git: f9c40994b6c4 - main - dns/dnsmasq: update to v2.92 + inotify patch
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 14 Jan 2026 23:44:35 UTC
The branch main has been updated by mandree:
URL: https://cgit.FreeBSD.org/ports/commit/?id=f9c40994b6c478a0d764efdcba9f62b045b28d5c
commit f9c40994b6c478a0d764efdcba9f62b045b28d5c
Author: Matthias Andree <mandree@FreeBSD.org>
AuthorDate: 2026-01-14 23:22:10 +0000
Commit: Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2026-01-14 23:44:31 +0000
dns/dnsmasq: update to v2.92 + inotify patch
Changelog: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q1/018380.html
We keep the local patch to enable inotify on FreeBSD 15,
which was only merged after the release but had been in this port
already.
Make it so the pkg-message is printed on new installs and upgrades.
---
dns/dnsmasq/Makefile | 10 ++--
dns/dnsmasq/distinfo | 6 +--
dns/dnsmasq/files/patch-src_util.c | 73 -----------------------------
dns/dnsmasq/files/pkg-message.in | 2 +-
dns/dnsmasq/files/simon-kelley-keyring.asc | Bin 0 -> 3076 bytes
dns/dnsmasq/files/update.py | 52 ++++++++++++++++++++
6 files changed, 61 insertions(+), 82 deletions(-)
diff --git a/dns/dnsmasq/Makefile b/dns/dnsmasq/Makefile
index c0cb701dbee6..81a358810111 100644
--- a/dns/dnsmasq/Makefile
+++ b/dns/dnsmasq/Makefile
@@ -1,11 +1,11 @@
PORTNAME= dnsmasq
-DISTVERSION= 2.91
+DISTVERSION= 2.92
# Leave the PORTREVISION in even if 0 to avoid accidental PORTEPOCH bumps:
-PORTREVISION= 2
+PORTREVISION= 0
PORTEPOCH= 1
CATEGORIES= dns
-MASTER_SITES= https://www.thekelleys.org.uk/dnsmasq/ \
- LOCAL/mandree/
+MASTER_SITES= LOCAL/mandree/ \
+ https://thekelleys.org.uk/dnsmasq/
MAINTAINER= mandree@FreeBSD.org
COMMENT= Lightweight DNS forwarder, DHCP, and TFTP server
@@ -28,7 +28,7 @@ MAKE_ARGS= CC="${CC}" \
CFLAGS+= -Wall
# https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html
# Note there are ${ARCH}-dependent options below after .include <bsd.port.pre.mk>
-# Note that these are enforced for now (2025-09-16), and we can't subject them to PIE/FORTIFY/SSP_UNSAFE or WITHOUT_ options for now.
+# Note that these are enforced, and we won't subject them to PIE/FORTIFY/SSP_UNSAFE or WITHOUT_ options.
CFLAGS+= -Wall -Wformat -Wformat=2 \
-Werror=format-security \
-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3 \
diff --git a/dns/dnsmasq/distinfo b/dns/dnsmasq/distinfo
index 747553a94907..89c332c415cb 100644
--- a/dns/dnsmasq/distinfo
+++ b/dns/dnsmasq/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1742506571
-SHA256 (dnsmasq-2.91.tar.xz) = f622682848b33677adb2b6ad08264618a2ae0a01da486a93fd8cd91186b3d153
-SIZE (dnsmasq-2.91.tar.xz) = 576820
+TIMESTAMP = 1768429117
+SHA256 (dnsmasq-2.92.tar.xz) = 4bf50c2c1018f9fbc26037df51b90ecea0cb73d46162846763b92df0d6c3a458
+SIZE (dnsmasq-2.92.tar.xz) = 637752
diff --git a/dns/dnsmasq/files/patch-src_util.c b/dns/dnsmasq/files/patch-src_util.c
deleted file mode 100644
index a50483debfeb..000000000000
--- a/dns/dnsmasq/files/patch-src_util.c
+++ /dev/null
@@ -1,73 +0,0 @@
-commit 15841f187d2b208a6113d4e2d479d3af4275bb1c
-Author: Simon Kelley <simon@thekelleys.org.uk>
-Date: Sun Jun 22 23:04:36 2025 +0100
-
- Fix issue with fast file-descriptor close on *BSD.
-
- This fixes a problem introduced in 8a5fe8ce6bb6c2bd81f237a0f4a2583722ffbd1c
-
- On BSD, fdescfs is normally mounted at /dev/fd. However
- if it is NOT mounted, devfs creates a directory at /dev/fd
- which contains (only) the file descriptors 0,1 and 2.
-
- Under these conditions, opendir() will succeed, and
- if we proceed we will fail to close extant
- file descriptors which should be closed.
-
- Check that there is a filesystem mounted at /dev/fd
- by checking that the device changes between /dev/fd
- and /dev. If if doesn't, fall back to the dumb path.
-
- Thanks to Roman Bogorodskiy for spotting the problem
- and helping with diagnosis.
