Don't send RAs to the wrong place when DAD in progress.

CHANGELOG

@@ -10,6 +10,64 @@ version 2.64
 	    also a match. This allows multiple addresses for a name in 
 	    /etc/hosts with one of them assigned via DHCP.
 
+	    Fix broken vendor-option processing for BOOTP. Thanks to
+	    Hans-Joachim Baader for the bug report.
+
+	    Don't report spurious netlink errors, regression in
+	    2.63. Thanks to Vladislav Grishenko for the patch.
+
+	    Flag DHCP or DHCPv6 in starup logging. Thanks to 
+	    Vladislav Grishenko for the patch.
+
+	    Add SetServersEx method in DBus interface. Thanks to Dan
+	    Williams for the patch.
+
+	    Add SetDomainServers method in DBus interface. Thanks to
+	    Roy Marples for the patch.
+
+	    Fix build with later Lua libraries. Thansk to Cristian
+	    Rodriguez for the patch.
+
+	    Add --max-cache-ttl option. Thanks to Dennis Kaarsemaker
+	    for the patch.
+
+	    Fix breakage of --host-record parsing, resulting in
+	    infinte loop at startup. Regression in 2.63. Thanks to
+	    Haim Gelfenbeyn for spotting this.
+
+	    Set SO_REUSEADDRESS and SO_V6ONLY options on the DHCPv6
+	    socket, this allows multiple instances of dnsmasq on a
+	    single machine, in the same way as for DHCPv4. Thanks to
+	    Gene Czarcinski and Vladislav Grishenko for work on this.
+
+	    Fix DHCPv6 to do access control correctly when it's 
+	    configured with --listen-address. Thanks to
+	    Gene Czarcinski for sorting this out. 
+
+	    Add a "wildcard" dhcp-range which works for any IPv6
+	    subnet, --dhcp-range=::,static Useful for Stateless 
+	    DHCPv6. Thanks to Vladislav Grishenko for the patch.
+
+	    Don't include lease-time in DHCPACK replies to DHCPINFORM
+	    queries, since RFC-2131 says we shouldn't. Thanks to
+	    Wouter Ibens for pointing this out.  
+
+	    Makefile tweak to do dependency checking on header files.
+	    Thanks to Johan Peeters for the patch.
+
+	    Check interface for outgoing unsolicited router 
+	    advertisements, rather than relying on interface address 
+	    configuration. Thanks to Gene Czarinski for the patch.
+
+	    Handle better attempts to transmit on interfaces which are
+	    still doing DAD, and specifically do not just transmit
+	    without setting source address and interface, since this
+	    can cause very puzzling effects when a router
+	    advertisement goes astray. Thanks again to Gene Czarinski.
+
+	    Get RA timers right when there is more than one
+	    dhcp-range on a subnet.
+	    
 
 version 2.63
             Do duplicate dhcp-host address check in --test mode.
@@ -372,7 +430,7 @@ version 2.58
 
 	    Fix regression in TFTP server on *BSD platforms introduced
 	    in version 2.56, due to confusion with sockaddr
-	    length. Many thanks to Loïc Pefferkorn for finding this.
+	    length. Many thanks to Loic Pefferkorn for finding this.
 
 	    Support scope-ids in IPv6 addresses of nameservers from
 	    /etc/resolv.conf and in --server options. Eg

Makefile

@@ -79,7 +79,8 @@ all : $(BUILDDIR)
 
 clean :
 	rm -f *~ $(BUILDDIR)/*.mo contrib/*/*~ */*~ $(BUILDDIR)/*.pot 
-	rm -f $(BUILDDIR)/*.o $(BUILDDIR)/dnsmasq.a $(BUILDDIR)/dnsmasq core */core
+	rm -f $(BUILDDIR)/.configured $(BUILDDIR)/*.o $(BUILDDIR)/dnsmasq.a $(BUILDDIR)/dnsmasq 
+	rm -rf core */core
 
 install : all install-common
 
@@ -113,7 +114,11 @@ $(BUILDDIR):
 	mkdir -p $(BUILDDIR)
 
 
-# rules below are targets in recusive makes with cwd=$(SRC)
+# rules below are targets in recusive makes with cwd=$(BUILDDIR)
+
+.configured: $(hdrs)
+	@rm -f *.o
+	@touch $@
 
 $(objs:.o=.c) $(hdrs):
 	ln -s $(top)/$(SRC)/$@ .
@@ -121,7 +126,7 @@ $(objs:.o=.c) $(hdrs):
 .c.o:
 	$(CC) $(CFLAGS) $(COPTS) $(i18n) $(build_cflags) $(RPM_OPT_FLAGS) -c $<	
 
-dnsmasq : $(hdrs) $(objs) 
+dnsmasq : .configured $(hdrs) $(objs) 
 	$(CC) $(LDFLAGS) -o $@ $(objs) $(build_libs) $(LIBS) 
 
 dnsmasq.pot : $(objs:.o=.c) $(hdrs)

contrib/dbus-test/dbus-test.py

@@ -0,0 +1,43 @@
+#!/usr/bin/python
+import dbus
+
+bus = dbus.SystemBus()
+p = bus.get_object("uk.org.thekelleys.dnsmasq", "/uk/org/thekelleys/dnsmasq")
+l = dbus.Interface(p, dbus_interface="uk.org.thekelleys.dnsmasq")
+
+# The new more flexible SetServersEx method
+array = dbus.Array()
+array.append(["1.2.3.5"])
+array.append(["1.2.3.4#664", "foobar.com"])
+array.append(["1003:1234:abcd::1%eth0", "eng.mycorp.com", "lab.mycorp.com"])
+print l.SetServersEx(array)
+
+# Must create a new object for dnsmasq as the introspection gives the wrong
+# signature for SetServers (av) while the code only expects a bunch of arguments
+# instead of an array of variants
+p = bus.get_object("uk.org.thekelleys.dnsmasq", "/uk/org/thekelleys/dnsmasq", introspect=False)
+l = dbus.Interface(p, dbus_interface="uk.org.thekelleys.dnsmasq")
+
+# The previous method; all addresses in machine byte order
+print l.SetServers(dbus.UInt32(16909060), # 1.2.3.5
+                   dbus.UInt32(16909061), # 1.2.3.4
+                   "foobar.com",
+                   dbus.Byte(0x10),       # 1003:1234:abcd::1
+                   dbus.Byte(0x03),
+                   dbus.Byte(0x12),
+                   dbus.Byte(0x34),
+                   dbus.Byte(0xab),
+                   dbus.Byte(0xcd),
+                   dbus.Byte(0x00),
+                   dbus.Byte(0x00),
+                   dbus.Byte(0x00),
+                   dbus.Byte(0x00),
+                   dbus.Byte(0x00),
+                   dbus.Byte(0x00),
+                   dbus.Byte(0x00),
+                   dbus.Byte(0x00),
+                   dbus.Byte(0x00),
+                   dbus.Byte(0x01),
+                   "eng.mycorp.com",
+                   "lab.mycorp.com")
+

dbus/DBus-interface

@@ -95,6 +95,65 @@ Each call to SetServers completely replaces the set of servers
 specified by via the DBus, but it leaves any servers specified via the
 command line or /etc/dnsmasq.conf or /etc/resolv.conf alone.
 
+SetServersEx
+------------
+
+This function is more flexible and the SetServers function, in that it can
+handle address scoping, port numbers, and is easier for clients to use.
+
+Returns nothing. Takes a set of arguments representing the new
+upstream DNS servers to be used by dnsmasq. All addresses (both IPv4 and IPv6)
+are represented as STRINGS.  Each server address may be followed by one or more
+STRINGS, which are the domains for which the preceding server should be used.
+
+This function takes an array of STRING arrays, where each inner array represents
+a set of DNS servers and domains for which those servers may be used.  Each
+string represents a list of upstream DNS servers first, and domains second.
+Mixing of domains and servers within a the string array is not allowed.
+
+Examples.
+
+[
+  ["1.2.3.4", "foobar.com"],
+  ["1003:1234:abcd::1%eth0", "eng.mycorp.com", "lab.mycorp.com"]
+]
+
+is equivalent to
+
+--server=/foobar.com/1.2.3.4 \
+  --server=/eng.mycorp.com/lab.mycorp.com/1003:1234:abcd::1%eth0
+
+An IPv4 address of 0.0.0.0 is interpreted as "no address, local only",
+so
+
+[ ["0.0.0.0", "local.domain"] ]
+
+is equivalent to
+
+--local=/local.domain/
+
+
+Each call to SetServersEx completely replaces the set of servers
+specified by via the DBus, but it leaves any servers specified via the
+command line or /etc/dnsmasq.conf or /etc/resolv.conf alone.
+
+
+SetDomainServers
+----------------
+
+Yes another variation for setting DNS servers, with the capability of
+SetServersEx, but without using arrays of arrays, which are not
+sendable with dbus-send. The arguments are an array of strings which
+are identical to the equivalent arguments --server, so the example
+for SetServersEx is represented as
+
+[
+  "/foobar.com/1.2.3.4"
+  "/eng.mycorp.com/lab.mycorp.com/1003:1234:abcd::1%eth0"
+]
+
+
+
 2. SIGNALS
 ----------
 

debian/changelog

@@ -2,7 +2,19 @@ dnsmasq (2.64-1) unstable; urgency=low
 
    * New upstream.
 
