summary refs log tree commit diff
path: root/resolv
Commit message (Collapse)AuthorAgeFilesLines
* resolv: Move ns_name_pton into its own file and into libcFlorian Weimer2021-07-194-125/+161
| | | | | | | | | And reformat to GNU style, and eliminate the digits variable. The symbol was moved using scripts/move-symbol-to-libc.py. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
* resolv: Move ns_name_uncompress into its own file and into libcFlorian Weimer2021-07-194-25/+49
| | | | | | | | | | And reformat to GNU style. Check for negative error returns (instead of -1). The symbol was moved using scripts/move-symbol-to-libc.py. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
* resolv: Move ns_name_skip to its own file and into libc (bug 28091)Florian Weimer2021-07-194-38/+75
| | | | | | | | | | And reformat to GNU style. Avoid out-of-bounds pointer arithmetic. This also results in a fix of bug 28091 due to the additional packet length checks. The symbol was moved using scripts/move-symbol-to-libc.py. Reviewed-by: Carlos O'Donell <carlos@systemhalted.org>
* resolv: Deprecate legacy interfaces in libresolvFlorian Weimer2021-07-192-40/+79
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Debugging interfaces: p_*, fp_*, and sym_* could conceivably be used to produce debug out, but these functions have not been updated to parse more resource records, so they are not very useful today. Likewise for ns_sprintrr and ns_sprintrrf. ns_format_ttl and ns_parse_ttl are related to these. Internal implementation details: res_isourserver is probably only useful in the implementation of a stub resolver, and so is res_nameinquery. Unclear semantics and bad performance: ns_samedomain, ns_subdomain, ns_makecanon, ns_samename do textual converions & copies instead of checking equivalence of the wire format. inet_neta cannot handle IPv6 addresses. res_hostalias has been superseded by getaddrinfo with AI_CANONNAME. hostalias is not thread-safe. Some functions have int as size arguments instead of size_t, so they do not follow current coding practices. However, dn_expand and b64_ntop are somewhat widely used (to name just two examples), so deprecating them seems problematic. Reviewed-by: Carlos O'Donell <carlos@systemhalted.org>
* resolv: Move ns_name_unpack to its own file and into libcFlorian Weimer2021-07-154-83/+119
| | | | | | | | | | Reformat to GNU style. Avoid out-of-bounds buffer arithmetic. Eliminate the labellen function. The symbol was moved using scripts/move-symbol-to-libc.py. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
* resolv: Remove unnecessary res_isourserver_p call from send_dgFlorian Weimer2021-07-151-6/+0
| | | | | | | | As the comment indicates, the check is unnecessary due to the way the UDP socket is set up. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
* resolv: Move ns_name_ntop to its own file and into libcFlorian Weimer2021-07-154-129/+152
| | | | | | | | | | | | Reformat to GNU style. Avoid out-of-bounds pointer arithmetic (e.g., use eom - dn < 2 instead of dn + 1 >= eom). Inline the labellen function and fold the compression pointer check into the length check (l >= 64). Assume ASCII encoding. The symbol was moved using scripts/move-symbol-to-libc.py. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
* nss_dns: Do not use deprecated packet parsing functionsFlorian Weimer2021-07-152-21/+20
| | | | | Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
* resolv: Sort Makefile routines and Versions lexicographicallyFlorian Weimer2021-07-152-73/+182
| | | | | | Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
* Force building with -fno-commonFlorian Weimer2021-07-091-1/+1
| | | | | | | | | | As a result, is not necessary to specify __attribute__ ((nocommon)) on individual definitions. GCC 10 defaults to -fno-common on all architectures except ARC, but this change is compatible with older GCC versions and ARC, too. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* resolv: Move libanl into libc (if libpthread is in libc)Florian Weimer2021-07-0211-49/+173
| | | | | | | | | | The symbols gai_cancel, gai_error, gai_suspend, getaddrinfo_a, __gai_suspend_time64 were moved using scripts/move-symbol-to-libc.py. For Hurd (which remains !PTHREAD_IN_LIBC), a few #define redirects had to be added because several pthread functions are not available under __. (Linux uses __ prefixes for most hidden aliases, and has to in some cases to avoid linknamespace issues.)
