Fix typo and format in CHANGELOG

CHANGELOG

@@ -21,8 +21,8 @@ version 2.77
 	    Thanks to Ivan Kokshaysky for the diagnosis and
 	    patch.
 
- 	    Fix problem with --dnssec-timestamp whereby receipt
-            of SIGHUP would erroneously engage timestamp checking.
+	    Fix problem with --dnssec-timestamp whereby receipt
+	    of SIGHUP would erroneously engage timestamp checking.
 	    Thanks to Kevin Darbyshire-Bryant for this work.
 
 	    Bump zone serial on reloading /etc/hosts and friends
@@ -58,19 +58,19 @@ version 2.77
 	    this is Nominum's. Thanks to Dave Täht for spotting the
 	    bug and assisting in the fix.
 
-            Fix the manpage which lied that only the primary address
+	    Fix the manpage which lied that only the primary address
 	    of an interface is used by --interface-name.
 
 	    Make --localise-queries apply to names from --interface-name.
 	    Thanks to Kevin Darbyshire-Bryant and Eric Luehrsen
 	    for pushing this.
 
-            Improve connection handling when talking to TCP upstream 
+	    Improve connection handling when talking to TCP upstream 
 	    servers. Specifically, be prepared to open a new TCP
 	    connection when we want to make multiple queries
-            but the upstream server accepts fewer queries per connection.
+	    but the upstream server accepts fewer queries per connection.
  
-            Improve logging of upstream servers when there are a lot
+	    Improve logging of upstream servers when there are a lot
 	    of "local addresses only" entries. Thanks to Hannu Nyman for
 	    the patch.
 
@@ -80,10 +80,10 @@ version 2.77
 	    Allow use of MAC addresses with --tftp-unique-root. Thanks
 	    to Floris Bos for the patch.
 
-            Add --dhcp-reply-delay option. Thanks to Floris Bos
+	    Add --dhcp-reply-delay option. Thanks to Floris Bos
 	    for the patch.
 
-            Add mtu setting facility to --ra-param. Thanks to David
+	    Add mtu setting facility to --ra-param. Thanks to David
 	    Flamand for the patch.
 
 	    Capture STDOUT and STDERR output from dhcp-script and log
@@ -93,44 +93,44 @@ version 2.77
 
 	    Generate fatal errors when failing to parse the output
 	    of the dhcp-script in "init" mode. Avoids strange errors
-            when the script accidentally emits error messages.
+	    when the script accidentally emits error messages.
 	    Thanks to Petr Mensik for the patch.
 
-            Make --rev-server for an RFC1918 subnet work even in the
-            presence of the --bogus-priv flag. Thanks to
+	    Make --rev-server for an RFC1918 subnet work even in the
+	    presence of the --bogus-priv flag. Thanks to
 	    Vladislav Grishenko for the patch.
 
 	    Extend --ra-param mtu: field to allow an interface name.
 	    This allows the MTU of a WAN interface to be advertised on
-   	    the internal interfaces of a router. Thanks to
+	    the internal interfaces of a router. Thanks to
 	    Vladislav Grishenko for the patch.
 
-            Do ICMP-ping check for address-in-use for DHCPv4 when
+	    Do ICMP-ping check for address-in-use for DHCPv4 when
 	    the client specifies an address in DHCPDISCOVER, and when
 	    an address in configured locally. Thanks to Alin Năstac
- 	    for spotting the problem.
+	    for spotting the problem.
 
 	    Add new DHCP tag "known-othernet" which is set when only a
 	    dhcp-host exists for another subnet. Can be used to ensure
 	    that privileged hosts are not given "guest" addresses by
 	    accident. Thanks to Todd Sanket for the suggestion.
 
-            Remove historic automatic inclusion of IDN support when
+	    Remove historic automatic inclusion of IDN support when
 	    building internationalisation support. This doesn't
 	    fit now there is a choice of IDN libraries. Be sure
-	    to include either -DHAVE_IDN or _DHAVE_LIBIDN2 for
+	    to include either -DHAVE_IDN or -DHAVE_LIBIDN2 for
 	    IDN support.
 
 	
 version 2.76
-            Include 0.0.0.0/8 in DNS rebind checks. This range 
+	    Include 0.0.0.0/8 in DNS rebind checks. This range 
 	    translates to hosts on  the local network, or, at 
 	    least, 0.0.0.0 accesses the local host, so could
 	    be targets for DNS rebinding. See RFC 5735 section 3 
 	    for details. Thanks to Stephen Röttger for the bug report.
  
 	    Enhance --add-subnet to allow arbitrary subnet addresses.
-            Thanks to Ed Barsley for the patch.
+	    Thanks to Ed Barsley for the patch.
 
 	    Respect the --no-resolv flag in inotify code. Fixes bug
 	    which caused dnsmasq to fail to start if a resolv-file 
@@ -155,7 +155,7 @@ version 2.76
 	    Return REFUSED when running out of forwarding table slots,
 	    not SERVFAIL.
 
-            Add --max-port configuration. Thanks to Hans Dedecker for
+	    Add --max-port configuration. Thanks to Hans Dedecker for
 	    the patch.
 
 	    Add --script-arp and two new functions for the dhcp-script.
@@ -167,7 +167,7 @@ version 2.76
  
 	    Add --add-cpe-id option.
 
-            Don't crash with divide-by-zero if an IPv6 dhcp-range
+	    Don't crash with divide-by-zero if an IPv6 dhcp-range
 	    is declared as a whole /64.
 	    (ie xx::0 to xx::ffff:ffff:ffff:ffff) 
 	    Thanks to Laurent Bendel for spotting this problem.
@@ -208,7 +208,7 @@ version 2.76
 	    Add ARM32_EFI and ARM64_EFI as valid architectures in
 	    --pxe-service.
 