- -- Simon Kelley <simon@thekelleys.org.uk>  Tue, 28 Aug 2012 16:19:15 +0000
+ -- Simon Kelley <simon@thekelleys.org.uk>  Fri, 21 Sep 2012 17:17:22 +0000
+
+dnsmasq (2.63-4) unstable; urgency=low
+
+   * Make pid-file creation immune to symlink attacks. (closes: #686484)
+
+ -- Simon Kelley <simon@thekelleys.org.uk>  Fri, 21 Sep 2012 17:16:34 +0000
+
+dnsmasq (2.63-3) unstable; urgency=low
+
+   * Move adduser dependency to dnsmasq-base. (closes: #686694)
+
+ -- Simon Kelley <simon@thekelleys.org.uk>  Tue, 4 Sep 2012 21:44:15 +0000
 
 dnsmasq (2.63-2) unstable; urgency=low
 

debian/control

@@ -7,7 +7,7 @@ Standards-Version: 3.9.3
 
 Package: dnsmasq
 Architecture: all
-Depends: netbase, adduser, dnsmasq-base(>= ${source:Version})
+Depends: netbase, dnsmasq-base(>= ${source:Version})
 Suggests: resolvconf
 Conflicts: resolvconf (<<1.15)
 Description: Small caching DNS proxy and DHCP/TFTP server
@@ -22,7 +22,7 @@ Description: Small caching DNS proxy and DHCP/TFTP server
 
 Package: dnsmasq-base
 Architecture: any
-Depends: ${shlibs:Depends}
+Depends: adduser, ${shlibs:Depends}
 Breaks: dnsmasq (<< 2.63-1~)
 Replaces: dnsmasq (<< 2.63-1~)
 Description: Small caching DNS proxy and DHCP/TFTP server

dnsmasq.conf.example

@@ -480,7 +480,7 @@
 #tftp-no-blocksize
 
 # Set the boot file name only when the "red" tag is set.
-#dhcp-boot=net:red,pxelinux.red-net
+#dhcp-boot=tag:red,pxelinux.red-net
 
 # An example of dhcp-boot with an external TFTP server: the name and IP
 # address of the server are given after the filename.
@@ -621,6 +621,6 @@
 # Log lots of extra information about DHCP transactions.
 #log-dhcp
 
-# Include a another lot of configuration options.
+# Include another lot of configuration options.
 #conf-file=/etc/dnsmasq.more.conf
 #conf-dir=/etc/dnsmasq.d

man/dnsmasq.8

@@ -71,6 +71,9 @@ maximum TTL will be given to clients instead of the true TTL value if it is
 lower. The true TTL value is however kept in the cache to avoid flooding 
 the upstream DNS servers.
 .TP
+.B --max-cache-ttl=<time>
+Set a maximum TTL value for entries in the cache.
+.TP
 .B \-k, --keep-in-foreground
 Do not go into the background at startup but otherwise run as
 normal. This is intended for use when dnsmasq is run under daemontools
@@ -80,7 +83,9 @@ or launchd.
 Debug mode: don't fork to the background, don't write a pid file,
 don't change user id, generate a complete cache dump on receipt on
 SIGUSR1, log to stderr as well as syslog, don't fork new processes
-to handle TCP queries.
+to handle TCP queries. Note that this option is for use in debugging
+only, to stop dnsmasq daemonising in production, use 
+.B -k.
 .TP
 .B \-q, --log-queries
 Log the results of DNS queries handled by dnsmasq. Enable a full cache dump on receipt of SIGUSR1.
@@ -581,7 +586,11 @@ which tells dnsmasq to enable DHCP for the network specified, but not
 to dynamically allocate IP addresses: only hosts which have static
 addresses given via 
 .B dhcp-host
-or from /etc/ethers will be served. 
+or from /etc/ethers will be served. A static-only subnet with address
+all zeros may be used as a "catch-all" address to enable replies to all
+Information-request packets on a subnet which is provided with
+stateless DHCPv6, ie
+.B --dhcp=range=::,static
 
 For IPv4, the <mode> may be 
 .B proxy

src/cache.c

@@ -371,6 +371,9 @@ struct crec *cache_insert(char *name, struct all_addr *addr,
   int freed_all = flags & F_REVERSE;
   int free_avail = 0;
 
+  if(daemon->max_cache_ttl < ttl)
+    ttl = daemon->max_cache_ttl;
+
   /* Don't log keys */
   if (flags & (F_IPV4 | F_IPV6))
     log_query(flags | F_UPSTREAM, name, addr, NULL);

src/dbus.c

@@ -38,6 +38,12 @@ const char* introspection_xml_template =
 "    <method name=\"SetServers\">\n"
 "      <arg name=\"servers\" direction=\"in\" type=\"av\"/>\n"
 "    </method>\n"
+"    <method name=\"SetDomainServers\">\n"
+"      <arg name=\"servers\" direction=\"in\" type=\"as\"/>\n"
+"    </method>\n"
+"    <method name=\"SetServersEx\">\n"
+"      <arg name=\"servers\" direction=\"in\" type=\"aas\"/>\n"
+"    </method>\n"
 "    <signal name=\"DhcpLeaseAdded\">\n"
 "      <arg name=\"ipaddr\" type=\"s\"/>\n"
 "      <arg name=\"hwaddr\" type=\"s\"/>\n"
@@ -99,20 +105,118 @@ static void remove_watch(DBusWatch *watch, void *data)
   w = data; /* no warning */
 }
 
-static void dbus_read_servers(DBusMessage *message)
+static void add_update_server(union mysockaddr *addr,
+                              union mysockaddr *source_addr,
+			      const char *interface,
+                              const char *domain)
+{
+  struct server *serv;
+
+  /* See if there is a suitable candidate, and unmark */
+  for (serv = daemon->servers; serv; serv = serv->next)
+    if ((serv->flags & SERV_FROM_DBUS) &&
+       (serv->flags & SERV_MARK))
+      {
+	if (domain)
+	  {
+	    if (!(serv->flags & SERV_HAS_DOMAIN) || !hostname_isequal(domain, serv->domain))
+	      continue;
+	  }
+	else
+	  {
+	    if (serv->flags & SERV_HAS_DOMAIN)
+	      continue;
+	  }
+	
+	serv->flags &= ~SERV_MARK;
+
+        break;
+      }
+  
+  if (!serv && (serv = whine_malloc(sizeof (struct server))))
+    {
+      /* Not found, create a new one. */
+      memset(serv, 0, sizeof(struct server));
+      
+      if (domain && !(serv->domain = whine_malloc(strlen(domain)+1)))
+	{
+	  free(serv);
+          serv = NULL;
+        }
+      else
+        {
+	  serv->next = daemon->servers;
+	  daemon->servers = serv;
+	  serv->flags = SERV_FROM_DBUS;
+	  if (domain)
+	    {
+	      strcpy(serv->domain, domain);
+	      serv->flags |= SERV_HAS_DOMAIN;
+	    }
+	}
+    }
+  
+  if (serv)
+    {
+      if (interface)
+	strcpy(serv->interface, interface);
+      else
+	serv->interface[0] = 0;
+            
+      if (source_addr->in.sin_family == AF_INET &&
+          addr->in.sin_addr.s_addr == 0 &&
+          serv->domain)
+        serv->flags |= SERV_NO_ADDR;
+      else
+        {
+          serv->flags &= ~SERV_NO_ADDR;
+          serv->addr = *addr;
+          serv->source_addr = *source_addr;
+        }
+    }
+}
+
+static void mark_dbus(void)
+{
+  struct server *serv;
+
+  /* mark everything from DBUS */
+  for (serv = daemon->servers; serv; serv = serv->next)
+    if (serv->flags & SERV_FROM_DBUS)
+      serv->flags |= SERV_MARK;
+}
+
+static void cleanup_dbus()
 {
   struct server *serv, *tmp, **up;
+
+  /* unlink and free anything still marked. */
+  for (serv = daemon->servers, up = &daemon->servers; serv; serv = tmp) 
+    {
+      tmp = serv->next;
+      if (serv->flags & SERV_MARK)
+       {
+         server_gone(serv);
+         *up = serv->next;
+         if (serv->domain)
+	   free(serv->domain);
+	 free(serv);
+       }
+      else 
+       up = &serv->next;
+    }
+}
+
+static void dbus_read_servers(DBusMessage *message)
+{
   DBusMessageIter iter;
   union  mysockaddr addr, source_addr;
   char *domain;
   
   dbus_message_iter_init(message, &iter);
-  
-  /* mark everything from DBUS */
-  for (serv = daemon->servers; serv; serv = serv->next)
-    if (serv->flags & SERV_FROM_DBUS)
-      serv->flags |= SERV_MARK;
-  
+
+  mark_dbus();
+
   while (1)
     {
       int skip = 0;
@@ -171,6 +275,7 @@ static void dbus_read_servers(DBusMessage *message)
 	/* At the end */
 	break;
       
