Update polish translation.

Fixed call to sendto() in dhcp6.c. How did it every work before?

.new

@@ -1 +0,0 @@
-shlibs:Depends=libc6 (>= 2.1)

CHANGELOG

@@ -1,3 +1,103 @@
+version 2.60
+            Fix compilation problem in Mac OS X Lion. Thanks to Olaf
+            Flebbe for the patch.
+
+	    Fix DHCP when using --listen-address with an IP address
+	    which is not the primary address of an interface.
+
+	    Add --dhcp-client-update option.
+
+	    Add Lua integration. Dnsmasq can now execute a DHCP
+	    lease-change script written in Lua. This needs to be
+	    enabled at compile time by setting HAVE_LUASCRIPT in 
+	    src/config.h or running "make COPTS=-DHAVE_LUASCRIPT"
+	    Thanks to Jan-Piet Mens for the idea and proof-of-concept 
+	    implementation.
+	    
+	    Tidied src/config.h to distinguish between
+	    platform-dependent compile-time options which are selected
+	    automatically, and builder-selectable compile time
+	    options. Document the latter better, and describe how to
+	    set them from the make command line.
+
+	    Tidied up IPPROTO_IP/SOL_IP (and IPv6 equivalent)
+	    confusion. IPPROTO_IP works everywhere now.
+	    
+	    Set TOS on DHCP sockets, this improves things on busy
+	    wireless networks. Thanks to Dave Taht for the patch.
+
+	    Determine VERSION automatically based on git magic:
+	    release tags or hash values.
+
+	    Improve start-up speed when reading large hosts files 
+	    containing many distinct addresses.
+
+	    Fix problem if dnsmasq is started without the stdin,
+	    stdout and stderr file descriptors open. This can manifest
+	    itself as 100% CPU use. Thanks to Chris Moore for finding
+	    this.
+
+	    Fix shell-scripting bug in bld/pkg-wrapper. Thanks to 
+	    Mark Mitchell for the patch.
+
+	    Allow the TFP server or boot server in --pxe-service, to
+	    be a domain name instead of an IP address. This allows for
+	    round-robin	to multiple servers, in the same way as
+	    --dhcp-boot. A good suggestion from Cristiano Cumer.
+
+	    Support BUILDDIR variable in the Makefile. Allows builds 
+	    for multiple archs from the same source tree with eg.
+	    make BUILDDIR=linux             (relative to dnsmasq tree)
+	    make BUILDDIR=/tmp/openbsd      (absolute path)
+	    If BUILDDIR is not set, compilation happens in the src
+	    directory, as before. Suggestion from Mark Mitchell.
+
+	    Support DHCPv6. Support is there for the sort of things
+	    the existing v4 server does, including tags, options, 
+	    static addresses and relay support. Missing is prefix 
+	    delegation, which is probably not required in the dnsmasq
+	    niche, and an easy way to accept prefix delegations from
+	    an upstream DHCPv6 server, which is. Future plans include
+	    support for DHCPv6 router option and MAC address option
+	    (to make selecting clients by MAC address work like IPv4).
+	    These will be added as the standards mature.
+	    This code has been tested, but this is the first release,
+	    so don't bet the farm on it just yet. Many thanks to all 
+	    testers who have got it this far.
+
+	    Support IPv6 router advertisements. This is a
+	    simple-minded implementation, aimed at providing the
+	    vestigial RA needed to go alongside IPv6. Is picks up
+	    configuration from the DHCPv6 conf, and should just need
+	    enabling with --enable-ra.   
+
+	    Fix long-standing wrinkle with --localise-queries that
+	    could result in wrong answers when DNS packets arrive
+	    via an interface other than the expected one. Thanks to 
+	    Lorenzo Milesi and John Hanks for spotting this one.
+ 
+            Update French translation. Thanks to Gildas Le Nadan.
+
+	    Update Polish translation. Thanks to Jan Psota.
+
+
+version 2.59
+            Fix regression in 2.58 which caused failure to start up
+            with some combinations of dnsmasq config and IPv6 kernel
+            network config. Thanks to Brielle Bruns for the bug
+            report.
+
+            Improve dnsmasq's behaviour when network interfaces are
+            still doing duplicate address detection (DAD). Previously,
+            dnsmasq would wait up to 20 seconds at start-up for the
+            DAD state to terminate. This is broken for bridge
+            interfaces on recent Linux kernels, which don't start DAD
+            until the bridge comes up, and so can take arbitrary
+            time. The new behaviour lets dnsmasq poll for an arbitrary
+            time whilst providing service on other interfaces. Thanks
+            to Stephen Hemminger for pointing out the problem.
+
+
 version 2.58
 	    Provide a definition of the SA_SIZE macro where it's 
 	    missing. Fixes build failure on openBSD.

FAQ

@@ -467,8 +467,18 @@ A: The DHCP client on windows Vista (and possibly later versions)
    work).
 
   
+Q: DHCP doesn't work with windows 7 but everything else is fine.
 
+A: There seems to be a problem if Windows 7 doesn't get a value for
+   DHCP option 252 in DHCP packets it gets from the server. The
+   symtoms have beeen variously reported as continual DHCPINFORM
+   requests in an attempt to get an option-252, or even ignoring DHCP
+   offers completely (and failing to get an IP address) if there is no
+   option-252 supplied. DHCP option 252 is for WPAD, WWW Proxy 
+   Auto Detection and if you don't want or need to use that, then 
+   simplest fix seems to be to supply an empty option with:
 
+   dhcp-option=252,"\n"
 
 
 

Makefile

@@ -1,4 +1,4 @@
-# dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+# dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 #
 #  This program is free software; you can redistribute it and/or modify
 #  it under the terms of the GNU General Public License as published by
@@ -13,89 +13,122 @@
 #  You should have received a copy of the GNU General Public License
 #  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-PREFIX = /usr/local
-BINDIR = ${PREFIX}/sbin
-MANDIR = ${PREFIX}/share/man
-LOCALEDIR = ${PREFIX}/share/locale
+# NOTE: Building the i18n targets requires GNU-make 
 
-PKG_CONFIG = pkg-config
-INSTALL = install
-MSGMERGE = msgmerge
-MSGFMT = msgfmt
-XGETTEXT = xgettext
 
-CFLAGS = -Wall -W -O2
+# Variables you may well want to override.
+
+PREFIX        = /usr/local
+BINDIR        = $(PREFIX)/sbin
+MANDIR        = $(PREFIX)/share/man
+LOCALEDIR     = $(PREFIX)/share/locale
+BUILDDIR      = $(SRC)
+DESTDIR       = 
+CFLAGS        = -Wall -W -O2
+LDFLAGS       = 
+COPTS         = 
+RPM_OPT_FLAGS = 
+LIBS          = 
 
 #################################################################
 
+# Variables you might want to override.
+
+PKG_CONFIG = pkg-config
+INSTALL    = install
+MSGMERGE   = msgmerge
+MSGFMT     = msgfmt
+XGETTEXT   = xgettext
+
 SRC = src
-PO = po
+PO  = po
 MAN = man
 
-DBUS_CFLAGS=`echo $(COPTS) | ../bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --cflags dbus-1` 
-DBUS_LIBS=  `echo $(COPTS) | ../bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --libs dbus-1` 
-IDN_CFLAGS= `echo $(COPTS) | ../bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --cflags libidn` 
-IDN_LIBS=   `echo $(COPTS) | ../bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --libs libidn` 
-CT_CFLAGS=  `echo $(COPTS) | ../bld/pkg-wrapper HAVE_CONNTRACK $(PKG_CONFIG) --cflags libnetfilter_conntrack`
-CT_LIBS=    `echo $(COPTS) | ../bld/pkg-wrapper HAVE_CONNTRACK $(PKG_CONFIG) --libs libnetfilter_conntrack`
-SUNOS_LIBS= `if uname | grep SunOS 2>&1 >/dev/null; then echo -lsocket -lnsl -lposix4; fi`
+#################################################################
 
-OBJS = cache.o rfc1035.o util.o option.o forward.o network.o \
+# pmake way. (NB no spaces to keep gmake 3.82 happy)
+top!=pwd
+# GNU make way.
+top?=$(CURDIR)
+
+dbus_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --cflags dbus-1` 
+dbus_libs =   `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DBUS $(PKG_CONFIG) --libs dbus-1` 
+idn_cflags =  `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --cflags libidn` 
+idn_libs =    `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_IDN $(PKG_CONFIG) --libs libidn` 
+ct_cflags =   `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_CONNTRACK $(PKG_CONFIG) --cflags libnetfilter_conntrack`
+ct_libs =     `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_CONNTRACK $(PKG_CONFIG) --libs libnetfilter_conntrack`
+lua_cflags =  `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --cflags lua5.1` 
+lua_libs =    `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua5.1` 
+sunos_libs =  `if uname | grep SunOS >/dev/null 2>&1; then echo -lsocket -lnsl -lposix4; fi`
+version =     -DVERSION='\"`$(top)/bld/get-version $(top)`\"'
+
+objs = cache.o rfc1035.o util.o option.o forward.o network.o \
        dnsmasq.o dhcp.o lease.o rfc2131.o netlink.o dbus.o bpf.o \
-       helper.o tftp.o log.o conntrack.o
+       helper.o tftp.o log.o conntrack.o dhcp6.o rfc3315.o \
+       dhcp-common.o outpacket.o radv.o
 
-all :
-	@cd $(SRC) && $(MAKE) \
- BUILD_CFLAGS="$(DBUS_CFLAGS) $(IDN_CFLAGS) $(CT_CFLAGS)" \
- BUILD_LIBS="$(DBUS_LIBS) $(IDN_LIBS) $(CT_LIBS) $(SUNOS_LIBS)" \
- -f ../Makefile dnsmasq 
+hdrs = dnsmasq.h config.h dhcp-protocol.h dhcp6-protocol.h \
+       dns-protocol.h radv-protocol.h
+
+all : $(BUILDDIR)
+	@cd $(BUILDDIR) && $(MAKE) \
+ top="$(top)" \
+ build_cflags="$(version) $(dbus_cflags) $(idn_cflags) $(ct_cflags) $(lua_cflags)" \
+ build_libs="$(dbus_libs) $(idn_libs) $(ct_libs) $(lua_libs) $(sunos_libs)" \
+ -f $(top)/Makefile dnsmasq 
 
 clean :
-	rm -f *~ $(SRC)/*.mo contrib/*/*~ */*~ $(SRC)/*.pot 
-	rm -f $(SRC)/*.o $(SRC)/dnsmasq.a $(SRC)/dnsmasq core */core
+	rm -f *~ $(BUILDDIR)/*.mo contrib/*/*~ */*~ $(BUILDDIR)/*.pot 
+	rm -f $(BUILDDIR)/*.o $(BUILDDIR)/dnsmasq.a $(BUILDDIR)/dnsmasq core */core
 
 install : all install-common
 
 install-common :
 	$(INSTALL) -d $(DESTDIR)$(BINDIR) -d $(DESTDIR)$(MANDIR)/man8
 	$(INSTALL) -m 644 $(MAN)/dnsmasq.8 $(DESTDIR)$(MANDIR)/man8 
-	$(INSTALL) -m 755 $(SRC)/dnsmasq $(DESTDIR)$(BINDIR)
+	$(INSTALL) -m 755 $(BUILDDIR)/dnsmasq $(DESTDIR)$(BINDIR)
 
-all-i18n :
-	@cd $(SRC) && $(MAKE) \
- I18N=-DLOCALEDIR='\"$(LOCALEDIR)\"' \
- BUILD_CFLAGS="$(DBUS_CFLAGS) $(CT_CFLAGS) `$(PKG_CONFIG) --cflags libidn`" \
- BUILD_LIBS="$(DBUS_LIBS) $(CT_LIBS) $(SUNOS_LIBS) `$(PKG_CONFIG) --libs libidn`"  \
- -f ../Makefile dnsmasq
-	@cd $(PO); for f in *.po; do \
-		cd ../$(SRC) && $(MAKE) \
- -f ../Makefile $${f%.po}.mo; \
+all-i18n : $(BUILDDIR)
+	@cd $(BUILDDIR) && $(MAKE) \
+ top="$(top)" \
+ i18n=-DLOCALEDIR=\'\"$(LOCALEDIR)\"\' \
+ build_cflags="$(version) $(dbus_cflags) $(ct_cflags) $(lua_cflags) `$(PKG_CONFIG) --cflags libidn`" \
+ build_libs="$(dbus_libs) $(ct_libs) $(lua_libs) $(sunos_libs) `$(PKG_CONFIG) --libs libidn`"  \
+ -f $(top)/Makefile dnsmasq
+	for f in `cd $(PO); echo *.po`; do \
+		cd $(top) && cd $(BUILDDIR) && $(MAKE) top="$(top)" -f $(top)/Makefile $${f%.po}.mo; \
 	done
 
 install-i18n : all-i18n install-common
-	cd $(SRC); ../bld/install-mo $(DESTDIR)$(LOCALEDIR) $(INSTALL)
+	cd $(BUILDDIR); $(top)/bld/install-mo $(DESTDIR)$(LOCALEDIR) $(INSTALL)
 	cd $(MAN); ../bld/install-man $(DESTDIR)$(MANDIR) $(INSTALL)
 
-merge :
-	@cd $(SRC) && $(MAKE) -f ../Makefile dnsmasq.pot
-	@cd $(PO); for f in *.po; do \
-		echo -n msgmerge $$f && $(MSGMERGE) --no-wrap -U $$f ../$(SRC)/dnsmasq.pot; \
+merge : 
+	@cd $(BUILDDIR) && $(MAKE) -f $(top)/Makefile dnsmasq.pot
+	for f in `cd $(PO); echo *.po`; do \
+		echo -n msgmerge $(PO)/$$f && $(MSGMERGE) --no-wrap -U $(PO)/$$f $(BUILDDIR)/dnsmasq.pot; \
 	done
 
+$(BUILDDIR):
+	mkdir -p $(BUILDDIR)
+
 
 # rules below are targets in recusive makes with cwd=$(SRC)
 
+$(objs:.o=.c) $(hdrs):
+	ln -s $(top)/$(SRC)/$@ .
+
 .c.o:
-	$(CC) $(CFLAGS) $(COPTS) $(I18N) $(BUILD_CFLAGS) $(RPM_OPT_FLAGS) -c $<
+	$(CC) $(CFLAGS) $(COPTS) $(i18n) $(build_cflags) $(RPM_OPT_FLAGS) -c $<	
 
-dnsmasq : $(OBJS)
-	$(CC) $(LDFLAGS) -o $@ $(OBJS) $(BUILD_LIBS) $(LIBS) 
+dnsmasq : $(hdrs) $(objs) 
+	$(CC) $(LDFLAGS) -o $@ $(objs) $(build_libs) $(LIBS) 
 
-dnsmasq.pot : $(OBJS:.o=.c) dnsmasq.h config.h
-	$(XGETTEXT) -d dnsmasq --foreign-user --omit-header --keyword=_ -o $@ -i $(OBJS:.o=.c)
+dnsmasq.pot : $(objs:.o=.c) $(hdrs)
+	$(XGETTEXT) -d dnsmasq --foreign-user --omit-header --keyword=_ -o $@ -i $(objs:.o=.c)
 
-%.mo : ../po/%.po dnsmasq.pot
-	$(MSGMERGE) -o - ../po/$*.po dnsmasq.pot | $(MSGFMT) -o $*.mo -
+%.mo : $(top)/$(PO)/%.po dnsmasq.pot
+	$(MSGMERGE) -o - $(top)/$(PO)/$*.po dnsmasq.pot | $(MSGFMT) -o $*.mo -
 
 
 .PHONY : all clean install install-common all-i18n install-i18n merge 

VERSION

@@ -0,0 +1 @@
+$Format:%d$

bld/Android.mk

@@ -6,7 +6,9 @@ include $(CLEAR_VARS)
 LOCAL_SRC_FILES :=  bpf.c cache.c dbus.c dhcp.c dnsmasq.c \
                     forward.c helper.c lease.c log.c \
                     netlink.c network.c option.c rfc1035.c \
-		    rfc2131.c tftp.c util.c conntrack.c
+		    rfc2131.c tftp.c util.c conntrack.c \
+		    dhcp6.c rfc3315.c dhcp-common.c outpacket.c \
+		    radv.c
 
 LOCAL_MODULE := dnsmasq
 

bld/get-version

@@ -0,0 +1,28 @@
+#!/bin/sh
+
+# Determine the version string to build into a binary.
+# When building in the git repository, we can use the output 
+# of "git describe" which gives an unequivocal answer.
+#
+# Failing that, we use the contents of the VERSION file
+# which has a set of references substituted into it by git.
+# If we can find one which matches $v[0-9].* then we assume it's
+# a version-number tag, else we just use the whole string.
+
+if which git >/dev/null 2>&1 && [ -d $1/.git ]; then
+     cd $1; git describe
+elif grep '\$Format:%d\$' $1/VERSION >/dev/null 2>&1; then
+# unsubstituted VERSION, but no git available.
+    echo UNKNOWN
+else
+     vers=`cat $1/VERSION | sed 's/[(), ]/,/ g' | tr ',' '\n' | grep $v[0-9]`
+
+     if [ $? -eq 0 ]; then
+         echo "${vers}" | head -n 1 | tail -c +2
+     else
+         cat $1/VERSION
+     fi
+fi
+
+exit 0
+

bld/install-man

@@ -4,6 +4,6 @@ for f in *; do
   if [ -d $f ]; then
      $2 -m 755 -d $1/$f/man8 
      $2 -m 644 $f/dnsmasq.8 $1/$f/man8
-     echo installing $1/$f/man8/dnsmasq.8
+     echo installing $f/man8/dnsmasq.8
   fi
 done

bld/install-mo

@@ -3,7 +3,7 @@
 for f in *.mo; do
   $2 -m 755 -d $1/${f%.mo}/LC_MESSAGES
   $2 -m 644 $f $1/${f%.mo}/LC_MESSAGES/dnsmasq.mo
-  echo installing $1/${f%.mo}/LC_MESSAGES/dnsmasq.mo
+  echo installing ${f%.mo}/LC_MESSAGES/dnsmasq.mo
 done
 
 

bld/pkg-wrapper

@@ -3,8 +3,8 @@
 search=$1
 shift
 
-if grep "^\#.*define.*$search" config.h 2>&1 >/dev/null || \
-   grep $search 2>&1 >/dev/null ; then
+if grep "^\#[[:space:]]*define[[:space:]]*$search" config.h >/dev/null 2>&1 || \
+   grep $search >/dev/null 2>&1; then
   exec $*
 fi
 

debian/conffiles

@@ -0,0 +1,6 @@
+/etc/init.d/dnsmasq
+/etc/default/dnsmasq
+/etc/dnsmasq.conf
+/etc/resolvconf/update.d/dnsmasq
+/etc/dbus-1/system.d/dnsmasq.conf
+/etc/insserv.conf.d/dnsmasq

debian/control

@@ -0,0 +1,41 @@
+Source: dnsmasq
+Section: net
+Priority: optional
+Build-depends: gettext, libnetfilter-conntrack-dev [linux-any], libidn11-dev, libdbus-1-dev (>=0.61)
+Maintainer: Simon Kelley <simon@thekelleys.org.uk>
+Standards-Version: 3.9.2
+
+Package: dnsmasq
+Architecture: all
+Depends: netbase, adduser, dnsmasq-base(>= ${source:Version})
+Suggests: resolvconf
+Conflicts: resolvconf (<<1.15)
+Description: Small caching DNS proxy and DHCP/TFTP server
+ Dnsmasq is a lightweight, easy to configure, DNS forwarder and DHCP
+ server. It is designed to provide DNS and optionally, DHCP, to a 
+ small network. It can serve the names of local machines which are 
+ not in the global DNS. The DHCP server integrates with the DNS 
+ server and allows machines with DHCP-allocated addresses
+ to appear in the DNS with names configured either in each host or
+ in a central configuration file. Dnsmasq supports static and dynamic 
+ DHCP leases and BOOTP/TFTP for network booting of diskless machines.
+
+Package: dnsmasq-base
+Architecture: any
+Depends: ${shlibs:Depends}
+Conflicts: dnsmasq (<<2.41)
+Description: Small caching DNS proxy and DHCP/TFTP server
+ This package contains the dnsmasq executable and documentation, but
+ not the infrastructure required to run it as a system daemon. For
+ that, install the dnsmasq package.
+
+Package: dnsmasq-utils
+Architecture: linux-any
+Depends: ${shlibs:Depends}
+Conflicts: dnsmasq (<<2.40)
+Description: Utilities for manipulating DHCP leases
+ Small utilities to query a DHCP server's lease database and
+ remove leases from it. These programs are distributed with dnsmasq
+ and may not work correctly with other DHCP servers.
+
+ 

debian/copyright

@@ -0,0 +1,21 @@
+dnsmasq is Copyright (c) 2000-2012 Simon Kelley
+
+It was downloaded from: http://www.thekelleys.org.uk/dnsmasq/
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991, or
+   (at your option) version 3 dated 29 June, 2007.
+ 
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+On Debian GNU/Linux systems, the text of the GNU general public license is 
+available in the file /usr/share/common-licenses/GPL-2 or 
+/usr/share/common-licenses/GPL-3
+
+The Debian package of dnsmasq was created by Simon Kelley with assistance 
+from Lars Bahner.
+

debian/dbus.conf

@@ -0,0 +1,18 @@
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+	<policy user="root">
+		<allow own="uk.org.thekelleys.dnsmasq"/>
+		<allow send_destination="uk.org.thekelleys.dnsmasq"/>
+	</policy>
+        <policy user="dnsmasq">
+                <allow own="uk.org.thekelleys.dnsmasq"/>
+                <allow send_destination="uk.org.thekelleys.dnsmasq"/>
+        </policy>
+	<policy context="default">
+                <deny own="uk.org.thekelleys.dnsmasq"/>
+                <deny send_destination="uk.org.thekelleys.dnsmasq"/>
+        </policy>
+</busconfig>
+

debian/default

@@ -0,0 +1,33 @@
+# This file has five functions: 
+# 1) to completely disable starting dnsmasq, 
+# 2) to set DOMAIN_SUFFIX by running `dnsdomainname` 
+# 3) to select an alternative config file
+#    by setting DNSMASQ_OPTS to --conf-file=<file>
+# 4) to tell dnsmasq to read the files in /etc/dnsmasq.d for
+#    more configuration variables.
+# 5) to stop the resolvconf package from controlling dnsmasq's
+#    idea of which upstream nameservers to use.
+# For upgraders from very old versions, all the shell variables set 
+# here in previous versions are still honored by the init script
+# so if you just keep your old version of this file nothing will break.
+
+#DOMAIN_SUFFIX=`dnsdomainname`
+#DNSMASQ_OPTS="--conf-file=/etc/dnsmasq.alt"
+
+# Whether or not to run the dnsmasq daemon; set to 0 to disable.
+ENABLED=1
+
+# By default search this drop directory for configuration options.
+# Libvirt leaves a file here to make the system dnsmasq play nice.
+# Comment out this line if you don't want this. The dpkg-* are file
+# endings which cause dnsmasq to skip that file. This avoids pulling
+# in backups made by dpkg.
+CONFIG_DIR=/etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new
+
+# If the resolvconf package is installed, dnsmasq will use its output 
+# rather than the contents of /etc/resolv.conf to find upstream 
+# nameservers. Uncommenting this line inhibits this behaviour.
+# Not that including a "resolv-file=<filename>" line in 
+# /etc/dnsmasq.conf is not enough to override resolvconf if it is
+# installed: the line below must be uncommented.
+#IGNORE_RESOLVCONF=yes

debian/init

@@ -0,0 +1,266 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:       dnsmasq
+# Required-Start: $network $remote_fs $syslog
+# Required-Stop:  $network $remote_fs $syslog
+# Default-Start:  2 3 4 5
+# Default-Stop:   0 1 6
+# Description:    DHCP and DNS server
+### END INIT INFO
+
+set +e   # Don't exit on error status
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/dnsmasq
+NAME=dnsmasq
+DESC="DNS forwarder and DHCP server"
+
+# Most configuration options in /etc/default/dnsmasq are deprecated
+# but still honoured.
+ENABLED=1
+if [ -r /etc/default/$NAME ]; then
+	. /etc/default/$NAME
+fi
+
+# Get the system locale, so that messages are in the correct language, and the 
+# charset for IDN is correct
+if [ -r /etc/default/locale ]; then
+        . /etc/default/locale
+        export LANG
+fi
+
+test -x $DAEMON || exit 0
+
+# Provide skeleton LSB log functions for backports which don't have LSB functions.
+if [ -f /lib/lsb/init-functions ]; then
+         . /lib/lsb/init-functions
+else
+         log_warning_msg () {
+            echo "${@}."
+         }
+
+         log_success_msg () {
+            echo "${@}."
+         }
+
+         log_daemon_msg () {
+            echo -n "${1}: $2"
+         }
+
+	 log_end_msg () {
+            if [ $1 -eq 0 ]; then
+              echo "."
+            elif [ $1 -eq 255 ]; then
+              /bin/echo -e " (warning)."
+            else
+              /bin/echo -e " failed!"
+            fi
+         }
+fi
+
+# RESOLV_CONF:
+# If the resolvconf package is installed then use the resolv conf file
+# that it provides as the default.  Otherwise use /etc/resolv.conf as
+# the default.
+#
+# If IGNORE_RESOLVCONF is set in /etc/default/dnsmasq or an explicit
+# filename is set there then this inhibits the use of the resolvconf-provided
+# information.
+#
+# Note that if the resolvconf package is installed it is not possible to 
+# override it just by configuration in /etc/dnsmasq.conf, it is necessary
+# to set IGNORE_RESOLVCONF=yes in /etc/default/dnsmasq.
+
+if [ ! "$RESOLV_CONF" ] &&
+   [ "$IGNORE_RESOLVCONF" != "yes" ] &&
+   [ -x /sbin/resolvconf ]
+then
+	RESOLV_CONF=/var/run/dnsmasq/resolv.conf
+fi
+
+for INTERFACE in $DNSMASQ_INTERFACE; do
+	DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -i $INTERFACE"
+done
+
+for INTERFACE in $DNSMASQ_EXCEPT; do
+	DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -I $INTERFACE"
+done
+
+if [ ! "$DNSMASQ_USER" ]; then
+   DNSMASQ_USER="dnsmasq"
+fi
+
+start()
+{
+        # Return
+	#   0 if daemon has been started
+	#   1 if daemon was already running
+	#   2 if daemon could not be started
+
+        # /var/run may be volatile, so we need to ensure that
+        # /var/run/dnsmasq exists here as well as in postinst
+        if [ ! -d /var/run/dnsmasq ]; then
+           mkdir /var/run/dnsmasq || return 2
+           chown dnsmasq:nogroup /var/run/dnsmasq || return 2
+        fi
+
+	start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON --test > /dev/null || return 1
+	start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON -- \
+		-x /var/run/dnsmasq/$NAME.pid \
+	        ${MAILHOSTNAME:+ -m $MAILHOSTNAME} \
+		${MAILTARGET:+ -t $MAILTARGET} \
+		${DNSMASQ_USER:+ -u $DNSMASQ_USER} \
+		${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \
+		${DHCP_LEASE:+ -l $DHCP_LEASE} \
+		${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \
+		${RESOLV_CONF:+ -r $RESOLV_CONF} \
+		${CACHESIZE:+ -c $CACHESIZE} \
+	        ${CONFIG_DIR:+ -7 $CONFIG_DIR} \
+		${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} \
+		|| return 2
+}
+
+start_resolvconf()
+{
+# If interface "lo" is explicitly disabled in /etc/default/dnsmasq
+# Then dnsmasq won't be providing local DNS, so don't add it to
+# the resolvconf server set.
+	for interface in $DNSMASQ_EXCEPT
+	do
+		[ $interface = lo ] && return
+	done
+
+        if [ -x /sbin/resolvconf ] ; then
+		echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.$NAME
+	fi
+	return 0
+}
+
+stop()
+{
+	# Return
+	#   0 if daemon has been stopped
+	#   1 if daemon was already stopped
+	#   2 if daemon could not be stopped
+	#   other if a failure occurred
+	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile /var/run/dnsmasq/$NAME.pid --name $NAME
+	RETVAL="$?"
+	[ "$RETVAL" = 2 ] && return 2
+	return "$RETVAL"
+}
+
+stop_resolvconf()
+{
+	if [ -x /sbin/resolvconf ] ; then
+		/sbin/resolvconf -d lo.$NAME
+	fi
+	return 0
+}
+
+status()
+{
+	# Return
+	#   0 if daemon is running
+	#   1 if daemon is dead and pid file exists
+	#   3 if daemon is not running
+	#   4 if daemon status is unknown
+	start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON --test > /dev/null
+	case "$?" in
+		0) [ -e "/var/run/dnsmasq/$NAME.pid" ] && return 1 ; return 3 ;;
+		1) return 0 ;;
+		*) return 4 ;;
+	esac
+}
+
+case "$1" in
+  start)
+	test "$ENABLED" != "0" || exit 0
+	log_daemon_msg "Starting $DESC" "$NAME"
+	start
+	case "$?" in
+		0)
+			log_end_msg 0
+			start_resolvconf
+			exit 0
+			;;
+		1)
+			log_success_msg "(already running)"
+			exit 0
+			;;
+		*)
+			log_end_msg 1
+			exit 1
+			;;
+	esac
+	;;
+  stop)
+	stop_resolvconf
+	if [ "$ENABLED" != "0" ]; then
+             log_daemon_msg "Stopping $DESC" "$NAME"
+	fi
+	stop
+        RETVAL="$?"
+	if [ "$ENABLED" = "0" ]; then
+	    case "$RETVAL" in
+	       0) log_daemon_msg "Stopping $DESC" "$NAME"; log_end_msg 0 ;;
+            esac 
+	    exit 0
+	fi
+	case "$RETVAL" in
+		0) log_end_msg 0 ; exit 0 ;;
+		1) log_warning_msg "(not running)" ; exit 0 ;;
+		*) log_end_msg 1; exit 1 ;;
+	esac
+	;;
+  restart|force-reload)
+	test "$ENABLED" != "0" || exit 1
+	$DAEMON --test ${CONFIG_DIR:+ -7 $CONFIG_DIR} ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    NAME="configuration syntax check"
+	    RETVAL="2"
+	else   
+	    stop_resolvconf
+	    stop
+	    RETVAL="$?"
+        fi
+	log_daemon_msg "Restarting $DESC" "$NAME"
+	case "$RETVAL" in
+		0|1)
+		        sleep 2
+			start
+			case "$?" in
+				0)
+					log_end_msg 0
+					start_resolvconf
+					exit 0
+					;;
+			        *)
+					log_end_msg 1
+					exit 1
+					;;
+			esac
+			;;
+		*)
+			log_end_msg 1
+			exit 1
+			;;
+	esac
+	;;
+  status)
+	log_daemon_msg "Checking $DESC" "$NAME"
+	status
+	case "$?" in
+		0) log_success_msg "(running)" ; exit 0 ;;
+		1) log_success_msg "(dead, pid file exists)" ; exit 1 ;;
+		3) log_success_msg "(not running)" ; exit 3 ;;
+		*) log_success_msg "(unknown)" ; exit 4 ;;
+	esac
+	;;
+  *)
+	echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|status}" >&2
+	exit 3
+	;;
+esac
+
+exit 0
+

debian/insserv

@@ -0,0 +1 @@
+$named dnsmasq

debian/postinst

@@ -0,0 +1,49 @@
+#!/bin/sh
+set -e
+
+# create a user to run as (code stolen from dovecot-common)
+if [ "$1" = "configure" ]; then
+  if [ -z "`id -u dnsmasq 2> /dev/null`" ]; then
+    adduser --system  --home /var/lib/misc --gecos "dnsmasq" \
+            --no-create-home --disabled-password \
+            --quiet dnsmasq || true
+  fi
+
+  # Make the directory where we keep the pid file - this
+  # has to be owned by "dnsmasq" do that the file can be unlinked.
+  if [ ! -d /var/run/dnsmasq ]; then
+    mkdir /var/run/dnsmasq
+    chown dnsmasq:nogroup /var/run/dnsmasq
+  fi
+
+  # handle new location of pidfile during an upgrade
+  if [ -e /var/run/dnsmasq.pid ]; then
+      mv /var/run/dnsmasq.pid /var/run/dnsmasq
+  fi
+fi
+
+if [ -x /etc/init.d/dnsmasq ]; then
+   update-rc.d dnsmasq defaults 15 85 >/dev/null
+
+   if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ]; then
+      if [ -e /var/run/dnsmasq/dnsmasq.pid ]; then
+          ACTION=restart
+      else
+          ACTION=start
+      fi
+
+      if [ -x /usr/sbin/invoke-rc.d ] ; then
+         invoke-rc.d dnsmasq $ACTION || true
+      else
+         /etc/init.d/dnsmasq $ACTION || true
+      fi
+   fi
+fi
+
+# dpkg can botch the change of /usr/share/doc/dnsmasq from
+# directory to symlink. Fix up here.
+if [ ! -h /usr/share/doc/dnsmasq ] && { rmdir /usr/share/doc/dnsmasq; }; then
+   cd /usr/share/doc/
+   ln -s /usr/share/doc/dnsmasq-base dnsmasq
+fi
+

debian/postrm

@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+if [ purge = "$1" ]; then
+   update-rc.d dnsmasq remove >/dev/null
+   if [ -x "$(command -v deluser)" ]; then
+     deluser --quiet --system dnsmasq > /dev/null || true
+  else
+     echo >&2 "not removing dnsmasq system account because deluser command was not found"
+  fi
+  rm -rf /var/run/dnsmasq
+fi

debian/prerm

@@ -0,0 +1,14 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "remove" ]; then
+  if [ -x /usr/sbin/invoke-rc.d ] ; then
+      invoke-rc.d dnsmasq stop || true
+  else
+      /etc/init.d/dnsmasq stop || true
+  fi
+fi
+
+exit 0
+
+

debian/readme

@@ -0,0 +1,76 @@
+Notes on configuring dnsmasq as packaged for Debian.
+
+(1) To configure dnsmasq edit /etc/dnsmasq.conf. The file is well
+    commented; see also the dnsmasq.8 man page for explanation of
+    the options. The file /etc/default/dnsmasq also exists but it
+    shouldn't need to be touched in most cases. To set up DHCP
+    options you might need to refer to a copy of RFC 2132. This is 
+    available on Debian systems in the package doc-rfc-std as the file
+    /usr/share/doc/RFC/draft-standard/rfc2132.txt.gz .
+
+(2) Installing the dnsmasq package also creates the directory
+    /etc/dnsmasq.d which is searched by dnsmasq for configuration file
+    fragments. This behaviour can be disabled by editing 
+    /etc/default/dnsmasq.
+
+(3) If the Debian resolvconf package is installed then, regardless
+    of what interface configuration daemons are employed, the list of
+    nameservers to which dnsmasq should forward queries can be found
+    in /var/run/dnsmasq/resolv.conf; also, 127.0.0.1 is listed as the
+    first nameserver address in /etc/resolv.conf. This works using the
+    default configurations of resolvconf and dnsmasq.
+
+(4) In the absence of resolvconf, if you are using dhcpcd then
+    dnsmasq should read the list of nameservers from the automatically
+    generated file /etc/dhcpc/resolv.conf.  You should list 127.0.0.1
+    as the first nameserver address in /etc/resolv.conf.
+
+(5) In the absence of resolvconf, if you are using pppd then
+    dnsmasq should read the list of nameservers from the automatically
+    generated file /etc/ppp/resolv.conf.  You should list 127.0.0.1
+    as the first nameserver address in /etc/resolv.conf.
+
+(6) In the absence of resolvconf, dns-nameservers lines in 
+    /etc/network/interfaces are ignored. If you do do not use
+    resolvconf, list 127.0.0.1 as the first nameserver address
+    in /etc/resolv.conf and configure your nameservers using
+    "server=<IP-address>" lines in /etc/dnsmasq.conf.
+
+(7) If you run multiple DNS servers on a single machine, each
+    listening on a different interface, then it is necessary to use 
+    the bind-interfaces option by uncommenting "bind-interfaces" in 
+    /etc/dnsmasq.conf. This option stops dnsmasq from binding the 
+    wildcard address and allows servers listening on port 53 on
+    interfaces not in use by dnsmasq to work. The Debian 
+    libvirt package will add a configuration file in /etc/dnsmasq.d
+    which does this so that the "system" dnsmasq and "private" dnsmasq
+    instances started by libvirt do not clash.
+
+(8) The following options are supported in DEB_BUILD_OPTIONS
+      noopt       : compile without optimisation.
+      nostrip     : don't remove symbols from binary. 
+      nodocs      : omit documentation.
+      notftp      : omit TFTP support.
+      nodhcp      : omit DHCP support.
+      nodhcp6     : omit DHCPv6 support.
+      noscript    : omit lease-change script support.
+      use_lua     : provide support for lease-change scripts written
+                    in Lua.
+      noipv6      : omit IPv6 support.
+      nodbus      : omit DBus support.
+      noconntrack : omit connection tracking support. 
+      nortc       : compile alternate mode suitable for systems without an RTC.
+      noi18n      : omit translations and internationalisation support.
+      noidn       : omit international domain name support, must be
+                    combined with noi18n to be effective.
+      
+
+(9) Dnsmasq comes as three packages - dnsmasq-utils, dnsmasq-base and
+    dnsmasq. Dnsmasq-base provides the dnsmasq executable and
+    documentation (including this file). Dnsmasq, which depends on
+    dnsmasq-base, provides the init script and configuration
+    infrastructure. This file assumes that both are installed. It is
+    possible to install only dnsmasq-base and use dnsmasq as a
+    non-"system" daemon. Libvirt, for instance, does this.
+    Dnsmasq-utils provides the utilities dhcp_release and 
+    dhcp_lease_time.

debian/readme.dnsmasq.d

@@ -0,0 +1,7 @@
+# All files in this directory will be read by dnsmasq as 
+# configuration files, except if their names end in 
+# ".dpkg-dist",".dpkg-old" or ".dpkg-new"
+#
+# This can be changed by editing /etc/default/dnsmasq
+
+

debian/resolvconf

@@ -0,0 +1,70 @@
+#!/bin/bash
+#
+# Script to update the resolver list for dnsmasq
+#
+# N.B. Resolvconf may run us even if dnsmasq is not running.
+# If dnsmasq is installed then we go ahead and update
+# the resolver list in case dnsmasq is started later.
+#
+# Assumption: On entry, PWD contains the resolv.conf-type files
+#
+# Requires bash because it uses a non-POSIX printf extension.
+#
+# Licensed under the GNU GPL.  See /usr/share/common-licenses/GPL.
+#
+
+set -e
+
+RUN_DIR="/var/run/dnsmasq"
+RSLVRLIST_FILE="${RUN_DIR}/resolv.conf"
+TMP_FILE="${RSLVRLIST_FILE}_new.$$"
+
+[ -x /usr/sbin/dnsmasq ] || exit 0
+[ -x /lib/resolvconf/list-records ] || exit 1
+
+PATH=/bin:/sbin
+
+report_err() { echo "$0: Error: $*" >&2 ; }
+
+# Stores arguments (minus duplicates) in RSLT, separated by spaces
+# Doesn't work properly if an argument itself contain whitespace
+uniquify()
+{
+	RSLT=""
+	while [ "$1" ] ; do
+		for E in $RSLT ; do
+			[ "$1" = "$E" ] && { shift ; continue 2 ; }
+		done
+		RSLT="${RSLT:+$RSLT }$1"
+		shift
+	done
+}
+
+if [ ! -d "$RUN_DIR" ] && ! mkdir --parents --mode=0755 "$RUN_DIR" ; then
+	report_err "Failed trying to create directory $RUN_DIR"
+	exit 1
+fi
+
+RSLVCNFFILES="$(/lib/resolvconf/list-records | sed -e '/^lo.dnsmasq$/d')"
+
+NMSRVRS=""
+if [ "$RSLVCNFFILES" ] ; then
+	uniquify $(sed -n -e 's/^[[:space:]]*nameserver[[:space:]]\+//p' $RSLVCNFFILES)
+	NMSRVRS="$RSLT"
+fi
+
+# Dnsmasq uses the mtime of $RSLVRLIST_FILE, with a resolution of one second,
+# to detect changes in the file. This means that if a resolvconf update occurs
+# within one second of the previous one then dnsmasq may fail to notice the
+# more recent change.  To work around this problem we sleep here to ensure
+# that the new mtime is different.
+if [ -f "$RSLVRLIST_FILE" ] && [ "$(ls -go --time-style='+%s' "$RSLVRLIST_FILE" | { read p h s t n ; echo "$t" ; })" = "$(date +%s)" ] ; then
+	sleep 1
+fi
+
+clean_up() { rm -f "$TMP_FILE" ; }
+trap clean_up EXIT
+: >| "$TMP_FILE"
+for N in $NMSRVRS ; do echo "nameserver $N" >> "$TMP_FILE" ; done
+mv -f "$TMP_FILE" "$RSLVRLIST_FILE"
+

debian/resolvconf-package

@@ -0,0 +1,13 @@
+#!/bin/sh
+# Resolvconf packaging event hook script for the dnsmasq package
+restart_dnsmasq() {
+    if which invoke-rc.d >/dev/null 2>&1 ; then
+        invoke-rc.d dnsmasq restart
+    elif [ -x /etc/init.d/dnsmasq ] ; then
+        /etc/init.d/dnsmasq restart
+    fi
+}
+
+case "$1" in
+  install) restart_dnsmasq ;;
+esac

debian/rules

@@ -0,0 +1,194 @@
+#!/usr/bin/make -f
+# debian/rules file - for dnsmasq.
+# Copyright 2001-2011 by Simon Kelley
+# Based on the sample in the debian hello package which carries the following:
+# Copyright 1994,1995 by Ian Jackson.
+# I hereby give you perpetual unlimited permission to copy,
+# modify and relicense this file, provided that you do not remove
+# my name from the file itself.  (I assert my moral right of
+# paternity under the Copyright, Designs and Patents Act 1988.)
+# This file may have to be extensively modified
+
+package=dnsmasq-base
+
+# policy manual, section 10.1
+ifneq (,$(filter noopt,$(DEB_BUILD_OPTIONS)))
+     CFLAGS = -g -O0 -Wall -W
+else
+     CFLAGS = -g -O2 -Wall -W
+endif
+
+COPTS = 
+TARGET = install-i18n
+
+DEB_BUILD_ARCH_OS := $(shell dpkg-architecture -qDEB_BUILD_ARCH_OS)
+
+ifeq (,$(filter nodbus,$(DEB_BUILD_OPTIONS)))
+     COPTS += -DHAVE_DBUS
+endif
+
+ifeq (,$(filter noconntrack,$(DEB_BUILD_OPTIONS)))
+ifeq ($(DEB_BUILD_ARCH_OS),linux)
+     COPTS += -DHAVE_CONNTRACK
+endif
+endif
+
+ifneq (,$(filter nodhcp6,$(DEB_BUILD_OPTIONS)))
+     COPTS += -DNO_DHCP6
+endif
+
+ifneq (,$(filter noipv6,$(DEB_BUILD_OPTIONS)))
+     COPTS += -DNO_IPV6
+endif
+
+ifneq (,$(filter notftp,$(DEB_BUILD_OPTIONS)))
+     COPTS += -DNO_TFTP
+endif
+
+ifneq (,$(filter nodhcp,$(DEB_BUILD_OPTIONS)))
+     COPTS += -DNO_DHCP
+endif
+
+ifneq (,$(filter noscript,$(DEB_BUILD_OPTIONS)))
+     COPTS += -DNO_SCRIPT
+endif
+
+ifneq (,$(filter nortc,$(DEB_BUILD_OPTIONS)))
+     COPTS += -DHAVE_BROKEN_RTC
+endif
+
+ifneq (,$(filter noi18n,$(DEB_BUILD_OPTIONS)))
+     TARGET = install
+     ifeq (,$(filter noidn, $(DEB_BUILD_OPTIONS)))
+	COPTS += -DHAVE_IDN
+     endif	
+endif
+
+ifneq (,$(filter uselua,$(DEB_BUILD_OPTIONS)))
+     COPTS += -DHAVE_LUASCRIPT
+endif
+
+clean:
+	$(checkdir)
+	rm -rf debian/daemon debian/base debian/utils debian/*~ debian/files debian/substvars debian/utils-substvars
+	make clean
+	make -C contrib/wrt clean
+
+binary-indep:	checkroot
+	$(checkdir)
+	rm -rf debian/daemon
+	install -m 755 \
+	        -d debian/daemon/DEBIAN \
+		-d debian/daemon/usr/share/doc \
+	        -d debian/daemon/etc/init.d \
+		-d debian/daemon/etc/dnsmasq.d \
+	        -d debian/daemon/etc/resolvconf/update.d \
+		-d debian/daemon/usr/lib/resolvconf/dpkg-event.d \
+	        -d debian/daemon/etc/default \
+		-d debian/daemon/etc/dbus-1/system.d \
+		-d debian/daemon/lib/systemd/system \
+                -d debian/daemon/etc/insserv.conf.d
+	install -m 644 debian/conffiles debian/daemon/DEBIAN
+	install -m 755 debian/postinst debian/postrm debian/prerm debian/daemon/DEBIAN
+	install -m 755 debian/init debian/daemon/etc/init.d/dnsmasq
+	install -m 755 debian/resolvconf debian/daemon/etc/resolvconf/update.d/dnsmasq
+	install -m 755 debian/resolvconf-package debian/daemon/usr/lib/resolvconf/dpkg-event.d/dnsmasq
+	install -m 644 debian/default debian/daemon/etc/default/dnsmasq
+	install -m 644 dnsmasq.conf.example debian/daemon/etc/dnsmasq.conf
+	install -m 644 debian/readme.dnsmasq.d debian/daemon/etc/dnsmasq.d/README
+	install -m 644 debian/dbus.conf debian/daemon/etc/dbus-1/system.d/dnsmasq.conf
+	install -m 644 debian/systemd.service debian/daemon/lib/systemd/system/dnsmasq.service
+	install -m 644 debian/insserv debian/daemon/etc/insserv.conf.d/dnsmasq
+	ln -s $(package) debian/daemon/usr/share/doc/dnsmasq
+	cd debian/daemon && find . -type f ! -regex '.*DEBIAN/.*' -printf '%P\0' | xargs -r0 md5sum > DEBIAN/md5sums	
+	dpkg-gencontrol -pdnsmasq -Pdebian/daemon
+	chown -R root.root debian/daemon
+	chmod -R g-ws debian/daemon
+	dpkg --build debian/daemon ..
+
+binary-arch:	checkroot 
+	$(checkdir)
+	rm -rf debian/base
+	install -m 755 \
+		-d debian/base/DEBIAN \
+	        -d debian/base/usr/share/doc/$(package) \
+		-d debian/base/usr/share/doc/$(package)/examples \
+	        -d debian/base/var/run \
+	        -d debian/base/var/lib/misc
+	make $(TARGET) PREFIX=/usr DESTDIR=`pwd`/debian/base CFLAGS="$(CFLAGS)" COPTS="$(COPTS)" CC=gcc
+ifeq (,$(findstring nodocs,$(DEB_BUILD_OPTIONS)))
+	install -m 644 doc.html debian/base/usr/share/doc/$(package)/.
+	install -m 644 setup.html debian/base/usr/share/doc/$(package)/.
+	install -m 644 dnsmasq.conf.example debian/base/usr/share/doc/$(package)/examples/.
+	install -m 644 FAQ debian/base/usr/share/doc/$(package)/.
+	gzip -9 debian/base/usr/share/doc/$(package)/FAQ
+	install -m 644 CHANGELOG debian/base/usr/share/doc/$(package)/changelog
+	gzip -9 debian/base/usr/share/doc/$(package)/changelog
+	install -m 644 CHANGELOG.archive debian/base/usr/share/doc/$(package)/changelog.archive
+	gzip -9 debian/base/usr/share/doc/$(package)/changelog.archive
+	install -m 644 dbus/DBus-interface debian/base/usr/share/doc/$(package)/.
+	gzip -9 debian/base/usr/share/doc/$(package)/DBus-interface	
+endif
+	install -m 644 debian/changelog debian/base/usr/share/doc/$(package)/changelog.Debian
+	gzip -9 debian/base/usr/share/doc/$(package)/changelog.Debian
+	install -m 644 debian/readme debian/base/usr/share/doc/$(package)/README.Debian
+	install -m 644 debian/copyright debian/base/usr/share/doc/$(package)/copyright
+	gzip -9 debian/base/usr/share/man/man8/dnsmasq.8
+	for f in debian/base/usr/share/man/*; do \
+		if [ -f $$f/man8/dnsmasq.8 ]; then \
+                       gzip -9 $$f/man8/dnsmasq.8 ; \
+                fi \
+	done
+ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
+	strip -R .note -R .comment debian/base/usr/sbin/dnsmasq
+endif
+	cd debian/base && find . -type f ! -regex '.*DEBIAN/.*' -printf '%P\0' | xargs -r0 md5sum > DEBIAN/md5sums
+	dpkg-shlibdeps debian/base/usr/sbin/dnsmasq
+	dpkg-gencontrol -pdnsmasq-base -Pdebian/base
+	chown -R root.root debian/base
+	chmod -R g-ws debian/base 
+	dpkg --build debian/base ..
+
+ifeq ($(DEB_BUILD_ARCH_OS),linux)
+	rm -rf debian/utils
+	install -m 755 -d debian/utils/DEBIAN \
+                       -d debian/utils/usr/share/man/man1 \
+	               -d debian/utils/usr/bin \
+                       -d debian/utils/usr/share/doc/dnsmasq-utils
+	make -C contrib/wrt PREFIX=/usr DESTDIR=`pwd`/debian/utils CFLAGS="$(CFLAGS)" COPTS="$(COPTS)" CC=gcc
+	install -m 755 contrib/wrt/dhcp_release debian/utils/usr/bin/dhcp_release
+	install -m 644 contrib/wrt/dhcp_release.1 debian/utils/usr/share/man/man1/dhcp_release.1
+	gzip -9 debian/utils/usr/share/man/man1/dhcp_release.1
+	install -m 755 contrib/wrt/dhcp_lease_time debian/utils/usr/bin/dhcp_lease_time
+	install -m 644 contrib/wrt/dhcp_lease_time.1 debian/utils/usr/share/man/man1/dhcp_lease_time.1
+	install -m 644 debian/copyright debian/utils/usr/share/doc/dnsmasq-utils/copyright
+	install -m 644 debian/changelog debian/utils/usr/share/doc/dnsmasq-utils/changelog.Debian
+	gzip -9 debian/utils/usr/share/doc/dnsmasq-utils/changelog.Debian
+	gzip -9 debian/utils/usr/share/man/man1/dhcp_lease_time.1
+ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
+	strip -R .note -R .comment debian/utils/usr/bin/dhcp_release
+	strip -R .note -R .comment debian/utils/usr/bin/dhcp_lease_time
+endif	
+	cd debian/utils && find . -type f ! -regex '.*DEBIAN/.*' -printf '%P\0' | xargs -r0 md5sum > DEBIAN/md5sums
+	dpkg-shlibdeps -Tdebian/utils-substvars debian/utils/usr/bin/dhcp_release debian/utils/usr/bin/dhcp_lease_time
+	dpkg-gencontrol -Tdebian/utils-substvars -pdnsmasq-utils -Pdebian/utils
+	chown -R root.root debian/utils
+	chmod -R g-ws debian/utils 
+	dpkg --build debian/utils ..
+endif
+
+define checkdir
+	test -f Makefile -a -f debian/rules
+endef
+
+# Below here is fairly generic really
+
+binary:		binary-arch binary-indep
+build:		
+
+checkroot:
+	test root = "`whoami`"
+
+.PHONY: binary binary-arch binary-indep clean checkroot
+
+

debian/source/format

@@ -0,0 +1 @@
+1.0

debian/systemd.service

@@ -0,0 +1,31 @@
+[Unit]
+Description=A lightweight DHCP and caching DNS server
+
+[Service]
+Type=dbus
+BusName=uk.org.thekelleys.dnsmasq
+
+# Test the config file and refuse starting if it is not valid.
+ExecStartPre=/usr/sbin/dnsmasq --test
+
+# Enable DBus by default because we use DBus activation.
+#
+# Drop privileges and become the 'dnsmasq' user. It is recommended by dnsmasq
+# upstream to run dnsmasq as an isolated user that does not run any other
+# processes, owns no files and has no shell. The default 'nobody' user has a
+# shell and might be used for other processes.
+#
+# Debian-specific: add /etc/dnsmasq.d to config search path (with the exception
+# of .dpkg-*). Packages such as libvirt leave config files there.
+#
+# --pid-file without argument disables writing a PIDfile, we don't need one.
+ExecStart=/usr/sbin/dnsmasq -k \
+          --enable-dbus \
+          --user=dnsmasq \
+          -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new \
+          --pid-file
+
+ExecReload=/bin/kill -HUP $MAINPID
+
+[Install]
+WantedBy=multi-user.target

dnsmasq.conf.example

@@ -157,6 +157,17 @@
 # an explicit netmask instead.
 #dhcp-range=192.168.0.0,static
 
