dnsmasq: backport latest pre2.81 patches

f52bb5b fix previous commit
18eac67 Fix entries in /etc/hosts disabling static leases.
f8c77ed Fix removal of DHCP_CLIENT_MAC options from DHCPv6 relay replies.
4bf62f6 Tidy cache_blockdata_free()
9c0d445 Fix e7bfd556c079c8b5e7425aed44abc35925b24043 to actually work.
2896e24 Check for not(DS or DNSKEY) in is_outdated_cname_pointer()
a90f09d Fix crash freeing negative SRV cache entries.
5b99eae Cache SRV records.
2daca52 Fix typo in ra-param man page section.
2c59473 File logic bug in cache-marshalling code. Introduced a couple of commits back.
cc921df Remove nested struct/union in cache records and all_addr.
ab194ed Futher address union tidying.
65a01b7 Tidy address-union handling: move class into explicit argument.
bde4647 Tidy all_addr union, merge log and rcode fields.
e7bfd55 Alter DHCP address selection after DECLINE in consec-addr mode. Avoid offering the same address after a recieving a DECLINE message to stop an infinite protocol loop. This has long been done in default address allocation mode: this adds similar behaviour when allocaing addresses consecutively.

The most relevant fix for openwrt is 18eac67 (& my own local f52bb5b
which fixes a missing bracket silly) To quote the patch:

It is possible for a config entry to have one address family specified by a
dhcp-host directive and the other added from /etc/hosts. This is especially
common on OpenWrt because it uses odhcpd for DHCPv6 and IPv6 leases are
imported into dnsmasq via a hosts file.

To handle this case there need to be separate *_HOSTS flags for IPv4 and IPv6.
Otherwise when the hosts file is reloaded it will clear the CONFIG_ADDR(6) flag
which was set by the dhcp-host directive.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>

1 files changed, 290 insertions, 0 deletions

diff --git a/package/network/services/dnsmasq/patches/0019-Tidy-address-union-handling-move-class-into-explicit.patch b/package/network/services/dnsmasq/patches/0019-Tidy-address-union-handling-move-class-into-explicit.patch
new file mode 100644
index 0000000000..883202da85
--- /dev/null
+++ b/package/network/services/dnsmasq/patches/0019-Tidy-address-union-handling-move-class-into-explicit.patch
@@ -0,0 +1,290 @@
+From 65a01b71bb433c9466e4c78a73a8d8ed218ed4e8 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Mon, 31 Dec 2018 23:56:33 +0000
+Subject: [PATCH 19/30] Tidy address-union handling: move class into explicit
+ argument.
+
+This moves the class argument to cache-insert into an argument,
+rather then overloading a union in the address argument. Note that
+tha class is NOT stored in the cache other than for DS/DNSKEY entries,
+so must always be C_IN except for these. The data-extraction code
+ensures this as it only attempts to cache C_IN class records.
+
+Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
+---
+ src/cache.c   | 57 ++++++++++++++++++++++-----------------------------
+ src/dnsmasq.h |  2 +-
+ src/dnssec.c  | 13 +++---------
+ src/rfc1035.c | 12 +++++------
+ 4 files changed, 34 insertions(+), 50 deletions(-)
+
+--- a/src/cache.c
++++ b/src/cache.c
+@@ -26,7 +26,7 @@ static union bigname *big_free = NULL;
+ static int bignames_left, hash_size;
+ 
+ static void make_non_terminals(struct crec *source);
+-static struct crec *really_insert(char *name, struct all_addr *addr, 
++static struct crec *really_insert(char *name, struct all_addr *addr, unsigned short class,
+ 				  time_t now,  unsigned long ttl, unsigned short flags);
+ 
+ /* type->string mapping: this is also used by the name-hash function as a mixing table. */
+@@ -330,8 +330,8 @@ static int is_expired(time_t now, struct
+   return 1;
+ }
+ 
+-static struct crec *cache_scan_free(char *name, struct all_addr *addr, time_t now, unsigned short flags,
+-				    struct crec **target_crec, unsigned int *target_uid)
++static struct crec *cache_scan_free(char *name, struct all_addr *addr, unsigned short class, time_t now,
++				    unsigned short flags, struct crec **target_crec, unsigned int *target_uid)
+ {
+   /* Scan and remove old entries.