+      /* process each domain */
       do {
 	if (dbus_message_iter_get_arg_type(&iter) == DBUS_TYPE_STRING)
 	  {
@@ -181,83 +286,183 @@ static void dbus_read_servers(DBusMessage *message)
 	  domain = NULL;
 	
 	if (!skip)
-	  {
-	    /* See if this is already there, and unmark */
-	    for (serv = daemon->servers; serv; serv = serv->next)
-	      if ((serv->flags & SERV_FROM_DBUS) &&
-		  (serv->flags & SERV_MARK))
-		{
-		  if (!(serv->flags & SERV_HAS_DOMAIN) && !domain)
-		    {
-		      serv->flags &= ~SERV_MARK;
-		      break;
-		    }
-		  if ((serv->flags & SERV_HAS_DOMAIN) && 
-		      domain &&
-		      hostname_isequal(domain, serv->domain))
-		    {
-		      serv->flags &= ~SERV_MARK;
-		      break;
-		    }
-		}
-	    
-	    if (!serv && (serv = whine_malloc(sizeof (struct server))))
-	      {
-		/* Not found, create a new one. */
-		memset(serv, 0, sizeof(struct server));
-		
-		if (domain)
-		  serv->domain = whine_malloc(strlen(domain)+1);
-		
-		if (domain && !serv->domain)
-		  {
-		    free(serv);
-		    serv = NULL;
-		  }
-		else
-		  {
-		    serv->next = daemon->servers;
-		    daemon->servers = serv;
-		    serv->flags = SERV_FROM_DBUS;
-		    if (domain)
-		      {
-			strcpy(serv->domain, domain);
-			serv->flags |= SERV_HAS_DOMAIN;
-		      }
-		  }
-	      }
-
-	    if (serv)
-	      {
-		if (source_addr.in.sin_family == AF_INET &&
-		    addr.in.sin_addr.s_addr == 0 &&
-		    serv->domain)
-		  serv->flags |= SERV_NO_ADDR;
-		else
-		  {
-		    serv->flags &= ~SERV_NO_ADDR;
-		    serv->addr = addr;
-		    serv->source_addr = source_addr;
-		  }
-	      }
-	  }
-	} while (dbus_message_iter_get_arg_type(&iter) == DBUS_TYPE_STRING);
+	  add_update_server(&addr, &source_addr, NULL, domain);
+     
+      } while (dbus_message_iter_get_arg_type(&iter) == DBUS_TYPE_STRING); 
     }
-  
+   
   /* unlink and free anything still marked. */
-  for (serv = daemon->servers, up = &daemon->servers; serv; serv = tmp) 
+  cleanup_dbus();
+}
+
+static DBusMessage* dbus_read_servers_ex(DBusMessage *message, int strings)
+{
+  DBusMessageIter iter, array_iter, string_iter;
+  DBusMessage *error = NULL;
+  const char *addr_err;
+  char *dup = NULL;
+  
+  my_syslog(LOG_INFO, _("setting upstream servers from DBus"));
+  
+  if (!dbus_message_iter_init(message, &iter))
     {
-      tmp = serv->next;
-      if (serv->flags & SERV_MARK)
-	{
-	  server_gone(serv);
-	  *up = serv->next;
-	  free(serv);
-	}
-      else 
-	up = &serv->next;
+      return dbus_message_new_error(message, DBUS_ERROR_INVALID_ARGS,
+                                    "Failed to initialize dbus message iter");
     }
 
+  /* check that the message contains an array of arrays */
+  if ((dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY) ||
+      (dbus_message_iter_get_element_type(&iter) != (strings ? DBUS_TYPE_STRING : DBUS_TYPE_ARRAY)))
+    {
+      return dbus_message_new_error(message, DBUS_ERROR_INVALID_ARGS,
+                                    strings ? "Expected array of string" : "Expected array of string arrays");
+     }
+ 
+  mark_dbus();
+
+  /* array_iter points to each "as" element in the outer array */
+  dbus_message_iter_recurse(&iter, &array_iter);
+  while (dbus_message_iter_get_arg_type(&array_iter) != DBUS_TYPE_INVALID)
+    {
+      const char *str = NULL;
+      union  mysockaddr addr, source_addr;
+      char interface[IF_NAMESIZE];
+      char *str_addr, *str_domain = NULL;
+
+      if (strings)
+	{
+	  dbus_message_iter_get_basic(&array_iter, &str);
+	  if (!str || !strlen (str))
+	    {
+	      error = dbus_message_new_error(message, DBUS_ERROR_INVALID_ARGS,
+					     "Empty string");
+	      break;
+	    }
+	  
+	  /* dup the string because it gets modified during parsing */
+	  if (!(dup = str_domain = whine_malloc(strlen(str)+1)))
+	    break;
+
+	  strcpy(str_domain, str);
+
+	  /* point to address part of old string for error message */
+	  if ((str_addr = strrchr(str, '/')))
+	    str = str_addr+1;
+	  
+	  if ((str_addr = strrchr(str_domain, '/')))
+	    {
+	      if (*str_domain != '/' || str_addr == str_domain)
+		{
+		  error = dbus_message_new_error_printf(message,
+							DBUS_ERROR_INVALID_ARGS,
+							"No domain terminator '%s'",
+							str);
+		  break;
+		}
+	      *str_addr++ = 0;
+	      str_domain++;
+	    }
+	  else
+	    {
+	      str_addr = str_domain;
+	      str_domain = NULL;
+	    }
+
+	  
+	}
+      else
+	{
+	  /* check the types of the struct and its elements */
+	  if ((dbus_message_iter_get_arg_type(&array_iter) != DBUS_TYPE_ARRAY) ||
+	      (dbus_message_iter_get_element_type(&array_iter) != DBUS_TYPE_STRING))
+	    {
+	      error = dbus_message_new_error(message, DBUS_ERROR_INVALID_ARGS,
+					     "Expected inner array of strings");
+	      break;
+	    }
+	  
+	  /* string_iter points to each "s" element in the inner array */
+	  dbus_message_iter_recurse(&array_iter, &string_iter);
+	  if (dbus_message_iter_get_arg_type(&string_iter) != DBUS_TYPE_STRING)
+	    {
+	      /* no IP address given */
+	      error = dbus_message_new_error(message, DBUS_ERROR_INVALID_ARGS,
+					     "Expected IP address");
+	      break;
+	    }
+	  
+	  dbus_message_iter_get_basic(&string_iter, &str);
+	  if (!str || !strlen (str))
+	    {
+	      error = dbus_message_new_error(message, DBUS_ERROR_INVALID_ARGS,
+					     "Empty IP address");
+	      break;
+	    }
+	  
+	  /* dup the string because it gets modified during parsing */
+	  if (!(dup = str_addr = whine_malloc(strlen(str)+1)))
+	    break;
+	   
+	  strcpy(str_addr, str);
+	}
+
+      memset(&addr, 0, sizeof(addr));
+      memset(&source_addr, 0, sizeof(source_addr));
+      memset(&interface, 0, sizeof(interface));
+
+      /* parse the IP address */
+      addr_err = parse_server(str_addr, &addr, &source_addr, (char *) &interface, NULL);
+
+      if (addr_err)
+        {
+          error = dbus_message_new_error_printf(message, DBUS_ERROR_INVALID_ARGS,
+                                                "Invalid IP address '%s': %s",
+                                                str, addr_err);
+          break;
+        }
+
+      if (strings)
+	{
+	  char *p;
+	  
+	  do {
+	    if (str_domain)
+	      {
+		if ((p = strchr(str_domain, '/')))
+		  *p++ = 0;
+	      }
+	    else 
+	      p = NULL;
+	    
+	    add_update_server(&addr, &source_addr, interface, str_domain);
+	  } while ((str_domain = p));
+	}
+      else
+	{
+	  /* jump past the address to the domain list (if any) */
+	  dbus_message_iter_next (&string_iter);
+	  
+	  /* parse domains and add each server/domain pair to the list */
+	  do {
+	    str = NULL;
+	    if (dbus_message_iter_get_arg_type(&string_iter) == DBUS_TYPE_STRING)
+	      dbus_message_iter_get_basic(&string_iter, &str);
+	    dbus_message_iter_next (&string_iter);
+	    
+	    add_update_server(&addr, &source_addr, interface, str);
+	  } while (dbus_message_iter_get_arg_type(&string_iter) == DBUS_TYPE_STRING);
+	}
+	 
+      /* jump to next element in outer array */
+      dbus_message_iter_next(&array_iter);
+    }
+
+  cleanup_dbus();
+
+  if (dup)
+    free(dup);
+
+  return error;
 }
 
