@
 #  define RESOLVFILE "/etc/resolv.conf"
 #endif
 #define RUNFILE "/var/run/dnsmasq.pid"
-#if defined(__FreeBSD__) || defined (__OpenBSD__) || defined(__DragonFly__)
-#   define LEASEFILE "/var/db/dnsmasq.leases"
+#ifndef LEASEFILE
-#elif defined(__sun__) || defined (__sun)
+#   if defined(__FreeBSD__) || defined (__OpenBSD__) || defined(__DragonFly__) || defined(__NetBSD__)
-#   define LEASEFILE "/var/cache/dnsmasq.leases"
+#      define LEASEFILE "/var/db/dnsmasq.leases"
-#else
+#   elif defined(__sun__) || defined (__sun)
-#   define LEASEFILE "/var/lib/misc/dnsmasq.leases"
+#      define LEASEFILE "/var/cache/dnsmasq.leases"
+#   else
+#      define LEASEFILE "/var/lib/misc/dnsmasq.leases"
+#   endif
 #endif
-#if defined(__FreeBSD__)
-#   define CONFFILE "/usr/local/etc/dnsmasq.conf"
+#ifndef CONFFILE
-#else
+#   if defined(__FreeBSD__)
-#   define CONFFILE "/etc/dnsmasq.conf"
+#      define CONFFILE "/usr/local/etc/dnsmasq.conf"
+#   else
+#      define CONFFILE "/etc/dnsmasq.conf"
+#   endif
 #endif
 #define DEFLEASE 3600 /* default lease time, 1 hour */
 #define CHUSER "nobody"
 #define CHGRP "dip"
@@ -61,6 +68,7 @@
 #define TFTP_MAX_CONNECTIONS 50 /* max simultaneous connections */
 #define LOG_MAX 5 /* log-queue length */
 #define RANDFILE "/dev/urandom"
+#define DAD_WAIT 20 /* retry binding IPv6 sockets for this long */
 /* DBUS interface specifics */
 #define DNSMASQ_SERVICE "uk.org.thekelleys.dnsmasq"

--- a/src/dbus.c
+++ b/src/dbus.c
-/* dnsmasq is Copyright (c) 2000-2008 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -10,8 +10,8 @@
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
-  You should have received a copy of the GNU General Public License
+   You should have received a copy of the GNU General Public License
-  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 #include "dnsmasq.h"
@@ -21,6 +21,42 @@
 #define DBUS_API_SUBJECT_TO_CHANGE
 #include <dbus/dbus.h>
+const char* introspection_xml =
+"<!DOCTYPE node PUBLIC \"-//freedesktop//DTD D-BUS Object Introspection 1.0//EN\"\n"
+"\"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd\">\n"
+"<node name=\"" DNSMASQ_PATH "\">\n"
+"  <interface name=\"org.freedesktop.DBus.Introspectable\">\n"
+"    <method name=\"Introspect\">\n"
+"      <arg name=\"data\" direction=\"out\" type=\"s\"/>\n"
+"    </method>\n"
+"  </interface>\n"
+"  <interface name=\"" DNSMASQ_SERVICE "\">\n"
+"    <method name=\"ClearCache\">\n"
+"    </method>\n"
+"    <method name=\"GetVersion\">\n"
+"      <arg name=\"version\" direction=\"out\" type=\"s\"/>\n"
+"    </method>\n"
+"    <method name=\"SetServers\">\n"
+"      <arg name=\"servers\" direction=\"in\" type=\"av\"/>\n"
+"    </method>\n"
+"    <signal name=\"DhcpLeaseAdded\">\n"
+"      <arg name=\"ipaddr\" type=\"s\"/>\n"
+"      <arg name=\"hwaddr\" type=\"s\"/>\n"
+"      <arg name=\"hostname\" type=\"s\"/>\n"
+"    </signal>\n"
+"    <signal name=\"DhcpLeaseDeleted\">\n"
+"      <arg name=\"ipaddr\" type=\"s\"/>\n"
+"      <arg name=\"hwaddr\" type=\"s\"/>\n"
+"      <arg name=\"hostname\" type=\"s\"/>\n"
+"    </signal>\n"
+"    <signal name=\"DhcpLeaseUpdated\">\n"
+"      <arg name=\"ipaddr\" type=\"s\"/>\n"
+"      <arg name=\"hwaddr\" type=\"s\"/>\n"
+"      <arg name=\"hostname\" type=\"s\"/>\n"
+"    </signal>\n"
+"  </interface>\n"
+"</node>\n";
 struct watch {
  DBusWatch *watch;      
  struct watch *next;
@@ -229,7 +265,15 @@ DBusHandlerResult message_handler(DBusConnection *connection,
 {
  char *method = (char *)dbus_message_get_member(message);
-  if (strcmp(method, "GetVersion") == 0)
+  if (dbus_message_is_method_call(message, DBUS_INTERFACE_INTROSPECTABLE, "Introspect"))
+    {
+      DBusMessage *reply = dbus_message_new_method_return(message);
+      dbus_message_append_args(reply, DBUS_TYPE_STRING, &introspection_xml, DBUS_TYPE_INVALID);
+      dbus_connection_send (connection, reply, NULL);
+      dbus_message_unref (reply);
+    }
+  else if (strcmp(method, "GetVersion") == 0)
    {
      char *v = VERSION;
      DBusMessage *reply = dbus_message_new_method_return(message);