+      If (flags & F_FORWARD) then remove any forward entries for name and any expired
+@@ -350,6 +350,8 @@ static struct crec *cache_scan_free(char
+      This entry will get re-used with the same name, to preserve CNAMEs. */
+  
+   struct crec *crecp, **up;
++
++  (void)class;
+   
+   if (flags & F_FORWARD)
+     {
+@@ -381,7 +383,7 @@ static struct crec *cache_scan_free(char
+ 	      
+ #ifdef HAVE_DNSSEC
+ 	      /* Deletion has to be class-sensitive for DS and DNSKEY */
+-	      if ((flags & crecp->flags & (F_DNSKEY | F_DS)) && crecp->uid == addr->addr.dnssec.class)
++	      if ((flags & crecp->flags & (F_DNSKEY | F_DS)) && crecp->uid == class)
+ 		{
+ 		  if (crecp->flags & F_CONFIG)
+ 		    return crecp;
+@@ -464,7 +466,7 @@ void cache_start_insert(void)
+   insert_error = 0;
+ }
+ 
+-struct crec *cache_insert(char *name, struct all_addr *addr, 
++struct crec *cache_insert(char *name, struct all_addr *addr, unsigned short class,
+ 			  time_t now,  unsigned long ttl, unsigned short flags)
+ {
+   /* Don't log DNSSEC records here, done elsewhere */
+@@ -478,11 +480,11 @@ struct crec *cache_insert(char *name, st
+ 	ttl = daemon->min_cache_ttl;
+     }
+   
+-  return really_insert(name, addr, now, ttl, flags);
++  return really_insert(name, addr, class, now, ttl, flags);
+ }
+ 
+ 
+-static struct crec *really_insert(char *name, struct all_addr *addr, 
++static struct crec *really_insert(char *name, struct all_addr *addr, unsigned short class,
+ 				  time_t now,  unsigned long ttl, unsigned short flags)
+ {
+   struct crec *new, *target_crec = NULL;
+@@ -497,7 +499,7 @@ static struct crec *really_insert(char *
+   
+   /* First remove any expired entries and entries for the name/address we
+      are currently inserting. */
+-  if ((new = cache_scan_free(name, addr, now, flags, &target_crec, &target_uid)))
++  if ((new = cache_scan_free(name, addr, class, now, flags, &target_crec, &target_uid)))
+     {
+       /* We're trying to insert a record over one from 
+ 	 /etc/hosts or DHCP, or other config. If the 
+@@ -553,21 +555,14 @@ static struct crec *really_insert(char *
+       
+       if (freed_all)
+ 	{
+-	  struct all_addr free_addr = new->addr.addr;;
+-	  
+-#ifdef HAVE_DNSSEC
+-	  /* For DNSSEC records, addr holds class. */
+-	  if (new->flags & (F_DS | F_DNSKEY))
+-	    free_addr.addr.dnssec.class = new->uid;
+-#endif
+-	  
++	  /* For DNSSEC records, uid holds class. */
+ 	  free_avail = 1; /* Must be free space now. */
+-	  cache_scan_free(cache_get_name(new), &free_addr, now, new->flags, NULL, NULL);
++	  cache_scan_free(cache_get_name(new), &new->addr.addr, new->uid, now, new->flags, NULL, NULL);
+ 	  daemon->metrics[METRIC_DNS_CACHE_LIVE_FREED]++;
+ 	}
+       else
+ 	{
+-	  cache_scan_free(NULL, NULL, now, 0, NULL, NULL);
++	  cache_scan_free(NULL, NULL, class, now, 0, NULL, NULL);
+ 	  freed_all = 1;
+ 	}
+     }
+@@ -615,15 +610,13 @@ static struct crec *really_insert(char *
+   else
+     *cache_get_name(new) = 0;
+ 
+-  if (addr)
+-    {
+ #ifdef HAVE_DNSSEC
+-      if (flags & (F_DS | F_DNSKEY))
+-	new->uid = addr->addr.dnssec.class;
+-      else
++  if (flags & (F_DS | F_DNSKEY))
++    new->uid = class;