 DBusHandlerResult message_handler(DBusConnection *connection, 
@@ -265,11 +470,10 @@ DBusHandlerResult message_handler(DBusConnection *connection,
 				  void *user_data)
 {
   char *method = (char *)dbus_message_get_member(message);
-   
+  DBusMessage *reply = NULL;
+    
   if (dbus_message_is_method_call(message, DBUS_INTERFACE_INTROSPECTABLE, "Introspect"))
     {
-      DBusMessage *reply;
-
       /* string length: "%s" provides space for termination zero */
       if (!introspection_xml && 
 	  (introspection_xml = whine_malloc(strlen(introspection_xml_template) + strlen(daemon->dbus_name))))
@@ -278,20 +482,15 @@ DBusHandlerResult message_handler(DBusConnection *connection,
       if (introspection_xml)
 	{
 	  reply = dbus_message_new_method_return(message);
-	  
 	  dbus_message_append_args(reply, DBUS_TYPE_STRING, &introspection_xml, DBUS_TYPE_INVALID);
-	  dbus_connection_send (connection, reply, NULL);
-	  dbus_message_unref (reply);
 	}
     }
   else if (strcmp(method, "GetVersion") == 0)
     {
       char *v = VERSION;
-      DBusMessage *reply = dbus_message_new_method_return(message);
+      reply = dbus_message_new_method_return(message);
       
       dbus_message_append_args(reply, DBUS_TYPE_STRING, &v, DBUS_TYPE_INVALID);
-      dbus_connection_send (connection, reply, NULL);
-      dbus_message_unref (reply);
     }
   else if (strcmp(method, "SetServers") == 0)
     {
@@ -299,6 +498,16 @@ DBusHandlerResult message_handler(DBusConnection *connection,
       dbus_read_servers(message);
       check_servers();
     }
+  else if (strcmp(method, "SetServersEx") == 0)
+    {
+      reply = dbus_read_servers_ex(message, 0);
+      check_servers();
+    }
+  else if (strcmp(method, "SetDomainServers") == 0)
+    {
+      reply = dbus_read_servers_ex(message, 1);
+      check_servers();
+    }
   else if (strcmp(method, "ClearCache") == 0)
     clear_cache_and_reload(dnsmasq_time());
   else
@@ -306,8 +515,17 @@ DBusHandlerResult message_handler(DBusConnection *connection,
   
   method = user_data; /* no warning */
 
+  /* If no reply or no error, return nothing */
+  if (!reply)
+    reply = dbus_message_new_method_return(message);
+
+  if (reply)
+    {
+      dbus_connection_send (connection, reply, NULL);
+      dbus_message_unref (reply);
+    }
+
   return (DBUS_HANDLER_RESULT_HANDLED);
- 
 }
  
 

src/dhcp-common.c

@@ -255,7 +255,7 @@ void dhcp_update_configs(struct dhcp_config *configs)
      in at most one dhcp-host. Since /etc/hosts can be re-read by SIGHUP, 
      restore the status-quo ante first. */
   
-  struct dhcp_config *config;
+  struct dhcp_config *config, *conf_tmp;
   struct crec *crec;
   int prot = AF_INET;
 
@@ -297,7 +297,8 @@ void dhcp_update_configs(struct dhcp_config *configs)
 			config->hostname, daemon->addrbuff);
 	      }
 	    
-	    if (prot == AF_INET && !config_find_by_address(configs, crec->addr.addr.addr.addr4))
+	    if (prot == AF_INET && 
+		(!(conf_tmp = config_find_by_address(configs, crec->addr.addr.addr.addr4)) || conf_tmp == config))
 	      {
 		config->addr = crec->addr.addr.addr.addr4;
 		config->flags |= CONFIG_ADDR | CONFIG_ADDR_HOSTS;
@@ -305,7 +306,8 @@ void dhcp_update_configs(struct dhcp_config *configs)
 	      }
 
 #ifdef HAVE_DHCP6
-	    if (prot == AF_INET6 && !config_find_by_address6(configs, &crec->addr.addr.addr.addr6, 128, 0))
+	    if (prot == AF_INET6 && 
+		(!(conf_tmp = config_find_by_address6(configs, &crec->addr.addr.addr.addr6, 128, 0)) || conf_tmp == config))
 	      {
 		memcpy(&config->addr6, &crec->addr.addr.addr.addr6, IN6ADDRSZ);
 		config->flags |= CONFIG_ADDR6 | CONFIG_ADDR_HOSTS;
@@ -418,7 +420,7 @@ void bindtodevice(int fd)
      SO_BINDTODEVICE is only available Linux. */
   
   struct irec *iface, *found;
-
+  
   for (found = NULL, iface = daemon->interfaces; iface; iface = iface->next)
     if (iface->dhcp_ok)
       {
@@ -433,14 +435,14 @@ void bindtodevice(int fd)
       }
   
   if (found)
-	{
-	  struct ifreq ifr;
-	  strcpy(ifr.ifr_name, found->name);
-	  /* only allowed by root. */
-	  if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr)) == -1 &&
-	      errno != EPERM)
-	    die(_("failed to set SO_BINDTODEVICE on DHCP socket: %s"), NULL, EC_BADNET);
-	}
+    {
+      struct ifreq ifr;
+      strcpy(ifr.ifr_name, found->name);
+      /* only allowed by root. */
+      if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr)) == -1 &&
+	  errno != EPERM)
+	die(_("failed to set SO_BINDTODEVICE on DHCP socket: %s"), NULL, EC_BADNET);
+    }
 }
 #endif
 

src/dhcp6.c

@@ -21,7 +21,7 @@
 struct iface_param {
   struct dhcp_context *current;
   struct in6_addr fallback;
-  int ind;
+  int ind, addr_match;
 };
 
 static int complete_context6(struct in6_addr *local,  int prefix,
@@ -36,15 +36,31 @@ void dhcp6_init(void)
 #if defined(IPV6_TCLASS) && defined(IPTOS_CLASS_CS6)
   int class = IPTOS_CLASS_CS6;
 #endif
-  
+  int oneopt = 1;
+
   if ((fd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP)) == -1 ||
 #if defined(IPV6_TCLASS) && defined(IPTOS_CLASS_CS6)
       setsockopt(fd, IPPROTO_IPV6, IPV6_TCLASS, &class, sizeof(class)) == -1 ||
 #endif
+      setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &oneopt, sizeof(oneopt)) == -1 ||
       !fix_fd(fd) ||
       !set_ipv6pktinfo(fd))
     die (_("cannot create DHCPv6 socket: %s"), NULL, EC_BADNET);
   
+  /* When bind-interfaces is set, there might be more than one dnmsasq
+     instance binding port 547. That's OK if they serve different networks.
+     Need to set REUSEADDR to make this posible, or REUSEPORT on *BSD. */
+  if (option_bool(OPT_NOWILD) || option_bool(OPT_CLEVERBIND))
+    {
+#ifdef SO_REUSEPORT
+      int rc = setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &oneopt, sizeof(oneopt));
+#else
+      int rc = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &oneopt, sizeof(oneopt));
+#endif
+      if (rc == -1)
+	die(_("failed to set SO_REUSE{ADDR|PORT} on DHCPv6 socket: %s"), NULL, EC_BADNET);
+    }
+  
   memset(&saddr, 0, sizeof(saddr));
 #ifdef HAVE_SOCKADDR_SA_LEN
   saddr.sin6_len = sizeof(struct sockaddr_in6);
@@ -71,7 +87,6 @@ void dhcp6_packet(time_t now)
     char control6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
   } control_u;
   struct sockaddr_in6 from;
-  struct all_addr dest;
   ssize_t sz; 
   struct ifreq ifr;
   struct iname *tmp;
@@ -98,33 +113,52 @@ void dhcp6_packet(time_t now)
 	p.c = CMSG_DATA(cmptr);
         
 	if_index = p.p->ipi6_ifindex;
-	dest.addr.addr6 = p.p->ipi6_addr;
       }
 
   if (!indextoname(daemon->dhcp6fd, if_index, ifr.ifr_name))
     return;
     
-  if (!iface_check(AF_INET6, (struct all_addr *)&dest, ifr.ifr_name))
-    return;
-  
+  for (tmp = daemon->if_except; tmp; tmp = tmp->next)
+    if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
+      return;
+
   for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
     if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
       return;
  
-  /* unlinked contexts are marked by context->current == context */
-  for (context = daemon->dhcp6; context; context = context->next)
-    {
-      context->current = context;
-      memset(&context->local6, 0, IN6ADDRSZ);
-    }
-
   parm.current = NULL;
   parm.ind = if_index;
+  parm.addr_match = 0;
   memset(&parm.fallback, 0, IN6ADDRSZ);
+
+  for (context = daemon->dhcp6; context; context = context->next)
+    if (IN6_IS_ADDR_UNSPECIFIED(&context->start6) && context->prefix == 0)
+      {
+	/* wildcard context for DHCP-stateless only */
+	parm.current = context;
+	context->current = NULL;
+      }
+    else
+      {
+	/* unlinked contexts are marked by context->current == context */
+	context->current = context;
+	memset(&context->local6, 0, IN6ADDRSZ);
+      }
   
   if (!iface_enumerate(AF_INET6, &parm, complete_context6))
     return;
   