+# Enable DHCPv6. Note that the prefix-length does not need to be specified
+# and defaults to 64 if missing/
+#dhcp-range=1234::2, 1234::500, 64, 12h
+
+# Do Router Advertisements, BUT NOT DHCP for this subnet.
+#dhcp-range=1234::, ra-only 
+
+# Do Router Advertisements, BUT NOT DHCP for this subnet.
+# Set the lifetime to 46 hours. (Note: minimum lifetime is 2 hours.)
+#dhcp-range=1234::, ra-only, 48h
+
 # Supply parameters for specified hosts using DHCP. There are lots
 # of valid alternatives, so we will give examples of each. Note that
 # IP addresses DO NOT have to be in the range given above, they just
@@ -219,7 +230,13 @@
 # any machine with Ethernet address starting 11:22:33:
 #dhcp-host=11:22:33:*:*:*,set:red
 
-# Ignore any clients which are specified in dhcp-host lines
+# Give a fixed IPv6 address and name to client with 
+# DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
+# Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
+# Note also the they [] around the IPv6 address are obilgatory.
+#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5] 
+
+# Ignore any clients which are not specified in dhcp-host lines
 # or /etc/ethers. Equivalent to ISC "deny unknown-clients".
 # This relies on the special "known" tag which is set when
 # a host is matched.
@@ -270,6 +287,13 @@
 # Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5
 #dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
 
+# Send DHCPv6 option. Note [] around IPv6 addresses.
+#dhcp-option=option6:dns-server,[1234::77],[1234::88]
+
+# Send DHCPv6 option for namservers as the machine running 
+# dnsmasq and another.
+#dhcp-option=option6:dns-server,[::],[1234::88]
+
 # Set the NTP time server address to be the same machine as
 # is running dnsmasq
 #dhcp-option=42,0.0.0.0
@@ -304,6 +328,9 @@
 #dhcp-option=45,0.0.0.0     # netbios datagram distribution server
 #dhcp-option=46,8           # netbios node type
 
+# Send an empty WPAD option. This may be REQUIRED to get windows 7 to behave.
+#dhcp-option=252,"\n"
+
 # Send RFC-3397 DNS domain search DHCP option. WARNING: Your DHCP client
 # probably doesn't support this......
 #dhcp-option=option:domain-search,eng.apple.com,marketing.apple.com

doc.html

@@ -27,7 +27,7 @@ connection but would be a good choice for any smallish network (up to
 1000 clients is known to work) where low
 resource use and ease of configuration are important. 
 <P>
-Supported platforms include Linux (with glibc and uclibc), *BSD,
+Supported platforms include Linux (with glibc and uclibc), Android, *BSD,
 Solaris and Mac OS X.
 Dnsmasq is included in at least the following Linux distributions:
 Gentoo, Debian, Slackware, Suse, Fedora,
@@ -88,24 +88,19 @@ for any or all local machines.
 </LI>
 </DIR>
 
-<H2>Download.</H2>
+<H2>Get code.</H2>
 
-<A HREF="http://www.thekelleys.org.uk/dnsmasq/"> Download</A> dnsmasq here. 
+<A HREF="http://www.thekelleys.org.uk/dnsmasq/">Download</A> dnsmasq here. 
 The tarball includes this documentation, source, and manpage.
 There is also a <A HREF="CHANGELOG"> CHANGELOG</A> and a <A HREF="FAQ">FAQ</A>.
-Dnsmasq is part of the Debian distribution, it can be downloaded from 
-<A HREF="http://ftp.debian.org/debian/pool/main/d/dnsmasq/"> here</A> or installed using <TT>apt</TT>.
 
-<H2>Links.</H2>
-Damien Raude-Morvan has an article in French at <A HREF="http://www.drazzib.com/docs-dnsmasq.html">http://www.drazzib.com/docs-dnsmasq.html</A>
-There is a good article about dnsmasq at <A
-HREF="http://www.enterprisenetworkingplanet.com/netos/article.php/3377351">http://www.enterprisenetworkingplanet.com/netos/article.php/3377351</A>
-and another at <A
-HREF="http://www.linux.com/articles/149040">http://www.linux.com/articles/149040</A>
-and Ilya Evseev has an article in Russian about dnsmasq to be found at
-<A HREF="http://ilya-evseev.narod.ru/articles/dnsmasq">
-http://ilya-evseev.narod.ru/articles/dnsmasq</A>. Ismael Ull has an
-article about dnsmasq in Spanish at <A HREF="http://www.mey-online.com.ar/blog/index.php/archives/guia-rapida-de-dnsmasq">http://www.mey-online.com.ar/blog/index.php/archives/guia-rapida-de-dnsmasq</A>
+Dnsmasq has a git repository which contains the complete release
+history of version 2 and development history from 2.60. You can 
+<A HREF="http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=summary">browse</A>
+the repo, or get a copy using git protocol with the command
+
+<PRE><TT>git clone git://thekelleys.org.uk/dnsmasq.git </TT></PRE>
+
 <H2>License.</H2>
 Dnsmasq is distributed under the GPL. See the file COPYING in the distribution 
 for details.

man/dnsmasq.8

@@ -51,7 +51,7 @@ apply to domain names in cnames, PTR records, TXT records etc.
 .B \-T, --local-ttl=<time>
 When replying with information from /etc/hosts or the DHCP leases
 file dnsmasq by default sets the time-to-live field to zero, meaning
-that the requestor should not itself cache the information. This is
+that the requester should not itself cache the information. This is
 the correct thing to do in almost all situations. This option allows a
 time-to-live (in seconds) to be given for these replies. This will
 reduce the load on the server at the expense of clients using stale
@@ -276,7 +276,7 @@ server strictly in the order they appear in /etc/resolv.conf
 By default, when dnsmasq has more than one upstream server available,
 it will send queries to just one server. Setting this flag forces
 dnsmasq to send all queries to all available servers. The reply from
-the server which answers first will be returned to the original requestor.
+the server which answers first will be returned to the original requester.
 .TP
 .B --stop-dns-rebind
 Reject (and log) addresses from upstream nameservers which are in the
@@ -495,6 +495,9 @@ included and configured. This option cannot be combined with
 --query-port. 
 .TP
 .B \-F, --dhcp-range=[interface:<interface>,][tag:<tag>[,tag:<tag>],][set:<tag],]<start-addr>,<end-addr>[,<netmask>[,<broadcast>]][,<lease time>]
+.TP
+.B \-F, --dhcp-range=[interface:<interface>,][tag:<tag>[,tag:<tag>],][set:<tag],]<start-IPv6addr>,<end-IPv6addr>[,<prefix-len>][,<lease time>]
+
 Enable the DHCP server. Addresses will be given out from the range
 <start-addr> to <end-addr> and from statically defined addresses given
 in 
@@ -515,19 +518,29 @@ C) of the network address. The broadcast address is
 always optional. It is always
 allowed to have more than one dhcp-range in a single subnet. 
 
+For IPv6, the parameters are slightly different: instead of netmask
+and broadcast address, there is an optional prefix length. If not
+given, this defaults to 64. Unlike the IPv4 case, the prefix length is not
+automatically derived from the interface configuration. The mimimum
+size of the prefix length is 64.
+
 The optional 
 .B set:<tag> 
 sets an alphanumeric label which marks this network so that
 dhcp options may be specified on a per-network basis. 
 When it is prefixed with 'tag:' instead, then its meaning changes from setting
-a tag to matching it. Only one tag may be set, but more than one tag may be matched.
+a tag to matching it. Only one tag may be set, but more than one tag
+may be matched.
+
 The end address may be replaced by the keyword 
 .B static
 which tells dnsmasq to enable DHCP for the network specified, but not
 to dynamically allocate IP addresses: only hosts which have static
 addresses given via 
 .B dhcp-host
-or from /etc/ethers will be served. The end address may be replaced by
+or from /etc/ethers will be served. 
+
+The end address may be replaced by
 the keyword
 .B proxy
 in which case dnsmasq will provide proxy-DHCP on the specified
@@ -535,7 +548,15 @@ subnet. (See
 .B pxe-prompt
 and 
 .B pxe-service
-for details.)
+for details, applies to IPv4 only.)
+
+The end address may be replaced by
+the keyword
+.B ra-only
+which tells dnsmasq to offer Router Advertisement only on this subnet,
+and not DHCP. This applies to IPv6 only, see
+.B enable-ra
+for details.
 
 The interface:<interface name> section is not normally used. See the
 NOTES section for details of this.
@@ -545,7 +566,7 @@ Specify per host parameters for the DHCP server. This allows a machine
 with a particular hardware address to be always allocated the same
 hostname, IP address and lease time. A hostname specified like this
 overrides any supplied by the DHCP client on the machine. It is also
-allowable to ommit the hardware address and include the hostname, in
+allowable to omit the hardware address and include the hostname, in
 which case the IP address and lease times will apply to any machine
 claiming that name. For example 
 .B --dhcp-host=00:20:e0:3b:13:af,wap,infinite 
@@ -570,6 +591,12 @@ refers to the host with client identifier 01:02:03:04. It is also
 allowed to specify the client ID as text, like this:
 .B --dhcp-host=id:clientidastext,..... 
 
+A single
+.B dhcp-host 
+may contain an IPv4 address or an IPv6 address, or both. IPv6 addresses must be bracketed by square brackets thus:
+.B --dhcp-host=laptop,[1234::56]
+Note that in IPv6 DHCP, the hardware address is not normally available, so a client must be identified by client-id (called client DUID in IPv6-land) or hostname.
+
 The special option id:* means "ignore any client-id 
 and use MAC addresses only." This is useful when a client presents a client-id sometimes 
 but not others.
@@ -617,7 +644,7 @@ will only match a
 Token-Ring hardware address, since the ARP-address type for token ring
 is 6. 
 
-As a special case, it is possible to include more than one
+As a special case, in DHCPv4, it is possible to include more than one
 hardware address. eg:
 .B --dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,192.168.0.2
 This allows an IP address to be associated with
@@ -655,14 +682,14 @@ hostname or dotted-quad IP address. When read by dnsmasq these lines
 have exactly the same effect as
 .B --dhcp-host
 options containing the same information. /etc/ethers is re-read when 
-dnsmasq receives SIGHUP.
+dnsmasq receives SIGHUP. IPv6 addresses are NOT read from /etc/ethers.
 .TP
-.B \-O, --dhcp-option=[tag:<tag>,[tag:<tag>,]][encap:<opt>,][vi-encap:<enterprise>,][vendor:[<vendor-class>],][<opt>|option:<opt-name>],[<value>[,<value>]]
+.B \-O, --dhcp-option=[tag:<tag>,[tag:<tag>,]][encap:<opt>,][vi-encap:<enterprise>,][vendor:[<vendor-class>],][<opt>|option:<opt-name>|option6:<opt>|option6:<opt-name>],[<value>[,<value>]]
 Specify different or extra options to DHCP clients. By default,
 dnsmasq sends some standard options to DHCP clients, the netmask and
 broadcast address are set to the same as the host running dnsmasq, and
 the DNS server and default route are set to the address of the machine
-running dnsmasq. If the domain name option has been set, that is sent.
+running dnsmasq. (Equivalent rules apply for IPv6.) If the domain name option has been set, that is sent.
 This configuration allows these defaults to be overridden,
 or other options specified. The option, to be sent may be given as a
 decimal number or as "option:<option-name>" The option numbers are
@@ -677,7 +704,7 @@ and to set the time-server address to 192.168.0.4, do
 .B --dhcp-option = 42,192.168.0.4 
 or 
 .B --dhcp-option = option:ntp-server, 192.168.0.4
-The special address 0.0.0.0 is taken to mean "the address of the
+The special address 0.0.0.0 (or [::] for DHCPv6) is taken to mean "the address of the
 machine running dnsmasq". Data types allowed are comma separated
 dotted-quad IP addresses, a decimal number, colon-separated hex digits
 and a text string. If the optional tags are given then
@@ -689,6 +716,14 @@ to option 120 are handled as per RFC 3361. Dotted-quad IP addresses
 which are followed by a slash and then a netmask size are encoded as
 described in RFC 3442.
 
+IPv6 options are specified using the 
+.B option6:
+keyword, followed by the option number or option name. The IPv6 option
+name space is disjoint from the IPv4 option name space. IPv6 addresses
+in options must be bracketed with square brackets, eg. 
+.B --dhcp-option=option6:ntp-server,[1234::56]
+ 
+
 Be careful: no checking is done that the correct type of data for the
 option number is sent, it is quite possible to
 persuade dnsmasq to generate illegal DHCP packets with injudicious use
@@ -704,7 +739,7 @@ literal string, use quotes. For instance when using option 66 to send
 a literal IP address as TFTP server name, it is necessary to do
 .B --dhcp-option=66,"1.2.3.4"
 
-Encapsulated Vendor-class options may also be specified using
+Encapsulated Vendor-class options may also be specified (IPv4 only) using
 --dhcp-option: for instance 
 .B --dhcp-option=vendor:PXEClient,1,0.0.0.0 
 sends the encapsulated vendor
@@ -716,9 +751,9 @@ for selecting encapsulated options in preference to any sent by the
 client. It is
 possible to omit the vendorclass completely;
 .B --dhcp-option=vendor:,1,0.0.0.0
-in which case the encapsulated option is always sent.
+in which case the encapsulated option is always sent. 
 
-Options may be encapsulated within other options: for instance
+Options may be encapsulated (IPv4 only) within other options: for instance
 .B --dhcp-option=encap:175, 190, "iscsi-client0"
 will send option 175, within which is the option 190. If multiple
 options are given which are encapsulated with the same option number
@@ -729,8 +764,9 @@ The final variant on encapsulated options is "Vendor-Identifying
 Vendor Options" as specified by RFC3925. These are denoted like this: 
 .B --dhcp-option=vi-encap:2, 10, "text"
 The number in the vi-encap: section is the IANA enterprise number
-used to identify this option.
-
+used to identify this option. This form of encapsulation is supported
+in IPv6.
+ 
 The address 0.0.0.0 is not treated specially in
 encapsulated options.
 .TP
@@ -742,14 +778,14 @@ not ask for it in the parameter request list. This is sometimes
 needed, for example when sending options to PXELinux.
 .TP
 .B --dhcp-no-override
-Disable re-use of the DHCP servername and filename fields as extra
+(IPv4 only) Disable re-use of the DHCP servername and filename fields as extra
 option space. If it can, dnsmasq moves the boot server and filename
 information (from dhcp-boot) out of their dedicated fields into
 DHCP options. This make extra space available in the DHCP packet for
 options but can, rarely, confuse old or broken clients. This flag
 forces "simple and safe" behaviour to avoid problems in such a case.
 .TP
-.B \-U, --dhcp-vendorclass=set:<tag>,<vendor-class>
+.B \-U, --dhcp-vendorclass=set:<tag>,[enterprise:<IANA-enterprise number>,]<vendor-class>
 Map from a vendor-class string to a tag. Most DHCP clients provide a 
 "vendor class" which represents, in some sense, the type of host. This option 
 maps vendor classes to tags, so that DHCP options may be selectively delivered
@@ -759,7 +795,13 @@ will allow options to be set only for HP printers like so:
 .B --dhcp-option=tag:printers,3,192.168.4.4 
 The vendor-class string is
 substring matched against the vendor-class supplied by the client, to
-allow fuzzy matching. The set: prefix is optional but allowed for consistency.
+allow fuzzy matching. The set: prefix is optional but allowed for
+consistency. 
+
+Note that in IPv6 only, vendorclasses are namespaced with an 
+IANA-allocated enterprise number. This is given with enterprise:
+keyword and specifies that only vendorclasses matching the specified
+number should be searched.
 .TP
 .B \-j, --dhcp-userclass=set:<tag>,<user-class>
 Map from a user-class string to a tag (with substring
@@ -771,7 +813,7 @@ this to set a different printer server for hosts in the class
 "accounts" than for hosts in the class "engineering".
 .TP
 .B \-4, --dhcp-mac=set:<tag>,<MAC address>
-Map from a MAC address to a tag. The MAC address may include
+(IPv4 only) Map from a MAC address to a tag. The MAC address may include
 wildcards. For example
 .B --dhcp-mac=set:3com,01:34:23:*:*:*
 will set the tag "3com" for any host whose MAC address matches the pattern.
@@ -781,13 +823,16 @@ Map from RFC3046 relay agent options to tags. This data may
 be provided by DHCP relay agents. The circuit-id or remote-id is
 normally given as colon-separated hex, but is also allowed to be a
 simple string. If an exact match is achieved between the circuit or
-agent ID and one provided by a relay agent, the tag is set.
+agent ID and one provided by a relay agent, the tag is set. 
+
+.B dhcp-remoteid
+(but not dhcp-circuitid) is supported in IPv6. 
 .TP
 .B --dhcp-subscrid=set:<tag>,<subscriber-id>
-Map from RFC3993 subscriber-id relay agent options to tags.
+(IPv4 and IPv6) Map from RFC3993 subscriber-id relay agent options to tags.
 .TP
 .B --dhcp-proxy[=<ip addr>]......
-A normal DHCP relay agent is only used to forward the initial parts of
+(IPv4 only) A normal DHCP relay agent is only used to forward the initial parts of
 a DHCP interaction to the DHCP server. Once a client is configured, it
 communicates directly with the server. This is undesirable if the
 relay agent is addding extra information to the DHCP packets, such as
@@ -847,7 +892,7 @@ dhcp-host configuration in dnsmasq and the contents of /etc/hosts and
 /etc/ethers.
 .TP
 .B --dhcp-generate-names=tag:<tag>[,tag:<tag>]
-Generate a name for DHCP clients which do not otherwise have one,
+(IPv4 only) Generate a name for DHCP clients which do not otherwise have one,
 using the MAC address expressed in hex, seperated by dashes. Note that
 if a host provides a name, it will be used by preference to this,
 unless 
@@ -855,14 +900,14 @@ unless
 is set.
 .TP
 .B --dhcp-broadcast[=tag:<tag>[,tag:<tag>]]
-When all the given tags appear in the tag set, always use broadcast to
+(IPv4 only) When all the given tags appear in the tag set, always use broadcast to
 communicate with the host when it is unconfigured. It is permissible
 to supply no tags, in which case this is unconditional. Most DHCP clients which
 need broadcast replies set a flag in their requests so that this
 happens automatically, some old BOOTP clients do not.
 .TP
 .B \-M, --dhcp-boot=[tag:<tag>,]<filename>,[<servername>[,<server address>|<tftp_servername>]]
-Set BOOTP options to be returned by the DHCP server. Server name and
+(IPv4 only) Set BOOTP options to be returned by the DHCP server. Server name and
 address are optional: if not provided, the name is left empty, and the
 address set to the address of the machine running dnsmasq. If dnsmasq
 is providing a TFTP service (see 
@@ -888,7 +933,7 @@ address, and setting this flag enables this mode. Note that in the
 sequential mode, clients which allow a lease to expire are much more
 likely to move IP address; for this reason it should not be generally used.
 .TP
-.B --pxe-service=[tag:<tag>,]<CSA>,<menu text>[,<basename>|<bootservicetype>][,<server address>]
+.B --pxe-service=[tag:<tag>,]<CSA>,<menu text>[,<basename>|<bootservicetype>][,<server address>|<server_name>]
 Most uses of PXE boot-ROMS simply allow the PXE
 system to obtain an IP address and then download the file specified by
 .B dhcp-boot
@@ -904,17 +949,19 @@ parameter after the menu text may be a file name, in which case dnsmasq acts as
 boot server and directs the PXE client to download the file by TFTP,
 either from itself (
 .B enable-tftp 
-must be set for this to work) or another TFTP server if the final IP
-address is given.
+must be set for this to work) or another TFTP server if the final server
+address/name is given.
 Note that the "layer"
 suffix (normally ".0") is supplied by PXE, and should not be added to
 the basename. If an integer boot service type, rather than a basename
 is given, then the PXE client will search for a
 suitable boot service for that type on the network. This search may be done
-by broadcast, or direct to a server if its IP address is provided.  
+by broadcast, or direct to a server if its IP address/name is provided.  
 If no boot service type or filename is provided (or a boot service type of 0 is specified)
 then the menu entry will abort the net boot procedure and
-continue booting from local media.
+continue booting from local media. The server address can be given as a domain
+name which is looked up in /etc/hosts. This name can be associated in
+/etc/hosts with multiple IP addresses, which are used round-robin.
 .TP
 .B --pxe-prompt=[tag:<tag>,]<prompt>[,<timeout>]
 Setting this provides a prompt to be displayed after PXE boot. If the
@@ -947,7 +994,7 @@ create thousands of leases and use lots of memory in the dnsmasq
 process.
 .TP
 .B \-K, --dhcp-authoritative
-Should be set when dnsmasq is definitely the only DHCP server on a network.
+(IPv4 only) Should be set when dnsmasq is definitely the only DHCP server on a network.
 It changes the behaviour from strict RFC compliance so that DHCP requests on
 unknown leases from unknown hosts are not ignored. This allows new hosts
 to get a lease without a tedious timeout under all circumstances. It also 
@@ -955,7 +1002,7 @@ allows dnsmasq to rebuild its lease database without each client needing to
 reacquire a lease, if the database is lost.
 .TP
 .B --dhcp-alternate-port[=<server port>[,<client port>]]
-Change the ports used for DHCP from the default. If this option is
+(IPv4 only) Change the ports used for DHCP from the default. If this option is
 given alone, without arguments, it changes the ports used for DHCP
 from 67 and 68 to 1067 and 1068. If a single argument is given, that
 port number is used for the server and the port number plus one used
@@ -963,7 +1010,7 @@ for the client. Finally, two port numbers allows arbitrary
 specification of both server and client ports for DHCP.
 .TP
 .B \-3, --bootp-dynamic[=<network-id>[,<network-id>]]
-Enable dynamic allocation of IP addresses to BOOTP clients. Use this
+(IPv4 only) Enable dynamic allocation of IP addresses to BOOTP clients. Use this
 with care, since each address allocated to a BOOTP client is leased
 forever, and therefore becomes permanently unavailable for re-use by
 other hosts. if this is given without tags, then it unconditionally
@@ -971,7 +1018,7 @@ enables dynamic allocation. With tags, only when the tags are all
 set. It may be repeated with different tag sets. 
 .TP
 .B \-5, --no-ping
-By default, the DHCP server will attempt to ensure that an address in
+(IPv4 only) By default, the DHCP server will attempt to ensure that an address in
 not in use before allocating it to a host. It does this by sending an
 ICMP echo request (aka "ping") to the address in question. If it gets
 a reply, then the address must already be in use, and another is
@@ -990,7 +1037,7 @@ executable specified by this option is run.  <path>
 must be an absolute pathname, no PATH search occurs. 
 The arguments to the process
 are "add", "old" or "del", the MAC
-address of the host, the IP address, and the hostname,
+address of the host (or DUID for IPv6) , the IP address, and the hostname,
 if known. "add" means a lease has been created, "del" means it has
 been destroyed, "old" is a notification of an existing lease when
 dnsmasq starts or a change to MAC address or hostname of an existing
@@ -1001,21 +1048,17 @@ token ring. The process is run as root (assuming that dnsmasq was originally run
 root) even if dnsmasq is configured to change UID to an unprivileged user.
 
 The environment is inherited from the invoker of dnsmasq, with some or
-all of the following variables added.
+all of the following variables added
 
-DNSMASQ_CLIENT_ID if the host provided a client-id.
+For both IPv4 and IPv6:
 
 DNSMASQ_DOMAIN if the fully-qualified domain name of the host is
 known, this is set to the  domain part. (Note that the hostname passed
 to the script as an argument is never fully-qualified.)
 
-If the client provides vendor-class, hostname or user-class, 
-these are provided in DNSMASQ_VENDOR_CLASS
-DNSMASQ_SUPPLIED_HOSTNAME and 
-DNSMASQ_USER_CLASS0..DNSMASQ_USER_CLASSn variables, but only for
-"add" actions or "old" actions when a host resumes an existing lease,
-since these data are not held in dnsmasq's lease
-database.
+If the client provides a hostname, DNSMASQ_SUPPLIED_HOSTNAME
+
+If the client provides user-classes, DNSMASQ_USER_CLASS0..DNSMASQ_USER_CLASSn 
 
 If dnsmasq was compiled with HAVE_BROKEN_RTC, then
 the length of the lease (in seconds) is stored in
@@ -1039,6 +1082,32 @@ is known.
 DNSMASQ_TAGS contains all the tags set during the
 DHCP transaction, separated by spaces.
 
+For IPv4 only:
+
+DNSMASQ_CLIENT_ID if the host provided a client-id.
+
+If the client provides vendor-class, DNSMASQ_VENDOR_CLASS.
+
+For IPv6 only:
+
+If the client provides vendor-class, DNSMASQ_VENDOR_CLASS_ID,
+containing the IANA enterprise id for the class, and
+DNSMASQ_VENDOR_CLASS0..DNSMASQ_VENDOR_CLASSn for the data.
+
+DNSMASQ_SERVER_DUID containing the DUID of the server: this is the same for
+every call to the script.
+
+DNSMASQ_IAID containing the IAID for the lease. If the lease is a
+temporary allocation, this is prefixed to 'T'.
+
+
+
+Note that the supplied hostname, vendorclass and userclass data is
+only  supplied for
+"add" actions or "old" actions when a host resumes an existing lease,
+since these data are not held in dnsmasq's lease
+database.
+
 All file descriptors are
 closed except stdin, stdout and stderr which are open to /dev/null
 (except in debug mode).
@@ -1058,8 +1127,43 @@ leases will be called with "del" and others with "old". When dnsmasq
 receives a HUP signal, the script will be invoked for existing leases
 with an "old " event.
 .TP
+.B --dhcp-luascript=<path>
+Specify a script written in Lua, to be run when leases are created,
+destroyed or changed. To use this option, dnsmasq must be compiled
+with the correct support. The Lua interpreter is intialised once, when
+dnsmasq starts, so that global variables persist between lease
+events. The Lua code must define a
+.B lease
+function, and may provide
+.B init
+and
+.B shutdown
+functions, which are called, without arguments when dnsmasq starts up
+and terminates.
+
+The 
+.B lease
+method receives the information detailed in 
+.B --dhcp-script. 
+It gets two arguments, firstly the action, which is a string
+containing, "add", "old" or "del", and secondly a table of tag value
+pairs. The tags mostly correspond to the environment variables
+detailed above, for instance the tag "domain" holds the same data as
+the environment variable DNSMASQ_DOMAIN. There are a few extra tags
+which hold the data supplied as arguments to
+.B --dhcp-script. 
+These are 
+.B mac_address, ip_address
+and 
+.B hostname
+for IPv4, and 
+.B client_duid, ip_address
+and 
+.B hostname
+for IPv6. 
+.TP
 .B --dhcp-scriptuser
-Specify the user as which to run the lease-change script. This defaults to root, but can be changed to another user using this flag. 
+Specify the user as which to run the lease-change script or Lua script. This defaults to root, but can be changed to another user using this flag. 
 .TP 
 .B \-9, --leasefile-ro
 Completely suppress use of the lease database file. The file will not
@@ -1134,6 +1238,34 @@ without an address specified when
 .B --dhcp-fqdn 
 is set.
 .TP
+.B --dhcp-client-update
+Normally, when giving a DHCP lease, dnsmasq sets flags in the FQDN
+option to tell the client not to attempt a DDNS update with its name
+and IP address. This is because the name-IP pair is automatically
+added into dnsmasq's DNS view. This flag suppresses that behaviour,
+this is useful, for instance, to allow Windows clients to update
+Active Directory servers. See RFC 4702 for details. 
+.TP
+.B --enable-ra
+Enable dnsmasq's IPv6 Router Advertisement feature. DHCPv6 doesn't
+handle complete network configuration in the same way as DHCPv4. Router
+discovery and (possibly) prefix discovery for autonomous address
+creation are handled by a different protocol. When DHCP is in use,
+only a subset of this is needed, and dnsmasq can handle it, using
+existing DHCP configuration to provide most data. When RA is enabled,
+dnsmasq will advertise a prefix for each dhcp-range, with default
+router and recursive DNS server as the relevant link-local address on 
+the machine running dnsmasq. The "managed address" bits are set,
+except for a dhcp-range which is marked as "ra-only", in which case RA
+is provided but no DHCPv6 service and the managed address bits are
+cleared. 
+.B enable-ra
+enables router advertisement for prefixes where dnsmasq is doing
+DHCPv6. It is not needed to "ra-only" prefixes. Creating an "ra-only"
+prefix and not setting 
+.B enable-ra
+sends advertisements only to "ra-only" prefixes. 
+.TP
 .B --enable-tftp[=<interface>]
 Enable the TFTP server function. This is deliberately limited to that
 needed to net-boot a client. Only reading is allowed; the tsize and

man/fr/dnsmasq.8

@@ -579,7 +579,9 @@ avec le support conntrack, le noyau doit également inclure conntrack et être
 configuré pour cela. Cette option ne peut pas être combinée avec
 --query-port. 
 .TP
-.B \-F, --dhcp-range=[interface:<interface>,][tag:<label>[,tag:<label>],][set:<label],]<adresse de début>,<adresse de fin>[,<masque de réseau>[,<broadcast>]][,<durée de bail>]
+.B \-F, --dhcp-range=[interface:<interface>,][tag:<label>[,tag:<label>],][set:<label>],]<adresse de début>,<adresse de fin>[,<masque de réseau>[,<broadcast>]][,<durée de bail>]
+.TP
+.B \-F, --dhcp-range=[interface:<interface>,][tag:<label>[,tag:<label>],][set:<label>],]<addresse IPv6 de début>,<adresse IPv6 de fin>[,<longueur de préfixe>][,<durée de bail>]
 Active le serveur DHCP. Les adresses seront données dans la plage comprise entre
 <adresse de début> et <adresse de fin> et à partir des adresses définies
 statiquement dans l'option
@@ -604,6 +606,14 @@ est toujours optionnelle.
 
 Il est toujours possible d'avoir plus d'une plage DHCP pour un même
 sous-réseau.
+
+Pour IPv6, les paramètres sont légèrement différents : au lieu d'un masque de
+réseau et d'une adresse de broadcast, il existe une longueur de préfixe
+optionnelle. Si elle est omise, la valeur par défaut est 64. À la différence
+d'IPv4, la longueur de préfixe n'est pas automatiquement déduite de la
+configuration de l'interface. La taille minimale pour la longueur de préfixe
+est 64.
+
 L'identifiant de label optionnel
 .B set:<label>
 fournie une étiquette alphanumérique qui identifie ce réseau, afin de permettre
@@ -627,7 +637,15 @@ spécifié. (voir
 .B pxe-prompt
 et
 .B pxe-service
-pour plus de détails).
+pour plus de détails, s'applique à IPv4 seulement).
+
+L'adresse de fin peut être remplacée par le mot-clef
+.B ra-only
+qui indique à dnsmasq de n'effectuer que des annonces de routeur (Router
+Advertisement, RA) sur ce sous-réseau, et de ne pas faire de DHCP. Ceci
+s'applique uniquement à IPv6, voir
+.B enable-ra
+pour plus de détails.
 
 La section interface:<nom d'interface> n'est normalement pas utilisée. Se
 référer aux indications de la section NOTES pour plus de détail à ce sujet.
@@ -663,6 +681,15 @@ spécifier l'identifiant client sous la forme d'une chaîne de caractères, comm
 ceci :
 .B --dhcp-host=id:identifiantclientsousformedechaine,..... 
 
+Un seul
+.B dhcp-host 
+peut contenir une adresse IPv4, une adresse IPv6, ou les deux en même temps.
+Les adresses IPv6 doivent-être mises entre crochets comme suit :
+.B --dhcp-host=laptop,[1234::56]
+A noter que pour le DHCP IPv6, l'adresse matérielle n'est en principe pas
+disponible, aussi un client doit-être identifié par un identifiant de client
+(appellé "DUID client") ou un nom d'hôte.
+
 L'option spéciale id:* signifie : "ignorer tout identifiant client et n'utiliser
 que l'adresse matérielle". Cela est utile lorsqu'un client présente un
 identifiant client mais pas les autres.
@@ -709,7 +736,7 @@ ARP en les précédant du type ARP (en Hexadécimal) et de "-". Ainsi
 coïncidera uniquement avec des adresses matérielles Token-Ring, puisque le type
 ARP pour une adresse Token-Ring est 6.
 
-Un cas spécial correspond à l'inclusion d'une ou plusieurs adresses
+Un cas spécial, pour IPv4, correspond à l'inclusion d'une ou plusieurs adresses
 matérielles, c-à-d :
 .B --dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,192.168.0.2.
 Cela permet à une adresse IP d'être associé à plusieurs adresses
@@ -750,22 +777,22 @@ une adresse IP sous la forme de 4 chiffres séparés par des points. Lorsque lu
 par Dnsmasq, ces lignes ont exactement le même effet que l'option
 .B --dhcp-host
 contenant les mêmes informations. /etc/ethers est relu à la réception d'un
-signal SIGHUP par Dnsmasq.
+signal SIGHUP par Dnsmasq. Les adresses IPv6 ne sont PAS lues dans /etc/ethers.
 .TP
-.B \-O, --dhcp-option=[tag:<label>,[tag:<label>]][encap:<option>,][vi-encap:<entreprise>,][vendor:[<classe_vendeur>],][<option>|option:<nom d'option>],[<valeur>[,<valeur>]]
+.B \-O, --dhcp-option=[tag:<label>,[tag:<label>]][encap:<option>,][vi-encap:<entreprise>,][vendor:[<classe_vendeur>],][<option>|option:<nom d'option>|option6:<option>|option6:<nom d'option>],[<valeur>[,<valeur>]]
 Spécifie des options différentes ou supplémentaires pour des clients DHCP. Par
 défaut, Dnsmasq envoie un ensemble standard d'options aux clients DHCP : le
 masque de réseau et l'adresse de broadcast sont les mêmes que pour l'hôte
 sur lequel tourne Dnsmasq, et le serveur DNS ainsi que la route par défaut
-prennent comme valeur l'adresse de la machine sur laquelle tourne Dnsmasq. Si
-une option de nom de domaine a été définie, son contenu est transmis. Cette
-option de configuration permet de changer toutes ces valeurs par défaut, ou de
-spécifier d'autres options. L'option DHCP à transmettre peut être fournie sous
-forme d'un nombre décimal ou sous la forme "option:<nom d'option>". Les nombres
-correspondants aux options sont définis dans la RFC2132 et suivants. Les noms
-d'options connus par Dnsmasq peuvent être obtenus via "Dnsmasq --help dhcp".
-Par exemple, pour définir la route par défaut à 192.168.4.4, il est possible de
-faire
+prennent comme valeur l'adresse de la machine sur laquelle tourne Dnsmasq. 
+(Des règles équivalentes s'appliquent en IPv6). Si une option de nom de domaine
+a été définie, son contenu est transmis. Cette option de configuration permet
+de changer toutes ces valeurs par défaut, ou de spécifier d'autres options.
+L'option DHCP à transmettre peut être fournie sous forme d'un nombre décimal 
+ou sous la forme "option:<nom d'option>". Les nombres correspondants aux options
+sont définis dans la RFC2132 et suivants. Les noms d'options connus par Dnsmasq 
+peuvent être obtenus via "Dnsmasq --help dhcp". Par exemple, pour définir la
+route par défaut à 192.168.4.4, il est possible de faire
 .B --dhcp-option=3,192.168.4.4 
 ou
 .B --dhcp-option = option:router, 192.168.4.4
@@ -788,6 +815,13 @@ de l'option 120 sont traités conforméments à la RFC 3361. Les adresses IP sou
 forme de 4 chiffres séparés par des points suivies par une barre montante "/",
 puis une taille de masque sont encodés conforméments à la RFC 3442.
 
+Les options IPv6 sont fournies en utilisant le mot-clef
+.B option6:
+suivi par le numéro d'option ou le nom d'option. L'espace de nommage des options
+IPv6 est disjint de l'espace de nommage des options IPv4. Les adresses IPv6
+en option doivent être entourées de crochets, comme par exemple :
+.B --dhcp-option=option6:ntp-server,[1234::56]
+
 Attention : aucun test n'étant fait pour vérifier que des données d'un type
 adéquat sont envoyées pour un numéro d'option donné, il est tout à fait possible
 de persuader Dnsmasq de générer des paquets DHCP illégaux par une utilisation
@@ -806,8 +840,8 @@ d'une chaîne de caractères comme nom de serveur TFTP, il est nécessaire de fa
 comme suit :
 .B --dhcp-option=66,"1.2.3.4"
 
-Les options encapsulées de classes de vendeurs peuvent-être aussi spécifiées en
-utilisant
+Les options encapsulées de classes de vendeurs peuvent-être aussi spécifiées 
+(pour IPv4 seulement) en utilisant
 .B --dhcp-option
 : par exemple
 .B --dhcp-option=vendor:PXEClient,1,0.0.0.0
@@ -823,7 +857,7 @@ par le client. Il est possible d'omettre complètement une classe de vendeur :
 .B --dhcp-option=vendor:,1,0.0.0.0
 Dans ce cas l'option encapsulée est toujours envoyée.
 
-Les options peuvent-être encapsulées au sein d'autres options :
+En IPv4, les options peuvent-être encapsulées au sein d'autres options :
 par exemple
 .B --dhcp-option=encap:175, 190, "iscsi-client0"
 enverra l'option 175, au sein de laquelle se trouve l'option 190.
@@ -836,7 +870,8 @@ identifiant le vendeur" ("Vendor-Identifying Vendor Options") telle que
 décrite dans le RFC3925. Celles-ci sont spécifiées comme suit :
 .B --dhcp-option=vi-encap:2, 10, "text"
 Le numéro dans la section vi-encap: est le numéro IANA de l'entreprise servant
-à identifier cette option.
+à identifier cette option. Cette forme d'encapsulation est également supportée
+en IPv6.
 