* y2038: Add support for 64-bit time on legacy ABIsAdhemerval Zanella2021-06-151-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A new build flag, _TIME_BITS, enables the usage of the newer 64-bit time symbols for legacy ABI (where 32-bit time_t is default). The 64 bit time support is only enabled if LFS (_FILE_OFFSET_BITS=64) is also used. Different than LFS support, the y2038 symbols are added only for the required ABIs (armhf, csky, hppa, i386, m68k, microblaze, mips32, mips64-n32, nios2, powerpc32, sparc32, s390-32, and sh). The ABIs with 64-bit time support are unchanged, both for symbol and types redirection. On Linux the full 64-bit time support requires a minimum of kernel version v5.1. Otherwise, the 32-bit fallbacks are used and might results in error with overflow return code (EOVERFLOW). The i686-gnu does not yet support 64-bit time. This patch exports following rediretions to support 64-bit time: * libc: adjtime adjtimex clock_adjtime clock_getres clock_gettime clock_nanosleep clock_settime cnd_timedwait ctime ctime_r difftime fstat fstatat futimens futimes futimesat getitimer getrusage gettimeofday gmtime gmtime_r localtime localtime_r lstat_time lutimes mktime msgctl mtx_timedlock nanosleep nanosleep ntp_gettime ntp_gettimex ppoll pselec pselect pthread_clockjoin_np pthread_cond_clockwait pthread_cond_timedwait pthread_mutex_clocklock pthread_mutex_timedlock pthread_rwlock_clockrdlock pthread_rwlock_clockwrlock pthread_rwlock_timedrdlock pthread_rwlock_timedwrlock pthread_timedjoin_np recvmmsg sched_rr_get_interval select sem_clockwait semctl semtimedop sem_timedwait setitimer settimeofday shmctl sigtimedwait stat thrd_sleep time timegm timerfd_gettime timerfd_settime timespec_get utime utimensat utimes utimes wait3 wait4 * librt: aio_suspend mq_timedreceive mq_timedsend timer_gettime timer_settime * libanl: gai_suspend Reviewed-by: Lukasz Majewski <lukma@denx.de> Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
* dlfcn: Cleanups after -ldl is no longer requiredFlorian Weimer2021-06-031-11/+8
| | | | | | | | | | | | This commit removes the ELF constructor and internal variables from dlfcn/dlfcn.c. The file now serves the same purpose as nptl/libpthread-compat.c, so it is renamed to dlfcn/libdl-compat.c. The use of libdl-shared-only-routines ensures that libdl.a is empty. This commit adjusts the test suite not to use $(libdl). The libdl.so symbolic link is no longer installed. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* resolv: tst-p_secstodate can be a regular testFlorian Weimer2021-03-092-13/+3
| | | | | | | | Now that compat_symbol_reference works for non-internal tests, too. Also do not build and run the tests on architectures which lack the __p_secstodate compatibility symbol. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* Update copyright dates with scripts/update-copyrightsPaul Eggert2021-01-0269-69/+69
| | | | | | | | | | | | | | | | I used these shell commands: ../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright (cd ../glibc && git commit -am"[this commit message]") and then ignored the output, which consisted lines saying "FOO: warning: copyright statement not found" for each of 6694 files FOO. I then removed trailing white space from benchtests/bench-pthread-locks.c and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this diagnostic from Savannah: remote: *** pre-commit check failed ... remote: *** error: lines with trailing whitespace found remote: error: hook declined to update refs/heads/master
* y2038: Convert gai_suspend to support 64 bit timeLukasz Majewski2020-12-041-25/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change uses (in gai_misc.h): - __futex_abstimed_wait64 (instead of futex_reltimed_wait) - __futex_abstimed_wait_cancellable64 (instead of futex_reltimed_wait_cancellable) from ./sysdeps/nptl/futex-helpers.h The gai_suspend() accepts relative timeout, which then is converted to absolute one. The i686-gnu port (HURD) do not define DONT_NEED_GAI_MISC_COND and as it doesn't (yet) support 64 bit time it uses not converted pthread_cond_timedwait(). The __gai_suspend() is supposed to be run on ports with __TIMESIZE !=64 and __WORDSIZE==32. It internally utilizes __gai_suspend_time64() and hence the conversion from 32 bit struct timespec to 64 bit one is required. For ports supporting 64 bit time the __gai_suspend_time64() will be used either via alias (to __gai_suspend when __TIMESIZE==64) or redirection (when -D_TIME_BITS=64 is passed). Build tests: ./src/scripts/build-many-glibcs.py glibcs Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
