This bumps the minimum dnsmasq version to the point where we do not need capability probing, reducing it to a version check (which I will be happy to remove on request). Unless I missed something, this also means we no longer need to spawn radvd manually. Note that DNSMASQ_CAPS_BINDTODEVICE was the indication of a downstream mitigation of a CVE that should no longer be needed if we have --bind-dynamic Ján Tomko (17): util: dnsmasqCapsSetFromBuffer: use error label tests: do not test dnsmasq older than 2.67 util: dnsmasq: mandate at least version 2.67 network: assume DNSMASQ_DHCPv6_SUPPORT network: assume DNSMASQ_RA_SUPPORT util: remove DNSMASQ_RA_SUPPORT network: assume DNSMASQ_CAPS_BIND_DYNAMIC network: assume DNSMASQ_CAPS_RA_PARAM util: dnsmasq: delete assumed capability flags network: remove any code dealing with radvd network: driver: remove unused radvdStateDir variable conf: remove radvdPid from virNetworkObj build: do not search for radvd binary spec: do not require radvd util: remove dnsmasqCapsGetVersion util: dnsmasq: remove caps completely network: remove unused 'driver' parameter libvirt.spec.in | 2 - meson.build | 1 - src/conf/virnetworkobj.c | 16 - src/conf/virnetworkobj.h | 7 - src/libvirt_private.syms | 4 - src/network/bridge_driver.c | 459 ++---------------- src/network/bridge_driver_platform.h | 1 - src/util/virdnsmasq.c | 69 +-- src/util/virdnsmasq.h | 24 - .../networkxml2confdata/isolated-network.conf | 5 +- .../nat-network-dns-srv-record-minimal.conf | 10 +- .../nat-network-dns-srv-record.conf | 2 + .../nat-network-dns-txt-record.conf | 2 + .../nat-network-name-with-quotes.conf | 10 +- .../networkxml2confdata/netboot-network.conf | 4 +- .../netboot-proxy-network.conf | 4 +- tests/networkxml2conftest.c | 32 +- 17 files changed, 83 insertions(+), 569 deletions(-) -- 2.31.1