-            Fix PXE booting for UEFI architectures. Modify PXE boot
+	    Fix PXE booting for UEFI architectures. Modify PXE boot
 	    sequence in this case to force the client to talk to dnsmasq
 	    over port 4011. This makes PXE and especially proxy-DHCP PXE
 	    work with these architectures.
@@ -220,7 +220,7 @@ version 2.76
 	    will be booted directly, rather then sending a
 	    single-item boot menu.
 
-            Many thanks to Jarek Polok, Michael Kuron and Dreamcat4 
+	    Many thanks to Jarek Polok, Michael Kuron and Dreamcat4 
 	    for their work on the long-standing UEFI PXE problem.
 
 	    Subtle change in the semantics of "basename" in
@@ -243,13 +243,13 @@ version 2.76
 
 
 version 2.75
-            Fix reversion on 2.74 which caused 100% CPU use when a 
+	    Fix reversion on 2.74 which caused 100% CPU use when a 
 	    dhcp-script is configured. Thanks to Adrian Davey for
 	    reporting the bug and testing the fix.
 
 	
 version 2.74
-            Fix reversion in 2.73 where --conf-file would attempt to
+	    Fix reversion in 2.73 where --conf-file would attempt to
 	    read the default file, rather than no file.
 
 	    Fix inotify code to handle dangling symlinks better and
@@ -257,11 +257,11 @@ version 2.74
 
 	    DNSSEC fix. In the case of a signed CNAME generated by a
 	    wildcard which pointed to an unsigned domain, the wrong
-            status would be logged, and some necessary checks omitted.
+	    status would be logged, and some necessary checks omitted.
 	
 
 version 2.73
-            Fix crash at startup when an empty suffix is supplied to
+	    Fix crash at startup when an empty suffix is supplied to
 	    --conf-dir, also trivial memory leak. Thanks to 
 	    Tomas Hozza for spotting this.
 
@@ -293,7 +293,7 @@ version 2.73
 	    reply. This is useful to defeat blocking strategies which
 	    rely on quickly supplying a forged answer to a DNS 
 	    request for certain domains, before the correct answer can
-            arrive. Thanks to Glen Huang for the patch.
+	    arrive. Thanks to Glen Huang for the patch.
 	
 	    Revisit the part of DNSSEC validation which determines if an 
 	    unsigned answer is legit, or is in some part of the DNS 
@@ -350,7 +350,7 @@ version 2.73
 	    memory to be read by an attacker under certain
 	    circumstances, so it has a CVE, CVE-2015-3294 
 
-            Fix crash in authoritative DNS code, if a .arpa zone 
+	    Fix crash in authoritative DNS code, if a .arpa zone 
 	    is declared as authoritative, and then a PTR query which
 	    is not to be treated as authoritative arrived. Normally, 
 	    directly declaring .arpa zone as authoritative is not 
@@ -365,7 +365,7 @@ version 2.73
 	    Previously we provided correct answers to PTR queries
 	    in such zones (including NS and SOA) but not direct
 	    NS and SOA queries. Thanks to Johnny S. Lee for 
- 	    pointing out the problem.
+	    pointing out the problem.
 
 	    Fix logging of DHCPREPLY which should be suppressed 
 	    by quiet-dhcp6. Thanks to J. Pablo Abonia for 
@@ -373,7 +373,7 @@ version 2.73
 
 	    Try and handle net connections with broken fragmentation 
 	    that lose large UDP packets. If a server times out, 
-            reduce the maximum UDP packet size field in the EDNS0
+	    reduce the maximum UDP packet size field in the EDNS0
 	    header to 1280 bytes. If it then answers, make that
 	    change permanent.
 
@@ -383,7 +383,7 @@ version 2.73
 	    Allow DHCPv4 options T1 and T2 to be set using --dhcp-option.
 	    Thanks to Kevin Benton for patches and work on this.
 
-            Fix code for DHCPCONFIRM DHCPv6 messages to confirm addresses
+	    Fix code for DHCPCONFIRM DHCPv6 messages to confirm addresses
 	    in the correct subnet, even of not in dynamic address 
 	    allocation range. Thanks to Steve Hirsch for spotting
 	    the problem.
@@ -399,7 +399,7 @@ version 2.73
 	
 	
 version 2.72
-            Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
+	    Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
 
 	    Add support for "ipsets" in *BSD, using pf. Thanks to 
 	    Sven Falempin for the patch.
@@ -431,19 +431,19 @@ version 2.72
 	    --conf-dir=/etc/dnsmasq.d,\*.conf
 	    will load all the files in /etc/dnsmasq.d which end in .conf
  
-            Fix bug when resulted in NXDOMAIN answers instead of NODATA in
-            some circumstances.
+	    Fix bug when resulted in NXDOMAIN answers instead of NODATA in
+	    some circumstances.
 
 	    Fix bug which caused dnsmasq to become unresponsive if it 
 	    failed to send packets due to a network interface disappearing.
 	    Thanks to Niels Peen for spotting this.
-	    	    
-            Fix problem with --local-service option on big-endian platforms
+		    
+	    Fix problem with --local-service option on big-endian platforms
 	    Thanks to Richard Genoud for the patch.
 
 	
 version 2.71
-            Subtle change to error handling to help DNSSEC validation 
+	    Subtle change to error handling to help DNSSEC validation 
 	    when servers fail to provide NODATA answers for 
 	    non-existent DS records.
 
@@ -461,7 +461,7 @@ version 2.71
 
 
 version 2.70
-            Fix crash, introduced in 2.69, on TCP request when dnsmasq
+	    Fix crash, introduced in 2.69, on TCP request when dnsmasq
 	    compiled with DNSSEC support, but running without DNSSEC
 	    enabled. Thanks to Manish Sing for spotting that one.
 
@@ -569,12 +569,12 @@ version 2.69
 	    full access to configuration. 
 
