[Pkg-gnupg-commit] [gnupg2] 73/166: dirmngr: Do a DNS lookup even if it is missing from nsswitch.conf.

Thu Mar 16 22:33:07 UTC 2017

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit dee026d761ae3d7594c3dbc5b3fa842df53cc189
Author: Werner Koch <wk at gnupg.org>
Date:   Mon Feb 13 20:09:26 2017 +0100

    dirmngr: Do a DNS lookup even if it is missing from nsswitch.conf.
    
    * dirmngr/dns-stuff.c (libdns_init): Do not print error message for a
    missing nsswitch.conf.  Make sure that tehre is a DNS entry.
    --
    
    GnuPG-bug-id: 2948
    Signed-off-by: Werner Koch <wk at gnupg.org>
---
 dirmngr/dns-stuff.c | 27 +++++++++++++++++++++------
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c
index f0de357..e57ddc7 100644
--- a/dirmngr/dns-stuff.c
+++ b/dirmngr/dns-stuff.c
@@ -498,12 +498,10 @@ libdns_init (void)
         (dns_nssconf_loadpath (ld.resolv_conf, fname));
       if (err)
         {
-          log_error ("failed to load '%s': %s\n", fname, gpg_strerror (err));
-          /* not fatal, nsswitch.conf is not used on all systems; assume
-           * classic behavior instead.  Our dns library states "bf" which tries
-           * DNS then Files, which is not classic; FreeBSD
-           * /usr/src/lib/libc/net/gethostnamadr.c defines default_src[] which
-           * is Files then DNS, which is. */
+          /* This is not a fatal error: nsswitch.conf is not used on
+           * all systems; assume classic behavior instead.  */
+          if (gpg_err_code (err) != GPG_ERR_ENOENT)
+            log_error ("failed to load '%s': %s\n", fname, gpg_strerror (err));
           if (opt_debug)
             log_debug ("dns: fallback resolution order, files then DNS\n");
           ld.resolv_conf->lookup[0] = 'f';
@@ -511,6 +509,23 @@ libdns_init (void)
           ld.resolv_conf->lookup[2] = '\0';
           err = GPG_ERR_NO_ERROR;
         }
+      else if (!strchr (ld.resolv_conf->lookup, 'b'))
+        {
+          /* No DNS resulution type found in the list.  This might be
+           * due to systemd based systems which allow for custom
+           * keywords which are not known to us and thus we do not
+           * know whether DNS is wanted or not.  Becuase DNS is
+           * important for our infrastructure, we forcefully append
+           * DNS to the end of the list.  */
+          if (strlen (ld.resolv_conf->lookup)+2 < sizeof ld.resolv_conf->lookup)
+            {
+              if (opt_debug)
+                log_debug ("dns: appending DNS to resolution order\n");
+              strcat (ld.resolv_conf->lookup, "b");
+            }
+          else
+            log_error ("failed to append DNS to resolution order\n");
+        }
 
 #endif /* Unix */
     }

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