* Mark mtrace tests UNSUPPORTED if bug-ga2.mtrace or tst-leaks2.mtrace are missingStefan Liebler2020-11-251-1/+3
| | | | | | | | | | | | | | Starting with commit 29fddfc7dfd6444fa61a256e9a0d0127545e1f2e, the tests posix/bug-ga2 and resolv/tst-leaks2 are test-container tests. If test-container.c returns with EXIT_UNSUPPORTED, the tests with mtrace() are not executed and the mtrace files do not exist. Therefore the "mtrace-analysis-part" of those tests are marked UNSUPPORTED if the mtrace files are missing. Reported-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com> Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>
* Use libnss_files.so for tests posix/bug-ga2 and resolv/tst-leaks2 [BZ #26821]Stefan Liebler2020-11-234-6/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | The tests posix/bug-ga2-mem and resolv/mtrace-tst-leaks2 are failing on fedora 33 as mtrace reports memory leaks. The /etc/nsswitch.conf differs between Fedora 32: hosts: files dns myhostname Fedora 33: hosts: files resolve [!UNAVAIL=return] myhostname dns Therefore /lib64/libnss_resolve.so.2 (from systemd) and the dependencies libgcc_s.so.1 and libpthread.so.0 are loaded. Usually all malloc'ed resources from getaddrinfo / gethostbyname are freed and the libraries are dlclose'd in nss/nsswitch.c:libc_freeres_fn (free_mem). Unfortunately, /lib64/libnss_resolve.so.2 is marked with DF_1_NODELETE. As this library is not unmapped, you'll see "Memory not freed". Therefore those tests are now only relying on libnss_files.so by making them test-container tests and providing the required configuration files. By moving the tests to tests-container, those are now running with "make check". Therefore the mtrace part of the tests are also moved from "make xcheck" to "make check". bug-ga2.c is now using test-driver.c in order to support WAIT_FOR_DEBUGGER environment variable.
* resolv: Serialize processing in resolv/tst-resolv-txnid-collisionFlorian Weimer2020-10-151-0/+5
| | | | | | | | | | | When switching name servers, response processing by two server threads clobbers the global test state. (There is still some risk that this test is negatively impact by packet drops and packet reordering, but this applies to many of the resolver tests and is difficult to avoid.) Fixes commit f1f00c072138af90ae6da180f260111f09afe7a3 ("resolv: Handle transaction ID collisions in parallel queries (bug 26600)").
* resolv: Handle transaction ID collisions in parallel queries (bug 26600)Florian Weimer2020-10-143-20/+356
| | | | | | If the transaction IDs are equal, the old check attributed both responses to the first query, not recognizing the second response. This fixes bug 26600.
* Move <rpc/netdb.h> from sunrpc to inetFlorian Weimer2020-07-172-10/+0
| | | | | | | | | | | Restore <rpc/netdb.h> as an installed header. Delete the dummy header resolv/rpc/netdb.h because inet is not an optional glibc component (so its <rpc/netdb.h> is always available). Fixes commit acb527929d0c2b3bb0798472c42ddb3203729708 ("Move non-deprecated RPC-related functions from sunrpc to inet") in combination with commit 5500cdba4018ddbda7909bc7f4f9718610b43cf0 ("Remove --enable-obsolete-rpc configure flag").
* Move implementation of <file_change_detection.h> into a C fileFlorian Weimer2020-02-182-4/+4
| | | | | | | | | | | file_change_detection_for_stat partially initialize struct file_change_detection in some cases, when the size member alone determines the outcome of all comparisons. This results in maybe-uninitialized compiler warnings in case of sufficiently aggressive inlining. Once the implementation is moved into a separate C file, this kind of inlining is no longer possible, so the compiler warnings are gone.
