From: Kevin Darbyshire-Bryant Date: Thu, 31 Aug 2017 10:43:46 +0000 (+0200) Subject: dnsmasq: Don't expose *.bind data incl version X-Git-Url: http://207.154.207.93/?a=commitdiff_plain;h=13fe03017f08023cdef31b21d3ea4ad1d795f940;p=15.05%2Fopenwrt.git dnsmasq: Don't expose *.bind data incl version Don't expose dnsmasq version & other data to clients via the *.bind pseudo domain. This uses a new 'NO_ID' compile time option which has been discussed and submitted upstream. This is an alternate to replacing version with 'unknown' which affects the version reported to syslog and 'dnsmasq --version' Run time tested with & without NO_ID on Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant --- diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile index 309083dcd8..942e00af0b 100644 --- a/package/network/services/dnsmasq/Makefile +++ b/package/network/services/dnsmasq/Makefile @@ -103,7 +103,7 @@ Package/dnsmasq-full/conffiles = $(Package/dnsmasq/conffiles) TARGET_CFLAGS += -ffunction-sections -fdata-sections TARGET_LDFLAGS += -Wl,--gc-sections -COPTS = $(if $(CONFIG_IPV6),,-DNO_IPV6) +COPTS = -DNO_ID $(if $(CONFIG_IPV6),,-DNO_IPV6) ifeq ($(BUILD_VARIANT),nodhcpv6) COPTS += -DNO_DHCP6