+  if (daemon->if_names || daemon->if_addrs)
+    {
+      
+      for (tmp = daemon->if_names; tmp; tmp = tmp->next)
+	if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
+	  break;
+
+      if (!tmp && !parm.addr_match)
+	return;
+    }
+
   lease_prune(NULL, now); /* lose any expired leases */
 
   port = dhcp6_reply(parm.current, if_index, ifr.ifr_name, &parm.fallback, 
@@ -151,15 +185,23 @@ static int complete_context6(struct in6_addr *local,  int prefix,
 {
   struct dhcp_context *context;
   struct iface_param *param = vparam;
-
+  struct iname *tmp;
+ 
   (void)scope; /* warning */
   (void)dad;
-  
+      
   if (if_index == param->ind &&
       !IN6_IS_ADDR_LOOPBACK(local) &&
       !IN6_IS_ADDR_LINKLOCAL(local) &&
       !IN6_IS_ADDR_MULTICAST(local))
     {
+      /* if we have --listen-address config, see if the 
+	 arrival interface has a matching address. */
+      for (tmp = daemon->if_addrs; tmp; tmp = tmp->next)
+	if (tmp->addr.sa.sa_family == AF_INET6 &&
+	    IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr, local))
+	  param->addr_match = 1;
+      
       /* Determine a globally address on the arrival interface, even
 	 if we have no matching dhcp-context, because we're only
 	 allocating on remote subnets via relays. This
@@ -323,14 +365,21 @@ struct dhcp_context *narrow_context6(struct dhcp_context *context,
   return tmp;
 }
 
-static int is_addr_in_context6(struct dhcp_context *context, struct dhcp_config *config)
+static int is_config_in_context6(struct dhcp_context *context, struct dhcp_config *config)
 {
   if (!context) /* called via find_config() from lease_update_from_configs() */
     return 1; 
-  if (!(config->flags & CONFIG_ADDR6))
+  if (!(config->flags & CONFIG_ADDR6) || is_addr_in_context6(context, &config->addr6))
     return 1;
+  
+  return 0;
+}
+
+
+int is_addr_in_context6(struct dhcp_context *context, struct in6_addr *addr)
+{
   for (; context; context = context->current)
-    if (is_same_net6(&config->addr6, &context->start6, context->prefix))
+    if (is_same_net6(addr, &context->start6, context->prefix))
       return 1;
   
   return 0;
@@ -350,7 +399,7 @@ struct dhcp_config *find_config6(struct dhcp_config *configs,
 	{
 	  if (config->clid_len == duid_len && 
 	      memcmp(config->clid, duid, duid_len) == 0 &&
-	      is_addr_in_context6(context, config))
+	      is_config_in_context6(context, config))
 	    return config;
 	}
     
@@ -358,7 +407,7 @@ struct dhcp_config *find_config6(struct dhcp_config *configs,
     for (config = configs; config; config = config->next)
       if ((config->flags & CONFIG_NAME) && 
           hostname_isequal(config->hostname, hostname) &&
-          is_addr_in_context6(context, config))
+          is_config_in_context6(context, config))
         return config;
 
   return NULL;

src/dnsmasq.c

@@ -383,15 +383,48 @@ int main (int argc, char **argv)
       /* write pidfile _after_ forking ! */
       if (daemon->runfile)
 	{
-	  FILE *pidfile;
+	  int fd, err = 0;
+
+	  sprintf(daemon->namebuff, "%d\n", (int) getpid());
+
+	  /* Explanation: Some installations of dnsmasq (eg Debian/Ubuntu) locate the pid-file
+	     in a directory which is writable by the non-privileged user that dnsmasq runs as. This
+	     allows the daemon to delete the file as part of its shutdown. This is a security hole to the 
+	     extent that an attacker running as the unprivileged  user could replace the pidfile with a 
+	     symlink, and have the target of that symlink overwritten as root next time dnsmasq starts. 
+
+	     The folowing code first deletes any existing file, and then opens it with the O_EXCL flag,
+	     ensuring that the open() fails should there be any existing file (because the unlink() failed, 
+	     or an attacker exploited the race between unlink() and open()). This ensures that no symlink
+	     attack can succeed. 
+
+	     Any compromise of the non-privileged user still theoretically allows the pid-file to be
+	     replaced whilst dnsmasq is running. The worst that could allow is that the usual 
+	     "shutdown dnsmasq" shell command could be tricked into stopping any other process.
+
+	     Note that if dnsmasq is started as non-root (eg for testing) it silently ignores 
+	     failure to write the pid-file.
+	  */
+
+	  unlink(daemon->runfile); 
 	  
-	  /* only complain if started as root */
-	  if ((pidfile = fopen(daemon->runfile, "w")))
+	  if ((fd = open(daemon->runfile, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH)) == -1)
 	    {
-	      fprintf(pidfile, "%d\n", (int) getpid());
-	      fclose(pidfile);
+	      /* only complain if started as root */
+	      if (getuid() == 0)
+		err = 1;
 	    }
-	  else if (getuid() == 0)
+	  else
+	    {
+	      if (!read_write(fd, (unsigned char *)daemon->namebuff, strlen(daemon->namebuff), 0))
+		err = 1;
+	      
+	      while (!err && close(fd) == -1)
+		if (!retry_send())
+		  err = 1;
+	    }
+
+	  if (err)
 	    {
 	      send_event(err_pipe[1], EVENT_PIDFILE, errno, daemon->runfile);
 	      _exit(0);
@@ -607,7 +640,7 @@ int main (int argc, char **argv)
 	      end = &dhcp_tmp->end6;
 	      struct in6_addr subnet = dhcp_tmp->start6;
 	      setaddr6part(&subnet, 0);
-	      inet_ntop(AF_INET6, &subnet, daemon->addrbuff, 256);
+	      inet_ntop(AF_INET6, &subnet, daemon->dhcp_buff2, 256);
 	    }
 #endif
 	  
@@ -620,24 +653,23 @@ int main (int argc, char **argv)
 	      prettyprint_time(p, dhcp_tmp->lease_time);
 	    }
 	  
-	  if (daemon->dhcp_buff)
-	    inet_ntop(family, start, daemon->dhcp_buff, 256);
-	  if (daemon->dhcp_buff3)
-	    inet_ntop(family, end, daemon->dhcp_buff3, 256);
+	  inet_ntop(family, start, daemon->dhcp_buff, 256);
+	  inet_ntop(family, end, daemon->dhcp_buff3, 256);
 	  if ((dhcp_tmp->flags & CONTEXT_DHCP) || family == AF_INET) 
 	    my_syslog(MS_DHCP | LOG_INFO, 
 		      (dhcp_tmp->flags & CONTEXT_RA_STATELESS) ? 
-		      _("stateless DHCPv6 on %s%.0s%.0s") :
+		      _("%s stateless on %s%.0s%.0s") :
 		      (dhcp_tmp->flags & CONTEXT_STATIC) ? 
-		      _("DHCP, static leases only on %.0s%s, %s") :
+		      _("%s, static leases only on %.0s%s, %s") :
 		      (dhcp_tmp->flags & CONTEXT_PROXY) ?
-		      _("DHCP, proxy on subnet %.0s%s%.0s") :
-		      _("DHCP, IP range %s -- %s, %s"),
+		      _("%s, proxy on subnet %.0s%s%.0s") :
+		      _("%s, IP range %s -- %s, %s"),
+		      (family != AF_INET) ? "DHCPv6" : "DHCP",
 		      daemon->dhcp_buff, daemon->dhcp_buff3, daemon->namebuff);
 
 	  if (dhcp_tmp->flags & CONTEXT_RA_NAME)
 	    my_syslog(MS_DHCP | LOG_INFO, _("DHCPv4-derived IPv6 names on %s"), 
-		      daemon->addrbuff);
+		      daemon->dhcp_buff2);
 	  if (dhcp_tmp->flags & (CONTEXT_RA_ONLY | CONTEXT_RA_NAME | CONTEXT_RA_STATELESS))
 	    {
 	      if (!(dhcp_tmp->flags & CONTEXT_DEPRECATE))
@@ -647,7 +679,7 @@ int main (int argc, char **argv)
 		  prettyprint_time(p, dhcp_tmp->lease_time > 7200 ? dhcp_tmp->lease_time : 7200);
 		}
 	      my_syslog(MS_DHCP | LOG_INFO, _("SLAAC on %s %s"), 
-			daemon->addrbuff, daemon->namebuff);
+			daemon->dhcp_buff2, daemon->namebuff);
 	    }
 	}
       

src/dnsmasq.h

@@ -751,7 +751,7 @@ extern struct daemon {
   int max_logs;  /* queue limit */
   int cachesize, ftabsize;
   int port, query_port, min_port;
-  unsigned long local_ttl, neg_ttl, max_ttl;
+  unsigned long local_ttl, neg_ttl, max_ttl, max_cache_ttl;
   struct hostsfile *addn_hosts;
   struct dhcp_context *dhcp, *dhcp6, *ra_contexts;
   struct dhcp_config *dhcp_conf;
@@ -891,7 +891,7 @@ void safe_pipe(int *fd, int read_noblock);
 void *whine_malloc(size_t size);
 int sa_len(union mysockaddr *addr);
 int sockaddr_isequal(union mysockaddr *s1, union mysockaddr *s2);
-int hostname_isequal(char *a, char *b);
+int hostname_isequal(const char *a, const char *b);
 time_t dnsmasq_time(void);
 int is_same_net(struct in_addr a, struct in_addr b, struct in_addr mask);
 #ifdef HAVE_IPV6
@@ -928,6 +928,8 @@ void reread_dhcp(void);
 void set_option_bool(unsigned int opt);
 void reset_option_bool(unsigned int opt);
 struct hostsfile *expand_filelist(struct hostsfile *list);
+char *parse_server(char *arg, union mysockaddr *addr, 
+		   union mysockaddr *source_addr, char *interface, int *flags);
 