* resolv: Fix ABA race in /etc/resolv.conf change detection [BZ #25420]Florian Weimer2020-02-141-6/+13
| | | | | | | | | | __resolv_conf_get_current should only record the initial file change data if after verifying that file just read matches the original measurement. Fixes commit aef16cc8a4c670036d45590877 ("resolv: Automatically reload a changed /etc/resolv.conf file [BZ #984]"). Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* resolv: Enhance __resolv_conf_load to capture file change dataFlorian Weimer2020-02-143-7/+19
| | | | | | | The data is captured after reading the file. This allows callers to check the change data against an earlier measurement. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* resolv: Fix file handle leak in __resolv_conf_load [BZ #25429]Florian Weimer2020-02-141-1/+7
| | | | | | | | | | | | | | res_vinit_1 did not close the stream on errors, only on success. This change moves closing the stream to __resolv_conf_load, for both the success and error cases. Fixes commit 89f187a40fc0ad4e22838526bfe34d73f758b776 ("resolv: Use getline for configuration file reading in res_vinit_1") and commit 3f853f22c87f0b671c0366eb290919719fa56c0e ("resolv: Lift domain search list limits [BZ #19569] [BZ #21475]"), where memory allocation was introduced into res_vinit_1. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* resolv: Use <file_change_detection.h> in __resolv_conf_get_currentFlorian Weimer2020-02-141-35/+8
| | | | | | | Only minor functional changes (i.e., regarding the handling of directories, which are now treated as empty files). Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* nss_dns: Use NSS_DECLARE_MODULE_FUNCTIONSFlorian Weimer2020-02-133-0/+6
| | | | Reviewed-by: DJ Delorie <dj@redhat.com>
* resolv: Fix CNAME chaining in resolv/tst-resolv-ai_idn-common.cFlorian Weimer2020-02-071-1/+2
| | | | | | | | The second CNAME record optionally generated by the response function used the question name, not the redirected name from the first CNAME. This breaks the chain and results in failures of these IDNA tests if CNAME owner names are checked as expected (which the current implementation does not do).
* Get rid of Werror=maybe-uninitialized in res_send.c.Stefan Liebler2020-01-201-0/+4
| | | | | | | | | | | | | | The commit 446997ff1433d33452b81dfa9e626b8dccf101a4 introduced this new usage of resplen. If build with gcc 9 -march>=z13 on s390x, the following warning occurs: res_send.c: In function ‘__res_context_send’: res_send.c:539:6: error: ‘resplen’ may be used uninitialized in this function [-Werror=maybe-uninitialized] 539 | if (resplen > HFIXEDSZ) | ^ Therefore this patch adds a further DIAG_IGNORE_NEEDS_COMMENT in the same way as it was previously done for usages of resplen or n. See commit d1bc2cbbed9aea2017ef941f63c8786571da5b4f.