 	    Add --local-service. Accept DNS queries only from hosts 
-            whose address is on a local subnet, ie a subnet for which 
-            an interface exists on the server. This option
-            only has effect if there are no --interface --except-interface,
-            --listen-address or --auth-server options. It is intended 
-            to be set as a default on installation, to allow
-            unconfigured installations to be useful but also safe from 
+	    whose address is on a local subnet, ie a subnet for which 
+	    an interface exists on the server. This option
+	    only has effect if there are no --interface --except-interface,
+	    --listen-address or --auth-server options. It is intended 
+	    to be set as a default on installation, to allow
+	    unconfigured installations to be useful but also safe from 
 	    being used for DNS amplification attacks.
 
 	    Fix crashes in cache_get_cname_target() when dangling CNAMEs
@@ -590,9 +590,9 @@ version 2.69
 
 
 version 2.68
-            Use random addresses for DHCPv6 temporary address
-            allocations, instead of algorithmically determined stable
-            addresses.
+	    Use random addresses for DHCPv6 temporary address
+	    allocations, instead of algorithmically determined stable
+	    addresses.
 
 	    Fix bug which meant that the DHCPv6 DUID was not available
 	    in DHCP script runs during the lifetime of the dnsmasq
@@ -731,7 +731,7 @@ version 2.67
 
 	    Support RFC-4242 information-refresh-time options in the 
 	    reply to DHCPv6 information-request. The lease time of the
-            smallest valid dhcp-range is sent. Thanks to Uwe Schindler 
+	    smallest valid dhcp-range is sent. Thanks to Uwe Schindler 
 	    for suggesting this.
 
 	    Make --listen-address higher priority than --except-interface
@@ -772,7 +772,7 @@ version 2.67
 	    Fix problem in DHCPv6 vendorclass/userclass matching
 	    code. Thanks to Tanguy Bouzeloc for the patch.
 
- 	    Update Spanish translation. Thanks to Vicente Soriano.
+	    Update Spanish translation. Thanks to Vicente Soriano.
 
 	    Add --ra-param option. Thanks to Vladislav Grishenko for
 	    inspiration on this.
@@ -798,12 +798,12 @@ version 2.67
 
  
 version 2.66
-            Add the ability to act as an authoritative DNS
-            server. Dnsmasq can now answer queries from the wider 'net
-            with local data, as long as the correct NS records are set
-            up. Only local data is provided, to avoid creating an open
-            DNS relay. Zone transfer is supported, to allow secondary
-            servers to be configured.
+	    Add the ability to act as an authoritative DNS
+	    server. Dnsmasq can now answer queries from the wider 'net
+	    with local data, as long as the correct NS records are set
+	    up. Only local data is provided, to avoid creating an open
+	    DNS relay. Zone transfer is supported, to allow secondary
+	    servers to be configured.
 
 	    Add "constructed DHCP ranges" for DHCPv6. This is intended
 	    for IPv6 routers which get prefixes dynamically via prefix
@@ -830,12 +830,12 @@ version 2.66
 	    the local DNS server if dnsmasq is configured to not act
 	    as DNS server, or it's configured to a non-standard port.
  
-            Add DNSMASQ_CIRCUIT_ID, DNSMASQ_SUBSCRIBER_ID,
-            DNSMASQ_REMOTE_ID variables to the environment of the
-            lease-change script (and the corresponding Lua). These hold
-            information inserted into the DHCP request by a DHCP relay
-            agent. Thanks to Lakefield Communications for providing a
-            bounty for this addition.
+	    Add DNSMASQ_CIRCUIT_ID, DNSMASQ_SUBSCRIBER_ID,
+	    DNSMASQ_REMOTE_ID variables to the environment of the
+	    lease-change script (and the corresponding Lua). These hold
+	    information inserted into the DHCP request by a DHCP relay
+	    agent. Thanks to Lakefield Communications for providing a
+	    bounty for this addition.
  
 	    Fixed crash, introduced in 2.64, whilst handling DHCPv6
 	    information-requests with some common configurations.
@@ -877,9 +877,9 @@ version 2.65
 
 
 version 2.64
-            Handle DHCP FQDN options with all flag bits zero and
-            --dhcp-client-update set. Thanks to Bernd Krumbroeck for
-            spotting the problem.
+	    Handle DHCP FQDN options with all flag bits zero and
+	    --dhcp-client-update set. Thanks to Bernd Krumbroeck for
+	    spotting the problem.
 
 	    Finesse the check for /etc/hosts names which conflict with
 	    DHCP names. Previously a name/address pair in /etc/hosts
@@ -948,7 +948,7 @@ version 2.64
 	    
 
 version 2.63
-            Do duplicate dhcp-host address check in --test mode.
+	    Do duplicate dhcp-host address check in --test mode.
 
 	    Check that tftp-root directories are accessible before
 	    start-up. Thanks to Daniel Veillard for the initial patch.
@@ -978,7 +978,7 @@ version 2.63
 
 	    Allow the target of a --cname flag to be another --cname.
 
-            Teach DHCPv6 about the RFC 4242 information-refresh-time
+	    Teach DHCPv6 about the RFC 4242 information-refresh-time
 	    option, and add parsing if the minutes, hours and days
 	    format for options. Thanks to Francois-Xavier Le Bail for
 	    the suggestion.
@@ -999,7 +999,7 @@ version 2.63
 
 
 version 2.62
-            Update German translation. Thanks to Conrad Kostecki.
+	    Update German translation. Thanks to Conrad Kostecki.
 