 L'adresse 0.0.0.0 n'est pas traitée de manière particulière lorsque fournie dans
 une option encapsulée.
@@ -849,8 +884,8 @@ dans la liste de paramêtres requis. Cela est parfois nécessaire, par exemple l
 de la fourniture d'options à PXELinux.
 .TP
 .B --dhcp-no-override
-Désactive la réutilisation des champs DHCP nom de serveur et nom de
-fichier comme espace supplémentaire pour les options. Si cela est
+(IPv4 seulement) Désactive la réutilisation des champs DHCP nom de serveur et
+nom de fichier comme espace supplémentaire pour les options. Si cela est
 possible, dnsmasq déplace les informations sur le serveur de démarrage
 et le nom de fichier (fournis par 'dhcp-boot') en dehors des champs
 dédiés à cet usage dans les options DHCP. Cet espace supplémentaire est
@@ -859,7 +894,8 @@ quelques rares cas, perturber des clients vieux ou défectueux. Cette
 option force le comportement à l'utilisation des valeurs "simples et sûres"
 afin d'éviter des problèmes dans de tels cas.
 .TP
-.B \-U, --dhcp-vendorclass=set:<label>,<classe de vendeur>
+.B \-U, --dhcp-vendorclass=set:<label>,[enterprise:<numéro IANA d'enterprise>,]<classe de vendeur>
+
 Associe une chaîne de classe de vendeur à un label. La plupart
 des clients DHCP fournissent une "classe de vendeur" ("vendor class") qui
 représente, d'une certaine façon, le type d'hôte. Cette option associe des
@@ -875,6 +911,11 @@ en temps que sous-chaîne de caractères au sein de la classe de vendeur fournie
 par le client, de façon à permettre la recherche d'un sous-ensemble de la chaîne
 de caractères ("fuzzy matching"). Le préfixe set: est optionnel mais autorisé
 afin de conserver une certaine homogénéité.
+
+Notez qu'en IPv6 (et seulement en IPv6), les noms de classes de vendeurs
+sont dans un espace de nom associé au numéro attribué à l'entreprise par
+l'IANA. Ce numéro est fourni par le biais du mot-clef enterprise: et seules
+les classes de vendeurs associées au numéro spécifié seront cherchées.
 .TP
 .B \-j, --dhcp-userclass=set:<label>,<classe utilisateur>
 Associe une chaîne de classe d'utilisateur à un label (effectue la
@@ -887,7 +928,7 @@ d'impression différent pour les hôtes de la classe "comptes" et ceux de la
 classe "ingénierie".
 .TP
 .B \-4, --dhcp-mac=set:<label>,<adresse MAC>
-Associe une adresse matérielle (MAC) à un label. L'adresse
+(IPv4 uniquement) Associe une adresse matérielle (MAC) à un label. L'adresse
 matérielle peut inclure des jokers. Par exemple
 .B --dhcp-mac=set:3com,01:34:23:*:*:*
 permet de définir le label "3com" pour n'importe quel hôte dont l'adresse
@@ -901,16 +942,19 @@ chaîne de valeurs hexadécimales séparées par des ":", mais il est également
 possible qu'elle le soit sous la forme d'une simple chaîne de caractères. Si
 l'identifiant de circuit ou d'agent correspond exactement à celui fourni par le
 relais DHCP, alors le label est apposé.
+.B dhcp-remoteid
+est supporté en IPv6 (mais non dhcp-circuitid).
 .TP
 .B --dhcp-subscrid=set:<label>,<identifiant d'abonné>
-Associe des options de relais DHCP issues de la RFC3993 à des labels.
+(IPv4 et IPv6) Associe des options de relais DHCP issues de la RFC3993 à des
+labels.
 .TP
 .B --dhcp-proxy[=<adresse ip>]......
-Un agent relai DHCP normal est uniquement utilisé pour faire suivre les
-éléments initiaux de l'interaction avec le serveur DHCP. Une fois que le
-client est configuré, il communique directement avec le serveur. Cela n'est pas
-souhaitable si le relais rajoute des informations supplémentaires aux paquets
-DHCP, telles que celles utilisées dans
+(IPv4 seulement) Un agent relai DHCP normal est uniquement utilisé pour faire
+suivre les éléments initiaux de l'interaction avec le serveur DHCP. Une fois
+que le client est configuré, il communique directement avec le serveur. Cela
+n'est pas souhaitable si le relais rajoute des informations supplémentaires
+aux paquets DHCP, telles que celles utilisées dans
 .B dhcp-circuitid
 et
 .B dhcp-remoteid.
@@ -973,26 +1017,28 @@ configuration dhcp-host de Dnsmasq, ainsi que le contenu des fichiers /etc/hosts
 et /etc/ethers.
 .TP
 .B --dhcp-generate-names=tag:<label>[,tag:<label>]
-Générer un nom pour les clients DHCP qui autrement n'en aurait pas, en
-utilisant l'adresse MAC sous sa forme hexadécimale, séparée par des tirets.
+(IPv4 seulement) Générer un nom pour les clients DHCP qui autrement n'en aurait
+pas, en utilisant l'adresse MAC sous sa forme hexadécimale, séparée par des
+tirets.
 Noter que si un hôte fourni un nom, celui-ci sera utilisé de préférence au nom
 autogénéré, à moins que
 .B --dhcp-ignore-names 
 ne soit positionné.
 .TP
 .B --dhcp-broadcast=[tag:<label>[,tag:<label>]]
-Lorsque tous les labels fournis dans l'option sont présents, toujours utiliser
-le broadcast pour communiquer avec l'hôte lorsque celui-ci n'est
-pas configuré. Il est possible de ne spécifier aucun label, auquel cas cette
-option s'applique inconditionnellement. La plupart des clients DHCP nécessitant une réponse par le biais
-d'un broadcast activent une option dans leur requête, ce qui fait que cela
-se fait automatiquement, mais ce n'est pas la cas de certains vieux clients BOOTP.
+(IPv4 seulement) Lorsque tous les labels fournis dans l'option sont présents,
+toujours utiliser le broadcast pour communiquer avec l'hôte lorsque celui-ci
+n'est pas configuré. Il est possible de ne spécifier aucun label, auquel cas
+cette option s'applique inconditionnellement. La plupart des clients DHCP
+nécessitant une réponse par le biais d'un broadcast activent une option dans
+leur requête, ce qui fait que cela se fait automatiquement, mais ce n'est pas
+le cas de certains vieux clients BOOTP.
 .TP
 .B \-M, --dhcp-boot=[tag:<label>,]<nom de fichier>,[<nom de serveur>[,<adresse de serveur>|<nom du serveur tftp>]]
-Spécifie les options BOOTP devant être retournées par le serveur DHCP. Le nom de
-serveur ainsi que l'adresse sont optionnels : s'ils ne sont pas fournis, le nom
-est laissé vide et l'adresse fournie est celle de la machine sur laquelle
-s'exécute Dnsmasq. Si Dnsmasq founit un service TFTP (voir
+(IPv4 seulement) Spécifie les options BOOTP devant être retournées par le
+serveur DHCP. Le nom de serveur ainsi que l'adresse sont optionnels : s'ils
+ne sont pas fournis, le nom est laissé vide et l'adresse fournie est celle de
+la machine sur laquelle s'exécute Dnsmasq. Si Dnsmasq founit un service TFTP (voir
 .B --enable-tftp
 ), alors seul un nom de fichier est requis ici pour permettre un démarrage par
 le réseau.
@@ -1018,7 +1064,7 @@ Veuillez noter que dans ce mode séquentiel, les clients qui laissent expirer
 leur bail ont beaucoup plus de chance de voir leur adresse IP changer, aussi
 cette option ne devrait pas être utilisée dans un cas général.
 .TP
-.B --pxe-service=[tag:<label>,]<CSA>,<entrée de menu>[,<nom de fichier>|<type de service de démarrage>][,<adresse de serveur>]
+.B --pxe-service=[tag:<label>,]<CSA>,<entrée de menu>[,<nom de fichier>|<type de service de démarrage>][,<adresse de serveur>|<nom de serveur>]
 La plupart des ROMS de démarrage PXE ne permettent au système PXE que la simple
 obtention d'une adresse IP, le téléchargement du fichier spécifié dans
 .B dhcp-boot
@@ -1036,17 +1082,20 @@ client PXE qu'il faut télécharger ce fichier via TFTP, soit depuis ce serveur
 (l'option
 .B enable-tftp 
 doit être spécifiée pour que cela marche), soit depuis un autre serveur TFTP
-si une adresse de serveur est fournie.
+si une adresse ou un nom de serveur est fournie.
 Veuillez noter que le suffixe de "couche" (en principe ".0") est fourni par PXE
 et ne doit pas être rajouté au nom de fichier. Si une valeur numérique entière
 est fournir pour le type de démarrage, en remplacement du nom de fichier, le
 client PXE devra chercher un service de démarrage de ce type sur le réseau.
 Cette recherche peut être faite via broadcast ou directement auprès d'un
-serveur si son adresse IP est fournie dans l'option.
+serveur si son adresse IP ou son nom sont fournis dans l'option.
 Si aucun nom de fichier n'est donné ni aucune valeur de type de service de
 démarrage n'est fournie (ou qu'une valeur de 0 est donnée pour le type de
 service), alors l'entrée de menu provoque l'interruption du démarrage par
-le réseau et la poursuite du démarrage sur un média local.
+le réseau et la poursuite du démarrage sur un média local. L'adresse de serveur
+peut être donnée sous la forme de nom de domaine qui est recherché dans
+/etc/hosts. Ce nom peut-être associé à plusieurs adresses IP, qui dans ce cas
+sont utilisées à tour de rôle (en "round-robin").
 .TP
 .B --pxe-prompt=[tag:<label>,]<invite>[,<délai>]
 Cette option permet d'afficher une invite à la suite du démarrage PXE. Si un
@@ -1079,38 +1128,39 @@ créant des milliers de baux et utilisant beaucoup de mémoire dans le processus
 Dnsmasq.
 .TP
 .B \-K, --dhcp-authoritative
-Cette option doit être donnée lorsque Dnsmasq est le seul serveur DHCP sur le
-réseau. Cela change le comportement par défaut qui est celui d'un strict respect
-des RFC, afin que les requêtes DHCP pour des baux inconnus par des hôtes
-inconnus ne soient pas ignorées. Cela permet à de nouveaux hôtes d'obtenir des
-baux sans tenir compte de fastidieuses temporisations ("timeout"). Cela permet
-également à Dnsmasq de reconstruire sa base de donnée contenant les baux sans
-que les clients n'aient besoin de redemander un bail, si celle-ci est perdue.
+(IPv4 seulement) Cette option doit être donnée lorsque Dnsmasq est le seul
+serveur DHCP sur le réseau. Cela change le comportement par défaut qui est
+celui d'un strict respect des RFC, afin que les requêtes DHCP pour des baux
+inconnus par des hôtes inconnus ne soient pas ignorées. Cela permet à de
+nouveaux hôtes d'obtenir des baux sans tenir compte de fastidieuses
+temporisations ("timeout"). Cela permet également à Dnsmasq de reconstruire
+sa base de données contenant les baux sans que les clients n'aient besoin de
+redemander un bail, si celle-ci est perdue.
 .TP
 .B --dhcp-alternate-port[=<port serveur>[,<port client>]]
-Change les ports utilisés par défaut pour le DHCP. Si cette option est donnée
-toute seule sans arguments, alors change les ports utilisés pour le DHCP
-de 67 et 68 respectivement à 1067 et 1068. Si un seul argument est donné, ce
+(IPv4 seulement) Change les ports utilisés par défaut pour le DHCP. Si cette
+option est donnée seule sans argument, alors change les ports utilisés pour le
+DHCP de 67 et 68 respectivement à 1067 et 1068. Si un seul argument est donné, ce
 numéro est utilisé pour le port serveur et ce numéro plus 1 est utilisé pour le
 port client. Enfin, en fournissant deux numéros de ports, il est possible de
 spécifier arbitrairement 2 ports à la fois pour le serveur et pour le client DHCP.
 .TP
 .B \-3, --bootp-dynamic[=<identifiant de réseau>[,<identifiant de réseau>]]
-Permet l'allocation dynamique d'adresses IP à des clients BOOTP. Utiliser cette
-option avec précaution, une adresse allouée à un client BOOTP étant perpétuelle,
-et de fait n'est plus disponibles pour d'autres hôtes. Si aucun argument n'est
-donné, alors cette option permet une allocation dynamique dans tous les cas. Si
-des arguments sont spécifiés, alors l'allocation ne se fait que lorsque tous
-les identifiants coïncident. Il est possible de répeter cette option avec
-plusieurs jeux d'arguments.
+(IPv4 seulement) Permet l'allocation dynamique d'adresses IP à des clients BOOTP.
+Utiliser cette option avec précaution, une adresse allouée à un client BOOTP
+étant perpétuelle, et de fait n'est plus disponibles pour d'autres hôtes. Si
+aucun argument n'est donné, alors cette option permet une allocation dynamique
+dans tous les cas. Si des arguments sont spécifiés, alors l'allocation ne se
+fait que lorsque tous les identifiants coïncident. Il est possible de répeter
+cette option avec plusieurs jeux d'arguments.
 .TP
 .B \-5, --no-ping
-Par défaut, le serveur DHCP tente de s'assurer qu'une adresse n'est pas utilisée
-avant de l'allouer à un hôte. Cela est fait en envoyant une requête ICMP de type
-"echo request" (aussi connue sous le nom de "ping") à l'adresse en question. Si
-le serveur obtient une réponse, alors l'adresse doit déjà être utilisée et une
-autre est essayée. Cette option permet de supprimer cette vérification. A
-utiliser avec précaution.
+(IPv4 seulement) Par défaut, le serveur DHCP tente de s'assurer qu'une adresse
+n'est pas utilisée avant de l'allouer à un hôte. Cela est fait en envoyant une
+requête ICMP de type "echo request" (aussi connue sous le nom de "ping") à
+l'adresse en question. Si le serveur obtient une réponse, alors l'adresse doit
+déjà être utilisée et une autre est essayée. Cette option permet de supprimer
+cette vérification. A utiliser avec précaution.
 .TP
 .B --log-dhcp
 Traces additionnelles pour le service DHCP : enregistre toutes les options
@@ -1127,11 +1177,11 @@ chemin  est spécifié est exécuté. Le <chemin de fichier> doit être un chemi
 absolu, aucune recherche n'est effectuée via la variable d'environnement PATH.
 Les arguments fournis à celui-ci sont soit
 "add" ("ajouter"), "old" ("ancien") ou "del" ("supprimer"), suivi de l'adresse
-MAC de l'hôte puis l'adresse IP et le nom d'hôte si celui-ci est
-connu."add" signifie qu'un bail a été créé, "del" signifie qu'il a été supprimé,
-"old" notifie que le bail existait au lancement de Dnsmasq, ou un changement
-d'adresse MAC ou de nom d'hôte pour un bail existant (ou, dans le cas où
-leasefile-ro est spécifié, un changement de durée de bail ou d'identifiant
+MAC de l'hôte (ou le DUID pour IPv6) puis l'adresse IP et le nom d'hôte si
+celui-ci est connu."add" signifie qu'un bail a été créé, "del" signifie qu'il a
+été supprimé, "old" notifie que le bail existait au lancement de Dnsmasq, ou un
+changement d'adresse MAC ou de nom d'hôte pour un bail existant (ou, dans le cas
+où leasefile-ro est spécifié, un changement de durée de bail ou d'identifiant
 d'hôte). Si l'adresse Mac est d'un type de réseau autre qu'ethernet, il est
 nécessaire de la préceder du type de réseau, par exemple "06-01:23:45:67:89:ab"
 pour du token ring. Le processus est exécuté en temps que super-utilisateur 
@@ -1141,18 +1191,16 @@ pour changer son UID pour celle d'un utilisateur non-privilégié.
 L'environnement est hérité de celui de l'invocation du processus Dnsmasq,
 auquel se rajoute quelques unes ou toutes les variables décrites ci-dessous :
 
-DNSMASQ_CLIENT_ID, si l'hôte a fourni un identifiant de client.
+Pour IPv4 et IPv6 :
 
 DNSMASQ_DOMAIN si le nom de domaine pleinement qualifié de l'hôte est connu, la
 part relative au domaine y est stockée. (Notez que le nom d'hôte transmis comme
 argument au script n'est jamais pleinement qualifié).
 
-Si le client fournit une information de classe de vendeur, un nom d'hôte, ou
-des classes d'utilisateur, celles-ci sont fournies dans les
-variables DNSMASQ_VENDOR_CLASS et DNSMASQ_USER_CLASS0 à DNSMASQ_USER_CLASSn
-et DNSMASQ_SUPPLIED_HOSTNAME respectivement, mais seulement pour les actions
-"add" et "old" lorsqu'un hôte reprend un bail existant, ces variables n'étant
-pas stockées dans la base de baux de Dnsmasq.
+Si le client fournit un nom d'hôte, DNSMASQ_SUPPLIED_HOSTNAME.
+
+Si le client fournit des classes d'utilisateur, DNSMASQ_USER_CLASS0 à
+DNSMASQ_USER_CLASSn.
 
 Si Dnsmasq a été compilé avec l'option HAVE_BROKEN_RTC ("horloge RTC
 défectueuse"), alors la durée du bail (en secondes) est stockée dans la
@@ -1175,6 +1223,29 @@ relai DHCP pour contacter Dnsmasq, si l'adresse IP du relai est connue.
 DNSMASQ_TAGS contient tous les labels fournis pendant la transaction DHCP,
 séparés par des espaces.
 
+Pour IPv4 seulement :
+
+DNSMASQ_CLIENT_ID, si l'hôte a fourni un identifiant de client.
+
+Si le client fournit une information de classe de vendeur, DNSMASQ_VENDOR_CLASS.
+
+Pour IPv6 seulement :
+
+Si le client fournit une classe de vendeur (vendor-class), positionne
+DNSMASQ_VENDOR_CLASS_ID avec comme contenu le numéro IANA de l'entreprise pour
+la classe, et DNSMASQ_VENDOR_CLASS0..DNSMASQ_VENDOR_CLASSn pour les données.
+
+DNSMASQ_SERVER_DUID contient le DUID du serveur : cette valeur est la même
+pour chaque appel au script.
+
+DNSMASQ_IAID contenant l'IAID pour le bail. Si le bail est une allocation
+temporaire, cela est préfixé par le caractère 'T'.
+
+A noter que le nom d'hôte fourni, la classe de vendeur ou les données de classe
+d'utilisateur sont uniquement fournies pour les actions "add" ou l'action "old"
+lorsqu'un hôte reprend un bail existant, puisque ces informations ne sont pas
+conservées dans la base de baux de dnsmasq.
+
 Tous les descripteurs de fichiers sont fermés, sauf stdin, stdout et stderr qui
 sont ouverts sur /dev/null (sauf en mode déverminage).
 
@@ -1191,11 +1262,50 @@ Au démarrage de Dnsmasq, le script sera invoqué pour chacun des baux existants
 dans le fichier des baux. Le script sera lancé avec l'action "del" pour les
 baux expirés, et "old" pour les autres. Lorsque Dnsmasq reçoit un signal HUP,
 le script sera invoqué avec une action "old" pour tous les baux existants.
-.TP 
+.TP
+.B --dhcp-luascript=<chemin>
+Spécifie un script écrit en Lua, devant être exécuté lorsque des baux sont
+créés, détruits ou modifiés. Pour utiliser cette option, dnsmasq doit être
+compilé avec avec le support de Lua. L'interpréteur Lua est initialisé une
+seule fois, lorsque dnsmasq démarre, ce qui fait que les variables globales
+persistent entre les évênements liés aux baux. Le code Lua doit définir une
+fonction
+.B lease
+et peut fournir des fonctions
+.B init
+et
+.B shutdown
+qui sont appellées, sans arguments, lorsque dnsmasq démarre ou s'arrête.
+
+La méthode
+.B lease
+reçoit les informations détaillées dans
+.B --dhcp-script. 
+Il reçoit deux arguments. Le premier spécifie l'action, qui est une chaîne de
+caractères contenant les valeurs "add" (ajout), "old" (réactivation d'un bail
+existant) ou "del" (suppression). Le deuxième est une table contenant des
+paires de valeurs de labels. Les labels correspondent pour l'essentiel aux
+valeurs d'environnement détaillées ci-dessus, ainsi le label "domain" (domaine)
+contient les mêmes données que la variable d'environnement DNSMASQ_DOMAIN. Il
+existe quelques labels supplémentaires contenant les données fournies comme
+arguments à
+.B --dhcp-script. 
+Ces labels sont
+.B mac_address, ip_address
+(pour respectivement l'adresse MAC et l'adresse IP)
+et
+.B hostname
+(le nom d'hôte) dans le cas d'IPv4, et
+.B client_duid, ip_address
+(valeur DUID du client et adresse IP respectivement)
+ainsi que
+.B hostname
+(le nom d'hôte) dans le cas d'IPv6.
+.TP
 .B --dhcp-scriptuser
-Spécifie l'utilisateur sous lequel le script lease-change doit être exécuté. La
-valeur par défaut correspond à l'utilisateur root mais peut-être changée par le
-biais de cette option.
+Spécifie l'utilisateur sous lequel le script shell lease-change ou le script
+doivent être exécutés. La valeur par défaut correspond à l'utilisateur root
+mais peut-être changée par le biais de cette option.
 .TP
 .B \-9, --leasefile-ro
 Supprimer complètement l'usage du fichier servant de base de donnée pour les
@@ -1280,6 +1390,32 @@ sans gamme d'adresses de spécifié lorsque l'option
 .B --dhcp-fqdn 
 est configurée.
 .TP
+.B --dhcp-client-update
+Normalement, lorsque dnsmasq fournit un bail DHCP, il positionne un label
+dans l'option FQDN pour indiquer au client qu'il ne doit pas tenter de faire
+une mise à jour DDNS avec son nom et son adresse IP. Ceci parce que la paire
+Nom-IP est rajoutée automatiquement dans la partie DNS de dnsmasq. Cette option
+inhibe ce comportement ce qui est utile, par exemple, pour permettre aux clients
+Windows de la mise à jour de serveurs Active Directory. Voir la RFC 4702 pour
+plus de détails.
+.TP
+.B --enable-ra
+Active la fonctionalité d'annonces routeurs IPv6 ("IPv6 Router Advertisement").
+DHCPv6 ne gère pas la configuration complète du réseau de la même façon que
+DHCPv4. La découverte de routeurs et la découverte (éventuelle) de préfixes pour
+la création autonome d'adresse sont gérées par un protocole différent.
+Lorsque DHCP est utilisé, seul un sous-ensemble de tout ceci est nécessaire et
+dnsmasq est à même de le gérer, en utilisant la configuration DHCP présente pour
+fournir la majorité des données. Lorsque les annonces routeurs (RA pour "Router
+Advertisement") sont activées, dnsmasq va annoncer un préfixe pour chaque
+dhcp-range et, par défaut, fournir comme valeur de routeur et de DNS récursif
+la valeur d'adresse link-local appropriée parmi celles de la machine sur
+laquelle tourne dnsmasq.
+Les bits "managed address" sont positionnés, sauf pour un dhcp-range marqué
+comme "ra-only" (annonce routeur uniquement). Dans ce cas le service d'annonce
+routeur est rendu mais aucun service DHCPv6 n'est assuré, et les bits "managed
+address" ne sont pas positionnés.
+.TP
 .B --enable-tftp[=<interface>]
 Active la fonction serveur TFTP. Celui-ci est de manière délibérée limité aux
 fonctions nécessaires au démarrage par le réseau ("net-boot") d'un client. Seul
@@ -1547,10 +1683,6 @@ ligne de commande au lieu d'un fichier de configuration, ne pas oublier
 d'échapper le caractère !, qui est un méta-caractère d'interpréteur de commande
 shell).
 
-+When selecting dhcp-options, a tag from dhcp-range is second class
-+relative to other tags, to make it easy to override options for
-+individual hosts, so 
-
 Lors de la sélection d'une option, une étiquette spécifiée par dhcp-range
 passe après les autres étiquettes, ce qui permet de facilement remplacer des
 option génériques pour des hôtes spécifiques, ainsi :

src/bpf.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -108,6 +108,10 @@ int iface_enumerate(int family, void *parm, int (*callback)())
   return 0; /* need code for Solaris and MacOS*/
 #endif
 
+  /* AF_LINK doesn't exist in Linux, so we can't use it in our API */
+  if (family == AF_LOCAL)
+    family = AF_LINK;
+
   if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) == -1)
     return 0;
   
@@ -153,7 +157,7 @@ int iface_enumerate(int family, void *parm, int (*callback)())
 
       ifr = (struct ifreq *)ifreq.iov_base;
       memcpy(ifr, ptr, len);
-           
+      
       if (ifr->ifr_addr.sa_family == family)
 	{
 	  if (family == AF_INET)
@@ -182,13 +186,24 @@ int iface_enumerate(int family, void *parm, int (*callback)())
 		  addr->s6_addr[2] = 0;
 		  addr->s6_addr[3] = 0;
 		}
-	      if (!((*callback)(addr,
+	       /* We have no way to determine the prefix, so we assume it's 64 for now....... */
+	      if (!((*callback)(addr, 64,
 				(int)((struct sockaddr_in6 *)&ifr->ifr_addr)->sin6_scope_id,
-				(int)if_nametoindex(ifr->ifr_name),
+				(int)if_nametoindex(ifr->ifr_name), 0, 
 				parm)))
 		goto err;
 	    }
 #endif
+#ifdef HAVE_DHCP6      
+	  else if (family == AF_LINK)
+	    { 
+	      /* Assume ethernet again here */
+	      struct sockaddr_dl *sdl = (struct sockaddr_dl *)&ifr->ifr_addr;
+	      if (sdl->sdl_alen != 0 && !((*callback)((int)if_nametoindex(ifr->ifr_name),
+						      ARPHRD_ETHER, LLADDR(sdl), sdl->sdl_alen, parm)))
+		goto err;
+	    }
+#endif 
 	}
     }
   

src/cache.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -25,7 +25,6 @@ static int cache_inserted = 0, cache_live_freed = 0, insert_error;
 static union bigname *big_free = NULL;
 static int bignames_left, hash_size;
 static int uid = 0;
-static char *addrbuff = NULL;
 
 /* type->string mapping: this is also used by the name-hash function as a mixing table. */
 static const struct {
@@ -75,9 +74,6 @@ void cache_init(void)
   struct crec *crecp;
   int i;
 
-  if (option_bool(OPT_LOG))
-    addrbuff = safe_malloc(ADDRSTRLEN);
-  
   bignames_left = daemon->cachesize/10;
   
   if (daemon->cachesize > 0)
@@ -639,11 +635,12 @@ struct crec *cache_find_by_addr(struct crec *crecp, struct all_addr *addr,
 }
 
 static void add_hosts_entry(struct crec *cache, struct all_addr *addr, int addrlen, 
-			    unsigned short flags, int index, int addr_dup)
+			    unsigned short flags, int index, struct crec **rhash, int hashsz)
 {
   struct crec *lookup = cache_find_by_name(NULL, cache->name.sname, 0, flags & (F_IPV4 | F_IPV6));
   int i, nameexists = 0;
   struct cname *a;
+  unsigned int j; 
 
   /* Remove duplicates in hosts files. */
   if (lookup && (lookup->flags & F_HOSTS))
@@ -657,33 +654,39 @@ static void add_hosts_entry(struct crec *cache, struct all_addr *addr, int addrl
     }
   
   /* Ensure there is only one address -> name mapping (first one trumps) 
-     We do this by steam here, first we see if the address is the same as
-     the last one we saw, which eliminates most in the case of an ad-block 
-     file with thousands of entries for the same address.
-     Then we search and bail at the first matching address that came from
-     a HOSTS file. Since the first host entry gets reverse, we know 
-     then that it must exist without searching exhaustively for it. */
+     We do this by steam here, The entries are kept in hash chains, linked
+     by ->next (which is unused at this point) held in hash buckets in
+     the array rhash, hashed on address. Note that rhash and the values
+     in ->next are only valid  whilst reading hosts files: the buckets are
+     then freed, and the ->next pointer used for other things. 
+
+     Only insert each unique address once into this hashing structure.
+
+     This complexity avoids O(n^2) divergent CPU use whilst reading
+     large (10000 entry) hosts files. */
   
-  if (addr_dup)
-    flags &= ~F_REVERSE;
-  else
-    for (i=0; i<hash_size; i++)
+  /* hash address */
+  for (j = 0, i = 0; i < addrlen; i++)
+    j = (j*2 +((unsigned char *)addr)[i]) % hashsz;
+  
+  for (lookup = rhash[j]; lookup; lookup = lookup->next)
+    if ((lookup->flags & flags & (F_IPV4 | F_IPV6)) &&
+	memcmp(&lookup->addr.addr, addr, addrlen) == 0)
       {
-	for (lookup = hash_table[i]; lookup; lookup = lookup->hash_next)
-	  if ((lookup->flags & F_HOSTS) && 
-	      (lookup->flags & flags & (F_IPV4 | F_IPV6)) &&
-	      memcmp(&lookup->addr.addr, addr, addrlen) == 0)
-	    {
-	      flags &= ~F_REVERSE;
-	      break;
-	    }
-	if (lookup)
-	  break;
+	flags &= ~F_REVERSE;
+	break;
       }
   
+  /* maintain address hash chain, insert new unique address */
+  if (!lookup)
+    {
+      cache->next = rhash[j];
+      rhash[j] = cache;
+    }
+  
   cache->flags = flags;
   cache->uid = index;
-  memcpy(&cache->addr.addr, addr, addrlen);
+  memcpy(&cache->addr.addr, addr, addrlen);  
   cache_hash(cache);
   
   /* don't need to do alias stuff for second and subsequent addresses. */
@@ -747,14 +750,14 @@ static int gettok(FILE *f, char *token)
     }
 }
 
-static int read_hostsfile(char *filename, int index, int cache_size)
+static int read_hostsfile(char *filename, int index, int cache_size, struct crec **rhash, int hashsz)
 {  
   FILE *f = fopen(filename, "r");
   char *token = daemon->namebuff, *domain_suffix = NULL;
   int addr_count = 0, name_count = cache_size, lineno = 0;
-  unsigned short flags = 0, saved_flags = 0;
-  struct all_addr addr, saved_addr;
-  int atnl, addrlen = 0, addr_dup;
+  unsigned short flags = 0;
+  struct all_addr addr;
+  int atnl, addrlen = 0;
 
   if (!f)
     {
@@ -766,7 +769,6 @@ static int read_hostsfile(char *filename, int index, int cache_size)
   
   while ((atnl = gettok(f, token)) != EOF)
     {
-      addr_dup = 0;
       lineno++;
       
 #ifdef HAVE_IPV6      
@@ -780,7 +782,7 @@ static int read_hostsfile(char *filename, int index, int cache_size)
 	{
 	  flags = F_HOSTS | F_IMMORTAL | F_FORWARD | F_REVERSE | F_IPV6;
 	  addrlen = IN6ADDRSZ;
-	  domain_suffix = daemon->domain_suffix;
+	  domain_suffix = get_domain6(&addr.addr.addr6);
 	}
 #else 
       if ((addr.addr.addr4.s_addr = inet_addr(token)) != (in_addr_t) -1)
@@ -798,14 +800,6 @@ static int read_hostsfile(char *filename, int index, int cache_size)
 	  continue;
 	}
       
-      if (saved_flags == flags && memcmp(&addr, &saved_addr, addrlen) == 0)
-	addr_dup = 1;
-      else
-	{
-	  saved_flags = flags;
-	  saved_addr = addr;
-	}
-      
       addr_count++;
       
       /* rehash every 1000 names. */
@@ -836,14 +830,13 @@ static int read_hostsfile(char *filename, int index, int cache_size)
 		  strcpy(cache->name.sname, canon);
 		  strcat(cache->name.sname, ".");
 		  strcat(cache->name.sname, domain_suffix);
-		  add_hosts_entry(cache, &addr, addrlen, flags, index, addr_dup);
-		  addr_dup = 1;
+		  add_hosts_entry(cache, &addr, addrlen, flags, index, rhash, hashsz);
 		  name_count++;
 		}
 	      if ((cache = whine_malloc(sizeof(struct crec) + strlen(canon)+1-SMALLDNAME)))
 		{
 		  strcpy(cache->name.sname, canon);
-		  add_hosts_entry(cache, &addr, addrlen, flags, index, addr_dup);
+		  add_hosts_entry(cache, &addr, addrlen, flags, index, rhash, hashsz);
 		  name_count++;
 		}
 	      free(canon);
@@ -865,7 +858,7 @@ static int read_hostsfile(char *filename, int index, int cache_size)
 void cache_reload(void)
 {
   struct crec *cache, **up, *tmp;
-  int i, total_size = daemon->cachesize;
+  int revhashsz, i, total_size = daemon->cachesize;
   struct hostsfile *ah;
 
   cache_inserted = cache_live_freed = 0;
@@ -899,14 +892,20 @@ void cache_reload(void)
 	my_syslog(LOG_INFO, _("cleared cache"));
       return;
     }
+    
+  /* borrow the packet buffer for a temporary by-address hash */
+  memset(daemon->packet, 0, daemon->packet_buff_sz);
+  revhashsz = daemon->packet_buff_sz / sizeof(struct crec *);
+  /* we overwrote the buffer... */
+  daemon->srv_save = NULL;
 
   if (!option_bool(OPT_NO_HOSTS))
-    total_size = read_hostsfile(HOSTSFILE, 0, total_size);
+    total_size = read_hostsfile(HOSTSFILE, 0, total_size, (struct crec **)daemon->packet, revhashsz);
   	   
   daemon->addn_hosts = expand_filelist(daemon->addn_hosts);
   for (ah = daemon->addn_hosts; ah; ah = ah->next)
     if (!(ah->flags & AH_INACTIVE))
-      total_size = read_hostsfile(ah->fname, ah->index, total_size);
+      total_size = read_hostsfile(ah->fname, ah->index, total_size, (struct crec **)daemon->packet, revhashsz);
 } 
 
 char *get_domain(struct in_addr addr)
@@ -914,13 +913,33 @@ char *get_domain(struct in_addr addr)
   struct cond_domain *c;
 
   for (c = daemon->cond_domain; c; c = c->next)
-    if (ntohl(addr.s_addr) >= ntohl(c->start.s_addr) &&
+    if (!c->is6 &&
+	ntohl(addr.s_addr) >= ntohl(c->start.s_addr) &&
         ntohl(addr.s_addr) <= ntohl(c->end.s_addr))
       return c->domain;
 
   return daemon->domain_suffix;
 }
 
+
+#ifdef HAVE_IPV6
+char *get_domain6(struct in6_addr *addr)
+{
+  struct cond_domain *c;
+
+  u64 addrpart = addr6part(addr);
+  
+  for (c = daemon->cond_domain; c; c = c->next)
+    if (c->is6 &&
+	is_same_net6(addr, &c->start6, 64) &&
+	addrpart >= addr6part(&c->start6) &&
+        addrpart <= addr6part(&c->end6))
+      return c->domain;
+  
+  return daemon->domain_suffix;
+}
+#endif
+
 #ifdef HAVE_DHCP
 struct in_addr a_record_from_hosts(char *name, time_t now)
 {
@@ -954,15 +973,24 @@ void cache_unhash_dhcp(void)
 	up = &cache->hash_next;
 }
 
-void cache_add_dhcp_entry(char *host_name, 
-			  struct in_addr *host_address, time_t ttd) 
+void cache_add_dhcp_entry(char *host_name, int prot,
+			  struct all_addr *host_address, time_t ttd) 
 {
   struct crec *crec = NULL, *aliasc;
-  unsigned short flags =  F_NAMEP | F_DHCP | F_FORWARD | F_IPV4 | F_REVERSE;
+  unsigned short flags = F_IPV4;
   int in_hosts = 0;
   struct cname *a;
+  size_t addrlen = sizeof(struct in_addr);
+
+#ifdef HAVE_IPV6
+  if (prot == AF_INET6)
+    {
+      flags = F_IPV6;
+      addrlen = sizeof(struct in6_addr);
+    }
+#endif
   
-  while ((crec = cache_find_by_name(crec, host_name, 0, F_IPV4 | F_CNAME)))
+  while ((crec = cache_find_by_name(crec, host_name, 0, flags | F_CNAME)))
     {
       /* check all addresses associated with name */
       if (crec->flags & F_HOSTS)
@@ -970,23 +998,25 @@ void cache_add_dhcp_entry(char *host_name,
 	  /* if in hosts, don't need DHCP record */
 	  in_hosts = 1;
 	  
+	  inet_ntop(prot, host_address, daemon->addrbuff, ADDRSTRLEN);
 	  if (crec->flags & F_CNAME)
+	    
 	    my_syslog(MS_DHCP | LOG_WARNING, 
 		      _("%s is a CNAME, not giving it to the DHCP lease of %s"),
-		      host_name, inet_ntoa(*host_address));
-	  else if (crec->addr.addr.addr.addr4.s_addr != host_address->s_addr)
+		      host_name, daemon->addrbuff);
+	  else if (memcmp(&crec->addr.addr, host_address, addrlen) != 0)
 	    {
-	      strcpy(daemon->namebuff, inet_ntoa(crec->addr.addr.addr.addr4));
+	      inet_ntop(prot, &crec->addr.addr, daemon->namebuff, MAXDNAME);
 	      my_syslog(MS_DHCP | LOG_WARNING, 
 			_("not giving name %s to the DHCP lease of %s because "
 			  "the name exists in %s with address %s"), 
-			host_name, inet_ntoa(*host_address),
+			host_name, daemon->addrbuff,
 			record_source(crec->uid), daemon->namebuff);
 	    }	  
 	}
       else if (!(crec->flags & F_DHCP))
 	{
-	  cache_scan_free(host_name, NULL, 0, crec->flags & (F_IPV4 | F_CNAME | F_FORWARD));
+	  cache_scan_free(host_name, NULL, 0, crec->flags & (flags | F_CNAME | F_FORWARD));
 	  /* scan_free deletes all addresses associated with name */
 	  break;
 	}
@@ -995,14 +1025,16 @@ void cache_add_dhcp_entry(char *host_name,
    if (in_hosts)
     return;
 
-   if ((crec = cache_find_by_addr(NULL, (struct all_addr *)host_address, 0, F_IPV4)))
+   if ((crec = cache_find_by_addr(NULL, (struct all_addr *)host_address, 0, flags)))
      {
        if (crec->flags & F_NEG)
-	 cache_scan_free(NULL, (struct all_addr *)host_address, 0, F_IPV4 | F_REVERSE);
-       else
-	 /* avoid multiple reverse mappings */
-	 flags &= ~F_REVERSE;
+	 {
+	   flags |= F_REVERSE;
+	   cache_scan_free(NULL, (struct all_addr *)host_address, 0, flags);
+	 }
      }
+   else
+      flags |= F_REVERSE;
    
    if ((crec = dhcp_spare))
     dhcp_spare = dhcp_spare->next;
@@ -1011,12 +1043,12 @@ void cache_add_dhcp_entry(char *host_name,
   
   if (crec) /* malloc may fail */
     {
-      crec->flags = flags;
+      crec->flags = flags | F_NAMEP | F_DHCP | F_FORWARD;
       if (ttd == 0)
 	crec->flags |= F_IMMORTAL;
       else
 	crec->ttd = ttd;
-      crec->addr.addr.addr.addr4 = *host_address;
+      crec->addr.addr = *host_address;
       crec->name.namep = host_name;
       crec->uid = uid++;
       cache_hash(crec);
@@ -1057,9 +1089,6 @@ void dump_cache(time_t now)
   my_syslog(LOG_INFO, _("queries forwarded %u, queries answered locally %u"), 
 	    daemon->queries_forwarded, daemon->local_answer);
 
-  if (!addrbuff && !(addrbuff = whine_malloc(ADDRSTRLEN)))
-    return;
-
   /* sum counts from different records for same server */
   for (serv = daemon->servers; serv; serv = serv->next)
     serv->flags &= ~SERV_COUNTED;
@@ -1079,8 +1108,8 @@ void dump_cache(time_t now)
 	      queries += serv1->queries;
 	      failed_queries += serv1->failed_queries;
 	    }
-	port = prettyprint_addr(&serv->addr, addrbuff);
-	my_syslog(LOG_INFO, _("server %s#%d: queries sent %u, retried or failed %u"), addrbuff, port, queries, failed_queries);
+	port = prettyprint_addr(&serv->addr, daemon->addrbuff);
+	my_syslog(LOG_INFO, _("server %s#%d: queries sent %u, retried or failed %u"), daemon->addrbuff, port, queries, failed_queries);
       }
   
   if (option_bool(OPT_DEBUG) || option_bool(OPT_LOG))
@@ -1105,11 +1134,11 @@ void dump_cache(time_t now)
 #ifdef HAVE_IPV6
 	    else 
 	      { 
-		a = addrbuff;
+		a = daemon->addrbuff;
 		if (cache->flags & F_IPV4)
-		  inet_ntop(AF_INET, &cache->addr.addr, addrbuff, ADDRSTRLEN);
+		  inet_ntop(AF_INET, &cache->addr.addr, a, ADDRSTRLEN);
 		else if (cache->flags & F_IPV6)
-		  inet_ntop(AF_INET6, &cache->addr.addr, addrbuff, ADDRSTRLEN);
+		  inet_ntop(AF_INET6, &cache->addr.addr, a, ADDRSTRLEN);
 	      }
 #else
             else 
@@ -1164,7 +1193,7 @@ void querystr(char *str, unsigned short type)
 
 void log_query(unsigned int flags, char *name, struct all_addr *addr, char *arg)
 {
-  char *source, *dest = addrbuff;
+  char *source, *dest = daemon->addrbuff;
   char *verb = "is";
   
   if (!option_bool(OPT_LOG))
@@ -1174,16 +1203,16 @@ void log_query(unsigned int flags, char *name, struct all_addr *addr, char *arg)
     {
 #ifdef HAVE_IPV6
       inet_ntop(flags & F_IPV4 ? AF_INET : AF_INET6,
-		addr, addrbuff, ADDRSTRLEN);
+		addr, daemon->addrbuff, ADDRSTRLEN);
 #else
-      strncpy(addrbuff, inet_ntoa(addr->addr.addr4), ADDRSTRLEN);  
+      strncpy(daemon->addrbuff, inet_ntoa(addr->addr.addr4), ADDRSTRLEN);  
 #endif
     }
 
   if (flags & F_REVERSE)
     {
       dest = name;
-      name = addrbuff;
+      name = daemon->addrbuff;
     }
   
   if (flags & F_NEG)

src/config.h

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -14,8 +14,6 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-#define VERSION "2.58"
-
 #define FTABSIZ 150 /* max number of outstanding requests (default) */
 #define MAX_PROCS 20 /* max no children for TCP requests */
 #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */
@@ -34,12 +32,102 @@
 #define SMALLDNAME 40 /* most domain names are smaller than this */
 #define HOSTSFILE "/etc/hosts"
 #define ETHERSFILE "/etc/ethers"
-#ifdef __uClinux__
-#  define RESOLVFILE "/etc/config/resolv.conf"
-#else
-#  define RESOLVFILE "/etc/resolv.conf"
-#endif
 #define RUNFILE "/var/run/dnsmasq.pid"
+#define DEFLEASE 3600 /* default lease time, 1 hour */
+#define CHUSER "nobody"
+#define CHGRP "dip"
+#define TFTP_MAX_CONNECTIONS 50 /* max simultaneous connections */
+#define LOG_MAX 5 /* log-queue length */
+#define RANDFILE "/dev/urandom"
+#define EDNS0_OPTION_MAC 5 /* dyndns.org temporary assignment */
+#define DNSMASQ_SERVICE "uk.org.thekelleys.dnsmasq" /* DBUS interface specifics */
+#define DNSMASQ_PATH "/uk/org/thekelleys/dnsmasq"
+
+/* compile-time options: uncomment below to enable or do eg.
+   make COPTS=-DHAVE_BROKEN_RTC
+
+HAVE_BROKEN_RTC
+   define this on embedded systems which don't have an RTC
+   which keeps time over reboots. Causes dnsmasq to use uptime
+   for timing, and keep lease lengths rather than expiry times
+   in its leases file. This also make dnsmasq "flash disk friendly".
+   Normally, dnsmasq tries very hard to keep the on-disk leases file
+   up-to-date: rewriting it after every renewal.  When HAVE_BROKEN_RTC 
+   is in effect, the lease file is only written when a new lease is 
+   created, or an old one destroyed. (Because those are the only times 
+   it changes.) This vastly reduces the number of file writes, and makes
+   it viable to keep the lease file on a flash filesystem.
+   NOTE: when enabling or disabling this, be sure to delete any old
+   leases file, otherwise dnsmasq may get very confused.
+
+HAVE_TFTP
+   define this to get dnsmasq's built-in TFTP server.
+
+HAVE_DHCP
+   define this to get dnsmasq's DHCPv4 server.
+
+HAVE_DHCP6
+   define this to get dnsmasq's DHCPv6 server. (implies HAVE_DHCP).
+
+HAVE_SCRIPT
+   define this to get the ability to call scripts on lease-change.
+
+HAVE_LUASCRIPT
+   define this to get the ability to call Lua script on lease-change. (implies HAVE_SCRIPT) 
+
+HAVE_DBUS
+   define this if you want to link against libdbus, and have dnsmasq
+   support some methods to allow (re)configuration of the upstream DNS 
+   servers via DBus.
+
+HAVE_IDN
+   define this if you want international domain name support.
+   NOTE: for backwards compatibility, IDN support is automatically 
+         included when internationalisation support is built, using the 
+	 *-i18n makefile targets, even if HAVE_IDN is not explicitly set.
+
+HAVE_CONNTRACK
+   define this to include code which propogates conntrack marks from
+   incoming DNS queries to the corresponding upstream queries. This adds
+   a build-dependency on libnetfilter_conntrack, but the resulting binary will
+   still run happily on a kernel without conntrack support.
+
+NO_IPV6
+NO_TFTP
+NO_DHCP
+NO_DHCP6
+NO_SCRIPT
+NO_LARGEFILE
+   these are avilable to explictly disable compile time options which would 
+   otherwise be enabled automatically (HAVE_IPV6, >2Gb file sizes) or 
+   which are enabled  by default in the distributed source tree. Building dnsmasq
+   with something like "make COPTS=-DNO_SCRIPT" will do the trick.
+
+LEASEFILE
+CONFFILE
+RESOLVFILE
+   the default locations of these files are determined below, but may be overridden 
+   in a build command line using COPTS.
+
+*/
+
+
+/* The default set of options to build. Built with these options, dnsmasq
+   has no library dependencies other than libc */
+
+#define HAVE_DHCP
+#define HAVE_DHCP6 
+#define HAVE_TFTP
+#define HAVE_SCRIPT
+/* #define HAVE_LUASCRIPT */
+/* #define HAVE_BROKEN_RTC */
+/* #define HAVE_DBUS */
+/* #define HAVE_IDN */
+/* #define HAVE_CONNTRACK */
+
+
+
+/* Default locations for important system files. */
 
 #ifndef LEASEFILE
 #   if defined(__FreeBSD__) || defined (__OpenBSD__) || defined(__DragonFly__) || defined(__NetBSD__)
@@ -61,131 +149,34 @@
 #   endif
 #endif
 
-#define DEFLEASE 3600 /* default lease time, 1 hour */
-#define CHUSER "nobody"
-#define CHGRP "dip"
-#define NAMESERVER_PORT 53
-#define DHCP_SERVER_PORT 67
-#define DHCP_CLIENT_PORT 68
-#define DHCP_SERVER_ALTPORT 1067
-#define DHCP_CLIENT_ALTPORT 1068
-#define PXE_PORT 4011
-#define TFTP_PORT 69
-#define TFTP_MAX_CONNECTIONS 50 /* max simultaneous connections */
-#define LOG_MAX 5 /* log-queue length */
-#define RANDFILE "/dev/urandom"
-#define DAD_WAIT 20 /* retry binding IPv6 sockets for this long */
-#define EDNS0_OPTION_MAC 5 /* dyndns.org temporary assignment */
+#ifndef RESOLVFILE
+#   if defined(__uClinux__)
+#      define RESOLVFILE "/etc/config/resolv.conf"
+#   else
+#      define RESOLVFILE "/etc/resolv.conf"
+#   endif
+#endif
 
-/* DBUS interface specifics */
-#define DNSMASQ_SERVICE "uk.org.thekelleys.dnsmasq"
-#define DNSMASQ_PATH "/uk/org/thekelleys/dnsmasq"
 
-/* Follows system specific switches. If you run on a 
-   new system, you may want to edit these. 
-   May replace this with Autoconf one day. 
+
+/* platform dependent options: these are determined automatically below
 
 HAVE_LINUX_NETWORK
 HAVE_BSD_NETWORK
 HAVE_SOLARIS_NETWORK
    define exactly one of these to alter interaction with kernel networking.
 