* Update copyright dates with scripts/update-copyrights.Joseph Myers2020-01-0168-68/+68
|
* resolv: Implement trust-ad option for /etc/resolv.conf [BZ #20358]Florian Weimer2019-11-278-1/+239
| | | | | | | | | | | | | | | | | This introduces a concept of trusted name servers, for which the AD bit is passed through to applications. For untrusted name servers (the default), the AD bit in responses are cleared, to provide a safe default. This approach is very similar to the one suggested by Pavel Šimerda in <https://bugzilla.redhat.com/show_bug.cgi?id=1164339#c15>. The DNS test framework in support/ is enhanced with support for setting the AD bit in responses. Tested on x86_64-linux-gnu. Change-Id: Ibfe0f7c73ea221c35979842c5c3b6ed486495ccc
* Change most internal uses of __gettimeofday to __clock_gettime.Zack Weinberg2019-10-303-12/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since gettimeofday will shortly be implemented in terms of clock_gettime on all platforms, internal code should use clock_gettime directly; in addition to removing a layer of indirection, this will allow us to remove the PLT-bypass gunk for gettimeofday. (We can't quite do that yet, but it'll be coming later in this patch series.) In many cases, the changed code does fewer conversions. The changed code always assumes __clock_gettime (CLOCK_REALTIME) cannot fail. Most of the call sites were assuming gettimeofday could not fail, but a few places were checking for errors. POSIX says clock_gettime can only fail if the clock constant is invalid or unsupported, and CLOCK_REALTIME is the one and only clock constant that's required to be supported. For consistency I grepped the entire source tree for any other places that checked for errors from __clock_gettime (CLOCK_REALTIME), found one, and changed it too. (For the record, POSIX also says gettimeofday can never fail.) (It would be nice if we could declare that GNU systems will always support CLOCK_MONOTONIC as well as CLOCK_REALTIME; there are several places where we are using CLOCK_REALTIME where _MONOTONIC would be more appropriate, and/or trying to use _MONOTONIC and then falling back to _REALTIME. But the Hurd doesn't support CLOCK_MONOTONIC yet, and it looks like adding it would involve substantial changes to gnumach's internals and API. Oh well.) A few Hurd-specific files were changed to use __host_get_time instead of __clock_gettime, as this seemed tidier. We also assume this cannot fail. Skimming the code in gnumach leads me to believe the only way it could fail is if __mach_host_self also failed, and our Hurd-specific code consistently assumes that can't happen, so I'm going with that. With the exception of support/support_test_main.c, test cases are not modified, mainly because I didn't want to have to figure out which test cases were testing gettimeofday specifically. The definition of GETTIME in sysdeps/generic/memusage.h had a typo and was not reading tv_sec at all. I fixed this. It appears nobody has been generating malloc traces on a machine that doesn't have a superseding definition. There are a whole bunch of places where the code could be simplified by factoring out timespec subtraction and/or comparison logic, but I want to keep this patch as mechanical as possible. Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu, powerpc64-linux-gnu, powerpc-linux-gnu, and aarch64-linux-gnu. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> Reviewed-by: Lukasz Majewski <lukma@denx.de>
* Prefer https to http for gnu.org and fsf.org URLsPaul Eggert2019-09-0767-67/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also, change sources.redhat.com to sourceware.org. This patch was automatically generated by running the following shell script, which uses GNU sed, and which avoids modifying files imported from upstream: sed -ri ' s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g ' \ $(find $(git ls-files) -prune -type f \ ! -name '*.po' \ ! -name 'ChangeLog*' \ ! -path COPYING ! -path COPYING.LIB \ ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \ ! -path manual/texinfo.tex ! -path scripts/config.guess \ ! -path scripts/config.sub ! -path scripts/install-sh \ ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \ ! -path INSTALL ! -path locale/programs/charmap-kw.h \ ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \ ! '(' -name configure \ -execdir test -f configure.ac -o -f configure.in ';' ')' \ ! '(' -name preconfigure \ -execdir test -f preconfigure.ac ';' ')' \ -print) and then by running 'make dist-prepare' to regenerate files built from the altered files, and then executing the following to cleanup: chmod a+x sysdeps/unix/sysv/linux/riscv/configure # Omit irrelevant whitespace and comment-only changes, # perhaps from a slightly-different Autoconf version. git checkout -f \ sysdeps/csky/configure \ sysdeps/hppa/configure \ sysdeps/riscv/configure \ sysdeps/unix/sysv/linux/csky/configure # Omit changes that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines git checkout -f \ sysdeps/powerpc/powerpc64/ppc-mcount.S \ sysdeps/unix/sysv/linux/s390/s390-64/syscall.S # Omit change that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
* Mark IDN tests unsupported with libidn2 before 2.0.5.Joseph Myers2019-08-222-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using a system (e.g. Ubuntu 18.04) with libidn2 2.0.4 or earlier, test results include: FAIL: resolv/tst-resolv-ai_idn FAIL: resolv/tst-resolv-ai_idn-latin1 It was previously stated <https://sourceware.org/ml/libc-alpha/2018-05/msg00771.html> that "It should fail to indicate you have bugs in your system libidn.". However, the glibc testsuite should be indicating whether there are bugs in glibc, not whether there are bugs in other system pieces - so unless you consider it a glibc bug that it fails to work around the libidn issues, these FAILs are not helpful. And as a general principle, it's best for the expected glibc test results to be clean, with Bugzilla used to track known bugs in glibc itself, rather than people needing to know about the expected FAILs to tell if there are problems with their glibc build. So, while there is an argument that install.texi (not just the old NEWS entries for 2.28) should explain the use of libidn2 and that 2.0.5 or later is recommended, test FAILs are not the right way to indicate the presence of an old libidn2 version. This patch accordingly makes those tests return UNSUPPORTED for older libidn2 versions, just as they do when libidn2 isn't present at all. As implied by that past discussion, it's possible this could result in UNSUPPORTED for systems with older versions but whatever required fixes backported so the tests previously passed, if there are any such systems. Tested for x86_64 on Ubuntu 18.04, including verifying that putting an earlier version in place of 2.0.5 results in the tests FAILing whereas using 2.0.5 as in the patch results in UNSUPPORTED. Florian reports that the tests still run on Fedora 30, with libidn 2.2.0. * resolv/tst-resolv-ai_idn-latin1.c (do_test): Mark test unsupported with libidn2 before 2.0.5. * resolv/tst-resolv-ai_idn.c (do_test): Likewise.