 	    Cope with router-solict packets which don't have a valid 
 	    source address. Thanks to Vladislav Grishenko for the patch.
@@ -1030,7 +1030,7 @@ version 2.61
 
 	    Add ra-names, ra-stateless and slaac keywords for DHCPv6.
 	    Dnsmasq can now synthesise AAAA records for dual-stack 
-            hosts which get IPv6 addresses via SLAAC. It is also now 
+	    hosts which get IPv6 addresses via SLAAC. It is also now 
 	    possible to use SLAAC and stateless DHCPv6, and to 
 	    tell clients to use SLAAC addresses as well as DHCP ones.
 	    Thanks to Dave Taht for help with this.
@@ -1088,7 +1088,7 @@ version 2.61
 	    preferred lease time for both DHCP and RA to zero. The
 	    effect is that clients can continue to use the address 
 	    for existing connections, but new connections will use
-            other addresses, if they exist. This makes hitless
+	    other addresses, if they exist. This makes hitless
 	    renumbering at least possible.
 
 	    Fix bug in address6_available() which caused DHCPv6 lease
@@ -1130,8 +1130,8 @@ version 2.61
 	    
 
 version 2.60
-            Fix compilation problem in Mac OS X Lion. Thanks to Olaf
-            Flebbe for the patch.
+	    Fix compilation problem in Mac OS X Lion. Thanks to Olaf
+	    Flebbe for the patch.
 
 	    Fix DHCP when using --listen-address with an IP address
 	    which is not the primary address of an interface.
@@ -1173,7 +1173,7 @@ version 2.60
 
 	    Allow the TFP server or boot server in --pxe-service, to
 	    be a domain name instead of an IP address. This allows for
-	    round-robin	to multiple servers, in the same way as
+	    round-robin to multiple servers, in the same way as
 	    --dhcp-boot. A good suggestion from Cristiano Cumer.
 
 	    Support BUILDDIR variable in the Makefile. Allows builds 
@@ -1207,26 +1207,26 @@ version 2.60
 	    via an interface other than the expected one. Thanks to 
 	    Lorenzo Milesi and John Hanks for spotting this one.
  
-            Update French translation. Thanks to Gildas Le Nadan.
+	    Update French translation. Thanks to Gildas Le Nadan.
 
 	    Update Polish translation. Thanks to Jan Psota.
 
 
 version 2.59
-            Fix regression in 2.58 which caused failure to start up
-            with some combinations of dnsmasq config and IPv6 kernel
-            network config. Thanks to Brielle Bruns for the bug
-            report.
-
-            Improve dnsmasq's behaviour when network interfaces are
-            still doing duplicate address detection (DAD). Previously,
-            dnsmasq would wait up to 20 seconds at start-up for the
-            DAD state to terminate. This is broken for bridge
-            interfaces on recent Linux kernels, which don't start DAD
-            until the bridge comes up, and so can take arbitrary
-            time. The new behaviour lets dnsmasq poll for an arbitrary
-            time whilst providing service on other interfaces. Thanks
-            to Stephen Hemminger for pointing out the problem.
+	    Fix regression in 2.58 which caused failure to start up
+	    with some combinations of dnsmasq config and IPv6 kernel
+	    network config. Thanks to Brielle Bruns for the bug
+	    report.
+
+	    Improve dnsmasq's behaviour when network interfaces are
+	    still doing duplicate address detection (DAD). Previously,
+	    dnsmasq would wait up to 20 seconds at start-up for the
+	    DAD state to terminate. This is broken for bridge
+	    interfaces on recent Linux kernels, which don't start DAD
+	    until the bridge comes up, and so can take arbitrary
+	    time. The new behaviour lets dnsmasq poll for an arbitrary
+	    time whilst providing service on other interfaces. Thanks
+	    to Stephen Hemminger for pointing out the problem.
 
 
 version 2.58
@@ -1296,7 +1296,7 @@ version 2.58
 	    --dhcp-option=tag:interface1,option:nis-domain,"domain1" 
 	    --dhcp-option=tag:myhost,option:nis-domain,"domain2" 
 	    will set the NIS-domain to domain1 for hosts in the range, but
-       	    override that to domain2 for a particular host.
+	    override that to domain2 for a particular host.
 
 	    Fix bug which resulted in truncated files and timeouts for
 	    some TFTP transfers. The bug only occurs with netascii
@@ -1338,9 +1338,9 @@ version 2.57
 	    spotting this.
 
 	    Allow build with IDN support independently from i18n. 
-            IDN support continues to be included automatically 
+	    IDN support continues to be included automatically 
 	    when i18n is included. 
-            'make COPTS=-DHAVE_IDN' is the magic incantation. 
+	    'make COPTS=-DHAVE_IDN' is the magic incantation. 
 
 	    Modify check on extraneous command line junk (added in
 	    2.56) so that it doesn't complain about extra _empty_ 
@@ -1348,8 +1348,8 @@ version 2.57
 
 
 version 2.56
-            Add a patch to allow dnsmasq to get interface names right in a
-            Solaris zone. Thanks to Dj Padzensky for this.
+	    Add a patch to allow dnsmasq to get interface names right in a
+	    Solaris zone. Thanks to Dj Padzensky for this.
 
 	    Improve data-type parsing heuristics so that
 	    --dhcp-option=option:domain-search,. 
@@ -1363,9 +1363,9 @@ version 2.56
 	    LOG_DEBUG. This makes things consistent with DHCP
 	    logging. Thanks to Adam Pribyl for spotting the problem.
 
-            Ensure that dnsmasq terminates cleanly when using
-            --syslog-async even if it cannot make a connection to the
-            syslogd.
+	    Ensure that dnsmasq terminates cleanly when using
+	    --syslog-async even if it cannot make a connection to the
+	    syslogd.
 
 	    Add --add-mac option. This is to support currently 
 	    experimental DNS filtering facilities. Thanks to Benjamin
@@ -1376,7 +1376,7 @@ version 2.56
 	    Cristiano Cumer for spotting this.
 
 	    Raise an error if there is extra junk, not part of an
- 	    option, on the command line.
+	    option, on the command line.
 