-HAVE_BROKEN_RTC
-   define this on embedded systems which don't have an RTC
-   which keeps time over reboots. Causes dnsmasq to use uptime
-   for timing, and keep lease lengths rather than expiry times
-   in its leases file. This also make dnsmasq "flash disk friendly".
-   Normally, dnsmasq tries very hard to keep the on-disk leases file
-   up-to-date: rewriting it after every renewal.  When HAVE_BROKEN_RTC 
-   is in effect, the lease file is only written when a new lease is 
-   created, or an old one destroyed. (Because those are the only times 
-   it changes.) This vastly reduces the number of file writes, and makes
-   it viable to keep the lease file on a flash filesystem.
-   NOTE: when enabling or disabling this, be sure to delete any old
-   leases file, otherwise dnsmasq may get very confused.
-
-HAVE_TFTP
-   define this to get dnsmasq's built-in TFTP server.
-
-HAVE_DHCP
-   define this to get dnsmasq's DHCP server.
-
-HAVE_SCRIPT
-   define this to get the ability to call scripts on lease-change
-
 HAVE_GETOPT_LONG
-   define this if you have GNU libc or GNU getopt. 
+   defined when GNU-sty;e getopt_long available. 
 
 HAVE_ARC4RANDOM
-   define this if you have arc4random() to get better security from DNS spoofs
+   defined if arc4random() available to get better security from DNS spoofs
    by using really random ids (OpenBSD) 
 
 HAVE_SOCKADDR_SA_LEN
-   define this if struct sockaddr has sa_len field (*BSD) 
-
-HAVE_DBUS
-   define this if you want to link against libdbus, and have dnsmasq
-   support some methods to allow (re)configuration of the upstream DNS 
-   servers via DBus.
-
-HAVE_IDN
-   define this if you want international domain name support.
-   NOTE: for backwards compatibility, IDN support is automatically 
-         included when internationalisation support is built, using the 
-	 *-i18n makefile targets, even if HAVE_IDN is not explicitly set.
-
-HAVE_CONNTRACK
-   define this to include code which propogates conntrack marks from
-   incoming DNS queries to the corresponding upstream queries. This adds
-   a build-dependency on libnetfilter_conntrack, but the resulting binary will
-   still run happily on a kernel without conntrack support.
-
-NOTES:
-   For Linux you should define 
-      HAVE_LINUX_NETWORK
-      HAVE_GETOPT_LONG
-  you should NOT define 
-      HAVE_ARC4RANDOM
-      HAVE_SOCKADDR_SA_LEN
-
-   For *BSD systems you should define 
-     HAVE_BSD_NETWORK
-     HAVE_SOCKADDR_SA_LEN
-   and you MAY define  
-     HAVE_ARC4RANDOM - OpenBSD and FreeBSD and NetBSD version 2.0 or later
-     HAVE_GETOPT_LONG - NetBSD, later FreeBSD 
-                       (FreeBSD and OpenBSD only if you link GNU getopt) 
-
+   defined if struct sockaddr has sa_len field (*BSD) 
 */
 
-/* platform independent options- uncomment to enable */
-#define HAVE_DHCP
-#define HAVE_TFTP
-#define HAVE_SCRIPT
-/* #define HAVE_BROKEN_RTC */
-/* #define HAVE_DBUS */
-/* #define HAVE_IDN */
-/* #define HAVE_CONNTRACK */
-
-/* Allow TFTP to be disabled with COPTS=-DNO_TFTP */
-#ifdef NO_TFTP
-#undef HAVE_TFTP
-#endif
-
-/* Allow DHCP to be disabled with COPTS=-DNO_DHCP */
-#ifdef NO_DHCP
-#undef HAVE_DHCP
-#endif
-
-/* Allow scripts to be disabled with COPTS=-DNO_SCRIPT */
-#ifdef NO_SCRIPT
-#undef HAVE_SCRIPT
-#endif
-
-
-
-/* platform dependent options. */
-
 /* Must preceed __linux__ since uClinux defines __linux__ too. */
 #if defined(__uClinux__)
 #define HAVE_LINUX_NETWORK
@@ -260,18 +251,12 @@ NOTES:
 #endif
 
 /* Decide if we're going to support IPv6 */
-/* IPv6 can be forced off with "make COPTS=-DNO_IPV6" */
 /* We assume that systems which don't have IPv6
    headers don't have ntop and pton either */
 
-#if defined(INET6_ADDRSTRLEN) && defined(IPV6_V6ONLY) && !defined(NO_IPV6)
+#if defined(INET6_ADDRSTRLEN) && defined(IPV6_V6ONLY)
 #  define HAVE_IPV6
 #  define ADDRSTRLEN INET6_ADDRSTRLEN
-#  if defined(SOL_IPV6)
-#    define IPV6_LEVEL SOL_IPV6
-#  else
-#    define IPV6_LEVEL IPPROTO_IPV6
-#  endif
 #elif defined(INET_ADDRSTRLEN)
 #  undef HAVE_IPV6
 #  define ADDRSTRLEN INET_ADDRSTRLEN
@@ -280,8 +265,103 @@ NOTES:
 #  define ADDRSTRLEN 16 /* 4*3 + 3 dots + NULL */
 #endif
 
-/* Can't do scripts without fork */
-#ifdef NOFORK
-#  undef HAVE_SCRIPT
+
+/* rules to implement compile-time option dependencies and 
+   the NO_XXX flags */
+
+#ifdef NO_IPV6
+#undef HAVE_IPV6
 #endif
 
+#ifdef NO_TFTP
+#undef HAVE_TFTP
+#endif
+
+#ifdef NO_DHCP
+#undef HAVE_DHCP
+#undef HAVE_DHCP6
+#endif
+
+#if defined(NO_DHCP6) || !defined(HAVE_IPV6)
+#undef HAVE_DHCP6
+#endif
+
+/* DHCP6 needs DHCP too */
+#ifdef HAVE_DHCP6
+#define HAVE_DHCP
+#endif
+
+#if defined(NO_SCRIPT) || !defined(HAVE_DHCP) || defined(NO_FORK)
+#undef HAVE_SCRIPT
+#undef HAVE_LUASCRIPT
+#endif
+
+/* Must HAVE_SCRIPT to HAVE_LUASCRIPT */
+#ifdef HAVE_LUASCRIPT
+#define HAVE_SCRIPT
+#endif
+
+
+/* Define a string indicating which options are in use.
+   DNSMASQP_COMPILE_OPTS is only defined in dnsmasq.c */
+
+#ifdef DNSMASQ_COMPILE_OPTS
+
+static char *compile_opts = 
+#ifndef HAVE_IPV6
+"no-"
+#endif
+"IPv6 "
+#ifndef HAVE_GETOPT_LONG
+"no-"
+#endif
+"GNU-getopt "
+#ifdef HAVE_BROKEN_RTC
+"no-RTC "
+#endif
+#ifdef NO_FORK
+"no-MMU "
+#endif
+#ifndef HAVE_DBUS
+"no-"
+#endif
+"DBus "
+#ifndef LOCALEDIR
+"no-"
+#endif
+"i18n "
+#if !defined(LOCALEDIR) && !defined(HAVE_IDN)
+"no-"
+#endif 
+"IDN "
+#ifndef HAVE_DHCP
+"no-"
+#endif
+"DHCP "
+#if defined(HAVE_DHCP)
+#  if !defined (HAVE_DHCP6)
+     "no-"
+#  endif  
+     "DHCPv6 "
+#  if !defined(HAVE_SCRIPT)
+     "no-scripts "
+#  else
+#    if !defined(HAVE_LUASCRIPT)
+       "no-"
+#    endif
+     "Lua "
+#  endif
+#endif
+#ifndef HAVE_TFTP
+"no-"
+#endif
+"TFTP "
+#ifndef HAVE_CONNTRACK
+"no-"
+#endif
+"conntrack";
+
+#endif
+
+
+

src/conntrack.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by

src/dbus.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by

src/dhcp-common.c

@@ -0,0 +1,447 @@
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991, or
+   (at your option) version 3 dated 29 June, 2007.
+ 
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+     
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "dnsmasq.h"
+
+#ifdef HAVE_DHCP
+
+void dhcp_common_init(void)
+{
+    /* These each hold a DHCP option max size 255
+       and get a terminating zero added */
+  daemon->dhcp_buff = safe_malloc(256);
+  daemon->dhcp_buff2 = safe_malloc(256); 
+  daemon->dhcp_buff3 = safe_malloc(256);
+  
+  /* dhcp_packet is used by v4 and v6, outpacket only by v6 
+     sizeof(struct dhcp_packet) is as good an initial size as any,
+     even for v6 */
+  expand_buf(&daemon->dhcp_packet, sizeof(struct dhcp_packet));
+#ifdef HAVE_DHCP6
+  if (daemon->dhcp6)
+    expand_buf(&daemon->outpacket, sizeof(struct dhcp_packet));
+#endif
+}
+
+ssize_t recv_dhcp_packet(int fd, struct msghdr *msg)
+{  
+  ssize_t sz;
+ 
+  while (1)
+    {
+      msg->msg_flags = 0;
+      while ((sz = recvmsg(fd, msg, MSG_PEEK | MSG_TRUNC)) == -1 && errno == EINTR);
+      
+      if (sz == -1)
+	return -1;
+      
+      if (!(msg->msg_flags & MSG_TRUNC))
+	break;
+
+      /* Very new Linux kernels return the actual size needed, 
+	 older ones always return truncated size */
+      if ((size_t)sz == msg->msg_iov->iov_len)
+	{
+	  if (!expand_buf(msg->msg_iov, sz + 100))
+	    return -1;
+	}
+      else
+	{
+	  expand_buf(msg->msg_iov, sz);
+	  break;
+	}
+    }
+  
+  while ((sz = recvmsg(fd, msg, 0)) == -1 && errno == EINTR);
+  
+  return (msg->msg_flags & MSG_TRUNC) ? -1 : sz;
+}
+
+struct dhcp_netid *run_tag_if(struct dhcp_netid *tags)
+{
+  struct tag_if *exprs;
+  struct dhcp_netid_list *list;
+
+  for (exprs = daemon->tag_if; exprs; exprs = exprs->next)
+    if (match_netid(exprs->tag, tags, 1))
+      for (list = exprs->set; list; list = list->next)
+	{
+	  list->list->next = tags;
+	  tags = list->list;
+	}
+
+  return tags;
+}
+
+
+struct dhcp_netid *option_filter(struct dhcp_netid *tags, struct dhcp_netid *context_tags, struct dhcp_opt *opts)
+{
+  struct dhcp_netid *tagif = run_tag_if(tags);
+  struct dhcp_opt *opt;
+
+  /* flag options which are valid with the current tag set (sans context tags) */
+  for (opt = opts; opt; opt = opt->next)
+    {
+      opt->flags &= ~DHOPT_TAGOK;
+      if (!(opt->flags & (DHOPT_ENCAPSULATE | DHOPT_VENDOR | DHOPT_RFC3925)) &&
+	  match_netid(opt->netid, tagif, 0))
+	opt->flags |= DHOPT_TAGOK;
+    }
+
+  /* now flag options which are valid, including the context tags,
+     otherwise valid options are inhibited if we found a higher priority one above */
+  if (context_tags)
+    {
+      struct dhcp_netid *last_tag;
+
+      for (last_tag = context_tags; last_tag->next; last_tag = last_tag->next);
+      last_tag->next = tags;
+      tagif = run_tag_if(context_tags);
+      
+      for (opt = opts; opt; opt = opt->next)
+	if (!(opt->flags & (DHOPT_ENCAPSULATE | DHOPT_VENDOR | DHOPT_RFC3925 | DHOPT_TAGOK)) &&
+	    match_netid(opt->netid, tagif, 0))
+	  {
+	    struct dhcp_opt *tmp;  
+	    for (tmp = opts; tmp; tmp = tmp->next) 
+	      if (tmp->opt == opt->opt && opt->netid && (tmp->flags & DHOPT_TAGOK))
+		break;
+	    if (!tmp)
+	      opt->flags |= DHOPT_TAGOK;
+	  }      
+    }
+  
+  /* now flag untagged options which are not overridden by tagged ones */
+  for (opt = opts; opt; opt = opt->next)
+    if (!(opt->flags & (DHOPT_ENCAPSULATE | DHOPT_VENDOR | DHOPT_RFC3925 | DHOPT_TAGOK)) && !opt->netid)
+      {
+	struct dhcp_opt *tmp;  
+	for (tmp = opts; tmp; tmp = tmp->next) 
+	  if (tmp->opt == opt->opt && (tmp->flags & DHOPT_TAGOK))
+	    break;
+	if (!tmp)
+	  opt->flags |= DHOPT_TAGOK;
+	else if (!tmp->netid)
+	  my_syslog(MS_DHCP | LOG_WARNING, _("Ignoring duplicate dhcp-option %d"), tmp->opt); 
+      }
+
+  return tagif;
+}
+	
+/* Is every member of check matched by a member of pool? 
+   If tagnotneeded, untagged is OK */
+int match_netid(struct dhcp_netid *check, struct dhcp_netid *pool, int tagnotneeded)
+{
+  struct dhcp_netid *tmp1;
+  
+  if (!check && !tagnotneeded)
+    return 0;
+
+  for (; check; check = check->next)
+    {
+      /* '#' for not is for backwards compat. */
+      if (check->net[0] != '!' && check->net[0] != '#')
+	{
+	  for (tmp1 = pool; tmp1; tmp1 = tmp1->next)
+	    if (strcmp(check->net, tmp1->net) == 0)
+	      break;
+	  if (!tmp1)
+	    return 0;
+	}
+      else
+	for (tmp1 = pool; tmp1; tmp1 = tmp1->next)
+	  if (strcmp((check->net)+1, tmp1->net) == 0)
+	    return 0;
+    }
+  return 1;
+}
+
+/* return domain or NULL if none. */
+char *strip_hostname(char *hostname)
+{
+  char *dot = strchr(hostname, '.');
+ 
+  if (!dot)
+    return NULL;
+  
+  *dot = 0; /* truncate */
+  if (strlen(dot+1) != 0)
+    return dot+1;
+  
+  return NULL;
+}
+
+void log_tags(struct dhcp_netid *netid, u32 xid)
+{
+  if (netid && option_bool(OPT_LOG_OPTS))
+    {
+      char *s = daemon->namebuff;
+      for (*s = 0; netid; netid = netid->next)
+	{
+	  /* kill dupes. */
+	  struct dhcp_netid *n;
+	  
+	  for (n = netid->next; n; n = n->next)
+	    if (strcmp(netid->net, n->net) == 0)
+	      break;
+	  
+	  if (!n)
+	    {
+	      strncat (s, netid->net, (MAXDNAME-1) - strlen(s));
+	      if (netid->next)
+		strncat (s, ", ", (MAXDNAME-1) - strlen(s));
+	    }
+	}
+      my_syslog(MS_DHCP | LOG_INFO, _("%u tags: %s"), xid, s);
+    } 
+}   
+  
+int match_bytes(struct dhcp_opt *o, unsigned char *p, int len)
+{
+  int i;
+  
+  if (o->len > len)
+    return 0;
+  
+  if (o->len == 0)
+    return 1;
+     
+  if (o->flags & DHOPT_HEX)
+    { 
+      if (memcmp_masked(o->val, p, o->len, o->u.wildcard_mask))
+	return 1;
+    }
+  else 
+    for (i = 0; i <= (len - o->len); ) 
+      {
+	if (memcmp(o->val, p + i, o->len) == 0)
+	  return 1;
+	    
+	if (o->flags & DHOPT_STRING)
+	  i++;
+	else
+	  i += o->len;
+      }
+  
+  return 0;
+}
+
+void check_dhcp_hosts(int fatal)
+{
+  /* If the same IP appears in more than one host config, then DISCOVER
+     for one of the hosts will get the address, but REQUEST will be NAKed,
+     since the address is reserved by the other one -> protocol loop. 
+     Also check that FQDNs match the domain we are using. */
+  
+  struct dhcp_config *configs, *cp;
+ 
+  for (configs = daemon->dhcp_conf; configs; configs = configs->next)
+    {
+      char *domain;
+
+      if ((configs->flags & DHOPT_BANK) || fatal)
+       {
+	 for (cp = configs->next; cp; cp = cp->next)
+	   if ((configs->flags & cp->flags & CONFIG_ADDR) && configs->addr.s_addr == cp->addr.s_addr)
+	     {
+	       if (fatal)
+		 die(_("duplicate IP address %s in dhcp-config directive."), 
+		     inet_ntoa(cp->addr), EC_BADCONF);
+	       else
+		 my_syslog(MS_DHCP | LOG_ERR, _("duplicate IP address %s in %s."), 
+			   inet_ntoa(cp->addr), daemon->dhcp_hosts_file);
+	       configs->flags &= ~CONFIG_ADDR;
+	     }
+	 
+	 /* split off domain part */
+	 if ((configs->flags & CONFIG_NAME) && (domain = strip_hostname(configs->hostname)))
+	   configs->domain = domain;
+       }
+    }
+}
+
+void dhcp_update_configs(struct dhcp_config *configs)
+{
+  /* Some people like to keep all static IP addresses in /etc/hosts.
+     This goes through /etc/hosts and sets static addresses for any DHCP config
+     records which don't have an address and whose name matches. 
+     We take care to maintain the invariant that any IP address can appear
+     in at most one dhcp-host. Since /etc/hosts can be re-read by SIGHUP, 
+     restore the status-quo ante first. */
+  
+  struct dhcp_config *config;
+  struct crec *crec;
+  int prot = AF_INET;
+
+  for (config = configs; config; config = config->next)
+    if (config->flags & CONFIG_ADDR_HOSTS)
+      config->flags &= ~(CONFIG_ADDR | CONFIG_ADDR6 | CONFIG_ADDR_HOSTS);
+
+#ifdef HAVE_DHCP6 
+ again:  
+#endif
+
+  if (daemon->port != 0)
+    for (config = configs; config; config = config->next)
+      {
+	int conflags = CONFIG_ADDR;
+	int cacheflags = F_IPV4;
+
+#ifdef HAVE_DHCP6
+	if (prot == AF_INET6)
+	  {
+	    conflags = CONFIG_ADDR6;
+	    cacheflags = F_IPV6;
+	  }
+#endif
+	if (!(config->flags & conflags) &&
+	    (config->flags & CONFIG_NAME) && 
+	    (crec = cache_find_by_name(NULL, config->hostname, 0, cacheflags)) &&
+	    (crec->flags & F_HOSTS))
+	  {
+	    if (cache_find_by_name(crec, config->hostname, 0, cacheflags))
+	      {
+		/* use primary (first) address */
+	      while (crec && !(crec->flags & F_REVERSE))
+		crec = cache_find_by_name(crec, config->hostname, 0, cacheflags);
+	      if (!crec)
+		continue; /* should be never */
+	      inet_ntop(prot, &crec->addr.addr, daemon->addrbuff, ADDRSTRLEN);
+	      my_syslog(MS_DHCP | LOG_WARNING, _("%s has more than one address in hostsfile, using %s for DHCP"), 
+			config->hostname, daemon->addrbuff);
+	      }
+	    
+	    if (prot == AF_INET && !config_find_by_address(configs, crec->addr.addr.addr.addr4))
+	      {
+		config->addr = crec->addr.addr.addr.addr4;
+		config->flags |= CONFIG_ADDR | CONFIG_ADDR_HOSTS;
+		continue;
+	      }
+
+#ifdef HAVE_DHCP6
+	    if (prot == AF_INET6 && !config_find_by_address6(configs, &crec->addr.addr.addr.addr6, 128, 0))
+	      {
+		memcpy(&config->addr6, &crec->addr.addr.addr.addr6, IN6ADDRSZ);
+		config->flags |= CONFIG_ADDR6 | CONFIG_ADDR_HOSTS;
+		continue;
+	      }
+#endif
+
+	    inet_ntop(prot, &crec->addr.addr, daemon->addrbuff, ADDRSTRLEN);
+	    my_syslog(MS_DHCP | LOG_WARNING, _("duplicate IP address %s (%s) in dhcp-config directive"), 
+		      daemon->addrbuff, config->hostname);
+	    
+	    
+	  }
+      }
+
+#ifdef HAVE_DHCP6
+  if (prot == AF_INET)
+    {
+      prot = AF_INET6;
+      goto again;
+    }
+#endif
+
+}
+
+#ifdef HAVE_DHCP6
+static int join_multicast_worker(struct in6_addr *local, int prefix, 
+				 int scope, int if_index, int dad, void *vparam)
+{
+  char ifrn_name[IFNAMSIZ];
+  struct ipv6_mreq mreq;
+  int fd, i, max = *((int *)vparam);
+  struct dhcp_context *context;
+  struct iname *tmp;
+
+  (void)prefix;
+  (void)scope;
+  (void)dad;
+  
+  /* record which interfaces we join on, so that we do it at most one per 
+     interface, even when they have multiple addresses. Use outpacket
+     as an array of int, since it's always allocated here and easy
+     to expand for theoretical vast numbers of interfaces. */
+  for (i = 0; i < max; i++)
+    if (if_index == ((int *)daemon->outpacket.iov_base)[i])
+      return 1;
+  
+  if ((fd = socket(PF_INET6, SOCK_DGRAM, 0)) == -1)
+    return 0;
+  
+  if (!indextoname(fd, if_index, ifrn_name))
+    {
+      close(fd);
+      return 0;
+    }
+  
+  close(fd);
+
+  /* Are we doing DHCP on this interface? */
+  if (!iface_check(AF_INET6, (struct all_addr *)local, ifrn_name))
+    return 1;
+ 
+  for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
+    if (tmp->name && (strcmp(tmp->name, ifrn_name) == 0))
+      return 1;
+
+  /* weird libvirt-inspired access control */
+  for (context = daemon->dhcp6; context; context = context->next)
+    if (!context->interface || strcmp(context->interface, ifrn_name) == 0)
+      break;
+
+  if (!context)
+    return 1;
+  
+  mreq.ipv6mr_interface = if_index;
+  
+  inet_pton(AF_INET6, ALL_RELAY_AGENTS_AND_SERVERS, &mreq.ipv6mr_multiaddr);
+  
+  if (daemon->dhcp6 &&
+      setsockopt(daemon->dhcp6fd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq, sizeof(mreq)) == -1)
+    return 0;
+
+  inet_pton(AF_INET6, ALL_SERVERS, &mreq.ipv6mr_multiaddr);
+  
+  if (daemon->dhcp6 && 
+      setsockopt(daemon->dhcp6fd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq, sizeof(mreq)) == -1)
+    return 0;
+  
+  inet_pton(AF_INET6, ALL_ROUTERS, &mreq.ipv6mr_multiaddr);
+  
+  if (daemon->ra_contexts &&
+      setsockopt(daemon->icmp6fd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq, sizeof(mreq)) == -1)
+    return 0;
+  
+  expand_buf(&daemon->outpacket, (max+1) * sizeof(int));
+  ((int *)daemon->outpacket.iov_base)[max++] = if_index;
+  
+  *((int *)vparam) = max;
+  
+  return 1;
+}
+
+void join_multicast(void)
+{
+  int count = 0;
+
+   if (!iface_enumerate(AF_INET6, &count, join_multicast_worker))
+     die(_("failed to join DHCPv6 multicast group: %s"), NULL, EC_BADNET);
+}
+#endif
+
+#endif

src/dhcp-protocol.h

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -13,6 +13,11 @@
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
+#define DHCP_SERVER_PORT 67
+#define DHCP_CLIENT_PORT 68
+#define DHCP_SERVER_ALTPORT 1067
+#define DHCP_CLIENT_ALTPORT 1068
+#define PXE_PORT 4011
 
 #define BOOTREQUEST              1
 #define BOOTREPLY                2

src/dhcp.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -23,8 +23,15 @@ struct iface_param {
   int ind;
 };
 
+struct match_param {
+  int ind, matched;
+  struct in_addr netmask, broadcast, addr;
+};
+
 static int complete_context(struct in_addr local, int if_index, 
 			    struct in_addr netmask, struct in_addr broadcast, void *vparam);
+static int check_listen_addrs(struct in_addr local, int if_index, 
+			      struct in_addr netmask, struct in_addr broadcast, void *vparam);
 
 static int make_fd(int port)
 {
@@ -34,16 +41,22 @@ static int make_fd(int port)
 #if defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DONT)
   int mtu = IP_PMTUDISC_DONT;
 #endif
+#if defined(IP_TOS) && defined(IPTOS_CLASS_CS6)
+  int tos = IPTOS_CLASS_CS6;
+#endif
 
   if (fd == -1)
     die (_("cannot create DHCP socket: %s"), NULL, EC_BADNET);
   
   if (!fix_fd(fd) ||
 #if defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DONT)
-      setsockopt(fd, SOL_IP, IP_MTU_DISCOVER, &mtu, sizeof(mtu)) == -1 ||
+      setsockopt(fd, IPPROTO_IP, IP_MTU_DISCOVER, &mtu, sizeof(mtu)) == -1 ||
+#endif
+#if defined(IP_TOS) && defined(IPTOS_CLASS_CS6)
+      setsockopt(fd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) == -1 ||
 #endif
 #if defined(HAVE_LINUX_NETWORK)
-      setsockopt(fd, SOL_IP, IP_PKTINFO, &oneopt, sizeof(oneopt)) == -1 ||
+      setsockopt(fd, IPPROTO_IP, IP_PKTINFO, &oneopt, sizeof(oneopt)) == -1 ||
 #else
       setsockopt(fd, IPPROTO_IP, IP_RECVIF, &oneopt, sizeof(oneopt)) == -1 ||
 #endif
@@ -106,11 +119,8 @@ void dhcp_init(void)
 #endif
   
   check_dhcp_hosts(1);
-    
-  daemon->dhcp_packet.iov_len = sizeof(struct dhcp_packet); 
-  daemon->dhcp_packet.iov_base = safe_malloc(daemon->dhcp_packet.iov_len);
 }
-  
+
 void dhcp_packet(time_t now, int pxe_fd)
 {
   int fd = pxe_fd ? daemon->pxefd : daemon->dhcpfd;
@@ -124,7 +134,7 @@ void dhcp_packet(time_t now, int pxe_fd)
   struct iovec iov;
   ssize_t sz; 
   int iface_index = 0, unicast_dest = 0, is_inform = 0;
-  struct in_addr iface_addr, *addrp = NULL;
+  struct in_addr iface_addr;
   struct iface_param parm;
 #ifdef HAVE_LINUX_NETWORK
   struct arpreq arp_req;
@@ -140,56 +150,23 @@ void dhcp_packet(time_t now, int pxe_fd)
     char control[CMSG_SPACE(sizeof(struct sockaddr_dl))];
 #endif
   } control_u;
-  
-  msg.msg_control = NULL;
-  msg.msg_controllen = 0;
-  msg.msg_name = NULL;
-  msg.msg_namelen = 0;
+  struct dhcp_bridge *bridge, *alias;
+
+  msg.msg_controllen = sizeof(control_u);
+  msg.msg_control = control_u.control;
+  msg.msg_name = &dest;
+  msg.msg_namelen = sizeof(dest);
   msg.msg_iov = &daemon->dhcp_packet;
   msg.msg_iovlen = 1;
   
-  while (1)
-    {
-      msg.msg_flags = 0;
-      while ((sz = recvmsg(fd, &msg, MSG_PEEK | MSG_TRUNC)) == -1 && errno == EINTR);
-      
-      if (sz == -1)
-	return;
-      
-      if (!(msg.msg_flags & MSG_TRUNC))
-	break;
-
-      /* Very new Linux kernels return the actual size needed, 
-	 older ones always return truncated size */
-      if ((size_t)sz == daemon->dhcp_packet.iov_len)
-	{
-	  if (!expand_buf(&daemon->dhcp_packet, sz + 100))
-	    return;
-	}
-      else
-	{
-	  expand_buf(&daemon->dhcp_packet, sz);
-	  break;
-	}
-    }
-  
-  /* expand_buf may have moved buffer */
-  mess = (struct dhcp_packet *)daemon->dhcp_packet.iov_base;
-  msg.msg_controllen = sizeof(control_u);
-  msg.msg_control = control_u.control;
-  msg.msg_flags = 0;
-  msg.msg_name = &dest;
-  msg.msg_namelen = sizeof(dest);
-
-  while ((sz = recvmsg(fd, &msg, 0)) == -1 && errno == EINTR);
- 
-  if ((msg.msg_flags & MSG_TRUNC) || sz < (ssize_t)(sizeof(*mess) - sizeof(mess->options)))
+  if ((sz = recv_dhcp_packet(fd, &msg)) == -1 || 
+      (sz < (ssize_t)(sizeof(*mess) - sizeof(mess->options)))) 
     return;
-  
-#if defined (HAVE_LINUX_NETWORK)
+    
+  #if defined (HAVE_LINUX_NETWORK)
   if (msg.msg_controllen >= sizeof(struct cmsghdr))
     for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
-      if (cmptr->cmsg_level == SOL_IP && cmptr->cmsg_type == IP_PKTINFO)
+      if (cmptr->cmsg_level == IPPROTO_IP && cmptr->cmsg_type == IP_PKTINFO)
 	{
 	  union {
 	    unsigned char *c;
@@ -236,26 +213,50 @@ void dhcp_packet(time_t now, int pxe_fd)
   strncpy(arp_req.arp_dev, ifr.ifr_name, 16);
 #endif 
 
+   /* One form of bridging on BSD has the property that packets
+      can be recieved on bridge interfaces which do not have an IP address.
+      We allow these to be treated as aliases of another interface which does have
+      an IP address with --dhcp-bridge=interface,alias,alias */
+  for (bridge = daemon->bridges; bridge; bridge = bridge->next)
+    {
+      for (alias = bridge->alias; alias; alias = alias->next)
+	if (strncmp(ifr.ifr_name, alias->iface, IF_NAMESIZE) == 0)
+	  {
+	    if (!(iface_index = if_nametoindex(bridge->iface)))
+	      {
+		my_syslog(LOG_WARNING, _("unknown interface %s in bridge-interface"), ifr.ifr_name);
+		return;
+	      }
+	    else 
+	      {
+		strncpy(ifr.ifr_name,  bridge->iface, IF_NAMESIZE);
+		break;
+	      }
+	  }
+      
+      if (alias)
+	break;
+    }
+
 #ifdef MSG_BCAST
   /* OpenBSD tells us when a packet was broadcast */
   if (!(msg.msg_flags & MSG_BCAST))
     unicast_dest = 1;
 #endif
-
+  
   ifr.ifr_addr.sa_family = AF_INET;
   if (ioctl(daemon->dhcpfd, SIOCGIFADDR, &ifr) != -1 )
+    iface_addr = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
+  else
     {
-      addrp = &iface_addr;
-      iface_addr = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
+      my_syslog(MS_DHCP | LOG_WARNING, _("DHCP packet received on %s which has no address"), ifr.ifr_name);
+      return;
     }
-
-  if (!iface_check(AF_INET, (struct all_addr *)addrp, ifr.ifr_name, &iface_index))
-    return;
   
   for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
     if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
       return;
-
+  
   /* weird libvirt-inspired access control */
   for (context = daemon->dhcp; context; context = context->next)
     if (!context->interface || strcmp(context->interface, ifr.ifr_name) == 0)
@@ -263,7 +264,7 @@ void dhcp_packet(time_t now, int pxe_fd)
 
   if (!context)
     return;
-  
+
   /* unlinked contexts are marked by context->current == context */
   for (context = daemon->dhcp; context; context = context->next)
     context->current = context;
@@ -271,29 +272,29 @@ void dhcp_packet(time_t now, int pxe_fd)
   parm.current = NULL;
   parm.ind = iface_index;
 
-    /* interface may have been changed by alias in iface_check, make sure it gets priority in case
-       there is more than one address on the interface in the same subnet */
-  if (ioctl(daemon->dhcpfd, SIOCGIFADDR, &ifr) == -1)
+  if (!iface_check(AF_INET, (struct all_addr *)&iface_addr, ifr.ifr_name))
     {
-      my_syslog(MS_DHCP | LOG_WARNING, _("DHCP packet received on %s which has no address"), ifr.ifr_name);
-      return;
-    }
-  else
-    {
-      iface_addr = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
-      if (ioctl(daemon->dhcpfd, SIOCGIFNETMASK, &ifr) != -1)
-	{
-	  struct in_addr netmask =  ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
-	  if (ioctl(daemon->dhcpfd, SIOCGIFBRDADDR, &ifr) != -1)
-	    {
-	      struct in_addr broadcast =  ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
-	      complete_context(iface_addr, iface_index, netmask, broadcast, &parm);
-	    }
-	}
-    } 
+      /* If we failed to match the primary address of the interface, see if we've got a --listen-address
+	 for a secondary */
+      struct match_param match;
 
+      match.matched = 0;
+      match.ind = iface_index;
+      
+      if (!daemon->if_addrs ||
+	  !iface_enumerate(AF_INET, &match, check_listen_addrs) ||
+	  !match.matched)
+	return;
+
+      iface_addr = match.addr;
+      /* make sure secondary address gets priority in case
+	 there is more than one address on the interface in the same subnet */
+      complete_context(match.addr, iface_index, match.netmask, match.broadcast, &parm);
+    }    
+      
   if (!iface_enumerate(AF_INET, &parm, complete_context))
     return;
+  
   lease_prune(NULL, now); /* lose any expired leases */
   iov.iov_len = dhcp_reply(parm.current, ifr.ifr_name, iface_index, (size_t)sz, 
 			   now, unicast_dest, &is_inform, pxe_fd, iface_addr);
@@ -316,7 +317,7 @@ void dhcp_packet(time_t now, int pxe_fd)
 #ifdef HAVE_SOCKADDR_SA_LEN
   dest.sin_len = sizeof(struct sockaddr_in);
 #endif
-     
+  
   if (pxe_fd)
     { 
       if (mess->ciaddr.s_addr != 0)
@@ -354,7 +355,7 @@ void dhcp_packet(time_t now, int pxe_fd)
       pkt->ipi_ifindex = iface_index;
       pkt->ipi_spec_dst.s_addr = 0;
       msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
-      cmptr->cmsg_level = SOL_IP;
+      cmptr->cmsg_level = IPPROTO_IP;
       cmptr->cmsg_type = IP_PKTINFO;  
       dest.sin_addr.s_addr = INADDR_BROADCAST;
       dest.sin_port = htons(daemon->dhcp_client_port);
@@ -411,6 +412,30 @@ void dhcp_packet(time_t now, int pxe_fd)
   while(sendmsg(fd, &msg, 0) == -1 && retry_send());
 }
  
+/* check against secondary interface addresses */
+static int check_listen_addrs(struct in_addr local, int if_index, 
+			      struct in_addr netmask, struct in_addr broadcast, void *vparam)
+{
+  struct match_param *param = vparam;
+  struct iname *tmp;
+
+  if (if_index == param->ind)
+    {
+      for (tmp = daemon->if_addrs; tmp; tmp = tmp->next)
+	if ( tmp->addr.sa.sa_family == AF_INET &&
+	     tmp->addr.in.sin_addr.s_addr == local.s_addr)
+	  {
+	    param->matched = 1;
+	    param->addr = local;
+	    param->netmask = netmask;
+	    param->broadcast = broadcast;
+	    break;
+	  }
+    }
+  
+  return 1;
+}
+
 /* This is a complex routine: it gets called with each (address,netmask,broadcast) triple 
    of each interface (and any relay address) and does the  following things:
 
@@ -549,50 +574,6 @@ struct dhcp_config *config_find_by_address(struct dhcp_config *configs, struct i
   return NULL;
 }
 
-/* Is every member of check matched by a member of pool? 
-   If tagnotneeded, untagged is OK */
-int match_netid(struct dhcp_netid *check, struct dhcp_netid *pool, int tagnotneeded)
-{
-  struct dhcp_netid *tmp1;
-  
-  if (!check && !tagnotneeded)
-    return 0;
-
-  for (; check; check = check->next)
-    {
-      /* '#' for not is for backwards compat. */
-      if (check->net[0] != '!' && check->net[0] != '#')
-	{
-	  for (tmp1 = pool; tmp1; tmp1 = tmp1->next)
-	    if (strcmp(check->net, tmp1->net) == 0)
-	      break;
-	  if (!tmp1)
-	    return 0;
-	}
-      else
-	for (tmp1 = pool; tmp1; tmp1 = tmp1->next)
-	  if (strcmp((check->net)+1, tmp1->net) == 0)
-	    return 0;
-    }
-  return 1;
-}
-
-struct dhcp_netid *run_tag_if(struct dhcp_netid *tags)
-{
-  struct tag_if *exprs;
-  struct dhcp_netid_list *list;
-
-  for (exprs = daemon->tag_if; exprs; exprs = exprs->next)
-    if (match_netid(exprs->tag, tags, 1))
-      for (list = exprs->set; list; list = list->next)
-	{
-	  list->list->next = tags;
-	  tags = list->list;
-	}
-
-  return tags;
-}
-
 int address_allocate(struct dhcp_context *context,
 		     struct in_addr *addrp, unsigned char *hwaddr, int hw_len, 
 		     struct dhcp_netid *netids, time_t now)   
@@ -788,7 +769,7 @@ struct dhcp_config *find_config(struct dhcp_config *configs,
 	  is_addr_in_context(context, config))
 	return config;
 
-  /* use match with fewest wildcast octets */
+  /* use match with fewest wildcard octets */
   for (candidate = NULL, count = 0, config = configs; config; config = config->next)
     if (is_addr_in_context(context, config))
       for (conf_addr = config->hwaddr; conf_addr; conf_addr = conf_addr->next)
@@ -965,85 +946,6 @@ void dhcp_read_ethers(void)
   my_syslog(MS_DHCP | LOG_INFO, _("read %s - %d addresses"), ETHERSFILE, count);
 }
 
-void check_dhcp_hosts(int fatal)
-{
-  /* If the same IP appears in more than one host config, then DISCOVER
-     for one of the hosts will get the address, but REQUEST will be NAKed,
-     since the address is reserved by the other one -> protocol loop. 
-     Also check that FQDNs match the domain we are using. */
-  
-  struct dhcp_config *configs, *cp;
- 
-  for (configs = daemon->dhcp_conf; configs; configs = configs->next)
-    {
-      char *domain;
-
-      if ((configs->flags & DHOPT_BANK) || fatal)
-       {
-	 for (cp = configs->next; cp; cp = cp->next)
-	   if ((configs->flags & cp->flags & CONFIG_ADDR) && configs->addr.s_addr == cp->addr.s_addr)
-	     {
-	       if (fatal)
-		 die(_("duplicate IP address %s in dhcp-config directive."), 
-		     inet_ntoa(cp->addr), EC_BADCONF);
-	       else
-		 my_syslog(MS_DHCP | LOG_ERR, _("duplicate IP address %s in %s."), 
-			   inet_ntoa(cp->addr), daemon->dhcp_hosts_file);
-	       configs->flags &= ~CONFIG_ADDR;
-	     }
-	 
-	 /* split off domain part */
-	 if ((configs->flags & CONFIG_NAME) && (domain = strip_hostname(configs->hostname)))
-	   configs->domain = domain;
-       }
-    }
-}
-
-void dhcp_update_configs(struct dhcp_config *configs)
-{
-  /* Some people like to keep all static IP addresses in /etc/hosts.
-     This goes through /etc/hosts and sets static addresses for any DHCP config
-     records which don't have an address and whose name matches. 
-     We take care to maintain the invariant that any IP address can appear
-     in at most one dhcp-host. Since /etc/hosts can be re-read by SIGHUP, 
-     restore the status-quo ante first. */
-  
-  struct dhcp_config *config;
-  struct crec *crec;
-
-  for (config = configs; config; config = config->next)
-    if (config->flags & CONFIG_ADDR_HOSTS)
-      config->flags &= ~(CONFIG_ADDR | CONFIG_ADDR_HOSTS);
-  
-  
-  if (daemon->port != 0)
-    for (config = configs; config; config = config->next)
-      if (!(config->flags & CONFIG_ADDR) &&
-	  (config->flags & CONFIG_NAME) && 
-	  (crec = cache_find_by_name(NULL, config->hostname, 0, F_IPV4)) &&
-	  (crec->flags & F_HOSTS))
-	{
-	  if (cache_find_by_name(crec, config->hostname, 0, F_IPV4))
-	    {
-	      /* use primary (first) address */
-	      while (crec && !(crec->flags & F_REVERSE))
-		crec = cache_find_by_name(crec, config->hostname, 0, F_IPV4);
-	      if (!crec)
-		continue; /* should be never */
-	      my_syslog(MS_DHCP | LOG_WARNING, _("%s has more than one address in hostsfile, using %s for DHCP"), 
-			config->hostname, inet_ntoa(crec->addr.addr.addr.addr4));
-	    }
-
-	  if (config_find_by_address(configs, crec->addr.addr.addr.addr4))
-	    my_syslog(MS_DHCP | LOG_WARNING, _("duplicate IP address %s (%s) in dhcp-config directive"), 
-		      inet_ntoa(crec->addr.addr.addr.addr4), config->hostname);
-	  else 
-	    {
-	      config->addr = crec->addr.addr.addr.addr4;
-	      config->flags |= CONFIG_ADDR | CONFIG_ADDR_HOSTS;
-	    }
-	}
-}
 
 /* If we've not found a hostname any other way, try and see if there's one in /etc/hosts
    for this address. If it has a domain part, that must match the set domain and
@@ -1084,20 +986,5 @@ char *host_from_dns(struct in_addr addr)
   return NULL;
 }
 
