commit 567116b2c00761fdbd6aa7365ecca637f15b868d
author Tarun Kundu <tarun.kundu@est.tech> Thu Aug 15 16:22:58 2024 -0700
committer Tarun Kundu <tarun.kundu@est.tech> Thu Aug 22 08:00:02 2024 -0700
tree e7f3c3b1e244f729f32a12c0260dec97c674f363
parent 12e3b2e80927d25148dd0f78f589f3a9b87aa55f

Rebase Cradlepoint diff over v2.90

Run these commands only if remote upstream is not added:
  1. git remote add upstream http://thekelleys.org.uk/git/dnsmasq.git
  2. git remote -v show
  3. git fetch upstream

Following are the commands used for generating the diff
between upstream version 2.85 and origin/cp-main:
  1. git diff v2.85 origin/cp-main > ../dnsmasq_v2.85-to-cp_main.gitdiff
  2. patch -p1 < ../dnsmasq_v2.85-to-cp_main.gitdiff
  3. git add . && git commit -m "Rebase Cradlepoint diff over v2.90"
And then fix all the rejects generated while applying ‘patch -p1 < ../dnsmasq_v2.85-to-cp_main.gitdiff’

EDNS_PKTSZ and SAFE_PKTSZ were already present due to backport of CVE
patch:
    Fix up ./man/dnsmasq.8
    Fix up ./src/config.h
    Fix up ./CHANGELOG

As domain is no longer used in upstream, we removed the check for OPT_EDNS_RESTRICT:
    Fix up ./src/forward.c

Fix up ./src/dhcp.c
Fix up ./src/dhcp6.c
Fix up ./src/dns-protocol.h
Fix up ./src/dnsmasq.c
Fix up ./src/dnsmasq.h
Fix up ./src/edns0.c
Fix up ./src/option.c
Fix up ./src/radv.c
Fix up ./src/rfc1035.c
Fix up ./src/util.c
Fix up ./Makefile
Compilation fixes for cache.c

Change-Id: Ibb8d162526168e5963aedb98b6333ded5f054a82

src/forward.c

diff --git a/src/forward.c b/src/forward.c
index 32f37e4..44501bf 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -521,9 +521,11 @@
 	    }
 #endif
 	  
-	  if (retry_send(sendto(fd, (char *)header, plen, 0,
-				&srv->addr.sa,
-				sa_len(&srv->addr))))
+	      if (udpaddr &&
+		  (srv->addr.in.sin_addr.s_addr != udpaddr->in.sin_addr.s_addr) &&
+		  (retry_send(sendto(fd, (char *)header, plen, 0,
+				    &srv->addr.sa,
+				    sa_len(&srv->addr)))))
 	    continue;
 	  
 	  if (errno == 0)
@@ -666,7 +668,8 @@
   struct ipsets *ipset_pos, *ret = NULL;
   unsigned int namelen = strlen(domain);
   unsigned int matchlen = 0;
-  for (ipset_pos = setlist; ipset_pos; ipset_pos = ipset_pos->next) 
+  if (daemon->ipsets)
+    for (ipset_pos = setlist; ipset_pos; ipset_pos = ipset_pos->next) 
     {
       unsigned int domainlen = strlen(ipset_pos->domain);
       const char *matchstart = domain + namelen - domainlen;
@@ -696,8 +699,12 @@
   (void)do_bit;
  
 #ifdef HAVE_IPSET
-  if (daemon->ipsets && extract_request(header, n, daemon->namebuff, NULL))
+  if (extract_request(header, n, daemon->namebuff, NULL))
+  {
+	  if (header && (ntohs(header->arcount)))
+	    n = process_appid_catid(header, n);
     ipsets = domain_find_sets(daemon->ipsets, daemon->namebuff);
+  }
 #endif
 
 #ifdef HAVE_NFTSET