+ #endif
+-	new->addr.addr = *addr;	
+-    }
++
++  if (addr)
++    new->addr.addr = *addr;	
+ 
+   new->ttd = now + (time_t)ttl;
+   new->next = new_chain;
+@@ -747,11 +740,11 @@ int cache_recv_insert(time_t now, int fd
+ 	{
+ 	  if (!read_write(fd, (unsigned char *)&addr, sizeof(addr), 1))
+ 	    return 0;
+-	  crecp = really_insert(daemon->namebuff, &addr, now, ttl, flags);
++	  crecp = really_insert(daemon->namebuff, &addr, C_IN, now, ttl, flags);
+ 	}
+       else if (flags & F_CNAME)
+ 	{
+-	  struct crec *newc = really_insert(daemon->namebuff, NULL, now, ttl, flags);
++	  struct crec *newc = really_insert(daemon->namebuff, NULL, C_IN, now, ttl, flags);
+ 	  /* This relies on the fact the the target of a CNAME immediately preceeds
+ 	     it because of the order of extraction in extract_addresses, and
+ 	     the order reversal on the new_chain. */
+@@ -780,10 +773,8 @@ int cache_recv_insert(time_t now, int fd
+ 	  
+ 	  if (!read_write(fd, (unsigned char *)&class, sizeof(class), 1))
+ 	    return 0;
+-	  /* Cache needs to known class for DNSSEC stuff */
+-	  addr.addr.dnssec.class = class;
+-
+-	  crecp = really_insert(daemon->namebuff, &addr, now, ttl, flags);
++	 
++	  crecp = really_insert(daemon->namebuff, NULL, class, now, ttl, flags);
+ 	    
+ 	  if (flags & F_DNSKEY)
+ 	    {
+@@ -1463,7 +1454,7 @@ void cache_add_dhcp_entry(char *host_nam
+ 	}
+       else if (!(crec->flags & F_DHCP))
+ 	{
+-	  cache_scan_free(host_name, NULL, 0, crec->flags & (flags | F_CNAME | F_FORWARD), NULL, NULL);
++	  cache_scan_free(host_name, NULL, C_IN, 0, crec->flags & (flags | F_CNAME | F_FORWARD), NULL, NULL);
+ 	  /* scan_free deletes all addresses associated with name */
+ 	  break;
+ 	}
+@@ -1490,7 +1481,7 @@ void cache_add_dhcp_entry(char *host_nam
+       if (crec->flags & F_NEG)
+ 	{
+ 	  flags |= F_REVERSE;
+-	  cache_scan_free(NULL, (struct all_addr *)host_address, 0, flags, NULL, NULL);
++	  cache_scan_free(NULL, (struct all_addr *)host_address, C_IN, 0, flags, NULL, NULL);
+ 	}
+     }
+   else
+--- a/src/dnsmasq.h
++++ b/src/dnsmasq.h
+@@ -1144,7 +1144,7 @@ struct crec *cache_find_by_name(struct c
+ void cache_end_insert(void);
+ void cache_start_insert(void);
+ int cache_recv_insert(time_t now, int fd);
+-struct crec *cache_insert(char *name, struct all_addr *addr,
++struct crec *cache_insert(char *name, struct all_addr *addr, unsigned short class, 
+ 			  time_t now, unsigned long ttl, unsigned short flags);
+ void cache_reload(void);
+ void cache_add_dhcp_entry(char *host_name, int prot, struct all_addr *host_address, time_t ttd);
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -798,12 +798,9 @@ int dnssec_validate_by_ds(time_t now, st
+ 		  algo = *p++;
+ 		  keytag = dnskey_keytag(algo, flags, p, rdlen - 4);
+ 		  
+-		  /* Cache needs to known class for DNSSEC stuff */
+-		  a.addr.dnssec.class = class;
+-		  
+ 		  if ((key = blockdata_alloc((char*)p, rdlen - 4)))
+ 		    {
+-		      if (!(recp1 = cache_insert(name, &a, now, ttl, F_FORWARD | F_DNSKEY | F_DNSSECOK)))
++		      if (!(recp1 = cache_insert(name, &a, class, now, ttl, F_FORWARD | F_DNSKEY | F_DNSSECOK)))
+ 			{
+ 			  blockdata_free(key);
+ 			  return STAT_BOGUS;