-/* return domain or NULL if none. */
-char *strip_hostname(char *hostname)
-{
-  char *dot = strchr(hostname, '.');
- 
-  if (!dot)
-    return NULL;
-  
-  *dot = 0; /* truncate */
-  if (strlen(dot+1) != 0)
-    return dot+1;
-  
-  return NULL;
-}
-
 #endif
 

src/dhcp6-protocol.h

@@ -0,0 +1,67 @@
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991, or
+   (at your option) version 3 dated 29 June, 2007.
+ 
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+     
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#define DHCPV6_SERVER_PORT 547
+#define DHCPV6_CLIENT_PORT 546
+
+#define ALL_SERVERS                  "FF05::1:3"
+#define ALL_RELAY_AGENTS_AND_SERVERS "FF02::1:2"
+
+#define DHCP6SOLICIT      1
+#define DHCP6ADVERTISE    2
+#define DHCP6REQUEST      3
+#define DHCP6CONFIRM      4
+#define DHCP6RENEW        5
+#define DHCP6REBIND       6
+#define DHCP6REPLY        7
+#define DHCP6RELEASE      8
+#define DHCP6DECLINE      9
+#define DHCP6RECONFIGURE  10
+#define DHCP6IREQ         11
+#define DHCP6RELAYFORW    12
+#define DHCP6RELAYREPL    13
+
+#define OPTION6_CLIENT_ID       1
+#define OPTION6_SERVER_ID       2
+#define OPTION6_IA_NA           3
+#define OPTION6_IA_TA           4
+#define OPTION6_IAADDR          5
+#define OPTION6_ORO             6
+#define OPTION6_PREFERENCE      7
+#define OPTION6_ELAPSED_TIME    8
+#define OPTION6_RELAY_MSG       9
+#define OPTION6_AUTH            11
+#define OPTION6_UNICAST         12
+#define OPTION6_STATUS_CODE     13
+#define OPTION6_RAPID_COMMIT    14
+#define OPTION6_USER_CLASS      15
+#define OPTION6_VENDOR_CLASS    16
+#define OPTION6_VENDOR_OPTS     17
+#define OPTION6_INTERFACE_ID    18
+#define OPTION6_RECONFIGURE_MSG 19
+#define OPTION6_RECONF_ACCEPT   20
+#define OPTION6_DNS_SERVER      23
+#define OPTION6_REMOTE_ID       37
+#define OPTION6_SUBSCRIBER_ID   38
+#define OPTION6_FQDN            39
+
+#define DHCP6SUCCESS     0
+#define DHCP6UNSPEC      1
+#define DHCP6NOADDRS     2
+#define DHCP6NOBINDING   3
+#define DHCP6NOTONLINK   4
+#define DHCP6USEMULTI    5
+

src/dhcp6.c

@@ -0,0 +1,409 @@
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991, or
+   (at your option) version 3 dated 29 June, 2007.
+ 
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+     
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "dnsmasq.h"
+
+#ifdef HAVE_DHCP6
+
+struct iface_param {
+  struct dhcp_context *current;
+  struct in6_addr fallback;
+  int ind;
+};
+
+static int complete_context6(struct in6_addr *local,  int prefix,
+			     int scope, int if_index, int dad, void *vparam);
+
+static int make_duid1(int index, unsigned int type, char *mac, size_t maclen, void *parm); 
+
+void dhcp6_init(void)
+{
+  int fd;
+  struct sockaddr_in6 saddr;
+#if defined(IP_TOS) && defined(IPTOS_CLASS_CS6)
+  int class = IPTOS_CLASS_CS6;
+#endif
+  
+  if ((fd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP)) == -1 ||
+#if defined(IP_TOS) && defined(IPTOS_CLASS_CS6)
+      setsockopt(fd, IPPROTO_IPV6, IPV6_TCLASS, &class, sizeof(class)) == -1 ||
+#endif
+      !fix_fd(fd) ||
+      !set_ipv6pktinfo(fd))
+    die (_("cannot create DHCPv6 socket: %s"), NULL, EC_BADNET);
+  
+  memset(&saddr, 0, sizeof(saddr));
+#ifdef HAVE_SOCKADDR_SA_LEN
+  saddr.sin6_len = sizeof(struct sockaddr_in6);
+#endif
+  saddr.sin6_family = AF_INET6;
+  saddr.sin6_addr = in6addr_any;
+  saddr.sin6_port = htons(DHCPV6_SERVER_PORT);
+  
+  if (bind(fd, (struct sockaddr *)&saddr, sizeof(struct sockaddr_in6)))
+    die(_("failed to bind DHCPv6 server socket: %s"), NULL, EC_BADNET);
+  
+  daemon->dhcp6fd = fd;
+}
+
+void dhcp6_packet(time_t now)
+{
+  struct dhcp_context *context;
+  struct iface_param parm;
+  struct cmsghdr *cmptr;
+  struct msghdr msg;
+  int if_index = 0;
+  union {
+    struct cmsghdr align; /* this ensures alignment */
+    char control6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
+  } control_u;
+  struct sockaddr_in6 from;
+  struct all_addr dest;
+  ssize_t sz; 
+  struct ifreq ifr;
+  struct iname *tmp;
+
+  msg.msg_control = control_u.control6;
+  msg.msg_controllen = sizeof(control_u);
+  msg.msg_flags = 0;
+  msg.msg_name = &from;
+  msg.msg_namelen = sizeof(from);
+  msg.msg_iov =  &daemon->dhcp_packet;
+  msg.msg_iovlen = 1;
+  
+  if ((sz = recv_dhcp_packet(daemon->dhcp6fd, &msg)) == -1 || sz <= 4)
+    return;
+  
+  for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
+    if (cmptr->cmsg_level == IPPROTO_IPV6 && cmptr->cmsg_type == daemon->v6pktinfo)
+      {
+	union {
+	  unsigned char *c;
+	  struct in6_pktinfo *p;
+	} p;
+	p.c = CMSG_DATA(cmptr);
+        
+	if_index = p.p->ipi6_ifindex;
+	dest.addr.addr6 = p.p->ipi6_addr;
+      }
+
+  if (!indextoname(daemon->dhcp6fd, if_index, ifr.ifr_name))
+    return;
+    
+  if (!iface_check(AF_INET6, (struct all_addr *)&dest, ifr.ifr_name))
+    return;
+  
+  for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
+    if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
+      return;
+ 
+  /* weird libvirt-inspired access control */
+  for (context = daemon->dhcp6; context; context = context->next)
+    if (!context->interface || strcmp(context->interface, ifr.ifr_name) == 0)
+      break;
+  
+  if (!context)
+    return;
+
+  /* unlinked contexts are marked by context->current == context */
+  for (context = daemon->dhcp6; context; context = context->next)
+    {
+      context->current = context;
+      memset(&context->local6, 0, IN6ADDRSZ);
+    }
+
+  parm.current = NULL;
+  parm.ind = if_index;
+  memset(&parm.fallback, 0, IN6ADDRSZ);
+  
+  if (!iface_enumerate(AF_INET6, &parm, complete_context6))
+    return;
+  
+  lease_prune(NULL, now); /* lose any expired leases */
+
+  sz = dhcp6_reply(parm.current, if_index, ifr.ifr_name, &parm.fallback, 
+		   sz, IN6_IS_ADDR_MULTICAST(&from.sin6_addr), now);
+  
+  lease_update_file(now);
+  lease_update_dns();
+  
+  if (sz != 0)
+    while (sendto(daemon->dhcp6fd, daemon->outpacket.iov_base, sz, 0, (struct sockaddr *)&from, sizeof(from)) == -1 &&
+	   retry_send());
+}
+
+static int complete_context6(struct in6_addr *local,  int prefix,
+			     int scope, int if_index, int dad, void *vparam)
+{
+  struct dhcp_context *context;
+  struct iface_param *param = vparam;
+
+  (void)scope; /* warning */
+  (void)dad;
+  
+  if (if_index == param->ind &&
+      !IN6_IS_ADDR_LOOPBACK(local) &&
+      !IN6_IS_ADDR_LINKLOCAL(local) &&
+      !IN6_IS_ADDR_MULTICAST(local))
+    {
+      /* Determine a globally address on the arrival interface, even
+	 if we have no matching dhcp-context, because we're only
+	 allocating on remote subnets via relays. This
+	 is used as a default for the DNS server option. */
+      param->fallback = *local;
+      
+      for (context = daemon->dhcp6; context; context = context->next)
+	{
+	  if (prefix == context->prefix &&
+	      is_same_net6(local, &context->start6, prefix) &&
+	      is_same_net6(local, &context->end6, prefix))
+	    {
+	      /* link it onto the current chain if we've not seen it before */
+	      if (context->current == context)
+		{
+		  context->current = param->current;
+		  param->current = context;
+		  context->local6 = *local;
+		}
+	    }
+	}
+    }          
+  return 1;
+}
+
+struct dhcp_config *config_find_by_address6(struct dhcp_config *configs, struct in6_addr *net, int prefix, u64 addr)
+{
+  struct dhcp_config *config;
+  
+  for (config = configs; config; config = config->next)
+    if ((config->flags & CONFIG_ADDR6) &&
+	is_same_net6(&config->addr6, net, prefix) &&
+	(prefix == 128 || addr6part(&config->addr6) == addr))
+      return config;
+  
+  return NULL;
+}
+
+int address6_allocate(struct dhcp_context *context,  unsigned char *clid, int clid_len, 
+		      int serial, struct dhcp_netid *netids, struct in6_addr *ans)   
+{
+  /* Find a free address: exclude anything in use and anything allocated to
+     a particular hwaddr/clientid/hostname in our configuration.
+     Try to return from contexts which match netids first. 
+     
+     Note that we assume the address prefix lengths are 64 or greater, so we can
+     get by with 64 bit arithmetic.
+*/
+
+  u64 start, addr;
+  struct dhcp_context *c, *d;
+  int i, pass;
+  u64 j; 
+
+  /* hash hwaddr: use the SDBM hashing algorithm.  This works
+     for MAC addresses, let's see how it manages with client-ids! */
+  for (j = 0, i = 0; i < clid_len; i++)
+    j += clid[i] + (j << 6) + (j << 16) - j;
+  
+  for (pass = 0; pass <= 1; pass++)
+    for (c = context; c; c = c->current)
+      if (c->flags & (CONTEXT_STATIC | CONTEXT_PROXY))
+	continue;
+      else if (!match_netid(c->filter, netids, pass))
+	continue;
+      else
+	{ 
+	  if (option_bool(OPT_CONSEC_ADDR))
+	    /* seed is largest extant lease addr in this context */
+	    start = lease_find_max_addr6(c) + serial;
+	  else
+	    start = addr6part(&c->start6) + ((j + c->addr_epoch + serial) % (1 + addr6part(&c->end6) - addr6part(&c->start6)));
+
+	  /* iterate until we find a free address. */
+	  addr = start;
+	  
+	  do {
+	    /* eliminate addresses in use by the server. */
+	    for (d = context; d; d = d->current)
+	      if (addr == addr6part(&d->local6))
+		break;
+
+	    if (!d &&
+		!lease6_find_by_addr(&c->start6, c->prefix, addr) && 
+		!config_find_by_address6(daemon->dhcp_conf, &c->start6, c->prefix, addr))
+	      {
+		*ans = c->start6;
+		setaddr6part (ans, addr);
+		return 1;
+	      }
+	
+	    addr++;
+	    
+	    if (addr  == addr6part(&c->end6) + 1)
+	      addr = addr6part(&c->start6);
+	    
+	  } while (addr != start);
+	}
+  
+  return 0;
+}
+
+struct dhcp_context *address6_available(struct dhcp_context *context, 
+					struct in6_addr *taddr,
+					struct dhcp_netid *netids)
+{
+  u64 start, end, addr = addr6part(taddr);
+  struct dhcp_context *tmp;
+ 
+  for (tmp = context; tmp; tmp = tmp->current)
+    {
+      start = addr6part(&tmp->start6);
+      end = addr6part(&tmp->end6);
+
+      if (!(tmp->flags & (CONTEXT_STATIC | CONTEXT_PROXY)) &&
+          is_same_net6(&context->start6, taddr, context->prefix) &&
+	  is_same_net6(&context->end6, taddr, context->prefix) &&
+	  addr >= start &&
+          addr <= end &&
+          match_netid(tmp->filter, netids, 1))
+        return tmp;
+    }
+
+  return NULL;
+}
+
+struct dhcp_context *narrow_context6(struct dhcp_context *context, 
+				     struct in6_addr *taddr,
+				     struct dhcp_netid *netids)
+{
+  /* We start of with a set of possible contexts, all on the current physical interface.
+     These are chained on ->current.
+     Here we have an address, and return the actual context correponding to that
+     address. Note that none may fit, if the address came a dhcp-host and is outside
+     any dhcp-range. In that case we return a static range if possible, or failing that,
+     any context on the correct subnet. (If there's more than one, this is a dodgy 
+     configuration: maybe there should be a warning.) */
+  
+  struct dhcp_context *tmp;
+
+  if (!(tmp = address6_available(context, taddr, netids)))
+    {
+      for (tmp = context; tmp; tmp = tmp->current)
+        if (match_netid(tmp->filter, netids, 1) &&
+            is_same_net6(taddr, &tmp->start6, tmp->prefix) && 
+            (tmp->flags & CONTEXT_STATIC))
+          break;
+      
+      if (!tmp)
+        for (tmp = context; tmp; tmp = tmp->current)
+          if (match_netid(tmp->filter, netids, 1) &&
+              is_same_net6(taddr, &tmp->start6, tmp->prefix) &&
+              !(tmp->flags & CONTEXT_PROXY))
+            break;
+    }
+  
+  /* Only one context allowed now */
+  if (tmp)
+    tmp->current = NULL;
+  
+  return tmp;
+}
+
+static int is_addr_in_context6(struct dhcp_context *context, struct dhcp_config *config)
+{
+  if (!context) /* called via find_config() from lease_update_from_configs() */
+    return 1; 
+  if (!(config->flags & CONFIG_ADDR6))
+    return 1;
+  for (; context; context = context->current)
+    if (is_same_net6(&config->addr6, &context->start6, context->prefix))
+      return 1;
+  
+  return 0;
+}
+
+
+struct dhcp_config *find_config6(struct dhcp_config *configs,
+				 struct dhcp_context *context,
+				 unsigned char *duid, int duid_len,
+				 char *hostname)
+{
+  struct dhcp_config *config; 
+      
+  if (duid)
+    for (config = configs; config; config = config->next)
+      if (config->flags & CONFIG_CLID)
+	{
+	  if (config->clid_len == duid_len && 
+	      memcmp(config->clid, duid, duid_len) == 0 &&
+	      is_addr_in_context6(context, config))
+	    return config;
+	}
+    
+  if (hostname && context)
+    for (config = configs; config; config = config->next)
+      if ((config->flags & CONFIG_NAME) && 
+          hostname_isequal(config->hostname, hostname) &&
+          is_addr_in_context6(context, config))
+        return config;
+
+  return NULL;
+}
+
+void make_duid(time_t now)
+{
+  /* rebase epoch to 1/1/2000 */
+  time_t newnow = now - 946684800;
+  
+  iface_enumerate(AF_LOCAL, &newnow, make_duid1);
+  
+  if(!daemon->duid)
+    die("Cannot create DHCPv6 server DUID: %s", NULL, EC_MISC);
+}
+
+static int make_duid1(int index, unsigned int type, char *mac, size_t maclen, void *parm)
+{
+  /* create DUID as specified in RFC3315. We use the MAC of the
+     first interface we find that isn't loopback or P-to-P and
+     has address-type < 256. Address types above 256 are things like 
+     tunnels which don't have usable MAC addresses. */
+  
+  unsigned char *p;
+  (void)index;
+
+  if (type >= 256)
+    return 1;
+
+#ifdef HAVE_BROKEN_RTC
+  daemon->duid = p = safe_malloc(maclen + 4);
+  daemon->duid_len = maclen + 4;
+  PUTSHORT(3, p); /* DUID_LL */
+  PUTSHORT(type, p); /* address type */
+#else
+  daemon->duid = p = safe_malloc(maclen + 8);
+  daemon->duid_len = maclen + 8;
+  PUTSHORT(1, p); /* DUID_LLT */
+  PUTSHORT(type, p); /* address type */
+  PUTLONG(*((time_t *)parm), p); /* time */
+#endif
+
+  memcpy(p, mac, maclen);
+
+  return 0;
+}
+#endif
+
+

src/dns-protocol.h

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -14,6 +14,9 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
+#define NAMESERVER_PORT 53
+#define TFTP_PORT       69
+
 #define IN6ADDRSZ       16
 #define INADDRSZ        4
 

src/dnsmasq.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -14,54 +14,13 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
+/* Declare static char *compiler_opts  in config.h */
+#define DNSMASQ_COMPILE_OPTS
+
 #include "dnsmasq.h"
 
 struct daemon *daemon;
 
-static char *compile_opts = 
-#ifndef HAVE_IPV6
-"no-"
-#endif
-"IPv6 "
-#ifndef HAVE_GETOPT_LONG
-"no-"
-#endif
-"GNU-getopt "
-#ifdef HAVE_BROKEN_RTC
-"no-RTC "
-#endif
-#ifdef NO_FORK
-"no-MMU "
-#endif
-#ifndef HAVE_DBUS
-"no-"
-#endif
-"DBus "
-#ifndef LOCALEDIR
-"no-"
-#endif
-"i18n "
-#ifndef HAVE_DHCP
-"no-"
-#endif
-"DHCP "
-#if defined(HAVE_DHCP) && !defined(HAVE_SCRIPT)
-"no-scripts "
-#endif
-#ifndef HAVE_TFTP
-"no-"
-#endif
-"TFTP "
-#ifndef HAVE_CONNTRACK
-"no-"
-#endif
-"conntrack "
-#if !defined(LOCALEDIR) && !defined(HAVE_IDN)
-"no-"
-#endif 
-"IDN";
-
-
 static volatile pid_t pid = 0;
 static volatile int pipewrite;
 
@@ -69,7 +28,8 @@ static int set_dns_listeners(time_t now, fd_set *set, int *maxfdp);
 static void check_dns_listeners(fd_set *set, time_t now);
 static void sig_handler(int sig);
 static void async_event(int pipe, time_t now);
-static void fatal_event(struct event_desc *ev);
+static void fatal_event(struct event_desc *ev, char *msg);
+static int read_event(int fd, struct event_desc *evp, char **msg);
 
 int main (int argc, char **argv)
 {
@@ -79,7 +39,7 @@ int main (int argc, char **argv)
   struct iname *if_tmp;
   int piperead, pipefd[2], err_pipe[2];
   struct passwd *ent_pw = NULL;
-#if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
+#if defined(HAVE_SCRIPT)
   uid_t script_uid = 0;
   gid_t script_gid = 0;
 #endif
@@ -122,18 +82,29 @@ int main (int argc, char **argv)
     daemon->edns_pktsz : DNSMASQ_PACKETSZ;
   daemon->packet = safe_malloc(daemon->packet_buff_sz);
 
+  daemon->addrbuff = safe_malloc(ADDRSTRLEN);
+
 #ifdef HAVE_DHCP
   if (!daemon->lease_file)
     {
-      if (daemon->dhcp)
+      if (daemon->dhcp || daemon->dhcp6)
 	daemon->lease_file = LEASEFILE;
     }
 #endif
   
-  /* Close any file descriptors we inherited apart from std{in|out|err} */
+  /* Close any file descriptors we inherited apart from std{in|out|err} 
+     
+     Ensure that at least stdin, stdout and stderr (fd 0, 1, 2) exist,
+     otherwise file descriptors we create can end up being 0, 1, or 2 
+     and then get accidentally closed later when we make 0, 1, and 2 
+     open to /dev/null. Normally we'll be started with 0, 1 and 2 open, 
+     but it's not guaranteed. By opening /dev/null three times, we 
+     ensure that we're not using those fds for real stuff. */
   for (i = 0; i < max_fd; i++)
     if (i != STDOUT_FILENO && i != STDERR_FILENO && i != STDIN_FILENO)
       close(i);
+    else
+      open("/dev/null", O_RDWR); 
 
 #ifdef HAVE_LINUX_NETWORK
   netlink_init();
@@ -175,22 +146,52 @@ int main (int argc, char **argv)
   now = dnsmasq_time();
   
 #ifdef HAVE_DHCP
-  if (daemon->dhcp)
+  if (daemon->dhcp || daemon->dhcp6)
     {
       /* Note that order matters here, we must call lease_init before
 	 creating any file descriptors which shouldn't be leaked
-	 to the lease-script init process. */
+	 to the lease-script init process. We need to call common_init
+	 before lease_init to allocate buffers it uses.*/
+      dhcp_common_init();
       lease_init(now);
-      dhcp_init();
+  
+      if (daemon->dhcp)
+	dhcp_init();
     }
+  
+#  ifdef HAVE_DHCP6
+  /* Start RA subsystem if --enable-ra OR dhcp-range=<subnet>, ra-only */
+  if (daemon->ra_contexts || option_bool(OPT_RA))
+    {
+      /* link the DHCP6 contexts to the ra-only ones so we can traverse them all 
+	 from ->ra_contexts, but only the non-ra-onlies from ->dhcp6 */
+      struct dhcp_context *context;
+      
+      if (!daemon->ra_contexts)
+	daemon->ra_contexts = daemon->dhcp6;
+      else
+	{
+	  for (context = daemon->ra_contexts; context->next; context = context->next);
+	  context->next = daemon->dhcp6;
+	}
+      ra_init(now);
+    }
+
+  if (daemon->dhcp6)
+    dhcp6_init();
+
+  if (daemon->ra_contexts || daemon->dhcp6)
+    join_multicast();
+#  endif
+
 #endif
 
   if (!enumerate_interfaces())
     die(_("failed to find list of interfaces: %s"), NULL, EC_MISC);
-    
+  
   if (option_bool(OPT_NOWILD)) 
     {
-      daemon->listeners = create_bound_listeners();
+      create_bound_listeners(1);
 
       for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
 	if (if_tmp->name && !if_tmp->used)
@@ -204,7 +205,7 @@ int main (int argc, char **argv)
 	  }
     }
   else 
-    daemon->listeners = create_wildcard_listeners();
+    create_wildcard_listeners();
   
   if (daemon->port != 0)
     cache_init();
@@ -225,9 +226,11 @@ int main (int argc, char **argv)
   if (daemon->port != 0)
     pre_allocate_sfds();
 
-#if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
+#if defined(HAVE_SCRIPT)
   /* Note getpwnam returns static storage */
-  if (daemon->dhcp && daemon->lease_change_command && daemon->scriptuser)
+  if ((daemon->dhcp || daemon->dhcp6) && 
+      daemon->scriptuser && 
+      (daemon->lease_change_command || daemon->luascript))
     {
       if ((ent_pw = getpwnam(daemon->scriptuser)))
 	{
@@ -290,7 +293,7 @@ int main (int argc, char **argv)
   piperead = pipefd[0];
   pipewrite = pipefd[1];
   /* prime the pipe to load stuff first time. */
-  send_event(pipewrite, EVENT_RELOAD, 0); 
+  send_event(pipewrite, EVENT_RELOAD, 0, NULL); 
 
   err_pipe[1] = -1;
   
@@ -313,18 +316,19 @@ int main (int argc, char **argv)
 	  
 	  if ((pid = fork()) == -1)
 	    /* fd == -1 since we've not forked, never returns. */
-	    send_event(-1, EVENT_FORK_ERR, errno);
+	    send_event(-1, EVENT_FORK_ERR, errno, NULL);
 	   
 	  if (pid != 0)
 	    {
 	      struct event_desc ev;
-	      
+	      char *msg;
+
 	      /* close our copy of write-end */
 	      close(err_pipe[1]);
 	      
 	      /* check for errors after the fork */
-	      if (read_write(err_pipe[0], (unsigned char *)&ev, sizeof(ev), 1))
-		fatal_event(&ev);
+	      if (read_event(err_pipe[0], &ev, &msg))
+		fatal_event(&ev, msg);
 	      
 	      _exit(EC_GOOD);
 	    } 
@@ -336,7 +340,7 @@ int main (int argc, char **argv)
 	  setsid();
 	 
 	  if ((pid = fork()) == -1)
-	    send_event(err_pipe[1], EVENT_FORK_ERR, errno);
+	    send_event(err_pipe[1], EVENT_FORK_ERR, errno, NULL);
 	 
 	  if (pid != 0)
 	    _exit(0);
@@ -356,7 +360,7 @@ int main (int argc, char **argv)
 	    }
 	  else if (getuid() == 0)
 	    {
-	      send_event(err_pipe[1], EVENT_PIDFILE, errno);
+	      send_event(err_pipe[1], EVENT_PIDFILE, errno, daemon->runfile);
 	      _exit(0);
 	    }
 	}
@@ -376,8 +380,8 @@ int main (int argc, char **argv)
    
    /* if we are to run scripts, we need to fork a helper before dropping root. */
   daemon->helperfd = -1;
-#if defined(HAVE_DHCP) && defined(HAVE_SCRIPT) 
-  if (daemon->dhcp && daemon->lease_change_command)
+#ifdef HAVE_SCRIPT 
+  if ((daemon->dhcp || daemon->dhcp6) && (daemon->lease_change_command || daemon->luascript))
     daemon->helperfd = create_helper(pipewrite, err_pipe[1], script_uid, script_gid, max_fd);
 #endif
 
@@ -391,17 +395,23 @@ int main (int argc, char **argv)
 	  (setgroups(0, &dummy) == -1 ||
 	   setgid(gp->gr_gid) == -1))
 	{
-	  send_event(err_pipe[1], EVENT_GROUP_ERR, errno);
+	  send_event(err_pipe[1], EVENT_GROUP_ERR, errno, daemon->groupname);
 	  _exit(0);
 	}
   
       if (ent_pw && ent_pw->pw_uid != 0)
 	{     
-#if defined(HAVE_LINUX_NETWORK)
+#if defined(HAVE_LINUX_NETWORK)	  
 	  /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
-	     CAP_NET_RAW (for icmp) if we're doing dhcp */
-	  data->effective = data->permitted = data->inheritable =
-	    (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID);
+	     CAP_NET_RAW (for icmp) if we're doing dhcp. If we have yet to bind 
+	     ports because of DAD, we need CAP_NET_BIND_SERVICE too. */
+	  if (is_dad_listeners())
+	    data->effective = data->permitted = data->inheritable =
+	      (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | 
+	      (1 << CAP_SETUID) | (1 << CAP_NET_BIND_SERVICE);
+	  else
+	    data->effective = data->permitted = data->inheritable =
+	      (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID);
 	  
 	  /* Tell kernel to not clear capabilities when dropping root */
 	  if (capset(hdr, data) == -1 || prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1)
@@ -431,26 +441,30 @@ int main (int argc, char **argv)
 
 	  if (bad_capabilities != 0)
 	    {
-	      send_event(err_pipe[1], EVENT_CAP_ERR, bad_capabilities);
+	      send_event(err_pipe[1], EVENT_CAP_ERR, bad_capabilities, NULL);
 	      _exit(0);
 	    }
 	  
 	  /* finally drop root */
 	  if (setuid(ent_pw->pw_uid) == -1)
 	    {
-	      send_event(err_pipe[1], EVENT_USER_ERR, errno);
+	      send_event(err_pipe[1], EVENT_USER_ERR, errno, daemon->username);
 	      _exit(0);
 	    }     
 
 #ifdef HAVE_LINUX_NETWORK
-	  data->effective = data->permitted = 
-	    (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW);
+	 if (is_dad_listeners())
+	   data->effective = data->permitted =
+	     (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_NET_BIND_SERVICE);
+	 else
+	   data->effective = data->permitted = 
+	     (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW);
 	  data->inheritable = 0;
 	  
 	  /* lose the setuid and setgid capbilities */
 	  if (capset(hdr, data) == -1)
 	    {
-	      send_event(err_pipe[1], EVENT_CAP_ERR, errno);
+	      send_event(err_pipe[1], EVENT_CAP_ERR, errno, NULL);
 	      _exit(0);
 	    }
 #endif
@@ -505,27 +519,63 @@ int main (int argc, char **argv)
 
   if (daemon->max_logs != 0)
     my_syslog(LOG_INFO, _("asynchronous logging enabled, queue limit is %d messages"), daemon->max_logs);
+ 
+  if (daemon->ra_contexts)
+    my_syslog(MS_DHCP | LOG_INFO, _("IPv6 router advertisement enabled"));
 
 #ifdef HAVE_DHCP
-  if (daemon->dhcp)
+  if (daemon->dhcp || daemon->dhcp6)
     {
       struct dhcp_context *dhcp_tmp;
-      
-      for (dhcp_tmp = daemon->dhcp; dhcp_tmp; dhcp_tmp = dhcp_tmp->next)
+      int family = AF_INET;
+      dhcp_tmp = daemon->dhcp;
+     
+#ifdef HAVE_DHCP6
+    again:
+#endif
+      for (; dhcp_tmp; dhcp_tmp = dhcp_tmp->next)
 	{
+	  void *start = &dhcp_tmp->start;
+	  void *end = &dhcp_tmp->end;
+	  
+#ifdef HAVE_DHCP6
+	  if (family == AF_INET6)
+	    {
+	      start = &dhcp_tmp->start6;
+	      end = &dhcp_tmp->end6;
+	    }
+#endif
+	  
 	  prettyprint_time(daemon->dhcp_buff2, dhcp_tmp->lease_time);
-	  strcpy(daemon->dhcp_buff, inet_ntoa(dhcp_tmp->start));
+	  inet_ntop(family, start, daemon->dhcp_buff, 256);
+	  inet_ntop(family, end, daemon->dhcp_buff3, 256);
 	  my_syslog(MS_DHCP | LOG_INFO, 
 		    (dhcp_tmp->flags & CONTEXT_STATIC) ? 
 		    _("DHCP, static leases only on %.0s%s, lease time %s") :
+		    (dhcp_tmp->flags & CONTEXT_RA_ONLY) ? 
+		    _("router advertisement only on %.0s%s, lifetime %s") :
 		    (dhcp_tmp->flags & CONTEXT_PROXY) ?
 		    _("DHCP, proxy on subnet %.0s%s%.0s") :
 		    _("DHCP, IP range %s -- %s, lease time %s"),
-		    daemon->dhcp_buff, inet_ntoa(dhcp_tmp->end), daemon->dhcp_buff2);
+		    daemon->dhcp_buff, daemon->dhcp_buff3, daemon->dhcp_buff2);
 	}
+      
+#ifdef HAVE_DHCP6
+      if (family == AF_INET)
+	{
+	  family = AF_INET6;
+	  if (daemon->ra_contexts)
+	    dhcp_tmp = daemon->ra_contexts;
+	  else
+	    dhcp_tmp = daemon->dhcp6;
+	  goto again;
+	}
+#endif
+
     }
 #endif
 
+
 #ifdef HAVE_TFTP
   if (daemon->tftp_unlimited || daemon->tftp_interfaces)
     {
@@ -605,6 +655,13 @@ int main (int argc, char **argv)
 	  t.tv_usec = 250000;
 	  tp = &t;
 	}
+      /* Wake every second whilst waiting for DAD to complete */
+      else if (is_dad_listeners())
+	{
+	  t.tv_sec = 1;
+	  t.tv_usec = 0;
+	  tp = &t;
+	}
 
 #ifdef HAVE_DBUS
       set_dbus_listeners(&maxfd, &rset, &wset, &eset);
@@ -623,6 +680,20 @@ int main (int argc, char **argv)
 	}
 #endif
 
+#ifdef HAVE_DHCP6
+      if (daemon->dhcp6)
+	{
+	  FD_SET(daemon->dhcp6fd, &rset);
+	  bump_maxfd(daemon->dhcp6fd, &maxfd);
+	  
+	  if (daemon->ra_contexts)
+	    {
+	      FD_SET(daemon->icmp6fd, &rset);
+	      bump_maxfd(daemon->icmp6fd, &maxfd); 
+	    }
+	}
+#endif
+
 #ifdef HAVE_LINUX_NETWORK
       FD_SET(daemon->netlinkfd, &rset);
       bump_maxfd(daemon->netlinkfd, &maxfd);
@@ -659,6 +730,15 @@ int main (int argc, char **argv)
       now = dnsmasq_time();
 
       check_log_writer(&wset);
+      
+      /* Check the interfaces to see if any have exited DAD state
+	 and if so, bind the address. */
+      if (is_dad_listeners())
+	{
+	  enumerate_interfaces();
+	  /* NB, is_dad_listeners() == 1 --> we're binding interfaces */
+	  create_bound_listeners(0);
+	}
 
 #ifdef HAVE_LINUX_NETWORK
       if (FD_ISSET(daemon->netlinkfd, &rset))
@@ -709,6 +789,17 @@ int main (int argc, char **argv)
 	    dhcp_packet(now, 1);
 	}
 
+#ifdef HAVE_DHCP6
+      if (daemon->dhcp6)
+	{
+	  if (FD_ISSET(daemon->dhcp6fd, &rset))
+	    dhcp6_packet(now);
+
+	  if (daemon->ra_contexts && FD_ISSET(daemon->icmp6fd, &rset))
+	    icmp6_packet();
+	}
+#endif
+
 #  ifdef HAVE_SCRIPT
       if (daemon->helperfd != -1 && FD_ISSET(daemon->helperfd, &wset))
 	helper_write();
@@ -753,28 +844,62 @@ static void sig_handler(int sig)
       else
 	return;
 
-      send_event(pipewrite, event, 0); 
+      send_event(pipewrite, event, 0, NULL); 
       errno = errsave;
     }
 }
 
-void send_event(int fd, int event, int data)
+void send_alarm(void)
+{
+  send_event(pipewrite, EVENT_ALARM, 0, NULL);
+}
+
+void send_event(int fd, int event, int data, char *msg)
 {
   struct event_desc ev;
-  
+  struct iovec iov[2];
+
   ev.event = event;
   ev.data = data;
+  ev.msg_sz = msg ? strlen(msg) : 0;
+  
+  iov[0].iov_base = &ev;
+  iov[0].iov_len = sizeof(ev);
+  iov[1].iov_base = msg;
+  iov[1].iov_len = ev.msg_sz;
   
   /* error pipe, debug mode. */
   if (fd == -1)
-    fatal_event(&ev);
+    fatal_event(&ev, msg);
   else
     /* pipe is non-blocking and struct event_desc is smaller than
        PIPE_BUF, so this either fails or writes everything */
-    while (write(fd, &ev, sizeof(ev)) == -1 && errno == EINTR);
+    while (writev(fd, iov, msg ? 2 : 1) == -1 && errno == EINTR);
 }
 
-static void fatal_event(struct event_desc *ev)
+/* NOTE: the memory used to return msg is leaked: use msgs in events only
+   to describe fatal errors. */
+static int read_event(int fd, struct event_desc *evp, char **msg)
+{
+  char *buf;
+
+  if (!read_write(fd, (unsigned char *)evp, sizeof(struct event_desc), 1))
+    return 0;
+  
+  *msg = NULL;
+  
+  if (evp->msg_sz != 0 && 
+      (buf = malloc(evp->msg_sz + 1)) &&
+      read_write(fd, (unsigned char *)buf, evp->msg_sz, 1))
+    {
+      buf[evp->msg_sz] = 0;
+      *msg = buf;
+    }
+
+  return 1;
+}
+    
+static void fatal_event(struct event_desc *ev, char *msg)
 {
   errno = ev->data;
   
@@ -793,19 +918,19 @@ static void fatal_event(struct event_desc *ev)
       die(_("setting capabilities failed: %s"), NULL, EC_MISC);
 
     case EVENT_USER_ERR:
-    case EVENT_HUSER_ERR:
-      die(_("failed to change user-id to %s: %s"), 
-	  ev->event == EVENT_USER_ERR ? daemon->username : daemon->scriptuser,
-	  EC_MISC);
+      die(_("failed to change user-id to %s: %s"), msg, EC_MISC);
 
     case EVENT_GROUP_ERR:
-      die(_("failed to change group-id to %s: %s"), daemon->groupname, EC_MISC);
+      die(_("failed to change group-id to %s: %s"), msg, EC_MISC);
       
     case EVENT_PIDFILE:
-      die(_("failed to open pidfile %s: %s"), daemon->runfile, EC_FILE);
+      die(_("failed to open pidfile %s: %s"), msg, EC_FILE);
 
     case EVENT_LOG_ERR:
-      die(_("cannot open %s: %s"), daemon->log_file ? daemon->log_file : "log", EC_FILE);
+      die(_("cannot open log %s: %s"), msg, EC_FILE);
+    
+    case EVENT_LUA_ERR:
+      die(_("failed to load Lua script: %s"), msg, EC_MISC);
     }
 }	
       
@@ -814,8 +939,12 @@ static void async_event(int pipe, time_t now)
   pid_t p;
   struct event_desc ev;
   int i;
-
-  if (read_write(pipe, (unsigned char *)&ev, sizeof(ev), 1))
+  char *msg;
+  
+  /* NOTE: the memory used to return msg is leaked: use msgs in events only
+     to describe fatal errors. */
+  
+  if (read_event(pipe, &ev, &msg))
     switch (ev.event)
       {
       case EVENT_RELOAD:
@@ -837,11 +966,21 @@ static void async_event(int pipe, time_t now)
 	
       case EVENT_ALARM:
 #ifdef HAVE_DHCP
-	if (daemon->dhcp)
+	if (daemon->dhcp || daemon->dhcp6)
 	  {
 	    lease_prune(NULL, now);
 	    lease_update_file(now);
 	  }
+#ifdef HAVE_DHCP6
+	else if (daemon->ra_contexts)
+	  {
+	    /* Not doing DHCP, so no lease system, manage 
+	       alarms for ra only */
+	    time_t next_event = periodic_ra(now);
+	    if (next_event != 0)
+	      alarm((unsigned)difftime(next_event, now)); 
+	  }
+#endif
 #endif
 	break;
 		
@@ -860,11 +999,11 @@ static void async_event(int pipe, time_t now)
 	break;
 	
       case EVENT_KILLED:
-	my_syslog(LOG_WARNING, _("child process killed by signal %d"), ev.data);
+	my_syslog(LOG_WARNING, _("script process killed by signal %d"), ev.data);
 	break;
 
       case EVENT_EXITED:
-	my_syslog(LOG_WARNING, _("child process exited with status %d"), ev.data);
+	my_syslog(LOG_WARNING, _("script process exited with status %d"), ev.data);
 	break;
 
       case EVENT_EXEC_ERR:
@@ -873,9 +1012,10 @@ static void async_event(int pipe, time_t now)
 	break;
 
 	/* necessary for fatal errors in helper */
-      case EVENT_HUSER_ERR:
+      case EVENT_USER_ERR:
       case EVENT_DIE:
-	fatal_event(&ev);
+      case EVENT_LUA_ERR:
+	fatal_event(&ev, msg);
 	break;
 
       case EVENT_REOPEN:
@@ -892,7 +1032,7 @@ static void async_event(int pipe, time_t now)
 	  if (daemon->tcp_pids[i] != 0)
 	    kill(daemon->tcp_pids[i], SIGALRM);
 	
-#if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
+#if defined(HAVE_SCRIPT)
 	/* handle pending lease transitions */
 	if (daemon->helperfd != -1)
 	  {
@@ -994,7 +1134,7 @@ void clear_cache_and_reload(time_t now)
     cache_reload();
   
 #ifdef HAVE_DHCP
-  if (daemon->dhcp)
+  if (daemon->dhcp || daemon->dhcp6)
     {
       if (option_bool(OPT_ETHERS))
 	dhcp_read_ethers();
@@ -1005,6 +1145,16 @@ void clear_cache_and_reload(time_t now)
       lease_update_file(now); 
       lease_update_dns();
     }
+#ifdef HAVE_DHCP6
+  else if (daemon->ra_contexts)
+    {
+      /* Not doing DHCP, so no lease system, manage 
+	 alarms for ra only */
+      time_t next_event = periodic_ra(now);
+      if (next_event != 0)
+	alarm((unsigned)difftime(next_event, now)); 
+    }
+#endif
 #endif
 }
 
@@ -1288,7 +1438,15 @@ int icmp_ping(struct in_addr addr)
       FD_SET(fd, &rset);
       set_dns_listeners(now, &rset, &maxfd);
       set_log_writer(&wset, &maxfd);
-
+      
+#ifdef HAVE_DHCP6
+      if (daemon->ra_contexts)
+	{
+	  FD_SET(daemon->icmp6fd, &rset);
+	  bump_maxfd(daemon->icmp6fd, &maxfd); 
+	}
+#endif
+      
       if (select(maxfd+1, &rset, &wset, NULL, &tv) < 0)
 	{
 	  FD_ZERO(&rset);
@@ -1300,6 +1458,11 @@ int icmp_ping(struct in_addr addr)
       check_log_writer(&wset);
       check_dns_listeners(&rset, now);
 
+#ifdef HAVE_DHCP6
+      if (daemon->ra_contexts && FD_ISSET(daemon->icmp6fd, &rset))
+	icmp6_packet();
+#endif
+      
 #ifdef HAVE_TFTP
       check_tftp_listeners(&rset, now);
 #endif

src/dnsmasq.h

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
  
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -14,7 +14,7 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-#define COPYRIGHT "Copyright (c) 2000-2011 Simon Kelley" 
+#define COPYRIGHT "Copyright (c) 2000-2012 Simon Kelley" 
 
 #ifndef NO_LARGEFILE
 /* Ensure we can use files >2GB (log files may grow this big) */
@@ -39,9 +39,14 @@
 /* get these before config.h  for IPv6 stuff... */
 #include <sys/types.h> 
 #include <sys/socket.h>
+
+#ifdef __APPLE__
+/* Define before netinet/in.h to select API. OSX Lion onwards. */
+#  define __APPLE_USE_RFC_3542
+#endif
 #include <netinet/in.h>
 
-/* and this. */
+/* Also needed before config.h. */
 #include <getopt.h>
 
 #include "config.h"
@@ -49,9 +54,14 @@
 typedef unsigned char u8;
 typedef unsigned short u16;
 typedef unsigned int u32;
+typedef unsigned long long u64;
 
-#include "dns_protocol.h"
-#include "dhcp_protocol.h"
+#include "dns-protocol.h"
+#include "dhcp-protocol.h"
+#ifdef HAVE_DHCP6
+#include "dhcp6-protocol.h"
+#include "radv-protocol.h"
+#endif
 
 #define gettext_noop(S) (S)
 #ifndef LOCALEDIR
@@ -127,7 +137,7 @@ extern int capget(cap_user_header_t header, cap_user_data_t data);
 
 /* Async event queue */
 struct event_desc {
-  int event, data;
+  int event, data, msg_sz;
 };
 
 #define EVENT_RELOAD    1
@@ -148,6 +158,7 @@ struct event_desc {
 #define EVENT_DIE       16
 #define EVENT_LOG_ERR   17
 #define EVENT_FORK_ERR  18
+#define EVENT_LUA_ERR   19
 
 /* Exit codes. */
 #define EC_GOOD        0
@@ -204,7 +215,9 @@ struct event_desc {
 #define OPT_DNSSEC         33
 #define OPT_CONSEC_ADDR    34
 #define OPT_CONNTRACK      35
-#define OPT_LAST           36
+#define OPT_FQDN_UPDATE    36
+#define OPT_RA             37
+#define OPT_LAST           38
 
 /* extra flags for my_syslog, we use a couple of facilities since they are known 
    not to occupy the same bits as priorities, no matter how syslog.h is set up. */
@@ -363,7 +376,7 @@ struct server {
 struct irec {
   union mysockaddr addr;
   struct in_addr netmask; /* only valid for IPv4 */
-  int tftp_ok, mtu;
+  int tftp_ok, mtu, done, dad;
   char *name;
   struct irec *next;
 };
@@ -425,21 +438,26 @@ struct frec {
 #define ACTION_OLD           3
 #define ACTION_ADD           4
 
+#define LEASE_NEW            1  /* newly created */
+#define LEASE_CHANGED        2  /* modified */
+#define LEASE_AUX_CHANGED    4  /* CLID or expiry changed */
+#define LEASE_AUTH_NAME      8  /* hostname came from config, not from client */
+#define LEASE_USED          16  /* used this DHCPv6 transaction */
+#define LEASE_NA            32  /* IPv6 no-temporary lease */
+#define LEASE_TA            64  /* IPv6 temporary lease */
+
 struct dhcp_lease {
   int clid_len;          /* length of client identifier */
   unsigned char *clid;   /* clientid */
   char *hostname, *fqdn; /* name from client-hostname option or config */
   char *old_hostname;    /* hostname before it moved to another lease */
-  char auth_name;        /* hostname came from config, not from client */
-  char new;              /* newly created */
-  char changed;          /* modified */
-  char aux_changed;      /* CLID or expiry changed */
+  int flags;
   time_t expires;        /* lease expiry */
 #ifdef HAVE_BROKEN_RTC
   unsigned int length;
 #endif
-  int hwaddr_len, hwaddr_type;
-  unsigned char hwaddr[DHCP_CHADDR_MAX]; 
+  int hwaddr_len, hwaddr_type; /* hw_type used for iaid in v6 */
+  unsigned char hwaddr[DHCP_CHADDR_MAX]; /* also IPv6 address */
   struct in_addr addr, override, giaddr;
   unsigned char *extradata;
   unsigned int extradata_len, extradata_size;
@@ -476,6 +494,9 @@ struct dhcp_config {
   unsigned char *clid;   /* clientid */
   char *hostname, *domain;
   struct dhcp_netid_list *netid;
+#ifdef HAVE_DHCP6
+  struct in6_addr addr6;
+#endif
   struct in_addr addr;
   time_t decline_time;
   unsigned int lease_time;
@@ -483,6 +504,8 @@ struct dhcp_config {
   struct dhcp_config *next;
 };
 
+#define have_config(config, mask) ((config) && ((config)->flags & (mask))) 
+
 #define CONFIG_DISABLE           1
 #define CONFIG_CLID              2
 #define CONFIG_TIME              8
@@ -493,6 +516,7 @@ struct dhcp_config {
 #define CONFIG_ADDR_HOSTS      512    /* address added by from /etc/hosts */
 #define CONFIG_DECLINED       1024    /* address declined by client */
 #define CONFIG_BANK           2048    /* from dhcp hosts file */
+#define CONFIG_ADDR6          4096
 
 struct dhcp_opt {
   int opt, len, flags;
@@ -519,6 +543,7 @@ struct dhcp_opt {
 #define DHOPT_VENDOR_MATCH    1024
 #define DHOPT_RFC3925         2048
 #define DHOPT_TAGOK           4096
+#define DHOPT_ADDR6           8192
 
 struct dhcp_boot {
   char *file, *sname, *tftp_sname;
@@ -529,7 +554,7 @@ struct dhcp_boot {
 
 struct pxe_service {
   unsigned short CSA, type; 
-  char *menu, *basename;
+  char *menu, *basename, *sname;
   struct in_addr server;
   struct dhcp_netid *netid;
   struct pxe_service *next;
@@ -543,7 +568,8 @@ struct pxe_service {
 
 /* vendorclass, userclass, remote-id or cicuit-id */
 struct dhcp_vendor {
-  int len, match_type, option;
+  int len, match_type;
+  unsigned int enterprise;
   char *data;
   struct dhcp_netid netid;
   struct dhcp_vendor *next;
@@ -565,6 +591,10 @@ struct dhcp_bridge {
 struct cond_domain {
   char *domain;
   struct in_addr start, end;
+#ifdef HAVE_IPV6
+  struct in6_addr start6, end6;
+#endif
+  int is6;
   struct cond_domain *next;
 };
 
@@ -573,6 +603,12 @@ struct dhcp_context {
   struct in_addr netmask, broadcast;
   struct in_addr local, router;
   struct in_addr start, end; /* range of available addresses */
+#ifdef HAVE_DHCP6
+  struct in6_addr start6, end6; /* range of available addresses */
+  struct in6_addr local6;
+  int prefix;
+  time_t ra_time;
+#endif
   int flags;
   char *interface;
   struct dhcp_netid netid, *filter;
@@ -583,6 +619,8 @@ struct dhcp_context {
 #define CONTEXT_NETMASK   2
 #define CONTEXT_BRDCAST   4
 #define CONTEXT_PROXY     8
+#define CONTEXT_RA_ONLY  16
+#define CONTEXT_RA_DONE  32
 
 struct ping_result {
   struct in_addr addr;
@@ -645,6 +683,7 @@ extern struct daemon {
   char *mxtarget;
   char *lease_file; 
   char *username, *groupname, *scriptuser;
+  char *luascript;
   int group_set, osport;
   char *domain_suffix;
   struct cond_domain *cond_domain;
@@ -660,9 +699,9 @@ extern struct daemon {
   int port, query_port, min_port;
   unsigned long local_ttl, neg_ttl, max_ttl;
   struct hostsfile *addn_hosts;
-  struct dhcp_context *dhcp;
+  struct dhcp_context *dhcp, *dhcp6, *ra_contexts;
   struct dhcp_config *dhcp_conf;
-  struct dhcp_opt *dhcp_opts, *dhcp_match;
+  struct dhcp_opt *dhcp_opts, *dhcp_match, *dhcp_opts6, *dhcp_match6;
   struct dhcp_vendor *dhcp_vendors;
   struct dhcp_mac *dhcp_macs;
   struct dhcp_boot *boot_config;
@@ -716,7 +755,12 @@ extern struct daemon {
   struct ping_result *ping_results;
   FILE *lease_stream;
   struct dhcp_bridge *bridges;
-
+#ifdef HAVE_DHCP6
+  int duid_len;
+  unsigned char *duid;
+  struct iovec outpacket;
+  int dhcp6fd, icmp6fd;
+#endif
   /* DBus stuff */
   /* void * here to avoid depending on dbus headers outside dbus.c */
   void *dbus;
@@ -727,6 +771,9 @@ extern struct daemon {
   /* TFTP stuff */
   struct tftp_transfer *tftp_trans;
 
+  /* utility string buffer, hold max sized IP address as string */
+  char *addrbuff;
+
 } *daemon;
 
 /* cache.c */
@@ -744,12 +791,15 @@ void cache_start_insert(void);
 struct crec *cache_insert(char *name, struct all_addr *addr,
 			  time_t now, unsigned long ttl, unsigned short flags);
 void cache_reload(void);
-void cache_add_dhcp_entry(char *host_name, struct in_addr *host_address, time_t ttd);
+void cache_add_dhcp_entry(char *host_name, int prot, struct all_addr *host_address, time_t ttd);
 struct in_addr a_record_from_hosts(char *name, time_t now);
 void cache_unhash_dhcp(void);
 void dump_cache(time_t now);
 char *cache_get_name(struct crec *crecp);
 char *get_domain(struct in_addr addr);
+#ifdef HAVE_IPV6
+char *get_domain6(struct in6_addr *addr);
+#endif
 