--- a/src/dhcp.c
+++ b/src/dhcp.c
-/* dnsmasq is Copyright (c) 2000-2008 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -10,8 +10,8 @@
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
-  You should have received a copy of the GNU General Public License
+   You should have received a copy of the GNU General Public License
-  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 #include "dnsmasq.h"
@@ -345,7 +345,12 @@ void dhcp_packet(time_t now)
 #endif
 #ifdef HAVE_SOLARIS_NETWORK
+  /* OpenSolaris eliminates IP_XMIT_IF */
+#  ifdef IP_XMIT_IF
  setsockopt(daemon->dhcpfd, IPPROTO_IP, IP_XMIT_IF, &iface_index, sizeof(iface_index));
+#  else
+  setsockopt(daemon->dhcpfd, IPPROTO_IP, IP_BOUND_IF, &iface_index, sizeof(iface_index));
+#  endif
 #endif
  while(sendmsg(daemon->dhcpfd, &msg, 0) == -1 && retry_send());
@@ -560,9 +565,16 @@ int address_allocate(struct dhcp_context *context,
 	      if (addr.s_addr == d->router.s_addr)
 		break;
+	    /* Addresses which end in .255 and .0 are broken in Windows even when using 
+	       supernetting. ie dhcp-range=192.168.0.1,192.168.1.254,255,255,254.0
+	       then 192.168.0.255 is a valid IP address, but not for Windows as it's
+	       in the class C range. See  KB281579. We therefore don't allocate these 
+	       addresses to avoid hard-to-diagnose problems. Thanks Bill. */	    
 	    if (!d &&
 		!lease_find_by_addr(addr) && 
-		!config_find_by_address(daemon->dhcp_conf, addr))
+		!config_find_by_address(daemon->dhcp_conf, addr) &&
+		(!IN_CLASSC(ntohl(addr.s_addr)) || 
+		 ((ntohl(addr.s_addr) & 0xff) != 0xff && ((ntohl(addr.s_addr) & 0xff) != 0x0))))
 	      {
 		struct ping_result *r, *victim = NULL;
 		int count, max = (int)(0.6 * (((float)PING_CACHE_TIME)/
@@ -744,7 +756,7 @@ void dhcp_read_ethers(void)
      while (strlen(buff) > 0 && isspace((int)buff[strlen(buff)-1]))
 	buff[strlen(buff)-1] = 0;
-      if ((*buff == '#') || (*buff == '+'))
+      if ((*buff == '#') || (*buff == '+') || (*buff == 0))
 	continue;
      for (ip = buff; *ip && !isspace((int)*ip); ip++);

--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
-/* dnsmasq is Copyright (c) 2000-2008 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -10,8 +10,8 @@
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
-  You should have received a copy of the GNU General Public License
+   You should have received a copy of the GNU General Public License
-  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 #include "dnsmasq.h"
@@ -856,6 +856,9 @@ static void async_event(int pipe, time_t now)
 	if (daemon->lease_stream)
 	  fclose(daemon->lease_stream);
+	if (daemon->runfile)
+	  unlink(daemon->runfile);
 	my_syslog(LOG_INFO, _("exiting on receipt of SIGTERM"));
 	flush_log();

--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
--- a/src/forward.c
+++ b/src/forward.c
-/* dnsmasq is Copyright (c) 2000-2008 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2009 Simon Kelley
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -10,8 +10,8 @@
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
-  You should have received a copy of the GNU General Public License
+   You should have received a copy of the GNU General Public License
-  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 #include "dnsmasq.h"

--- a/src/helper.c
+++ b/src/helper.c
--- a/src/lease.c
+++ b/src/lease.c
--- a/src/log.c
+++ b/src/log.c
--- a/src/netlink.c
+++ b/src/netlink.c
--- a/src/network.c
+++ b/src/network.c
--- a/src/option.c
+++ b/src/option.c
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
--- a/src/rfc2131.c
+++ b/src/rfc2131.c
--- a/src/tftp.c
+++ b/src/tftp.c
--- a/src/util.c
+++ b/src/util.c