diff options
author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2021-07-21 16:57:50 +0000 |
---|---|---|
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2021-07-21 16:57:50 +0000 |
commit | 9648b21c436dba085f0f8e74f5af4158a4a0d6f5 (patch) | |
tree | 56b00657a3c50d727f830c860a08d620071e1def | |
parent | 06905799e1b1ba9c6c290bf10dc6b79fd94649cd (diff) | |
parent | 44e33ae911658185244572e5fb55cc58410dec88 (diff) | |
download | dnsmasq-android12-mainline-sdkext-release.tar.gz |
Snap for 7570015 from 44e33ae911658185244572e5fb55cc58410dec88 to mainline-sdkext-releaseandroid-mainline-12.0.0_r81android-mainline-12.0.0_r37android-mainline-12.0.0_r17android-mainline-12.0.0_r109aml_sdk_311710000android12-mainline-sdkext-release
Change-Id: I074e2d88432a21a3bb9289f6bad371b00a364d7b
-rw-r--r-- | METADATA | 3 | ||||
-rw-r--r-- | src/Android.bp | 34 | ||||
-rw-r--r-- | src/config.h | 2 | ||||
-rw-r--r-- | src/dnsmasq.c | 6 | ||||
-rw-r--r-- | src/helper.c | 4 | ||||
-rw-r--r-- | src/log.c | 2 | ||||
-rw-r--r-- | src/network.c | 17 | ||||
-rw-r--r-- | src/util.c | 4 |
8 files changed, 59 insertions, 13 deletions
diff --git a/METADATA b/METADATA new file mode 100644 index 0000000..6d8601b --- /dev/null +++ b/METADATA @@ -0,0 +1,3 @@ +third_party { + license_type: RESTRICTED +} diff --git a/src/Android.bp b/src/Android.bp index c764039..052e3e6 100644 --- a/src/Android.bp +++ b/src/Android.bp @@ -1,3 +1,37 @@ +package { + default_applicable_licenses: ["external_dnsmasq_src_license"], +} + +// Added automatically by a large-scale-change that took the approach of +// 'apply every license found to every target'. While this makes sure we respect +// every license restriction, it may not be entirely correct. +// +// e.g. GPL in an MIT project might only apply to the contrib/ directory. +// +// Please consider splitting the single license below into multiple licenses, +// taking care not to lose any license_kind information, and overriding the +// default license using the 'licenses: [...]' property on targets as needed. +// +// For unused files, consider creating a 'fileGroup' with "//visibility:private" +// to attach the license to, and including a comment whether the files may be +// used in the current project. +// See: http://go/android-license-faq +license { + name: "external_dnsmasq_src_license", + visibility: [":__subpackages__"], + license_kinds: [ + "SPDX-license-identifier-BSD", + "SPDX-license-identifier-GPL", + "SPDX-license-identifier-GPL-2.0", + "SPDX-license-identifier-LGPL", + "SPDX-license-identifier-MIT", + "legacy_unencumbered", + ], + license_text: [ + "NOTICE", + ], +} + cc_binary { name: "dnsmasq", srcs: [ diff --git a/src/config.h b/src/config.h index 05d74ae..14b5c98 100644 --- a/src/config.h +++ b/src/config.h @@ -69,7 +69,7 @@ #define DHCP_CLIENT_ALTPORT 1068 #define LOG_MAX 5 /* log-queue length */ #define RANDFILE "/dev/urandom" -#define DAD_WAIT 20 /* retry binding IPv6 sockets for this long */ +#define DAD_WAIT 1 /* retry binding IPv6 sockets for this long */ /* A small collection of RR-types which are missing on some platforms */ diff --git a/src/dnsmasq.c b/src/dnsmasq.c index 27ad864..46d15ee 100644 --- a/src/dnsmasq.c +++ b/src/dnsmasq.c @@ -350,10 +350,10 @@ int main(int argc, char** argv) { if (!(daemon->options & OPT_DEBUG) && getuid() == 0) { int bad_capabilities = 0; - gid_t dummy; + gid_t unused; /* remove all supplimentary groups */ - if (gp && (setgroups(0, &dummy) == -1 || setgid(gp->gr_gid) == -1)) { + if (gp && (setgroups(0, &unused) == -1 || setgid(gp->gr_gid) == -1)) { send_event(err_pipe[1], EVENT_GROUP_ERR, errno); _exit(0); } @@ -571,7 +571,7 @@ static void sig_handler(int sig) { /* alarm is used to kill TCP children after a fixed time. */ if (sig == SIGALRM) _exit(0); } else { - /* master process */ + /* main process */ const int errsave = errno; int event; diff --git a/src/helper.c b/src/helper.c index eb6614a..3e414b2 100644 --- a/src/helper.c +++ b/src/helper.c @@ -75,8 +75,8 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) { sigaction(SIGALRM, &sigact, NULL); if (!