 /* rfc1035.c */
 unsigned int extract_request(struct dns_header *header, size_t qlen, 
@@ -785,6 +835,11 @@ int sockaddr_isequal(union mysockaddr *s1, union mysockaddr *s2);
 int hostname_isequal(char *a, char *b);
 time_t dnsmasq_time(void);
 int is_same_net(struct in_addr a, struct in_addr b, struct in_addr mask);
+#ifdef HAVE_IPV6
+int is_same_net6(struct in6_addr *a, struct in6_addr *b, int prefixlen);
+u64 addr6part(struct in6_addr *addr);
+void setaddr6part(struct in6_addr *addr, u64 host);
+#endif
 int retry_send(void);
 void prettyprint_time(char *buf, unsigned int t);
 int prettyprint_addr(union mysockaddr *addr, char *buf);
@@ -808,7 +863,8 @@ void flush_log(void);
 
 /* option.c */
 void read_opts (int argc, char **argv, char *compile_opts);
-char *option_string(unsigned char opt, int *is_ip, int *is_name);
+char *option_string(int prot, unsigned int opt, unsigned char *val, 
+		    int opt_len, char *buf, int buf_len);
 void reread_dhcp(void);
 void set_option_bool(unsigned int opt);
 struct hostsfile *expand_filelist(struct hostsfile *list);
@@ -820,6 +876,9 @@ unsigned char *tcp_request(int confd, time_t now,
 			   union mysockaddr *local_addr, struct in_addr netmask);
 void server_gone(struct server *server);
 struct frec *get_new_frec(time_t now, int *wait);
+void send_from(int fd, int nowild, char *packet, size_t len, 
+	       union mysockaddr *to, struct all_addr *source,
+	       unsigned int iface);
 
 /* network.c */
 int indextoname(int fd, int index, char *name);
@@ -829,11 +888,15 @@ void pre_allocate_sfds(void);
 int reload_servers(char *fname);
 void check_servers(void);
 int enumerate_interfaces();
-struct listener *create_wildcard_listeners(void);
-struct listener *create_bound_listeners(void);
-int iface_check(int family, struct all_addr *addr, char *name, int *indexp);
+void create_wildcard_listeners(void);
+void create_bound_listeners(int die);
+int is_dad_listeners(void);
+int iface_check(int family, struct all_addr *addr, char *name);
 int fix_fd(int fd);
 struct in_addr get_ifaddr(char *intr);
+#ifdef HAVE_IPV6
+int set_ipv6pktinfo(int fd);
+#endif
 
 /* dhcp.c */
 #ifdef HAVE_DHCP
@@ -845,24 +908,18 @@ struct dhcp_context *address_available(struct dhcp_context *context,
 struct dhcp_context *narrow_context(struct dhcp_context *context, 
 				    struct in_addr taddr,
 				    struct dhcp_netid *netids);
-int match_netid(struct dhcp_netid *check, struct dhcp_netid *pool, int negonly);
 int address_allocate(struct dhcp_context *context,
 		     struct in_addr *addrp, unsigned char *hwaddr, int hw_len,
 		     struct dhcp_netid *netids, time_t now);
-struct dhcp_netid *run_tag_if(struct dhcp_netid *input);
 int config_has_mac(struct dhcp_config *config, unsigned char *hwaddr, int len, int type);
 struct dhcp_config *find_config(struct dhcp_config *configs,
 				struct dhcp_context *context,
 				unsigned char *clid, int clid_len,
 				unsigned char *hwaddr, int hw_len, 
 				int hw_type, char *hostname);
-void dhcp_update_configs(struct dhcp_config *configs);
 void dhcp_read_ethers(void);
-void check_dhcp_hosts(int fatal);
 struct dhcp_config *config_find_by_address(struct dhcp_config *configs, struct in_addr addr);
-char *strip_hostname(char *hostname);
 char *host_from_dns(struct in_addr addr);
-char *get_domain(struct in_addr addr);
 #endif
 
 /* lease.c */
@@ -870,10 +927,17 @@ char *get_domain(struct in_addr addr);
 void lease_update_file(time_t now);
 void lease_update_dns();
 void lease_init(time_t now);
-struct dhcp_lease *lease_allocate(struct in_addr addr);
+struct dhcp_lease *lease4_allocate(struct in_addr addr);
+#ifdef HAVE_DHCP6
+struct dhcp_lease *lease6_allocate(struct in6_addr *addrp, int lease_type);
+struct dhcp_lease *lease6_find(unsigned char *clid, int clid_len, 
+			       int lease_type, int iaid, struct in6_addr *addr);
+struct dhcp_lease *lease6_find_by_addr(struct in6_addr *net, int prefix, u64 addr);
+u64 lease_find_max_addr6(struct dhcp_context *context);
+#endif
 void lease_set_hwaddr(struct dhcp_lease *lease, unsigned char *hwaddr,
 		      unsigned char *clid, int hw_len, int hw_type, int clid_len);
-void lease_set_hostname(struct dhcp_lease *lease, char *name, int auth);
+void lease_set_hostname(struct dhcp_lease *lease, char *name, int auth, char *domain, char *config_domain);
 void lease_set_expires(struct dhcp_lease *lease, unsigned int len, time_t now);
 void lease_set_interface(struct dhcp_lease *lease, int interface);
 struct dhcp_lease *lease_find_by_client(unsigned char *hwaddr, int hw_len, int hw_type,  
@@ -884,6 +948,10 @@ void lease_prune(struct dhcp_lease *target, time_t now);
 void lease_update_from_configs(void);
 int do_script_run(time_t now);
 void rerun_scripts(void);
+#ifdef HAVE_SCRIPT
+void lease_add_extradata(struct dhcp_lease *lease, unsigned char *data, 
+			 unsigned int len, int delim);
+#endif
 #endif
 
 /* rfc2131.c */
@@ -899,7 +967,8 @@ unsigned char *extended_hwaddr(int hwtype, int hwlen, unsigned char *hwaddr,
 int make_icmp_sock(void);
 int icmp_ping(struct in_addr addr);
 #endif
-void send_event(int fd, int event, int data);
+void send_alarm(void);
+void send_event(int fd, int event, int data, char *msg);
 void clear_cache_and_reload(time_t now);
 void poll_resolv(int force, int do_reload, time_t now);
 
@@ -949,3 +1018,69 @@ void check_tftp_listeners(fd_set *rset, time_t now);
 int get_incoming_mark(union mysockaddr *peer_addr, struct all_addr *local_addr,
 		      int istcp, unsigned int *markp);
 #endif
+
+/* dhcp6.c */
+#ifdef HAVE_DHCP6
+void dhcp6_init(void);
+void dhcp6_packet(time_t now);
+int address6_allocate(struct dhcp_context *context,  unsigned char *clid, int clid_len, 
+		      int serial, struct dhcp_netid *netids, struct in6_addr *ans);
+struct dhcp_context *address6_available(struct dhcp_context *context, 
+					struct in6_addr *taddr,
+					struct dhcp_netid *netids);
+struct dhcp_context *narrow_context6(struct dhcp_context *context, 
+				     struct in6_addr *taddr,
+				     struct dhcp_netid *netids);
+struct dhcp_config *find_config6(struct dhcp_config *configs,
+				 struct dhcp_context *context,
+				 unsigned char *duid, int duid_len,
+				 char *hostname);
+struct dhcp_config *config_find_by_address6(struct dhcp_config *configs, struct in6_addr *net, 
+					    int prefix, u64 addr);
+void make_duid(time_t now);
+#endif
+
+/* rfc3315.c */
+#ifdef HAVE_DHCP6
+size_t dhcp6_reply(struct dhcp_context *context, int interface, char *iface_name,  
+		   struct in6_addr *fallback, size_t sz, int is_multicast, time_t now);
+#endif
+
+/* dhcp-common.c */
+#ifdef HAVE_DHCP
+void dhcp_common_init(void);
+ssize_t recv_dhcp_packet(int fd, struct msghdr *msg);
+struct dhcp_netid *run_tag_if(struct dhcp_netid *input);
+struct dhcp_netid *option_filter(struct dhcp_netid *tags, struct dhcp_netid *context_tags,
+				 struct dhcp_opt *opts);
+int match_netid(struct dhcp_netid *check, struct dhcp_netid *pool, int negonly);
+char *strip_hostname(char *hostname);
+void log_tags(struct dhcp_netid *netid, u32 xid);
+int match_bytes(struct dhcp_opt *o, unsigned char *p, int len);
+void dhcp_update_configs(struct dhcp_config *configs);
+void check_dhcp_hosts(int fatal);
+#  ifdef HAVE_DHCP6
+void join_multicast(void);
+#  endif
+#endif
+
+/* outpacket.c */
+#ifdef HAVE_DHCP6
+void end_opt6(int container);
+int save_counter(int newval);
+void *expand(size_t headroom);
+int new_opt6(int opt);
+void *put_opt6(void *data, size_t len);
+void put_opt6_long(unsigned int val);
+void put_opt6_short(unsigned int val);
+void put_opt6_char(unsigned int val);
+void put_opt6_string(char *s);
+#endif
+
+/* radv.c */
+#ifdef HAVE_DHCP6
+void ra_init(time_t now);
+void icmp6_packet(void);
+time_t periodic_ra(time_t now);
+void ra_start_unsolicted(time_t now);
+#endif

src/forward.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -26,9 +26,9 @@ static struct randfd *allocate_rfd(int family);
 
 /* Send a UDP packet with its source address set as "source" 
    unless nowild is true, when we just send it with the kernel default */
-static void send_from(int fd, int nowild, char *packet, size_t len, 
-		      union mysockaddr *to, struct all_addr *source,
-		      unsigned int iface)
+void send_from(int fd, int nowild, char *packet, size_t len, 
+	       union mysockaddr *to, struct all_addr *source,
+	       unsigned int iface)
 {
   struct msghdr msg;
   struct iovec iov[1]; 
@@ -70,7 +70,7 @@ static void send_from(int fd, int nowild, char *packet, size_t len,
 	  p.ipi_spec_dst = source->addr.addr4;
 	  memcpy(CMSG_DATA(cmptr), &p, sizeof(p));
 	  msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
-	  cmptr->cmsg_level = SOL_IP;
+	  cmptr->cmsg_level = IPPROTO_IP;
 	  cmptr->cmsg_type = IP_PKTINFO;
 #elif defined(IP_SENDSRCADDR)
 	  memcpy(CMSG_DATA(cmptr), &(source->addr.addr4), sizeof(source->addr.addr4));
@@ -88,10 +88,10 @@ static void send_from(int fd, int nowild, char *packet, size_t len,
 	  memcpy(CMSG_DATA(cmptr), &p, sizeof(p));
 	  msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
 	  cmptr->cmsg_type = daemon->v6pktinfo;
-	  cmptr->cmsg_level = IPV6_LEVEL;
+	  cmptr->cmsg_level = IPPROTO_IPV6;
 	}
 #else
-      iface = 0; /* eliminate warning */
+      (void)iface; /* eliminate warning */
 #endif
     }
   
@@ -106,8 +106,11 @@ static void send_from(int fd, int nowild, char *packet, size_t len,
 	  msg.msg_controllen = 0;
 	  goto retry;
 	}
+      
       if (retry_send())
 	goto retry;
+      
+      my_syslog(LOG_ERR, _("failed to send packet: %s"), strerror(errno));
     }
 }
           
@@ -703,7 +706,7 @@ void receive_query(struct listener *listen, time_t now)
 #if defined(HAVE_LINUX_NETWORK)
       if (listen->family == AF_INET)
 	for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
-	  if (cmptr->cmsg_level == SOL_IP && cmptr->cmsg_type == IP_PKTINFO)
+	  if (cmptr->cmsg_level == IPPROTO_IP && cmptr->cmsg_type == IP_PKTINFO)
 	    {
 	      union {
 		unsigned char *c;
@@ -743,7 +746,7 @@ void receive_query(struct listener *listen, time_t now)
       if (listen->family == AF_INET6)
 	{
 	  for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
-	    if (cmptr->cmsg_level == IPV6_LEVEL && cmptr->cmsg_type == daemon->v6pktinfo)
+	    if (cmptr->cmsg_level == IPPROTO_IPV6 && cmptr->cmsg_type == daemon->v6pktinfo)
 	      {
 		union {
 		  unsigned char *c;
@@ -760,15 +763,36 @@ void receive_query(struct listener *listen, time_t now)
       /* enforce available interface configuration */
       
       if (!indextoname(listen->fd, if_index, ifr.ifr_name) ||
-	  !iface_check(listen->family, &dst_addr, ifr.ifr_name, &if_index))
+	  !iface_check(listen->family, &dst_addr, ifr.ifr_name))
 	return;
       
-      if (listen->family == AF_INET &&
-	  option_bool(OPT_LOCALISE) &&
-	  ioctl(listen->fd, SIOCGIFNETMASK, &ifr) == -1)
-	return;
-      
-      netmask = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
+      if (listen->family == AF_INET && option_bool(OPT_LOCALISE))
+	{
+	  struct irec *iface;
+	  
+	  /* get the netmask of the interface whch has the address we were sent to.
+	     This is no neccessarily the interface we arrived on. */
+	  
+	  for (iface = daemon->interfaces; iface; iface = iface->next)
+	    if (iface->addr.sa.sa_family == AF_INET &&
+		iface->addr.in.sin_addr.s_addr == dst_addr_4.s_addr)
+	      break;
+	  
+	  /* interface may be new */
+	  if (!iface)
+	    enumerate_interfaces(); 
+	  
+	  for (iface = daemon->interfaces; iface; iface = iface->next)
+	    if (iface->addr.sa.sa_family == AF_INET &&
+		iface->addr.in.sin_addr.s_addr == dst_addr_4.s_addr)
+	      break;
+	  
+	  /* If we failed, abandon localisation */
+	  if (iface)
+	    netmask = iface->netmask;
+	  else
+	    dst_addr_4.s_addr = 0;
+	}
     }
   
   if (extract_request(header, (size_t)n, daemon->namebuff, &type))

src/helper.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -16,6 +16,8 @@
 
 #include "dnsmasq.h"
 
+#ifdef HAVE_SCRIPT
+
 /* This file has code to fork a helper process which recieves data via a pipe 
    shared with the main process and which is responsible for calling a script when
    DHCP leases change.
@@ -28,15 +30,25 @@
    main process.
 */
 
-#if defined(HAVE_DHCP) && defined(HAVE_SCRIPT)
-
 static void my_setenv(const char *name, const char *value, int *error);
 static unsigned char *grab_extradata(unsigned char *buf, unsigned char *end,  char *env, int *err);
 
+#ifdef HAVE_LUASCRIPT
+#include <lua.h>  
+#include <lualib.h>  
+#include <lauxlib.h>  
+
+lua_State *lua;
+
+static unsigned char *grab_extradata_lua(unsigned char *buf, unsigned char *end, char *field);
+#endif
+
+
 struct script_data
 {
-  unsigned char action, hwaddr_len, hwaddr_type;
-  unsigned char clid_len, hostname_len, ed_len;
+  int flags;
+  int action, hwaddr_len, hwaddr_type;
+  int clid_len, hostname_len, ed_len;
   struct in_addr addr, giaddr;
   unsigned int remaining_time;
 #ifdef HAVE_BROKEN_RTC
@@ -46,6 +58,7 @@ struct script_data
 #endif
   unsigned char hwaddr[DHCP_CHADDR_MAX];
   char interface[IF_NAMESIZE];
+
 };
 
 static struct script_data *buf = NULL;
@@ -61,7 +74,7 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
      then fork our process. */
   if (pipe(pipefd) == -1 || !fix_fd(pipefd[1]) || (pid = fork()) == -1)
     {
-      send_event(err_fd, EVENT_PIPE_ERR, errno);
+      send_event(err_fd, EVENT_PIPE_ERR, errno, NULL);
       _exit(0);
     }
 
@@ -88,38 +101,98 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
 	{
 	  if (option_bool(OPT_NO_FORK))
 	    /* send error to daemon process if no-fork */
-	    send_event(event_fd, EVENT_HUSER_ERR, errno);
+	    send_event(event_fd, EVENT_USER_ERR, errno, daemon->scriptuser);
 	  else
 	    {
 	      /* kill daemon */
-	      send_event(event_fd, EVENT_DIE, 0);
+	      send_event(event_fd, EVENT_DIE, 0, NULL);
 	      /* return error */
-	      send_event(err_fd, EVENT_HUSER_ERR, errno);
+	      send_event(err_fd, EVENT_USER_ERR, errno, daemon->scriptuser);
 	    }
 	  _exit(0);
 	}
     }
 
-  /* close all the sockets etc, we don't need them here. This closes err_fd, so that
-     main process can return. */
+  /* close all the sockets etc, we don't need them here. 
+     Don't close err_fd, in case the lua-init fails.
+     Note that we have to do this before lua init
+     so we don't close any lua fds. */
   for (max_fd--; max_fd >= 0; max_fd--)
     if (max_fd != STDOUT_FILENO && max_fd != STDERR_FILENO && 
-	max_fd != STDIN_FILENO && max_fd != pipefd[0] && max_fd != event_fd)
+	max_fd != STDIN_FILENO && max_fd != pipefd[0] && 
+	max_fd != event_fd && max_fd != err_fd)
       close(max_fd);
   
+#ifdef HAVE_LUASCRIPT
+  if (daemon->luascript)
+    {
+      const char *lua_err = NULL;
+      lua = lua_open();
+      luaL_openlibs(lua);
+      
+      /* get Lua to load our script file */
+      if (luaL_dofile(lua, daemon->luascript) != 0)
+	lua_err = lua_tostring(lua, -1);
+      else
+	{
+	  lua_getglobal(lua, "lease");
+	  if (lua_type(lua, -1) != LUA_TFUNCTION) 
+	    lua_err = _("lease() function missing in Lua script");
+	}
+      
+      if (lua_err)
+	{
+	  if (option_bool(OPT_NO_FORK) || option_bool(OPT_DEBUG))
+	    /* send error to daemon process if no-fork */
+	    send_event(event_fd, EVENT_LUA_ERR, 0, (char *)lua_err);
+	  else
+	    {
+	      /* kill daemon */
+	      send_event(event_fd, EVENT_DIE, 0, NULL);
+	      /* return error */
+	      send_event(err_fd, EVENT_LUA_ERR, 0, (char *)lua_err);
+	    }
+	  _exit(0);
+	}
+      
+      lua_pop(lua, 1);  /* remove nil from stack */
+      lua_getglobal(lua, "init");
+      if (lua_type(lua, -1) == LUA_TFUNCTION)
+	lua_call(lua, 0, 0);
+      else
+	lua_pop(lua, 1);  /* remove nil from stack */	
+    }
+#endif
+
+  /* All init done, close our copy of the error pipe, so that main process can return */
+  if (err_fd != -1)
+    close(err_fd);
+    
   /* loop here */
   while(1)
     {
       struct script_data data;
-      char *p, *action_str, *hostname = NULL;
+      char *p, *action_str, *hostname = NULL, *domain = NULL;
       unsigned char *buf = (unsigned char *)daemon->namebuff;
-      unsigned char *end, *alloc_buff = NULL;
-      int err = 0;
+      unsigned char *end, *extradata, *alloc_buff = NULL;
+      int is6, err = 0;
 
+      free(alloc_buff);
+      
       /* we read zero bytes when pipe closed: this is our signal to exit */ 
       if (!read_write(pipefd[0], (unsigned char *)&data, sizeof(data), 1))
-	_exit(0);
-      
+	{
+#ifdef HAVE_LUASCRIPT
+	  if (daemon->luascript)
+	    {
+	      lua_getglobal(lua, "shutdown");
+	      if (lua_type(lua, -1) == LUA_TFUNCTION)
+		lua_call(lua, 0, 0);
+	    }
+#endif
+	  _exit(0);
+	}
+
       if (data.action == ACTION_DEL)
 	action_str = "del";
       else if (data.action == ACTION_ADD)
@@ -128,53 +201,218 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
 	action_str = "old";
       else
 	continue;
+
+      is6 = !!(data.flags & (LEASE_TA | LEASE_NA));
 	
-      /* stringify MAC into dhcp_buff */
-      p = daemon->dhcp_buff;
-      if (data.hwaddr_type != ARPHRD_ETHER || data.hwaddr_len == 0) 
-        p += sprintf(p, "%.2x-", data.hwaddr_type);
-      for (i = 0; (i < data.hwaddr_len) && (i < DHCP_CHADDR_MAX); i++)
-        {
-          p += sprintf(p, "%.2x", data.hwaddr[i]);
-          if (i != data.hwaddr_len - 1)
-            p += sprintf(p, ":");
-        }
-      
-      /* and CLID into packet, avoid overwrite from bad data */
-      if ((data.clid_len > daemon->packet_buff_sz) || !read_write(pipefd[0], buf, data.clid_len, 1))
-	continue;
-      for (p = daemon->packet, i = 0; i < data.clid_len; i++)
+      if (!is6)
 	{
-	  p += sprintf(p, "%.2x", buf[i]);
-	  if (i != data.clid_len - 1) 
-	    p += sprintf(p, ":");
+	  /* stringify MAC into dhcp_buff */
+	  p = daemon->dhcp_buff;
+	  if (data.hwaddr_type != ARPHRD_ETHER || data.hwaddr_len == 0) 
+	    p += sprintf(p, "%.2x-", data.hwaddr_type);
+	  for (i = 0; (i < data.hwaddr_len) && (i < DHCP_CHADDR_MAX); i++)
+	    {
+	      p += sprintf(p, "%.2x", data.hwaddr[i]);
+	      if (i != data.hwaddr_len - 1)
+		p += sprintf(p, ":");
+	    }
 	}
-      
-      /* and expiry or length into dhcp_buff2 */
+       
+      /* expiry or length into dhcp_buff2 */
 #ifdef HAVE_BROKEN_RTC
       sprintf(daemon->dhcp_buff2, "%u", data.length);
 #else
       sprintf(daemon->dhcp_buff2, "%lu", (unsigned long)data.expires);
 #endif
-      
+           
       /* supplied data may just exceed normal buffer (unlikely) */
-      if ((data.hostname_len + data.ed_len) > daemon->packet_buff_sz && 
-	  !(alloc_buff = buf = malloc(data.hostname_len + data.ed_len)))
+      if ((data.hostname_len + data.ed_len + data.clid_len) > MAXDNAME && 
+	  !(alloc_buff = buf = malloc(data.hostname_len + data.ed_len + data.clid_len)))
 	continue;
       
       if (!read_write(pipefd[0], buf, 
-		      data.hostname_len + data.ed_len, 1))
+		      data.hostname_len + data.ed_len + data.clid_len, 1))
 	continue;
-      
+
+      /* CLID into packet */
+      if (!is6)
+	for (p = daemon->packet, i = 0; i < data.clid_len; i++)
+	  {
+	    p += sprintf(p, "%.2x", buf[i]);
+	    if (i != data.clid_len - 1) 
+	      p += sprintf(p, ":");
+	  }
+#ifdef HAVE_DHCP6
+      else
+	{
+	  /* or IAID and server DUID for IPv6 */
+	  sprintf(daemon->dhcp_buff3, "%s%u", data.flags & LEASE_TA ? "T" : "", data.hwaddr_type);	
+	  for (p = daemon->packet, i = 0; i < daemon->duid_len; i++)
+	    {
+	      p += sprintf(p, "%.2x", daemon->duid[i]);
+	      if (i != daemon->duid_len - 1) 
+		p += sprintf(p, ":");
+	    }
+
+	  /* duid not MAC for IPv6 */
+	  for (p = daemon->dhcp_buff, i = 0; i < data.clid_len; i++)
+	    {
+	      p += sprintf(p, "%.2x", buf[i]);
+	      if (i != data.clid_len - 1) 
+		p += sprintf(p, ":");
+	    } 
+	}
+#endif
+
+      buf += data.clid_len;
+
+      if (data.hostname_len != 0)
+	{
+	  char *dot;
+	  hostname = (char *)buf;
+	  hostname[data.hostname_len - 1] = 0;
+	  if (!legal_hostname(hostname))
+	    hostname = NULL;
+	  else if ((dot = strchr(hostname, '.')))
+	    {
+	      domain = dot+1;
+	      *dot = 0;
+	    } 
+	}
+    
+      extradata = buf + data.hostname_len;
+    
+      if (!is6)
+	inet_ntop(AF_INET, &data.addr, daemon->addrbuff, ADDRSTRLEN);
+#ifdef HAVE_DHCP6
+      else
+	inet_ntop(AF_INET6, &data.hwaddr, daemon->addrbuff, ADDRSTRLEN);
+#endif
+
+#ifdef HAVE_LUASCRIPT
+      if (daemon->luascript)
+	{
+	  lua_getglobal(lua, "lease");     /* function to call */
+	  lua_pushstring(lua, action_str); /* arg1 - action */
+	  lua_newtable(lua);               /* arg2 - data table */
+
+	  if (is6)
+	    {
+	      lua_pushstring(lua, daemon->dhcp_buff);
+	      lua_setfield(lua, -2, "client_duid");
+	      lua_pushstring(lua, daemon->packet);
+	      lua_setfield(lua, -2, "server_duid");
+	      lua_pushstring(lua, daemon->dhcp_buff3);
+	      lua_setfield(lua, -2, "iaid");
+	    }
+
+	  if (!is6 && data.clid_len != 0)
+	    {
+	      lua_pushstring(lua, daemon->packet);
+	      lua_setfield(lua, -2, "client_id");
+	    }
+	  
+	  if (strlen(data.interface) != 0)
+	    {
+	      lua_pushstring(lua, data.interface);
+	      lua_setfield(lua, -2, "interface");
+	    }
+	  
+#ifdef HAVE_BROKEN_RTC	
+	  lua_pushnumber(lua, data.length);
+	  lua_setfield(lua, -2, "lease_length");
+#else
+	  lua_pushnumber(lua, data.expires);
+	  lua_setfield(lua, -2, "lease_expires");
+#endif
+	  
+	  if (hostname)
+	    {
+	      lua_pushstring(lua, hostname);
+	      lua_setfield(lua, -2, "hostname");
+	    }
+	  
+	  if (domain)
+	    {
+	      lua_pushstring(lua, domain);
+	      lua_setfield(lua, -2, "domain");
+	    }
+
+	  end = extradata + data.ed_len;
+	  buf = extradata;
+	  
+	  if (!is6)
+	    buf = grab_extradata_lua(buf, end, "vendor_class");
+#ifdef HAVE_DHCP6
+	  else
+	    for (i = 0; i < data.hwaddr_len; i++)
+	      {
+		sprintf(daemon->dhcp_buff2, "vendor_class%i", i);
+		buf = grab_extradata_lua(buf, end, daemon->dhcp_buff2);
+	      }
+#endif
+	  
+	  buf = grab_extradata_lua(buf, end, "supplied_hostname");
+	  
+	  if (!is6)
+	    {
+	      buf = grab_extradata_lua(buf, end, "cpewan_oui");
+	      buf = grab_extradata_lua(buf, end, "cpewan_serial");   
+	      buf = grab_extradata_lua(buf, end, "cpewan_class");
+	    }
+	  
+	  buf = grab_extradata_lua(buf, end, "tags");
+
+	  if (is6)
+	    buf = grab_extradata_lua(buf, end, "relay_address");
+	  else if (data.giaddr.s_addr != 0)
+	    {
+	      lua_pushstring(lua, inet_ntoa(data.giaddr));
+	      lua_setfield(lua, -2, "relay_address");
+	    }
+
+	  for (i = 0; buf; i++)
+	    {
+	      sprintf(daemon->dhcp_buff2, "user_class%i", i);
+	      buf = grab_extradata_lua(buf, end, daemon->dhcp_buff2);
+	    }
+ 
+	  if (data.action != ACTION_DEL && data.remaining_time != 0)
+	    {
+	      lua_pushnumber(lua, data.remaining_time);
+	      lua_setfield(lua, -2, "time_remaining");
+	    }
+	  
+	  if (data.action == ACTION_OLD_HOSTNAME && hostname)
+	    {
+	      lua_pushstring(lua, hostname);
+	      lua_setfield(lua, -2, "old_hostname");
+	    }
+	  
+	  if (!is6)
+	    {
+	      lua_pushstring(lua, daemon->dhcp_buff);
+	      lua_setfield(lua, -2, "mac_address");
+	    }
+	  
+	  lua_pushstring(lua, daemon->addrbuff);
+	  lua_setfield(lua, -2, "ip_address");
+
+	  lua_call(lua, 2, 0);	/* pass 2 values, expect 0 */
+	}
+#endif
+
+      /* no script, just lua */
+      if (!daemon->lease_change_command)
+	continue;
+
       /* possible fork errors are all temporary resource problems */
       while ((pid = fork()) == -1 && (errno == EAGAIN || errno == ENOMEM))
 	sleep(2);
 
-      free(alloc_buff);
-      
       if (pid == -1)
 	continue;
-	  
+      
       /* wait for child to complete */
       if (pid != 0)
 	{
@@ -188,9 +426,9 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
 		{
 		  /* On error send event back to main process for logging */
 		  if (WIFSIGNALED(status))
-		    send_event(event_fd, EVENT_KILLED, WTERMSIG(status));
+		    send_event(event_fd, EVENT_KILLED, WTERMSIG(status), NULL);
 		  else if (WIFEXITED(status) && WEXITSTATUS(status) != 0)
-		    send_event(event_fd, EVENT_EXITED, WEXITSTATUS(status));
+		    send_event(event_fd, EVENT_EXITED, WEXITSTATUS(status), NULL);
 		  break;
 		}
 	      
@@ -201,7 +439,13 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
 	  continue;
 	}
       
-      if (data.clid_len != 0)
+      if (is6)
+	{
+	  my_setenv("DNSMASQ_IAID", daemon->dhcp_buff3, &err);
+	  my_setenv("DNSMASQ_SERVER_DUID", daemon->packet, &err);
+	}
+
+      if (!is6 && data.clid_len != 0)
 	my_setenv("DNSMASQ_CLIENT_ID", daemon->packet, &err);
 
       if (strlen(data.interface) != 0)
@@ -213,39 +457,52 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
       my_setenv("DNSMASQ_LEASE_EXPIRES", daemon->dhcp_buff2, &err); 
 #endif
       
-      if (data.hostname_len != 0)
-	{
-	  char *dot;
-	  hostname = (char *)buf;
-	  hostname[data.hostname_len - 1] = 0;
-	  if (!legal_hostname(hostname))
-	    hostname = NULL;
-	  else if ((dot = strchr(hostname, '.')))
-	    {
-	      my_setenv("DNSMASQ_DOMAIN", dot+1, &err);
-	      *dot = 0;
-	    } 
-	  buf += data.hostname_len;
-	}
-
-      end = buf + data.ed_len;
-      buf = grab_extradata(buf, end, "DNSMASQ_VENDOR_CLASS", &err);
-      buf = grab_extradata(buf, end, "DNSMASQ_SUPPLIED_HOSTNAME", &err);
-      buf = grab_extradata(buf, end, "DNSMASQ_CPEWAN_OUI", &err);
-      buf = grab_extradata(buf, end, "DNSMASQ_CPEWAN_SERIAL", &err);   
-      buf = grab_extradata(buf, end, "DNSMASQ_CPEWAN_CLASS", &err);
-      buf = grab_extradata(buf, end, "DNSMASQ_TAGS", &err);
+      if (domain)
+	my_setenv("DNSMASQ_DOMAIN", domain, &err);
+	     
+      end = extradata + data.ed_len;
+      buf = extradata;
       
+      if (!is6)
+	buf = grab_extradata(buf, end, "DNSMASQ_VENDOR_CLASS", &err);
+#ifdef HAVE_DHCP6
+      else
+	{
+	  if (data.hwaddr_len != 0)
+	    {
+	      buf = grab_extradata(buf, end, "DNSMASQ_VENDOR_CLASS_ID", &err);
+	      for (i = 0; i < data.hwaddr_len - 1; i++)
+		{
+		  sprintf(daemon->dhcp_buff2, "DNSMASQ_VENDOR_CLASS%i", i);
+		  buf = grab_extradata(buf, end, daemon->dhcp_buff2, &err);
+		}
+	    }
+	}
+#endif
+
+      buf = grab_extradata(buf, end, "DNSMASQ_SUPPLIED_HOSTNAME", &err);
+      
+      if (!is6)
+	{
+	  buf = grab_extradata(buf, end, "DNSMASQ_CPEWAN_OUI", &err);
+	  buf = grab_extradata(buf, end, "DNSMASQ_CPEWAN_SERIAL", &err);   
+	  buf = grab_extradata(buf, end, "DNSMASQ_CPEWAN_CLASS", &err);
+	}
+      
+      buf = grab_extradata(buf, end, "DNSMASQ_TAGS", &err);
+
+      if (is6)
+	buf = grab_extradata(buf, end, "DNSMASQ_RELAY_ADDRESS", &err);
+      else if (data.giaddr.s_addr != 0)
+	my_setenv("DNSMASQ_RELAY_ADDRESS", inet_ntoa(data.giaddr), &err); 
+
       for (i = 0; buf; i++)
 	{
 	  sprintf(daemon->dhcp_buff2, "DNSMASQ_USER_CLASS%i", i);
 	  buf = grab_extradata(buf, end, daemon->dhcp_buff2, &err);
 	}
       
-      if (data.giaddr.s_addr != 0)
-	my_setenv("DNSMASQ_RELAY_ADDRESS", inet_ntoa(data.giaddr), &err); 
-
-      if (data.action != ACTION_DEL)
+      if (data.action != ACTION_DEL && data.remaining_time != 0)
 	{
 	  sprintf(daemon->dhcp_buff2, "%u", data.remaining_time);
 	  my_setenv("DNSMASQ_TIME_REMAINING", daemon->dhcp_buff2, &err);
@@ -267,11 +524,11 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
 	{
 	  execl(daemon->lease_change_command, 
 		p ? p+1 : daemon->lease_change_command,
-		action_str, daemon->dhcp_buff, inet_ntoa(data.addr), hostname, (char*)NULL);
+		action_str, daemon->dhcp_buff, daemon->addrbuff, hostname, (char*)NULL);
 	  err = errno;
 	}
       /* failed, send event so the main process logs the problem */
-      send_event(event_fd, EVENT_EXEC_ERR, err);
+      send_event(event_fd, EVENT_EXEC_ERR, err, NULL);
       _exit(0); 
     }
 }
@@ -305,13 +562,41 @@ static unsigned char *grab_extradata(unsigned char *buf, unsigned char *end,  ch
   return next + 1;
 }
 
+#ifdef HAVE_LUASCRIPT
+static unsigned char *grab_extradata_lua(unsigned char *buf, unsigned char *end, char *field)
+{
+  unsigned char *next;
+
+  if (!buf || (buf == end))
+    return NULL;
+
+  for (next = buf; *next != 0; next++)
+    if (next == end)
+      return NULL;
+  
+  if (next != buf)
+    {
+      lua_pushstring(lua,  (char *)buf);
+      lua_setfield(lua, -2, field);
+    }
+
+  return next + 1;
+}
+#endif
+
 /* pack up lease data into a buffer */    
 void queue_script(int action, struct dhcp_lease *lease, char *hostname, time_t now)
 {
   unsigned char *p;
   size_t size;
   unsigned int hostname_len = 0, clid_len = 0, ed_len = 0;
-  
+  int fd = daemon->dhcpfd;
+
+#ifdef HAVE_DHCP6
+  if (!daemon->dhcp)
+    fd = daemon->dhcp6fd;
+#endif
+
   /* no script */
   if (daemon->helperfd == -1)
     return;
@@ -342,6 +627,7 @@ void queue_script(int action, struct dhcp_lease *lease, char *hostname, time_t n
     }
 
   buf->action = action;
+  buf->flags = lease->flags;
   buf->hwaddr_len = lease->hwaddr_len;
   buf->hwaddr_type = lease->hwaddr_type;
   buf->clid_len = clid_len;
@@ -349,8 +635,8 @@ void queue_script(int action, struct dhcp_lease *lease, char *hostname, time_t n
   buf->hostname_len = hostname_len;
   buf->addr = lease->addr;
   buf->giaddr = lease->giaddr;
-  memcpy(buf->hwaddr, lease->hwaddr, lease->hwaddr_len);
-  if (!indextoname(daemon->dhcpfd, lease->last_interface, buf->interface))
+  memcpy(buf->hwaddr, lease->hwaddr, DHCP_CHADDR_MAX);
+  if (!indextoname(fd, lease->last_interface, buf->interface))
     buf->interface[0] = 0;
   
 #ifdef HAVE_BROKEN_RTC 
@@ -358,7 +644,11 @@ void queue_script(int action, struct dhcp_lease *lease, char *hostname, time_t n
 #else
   buf->expires = lease->expires;
 #endif
-  buf->remaining_time = (unsigned int)difftime(lease->expires, now);
+
+  if (lease->expires != 0)
+    buf->remaining_time = (unsigned int)difftime(lease->expires, now);
+  else
+    buf->remaining_time = 0;
 
   p = (unsigned char *)(buf+1);
   if (clid_len != 0)
@@ -408,3 +698,4 @@ void helper_write(void)
 #endif
 
 
+

src/lease.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -24,19 +24,13 @@ static int dns_dirty, file_dirty, leases_left;
 void lease_init(time_t now)
 {
   unsigned long ei;
-  struct in_addr addr;
+  struct all_addr addr;
   struct dhcp_lease *lease;
   int clid_len, hw_len, hw_type;
   FILE *leasestream;
   
-  /* These each hold a DHCP option max size 255
-     and get a terminating zero added */
-  daemon->dhcp_buff = safe_malloc(256);
-  daemon->dhcp_buff2 = safe_malloc(256); 
-  daemon->dhcp_buff3 = safe_malloc(256);
- 
   leases_left = daemon->dhcp_max;
-
+  
   if (option_bool(OPT_LEASE_RO))
     {
       /* run "<lease_change_script> init" once to get the
@@ -73,23 +67,68 @@ void lease_init(time_t now)
   /* client-id max length is 255 which is 255*2 digits + 254 colons 
      borrow DNS packet buffer which is always larger than 1000 bytes */
   if (leasestream)
-    while (fscanf(leasestream, "%lu %255s %16s %255s %764s",
-		  &ei, daemon->dhcp_buff2, daemon->namebuff, 
-		  daemon->dhcp_buff, daemon->packet) == 5)
+    while (fscanf(leasestream, "%255s %255s", daemon->dhcp_buff3, daemon->dhcp_buff2) == 2)
       {
-	hw_len = parse_hex(daemon->dhcp_buff2, (unsigned char *)daemon->dhcp_buff2, DHCP_CHADDR_MAX, NULL, &hw_type);
-	/* For backwards compatibility, no explict MAC address type means ether. */
-	if (hw_type == 0 && hw_len != 0)
-	  hw_type = ARPHRD_ETHER;
+#ifdef HAVE_DHCP6
+	if (strcmp(daemon->dhcp_buff3, "duid") == 0)
+	  {
+	    daemon->duid_len = parse_hex(daemon->dhcp_buff2, (unsigned char *)daemon->dhcp_buff2, 130, NULL, NULL);
+	    daemon->duid = safe_malloc(daemon->duid_len);
+	    memcpy(daemon->duid, daemon->dhcp_buff2, daemon->duid_len);
+	    continue;
+	  }
+#endif
+
+	ei = atol(daemon->dhcp_buff3);
 	
-	addr.s_addr = inet_addr(daemon->namebuff);
+	if (fscanf(leasestream, " %64s %255s %764s",
+		   daemon->namebuff, daemon->dhcp_buff, daemon->packet) != 3)
+	  break;
 	
-	/* decode hex in place */
 	clid_len = 0;
 	if (strcmp(daemon->packet, "*") != 0)
 	  clid_len = parse_hex(daemon->packet, (unsigned char *)daemon->packet, 255, NULL, NULL);
 	
-	if (!(lease = lease_allocate(addr)))
+	if (inet_pton(AF_INET, daemon->namebuff, &addr.addr.addr4) &&
+	    (lease = lease4_allocate(addr.addr.addr4)))
+	  {
+	    hw_len = parse_hex(daemon->dhcp_buff2, (unsigned char *)daemon->dhcp_buff2, DHCP_CHADDR_MAX, NULL, &hw_type);
+	    /* For backwards compatibility, no explict MAC address type means ether. */
+	    if (hw_type == 0 && hw_len != 0)
+	      hw_type = ARPHRD_ETHER; 
+
+	    lease_set_hwaddr(lease, (unsigned char *)daemon->dhcp_buff2, (unsigned char *)daemon->packet, hw_len, hw_type, clid_len);
+	    
+	    if (strcmp(daemon->dhcp_buff, "*") !=  0)
+	      lease_set_hostname(lease, daemon->dhcp_buff, 0, get_domain(lease->addr), NULL);
+	  }
+#ifdef HAVE_DHCP6
+	else if (inet_pton(AF_INET6, daemon->namebuff, &addr.addr.addr6))
+	  {
+	    char *s = daemon->dhcp_buff2;
+	    int lease_type = LEASE_NA;
+
+	    if (s[0] == 'T')
+	      {
+		lease_type = LEASE_TA;
+		s++;
+	      }
+	    
+	    hw_type = atoi(s);
+	    
+	    if ((lease = lease6_allocate(&addr.addr.addr6, lease_type)))
+	      {
+		lease_set_hwaddr(lease, NULL, (unsigned char *)daemon->packet, 0, hw_type, clid_len);
+		
+		if (strcmp(daemon->dhcp_buff, "*") !=  0)
+		  lease_set_hostname(lease, daemon->dhcp_buff, 0, get_domain6((struct in6_addr *)lease->hwaddr), NULL);
+	      }
+	  }
+#endif
+	else
+	  break;
+
+	if (!lease)
 	  die (_("too many stored leases"), NULL, EC_MISC);
        	
 #ifdef HAVE_BROKEN_RTC
@@ -104,14 +143,9 @@ void lease_init(time_t now)
 	lease->expires = (time_t)ei;
 #endif
 	
-	lease_set_hwaddr(lease, (unsigned char *)daemon->dhcp_buff2, (unsigned char *)daemon->packet, hw_len, hw_type, clid_len);
-	
-	if (strcmp(daemon->dhcp_buff, "*") !=  0)
-	  lease_set_hostname(lease, daemon->dhcp_buff, 0);
-
 	/* set these correctly: the "old" events are generated later from
 	   the startup synthesised SIGHUP. */
-	lease->new = lease->changed = 0;
+	lease->flags &= ~(LEASE_NEW | LEASE_CHANGED);
       }
   
 #ifdef HAVE_SCRIPT
@@ -141,6 +175,16 @@ void lease_init(time_t now)
   file_dirty = 0;
   lease_prune(NULL, now);
   dns_dirty = 1;
+
+#ifdef HAVE_DHCP6  
+  /* If we're not doing DHCPv6, and there are not v6 leases, don't add the DUID to the database */
+  if (!daemon->duid && daemon->dhcp6)
+    {
+      file_dirty = 1;
+      make_duid(now);
+    }
+#endif
+
 }
 
 void lease_update_from_configs(void)
@@ -150,17 +194,17 @@ void lease_update_from_configs(void)
   struct dhcp_lease *lease;
   struct dhcp_config *config;
   char *name;
-
+  
   for (lease = leases; lease; lease = lease->next)
     if ((config = find_config(daemon->dhcp_conf, NULL, lease->clid, lease->clid_len, 
 			      lease->hwaddr, lease->hwaddr_len, lease->hwaddr_type, NULL)) && 
 	(config->flags & CONFIG_NAME) &&
 	(!(config->flags & CONFIG_ADDR) || config->addr.s_addr == lease->addr.s_addr))
-      lease_set_hostname(lease, config->hostname, 1);
+      lease_set_hostname(lease, config->hostname, 1, get_domain(lease->addr), NULL);
     else if ((name = host_from_dns(lease->addr)))
-      lease_set_hostname(lease, name, 1); /* updates auth flag only */
+      lease_set_hostname(lease, name, 1, get_domain(lease->addr), NULL); /* updates auth flag only */
 }
-
+ 
 static void ourprintf(int *errp, char *format, ...)
 {
   va_list ap;
@@ -186,11 +230,18 @@ void lease_update_file(time_t now)
       
       for (lease = leases; lease; lease = lease->next)
 	{
+
+#ifdef HAVE_DHCP6
+	  if (lease->flags & (LEASE_TA | LEASE_NA))
+	    continue;
+#endif
+
 #ifdef HAVE_BROKEN_RTC
 	  ourprintf(&err, "%u ", lease->length);
 #else
 	  ourprintf(&err, "%lu ", (unsigned long)lease->expires);
 #endif
+
 	  if (lease->hwaddr_type != ARPHRD_ETHER || lease->hwaddr_len == 0) 
 	    ourprintf(&err, "%.2x-", lease->hwaddr_type);
 	  for (i = 0; i < lease->hwaddr_len; i++)
@@ -199,8 +250,10 @@ void lease_update_file(time_t now)
 	      if (i != lease->hwaddr_len - 1)
 		ourprintf(&err, ":");
 	    }
+	  
+	  inet_ntop(AF_INET, &lease->addr, daemon->addrbuff, ADDRSTRLEN); 
 
-	  ourprintf(&err, " %s ", inet_ntoa(lease->addr));
+	  ourprintf(&err, " %s ", daemon->addrbuff);
 	  ourprintf(&err, "%s ", lease->hostname ? lease->hostname : "*");
 	  	  
 	  if (lease->clid && lease->clid_len != 0)
@@ -213,6 +266,44 @@ void lease_update_file(time_t now)
 	    ourprintf(&err, "*\n");	  
 	}
       
+#ifdef HAVE_DHCP6  
+      if (daemon->duid)
+	{
+	  ourprintf(&err, "duid ");
+	  for (i = 0; i < daemon->duid_len - 1; i++)
+	    ourprintf(&err, "%.2x:", daemon->duid[i]);
+	  ourprintf(&err, "%.2x\n", daemon->duid[i]);
+	  
+	  for (lease = leases; lease; lease = lease->next)
+	    {
+	      
+	      if (!(lease->flags & (LEASE_TA | LEASE_NA)))
+		continue;
+
+#ifdef HAVE_BROKEN_RTC
+	      ourprintf(&err, "%u ", lease->length);
+#else
+	      ourprintf(&err, "%lu ", (unsigned long)lease->expires);
+#endif
+    
+	      inet_ntop(AF_INET6, lease->hwaddr, daemon->addrbuff, ADDRSTRLEN);
+	 
+	      ourprintf(&err, "%s%u %s ", (lease->flags & LEASE_TA) ? "T" : "",
+			lease->hwaddr_type, daemon->addrbuff);
+	      ourprintf(&err, "%s ", lease->hostname ? lease->hostname : "*");
+	      
+	      if (lease->clid && lease->clid_len != 0)
+		{
+		  for (i = 0; i < lease->clid_len - 1; i++)
+		    ourprintf(&err, "%.2x:", lease->clid[i]);
+		  ourprintf(&err, "%.2x\n", lease->clid[i]);
+		}
+	      else
+		ourprintf(&err, "*\n");	  
+	    }
+	}
+#endif      
+	  
       if (fflush(daemon->lease_stream) != 0 ||
 	  fsync(fileno(daemon->lease_stream)) < 0)
 	err = errno;
@@ -222,7 +313,15 @@ void lease_update_file(time_t now)
     }
   