* Fix build warnings in resolv/res_send.cStefan Liebler2019-07-021-1/+16
| | | | | | | | | | | | | | | | | | | | | | | This patch fixes the gcc warnings seen with gcc 9 -march>=z13 on s390x: res_send.c: In function ‘__res_context_send’: res_send.c:498:7: error: ‘resplen’ may be used uninitialized in this function [-Werror=maybe-uninitialized] 498 | if (n == 0 && (buf2 == NULL || *resplen2 == 0)) | ^ In this case send_vc is inlined into __res_context_send and the maybe uninitialized resplen belongs to the one in send_vc. In send_vc there is already a DIAG_IGNORE_NEEDS_COMMENT (5, "-Wmaybe-uninitialized") and a comment which explains that this is a false-positive. Note that resplen is used as return value. This patch adds a further DIAG_IGNORE_NEEDS_COMMENT around the declaration of n in __res_context_send and the comparison after n was set to the return value of send_vc. ChangeLog: * resolv/res_send.c (__res_context_send): Disable maybe-uninitialized warning.
* nss_dns: Check for proper A/AAAA address alignmentFlorian Weimer2019-05-241-2/+13
| | | | Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* nss_dns: Do not replace root domain with empty stringFlorian Weimer2019-04-112-6/+0
| | | | | | The purpose of the bp[0] == '.' check is unclear. Only the root domain starts with '.'. The empty string is accepted as a domain name in many places, denoting the root, but using it implicitly is confusing.
* resolv: Remove RES_INSECURE1, RES_INSECURE2Florian Weimer2019-04-083-23/+13
| | | | Always perform the associated security checks.
* resolv: Remove support for RES_USE_INET6 and the inet6 optionFlorian Weimer2019-04-0810-657/+19
| | | | | | | | | This functionality was deprecated in glibc 2.25. This commit only includes the core changes to remove the functionality. It does not remove the RES_USE_INET6 handling in the individual NSS service modules and the res_use_inet6 function. These changes will happen in future commits.
* Do not use HP_TIMING_NOW for random bitsAdhemerval Zanella2019-03-222-26/+5
| | | | | | | | | | | | | | | | | | | | | This patch removes the HP_TIMING_BITS usage for fast random bits and replace with clock_gettime (CLOCK_MONOTONIC). It has unspecified starting time and nano-second accuracy, so its randomness is significantly better than gettimeofday. Althoug it should incur in more overhead (specially for architecture that support hp-timing), the symbol is also common implemented as a vDSO. Checked on aarch64-linux-gnu, x86_64-linux-gnu, and i686-linux-gnu. I also checked on a i686-gnu build. * include/random-bits.h: New file. * resolv/res_mkquery.c [HP_TIMING_AVAIL] (RANDOM_BITS, (__res_context_mkquery): Remove usage hp-timing usage and replace with random_bits. * resolv/res_send.c [HP_TIMING_AVAIL] (nameserver_offset): Likewise. * sysdeps/posix/tempname.c [HP_TIMING_AVAIL] (__gen_tempname): Likewise.