(daemon->options & OPT_DEBUG) && uid != 0) { - gid_t dummy; - if (setgroups(0, &dummy) == -1 || setgid(gid) == -1 || setuid(uid) == -1) { + gid_t unused; + if (setgroups(0, &unused) == -1 || setgid(gid) == -1 || setuid(uid) == -1) { if (daemon->options & OPT_NO_FORK) /* send error to daemon process if no-fork */ send_event(event_fd, EVENT_HUSER_ERR, errno); else { @@ -104,7 +104,7 @@ int log_reopen(char* log_file) { return log_fd != -1; } else #if defined(__ANDROID__) -#define _PATH_LOG "" /* dummy */ +#define _PATH_LOG "" /* unused */ log_fd = -1; #else { diff --git a/src/network.c b/src/network.c index 98b4f68..1bc3c21 100644 --- a/src/network.c +++ b/src/network.c @@ -180,7 +180,7 @@ static int iface_allowed(struct irec** irecp, int if_index, union mysockaddr* ad #ifdef HAVE_IPV6 static int iface_allowed_v6(struct in6_addr* local, int scope, int if_index, void* vparam) { union mysockaddr addr; - struct in_addr netmask; /* dummy */ + struct in_addr netmask; /* unused */ netmask.s_addr = 0; @@ -360,7 +360,6 @@ void create_bound_listener(struct listener** listeners, struct irec* iface) { new->next = *listeners; new->tcpfd = -1; new->fd = -1; - *listeners = new; if (daemon->port != 0) { if ((new->tcpfd = socket(iface->addr.sa.sa_family, SOCK_STREAM, 0)) == -1 || @@ -378,12 +377,17 @@ void create_bound_listener(struct listener** listeners, struct irec* iface) { } #endif + /* Unless the IPv6 address is added with IFA_F_NODAD, bind() can fail even if DAD + is disabled on the interface. This is because without IFA_F_NODAD the IPv6 + address creation call moves the IPv6 address to tentative. A timer will + fire to immediately remove the tentative flag, but this is not sufficient to + avoid a race condition (see comments in tun_interface.cpp and iproute.py). */ while (1) { if ((rc = bind(new->fd, &iface->addr.sa, sa_len(&iface->addr))) != -1) break; #ifdef HAVE_IPV6 /* An interface may have an IPv6 address which is still undergoing DAD. - If so, the bind will fail until the DAD completes, so we try over 20 seconds + If so, the bind will fail until the DAD completes, so we try again before failing. */ /* TODO: What to do here? 20 seconds is way too long. We use optimistic addresses, so bind() will only fail if the address has already failed DAD, in which case retrying @@ -399,7 +403,11 @@ void create_bound_listener(struct listener** listeners, struct irec* iface) { if (rc == -1 || bind(new->tcpfd, &iface->addr.sa, sa_len(&iface->addr)) == -1) { prettyprint_addr(&iface->addr, daemon->namebuff); - die(_("failed to bind listening socket for %s: %s"), daemon->namebuff, EC_BADNET); + close(new->fd); + close(new->tcpfd); + free(new); + syslog(LOG_ERR, _("failed to bind listening socket for %s"), daemon->namebuff); + return; } uint32_t mark = daemon->listen_mark; @@ -409,6 +417,7 @@ void create_bound_listener(struct listener** listeners, struct irec* iface) { if (listen(new->tcpfd, 5) == -1) die(_("failed to listen on socket: %s"), NULL, EC_BADNET); } + *listeners = new; } /** @@ -273,12 +273,12 @@ int hostname_isequal(char* a, char* b) { time_t dnsmasq_time(void) { #ifdef HAVE_BROKEN_RTC - struct tms dummy; + struct tms unused; static long tps = 0; if (tps == 0) tps = sysconf(_SC_CLK_TCK); - return (time_t)(times(&dummy) / tps); + return (time_t)(times(&unused) / tps); #else return time(NULL); #endif |