+@@ -927,12 +924,9 @@ int dnssec_validate_ds(time_t now, struc
+ 	      algo = *p++;
+ 	      digest = *p++;
+ 	      
+-	      /* Cache needs to known class for DNSSEC stuff */
+-	      a.addr.dnssec.class = class;
+-	      
+ 	      if ((key = blockdata_alloc((char*)p, rdlen - 4)))
+ 		{
+-		  if (!(crecp = cache_insert(name, &a, now, ttl, F_FORWARD | F_DS | F_DNSSECOK)))
++		  if (!(crecp = cache_insert(name, NULL, class, now, ttl, F_FORWARD | F_DS | F_DNSSECOK)))
+ 		    {
+ 		      blockdata_free(key);
+ 		      return STAT_BOGUS;
+@@ -1021,8 +1015,7 @@ int dnssec_validate_ds(time_t now, struc
+ 	{
+ 	  cache_start_insert();
+ 	  
+-	  a.addr.dnssec.class = class;
+-	  if (!cache_insert(name, &a, now, ttl, flags))
++	  if (!cache_insert(name, NULL, class, now, ttl, flags))
+ 	    return STAT_BOGUS;
+ 	  
+ 	  cache_end_insert();  
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -701,7 +701,7 @@ int extract_addresses(struct dns_header
+ 			  goto cname_loop;
+ 			}
+ 		      
+-		      cache_insert(name, &addr, now, cttl, name_encoding | secflag | F_REVERSE);
++		      cache_insert(name, &addr, C_IN, now, cttl, name_encoding | secflag | F_REVERSE);
+ 		      found = 1; 
+ 		    }
+ 		  
+@@ -719,7 +719,7 @@ int extract_addresses(struct dns_header
+ 		  ttl = find_soa(header, qlen, NULL, doctored);
+ 		}
+ 	      if (ttl)
+-		cache_insert(NULL, &addr, now, ttl, name_encoding | F_REVERSE | F_NEG | flags | (secure ?  F_DNSSECOK : 0));	
++		cache_insert(NULL, &addr, C_IN, now, ttl, name_encoding | F_REVERSE | F_NEG | flags | (secure ?  F_DNSSECOK : 0));	
+ 	    }
+ 	}
+       else
+@@ -773,7 +773,7 @@ int extract_addresses(struct dns_header
+ 		    {
+ 		      if (!cname_count--)
+ 			return 0; /* looped CNAMES */
+-		      newc = cache_insert(name, NULL, now, attl, F_CNAME | F_FORWARD | secflag);
++		      newc = cache_insert(name, NULL, C_IN, now, attl, F_CNAME | F_FORWARD | secflag);
+ 		      if (newc)
+ 			{
+ 			  newc->addr.cname.target.cache = NULL;
+@@ -833,7 +833,7 @@ int extract_addresses(struct dns_header
+ 			}
+ #endif
+ 		      
+-		      newc = cache_insert(name, &addr, now, attl, flags | F_FORWARD | secflag);
++		      newc = cache_insert(name, &addr, C_IN, now, attl, flags | F_FORWARD | secflag);
+ 		      if (newc && cpp)
+ 			{
+ 			  next_uid(newc);
+@@ -860,7 +860,7 @@ int extract_addresses(struct dns_header
+ 		 pointing at this, inherit its TTL */
+ 	      if (ttl || cpp)
+ 		{
+-		  newc = cache_insert(name, NULL, now, ttl ? ttl : cttl, F_FORWARD | F_NEG | flags | (secure ? F_DNSSECOK : 0));	
++		  newc = cache_insert(name, NULL, C_IN, now, ttl ? ttl : cttl, F_FORWARD | F_NEG | flags | (secure ? F_DNSSECOK : 0));	
+ 		  if (newc && cpp)
+ 		    {
+ 		      next_uid(newc);
+@@ -1054,7 +1054,7 @@ int check_for_bogus_wildcard(struct dns_
+ 		/* Found a bogus address. Insert that info here, since there no SOA record
+ 		   to get the ttl from in the normal processing */
+ 		cache_start_insert();
+-		cache_insert(name, NULL, now, ttl, F_IPV4 | F_FORWARD | F_NEG | F_NXDOMAIN);
++		cache_insert(name, NULL, C_IN, now, ttl, F_IPV4 | F_FORWARD | F_NEG | F_NXDOMAIN);
+ 		cache_end_insert();
+ 		
+ 		return 1;