* resolv: Enable full ICMP errors for UDP DNS sockets [BZ #24047]Florian Weimer2019-03-124-1/+56
| | | | | | The Linux kernel suppresses some ICMP error messages by default for UDP sockets. This commit enables full ICMP error reporting, hopefully resulting in faster failover to working name servers.
* resolv: Remove debugging code from compat-gethnamaddr.cFlorian Weimer2019-02-181-23/+0
|
* Add fall-through comments.Joseph Myers2019-02-121-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds fall-through comments in some cases where -Wextra produces implicit-fallthrough warnings. The patch is non-exhaustive. Apart from architecture-specific code for non-x86_64 architectures, it does not change sunrpc/xdr.c (legacy code, probably should have such changes, but left to be dealt with separately), or places that already had comments about the fall-through but not matching the form expected by -Wimplicit-fallthrough=3 (the default level with -Wextra; my inclination is to adjust those comments to match rather than downgrading to -Wimplicit-fallthrough=1 to allow any comment), or one place where I thought the implicit fallthrough was not correct and so should be handled separately as a bug fix. I think the key thing to consider in review of this patch is whether the fall-through is indeed intended and correct in each place where such a comment is added. Tested for x86_64. * elf/dl-exception.c (_dl_exception_create_format): Add fall-through comments. * elf/ldconfig.c (parse_conf_include): Likewise. * elf/rtld.c (print_statistics): Likewise. * locale/programs/charmap.c (parse_charmap): Likewise. * misc/mntent_r.c (__getmntent_r): Likewise. * posix/wordexp.c (parse_arith): Likewise. (parse_backtick): Likewise. * resolv/ns_ttl.c (ns_parse_ttl): Likewise. * sysdeps/x86/cpu-features.c (init_cpu_features): Likewise. * sysdeps/x86_64/dl-machine.h (elf_machine_rela): Likewise.
* CVE-2016-10739: getaddrinfo: Fully parse IPv4 address strings [BZ #20018]Florian Weimer2019-01-218-31/+413
| | | | | | | | | | | | | | | | The IPv4 address parser in the getaddrinfo function is changed so that it does not ignore trailing whitespace and all characters after it. For backwards compatibility, the getaddrinfo function still recognizes legacy name syntax, such as 192.000.002.010 interpreted as 192.0.2.8 (octal). This commit does not change the behavior of inet_addr and inet_aton. gethostbyname already had additional sanity checks (but is switched over to the new __inet_aton_exact function for completeness as well). To avoid sending the problematic query names over DNS, commit 6ca53a2453598804a2559a548a08424fca96434a ("resolv: Do not send queries for non-host-names in nss_dns [BZ #24112]") is needed.
* resolv: Do not send queries for non-host-names in nss_dns [BZ #24112]Florian Weimer2019-01-211-2/+22
| | | | | | | | Before this commit, nss_dns would send a query which did not contain a host name as the query name (such as invalid\032name.example.com) and then reject the answer in getanswer_r and gaih_getanswer_slice, using a check based on res_hnok. With this commit, no query is sent, and a host-not-found error is returned to NSS without network interaction.
* resolv: Reformat inet_addr, inet_aton to GNU styleFlorian Weimer2019-01-211-91/+101
|
* resolv: IDNA tests: AAAA (28) is valid, no fallthrough to defaultAndreas K. Hüttel2019-01-101-0/+1
|
* Update copyright dates with scripts/update-copyrights.Joseph Myers2019-01-0163-63/+63
| | | | | | | * All files with FSF copyright notices: Update copyright dates using scripts/update-copyrights. * locale/programs/charmap-kw.h: Regenerated. * locale/programs/locfile-kw.h: Likewise.
* Add an additional test to resolv/tst-resolv-network.cAlexandra Hájková2018-11-081-0/+6
| | | | Test for the infinite loop in getnetbyname, bug #17630.
* libanl: properly cleanup if first helper thread creation failed (bug 22927)Andreas Schwab2018-11-051-2/+5
|