 	    Flag a couple of log messages in cache.c as coming from
 	    the DHCP subsystem. Thanks to Olaf Westrik for the patch.
@@ -1400,7 +1400,7 @@ version 2.56
 
 	    A good suggestion from Ferenc Wagner: extend
 	    the --domain option to allow this sort of thing:
-            --domain=thekelleys.org.uk,192.168.0.0/24,local
+	    --domain=thekelleys.org.uk,192.168.0.0/24,local
 	    which automatically creates
 	    --local=/thekelleys.org.uk/
 	    --local=/0.168.192.in-addr.arpa/ 
@@ -1431,7 +1431,7 @@ version 2.56
 
 	    Rotate the order of SRV records in replies, to provide
 	    round-robin load balancing when all the priorities are
-	    equal. Thanks to Peter McKinney for the suggestion.	
+	    equal. Thanks to Peter McKinney for the suggestion. 
 
 	    Edit
 	    contrib/MacOSX-launchd/uk.org.thekelleys.dnsmasq.plist 
@@ -1466,13 +1466,13 @@ version 2.56
 	    request meant for another DHCP server. NAKing this is
 	    wrong. Thanks to Brad D'Hondt for assistance with this.
 
-            Fix cosmetic bug which produced strange output when
-            dumping cache statistics with some configurations. Thanks
-            to Fedor Kozhevnikov for spotting this.
+	    Fix cosmetic bug which produced strange output when
+	    dumping cache statistics with some configurations. Thanks
+	    to Fedor Kozhevnikov for spotting this.
 
 
 version 2.55
-            Fix crash when /etc/ethers is in use. Thanks to 
+	    Fix crash when /etc/ethers is in use. Thanks to 
 	    Gianluigi Tiesi for finding this.
 
 	    Fix crash in netlink_multicast(). Thanks to Arno Wald for
@@ -1483,12 +1483,12 @@ version 2.55
 
 
 version 2.54
-            There is no version 2.54 to avoid confusion with 2.53,
-            which incorrectly identifies itself as 2.54.
+	    There is no version 2.54 to avoid confusion with 2.53,
+	    which incorrectly identifies itself as 2.54.
 
 
 version 2.53
-            Fix failure to compile on Debian/kFreeBSD. Thanks to 
+	    Fix failure to compile on Debian/kFreeBSD. Thanks to 
 	    Axel Beckert and Petr Salinger.
 
 	    Fix code to avoid scary strict-aliasing warnings
@@ -1543,13 +1543,13 @@ version 2.53
 	    Added interface:<iface name> part to dhcp-range. The
 	    semantics of this are very odd at first sight, but it
 	    allows a single line  of the form
-	        dhcp-range=interface:virt0,192.168.0.4,192.168.0.200
+		dhcp-range=interface:virt0,192.168.0.4,192.168.0.200
 	    to be added to dnsmasq configuration which then supplies
 	    DHCP and DNS services to that interface, without affecting
 	    what services are supplied to other interfaces and 
 	    irrespective of the existence or lack of 
-                interface=<interface> 
-            lines elsewhere in the dnsmasq configuration. The idea is
+		interface=<interface> 
+	    lines elsewhere in the dnsmasq configuration. The idea is
 	    that such a line can be added automatically by libvirt
 	    or equivalent systems, without disturbing any manual
 	    configuration.
@@ -1557,12 +1557,12 @@ version 2.53
 	    Similarly to the above, allow --enable-tftp=<interface>
 
 	    Allow a TFTP root to be set separately for requests via
-	    different interfaces, --tftp-root=<path>,<interface>	     
+	    different interfaces, --tftp-root=<path>,<interface>             
 
 	    Correctly handle and log clashes between CNAMES and 
 	    DNS names being given to DHCP leases. This fixes a bug 
 	    which caused nonsense IP addresses to be logged. Thanks to 
-            Sergei Zhirikov for finding and analysing the problem.
+	    Sergei Zhirikov for finding and analysing the problem.
 
 	    Tweak flush_log so as to avoid leaving the log
 	    file in non-blocking mode. O_NONBLOCK is a property of the
@@ -1601,14 +1601,14 @@ version 2.53
 	    then adding  --bridge-interface=eth0:dhcp,eth0 will use 
 	    the address of eth0:dhcp to determine the correct subnet 
 	    for DHCP address allocation. Thanks to Pawel Golaszewski 
-            for prompting this and Eric Cooper for further testing.
+	    for prompting this and Eric Cooper for further testing.
 
 	    Add --dhcp-generate-names. Suggestion by Ferenc Wagner.
 
 	    Tweak DNS server selection algorithm when there is more
 	    than one server available for a domain, eg.
-            --server=/mydomain/1.1.1.1
-            --server=/mydomain/2.2.2.2
+	    --server=/mydomain/1.1.1.1
+	    --server=/mydomain/2.2.2.2
 	    Thanks to Alberto Cuesta-Canada for spotting a weakness
 	    here.
 
@@ -1623,7 +1623,7 @@ version 2.53
 	    long time, but it should be accepted for backward
 	    compatibility. Thanks to Andrew Burcin for spotting this.
     
-            Add --rebind-domain-ok and --rebind-localhost-ok.
+	    Add --rebind-domain-ok and --rebind-localhost-ok.
 	    Suggestion from Clemens Fischer.
 
 	    Log replies to queries of type TXT, when --log-queries 
@@ -1632,7 +1632,7 @@ version 2.53
 	    Fix compiler warnings when compiled with -DNO_DHCP. Thanks
 	    to Shantanu Gadgil for the patch.
 
-            Updated French translation. Thanks to Gildas Le Nadan.
+	    Updated French translation. Thanks to Gildas Le Nadan.
 
 	    Updated Polish translation. Thanks to Jan Psota.
 
@@ -1644,14 +1644,14 @@ version 2.53
 	    overrides one supplied by a DHCP client. Thanks to Fedor
 	    Kozhevnikov for spotting the problem.
 