-
---- src/util.c.orig 2025-03-14 15:09:35 UTC
-+++ src/util.c
-@@ -34,6 +34,10 @@
- #include <sys/utsname.h>
- #endif
-
-+#ifdef HAVE_BSD_NETWORK
-+#include <libgen.h>
-+#endif
-+
- /* SURF random number generator */
-
- static u32 seed[32];
-@@ -831,9 +835,34 @@ void close_fds(long max_fd, int spare1, int spare2, in
- #endif
-
- #ifdef FDESCFS
-- DIR *d;
-+ DIR *d = NULL;
-
-- if ((d = opendir(FDESCFS)))
-+# ifdef HAVE_BSD_NETWORK
-+ dev_t dirdev = 0;
-+ char fdescfs[] = FDESCFS; /* string must be writable */
-+ struct stat statbuf;
-+
-+ /* On BSD, fdescfs is normally mounted at /dev/fd. However
-+ if it is NOT mounted, devfs creates a directory at /dev/fd
-+ which contains (only) the file descriptors 0,1 and 2.
-+
-+ Under these conditions, opendir() will succeed, and
-+ if we proceed we will fail to close extant
-+ file descriptors which should be closed.
-+
-+ Check that there is a filesystem mounted at /dev/fd
-+ by checking that the device changes between /dev/fd
-+ and /dev. If if doesn't, fall back to the dumb path. */
-+
-+ if (stat(fdescfs, &statbuf) != -1)
-+ dirdev = statbuf.st_dev;
-+
-+ if (stat(dirname(fdescfs), &statbuf) != -1 &&
-+ dirdev != statbuf.st_dev)
-+# endif
-+ d = opendir(FDESCFS);
-+
-+ if (d)
- {
- struct dirent *de;
-
diff --git a/dns/dnsmasq/files/pkg-message.in b/dns/dnsmasq/files/pkg-message.in
index 3585d591a921..e46d4b2642c3 100644
--- a/dns/dnsmasq/files/pkg-message.in
+++ b/dns/dnsmasq/files/pkg-message.in
@@ -1,6 +1,6 @@
[
{
-message: <<EOM
+type: [install, upgrade], message: <<EOM
To enable dnsmasq, edit %%PREFIX%%/etc/dnsmasq.conf and
set dnsmasq_enable="YES" in /etc/rc.conf[.local]
diff --git a/dns/dnsmasq/files/simon-kelley-keyring.asc b/dns/dnsmasq/files/simon-kelley-keyring.asc
new file mode 100644
index 000000000000..50e3ccf33ef1
Binary files /dev/null and b/dns/dnsmasq/files/simon-kelley-keyring.asc differ
diff --git a/dns/dnsmasq/files/update.py b/dns/dnsmasq/files/update.py
new file mode 100755
index 000000000000..117c0e9c95a4
--- /dev/null
+++ b/dns/dnsmasq/files/update.py
@@ -0,0 +1,52 @@
+#!/usr/bin/env python3
+"""update.py for dnsmasq-devel - (C) 2025 Matthias Andree, placed under MIT license
+To use, edit Makefile with the new version,
+then run files/update.py, which will download, check sigs, if GnuPG checks out, update makesum,
+upload tarball and sig to my public_distfiles/ because upstream has low bandwidth, and test build.
+
+If things work out, commit manually and push."""
+
+import os
+import shutil
+import subprocess
+import sys
+
+def trace(func):
+ def wrapper(*args, **kwargs):
+ print(f"\n> {func.__name__}({args}, {kwargs})", file=sys.stderr)
+ retval = func(*args, **kwargs)
+ print(f"< {func.__name__} -> {retval!r}", file=sys.stderr)
+ return retval
+ return wrapper
+
+traced_run = trace(subprocess.run)
+
+cleanenv={'LC_ALL': 'C.UTF-8',
+ 'PATH': os.environ["PATH"]}
+defargs={"check": "True", "env": cleanenv, "encoding": 'UTF-8'}
+
+try:
+ distdir, master_site, files_dir, dist_dir = map(str.strip, traced_run(['make', '-V', 'DISTDIR',
+ '-V', 'MASTER_SITES:N*FreeBSD*',
+ '-V', 'FILESDIR',
+ '-V', 'DISTDIR'],
+ capture_output=True, **defargs).stdout.splitlines())
+ filename_tarball = traced_run('make -V DISTFILES'.split(), capture_output=True, **defargs).stdout.splitlines()[0].strip()
+ filename_signature = filename_tarball + '.asc'
+ uri_tarball = master_site + filename_tarball
+ uri_signature = master_site + filename_signature
+ traced_run(['fetch', uri_tarball, uri_signature], **defargs)
+ traced_run(['gpg', '--no-options', '--with-colons', '--status-fd', '1',
+ '--no-default-keyring', '--keyring', files_dir + '/simon-kelley-keyring.asc',
+ '--verify', filename_signature, filename_tarball], **defargs)
+ traced_run(['rsync', '-avHPW', '--chmod=0644', filename_tarball, filename_signature, 'freefall.freebsd.org:public_distfiles/'], **defargs)
+ shutil.move(filename_tarball, dist_dir + '/' + filename_tarball)
+ traced_run(['make', 'makesum', 'clean'], **defargs)
+ os.remove(filename_signature)
+ traced_run(['make', 'check-plist', 'package'], **defargs)
+ print("\nSUCCESS\n")
+except Exception as cpe:
+ print("\nERROR\n")
+ print(repr(cpe))
+ print("\nERROR\n")
+ sys.exit(1)