 /* forward.c */
 void reply_query(int fd, int family, time_t now);
@@ -992,6 +994,7 @@ struct dhcp_lease *lease4_allocate(struct in_addr addr);
 struct dhcp_lease *lease6_allocate(struct in6_addr *addrp, int lease_type);
 struct dhcp_lease *lease6_find(unsigned char *clid, int clid_len, 
 			       int lease_type, int iaid, struct in6_addr *addr);
+void lease6_filter(int lease_type, int iaid, struct dhcp_context *context);
 struct dhcp_lease *lease6_find_by_addr(struct in6_addr *net, int prefix, u64 addr);
 u64 lease_find_max_addr6(struct dhcp_context *context);
 void lease_ping_reply(struct in6_addr *sender, unsigned char *packet, char *interface);
@@ -1091,6 +1094,7 @@ void dhcp6_init(void);
 void dhcp6_packet(time_t now);
 int address6_allocate(struct dhcp_context *context,  unsigned char *clid, int clid_len, 
 		      int serial, struct dhcp_netid *netids, struct in6_addr *ans);
+int is_addr_in_context6(struct dhcp_context *context, struct in6_addr *addr);
 struct dhcp_context *address6_available(struct dhcp_context *context, 
 					struct in6_addr *taddr,
 					struct dhcp_netid *netids);

src/forward.c

@@ -95,26 +95,19 @@ int send_from(int fd, int nowild, char *packet, size_t len,
 #endif
     }
   
- retry:
-  if (sendmsg(fd, &msg, 0) == -1)
+  while (sendmsg(fd, &msg, 0) == -1)
     {
-      /* certain Linux kernels seem to object to setting the source address in the IPv6 stack
-	 by returning EINVAL from sendmsg. In that case, try again without setting the
-	 source address, since it will nearly alway be correct anyway.  IPv6 stinks. */
-      if (errno == EINVAL && msg.msg_controllen)
-	{
-	  msg.msg_controllen = 0;
-	  goto retry;
-	}
-      
       if (retry_send())
-	goto retry;
+	continue;
+      
+      /* If interface is still in DAD, EINVAL results - ignore that. */
+      if (errno == EINVAL)
+	break;
       
       my_syslog(LOG_ERR, _("failed to send packet: %s"), strerror(errno));
-      
       return 0;
     }
-
+  
   return 1;
 }
           

src/helper.c

@@ -34,10 +34,15 @@ static void my_setenv(const char *name, const char *value, int *error);
 static unsigned char *grab_extradata(unsigned char *buf, unsigned char *end,  char *env, int *err);
 
 #ifdef HAVE_LUASCRIPT
+#define LUA_COMPAT_ALL
 #include <lua.h>  
 #include <lualib.h>  
 #include <lauxlib.h>  
 
+#ifndef lua_open
+#define lua_open()     luaL_newstate()
+#endif
+
 lua_State *lua;
 
 static unsigned char *grab_extradata_lua(unsigned char *buf, unsigned char *end, char *field);

src/lease.c

@@ -562,18 +562,31 @@ struct dhcp_lease *lease6_find(unsigned char *clid, int clid_len,
 	   memcmp(clid, lease->clid, clid_len) != 0))
 	continue;
       
-      if (clid || addr)
-	{
-	  lease->flags |= LEASE_USED;
-	  return lease;
-	}
-      else 
-	lease->flags &= ~LEASE_USED;
+      lease->flags |= LEASE_USED;
+      return lease;
     }
   
   return NULL;
 }
 
+void lease6_filter(int lease_type, int iaid, struct dhcp_context *context)
+{
+  struct dhcp_lease *lease;
+  
+  for (lease = leases; lease; lease = lease->next)
+    {
+      /* reset "USED flag */
+      lease->flags &= ~LEASE_USED;
+      
+      if (!(lease->flags & lease_type) || lease->hwaddr_type != iaid)
+	continue;
+      
+      /* leases on the wrong interface get filtered out here */
+      if (!is_addr_in_context6(context, (struct in6_addr *)&lease->hwaddr))
+	lease->flags |= LEASE_USED;
+    }
+}
+
 struct dhcp_lease *lease6_find_by_addr(struct in6_addr *net, int prefix, u64 addr)
 {
   struct dhcp_lease *lease;

src/netlink.c

@@ -336,7 +336,8 @@ static int nl_async(struct nlmsghdr *h)
   if (h->nlmsg_type == NLMSG_ERROR)
     {
       struct nlmsgerr *err = NLMSG_DATA(h);
-      my_syslog(LOG_ERR, _("netlink returns error: %s"), strerror(-(err->error)));
+      if (err->error != 0)
+	my_syslog(LOG_ERR, _("netlink returns error: %s"), strerror(-(err->error)));
       return 0;
     }
   else if (h->nlmsg_pid == 0 && h->nlmsg_type == RTM_NEWROUTE) 
@@ -370,9 +371,9 @@ static int nl_async(struct nlmsghdr *h)
 	}
       return 0;
     }
-#ifdef HAVE_DHCP6
   else if (h->nlmsg_type == RTM_NEWADDR) 
     {
+#ifdef HAVE_DHCP6
       /* force RAs to sync new network and pick up new interfaces.  */
       if (daemon->ra_contexts)
 	{
@@ -382,9 +383,9 @@ static int nl_async(struct nlmsghdr *h)
 	     iface_enumerate and can't re-enter it now */
 	  send_alarm(0, 0);
 	}
-      return 1; /* clever bind mode - rescan */
-    }
 #endif	 
+      return 1; /* clever bind mode - rescan */
+    }	 
   
   return 0;
 }

src/option.c

@@ -120,6 +120,7 @@ struct myoption {
 #define LOPT_TFTP_LC   309
 #define LOPT_RR        310
 #define LOPT_CLVERBIND 311
+#define LOPT_MAXCTTL   312
 
 #ifdef HAVE_GETOPT_LONG
 static const struct option opts[] =  
@@ -223,6 +224,7 @@ static const struct myoption opts[] =
     { "dhcp-broadcast", 2, 0, LOPT_BROADCAST },
     { "neg-ttl", 1, 0, LOPT_NEGTTL },
     { "max-ttl", 1, 0, LOPT_MAXTTL },
+    { "max-cache-ttl", 1, 0, LOPT_MAXCTTL },
     { "dhcp-alternate-port", 2, 0, LOPT_ALTPORT },
     { "dhcp-scriptuser", 1, 0, LOPT_SCRIPTUSR },
     { "min-port", 1, 0, LOPT_MINPORT },
@@ -621,6 +623,93 @@ static char *set_prefix(char *arg)
    return arg;
 }
 