-            Updated Spanish translation. Thanks to Chris Chatham.
+	    Updated Spanish translation. Thanks to Chris Chatham.
 
 
 version 2.52
-            Work around a Linux kernel bug which insists that the 
+	    Work around a Linux kernel bug which insists that the 
 	    length of the option passed to setsockopt must be at least
-            sizeof(int) bytes, even if we're calling SO_BINDTODEVICE
-            and the device name is "lo".  Note that this is fixed 
+	    sizeof(int) bytes, even if we're calling SO_BINDTODEVICE
+	    and the device name is "lo".  Note that this is fixed 
 	    in kernel 2.6.31, but the workaround is harmless and 
 	    allows earlier kernels to be used. Also fix dnsmasq 
 	    bug which reported the wrong address when this failed. 
@@ -1694,14 +1694,14 @@ version 2.52
 
 	    Added extract packaging stuff from Lee Essen to 
 	    contrib/Solaris10.
-          
-            Increased the default limit on number of leases to 1000
-            (from 150). This is mainly a defence against DoS attacks,
-            and for the average "one for two class C networks"
-            installation, IP address exhaustion does that just as
-            well. Making the limit greater than the number of IP
-            addresses available in such an installation removes a
-            surprise which otherwise can catch people out.
+	  
+	    Increased the default limit on number of leases to 1000
+	    (from 150). This is mainly a defence against DoS attacks,
+	    and for the average "one for two class C networks"
+	    installation, IP address exhaustion does that just as
+	    well. Making the limit greater than the number of IP
+	    addresses available in such an installation removes a
+	    surprise which otherwise can catch people out.
 
 	    Removed extraneous trailing space in the value of the
 	    DNSMASQ_TIME_REMAINING DNSMASQ_LEASE_LENGTH and
@@ -1744,9 +1744,9 @@ version 2.52
 	    Fix link error when including Dbus but excluding DHCP. 
 	    Thanks to Oschtan for the bug report.
 
-            Updated French translation. Thanks to Gildas Le Nadan.
+	    Updated French translation. Thanks to Gildas Le Nadan.
  
-            Updated Polish translation. Thanks to Jan Psota.
+	    Updated Polish translation. Thanks to Jan Psota.
 
 	    Updated Spanish translation. Thanks to Chris Chatham.
 
@@ -1757,30 +1757,30 @@ version 2.52
 
 	    
 version 2.51
-            Add support for internationalised DNS. Non-ASCII characters
-            in domain names found in /etc/hosts, /etc/ethers and 
+	    Add support for internationalised DNS. Non-ASCII characters
+	    in domain names found in /etc/hosts, /etc/ethers and 
 	    /etc/dnsmasq.conf will be correctly handled by translation to
-            punycode, as specified in RFC3490. This function is only
-            available if dnsmasq is compiled with internationalisation
-            support, and adds a dependency on GNU libidn. Without i18n
-            support, dnsmasq continues to be compilable with just
-            standard tools. Thanks to Yves Dorfsman for the
-            suggestion. 
-
-            Add two more environment variables for lease-change scripts:
+	    punycode, as specified in RFC3490. This function is only
+	    available if dnsmasq is compiled with internationalisation
+	    support, and adds a dependency on GNU libidn. Without i18n
+	    support, dnsmasq continues to be compilable with just
+	    standard tools. Thanks to Yves Dorfsman for the
+	    suggestion. 
+
+	    Add two more environment variables for lease-change scripts:
 	    First, DNSMASQ_SUPPLIED_HOSTNAME; this is set to the hostname
 	    supplied by a client, even if the actual hostname used is
 	    over-ridden by dhcp-host or dhcp-ignore-names directives.
 	    Also DNSMASQ_RELAY_ADDRESS which gives the address of 
-            a DHCP relay, if used.
+	    a DHCP relay, if used.
 	    Suggestions from Michael Rack.
 
 	    Fix regression which broke echo of relay-agent
 	    options. Thanks to Michael Rack for spotting this.
-          
-            Don't treat option 67 as being interchangeable with
-            dhcp-boot parameters if it's specified as
-            dhcp-option-force.
+	  
+	    Don't treat option 67 as being interchangeable with
+	    dhcp-boot parameters if it's specified as
+	    dhcp-option-force.
 
 	    Make the code to call scripts on lease-change compile-time
 	    optional. It can be switched off by editing src/config.h
@@ -1807,16 +1807,16 @@ version 2.51
 	    dhcp-optsfile.
 
 	    Test which upstream nameserver to use every 10 seconds
-            or 50 queries and not just when a query times out and 
-            is retried. This should improve performance when there
-            is a slow nameserver in the list. Thanks to Joe for the
-            suggestion. 
+	    or 50 queries and not just when a query times out and 
+	    is retried. This should improve performance when there
+	    is a slow nameserver in the list. Thanks to Joe for the
+	    suggestion. 
 
 	    Don't do any PXE processing, even for clients with the 
 	    correct vendorclass, unless at least one pxe-prompt or 
-            pxe-service option is given. This stops dnsmasq 
-            interfering with proxy PXE subsystems when it is just 
-            the DHCP server. Thanks to Spencer Clark for spotting this.
+	    pxe-service option is given. This stops dnsmasq 
+	    interfering with proxy PXE subsystems when it is just 
+	    the DHCP server. Thanks to Spencer Clark for spotting this.
 
 	    Limit the blocksize used for TFTP transfers to a value
 	    which avoids packet fragmentation, based on the MTU of the
@@ -1826,27 +1826,27 @@ version 2.51
 	    Honour dhcp-ignore configuration for PXE and proxy-PXE 
 	    requests. Thanks to Niels Basjes for the bug report.
 
