diff options
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | NEWS | 6 | ||||
| -rw-r--r-- | resolv/gethnamaddr.c | 25 | ||||
| -rw-r--r-- | resolv/nss_dns/dns-host.c | 23 |
4 files changed, 28 insertions, 33 deletions
diff --git a/ChangeLog b/ChangeLog index 6815223db6..2501fa5cc9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2015-02-24 Siddhesh Poyarekar <siddhesh@redhat.com> + + [BZ #14841] + * resolv/gethnamaddr.c (getanswer): Skip logging if + RES_USE_DNSSEC is set. + * resolv/nss_dns/dns-host.c (getanswer_r): Likewise. + 2015-02-24 Mike Frysinger <vapier@gentoo.org> * sysdeps/unix/sysv/linux/hppa/sysdep.h: Include dl-sysdep.h. diff --git a/NEWS b/NEWS index e5d8ee8834..3925acd93f 100644 --- a/NEWS +++ b/NEWS @@ -9,9 +9,9 @@ Version 2.22 * The following bugs are resolved with this release: - 4719, 13064, 14094, 15319, 15467, 15790, 16560, 17269, 17569, 17588, - 17792, 17836, 17912, 17932, 17944, 17949, 17964, 17965, 17967, 17969, - 17978, 17987, 17991, 17996, 17998, 17999. + 4719, 14841, 13064, 14094, 15319, 15467, 15790, 16560, 17269, 17569, + 17588, 17792, 17836, 17912, 17932, 17944, 17949, 17964, 17965, 17967, + 17969, 17978, 17987, 17991, 17996, 17998, 17999. * Character encoding and ctype tables were updated to Unicode 7.0.0, using new generator scripts contributed by Pravin Satpute and Mike FABIAN (Red diff --git a/resolv/gethnamaddr.c b/resolv/gethnamaddr.c index a861a847ce..7fd0e497b1 100644 --- a/resolv/gethnamaddr.c +++ b/resolv/gethnamaddr.c @@ -331,23 +331,18 @@ getanswer (const querybuf *answer, int anslen, const char *qname, int qtype) buflen -= n; continue; } - if ((type == T_SIG) || (type == T_KEY) || (type == T_NXT)) { - /* We don't support DNSSEC yet. For now, ignore - * the record and send a low priority message - * to syslog. - */ - syslog(LOG_DEBUG|LOG_AUTH, - "gethostby*.getanswer: asked for \"%s %s %s\", got type \"%s\"", - qname, p_class(C_IN), p_type(qtype), - p_type(type)); - cp += n; - continue; - } if (type != qtype) { - syslog(LOG_NOTICE|LOG_AUTH, + /* Log a low priority message if we get an unexpected + * record, but skip it if we are using DNSSEC since it + * uses many different types in responses that do not + * match QTYPE. + */ + if ((_res.options & RES_USE_DNSSEC) == 0) { + syslog(LOG_NOTICE|LOG_AUTH, "gethostby*.getanswer: asked for \"%s %s %s\", got type \"%s\"", - qname, p_class(C_IN), p_type(qtype), - p_type(type)); + qname, p_class(C_IN), p_type(qtype), + p_type(type)); + } cp += n; continue; /* XXX - had_error++ ? */ } diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c index f715ab0b3f..b16b0ddf11 100644 --- a/resolv/nss_dns/dns-host.c +++ b/resolv/nss_dns/dns-host.c @@ -820,26 +820,19 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype, linebuflen -= n; continue; } - if (__builtin_expect (type == T_SIG, 0) - || __builtin_expect (type == T_KEY, 0) - || __builtin_expect (type == T_NXT, 0)) - { - /* We don't support DNSSEC yet. For now, ignore the record - and send a low priority message to syslog. */ - syslog (LOG_DEBUG | LOG_AUTH, - "gethostby*.getanswer: asked for \"%s %s %s\", got type \"%s\"", - qname, p_class (C_IN), p_type(qtype), p_type (type)); - cp += n; - continue; - } if (type == T_A && qtype == T_AAAA && map) have_to_map = 1; else if (__glibc_unlikely (type != qtype)) { - syslog (LOG_NOTICE | LOG_AUTH, - "gethostby*.getanswer: asked for \"%s %s %s\", got type \"%s\"", - qname, p_class (C_IN), p_type (qtype), p_type (type)); + /* Log a low priority message if we get an unexpected record, but + skip it if we are using DNSSEC since it uses many different types + in responses that do not match QTYPE. */ + if ((_res.options & RES_USE_DNSSEC) == 0) + syslog (LOG_NOTICE | LOG_AUTH, + "gethostby*.getanswer: asked for \"%s %s %s\", " + "got type \"%s\"", + qname, p_class (C_IN), p_type (qtype), p_type (type)); cp += n; continue; /* XXX - had_error++ ? */ } |