+char *parse_server(char *arg, union mysockaddr *addr, union mysockaddr *source_addr, char *interface, int *flags)
+{
+  int source_port = 0, serv_port = NAMESERVER_PORT;
+  char *portno, *source;
+#ifdef HAVE_IPV6
+  int scope_index = 0;
+  char *scope_id;
+#endif
+  
+  if ((source = split_chr(arg, '@')) && /* is there a source. */
+      (portno = split_chr(source, '#')) &&
+      !atoi_check16(portno, &source_port))
+    return _("bad port");
+  
+  if ((portno = split_chr(arg, '#')) && /* is there a port no. */
+      !atoi_check16(portno, &serv_port))
+    return _("bad port");
+  
+#ifdef HAVE_IPV6
+  scope_id = split_chr(arg, '%');
+#endif
+  
+  if ((addr->in.sin_addr.s_addr = inet_addr(arg)) != (in_addr_t) -1)
+    {
+      addr->in.sin_port = htons(serv_port);	
+      addr->sa.sa_family = source_addr->sa.sa_family = AF_INET;
+#ifdef HAVE_SOCKADDR_SA_LEN
+      source_addr->in.sin_len = addr->in.sin_len = sizeof(struct sockaddr_in);
+#endif
+      source_addr->in.sin_addr.s_addr = INADDR_ANY;
+      source_addr->in.sin_port = htons(daemon->query_port);
+      
+      if (source)
+	{
+	  if (flags)
+	    *flags |= SERV_HAS_SOURCE;
+	  source_addr->in.sin_port = htons(source_port);
+	  if ((source_addr->in.sin_addr.s_addr = inet_addr(source)) == (in_addr_t) -1)
+	    {
+#if defined(SO_BINDTODEVICE)
+	      source_addr->in.sin_addr.s_addr = INADDR_ANY;
+	      strncpy(interface, source, IF_NAMESIZE - 1);
+#else
+	      return _("interface binding not supported");
+#endif
+	    }
+	}
+    }
+#ifdef HAVE_IPV6
+  else if (inet_pton(AF_INET6, arg, &addr->in6.sin6_addr) > 0)
+    {
+      if (scope_id && (scope_index = if_nametoindex(scope_id)) == 0)
+	return _("bad interface name");
+      
+      addr->in6.sin6_port = htons(serv_port);
+      addr->in6.sin6_scope_id = scope_index;
+      source_addr->in6.sin6_addr = in6addr_any; 
+      source_addr->in6.sin6_port = htons(daemon->query_port);
+      source_addr->in6.sin6_scope_id = 0;
+      addr->sa.sa_family = source_addr->sa.sa_family = AF_INET6;
+      addr->in6.sin6_flowinfo = source_addr->in6.sin6_flowinfo = 0;
+#ifdef HAVE_SOCKADDR_SA_LEN
+      addr->in6.sin6_len = source_addr->in6.sin6_len = sizeof(addr->in6);
+#endif
+      if (source)
+	{
+	  if (flags)
+	    *flags |= SERV_HAS_SOURCE;
+	  source_addr->in6.sin6_port = htons(source_port);
+	  if (inet_pton(AF_INET6, source, &source_addr->in6.sin6_addr) == 0)
+	    {
+#if defined(SO_BINDTODEVICE)
+	      source_addr->in6.sin6_addr = in6addr_any; 
+	      strncpy(interface, source, IF_NAMESIZE - 1);
+#else
+	      return _("interface binding not supported");
+#endif
+	    }
+	}
+    }
+#endif
+  else
+    return _("bad address");
+
+  return NULL;
+}
+
 /* This is too insanely large to keep in-line in the switch */
 static int parse_dhcp_opt(char *errstr, char *arg, int flags)
 {
@@ -1760,84 +1849,9 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
 	  }
 	else
 	  {
-	    int source_port = 0, serv_port = NAMESERVER_PORT;
-	    char *portno, *source;
-#ifdef HAVE_IPV6
-	    int scope_index = 0;
-	    char *scope_id;
-#endif
-	    
-	    if ((source = split_chr(arg, '@')) && /* is there a source. */
-		(portno = split_chr(source, '#')) &&
-		!atoi_check16(portno, &source_port))
-	      ret_err(_("bad port"));
-	       	    
-	    if ((portno = split_chr(arg, '#')) && /* is there a port no. */
-		!atoi_check16(portno, &serv_port))
-	      ret_err(_("bad port"));
-	    
-#ifdef HAVE_IPV6
-	    scope_id = split_chr(arg, '%');
-#endif
-
-	    if ((newlist->addr.in.sin_addr.s_addr = inet_addr(arg)) != (in_addr_t) -1)
-	      {
-		newlist->addr.in.sin_port = htons(serv_port);	
-		newlist->source_addr.in.sin_port = htons(source_port); 
-		newlist->addr.sa.sa_family = newlist->source_addr.sa.sa_family = AF_INET;
-#ifdef HAVE_SOCKADDR_SA_LEN
-		newlist->source_addr.in.sin_len = newlist->addr.in.sin_len = sizeof(struct sockaddr_in);
-#endif
-		if (source)
-		  {
-		    newlist->flags |= SERV_HAS_SOURCE;
-		    if ((newlist->source_addr.in.sin_addr.s_addr = inet_addr(source)) == (in_addr_t) -1)
-		      {
-#if defined(SO_BINDTODEVICE)
-			newlist->source_addr.in.sin_addr.s_addr = INADDR_ANY;
-			strncpy(newlist->interface, source, IF_NAMESIZE - 1);
-#else
-			ret_err(_("interface binding not supported"));
-#endif
-		      }
-		  }
-		else
-		  newlist->source_addr.in.sin_addr.s_addr = INADDR_ANY;
-	      }
-#ifdef HAVE_IPV6
-	    else if (inet_pton(AF_INET6, arg, &newlist->addr.in6.sin6_addr) > 0)
-	      {
-		if (scope_id && (scope_index = if_nametoindex(scope_id)) == 0)
-		  ret_err(_("bad interface name"));
-		
-		newlist->addr.in6.sin6_port = htons(serv_port);
-		newlist->addr.in6.sin6_scope_id = scope_index;
-		newlist->source_addr.in6.sin6_port = htons(source_port);
-		newlist->source_addr.in6.sin6_scope_id = 0;
-		newlist->addr.sa.sa_family = newlist->source_addr.sa.sa_family = AF_INET6;
-		newlist->addr.in6.sin6_flowinfo = newlist->source_addr.in6.sin6_flowinfo = 0;
-#ifdef HAVE_SOCKADDR_SA_LEN
-		newlist->addr.in6.sin6_len = newlist->source_addr.in6.sin6_len = sizeof(newlist->addr.in6);
-#endif
-		if (source)
-		  {
-		    newlist->flags |= SERV_HAS_SOURCE;
-		    if (inet_pton(AF_INET6, source, &newlist->source_addr.in6.sin6_addr) == 0)
-		      {
-#if defined(SO_BINDTODEVICE)
-			newlist->source_addr.in6.sin6_addr = in6addr_any; 
-			strncpy(newlist->interface, source, IF_NAMESIZE - 1);
-#else
-			ret_err(_("interface binding not supported"));
-#endif
-		      }
-		  }
-		else
-		  newlist->source_addr.in6.sin6_addr = in6addr_any; 
-	      }
-#endif
-	    else
-	      ret_err(gen_err);
+	    char *err = parse_server(arg, &newlist->addr, &newlist->source_addr, newlist->interface, &newlist->flags);
+	    if (err)
+	      ret_err(err);
 	  }
 	
 	serv = newlist;
@@ -1846,6 +1860,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
 	    serv->next->flags = serv->flags;
 	    serv->next->addr = serv->addr;
 	    serv->next->source_addr = serv->source_addr;
+	    strcpy(serv->next->interface, serv->interface);
 	    serv = serv->next;
 	  }
 	serv->next = daemon->servers;
@@ -1917,6 +1932,7 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
     case 'T':         /* --local-ttl */
     case LOPT_NEGTTL: /* --neg-ttl */
     case LOPT_MAXTTL: /* --max-ttl */
+    case LOPT_MAXCTTL: /* --max-cache-ttl */
       {
 	int ttl;
 	if (!atoi_check(arg, &ttl))
@@ -1925,6 +1941,8 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
 	  daemon->neg_ttl = (unsigned long)ttl;
 	else if (option == LOPT_MAXTTL)
 	  daemon->max_ttl = (unsigned long)ttl;
+	else if (option == LOPT_MAXCTTL)
+	  daemon->max_cache_ttl = (unsigned long)ttl;
 	else
 	  daemon->local_ttl = (unsigned long)ttl;
 	break;
@@ -2097,7 +2115,11 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
 	  {
 	    new->prefix = 64; /* default */
 	    new->end6 = new->start6;
-
+	    
+	    /* dhcp-range=:: enables DHCP stateless on any interface */
+	    if (IN6_IS_ADDR_UNSPECIFIED(&new->start6))
+	      new->prefix = 0;
+	    
 	    for (leasepos = 1; leasepos < k; leasepos++)
 	      {
 		if (strcmp(a[leasepos], "static") == 0)
@@ -3146,10 +3168,10 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
 		    for (tmp = new->names; tmp->next; tmp = tmp->next);
 		    tmp->next = nl;
 		  }
-		
-		arg = comma;
-		comma = split(arg);
 	      }
+	    
+	    arg = comma;
+	    comma = split(arg);
 	  }
 
