| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This introduces a concept of trusted name servers, for which the
AD bit is passed through to applications. For untrusted name
servers (the default), the AD bit in responses are cleared, to
provide a safe default.
This approach is very similar to the one suggested by Pavel Šimerda
in <https://bugzilla.redhat.com/show_bug.cgi?id=1164339#c15>.
The DNS test framework in support/ is enhanced with support for
setting the AD bit in responses.
Tested on x86_64-linux-gnu.
Change-Id: Ibfe0f7c73ea221c35979842c5c3b6ed486495ccc
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also, change sources.redhat.com to sourceware.org.
This patch was automatically generated by running the following shell
script, which uses GNU sed, and which avoids modifying files imported
from upstream:
sed -ri '
s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g
s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g
' \
$(find $(git ls-files) -prune -type f \
! -name '*.po' \
! -name 'ChangeLog*' \
! -path COPYING ! -path COPYING.LIB \
! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \
! -path manual/texinfo.tex ! -path scripts/config.guess \
! -path scripts/config.sub ! -path scripts/install-sh \
! -path scripts/mkinstalldirs ! -path scripts/move-if-change \
! -path INSTALL ! -path locale/programs/charmap-kw.h \
! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \
! '(' -name configure \
-execdir test -f configure.ac -o -f configure.in ';' ')' \
! '(' -name preconfigure \
-execdir test -f preconfigure.ac ';' ')' \
-print)
and then by running 'make dist-prepare' to regenerate files built
from the altered files, and then executing the following to cleanup:
chmod a+x sysdeps/unix/sysv/linux/riscv/configure
# Omit irrelevant whitespace and comment-only changes,
# perhaps from a slightly-different Autoconf version.
git checkout -f \
sysdeps/csky/configure \
sysdeps/hppa/configure \
sysdeps/riscv/configure \
sysdeps/unix/sysv/linux/csky/configure
# Omit changes that caused a pre-commit check to fail like this:
# remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines
git checkout -f \
sysdeps/powerpc/powerpc64/ppc-mcount.S \
sysdeps/unix/sysv/linux/s390/s390-64/syscall.S
# Omit change that caused a pre-commit check to fail like this:
# remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline
git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
|
|
|
|
|
|
|
| |
* All files with FSF copyright notices: Update copyright dates
using scripts/update-copyrights.
* locale/programs/charmap-kw.h: Regenerated.
* locale/programs/locfile-kw.h: Likewise.
|
|
|
|
|
|
|
|
|
|
| |
The old implementation based on hsearch_r used an ad-hoc C string
encoding and produced an incorrect format on the wire for domain
names which contained bytes which needed escaping when printed.
This commit switches to ns_name_pton for the wire format conversion
(now that we have separate tests for it) and uses a tsearch tree
with a suitable comparison function to locate compression targets.
|
|
|
|
|
|
|
| |
* All files with FSF copyright notices: Update copyright dates
using scripts/update-copyrights.
* locale/programs/charmap-kw.h: Regenerated.
* locale/programs/locfile-kw.h: Likewise.
|
|
|
|
| |
This reverts commit 6174537c24cfe324d6e8f5a2a421883df12b8b6a.
|
|
|
|
|
|
|
|
|
|
|
| |
server_thread_udp_process_one already takes care of calling sendto()
instead of xsendto to be able to ignore the case where the client has
closed the socket. Depending on the TCP/IP stack behavior, this error
could be notified later through recvfrom(), so we need to ignore it
there too.
* support/resolv_test.c (server_thread_udp_process_one): Call recvfrom
instead of xrecvfrom, and ignore ECONNREFUSED errors.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sys/socket.h includes sys/uio.h to get the definition of the iovec
structure.
POSIX allows sys/socket.h to make all sys/uio.h symbols visible.
However, all of sys/uio.h is XSI-shaded, so for non-XSI POSIX this
results in conformtest failures (for sys/socket.h and other headers
that include it):
Namespace violation: "UIO_MAXIOV"
Namespace violation: "readv"
Namespace violation: "writev"
Now, there is some ambiguity in POSIX about what namespace
reservations apply in this case - see
http://austingroupbugs.net/view.php?id=1127 - but glibc convention
would still avoid declaring readv and writev, for example, for feature
test macros that don't include them (if only headers from the relevant
standard are included), even if such declarations are permitted, so
there is a bug here according to glibc conventions.
This patch moves the struct iovec definition to a new
bits/types/struct_iovec.h header and includes that from sys/socket.h
instead of including the whole of sys/uio.h. This fixes the namespace
issue; however, three files in glibc that were relying on the implicit
inclusion needed to be updated to include sys/uio.h explicitly. So
there is a question of whether sys/socket.h should continue to include
sys/uio.h under some conditions, such as __USE_XOPEN or __USE_MISC or
__USE_XOPEN || __USE_MISC, for greater compatibility with code that
(wrongly) expects this optional inclusion to be present there. (I
think the three affected files in glibc should still have explicit
sys/uio.h inclusions added in any case, however.)
Tested for x86_64.
[BZ #21426]
* misc/bits/types/struct_iovec.h: New file.
* misc/Makefile (headers): Add bits/types/struct_iovec.h.
* include/bits/types/struct_iovec.h: New file.
* bits/uio.h (struct iovec): Replace by inclusion of
<bits/types/struct_iovec.h>.
* sysdeps/unix/sysv/linux/bits/uio.h (struct iovec): Likewise.
* socket/sys/socket.h: Include <bits/types/struct_iovec.h> instead
of <sys/uio.h>.
* nptl/tst-cancel4.c: Include <sys/uio.h>
* posix/test-errno.c: Likewise.
* support/resolv_test.c: Likewise.
* conform/Makefile (test-xfail-POSIX2008/arpa/inet.h/conform):
Remove.
(test-xfail-POSIX2008/netdb.h/conform): Likewise.
(test-xfail-POSIX2008/netinet/in.h/conform): Likewise.
(test-xfail-POSIX2008/sys/socket.h/conform): Likewise.
|
|
|
|
| |
This hardens the stub resolver against fragmentation-based attacks.
|
| |
|
| |
|
|
|