-            Updated French translation. Thanks to Gildas Le Nadan.
+	    Updated French translation. Thanks to Gildas Le Nadan.
 
 
 version 2.50
 	    Fix security problem which allowed any host permitted to 
-            do TFTP to possibly compromise dnsmasq by remote buffer 
-            overflow when TFTP enabled. Thanks to Core Security 
+	    do TFTP to possibly compromise dnsmasq by remote buffer 
+	    overflow when TFTP enabled. Thanks to Core Security 
 	    Technologies and Iván Arce, Pablo Hernán Jorge, Alejandro 
 	    Pablo Rodriguez, Martín Coco, Alberto Soliño Testa and
 	    Pablo Annetta. This problem has Bugtraq id: 36121 
-            and CVE: 2009-2957
+	    and CVE: 2009-2957
 
-            Fix a problem which allowed a malicious TFTP client to 
-            crash dnsmasq. Thanks to Steve Grubb at Red Hat for 
-            spotting this. This problem has Bugtraq id: 36120 and 
-            CVE: 2009-2958
+	    Fix a problem which allowed a malicious TFTP client to 
+	    crash dnsmasq. Thanks to Steve Grubb at Red Hat for 
+	    spotting this. This problem has Bugtraq id: 36120 and 
+	    CVE: 2009-2958
 
 
 version 2.49
-            Fix regression in 2.48 which disables the lease-change
-            script. Thanks to Jose Luis Duran for spotting this.
+	    Fix regression in 2.48 which disables the lease-change
+	    script. Thanks to Jose Luis Duran for spotting this.
 
 	    Log TFTP "file not found" errors. These were not logged,
 	    since a normal PXELinux boot generates many of them, but
@@ -1857,9 +1857,9 @@ version 2.49
  
 
 version 2.48
-            Archived the extensive, backwards, changelog to
-            CHANGELOG.archive. The current changelog now runs from
-            version 2.43 and runs conventionally.
+	    Archived the extensive, backwards, changelog to
+	    CHANGELOG.archive. The current changelog now runs from
+	    version 2.43 and runs conventionally.
 
 	    Fixed bug which broke binding of servers to physical
 	    interfaces when interface names were longer than four
@@ -1872,7 +1872,7 @@ version 2.48
 	    Maintainability drive: removed bug and missing feature
 	    workarounds for some old platforms. Solaris 9, OpenBSD
 	    older than 4.1, Glibc older than 2.2, Linux 2.2.x and 
-            DBus older than 1.1.x are no longer supported. 
+	    DBus older than 1.1.x are no longer supported. 
 
 	    Don't read included configuration files more than once:
 	    allows complex configuration structures without problems.
@@ -1892,15 +1892,15 @@ version 2.48
 
 	    Support --bridge-interface on all platforms, not just BSD.
  
-            Added support for advanced PXE functions. It's now
-            possible to define a prompt and menu options which will
-            be displayed when a client PXE boots. It's also possible to
-            hand-off booting to other boot servers. Proxy-DHCP, where
-            dnsmasq just supplies the PXE information and another DHCP
-            server does address allocation, is also allowed. See the
-            --pxe-prompt and --pxe-service keywords. Thanks to 
+	    Added support for advanced PXE functions. It's now
+	    possible to define a prompt and menu options which will
+	    be displayed when a client PXE boots. It's also possible to
+	    hand-off booting to other boot servers. Proxy-DHCP, where
+	    dnsmasq just supplies the PXE information and another DHCP
+	    server does address allocation, is also allowed. See the
+	    --pxe-prompt and --pxe-service keywords. Thanks to 
 	    Alkis Georgopoulos for the suggestion and Guilherme Moro
-            and Michael Brown for assistance.
+	    and Michael Brown for assistance.
 
 	    Improvements to DHCP logging. Thanks to Tom Metro for
 	    useful suggestions.
@@ -1912,7 +1912,7 @@ version 2.48
 	    Added --test command-line switch - syntax check
 	    configuration files only.
  
-            Updated French translation. Thanks to Gildas Le Nadan.
+	    Updated French translation. Thanks to Gildas Le Nadan.
 
 
 version 2.47
@@ -1925,32 +1925,32 @@ version 2.47
 	    file on NetBSD as the other *BSD variants. Also allow
 	    LEASEFILE and CONFFILE symbols to be overridden in CFLAGS.  
 
-            Handle duplicate address detection on IPv6 more
-            intelligently. In IPv6, an interface can have an address
-            which is not usable, because it is still undergoing DAD
-            (such addresses are marked "tentative"). Attempting to
-            bind to an address in this state returns an error,
-            EADDRNOTAVAIL. Previously, on getting such an error,
-            dnsmasq would silently abandon the address, and never
-            listen on it. Now, it retries once per second for 20
-            seconds before generating a fatal error. 20 seconds should
-            be long enough for any DAD process to complete, but can be
-            adjusted in src/config.h if necessary. Thanks to Martin
-            Krafft for the bug report.
+	    Handle duplicate address detection on IPv6 more
+	    intelligently. In IPv6, an interface can have an address
+	    which is not usable, because it is still undergoing DAD
+	    (such addresses are marked "tentative"). Attempting to
+	    bind to an address in this state returns an error,
+	    EADDRNOTAVAIL. Previously, on getting such an error,
+	    dnsmasq would silently abandon the address, and never
+	    listen on it. Now, it retries once per second for 20
+	    seconds before generating a fatal error. 20 seconds should
+	    be long enough for any DAD process to complete, but can be
+	    adjusted in src/config.h if necessary. Thanks to Martin
+	    Krafft for the bug report.
 
 	    Add DBus introspection. Patch from Jeremy Laine.
 