 	/* Keep list order */

src/radv.c

@@ -457,6 +457,7 @@ time_t periodic_ra(time_t now)
   char interface[IF_NAMESIZE+1];
   
   param.now = now;
+  param.iface = 0;
 
   while (1)
     {
@@ -482,13 +483,21 @@ time_t periodic_ra(time_t now)
 	 ever be able to send ra's and satistfy it. */
       if (iface_enumerate(AF_INET6, &param, iface_search))
 	context->ra_time = 0;
-      else if (indextoname(daemon->icmp6fd, param.iface, interface))
-	send_ra(param.iface, interface, NULL); 
-    }
-  
+      else if (param.iface != 0 &&
+	       indextoname(daemon->icmp6fd, param.iface, interface) &&
+	       iface_check(AF_LOCAL, NULL, interface))
+	{
+	  struct iname *tmp;
+	  for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
+	    if (tmp->name && (strcmp(tmp->name, interface) == 0))
+	      break;
+	  if (!tmp)
+	    send_ra(param.iface, interface, NULL); 
+	}
+    }      
   return next_event;
 }
-
+  
 static int iface_search(struct in6_addr *local,  int prefix,
 			int scope, int if_index, int dad, void *vparam)
 {
@@ -505,9 +514,11 @@ static int iface_search(struct in6_addr *local,  int prefix,
       if (context->ra_time != 0 && difftime(context->ra_time, param->now) <= 0.0)
 	{
 	  /* found an interface that's overdue for RA determine new 
-	     timeout value and zap other contexts on the same interface 
-	     so they don't timeout independently .*/
-	  param->iface = if_index;
+	     timeout value and arrange for RA to be sent unless interface is
+	     still doing DAD.*/
+
+	  if (!dad)
+	    param->iface = if_index;
 	  
 	  if (difftime(param->now, ra_short_period_start) < 60.0)
 	    /* range 5 - 20 */
@@ -516,6 +527,14 @@ static int iface_search(struct in6_addr *local,  int prefix,
 	    /* range 450 - 600 */
 	    context->ra_time = param->now + 450 + (rand16()/440);
 	  
+	  /* zero timers for other contexts on the same subnet, so they don't timeout 
+	     independently */
+	  for (context = context->next; context; context = context->next)
+	    if (prefix == context->prefix &&
+		is_same_net6(local, &context->start6, prefix) &&
+		is_same_net6(local, &context->end6, prefix))
+	      context->ra_time = 0;
+	  
 	  return 0; /* found, abort */
 	}
   

src/rfc2131.c

@@ -493,8 +493,9 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 	      lease_set_interface(lease, int_index, now);
 	      
 	      clear_packet(mess, end);
+	      match_vendor_opts(NULL, daemon->dhcp_opts); /* clear flags */
 	      do_options(context, mess, end, NULL, hostname, get_domain(mess->yiaddr), 
-			 netid, subnet_addr, 0, 0, 0, NULL, 0, now);
+			 netid, subnet_addr, 0, 0, -1, NULL, 0, now);
 	    }
 	}
       
@@ -1386,6 +1387,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
       
       if (lease)
 	{
+	  lease_set_interface(lease, int_index, now);
 	  if (override.s_addr != 0)
 	    lease->override = override;
 	  else
@@ -1396,16 +1398,6 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
       option_put(mess, end, OPTION_MESSAGE_TYPE, 1, DHCPACK);
       option_put(mess, end, OPTION_SERVER_IDENTIFIER, INADDRSZ, ntohl(server_id(context, override, fallback).s_addr));
       
-      if (lease)
-	{
-	  if (lease->expires == 0)
-	    time = 0xffffffff;
-	  else
-	    time = (unsigned int)difftime(lease->expires, now);
-	  option_put(mess, end, OPTION_LEASE_TIME, 4, time);
-	  lease_set_interface(lease, int_index, now);
-	}
-
       do_options(context, mess, end, req_options, hostname, get_domain(mess->ciaddr),
 		 netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now);
       

src/rfc3315.c

@@ -180,7 +180,7 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh
   char *client_hostname= NULL, *hostname = NULL;
   char *domain = NULL, *send_domain = NULL;
   struct dhcp_config *config = NULL;
-  struct dhcp_netid known_id, iface_id;
+  struct dhcp_netid known_id, iface_id, v6_id;
   int done_dns = 0, hostname_auth = 0, do_encap = 0;
   unsigned char *outmsgtypep;
   struct dhcp_opt *opt_cfg;
@@ -194,6 +194,11 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh
   iface_id.next = tags;
   tags = &iface_id; 
 
+  /* set tag "dhcpv6" */
+  v6_id.net = "dhcpv6";
+  v6_id.next = tags;
+  tags = &v6_id;
+
   /* copy over transaction-id, and save pointer to message type */
   outmsgtypep = put_opt6(inbuff, 4);
   start_opts = save_counter(-1);
@@ -497,7 +502,7 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh
 	    ia_option =  opt6_find(opt6_ptr(opt, ia_type == OPTION6_IA_NA ? 12 : 4), ia_end, OPTION6_IAADDR, 24);
 	    
 	    /* reset "USED" flags on leases */
-	    lease6_find(NULL, 0, ia_type == OPTION6_IA_NA ? LEASE_NA : LEASE_TA, iaid, NULL);
+	    lease6_filter(ia_type == OPTION6_IA_NA ? LEASE_NA : LEASE_TA, iaid, context);
 	    
 	    o = new_opt6(ia_type);
 	    put_opt6_long(iaid);
@@ -570,14 +575,18 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh
 			  my_syslog(MS_DHCP | LOG_WARNING, _("not using configured address %s because it was previously declined"), 
 				    daemon->addrbuff);
 			else
-			  addrp = &config->addr6;			 
+			  {
+			    addrp = &config->addr6;
+			    /* may have existing lease for this address */
+			    lease = lease6_find(clid, clid_len, 
+						ia_type == OPTION6_IA_NA ? LEASE_NA : LEASE_TA, iaid, addrp); 
+			  }
 		      }
 		    
 		    /* existing lease */
 		    if (!addrp &&
 			(lease = lease6_find(clid, clid_len, 
 					     ia_type == OPTION6_IA_NA ? LEASE_NA : LEASE_TA, iaid, NULL)) &&
-			address6_available(context, (struct in6_addr *)&lease->hwaddr, tags) &&
 			!config_find_by_address6(daemon->dhcp_conf, (struct in6_addr *)&lease->hwaddr, 128, 0))
 		      addrp = (struct in6_addr *)&lease->hwaddr;
 		    
@@ -832,7 +841,7 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh
 	    iacntr = save_counter(-1); 
 	    
 	    /* reset "USED" flags on leases */
-	    lease6_find(NULL, 0, ia_type == OPTION6_IA_NA ? LEASE_NA : LEASE_TA, iaid, NULL);
+	    lease6_filter(ia_type == OPTION6_IA_NA ? LEASE_NA : LEASE_TA, iaid, context);
 	    
 	    ia_option = opt6_ptr(opt, ia_type == OPTION6_IA_NA ? 12 : 4);
 	    ia_end = opt6_ptr(opt, opt6_len(opt));
@@ -1001,10 +1010,17 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh
       
     case DHCP6IREQ:
       {
+	/* We can't discriminate contexts based on address, as we don't know it.
+	   If there is only one possible context, we can use its tags */
+	if (context && !context->current)
+	  {
+	    context->netid.next = NULL;
+	    context_tags =  &context->netid;
+	  }
+	log6_packet("DHCPINFORMATION-REQUEST", clid, clid_len, NULL, xid, iface_name, ignore ? "ignored" : hostname);
 	if (ignore)
 	  return 0;
 	*outmsgtypep = DHCP6REPLY;
-	log6_packet("DHCPINFORMATION-REQUEST", clid, clid_len, NULL, xid, iface_name, hostname);
 	break;
       }
       
@@ -1036,7 +1052,7 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh
 	    ia_option = opt6_ptr(opt, ia_type == OPTION6_IA_NA ? 12 : 4);
 	    
 	    /* reset "USED" flags on leases */
-	    lease6_find(NULL, 0, ia_type == OPTION6_IA_NA ? LEASE_NA : LEASE_TA, iaid, NULL);
+	    lease6_filter(ia_type == OPTION6_IA_NA ? LEASE_NA : LEASE_TA, iaid, context);
 		
 	    for (ia_option = opt6_find(ia_option, ia_end, OPTION6_IAADDR, 24);
 		 ia_option;
@@ -1115,7 +1131,7 @@ static int dhcp6_no_relay(int msg_type, struct in6_addr *link_address, struct dh
 	    ia_option = opt6_ptr(opt, ia_type == OPTION6_IA_NA ? 12 : 4);
 	    
 	    /* reset "USED" flags on leases */
-	    lease6_find(NULL, 0, ia_type == OPTION6_IA_NA ? LEASE_NA : LEASE_TA, iaid, NULL);
+	    lease6_filter(ia_type == OPTION6_IA_NA ? LEASE_NA : LEASE_TA, iaid, context);
 		
 	    for (ia_option = opt6_find(ia_option, ia_end, OPTION6_IAADDR, 24);
 		 ia_option;

src/util.c

@@ -280,7 +280,7 @@ int sa_len(union mysockaddr *addr)
 }
 
 /* don't use strcasecmp and friends here - they may be messed up by LOCALE */
-int hostname_isequal(char *a, char *b)
+int hostname_isequal(const char *a, const char *b)
 {
   unsigned int c1, c2;