diff options
| author | Werner Koch <wk@gnupg.org> | 2017-02-13 20:09:26 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2017-02-13 20:13:05 +0100 |
| commit | dee026d761ae3d7594c3dbc5b3fa842df53cc189 (patch) | |
| tree | 1721fed7f9f57630e071f51da9d4ec008d8badca /dirmngr/dns-stuff.c | |
| parent | gpgconf: No ENOENT warning with --change-options et al. (diff) | |
| download | gnupg2-dee026d761ae3d7594c3dbc5b3fa842df53cc189.tar.xz gnupg2-dee026d761ae3d7594c3dbc5b3fa842df53cc189.zip | |
dirmngr: Do a DNS lookup even if it is missing from nsswitch.conf.
* dirmngr/dns-stuff.c (libdns_init): Do not print error message for a
missing nsswitch.conf. Make sure that tehre is a DNS entry.
--
GnuPG-bug-id: 2948
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'dirmngr/dns-stuff.c')
| -rw-r--r-- | dirmngr/dns-stuff.c | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c index f0de3576d..e57ddc7e0 100644 --- a/dirmngr/dns-stuff.c +++ b/dirmngr/dns-stuff.c @@ -498,12 +498,10 @@ libdns_init (void) (dns_nssconf_loadpath (ld.resolv_conf, fname)); if (err) { - log_error ("failed to load '%s': %s\n", fname, gpg_strerror (err)); - /* not fatal, nsswitch.conf is not used on all systems; assume - * classic behavior instead. Our dns library states "bf" which tries - * DNS then Files, which is not classic; FreeBSD - * /usr/src/lib/libc/net/gethostnamadr.c defines default_src[] which - * is Files then DNS, which is. */ + /* This is not a fatal error: nsswitch.conf is not used on + * all systems; assume classic behavior instead. */ + if (gpg_err_code (err) != GPG_ERR_ENOENT) + log_error ("failed to load '%s': %s\n", fname, gpg_strerror (err)); if (opt_debug) log_debug ("dns: fallback resolution order, files then DNS\n"); ld.resolv_conf->lookup[0] = 'f'; @@ -511,6 +509,23 @@ libdns_init (void) ld.resolv_conf->lookup[2] = '\0'; err = GPG_ERR_NO_ERROR; } + else if (!strchr (ld.resolv_conf->lookup, 'b')) + { + /* No DNS resulution type found in the list. This might be + * due to systemd based systems which allow for custom + * keywords which are not known to us and thus we do not + * know whether DNS is wanted or not. Becuase DNS is + * important for our infrastructure, we forcefully append + * DNS to the end of the list. */ + if (strlen (ld.resolv_conf->lookup)+2 < sizeof ld.resolv_conf->lookup) + { + if (opt_debug) + log_debug ("dns: appending DNS to resolution order\n"); + strcat (ld.resolv_conf->lookup, "b"); + } + else + log_error ("failed to append DNS to resolution order\n"); + } #endif /* Unix */ } |