 	    Update Dbus configuration file. Patch from Colin Walters.
 	    Fix for this bug:
-            http://bugs.freedesktop.org/show_bug.cgi?id=18961
+	    http://bugs.freedesktop.org/show_bug.cgi?id=18961
 
 	    Support arbitrarily encapsulated DHCP options, suggestion
 	    and initial patch from Samium Gromoff. This is useful for
 	    (eg) gPXE, which expect all its private options to be
 	    encapsulated inside a single option 175. So, eg, 
 
-            dhcp-option = encap:175, 190, "iscsi-client0"
-            dhcp-option = encap:175, 191, "iscsi-client0-secret"
+	    dhcp-option = encap:175, 190, "iscsi-client0"
+	    dhcp-option = encap:175, 191, "iscsi-client0-secret"
 	    
 	    will provide iSCSI parameters to gPXE.
 
@@ -2018,13 +2018,13 @@ version 2.46
 	    long-standing request. Clients are assigned to a domain
 	    based in their IP address.  
 
-            Add --dhcp-fqdn flag, which changes behaviour if DNS names
-            assigned to DHCP clients. When this is set, there must be
-            a domain associated with each client, and only
-            fully-qualified domain names are added to the DNS. The
-            advantage is that the only the FQDN needs to be unique,
-            so that two or more DHCP clients can share a hostname, as
-            long as they are in different domains.
+	    Add --dhcp-fqdn flag, which changes behaviour if DNS names
+	    assigned to DHCP clients. When this is set, there must be
+	    a domain associated with each client, and only
+	    fully-qualified domain names are added to the DNS. The
+	    advantage is that the only the FQDN needs to be unique,
+	    so that two or more DHCP clients can share a hostname, as
+	    long as they are in different domains.
 
 	    Set environment variable DNSMASQ_DOMAIN when invoking
 	    lease-change script. This may be useful information to
@@ -2059,7 +2059,7 @@ version 2.46
 	    asks for an address. This is useful to give a fixed
 	    address to a host which has two network interfaces
 	    (say, a laptop with wired and wireless interfaces.) 
-            It's very important to ensure that only one interface 
+	    It's very important to ensure that only one interface 
 	    at a time is up, since dnsmasq abandons the first lease 
 	    and re-uses the address before the leased time has
 	    elapsed. John Gray suggested this.
@@ -2089,23 +2089,23 @@ version 2.46
 
 
 version 2.45
-            Fix total DNS failure in release 2.44 unless --min-port 
-            specified. Thanks to Steven Barth and Grant Coady for
-            bugreport. Also reject out-of-range port spec, which could
-            break things too: suggestion from Gilles Espinasse.
+	    Fix total DNS failure in release 2.44 unless --min-port 
+	    specified. Thanks to Steven Barth and Grant Coady for
+	    bugreport. Also reject out-of-range port spec, which could
+	    break things too: suggestion from Gilles Espinasse.
 	    
 
 version 2.44
-            Fix  crash when unknown client attempts to renew a DHCP
-            lease, problem introduced in version 2.43. Thanks to
-            Carlos Carvalho for help chasing this down.
+	    Fix  crash when unknown client attempts to renew a DHCP
+	    lease, problem introduced in version 2.43. Thanks to
+	    Carlos Carvalho for help chasing this down.
 
 	    Fix potential crash when a host which doesn't have a lease
 	    does DHCPINFORM. Again introduced in 2.43. This bug has
 	    never been reported in the wild.
 
-            Fix crash in netlink code introduced in 2.43. Thanks to
-            Jean Wolter for finding this.
+	    Fix crash in netlink code introduced in 2.43. Thanks to
+	    Jean Wolter for finding this.
 
 	    Change implementation of min_port to work even if min-port
 	    is large.
@@ -2151,10 +2151,10 @@ version 2.43
 	    Improve error checking during startup. Previously, some
 	    errors which occurred during startup would be worked
 	    around, with dnsmasq still starting up. Some were logged,
-            some silent. Now, they all cause a fatal error and dnsmasq 
-            terminates with a non-zero exit code. The errors are those
-            associated with changing uid and gid, setting process 
-            capabilities and writing the pidfile. Thanks to Uwe
+	    some silent. Now, they all cause a fatal error and dnsmasq 
+	    terminates with a non-zero exit code. The errors are those
+	    associated with changing uid and gid, setting process 
+	    capabilities and writing the pidfile. Thanks to Uwe
 	    Gansert and the Suse security team for pointing out 
 	    this improvement, and Bill Reimers for good implementation
 	    suggestions.
@@ -2163,16 +2163,16 @@ version 2.43
 	    support when compiling against versions of uclibc which
 	    don't support it. Thanks to Stephane Billiart for the patch.
   
-            Implement random source ports for interactions with
-            upstream nameservers. New spoofing attacks have been found
-            against nameservers which do not do this, though it is not
-            clear if dnsmasq is vulnerable, since to doesn't implement
-            recursion. By default dnsmasq will now use a different
-            source port (and socket) for each query it sends
-            upstream. This behaviour can suppressed using the
-            --query-port option, and the old default behaviour
-            restored using --query-port=0. Explicit source-port
-            specifications in --server configs are still honoured.
+	    Implement random source ports for interactions with
+	    upstream nameservers. New spoofing attacks have been found
+	    against nameservers which do not do this, though it is not
+	    clear if dnsmasq is vulnerable, since to doesn't implement
+	    recursion. By default dnsmasq will now use a different
+	    source port (and socket) for each query it sends
+	    upstream. This behaviour can suppressed using the
+	    --query-port option, and the old default behaviour
+	    restored using --query-port=0. Explicit source-port
+	    specifications in --server configs are still honoured.
 
 	    Replace the random number generator, for better
 	    security. On most BSD systems, dnsmasq uses the
@@ -2192,5 +2192,5 @@ version 2.43
 
 
 version 2.42
-            The changelog for version 2.42 and earlier is 
-            available in CHANGELOG.archive.
+	    The changelog for version 2.42 and earlier is 
+	    available in CHANGELOG.archive.