   /* Set alarm for when the first lease expires + slop. */
-  for (next_event = 0, lease = leases; lease; lease = lease->next)
+  next_event = 0;
+
+#ifdef HAVE_DHCP6
+  /* do timed RAs and determine when the next is */
+  if (daemon->ra_contexts)
+    next_event = periodic_ra(now);
+#endif
+
+  for (lease = leases; lease; lease = lease->next)
     if (lease->expires != 0 &&
 	(next_event == 0 || difftime(next_event, lease->expires + 10) > 0.0))
       next_event = lease->expires + 10;
@@ -251,11 +350,21 @@ void lease_update_dns(void)
       
       for (lease = leases; lease; lease = lease->next)
 	{
+	  int prot = AF_INET;
+#ifdef HAVE_DHCP6
+	  if (lease->flags & (LEASE_TA | LEASE_NA))
+	    prot = AF_INET6;
+#endif
+	  
 	  if (lease->fqdn)
-	    cache_add_dhcp_entry(lease->fqdn, &lease->addr, lease->expires);
+	    cache_add_dhcp_entry(lease->fqdn, prot, 
+				 prot == AF_INET ? (struct all_addr *)&lease->addr : (struct all_addr *)&lease->hwaddr,
+				 lease->expires);
 	     
 	  if (!option_bool(OPT_DHCP_FQDN) && lease->hostname)
-	    cache_add_dhcp_entry(lease->hostname, &lease->addr, lease->expires);
+	    cache_add_dhcp_entry(lease->hostname, prot, 
+				 prot == AF_INET ? (struct all_addr *)&lease->addr : (struct all_addr *)&lease->hwaddr, 
+				 lease->expires);
 	}
       
       dns_dirty = 0;
@@ -275,7 +384,7 @@ void lease_prune(struct dhcp_lease *target, time_t now)
 	  if (lease->hostname)
 	    dns_dirty = 1;
 	  
-	  *up = lease->next; /* unlink */
+ 	  *up = lease->next; /* unlink */
 	  
 	  /* Put on old_leases list 'till we
 	     can run the script */
@@ -297,18 +406,30 @@ struct dhcp_lease *lease_find_by_client(unsigned char *hwaddr, int hw_len, int h
 
   if (clid)
     for (lease = leases; lease; lease = lease->next)
-      if (lease->clid && clid_len == lease->clid_len &&
-	  memcmp(clid, lease->clid, clid_len) == 0)
-	return lease;
+      {
+#ifdef HAVE_DHCP6
+	if (lease->flags & (LEASE_TA | LEASE_NA))
+	  continue;
+#endif
+	if (lease->clid && clid_len == lease->clid_len &&
+	    memcmp(clid, lease->clid, clid_len) == 0)
+	  return lease;
+      }
   
   for (lease = leases; lease; lease = lease->next)	
-    if ((!lease->clid || !clid) && 
-	hw_len != 0 && 
-	lease->hwaddr_len == hw_len &&
-	lease->hwaddr_type == hw_type &&
-	memcmp(hwaddr, lease->hwaddr, hw_len) == 0)
-      return lease;
-  
+    {
+#ifdef HAVE_DHCP6
+      if (lease->flags & (LEASE_TA | LEASE_NA))
+	continue;
+#endif   
+      if ((!lease->clid || !clid) && 
+	  hw_len != 0 && 
+	  lease->hwaddr_len == hw_len &&
+	  lease->hwaddr_type == hw_type &&
+	  memcmp(hwaddr, lease->hwaddr, hw_len) == 0)
+	return lease;
+    }
+
   return NULL;
 }
 
@@ -317,12 +438,95 @@ struct dhcp_lease *lease_find_by_addr(struct in_addr addr)
   struct dhcp_lease *lease;
 
   for (lease = leases; lease; lease = lease->next)
-    if (lease->addr.s_addr == addr.s_addr)
-      return lease;
+    {
+#ifdef HAVE_DHCP6
+      if (lease->flags & (LEASE_TA | LEASE_NA))
+	continue;
+#endif  
+      if (lease->addr.s_addr == addr.s_addr)
+	return lease;
+    }
+
+  return NULL;
+}
+
+#ifdef HAVE_DHCP6
+/* addr or clid may be NULL for "don't care, both NULL resets "USED" flags both
+   set activates USED check */
+struct dhcp_lease *lease6_find(unsigned char *clid, int clid_len, 
+			       int lease_type, int iaid, struct in6_addr *addr)
+{
+  struct dhcp_lease *lease;
+  
+  for (lease = leases; lease; lease = lease->next)
+    {
+      if (!(lease->flags & lease_type) || lease->hwaddr_type != iaid)
+	continue;
+
+      if (clid && addr && (lease->flags & LEASE_USED))
+	continue;
+      
+      if (addr && memcmp(lease->hwaddr, addr, IN6ADDRSZ) != 0)
+	continue;
+      
+      if (clid &&
+	  (clid_len != lease->clid_len ||
+	   memcmp(clid, lease->clid, clid_len) != 0))
+	continue;
+      
+      if (clid || addr)
+	{
+	  lease->flags |= LEASE_USED;
+	  return lease;
+	}
+      else 
+	lease->flags &= ~LEASE_USED;
+    }
   
   return NULL;
 }
 
+struct dhcp_lease *lease6_find_by_addr(struct in6_addr *net, int prefix, u64 addr)
+{
+  struct dhcp_lease *lease;
+    
+  for (lease = leases; lease; lease = lease->next)
+    {
+      if (!(lease->flags & (LEASE_TA | LEASE_NA)))
+	continue;
+      
+      if (is_same_net6((struct in6_addr *)lease->hwaddr, net, prefix) &&
+	  (prefix == 128 || addr6part((struct in6_addr *)lease->hwaddr) == addr))
+	return lease;
+    }
+  
+  return NULL;
+} 
+
+/* Find largest assigned address in context */
+u64 lease_find_max_addr6(struct dhcp_context *context)
+{
+  struct dhcp_lease *lease;
+  u64 addr = addr6part(&context->start6);
+  
+  if (!(context->flags & (CONTEXT_STATIC | CONTEXT_PROXY)))
+    for (lease = leases; lease; lease = lease->next)
+      {
+	if (!(lease->flags & (LEASE_TA | LEASE_NA)))
+	  continue;
+
+	if (is_same_net6((struct in6_addr *)lease->hwaddr, &context->start6, 64) &&
+	    addr6part((struct in6_addr *)lease->hwaddr) > addr6part(&context->start6) &&
+	    addr6part((struct in6_addr *)lease->hwaddr) <= addr6part(&context->end6) &&
+	    addr6part((struct in6_addr *)lease->hwaddr) > addr)
+	  addr = addr6part((struct in6_addr *)lease->hwaddr);
+      }
+  
+  return addr;
+}
+
+#endif
+
 /* Find largest assigned address in context */
 struct in_addr lease_find_max_addr(struct dhcp_context *context)
 {
@@ -331,24 +535,28 @@ struct in_addr lease_find_max_addr(struct dhcp_context *context)
   
   if (!(context->flags & (CONTEXT_STATIC | CONTEXT_PROXY)))
     for (lease = leases; lease; lease = lease->next)
-      if (((unsigned)ntohl(lease->addr.s_addr)) > ((unsigned)ntohl(context->start.s_addr)) &&
-	  ((unsigned)ntohl(lease->addr.s_addr)) <= ((unsigned)ntohl(context->end.s_addr)) &&
-	  ((unsigned)ntohl(lease->addr.s_addr)) > ((unsigned)ntohl(addr.s_addr)))
-	addr = lease->addr;
+      {
+#ifdef HAVE_DHCP6
+	if (lease->flags & (LEASE_TA | LEASE_NA))
+	  continue;
+#endif
+	if (((unsigned)ntohl(lease->addr.s_addr)) > ((unsigned)ntohl(context->start.s_addr)) &&
+	    ((unsigned)ntohl(lease->addr.s_addr)) <= ((unsigned)ntohl(context->end.s_addr)) &&
+	    ((unsigned)ntohl(lease->addr.s_addr)) > ((unsigned)ntohl(addr.s_addr)))
+	  addr = lease->addr;
+      }
   
   return addr;
 }
 
-struct dhcp_lease *lease_allocate(struct in_addr addr)
+static struct dhcp_lease *lease_allocate(void)
 {
   struct dhcp_lease *lease;
   if (!leases_left || !(lease = whine_malloc(sizeof(struct dhcp_lease))))
     return NULL;
 
   memset(lease, 0, sizeof(struct dhcp_lease));
-  lease->new = 1;
-  lease->addr = addr;
-  lease->hwaddr_len = 256; /* illegal value */
+  lease->flags = LEASE_NEW;
   lease->expires = 1;
 #ifdef HAVE_BROKEN_RTC
   lease->length = 0xffffffff; /* illegal value */
@@ -362,6 +570,26 @@ struct dhcp_lease *lease_allocate(struct in_addr addr)
   return lease;
 }
 
+struct dhcp_lease *lease4_allocate(struct in_addr addr)
+{
+  struct dhcp_lease *lease = lease_allocate();
+  lease->addr = addr;
+  lease->hwaddr_len = 256; /* illegal value */
+
+  return lease;
+}
+
+#ifdef HAVE_DHCP6
+struct dhcp_lease *lease6_allocate(struct in6_addr *addrp, int lease_type)
+{
+  struct dhcp_lease *lease = lease_allocate();
+  memcpy(lease->hwaddr, addrp, sizeof(*addrp)) ;
+  lease->flags |= lease_type;
+
+  return lease;
+}
+#endif
+
 void lease_set_expires(struct dhcp_lease *lease, unsigned int len, time_t now)
 {
   time_t exp = now + (time_t)len;
@@ -377,7 +605,8 @@ void lease_set_expires(struct dhcp_lease *lease, unsigned int len, time_t now)
       dns_dirty = 1;
       lease->expires = exp;
 #ifndef HAVE_BROKEN_RTC
-      lease->aux_changed = file_dirty = 1;
+      lease->flags |= LEASE_AUX_CHANGED;
+      file_dirty = 1;
 #endif
     }
   
@@ -385,7 +614,8 @@ void lease_set_expires(struct dhcp_lease *lease, unsigned int len, time_t now)
   if (len != lease->length)
     {
       lease->length = len;
-      lease->aux_changed = file_dirty = 1; 
+      lease->flags |= LEASE_AUX_CHANGED;
+      file_dirty = 1; 
     }
 #endif
 } 
@@ -397,10 +627,12 @@ void lease_set_hwaddr(struct dhcp_lease *lease, unsigned char *hwaddr,
       hw_type != lease->hwaddr_type || 
       (hw_len != 0 && memcmp(lease->hwaddr, hwaddr, hw_len) != 0))
     {
-      memcpy(lease->hwaddr, hwaddr, hw_len);
+      if (hw_len != 0)
+	memcpy(lease->hwaddr, hwaddr, hw_len);
       lease->hwaddr_len = hw_len;
       lease->hwaddr_type = hw_type;
-      lease->changed = file_dirty = 1; /* run script on change */
+      lease->flags |= LEASE_CHANGED;
+      file_dirty = 1; /* run script on change */
     }
 
   /* only update clid when one is available, stops packets
@@ -413,14 +645,18 @@ void lease_set_hwaddr(struct dhcp_lease *lease, unsigned char *hwaddr,
 
       if (lease->clid_len != clid_len)
 	{
-	  lease->aux_changed = file_dirty = 1;
+	  lease->flags |= LEASE_AUX_CHANGED;
+	  file_dirty = 1;
 	  free(lease->clid);
 	  if (!(lease->clid = whine_malloc(clid_len)))
 	    return;
 	}
       else if (memcmp(lease->clid, clid, clid_len) != 0)
-	lease->aux_changed = file_dirty = 1;
-	  
+	{
+	  lease->flags |= LEASE_AUX_CHANGED;
+	  file_dirty = 1;
+	}
+
       lease->clid_len = clid_len;
       memcpy(lease->clid, clid, clid_len);
     }
@@ -436,7 +672,7 @@ static void kill_name(struct dhcp_lease *lease)
   free(lease->old_hostname);
   
   /* If we know the fqdn, pass that. The helper will derive the
-     unqualified name from it, free the unqulaified name here. */
+     unqualified name from it, free the unqualified name here. */
 
   if (lease->fqdn)
     {
@@ -449,14 +685,18 @@ static void kill_name(struct dhcp_lease *lease)
   lease->hostname = lease->fqdn = NULL;
 }
 
-void lease_set_hostname(struct dhcp_lease *lease, char *name, int auth)
+void lease_set_hostname(struct dhcp_lease *lease, char *name, int auth, char *domain, char *config_domain)
 {
   struct dhcp_lease *lease_tmp;
   char *new_name = NULL, *new_fqdn = NULL;
+
+  if (config_domain && (!domain || !hostname_isequal(domain, config_domain)))
+    my_syslog(MS_DHCP | LOG_WARNING, _("Ignoring domain %s for DHCP host name %s"), config_domain, name);
   
   if (lease->hostname && name && hostname_isequal(lease->hostname, name))
     {
-      lease->auth_name = auth;
+      if (auth)
+	lease->flags |= LEASE_AUTH_NAME;
       return;
     }
   
@@ -466,19 +706,21 @@ void lease_set_hostname(struct dhcp_lease *lease, char *name, int auth)
   /* If a machine turns up on a new net without dropping the old lease,
      or two machines claim the same name, then we end up with two interfaces with
      the same name. Check for that here and remove the name from the old lease.
+     Note that IPv6 leases are different. All the leases to the same DUID are 
+     allowed the same name.
+
      Don't allow a name from the client to override a name from dnsmasq config. */
   
   if (name)
     {
       if ((new_name = whine_malloc(strlen(name) + 1)))
 	{
-	  char *suffix = get_domain(lease->addr);
 	  strcpy(new_name, name);
-	  if (suffix && (new_fqdn = whine_malloc(strlen(new_name) + strlen(suffix) + 2)))
+	  if (domain && (new_fqdn = whine_malloc(strlen(new_name) + strlen(domain) + 2)))
 	    {
 	      strcpy(new_fqdn, name);
 	      strcat(new_fqdn, ".");
-	      strcat(new_fqdn, suffix);
+	      strcat(new_fqdn, domain);
 	    }
 	}
 	  
@@ -487,7 +729,7 @@ void lease_set_hostname(struct dhcp_lease *lease, char *name, int auth)
 	{
 	  if (option_bool(OPT_DHCP_FQDN))
 	    {
-	      if (!new_fqdn || !lease_tmp->fqdn || !hostname_isequal(lease_tmp->fqdn, new_fqdn) )
+	      if (!new_fqdn || !lease_tmp->fqdn || !hostname_isequal(lease_tmp->fqdn, new_fqdn))
 		continue;
 	    }
 	  else
@@ -495,8 +737,22 @@ void lease_set_hostname(struct dhcp_lease *lease, char *name, int auth)
 	      if (!new_name || !lease_tmp->hostname || !hostname_isequal(lease_tmp->hostname, new_name) )
 		continue; 
 	    }
-	  
-	  if (lease_tmp->auth_name && !auth)
+
+	  if (lease->flags & (LEASE_TA | LEASE_NA))
+	    {
+	      if (!(lease_tmp->flags & (LEASE_TA | LEASE_NA)))
+		continue;
+
+	      /* another lease for the same DUID is OK for IPv6 */
+	      if (lease->clid_len == lease_tmp->clid_len &&
+		  lease->clid && lease_tmp->clid &&
+		  memcmp(lease->clid, lease_tmp->clid, lease->clid_len) == 0)
+		continue;	      
+	    }
+	  else if (lease_tmp->flags & (LEASE_TA | LEASE_NA))
+	    continue;
+		   
+	  if ((lease_tmp->flags & LEASE_AUTH_NAME) && !auth)
 	    {
 	      free(new_name);
 	      free(new_fqdn);
@@ -513,11 +769,13 @@ void lease_set_hostname(struct dhcp_lease *lease, char *name, int auth)
 
   lease->hostname = new_name;
   lease->fqdn = new_fqdn;
-  lease->auth_name = auth;
+  
+  if (auth)
+    lease->flags |= LEASE_AUTH_NAME;
   
   file_dirty = 1;
   dns_dirty = 1; 
-  lease->changed = 1; /* run script on change */
+  lease->flags |= LEASE_CHANGED; /* run script on change */
 }
 
 void lease_set_interface(struct dhcp_lease *lease, int interface)
@@ -526,7 +784,7 @@ void lease_set_interface(struct dhcp_lease *lease, int interface)
     return;
 
   lease->last_interface = interface;
-  lease->changed = 1;
+  lease->flags |= LEASE_CHANGED; 
 }
 
 void rerun_scripts(void)
@@ -534,7 +792,7 @@ void rerun_scripts(void)
   struct dhcp_lease *lease;
   
   for (lease = leases; lease; lease = lease->next)
-    lease->changed = 1;
+    lease->flags |= LEASE_CHANGED; 
 }
 
 /* deleted leases get transferred to the old_leases list.
@@ -600,18 +858,18 @@ int do_script_run(time_t now)
       }
   
   for (lease = leases; lease; lease = lease->next)
-    if (lease->new || lease->changed || 
-	(lease->aux_changed && option_bool(OPT_LEASE_RO)))
+    if ((lease->flags & (LEASE_NEW | LEASE_CHANGED)) || 
+	((lease->flags & LEASE_AUX_CHANGED) && option_bool(OPT_LEASE_RO)))
       {
 #ifdef HAVE_SCRIPT
-	queue_script(lease->new ? ACTION_ADD : ACTION_OLD, lease, 
+	queue_script((lease->flags & LEASE_NEW) ? ACTION_ADD : ACTION_OLD, lease, 
 		     lease->fqdn ? lease->fqdn : lease->hostname, now);
 #endif
 #ifdef HAVE_DBUS
-	emit_dbus_signal(lease->new ? ACTION_ADD : ACTION_OLD, lease,
+	emit_dbus_signal((lease->flags & LEASE_NEW) ? ACTION_ADD : ACTION_OLD, lease,
 			 lease->fqdn ? lease->fqdn : lease->hostname);
 #endif
-	lease->new = lease->changed = lease->aux_changed = 0;
+	lease->flags &= ~(LEASE_NEW | LEASE_CHANGED | LEASE_AUX_CHANGED);
 	
 	/* this is used for the "add" call, then junked, since they're not in the database */
 	free(lease->extradata);
@@ -623,6 +881,44 @@ int do_script_run(time_t now)
   return 0; /* nothing to do */
 }
 
+#ifdef HAVE_SCRIPT
+void lease_add_extradata(struct dhcp_lease *lease, unsigned char *data, unsigned int len, int delim)
+{
+  unsigned int i;
+  
+  /* check for embeded NULLs */
+  for (i = 0; i < len; i++)
+    if (data[i] == 0)
+      {
+	len = i;
+	break;
+      }
+
+  if ((lease->extradata_size - lease->extradata_len) < (len + 1))
+    {
+      size_t newsz = lease->extradata_len + len + 100;
+      unsigned char *new = whine_malloc(newsz);
+  
+      if (!new)
+	return;
+      
+      if (lease->extradata)
+	{
+	  memcpy(new, lease->extradata, lease->extradata_len);
+	  free(lease->extradata);
+	}
+
+      lease->extradata = new;
+      lease->extradata_size = newsz;
+    }
+
+  if (len != 0)
+    memcpy(lease->extradata + lease->extradata_len, data, len);
+  lease->extradata[lease->extradata_len + len] = delim;
+  lease->extradata_len += len + 1; 
+}
+#endif
+
 #endif
 	  
 

src/log.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -84,7 +84,7 @@ int log_start(struct passwd *ent_pw, int errfd)
 
   if (!log_reopen(daemon->log_file))
     {
-      send_event(errfd, EVENT_LOG_ERR, errno);
+      send_event(errfd, EVENT_LOG_ERR, errno, daemon->log_file ? daemon->log_file : "");
       _exit(0);
     }
 
@@ -196,7 +196,7 @@ static void log_write(void)
       if (errno == EINTR)
 	continue;
 
-      if (errno == EAGAIN)
+      if (errno == EAGAIN || errno == EWOULDBLOCK)
 	return; /* syslogd busy, go again when select() or poll() says so */
       
       if (errno == ENOBUFS)
@@ -244,7 +244,8 @@ static void log_write(void)
 		  errno == ECONNREFUSED ||
 		  errno == EISCONN || 
 		  errno == EINTR ||
-		  errno == EAGAIN)
+		  errno == EAGAIN || 
+		  errno == EWOULDBLOCK)
 		{
 		  /* try again on next syslog() call */
 		  connection_good = 0;

src/netlink.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -34,6 +34,7 @@
 #  define NDA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ndmsg)))) 
 #endif 
 
+
 static struct iovec iov;
 static u32 netlink_pid;
 
@@ -127,13 +128,15 @@ static ssize_t netlink_recv(void)
 }
   
 
-/* family = AF_UNSPEC finds ARP table entries. */
+/* family = AF_UNSPEC finds ARP table entries.
+   family = AF_LOCAL finds MAC addresses. */
 int iface_enumerate(int family, void *parm, int (*callback)())
 {
   struct sockaddr_nl addr;
   struct nlmsghdr *h;
   ssize_t len;
   static unsigned int seq = 0;
+  int callback_ok = 1;
 
   struct {
     struct nlmsghdr nlh;
@@ -144,10 +147,16 @@ int iface_enumerate(int family, void *parm, int (*callback)())
   addr.nl_pad = 0;
   addr.nl_groups = 0;
   addr.nl_pid = 0; /* address to kernel */
+ 
+ again: 
+  if (family == AF_UNSPEC)
+    req.nlh.nlmsg_type = RTM_GETNEIGH;
+  else if (family == AF_LOCAL)
+    req.nlh.nlmsg_type = RTM_GETLINK;
+  else
+    req.nlh.nlmsg_type = RTM_GETADDR;
 
- again:
   req.nlh.nlmsg_len = sizeof(req);
-  req.nlh.nlmsg_type = family == AF_UNSPEC ? RTM_GETNEIGH : RTM_GETADDR;
   req.nlh.nlmsg_flags = NLM_F_ROOT | NLM_F_MATCH | NLM_F_REQUEST | NLM_F_ACK; 
   req.nlh.nlmsg_pid = 0;
   req.nlh.nlmsg_seq = ++seq;
@@ -178,8 +187,8 @@ int iface_enumerate(int family, void *parm, int (*callback)())
 	else if (h->nlmsg_type == NLMSG_ERROR)
 	  nl_err(h);
 	else if (h->nlmsg_type == NLMSG_DONE)
-	  return 1;
-	else if (h->nlmsg_type == RTM_NEWADDR && family != AF_UNSPEC)
+	  return callback_ok;
+	else if (h->nlmsg_type == RTM_NEWADDR && family != AF_UNSPEC && family != AF_LOCAL)
 	  {
 	    struct ifaddrmsg *ifa = NLMSG_DATA(h);  
 	    struct rtattr *rta = IFA_RTA(ifa);
@@ -205,9 +214,9 @@ int iface_enumerate(int family, void *parm, int (*callback)())
 			rta = RTA_NEXT(rta, len1);
 		      }
 		    
-		    if (addr.s_addr)
+		    if (addr.s_addr && callback_ok)
 		      if (!((*callback)(addr, ifa->ifa_index, netmask, broadcast, parm)))
-			return 0;
+			callback_ok = 0;
 		  }
 #ifdef HAVE_IPV6
 		else if (ifa->ifa_family == AF_INET6)
@@ -221,9 +230,10 @@ int iface_enumerate(int family, void *parm, int (*callback)())
 			rta = RTA_NEXT(rta, len1);
 		      }
 		    
-		    if (addrp)
-		      if (!((*callback)(addrp, ifa->ifa_scope, ifa->ifa_index, parm)))
-			return 0;
+		    if (addrp && callback_ok)
+		      if (!((*callback)(addrp, (int)(ifa->ifa_prefixlen), (int)(ifa->ifa_scope), 
+					(int)(ifa->ifa_index), (int)(ifa->ifa_flags & IFA_F_TENTATIVE), parm)))
+			callback_ok = 0;
 		  }
 #endif
 	      }
@@ -249,10 +259,35 @@ int iface_enumerate(int family, void *parm, int (*callback)())
 		rta = RTA_NEXT(rta, len1);
 	      }
 
-	    if (inaddr && mac)
+	    if (inaddr && mac && callback_ok)
 	      if (!((*callback)(neigh->ndm_family, inaddr, mac, maclen, parm)))
-		return 0;
-	  }	
+		callback_ok = 0;
+	  }
+#ifdef HAVE_DHCP6
+	else if (h->nlmsg_type == RTM_NEWLINK && family == AF_LOCAL)
+	  {
+	    struct ifinfomsg *link =  NLMSG_DATA(h);
+	    struct rtattr *rta = IFLA_RTA(link);
+	    unsigned int len1 = h->nlmsg_len - NLMSG_LENGTH(sizeof(*link));
+	    char *mac = NULL;
+	    size_t maclen = 0;
+
+	    while (RTA_OK(rta, len1))
+	      {
+		if (rta->rta_type == IFLA_ADDRESS)
+		  {
+		    maclen = rta->rta_len - sizeof(struct rtattr);
+		    mac = (char *)(rta+1);
+		  }
+		
+		rta = RTA_NEXT(rta, len1);
+	      }
+
+	    if (mac && callback_ok && !((link->ifi_flags & (IFF_LOOPBACK | IFF_POINTOPOINT))) && 
+		!((*callback)((int)link->ifi_index, (unsigned int)link->ifi_type, mac, maclen, parm)))
+	      callback_ok = 0;
+	  }
+#endif
     }
 }
 
@@ -306,6 +341,17 @@ static void nl_routechange(struct nlmsghdr *h)
       /* Force re-reading resolv file right now, for luck. */
       daemon->last_resolv = 0;
       
+#ifdef HAVE_DHCP6
+      /* force RAs to sync new network and pick up new interfaces.  */
+      if (daemon->ra_contexts)
+	{
+	  ra_start_unsolicted(dnsmasq_time());
+	  /* cause lease_update_file to run after we return, in case we were called from
+	     iface_enumerate and can't re-enter it now */
+	  send_alarm();
+	}
+#endif
+
       if (daemon->srv_save)
 	{
 	  if (daemon->srv_save->sfd)

src/network.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -107,7 +107,7 @@ int indextoname(int fd, int index, char *name)
 
 #endif
 
-int iface_check(int family, struct all_addr *addr, char *name, int *indexp)
+int iface_check(int family, struct all_addr *addr, char *name)
 {
   struct iname *tmp;
   int ret = 1;
@@ -115,7 +115,7 @@ int iface_check(int family, struct all_addr *addr, char *name, int *indexp)
   /* Note: have to check all and not bail out early, so that we set the
      "used" flags. */
   
-  if (daemon->if_names || (addr && daemon->if_addrs))
+  if (daemon->if_names || daemon->if_addrs)
     {
 #ifdef HAVE_DHCP
       struct dhcp_context *range;
@@ -134,7 +134,7 @@ int iface_check(int family, struct all_addr *addr, char *name, int *indexp)
 	  ret = tmp->used = 1;
 	        
       for (tmp = daemon->if_addrs; tmp; tmp = tmp->next)
-	if (addr && tmp->addr.sa.sa_family == family)
+	if (tmp->addr.sa.sa_family == family)
 	  {
 	    if (family == AF_INET &&
 		tmp->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
@@ -151,43 +151,12 @@ int iface_check(int family, struct all_addr *addr, char *name, int *indexp)
   for (tmp = daemon->if_except; tmp; tmp = tmp->next)
     if (tmp->name && (strcmp(tmp->name, name) == 0))
       ret = 0;
-  
-  if (indexp)
-    {
-      /* One form of bridging on BSD has the property that packets
-	 can be recieved on bridge interfaces which do not have an IP address.
-	 We allow these to be treated as aliases of another interface which does have
-	 an IP address with --dhcp-bridge=interface,alias,alias */
-      struct dhcp_bridge *bridge, *alias;
-      for (bridge = daemon->bridges; bridge; bridge = bridge->next)
-	{
-	  for (alias = bridge->alias; alias; alias = alias->next)
-	    if (strncmp(name, alias->iface, IF_NAMESIZE) == 0)
-	      {
-		int newindex;
-		
-		if (!(newindex = if_nametoindex(bridge->iface)))
-		  {
-		    my_syslog(LOG_WARNING, _("unknown interface %s in bridge-interface"), name);
-		    return 0;
-		  }
-		else 
-		  {
-		    *indexp = newindex;
-		    strncpy(name,  bridge->iface, IF_NAMESIZE);
-		    break;
-		  }
-	      }
-	  if (alias)
-	    break;
-	}
-    }
-  
+    
   return ret; 
 }
       
 static int iface_allowed(struct irec **irecp, int if_index, 
-			 union mysockaddr *addr, struct in_addr netmask) 
+			 union mysockaddr *addr, struct in_addr netmask, int dad) 
 {
   struct irec *iface;
   int fd, mtu = 0, loopback;
@@ -202,8 +171,11 @@ static int iface_allowed(struct irec **irecp, int if_index,
      we call this routine multiple times. */
   for (iface = *irecp; iface; iface = iface->next) 
     if (sockaddr_isequal(&iface->addr, addr))
-      return 1;
-  
+      {
+	iface->dad = dad;
+	return 1;
+      }
+
   if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) == -1 ||
       !indextoname(fd, if_index, ifr.ifr_name) ||
       ioctl(fd, SIOCGIFFLAGS, &ifr) == -1)
@@ -260,7 +232,7 @@ static int iface_allowed(struct irec **irecp, int if_index,
   if (!ir)
     {
       if (addr->sa.sa_family == AF_INET &&
-	  !iface_check(AF_INET, (struct all_addr *)&addr->in.sin_addr, ifr.ifr_name, NULL))
+	  !iface_check(AF_INET, (struct all_addr *)&addr->in.sin_addr, ifr.ifr_name))
 	return 1;
       
 #ifdef HAVE_DHCP
@@ -271,7 +243,7 @@ static int iface_allowed(struct irec **irecp, int if_index,
       
 #ifdef HAVE_IPV6
       if (addr->sa.sa_family == AF_INET6 &&
-	  !iface_check(AF_INET6, (struct all_addr *)&addr->in6.sin6_addr, ifr.ifr_name, NULL))
+	  !iface_check(AF_INET6, (struct all_addr *)&addr->in6.sin6_addr, ifr.ifr_name))
 	return 1;
 #endif
     }
@@ -283,6 +255,8 @@ static int iface_allowed(struct irec **irecp, int if_index,
       iface->netmask = netmask;
       iface->tftp_ok = tftp_ok;
       iface->mtu = mtu;
+      iface->dad = dad;
+      iface->done = 0;
       if ((iface->name = whine_malloc(strlen(ifr.ifr_name)+1)))
 	strcpy(iface->name, ifr.ifr_name);
       iface->next = *irecp;
@@ -295,13 +269,15 @@ static int iface_allowed(struct irec **irecp, int if_index,
 }
 
 #ifdef HAVE_IPV6
-static int iface_allowed_v6(struct in6_addr *local, 
-			    int scope, int if_index, void *vparam)
+static int iface_allowed_v6(struct in6_addr *local, int prefix, 
+			    int scope, int if_index, int dad, void *vparam)
 {
   union mysockaddr addr;
   struct in_addr netmask; /* dummy */
-  
   netmask.s_addr = 0;
+
+  (void)prefix; /* warning */
+  (void)scope; /* warning */
   
   memset(&addr, 0, sizeof(addr));
 #ifdef HAVE_SOCKADDR_SA_LEN
@@ -310,9 +286,9 @@ static int iface_allowed_v6(struct in6_addr *local,
   addr.in6.sin6_family = AF_INET6;
   addr.in6.sin6_addr = *local;
   addr.in6.sin6_port = htons(daemon->port);
-  addr.in6.sin6_scope_id = scope;
+  addr.in6.sin6_scope_id = if_index;
   
-  return iface_allowed((struct irec **)vparam, if_index, &addr, netmask);
+  return iface_allowed((struct irec **)vparam, if_index, &addr, netmask, dad);
 }
 #endif
 
@@ -330,7 +306,7 @@ static int iface_allowed_v4(struct in_addr local, int if_index,
   addr.in.sin_addr = local;
   addr.in.sin_port = htons(daemon->port);
 
-  return iface_allowed((struct irec **)vparam, if_index, &addr, netmask);
+  return iface_allowed((struct irec **)vparam, if_index, &addr, netmask, 0);
 }
    
 int enumerate_interfaces(void)
@@ -355,13 +331,10 @@ int fix_fd(int fd)
   return 1;
 }
 
-static int make_sock(union mysockaddr *addr, int type)
+static int make_sock(union mysockaddr *addr, int type, int dienow)
 {
   int family = addr->sa.sa_family;
   int fd, rc, opt = 1;
-#ifdef HAVE_IPV6
-  static int dad_count = 0;
-#endif
   
   if ((fd = socket(family, type, 0)) == -1)
     {
@@ -374,42 +347,27 @@ static int make_sock(union mysockaddr *addr, int type)
 	return -1;
       
     err:
-      port = prettyprint_addr(addr, daemon->namebuff);
-      if (!option_bool(OPT_NOWILD))
-	sprintf(daemon->namebuff, "port %d", port);
-      die(_("failed to create listening socket for %s: %s"), 
-	  daemon->namebuff, EC_BADNET);
+      if (dienow)
+	{
+	  port = prettyprint_addr(addr, daemon->namebuff);
+	  if (!option_bool(OPT_NOWILD))
+	    sprintf(daemon->namebuff, "port %d", port);
+	  die(_("failed to create listening socket for %s: %s"), 
+	      daemon->namebuff, EC_BADNET);
+	
+	}
+      return -1;
     }	
 
   if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 || !fix_fd(fd))
     goto err;
   
 #ifdef HAVE_IPV6
-  if (family == AF_INET6 && setsockopt(fd, IPV6_LEVEL, IPV6_V6ONLY, &opt, sizeof(opt)) == -1)
+  if (family == AF_INET6 && setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &opt, sizeof(opt)) == -1)
     goto err;
 #endif
   
-  while (1)
-    {
-      if ((rc = bind(fd, (struct sockaddr *)addr, sa_len(addr))) != -1)
-	break;
-      
-#ifdef HAVE_IPV6
-      /* An interface may have an IPv6 address which is still undergoing DAD. 
-	 If so, the bind will fail until the DAD completes, so we try over 20 seconds
-	 before failing. */
-      if (family == AF_INET6 && 
-	  (errno == ENODEV || errno == EADDRNOTAVAIL) && 
-	  dad_count++ < DAD_WAIT)
-	{
-	  sleep(1);
-	  continue;
-	}
-#endif
-      break;
-    }
-  
-  if (rc == -1)
+  if ((rc = bind(fd, (struct sockaddr *)addr, sa_len(addr))) == -1)
     goto err;
   
   if (type == SOCK_STREAM)
@@ -422,7 +380,7 @@ static int make_sock(union mysockaddr *addr, int type)
       if (family == AF_INET)
 	{
 #if defined(HAVE_LINUX_NETWORK) 
-	  if (setsockopt(fd, SOL_IP, IP_PKTINFO, &opt, sizeof(opt)) == -1)
+	  if (setsockopt(fd, IPPROTO_IP, IP_PKTINFO, &opt, sizeof(opt)) == -1)
 	    goto err;
 #elif defined(IP_RECVDSTADDR) && defined(IP_RECVIF)
 	  if (setsockopt(fd, IPPROTO_IP, IP_RECVDSTADDR, &opt, sizeof(opt)) == -1 ||
@@ -431,46 +389,52 @@ static int make_sock(union mysockaddr *addr, int type)
 #endif
 	}
 #ifdef HAVE_IPV6
-      else
-	{
-	  /* The API changed around Linux 2.6.14 but the old ABI is still supported:
-	     handle all combinations of headers and kernel.
-	     OpenWrt note that this fixes the problem addressed by your very broken patch. */
-	  daemon->v6pktinfo = IPV6_PKTINFO;
-	  
-#  ifdef IPV6_RECVPKTINFO
-#    ifdef IPV6_2292PKTINFO
-	  if (setsockopt(fd, IPV6_LEVEL, IPV6_RECVPKTINFO, &opt, sizeof(opt)) == -1)
-	    {
-	      if (errno == ENOPROTOOPT && setsockopt(fd, IPV6_LEVEL, IPV6_2292PKTINFO, &opt, sizeof(opt)) != -1)
-		daemon->v6pktinfo = IPV6_2292PKTINFO;
-	      else
-		goto err;
-	    }
-#    else
-	  if (setsockopt(fd, IPV6_LEVEL, IPV6_RECVPKTINFO, &opt, sizeof(opt)) == -1)
-	    goto err;
-#    endif 
-#  else
-	  if (setsockopt(fd, IPV6_LEVEL, IPV6_PKTINFO, &opt, sizeof(opt)) == -1)
-	    goto err;
-#  endif
-	}
+      else if (!set_ipv6pktinfo(fd))
+	goto err;
 #endif
     }
-
+  
   return fd;
 }
+
+#ifdef HAVE_IPV6  
+int set_ipv6pktinfo(int fd)
+{
+  int opt = 1;
+
+  /* The API changed around Linux 2.6.14 but the old ABI is still supported:
+     handle all combinations of headers and kernel.
+     OpenWrt note that this fixes the problem addressed by your very broken patch. */
+  daemon->v6pktinfo = IPV6_PKTINFO;
+  
+#ifdef IPV6_RECVPKTINFO
+  if (setsockopt(fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, &opt, sizeof(opt)) != -1)
+    return 1;
+# ifdef IPV6_2292PKTINFO
+  else if (errno == ENOPROTOOPT && setsockopt(fd, IPPROTO_IPV6, IPV6_2292PKTINFO, &opt, sizeof(opt)) != -1)
+    {
+      daemon->v6pktinfo = IPV6_2292PKTINFO;
+      return 1;
+    }
+# endif 
+#else
+  if (setsockopt(fd, IPPROTO_IPV6, IPV6_PKTINFO, &opt, sizeof(opt)) != -1)
+    return 1;
+#endif
+
+  return 0;
+}
+#endif
       
-static struct listener *create_listeners(union mysockaddr *addr, int do_tftp)
+static struct listener *create_listeners(union mysockaddr *addr, int do_tftp, int dienow)
 {
   struct listener *l = NULL;
   int fd = -1, tcpfd = -1, tftpfd = -1;
 
   if (daemon->port != 0)
     {
-      fd = make_sock(addr, SOCK_DGRAM);
-      tcpfd = make_sock(addr, SOCK_STREAM);
+      fd = make_sock(addr, SOCK_DGRAM, dienow);
+      tcpfd = make_sock(addr, SOCK_STREAM, dienow);
     }
   
 #ifdef HAVE_TFTP
@@ -481,7 +445,7 @@ static struct listener *create_listeners(union mysockaddr *addr, int do_tftp)
 	  /* port must be restored to DNS port for TCP code */
 	  short save = addr->in.sin_port;
 	  addr->in.sin_port = htons(TFTP_PORT);
-	  tftpfd = make_sock(addr, SOCK_DGRAM);
+	  tftpfd = make_sock(addr, SOCK_DGRAM, dienow);
 	  addr->in.sin_port = save;
 	}
 #  ifdef HAVE_IPV6
@@ -489,7 +453,7 @@ static struct listener *create_listeners(union mysockaddr *addr, int do_tftp)
 	{
 	  short save = addr->in6.sin6_port;
 	  addr->in6.sin6_port = htons(TFTP_PORT);
-	  tftpfd = make_sock(addr, SOCK_DGRAM);
+	  tftpfd = make_sock(addr, SOCK_DGRAM, dienow);
 	  addr->in6.sin6_port = save;
 	}  
 #  endif
@@ -509,7 +473,7 @@ static struct listener *create_listeners(union mysockaddr *addr, int do_tftp)
   return l;
 }
 
-struct listener *create_wildcard_listeners(void)
+void create_wildcard_listeners(void)
 {
   union mysockaddr addr;
   struct listener *l;
@@ -523,7 +487,7 @@ struct listener *create_wildcard_listeners(void)
   addr.in.sin_addr.s_addr = INADDR_ANY;
   addr.in.sin_port = htons(daemon->port);
 
-  l = create_listeners(&addr, tftp_enabled);
+  l = create_listeners(&addr, tftp_enabled, 1);
 
 #ifdef HAVE_IPV6
   memset(&addr, 0, sizeof(addr));
@@ -535,31 +499,41 @@ struct listener *create_wildcard_listeners(void)
   addr.in6.sin6_port = htons(daemon->port);
   
   if (l) 
-    l->next = create_listeners(&addr, tftp_enabled);
+    l->next = create_listeners(&addr, tftp_enabled, 1);
   else 
-    l = create_listeners(&addr, tftp_enabled);
+    l = create_listeners(&addr, tftp_enabled, 1);
 #endif
 
-  return l;
+  daemon->listeners = l;
 }
 
-struct listener *create_bound_listeners(void)
+void create_bound_listeners(int dienow)
 {
-  struct listener *new, *listeners = NULL;
+  struct listener *new;
   struct irec *iface;
 
   for (iface = daemon->interfaces; iface; iface = iface->next)
-    if ((new = create_listeners(&iface->addr, iface->tftp_ok)))
+    if (!iface->done && !iface->dad && 
+	(new = create_listeners(&iface->addr, iface->tftp_ok, dienow)))
       {
 	new->iface = iface;
-	new->next = listeners;
-	listeners = new;
+	new->next = daemon->listeners;
+	daemon->listeners = new;
+	iface->done = 1;
       }
-  
-  return listeners;
 }
 
-
+int is_dad_listeners(void)
+{
+  struct irec *iface;
+  
+  if (option_bool(OPT_NOWILD))
+    for (iface = daemon->interfaces; iface; iface = iface->next)
+      if (iface->dad && !iface->done)
+	return 1;
+  
+  return 0;
+}
 /* return a UDP socket bound to a random port, have to cope with straying into
    occupied port nos and reserved ones. */
 int random_sock(int family)

src/outpacket.c

@@ -0,0 +1,108 @@
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991, or
+   (at your option) version 3 dated 29 June, 2007.
+ 
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+     
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+
+#include "dnsmasq.h"
+ 
+#ifdef HAVE_DHCP6
+
+static size_t outpacket_counter;
+
+void end_opt6(int container)
+{
+   void *p = daemon->outpacket.iov_base + container + 2;
+   u16 len = outpacket_counter - container - 4 ;
+   
+   PUTSHORT(len, p);
+}
+
+int save_counter(int newval)
+{
+  int ret = outpacket_counter;
+  if (newval != -1)
+    outpacket_counter = newval;
+
+  return ret;
+}
+
+void *expand(size_t headroom)
+{
+  void *ret;
+
+  if (expand_buf(&daemon->outpacket, outpacket_counter + headroom))
+    {
+      ret = daemon->outpacket.iov_base + outpacket_counter;
+      outpacket_counter += headroom;
+      return ret;
+    }
+  
+  return NULL;
+}
+    
+int new_opt6(int opt)
+{
+  int ret = outpacket_counter;
+  void *p;
+
+  if ((p = expand(4)))
+    {
+      PUTSHORT(opt, p);
+      PUTSHORT(0, p);
+    }
+
+  return ret;
+}
+
+void *put_opt6(void *data, size_t len)
+{
+  void *p;
+
+  if ((p = expand(len)))
+    memcpy(p, data, len);   
+
+  return p;
+}
+  
+void put_opt6_long(unsigned int val)
+{
+  void *p;
+  
+  if ((p = expand(4)))  
+    PUTLONG(val, p);
+}
+
+void put_opt6_short(unsigned int val)
+{
+  void *p;
+
+  if ((p = expand(2)))
+    PUTSHORT(val, p);   
+}
+
+void put_opt6_char(unsigned int val)
+{
+  unsigned char *p;
+
+  if ((p = expand(1)))
+    *p = val;   
+}
+
+void put_opt6_string(char *s)
+{
+  put_opt6(s, strlen(s));
+}
+
+#endif

src/radv-protocol.h

@@ -0,0 +1,44 @@
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991, or
+   (at your option) version 3 dated 29 June, 2007.
+ 
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+     
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#define ALL_HOSTS                 "FF02::1"
+#define ALL_ROUTERS               "FF02::2"
+
+struct ra_packet {
+  u8 type, code;
+  u16 checksum;
+  u8 hop_limit, flags;
+  u16 lifetime;
+  u32 reachable_time;
+  u32 retrans_time;
+};
+
+struct prefix_opt {
+  u8 type, len, prefix_len, flags;
+  u32 valid_lifetime, preferred_lifetime, reserved;
+  struct in6_addr prefix;
+};
+
+#define ICMP6_ROUTER_SOLICIT 133
+#define ICMP6_ROUTER_ADVERT  134
+
+#define ICMP6_OPT_SOURCE_MAC   1
+#define ICMP6_OPT_PREFIX       3
+#define ICMP6_OPT_MTU          5
+#define ICMP6_OPT_RDNSS       25
+
+
+

src/radv.c

@@ -0,0 +1,429 @@
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991, or
+   (at your option) version 3 dated 29 June, 2007.
+ 
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+     
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+
+/* NB. This code may be called during a DHCPv4 or transaction which is in ping-wait
+   It therefore cannot use any DHCP buffer resources except outpacket, which is
+   not used by DHCPv4 code. This code may also be called when DHCP 4 or 6 isn't
+   active, so we ensure that outpacket is allocated here too */
+
+#include "dnsmasq.h"
+
+#ifdef HAVE_DHCP6
+
+#include <netinet/icmp6.h>
+
+struct ra_param {
+  int ind, managed, found_context, first;
+  char *if_name;
+  struct in6_addr link_local;
+};
+
+struct search_param {
+  time_t now; int iface;
+};
+
+static void send_ra(int iface, char *iface_name, struct in6_addr *dest);
+static int add_prefixes(struct in6_addr *local,  int prefix,
+			int scope, int if_index, int dad, void *vparam);
+static int iface_search(struct in6_addr *local,  int prefix,
+			int scope, int if_index, int dad, void *vparam);
+static int add_lla(int index, unsigned int type, char *mac, size_t maclen, void *parm);
+
+static int hop_limit;
+static time_t ra_short_period_start;
+
+void ra_init(time_t now)
+{
+  struct icmp6_filter filter;
+  int fd;
+#if defined(IP_TOS) && defined(IPTOS_CLASS_CS6)
+  int class = IPTOS_CLASS_CS6;
+#endif
+  int val = 255; /* radvd uses this value */
+  socklen_t len = sizeof(int);
+
+  /* ensure this is around even if we're not doing DHCPv6 */
+  expand_buf(&daemon->outpacket, sizeof(struct dhcp_packet));
+
+  ICMP6_FILTER_SETBLOCKALL(&filter);
+  ICMP6_FILTER_SETPASS(ND_ROUTER_SOLICIT, &filter);
+  ICMP6_FILTER_SETPASS(ND_ROUTER_ADVERT, &filter);
+  
+  if ((fd = socket(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) == -1 ||
+      getsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &hop_limit, &len) ||
+#if defined(IP_TOS) && defined(IPTOS_CLASS_CS6)
+      setsockopt(fd, IPPROTO_IPV6, IPV6_TCLASS, &class, sizeof(class)) == -1 ||
+#endif
+      !fix_fd(fd) ||
+      !set_ipv6pktinfo(fd) ||
+      setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &val, sizeof(val)) ||
+      setsockopt(fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &val, sizeof(val)) ||
+      setsockopt(fd, IPPROTO_ICMPV6, ICMP6_FILTER, &filter, sizeof(filter)) == -1)
+    die (_("cannot create ICMPv6 socket: %s"), NULL, EC_BADNET);
+  
+   daemon->icmp6fd = fd;
+   
+   ra_start_unsolicted(now);
+}
+
+void ra_start_unsolicted(time_t now)
+{   
+   struct dhcp_context *context;
+   
+   /* init timers so that we do ra's for all soon. some ra_times will end up zeroed
+     if it's not appropriate to advertise those contexts.
+     This gets re-called on a netlink route-change to re-do the advertisement
+     and pick up new interfaces */
+
+   /* range 0 - 5 */
+   for (context = daemon->ra_contexts; context; context = context->next)
+     context->ra_time = now + (rand16()/13000);
+
+   /* re-do frequently for a minute or so, in case the first gets lost. */
+   ra_short_period_start = now;
+}
+
+void icmp6_packet(void)
+{
+  char interface[IF_NAMESIZE+1];
+  ssize_t sz; 
+  int if_index = 0;
+  struct cmsghdr *cmptr;
+  struct msghdr msg;
+  union {
+    struct cmsghdr align; /* this ensures alignment */
+    char control6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
+  } control_u;
+  struct sockaddr_in6 from;
+  unsigned char *p;
+  char *mac = "";
+  struct iname *tmp;
+  struct dhcp_context *context;
+
+  /* Note: use outpacket for input buffer */
+  msg.msg_control = control_u.control6;
+  msg.msg_controllen = sizeof(control_u);
+  msg.msg_flags = 0;
+  msg.msg_name = &from;
+  msg.msg_namelen = sizeof(from);
+  msg.msg_iov = &daemon->outpacket;
+  msg.msg_iovlen = 1;
+  
+  if ((sz = recv_dhcp_packet(daemon->icmp6fd, &msg)) == -1 || sz < 8)
+    return;
+  
+  for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
+    if (cmptr->cmsg_level == IPPROTO_IPV6 && cmptr->cmsg_type == daemon->v6pktinfo)
+      {
+	union {
+	  unsigned char *c;
+	  struct in6_pktinfo *p;
+	} p;
+	p.c = CMSG_DATA(cmptr);
+        
+	if_index = p.p->ipi6_ifindex;
+      }
+  
+  if (!indextoname(daemon->icmp6fd, if_index, interface))
+    return;
+    
+  if (!iface_check(AF_LOCAL, NULL, interface))
+    return;
+  
+  for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
+    if (tmp->name && (strcmp(tmp->name, interface) == 0))
+      return;
+ 
+  /* weird libvirt-inspired access control */
+  for (context = daemon->dhcp6; context; context = context->next)
+    if (!context->interface || strcmp(context->interface, interface) == 0)
+      break;
+  
+  if (!context)
+    return;
+
+  p = (unsigned char *)daemon->outpacket.iov_base;
+  
+  if (p[0] != ICMP6_ROUTER_SOLICIT || p[1] != 0)
+    return;
+  
+  /* look for link-layer address option for logging */
+  if (sz >= 16 && p[8] == ICMP6_OPT_SOURCE_MAC && (p[9] * 8) + 8 <= sz)
+    {
+      print_mac(daemon->namebuff, &p[10], (p[9] * 8) - 2);
+      mac = daemon->namebuff;
+    }
+  
+  my_syslog(MS_DHCP | LOG_INFO, "RTR-SOLICIT(%s) %s", interface, mac);
+  
+  send_ra(if_index, interface, &from.sin6_addr);
+}
+
+static void send_ra(int iface, char *iface_name, struct in6_addr *dest)
+{
+  struct ra_packet *ra;
+  struct ra_param parm;
+  struct ifreq ifr;
+  struct sockaddr_in6 addr;
+  struct dhcp_context *context;
+ 
+  save_counter(0);
+  ra = expand(sizeof(struct ra_packet));
+  
+  ra->type = ICMP6_ROUTER_ADVERT;
+  ra->code = 0;
+  ra->hop_limit = hop_limit;
+  ra->flags = 0;
+  ra->lifetime = htons(1800); /* AdvDefaultLifetime*/
+  ra->reachable_time = 0;
+  ra->retrans_time = 0;
+
+  parm.ind = iface;
+  parm.managed = 0;
+  parm.found_context = 0;
+  parm.if_name = iface_name;
+  parm.first = 1;
+
+  for (context = daemon->ra_contexts; context; context = context->next)
+    context->flags &= ~CONTEXT_RA_DONE;
+  
+  if (!iface_enumerate(AF_INET6, &parm, add_prefixes) ||
+      !parm.found_context)
+    return;
+
+  strncpy(ifr.ifr_name, iface_name, IF_NAMESIZE);
+  
+  if (ioctl(daemon->icmp6fd, SIOCGIFMTU, &ifr) != -1)
+    {
+      put_opt6_char(ICMP6_OPT_MTU);
+      put_opt6_char(1);
+      put_opt6_short(0);
+      put_opt6_long(ifr.ifr_mtu);
+    }
+     
+  iface_enumerate(AF_LOCAL, &iface, add_lla);
+  
+  /* RDNSS, RFC 6106 */
+  put_opt6_char(ICMP6_OPT_RDNSS);
+  put_opt6_char(3);
+  put_opt6_short(0);
+  put_opt6_long(1800); /* lifetime - twice RA retransmit */
+  put_opt6(&parm.link_local, IN6ADDRSZ);
+
+
+  /* set managed bits unless we're providing only RA on this link */
+  if (parm.managed)
+    ra->flags = 0xc0; 
+
+  /* decide where we're sending */
+  memset(&addr, 0, sizeof(addr));
+#ifdef HAVE_SOCKADDR_SA_LEN
+  addr.sin6_len = sizeof(struct sockaddr_in6);
+#endif
+  addr.sin6_family = AF_INET6;
+  addr.sin6_port = htons(IPPROTO_ICMPV6);
+  if (dest)
+    {
+      memcpy(&addr.sin6_addr, dest, sizeof(struct in6_addr));
+      if (IN6_IS_ADDR_LINKLOCAL(dest) ||
+	  IN6_IS_ADDR_MC_LINKLOCAL(dest))
+	addr.sin6_scope_id = iface;
+    }
+  else
+    inet_pton(AF_INET6, ALL_HOSTS, &addr.sin6_addr); 
+  
+  send_from(daemon->icmp6fd, 0, daemon->outpacket.iov_base, save_counter(0),
+	    (union mysockaddr *)&addr, (struct all_addr *)&parm.link_local, iface); 
+  
+}
+
+static int add_prefixes(struct in6_addr *local,  int prefix,
+			int scope, int if_index, int dad, void *vparam)
+{
+  struct dhcp_context *context, *tmp;
+  struct ra_param *param = vparam;
+  struct prefix_opt *opt;
+
+  (void)scope; /* warning */
+  (void)dad;
+
+  if (if_index == param->ind)
+    {
+      if (IN6_IS_ADDR_LINKLOCAL(local))
+	param->link_local = *local;
+      else if (!IN6_IS_ADDR_LOOPBACK(local) &&
+	       !IN6_IS_ADDR_LINKLOCAL(local) &&
+	       !IN6_IS_ADDR_MULTICAST(local))
+	{
+	  for (context = daemon->ra_contexts; context; context = context->next)
+	    if (prefix == context->prefix &&
+		is_same_net6(local, &context->start6, prefix) &&
+		is_same_net6(local, &context->end6, prefix))
+	      {
+		if (!(context->flags & CONTEXT_RA_ONLY))
+		  {
+		    /* don't do RA for non-ra-only unless --enable-ra is set */
+		    if (!option_bool(OPT_RA))
+		      continue;
+		    param->managed = 1;
+		  }
+
+		if (context->flags & CONTEXT_RA_DONE)
+		  continue;
+		
+		/* subsequent prefixes on the same interface don't need timers */
+		if (!param->first)
+		  context->ra_time = 0;
+		param->first = 0;
+		param->found_context = 1;
+		context->flags |= CONTEXT_RA_DONE;
+
+		/* mark this subnet and duplicates: as done. */
+		for (tmp = context->next; tmp; tmp = tmp->next)
+		  if (tmp->prefix == prefix &&
+		      is_same_net6(local, &tmp->start6, prefix) &&
+		      is_same_net6(local, &tmp->end6, prefix))
+		    {
+		      tmp->flags |= CONTEXT_RA_DONE;
+		      context->ra_time = 0;
+		    }
+
+		if ((opt = expand(sizeof(struct prefix_opt))))
+		  {
+		    u64 addrpart = addr6part(&context->start6);
+		    u64 mask = (prefix == 64) ? (u64)-1LL : (1LLU << (128 - prefix)) - 1LLU;
+		    unsigned int time = context->lease_time;
+
+		    /* lifetimes must be min 2 hrs, by RFC 2462 */
+		    if (time < 7200)
+		      time = 7200;
+
+		    opt->type = ICMP6_OPT_PREFIX;
+		    opt->len = 4;
+		    opt->prefix_len = prefix;
+		    /* autonomous only is we're not doing dhcp */
+		    opt->flags = (context->flags & CONTEXT_RA_ONLY) ? 0xc0 : 0x00;
+		    opt->valid_lifetime = opt->preferred_lifetime = htonl(time);
+		    opt->reserved = 0;
+		    
+		    opt->prefix = context->start6;
+		    setaddr6part(&opt->prefix, addrpart & ~mask);
+		    
+		    inet_ntop(AF_INET6, &opt->prefix, daemon->addrbuff, ADDRSTRLEN);
+		    my_syslog(MS_DHCP | LOG_INFO, "RTR-ADVERT(%s) %s", param->if_name, daemon->addrbuff); 		    
+		  }
+	      }
+	}
+    }          
+  return 1;
+}
+
+static int add_lla(int index, unsigned int type, char *mac, size_t maclen, void *parm)
+{
+  (void)type;
+
+  if (index == *((int *)parm))
+    {
+      /* size is in units of 8 octets and includes type and length (2 bytes)
+	 add 7 to round up */
+      int len = (maclen + 9) >> 3;
+      unsigned char *p = expand(len << 3);
+      memset(p, 0, len << 3);
+      *p++ = ICMP6_OPT_SOURCE_MAC;
+      *p++ = len;
+      memcpy(p, mac, maclen);
+
+      return 0;
+    }
+
+  return 1;
+}
+
+time_t periodic_ra(time_t now)
+{
+  struct search_param param;
+  struct dhcp_context *context;
+  time_t next_event;
+  char interface[IF_NAMESIZE+1];
+  
+  param.now = now;
+
+  while (1)
+    {
+      /* find overdue events, and time of first future event */
+      for (next_event = 0, context = daemon->ra_contexts; context; context = context->next)
+	if (context->ra_time != 0)
+	  {
+	    if (difftime(context->ra_time, now) < 0.0)
+	      break; /* overdue */
+	    
+	    if (next_event == 0 || difftime(next_event, context->ra_time + 2) > 0.0)
+	      next_event = context->ra_time + 2;
+	  }
+      
+      /* none overdue */
+      if (!context)
+	break;
+      
+      /* There's a context overdue, but we can't find an interface
+	 associated with it, because it's for a subnet we dont 
+	 have an interface on. Probably we're doing DHCP on
+	 a remote subnet via a relay. Zero the timer, since we won't
+	 ever be able to send ra's and satistfy it. */
+      if (iface_enumerate(AF_INET6, &param, iface_search))
+	context->ra_time = 0;
+      else if (indextoname(daemon->icmp6fd, param.iface, interface))
+	send_ra(param.iface, interface, NULL); 
+    }
+  
+  return next_event;
+}
+
+static int iface_search(struct in6_addr *local,  int prefix,
+			int scope, int if_index, int dad, void *vparam)
+{
+  struct search_param *param = vparam;
+  struct dhcp_context *context;
+
+  (void)scope;
+  (void)dad;
+ 
+  for (context = daemon->ra_contexts; context; context = context->next)
+    if (prefix == context->prefix &&
+	is_same_net6(local, &context->start6, prefix) &&
+	is_same_net6(local, &context->end6, prefix))
+      if (context->ra_time != 0 && difftime(context->ra_time, param->now) < 0.0)
+	{
+	  /* found an interface that's overdue for RA determine new 
+	     timeout value and zap other contexts on the same interface 
+	     so they don't timeout independently .*/
+	  param->iface = if_index;
+	  
+	  if (difftime(param->now, ra_short_period_start) < 60.0)
+	    /* range 5 - 20 */
+	    context->ra_time = param->now + 5 + (rand16()/4400);
+	  else
+	    /* range 450 - 600 */
+	    context->ra_time = param->now + 450 + (rand16()/440);
+	  
+	  return 0; /* found, abort */
+	}
+  
+  return 1; /* keep searching */
+}
+
+#endif

src/rfc1035.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -25,7 +25,7 @@ static int add_resource_record(struct dns_header *header, char *limit, int *trun
     ((size_t)((pp) - (unsigned char *)(header) + (len)) <= (plen))
 
 #define ADD_RDLEN(header, pp, plen, len) \
-    (!CHECK_LEN(header, pp, plen, len) ? 0 : (long)((pp) += (len)), 1)
+  (!CHECK_LEN(header, pp, plen, len) ? 0 : (((pp) += (len)), 1))
 
 static int extract_name(struct dns_header *header, size_t plen, unsigned char **pp, 
 			char *name, int isExtract, int extrabytes)

src/rfc2131.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -18,16 +18,13 @@
 
 #ifdef HAVE_DHCP
 
-#define have_config(config, mask) ((config) && ((config)->flags & (mask))) 
 #define option_len(opt) ((int)(((unsigned char *)(opt))[1]))
 #define option_ptr(opt, i) ((void *)&(((unsigned char *)(opt))[2u+(unsigned int)(i)]))
 
 #ifdef HAVE_SCRIPT
-static void add_extradata_data(struct dhcp_lease *lease, unsigned char *data, size_t len, int delim);
 static void add_extradata_opt(struct dhcp_lease *lease, unsigned char *opt);
 #endif
 
-static int match_bytes(struct dhcp_opt *o, unsigned char *p, int len);
 static int sanitise(unsigned char *opt, char *buf);
 static struct in_addr server_id(struct dhcp_context *context, struct in_addr override, struct in_addr fallback);
 static unsigned int calc_time(struct dhcp_context *context, struct dhcp_config *config, unsigned char *opt);
@@ -35,13 +32,11 @@ static void option_put(struct dhcp_packet *mess, unsigned char *end, int opt, in
 static void option_put_string(struct dhcp_packet *mess, unsigned char *end, 
 			      int opt, char *string, int null_term);
 static struct in_addr option_addr(unsigned char *opt);
-static struct in_addr option_addr_arr(unsigned char *opt, int offset);
 static unsigned int option_uint(unsigned char *opt, int i, int size);
 static void log_packet(char *type, void *addr, unsigned char *ext_mac, 
 		       int mac_len, char *interface, char *string, u32 xid);
 static unsigned char *option_find(struct dhcp_packet *mess, size_t size, int opt_type, int minsize);
 static unsigned char *option_find1(unsigned char *p, unsigned char *end, int opt, int minsize);
-static void log_tags(struct dhcp_netid *netid, struct dhcp_packet *mess);
 static size_t dhcp_packet_size(struct dhcp_packet *mess, unsigned char *agent_id, unsigned char *real_end);
 static void clear_packet(struct dhcp_packet *mess, unsigned char *end);
 static void do_options(struct dhcp_context *context,
@@ -49,7 +44,7 @@ static void do_options(struct dhcp_context *context,
 		       unsigned char *real_end, 
 		       unsigned char *req_options,
 		       char *hostname, 
-		       char *domain, char *config_domain,
+		       char *config_domain,
 		       struct dhcp_netid *netid,
 		       struct in_addr subnet_addr, 
 		       unsigned char fqdn_flags,
@@ -63,7 +58,7 @@ static void match_vendor_opts(unsigned char *opt, struct dhcp_opt *dopt);
 static int do_encap_opts(struct dhcp_opt *opts, int encap, int flag, struct dhcp_packet *mess, unsigned char *end, int null_term);
 static void pxe_misc(struct dhcp_packet *mess, unsigned char *end, unsigned char *uuid);
 static int prune_vendor_opts(struct dhcp_netid *netid);
-static struct dhcp_opt *pxe_opts(int pxe_arch, struct dhcp_netid *netid, struct in_addr local);
+static struct dhcp_opt *pxe_opts(int pxe_arch, struct dhcp_netid *netid, struct in_addr local, time_t now);
 struct dhcp_boot *find_boot(struct dhcp_netid *netid);
 
   
@@ -468,7 +463,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	      tagif_netid = run_tag_if(&context->netid);
 	    }
 
-	  log_tags(tagif_netid, mess);
+	  log_tags(tagif_netid, ntohl(mess->xid));
 	    
 	  if (!message && !nailed)
 	    {
@@ -481,7 +476,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 
 	  if (!message && 
 	      !lease && 
-	      (!(lease = lease_allocate(mess->yiaddr))))
+	      (!(lease = lease4_allocate(mess->yiaddr))))
 	    message = _("no leases left");
 	  
 	  if (!message)
@@ -490,7 +485,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 		
 	      lease_set_hwaddr(lease, mess->chaddr, NULL, mess->hlen, mess->htype, 0);
 	      if (hostname)
-		lease_set_hostname(lease, hostname, 1); 
+		lease_set_hostname(lease, hostname, 1, get_domain(lease->addr), domain); 
 	      /* infinite lease unless nailed in dhcp-host line. */
 	      lease_set_expires(lease,  
 				have_config(config, CONFIG_TIME) ? config->lease_time : 0xffffffff, 
@@ -499,7 +494,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	      
 	      clear_packet(mess, end);
 	      do_options(context, mess, end, NULL, hostname, get_domain(mess->yiaddr), 
-			 domain, netid, subnet_addr, 0, 0, 0, NULL, 0, now);
+			 netid, subnet_addr, 0, 0, 0, NULL, 0, now);
 	    }
 	}
       
@@ -521,11 +516,10 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
       pp = op;
       
       /* Always force update, since the client has no way to do it itself. */
-      if (!(fqdn_flags & 0x01))
-	fqdn_flags |= 0x02;
-      
+      if (!option_bool(OPT_FQDN_UPDATE) && !(fqdn_flags & 0x01))
+	fqdn_flags |= 0x03;
+
       fqdn_flags &= ~0x08;
-      fqdn_flags |= 0x01;
       
       if (fqdn_flags & 0x04)
 	while (*op != 0 && ((op + (*op) + 1) - pp) < len)
@@ -800,7 +794,9 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	  
 	  mess->yiaddr = mess->ciaddr;
 	  mess->ciaddr.s_addr = 0;
-	  if (service->server.s_addr != 0)
+	  if (service->sname)
+	    mess->siaddr = a_record_from_hosts(service->sname, now);
+	  else if (service->server.s_addr != 0)
 	    mess->siaddr = service->server; 
 	  else
 	    mess->siaddr = context->local; 
@@ -820,7 +816,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	  do_encap_opts(&opt71, OPTION_VENDOR_CLASS_OPT, DHOPT_VENDOR_MATCH, mess, end, 0);
 	  
 	  log_packet("PXE", &mess->yiaddr, emac, emac_len, iface_name, (char *)mess->file, mess->xid);
-	  log_tags(tagif_netid, mess);
+	  log_tags(tagif_netid, ntohl(mess->xid));
 	  return dhcp_packet_size(mess, agent_id, real_end);	  
 	}
       
@@ -869,10 +865,10 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 		  option_put(mess, end, OPTION_SERVER_IDENTIFIER, INADDRSZ, htonl(context->local.s_addr));
 		  pxe_misc(mess, end, uuid);
 		  prune_vendor_opts(tagif_netid);
-		  do_encap_opts(pxe_opts(pxearch, tagif_netid, context->local), OPTION_VENDOR_CLASS_OPT, DHOPT_VENDOR_MATCH, mess, end, 0);
+		  do_encap_opts(pxe_opts(pxearch, tagif_netid, context->local, now), OPTION_VENDOR_CLASS_OPT, DHOPT_VENDOR_MATCH, mess, end, 0);
 		  
 		  log_packet("PXE", NULL, emac, emac_len, iface_name, ignore ? "proxy-ignored" : "proxy", mess->xid);
-		  log_tags(tagif_netid, mess);
+		  log_tags(tagif_netid, ntohl(mess->xid));
 		  return ignore ? 0 : dhcp_packet_size(mess, agent_id, real_end);	  
 		}
 	    }
@@ -1010,7 +1006,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	  tagif_netid = run_tag_if(&context->netid);
 	}
 
-      log_tags(tagif_netid, mess);
+      log_tags(tagif_netid, ntohl(mess->xid));
       
       log_packet("DHCPOFFER" , &mess->yiaddr, emac, emac_len, iface_name, NULL, mess->xid);
       
@@ -1026,7 +1022,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	  option_put(mess, end, OPTION_T2, 4, (time*7)/8);
 	}
       do_options(context, mess, end, req_options, offer_hostname, get_domain(mess->yiaddr), 
-		 domain, netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now);
+		 netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now);
       
       return dhcp_packet_size(mess, agent_id, real_end);
       
@@ -1190,7 +1186,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	      
 	      else if (!lease)
 		{	     
-		  if ((lease = lease_allocate(mess->yiaddr)))
+		  if ((lease = lease4_allocate(mess->yiaddr)))
 		    do_classes = 1;
 		  else
 		    message = _("no leases left");
@@ -1224,7 +1220,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	      tagif_netid = run_tag_if( &context->netid);
 	    }
 
-	  log_tags(tagif_netid, mess);
+	  log_tags(tagif_netid, ntohl(mess->xid));
 	  
 #ifdef HAVE_SCRIPT
 	  if (do_classes && daemon->lease_change_command)
@@ -1234,7 +1230,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	      if (mess->giaddr.s_addr)
 		lease->giaddr = mess->giaddr;
 	      
-	      lease->changed = 1;
+	      lease->flags |= LEASE_CHANGED;
 	      free(lease->extradata);
 	      lease->extradata = NULL;
 	      lease->extradata_size = lease->extradata_len = 0;
@@ -1250,8 +1246,16 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 		add_extradata_opt(lease, NULL);
 	      else
 		for (n = tagif_netid; n; n = n->next)
-		  add_extradata_data(lease, (unsigned char *)n->net, strlen(n->net), n->next ? ' ' : 0); 
-	      
+		  {
+		    struct dhcp_netid *n1;
+		    /* kill dupes */
+		    for (n1 = n->next; n1; n1 = n1->next)
+		      if (strcmp(n->net, n1->net) == 0)
+			break;
+		    if (!n1)
+		      lease_add_extradata(lease, (unsigned char *)n->net, strlen(n->net), n->next ? ' ' : 0); 
+		  }
+
 	      if ((opt = option_find(mess, sz, OPTION_USER_CLASS, 1)))
 		{
 		  int len = option_len(opt);
@@ -1259,7 +1263,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 		  /* If the user-class option started as counted strings, the first byte will be zero. */
 		  if (len != 0 && ucp[0] == 0)
 		    ucp++, len--;
-		  add_extradata_data(lease, ucp, len, 0);
+		  lease_add_extradata(lease, ucp, len, 0);
 		}
 	    }
 #endif
@@ -1303,7 +1307,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	    }
 
 	  if (hostname)
-	    lease_set_hostname(lease, hostname, hostname_auth);
+	    lease_set_hostname(lease, hostname, hostname_auth, get_domain(lease->addr), domain);
 	  
 	  lease_set_expires(lease, time, now);
 	  lease_set_interface(lease, int_index);
@@ -1327,7 +1331,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	      option_put(mess, end, OPTION_T2, 4, ((time/8)*7) - fuzz);
 	    }
 	  do_options(context, mess, end, req_options, hostname, get_domain(mess->yiaddr), 
-		     domain, netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now);
+		     netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now);
 	}
 
       return dhcp_packet_size(mess, agent_id, real_end); 
@@ -1357,10 +1361,10 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
       if (context && context->netid.net)
 	{
 	  context->netid.next = netid;
-	  tagif_netid = run_tag_if( &context->netid);
+	  tagif_netid = run_tag_if(&context->netid);
 	}
 
-      log_tags(tagif_netid, mess);
+      log_tags(tagif_netid, ntohl(mess->xid));
       
       log_packet("DHCPACK", &mess->ciaddr, emac, emac_len, iface_name, hostname, mess->xid);
       
@@ -1387,7 +1391,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	}
 
       do_options(context, mess, end, req_options, hostname, get_domain(mess->ciaddr),
-		 domain, netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now);
+		 netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now);
       
       *is_inform = 1; /* handle reply differently */
       return dhcp_packet_size(mess, agent_id, real_end); 
@@ -1396,37 +1400,6 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
   return 0;
 }
 
-static int match_bytes(struct dhcp_opt *o, unsigned char *p, int len)
-{
-  int i;
-  
-  if (o->len > len)
-    return 0;
-  
-  if (o->len == 0)
-    return 1;
-     
-  if (o->flags & DHOPT_HEX)
-    { 
-      if (memcmp_masked(o->val, p, o->len, o->u.wildcard_mask))
-	return 1;
-    }
-  else 
-    for (i = 0; i <= (len - o->len); ) 
-      {
-	if (memcmp(o->val, p + i, o->len) == 0)
-	  return 1;
-	    
-	if (o->flags & DHOPT_STRING)
-	  i++;
-	else
-	  i += o->len;
-      }
-  
-  return 0;
-}
-      
-
 /* find a good value to use as MAC address for logging and address-allocation hashing.
    This is normally just the chaddr field from the DHCP packet,
    but eg Firewire will have hlen == 0 and use the client-id instead. 
@@ -1512,51 +1485,12 @@ static int sanitise(unsigned char *opt, char *buf)
 }
 
 #ifdef HAVE_SCRIPT
-static void add_extradata_data(struct dhcp_lease *lease, unsigned char *data, size_t len, int delim)
-{
-  if ((lease->extradata_size - lease->extradata_len) < (len + 1))
-    {
-      size_t newsz = lease->extradata_len + len + 100;
-      unsigned char *new = whine_malloc(newsz);
-  
-      if (!new)
-	return;
-      
-      if (lease->extradata)
-	{
-	  memcpy(new, lease->extradata, lease->extradata_len);
-	  free(lease->extradata);
-	}
-
-      lease->extradata = new;
-      lease->extradata_size = newsz;
-    }
-
-  if (len != 0)
-    memcpy(lease->extradata + lease->extradata_len, data, len);
-  lease->extradata[lease->extradata_len + len] = delim;
-  lease->extradata_len += len + 1; 
-}
-
 static void add_extradata_opt(struct dhcp_lease *lease, unsigned char *opt)
 {
   if (!opt)
-    add_extradata_data(lease, NULL, 0, 0);
+    lease_add_extradata(lease, NULL, 0, 0);
   else
-    {
-      size_t i, len = option_len(opt);
-      unsigned char *ucp = option_ptr(opt, 0);
-      
-      /* check for embeded NULLs */
-      for (i = 0; i < len; i++)
-	if (ucp[i] == 0)
-	  {
-	    len = i;
-	    break;
-	  }
-
-      add_extradata_data(lease, ucp, len, 0);
-    }
+    lease_add_extradata(lease, option_ptr(opt, 0), option_len(opt), 0); 
 }
 #endif
 
@@ -1594,30 +1528,10 @@ static void log_options(unsigned char *start, u32 xid)
 {
   while (*start != OPTION_END)
     {
-      int is_ip, is_name, i;
-      char *text = option_string(start[0], &is_ip, &is_name);
-      unsigned char trunc = option_len(start);
+      char *optname = option_string(AF_INET, start[0], option_ptr(start, 0), option_len(start), daemon->namebuff, MAXDNAME);
       
-      if (is_ip)
-	for (daemon->namebuff[0]= 0, i = 0; i <= trunc - INADDRSZ; i += INADDRSZ) 
-	  {
-	    if (i != 0)
-	      strncat(daemon->namebuff, ", ", 256 - strlen(daemon->namebuff));
-	    strncat(daemon->namebuff, inet_ntoa(option_addr_arr(start, i)), 256 - strlen(daemon->namebuff));
-	  }
-      else if (!is_name || !sanitise(start, daemon->namebuff))
-	{
-	  if (trunc > 13)
-	    trunc = 13;
-	  print_mac(daemon->namebuff, option_ptr(start, 0), trunc);
-	}
-      
-      my_syslog(MS_DHCP | LOG_INFO, "%u sent size:%3d option:%3d%s%s%s%s%s", 
-		ntohl(xid), option_len(start), start[0],
-		text ? ":" : "", text ? text : "",
-		trunc == 0 ? "" : "  ",
-		trunc == 0 ? "" : daemon->namebuff,
-		trunc == option_len(start) ? "" : "...");
+      my_syslog(MS_DHCP | LOG_INFO, "%u sent size:%3d option:%3d %s  %s", 
+		ntohl(xid), option_len(start), start[0], optname, daemon->namebuff);
       start += start[1] + 2;
     }
 }
@@ -1672,22 +1586,17 @@ static unsigned char *option_find(struct dhcp_packet *mess, size_t size, int opt
   return NULL;
 }
 
-static struct in_addr option_addr_arr(unsigned char *opt, int offset)
+static struct in_addr option_addr(unsigned char *opt)
 {
-  /* this worries about unaligned data in the option. */
+   /* this worries about unaligned data in the option. */
   /* struct in_addr is network byte order */
   struct in_addr ret;
 
-  memcpy(&ret, option_ptr(opt, offset), INADDRSZ);
+  memcpy(&ret, option_ptr(opt, 0), INADDRSZ);
 
   return ret;
 }
 
-static struct in_addr option_addr(unsigned char *opt)
-{
-  return option_addr_arr(opt, 0);
-}
-
 static unsigned int option_uint(unsigned char *opt, int offset, int size)
 {
   /* this worries about unaligned data and byte order */
@@ -1722,31 +1631,6 @@ static unsigned char *find_overload(struct dhcp_packet *mess)
   return NULL;
 }
 
-static void log_tags(struct dhcp_netid *netid, struct dhcp_packet *mess)
-{
-  if (netid && option_bool(OPT_LOG_OPTS))
-    {
-      char *s = daemon->namebuff;
-      for (*s = 0; netid; netid = netid->next)
-	{
-	  /* kill dupes. */
-	  struct dhcp_netid *n;
-	  
-	  for (n = netid->next; n; n = n->next)
-	    if (strcmp(netid->net, n->net) == 0)
-	      break;
-	  
-	  if (!n)
-	    {
-	      strncat (s, netid->net, (MAXDNAME-1) - strlen(s));
-	      if (netid->next)
-		strncat (s, ", ", (MAXDNAME-1) - strlen(s));
-	    }
-	}
-      my_syslog(MS_DHCP | LOG_INFO, _("%u tags: %s"), ntohl(mess->xid), s);
-    } 
-} 
-
 static size_t dhcp_packet_size(struct dhcp_packet *mess, unsigned char *agent_id, unsigned char *real_end)
 {
   unsigned char *p = dhcp_skip_opts(&mess->options[0] + sizeof(u32));
@@ -2041,7 +1925,7 @@ static int prune_vendor_opts(struct dhcp_netid *netid)
   return force;
 }
 
-static struct dhcp_opt *pxe_opts(int pxe_arch, struct dhcp_netid *netid, struct in_addr local)
+static struct dhcp_opt *pxe_opts(int pxe_arch, struct dhcp_netid *netid, struct in_addr local, time_t now)
 {
 #define NUM_OPTS 4  
 
@@ -2098,8 +1982,9 @@ static struct dhcp_opt *pxe_opts(int pxe_arch, struct dhcp_netid *netid, struct
 	    return daemon->dhcp_opts;
 	  }
 	
-	boot_server = service->basename ? local : service->server;
-
+	boot_server = service->basename ? local : 
+	  (service->sname ? a_record_from_hosts(service->sname, now) : service->server);
+	
 	if (boot_server.s_addr != 0)
 	  {
 	    if (q - (unsigned char *)daemon->dhcp_buff3 + 3 + INADDRSZ >= 253)
@@ -2190,7 +2075,7 @@ static void do_options(struct dhcp_context *context,
 		       unsigned char *end, 
 		       unsigned char *req_options,
 		       char *hostname, 
-		       char *domain, char *config_domain,
+		       char *domain,
 		       struct dhcp_netid *netid,
 		       struct in_addr subnet_addr,
 		       unsigned char fqdn_flags,
@@ -2209,65 +2094,22 @@ static void do_options(struct dhcp_context *context,
   struct dhcp_netid *tagif;
   struct dhcp_netid_list *id_list;
 
-  /* flag options which are valid with the current tag set (sans context tags) */
-  tagif = run_tag_if(netid);
-  for (opt = config_opts; opt; opt = opt->next)
-    {
-      opt->flags &= ~DHOPT_TAGOK;
-      if (!(opt->flags & (DHOPT_ENCAPSULATE | DHOPT_VENDOR | DHOPT_RFC3925)) &&
-	  match_netid(opt->netid, tagif, 0))
-	opt->flags |= DHOPT_TAGOK;
-    }
-
-  /* now flag options which are valid, including the context tags,
-     otherwise valid options are inhibited if we found a higher priotity one above */
-  if (context && context->netid.net)
-    {
-      context->netid.next = netid;
-      tagif = run_tag_if(&context->netid);
-      
-      for (opt = config_opts; opt; opt = opt->next)
-	if (!(opt->flags & (DHOPT_ENCAPSULATE | DHOPT_VENDOR | DHOPT_RFC3925 | DHOPT_TAGOK)) &&
-	    match_netid(opt->netid, tagif, 0))
-	  {
-	    struct dhcp_opt *tmp;  
-	    for (tmp = config_opts; tmp; tmp = tmp->next) 
-	      if (tmp->opt == opt->opt && opt->netid && (tmp->flags & DHOPT_TAGOK))
-		break;
-	    if (!tmp)
-	      opt->flags |= DHOPT_TAGOK;
-	  }      
-    }
-  
-  /* now flag untagged options which are not overridden by tagged ones */
-  for (opt = config_opts; opt; opt = opt->next)
-    if (!(opt->flags & (DHOPT_ENCAPSULATE | DHOPT_VENDOR | DHOPT_RFC3925 | DHOPT_TAGOK)) && !opt->netid)
-      {
-	struct dhcp_opt *tmp;  
-	for (tmp = config_opts; tmp; tmp = tmp->next) 
-	  if (tmp->opt == opt->opt && (tmp->flags & DHOPT_TAGOK))
-	    break;
-	if (!tmp)
-	  opt->flags |= DHOPT_TAGOK;
-	else if (!tmp->netid)
-	  my_syslog(MS_DHCP | LOG_WARNING, _("Ignoring duplicate dhcp-option %d"), tmp->opt); 
-      }
+  /* filter options based on tags, those we want get DHOPT_TAGOK bit set */
+  context->netid.next = NULL;
+  tagif = option_filter(netid, context && context->netid.net ? &context->netid : NULL, config_opts);
 	
-  if (config_domain && (!domain || !hostname_isequal(domain, config_domain)))
-    my_syslog(MS_DHCP | LOG_WARNING, _("Ignoring domain %s for DHCP host name %s"), config_domain, hostname);
-  
   /* logging */
   if (option_bool(OPT_LOG_OPTS) && req_options)
     {
       char *q = daemon->namebuff;
       for (i = 0; req_options[i] != OPTION_END; i++)
 	{
-	  char *s = option_string(req_options[i], NULL, NULL);
+	  char *s = option_string(AF_INET, req_options[i], NULL, 0, NULL, 0);
 	  q += snprintf(q, MAXDNAME - (q - daemon->namebuff),
 			"%d%s%s%s", 
 			req_options[i],
-			s ? ":" : "",
-			s ? s : "", 
+			strlen(s) != 0 ? ":" : "",
+			s, 
 			req_options[i+1] == OPTION_END ? "" : ", ");
 	  if (req_options[i+1] == OPTION_END || (q - daemon->namebuff) > 40)
 	    {
@@ -2504,8 +2346,8 @@ static void do_options(struct dhcp_context *context,
 
   /* Now send options to be encapsulated in arbitrary options, 
      eg dhcp-option=encap:172,17,.......
-     Also hand vendor-identifying vendor-encapsulated options,
-     dhcp-option = rfc3925-encap:13,17,.......
+     Also handle vendor-identifying vendor-encapsulated options,
+     dhcp-option = vi-encap:13,17,.......
      The may be more that one "outer" to do, so group
      all the options which match each outer in turn. */
   for (opt = config_opts; opt; opt = opt->next)
@@ -2572,7 +2414,7 @@ static void do_options(struct dhcp_context *context,
   if (context && pxe_arch != -1)
     {
       pxe_misc(mess, end, uuid);
-      config_opts = pxe_opts(pxe_arch, tagif, context->local);
+      config_opts = pxe_opts(pxe_arch, tagif, context->local, now);
     }
 
   if ((force_encap || in_list(req_options, OPTION_VENDOR_CLASS_OPT)) &&

src/tftp.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -57,7 +57,6 @@ void tftp_request(struct listener *listen, time_t now)
   int mtuflag = IP_PMTUDISC_DONT;
 #endif
   char namebuff[IF_NAMESIZE];
-  char pretty_addr[ADDRSTRLEN];
   char *name;
   char *prefix = daemon->tftp_prefix;
   struct tftp_prefix *pref;
@@ -114,7 +113,7 @@ void tftp_request(struct listener *listen, time_t now)
 #if defined(HAVE_LINUX_NETWORK)
       if (listen->family == AF_INET)
 	for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
-	  if (cmptr->cmsg_level == SOL_IP && cmptr->cmsg_type == IP_PKTINFO)
+	  if (cmptr->cmsg_level == IPPROTO_IP && cmptr->cmsg_type == IP_PKTINFO)
 	    {
 	      union {
 		unsigned char *c;
@@ -163,7 +162,7 @@ void tftp_request(struct listener *listen, time_t now)
       if (listen->family == AF_INET6)
         {
           for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
-            if (cmptr->cmsg_level == IPV6_LEVEL && cmptr->cmsg_type == daemon->v6pktinfo)
+            if (cmptr->cmsg_level == IPPROTO_IPV6 && cmptr->cmsg_type == daemon->v6pktinfo)
               {
                 union {
                   unsigned char *c;
@@ -184,10 +183,10 @@ void tftp_request(struct listener *listen, time_t now)
 
 #ifdef HAVE_IPV6
       if (listen->family == AF_INET6)
-	check = iface_check(AF_INET6, (struct all_addr *)&addr.in6.sin6_addr, name, &if_index);
+	check = iface_check(AF_INET6, (struct all_addr *)&addr.in6.sin6_addr, name);
       else
 #endif
-        check = iface_check(AF_INET, (struct all_addr *)&addr.in.sin_addr, name, &if_index);
+        check = iface_check(AF_INET, (struct all_addr *)&addr.in.sin_addr, name);
 
       /* wierd TFTP service override */
       for (ir = daemon->tftp_interfaces; ir; ir = ir->next)
@@ -260,14 +259,14 @@ void tftp_request(struct listener *listen, time_t now)
   transfer->opt_blocksize = transfer->opt_transize = 0;
   transfer->netascii = transfer->carrylf = 0;
  
-  prettyprint_addr(&peer, pretty_addr);
+  prettyprint_addr(&peer, daemon->addrbuff);
   
   /* if we have a nailed-down range, iterate until we find a free one. */
   while (1)
     {
       if (bind(transfer->sockfd, &addr.sa, sa_len(&addr)) == -1 ||
 #if defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DONT)
-	  setsockopt(transfer->sockfd, SOL_IP, IP_MTU_DISCOVER, &mtuflag, sizeof(mtuflag)) == -1 ||
+	  setsockopt(transfer->sockfd, IPPROTO_IP, IP_MTU_DISCOVER, &mtuflag, sizeof(mtuflag)) == -1 ||
 #endif
 	  !fix_fd(transfer->sockfd))
 	{
@@ -298,7 +297,7 @@ void tftp_request(struct listener *listen, time_t now)
       !(filename = next(&p, end)) ||
       !(mode = next(&p, end)) ||
       (strcasecmp(mode, "octet") != 0 && strcasecmp(mode, "netascii") != 0))
-    len = tftp_err(ERR_ILL, packet, _("unsupported request from %s"), pretty_addr);
+    len = tftp_err(ERR_ILL, packet, _("unsupported request from %s"), daemon->addrbuff);
   else
     {
       if (strcasecmp(mode, "netascii") == 0)
@@ -348,7 +347,7 @@ void tftp_request(struct listener *listen, time_t now)
 	      size_t oldlen = strlen(daemon->namebuff);
 	      struct stat statbuf;
 	      
-	      strncat(daemon->namebuff, pretty_addr, (MAXDNAME-1) - strlen(daemon->namebuff));
+	      strncat(daemon->namebuff, daemon->addrbuff, (MAXDNAME-1) - strlen(daemon->namebuff));
 	      strncat(daemon->namebuff, "/", (MAXDNAME-1) - strlen(daemon->namebuff));
 	      
 	      /* remove unique-directory if it doesn't exist */
@@ -478,7 +477,6 @@ void check_tftp_listeners(fd_set *rset, time_t now)
 {
   struct tftp_transfer *transfer, *tmp, **up;
   ssize_t len;
-  char pretty_addr[ADDRSTRLEN];
   
   struct ack {
     unsigned short op, block;
@@ -494,7 +492,7 @@ void check_tftp_listeners(fd_set *rset, time_t now)
 	  /* we overwrote the buffer... */
 	  daemon->srv_save = NULL;
 	   
-	  prettyprint_addr(&transfer->peer, pretty_addr);
+	  prettyprint_addr(&transfer->peer, daemon->addrbuff);
 	  
 	  if ((len = recv(transfer->sockfd, daemon->packet, daemon->packet_buff_sz, 0)) >= (ssize_t)sizeof(struct ack))
 	    {
@@ -526,7 +524,7 @@ void check_tftp_listeners(fd_set *rset, time_t now)
 
 		  my_syslog(MS_TFTP | LOG_ERR, _("error %d %s received from %s"),
 			    (int)ntohs(mess->block), err, 
-			    pretty_addr);	
+			    daemon->addrbuff);	
 		  
 		  /* Got err, ensure we take abort */
 		  transfer->timeout = now;
@@ -557,7 +555,7 @@ void check_tftp_listeners(fd_set *rset, time_t now)
 	      if (len != 0)
 		{
 		  my_syslog(MS_TFTP | LOG_ERR, _("failed sending %s to %s"), 
-			    transfer->file->filename, pretty_addr);
+			    transfer->file->filename, daemon->addrbuff);
 		  len = 0;
 		  endcon = 1;
 		}
@@ -570,7 +568,7 @@ void check_tftp_listeners(fd_set *rset, time_t now)
 	  if (endcon || len == 0)
 	    {
 	      if (!endcon)
-		my_syslog(MS_TFTP | LOG_INFO, _("sent %s to %s"), transfer->file->filename, pretty_addr);
+		my_syslog(MS_TFTP | LOG_INFO, _("sent %s to %s"), transfer->file->filename, daemon->addrbuff);
 	      /* unlink */
 	      *up = tmp;
 	      free_transfer(transfer);

src/util.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2011 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -320,6 +320,48 @@ int is_same_net(struct in_addr a, struct in_addr b, struct in_addr mask)
   return (a.s_addr & mask.s_addr) == (b.s_addr & mask.s_addr);
 } 
 
+#ifdef HAVE_IPV6
+int is_same_net6(struct in6_addr *a, struct in6_addr *b, int prefixlen)
+{
+  int pfbytes = prefixlen >> 3;
+  int pfbits = prefixlen & 7;
+
+  if (memcmp(&a->s6_addr, &b->s6_addr, pfbytes) != 0)
+    return 0;
+
+  if (pfbits == 0 ||
+      (a->s6_addr[pfbytes] >> (8 - pfbits) != b->s6_addr[pfbytes] >> (8 - pfbits)))
+    return 1;
+
+  return 0;
+}
+
+/* return least signigicant 64 bits if IPv6 address */
+u64 addr6part(struct in6_addr *addr)
+{
+  int i;
+  u64 ret = 0;
+
+  for (i = 8; i < 16; i++)
+    ret = (ret << 8) + addr->s6_addr[i];
+
+  return ret;
+}
+
+void setaddr6part(struct in6_addr *addr, u64 host)
+{
+  int i;
+
+  for (i = 15; i >= 8; i--)
+    {
+      addr->s6_addr[i] = host;
+      host = host >> 8;
+    }
+}
+
+#endif
+ 
+
 /* returns port number from address */
 int prettyprint_addr(union mysockaddr *addr, char *buf)
 {
@@ -483,7 +525,7 @@ void bump_maxfd(int fd, int *max)
 int retry_send(void)
 {
    struct timespec waiter;
-   if (errno == EAGAIN)
+   if (errno == EAGAIN || errno == EWOULDBLOCK)
      {
        waiter.tv_sec = 0;
        waiter.tv_nsec = 10000;