mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-23 17:34:00 +03:00
Merge pull request #4474 from poettering/nsswitch
various nss module/resolved fixes
This commit is contained in:
commit
f70ebf1ce3
@ -110,7 +110,7 @@
|
||||
group: compat mymachines systemd
|
||||
shadow: compat
|
||||
|
||||
hosts: files mymachines resolve <command>myhostname</command>
|
||||
hosts: files mymachines resolve [!UNAVAIL=return] dns <command>myhostname</command>
|
||||
networks: files
|
||||
|
||||
protocols: db files
|
||||
|
@ -86,7 +86,7 @@
|
||||
group: compat <command>mymachines</command> systemd
|
||||
shadow: compat
|
||||
|
||||
hosts: files <command>mymachines</command> resolve myhostname
|
||||
hosts: files <command>mymachines</command> resolve [!UNAVAIL=return] dns myhostname
|
||||
networks: files
|
||||
|
||||
protocols: db files
|
||||
|
@ -85,7 +85,7 @@
|
||||
group: compat mymachines systemd
|
||||
shadow: compat
|
||||
|
||||
hosts: files mymachines <command>resolve [!UNAVAIL=return]</command> dns
|
||||
hosts: files mymachines <command>resolve [!UNAVAIL=return]</command> dns myhostname
|
||||
networks: files
|
||||
|
||||
protocols: db files
|
||||
|
@ -83,7 +83,7 @@
|
||||
group: compat mymachines <command>systemd</command>
|
||||
shadow: compat
|
||||
|
||||
hosts: files mymachines resolve myhostname
|
||||
hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname
|
||||
networks: files
|
||||
|
||||
protocols: db files
|
||||
|
@ -121,6 +121,7 @@ enum nss_status _nss_resolve_gethostbyname4_r(
|
||||
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
||||
struct gaih_addrtuple *r_tuple, *r_tuple_first = NULL;
|
||||
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
|
||||
enum nss_status ret = NSS_STATUS_UNAVAIL;
|
||||
const char *canonical = NULL;
|
||||
size_t l, ms, idx;
|
||||
char *r_name;
|
||||
@ -167,6 +168,10 @@ enum nss_status _nss_resolve_gethostbyname4_r(
|
||||
if (bus_error_shall_fallback(&error))
|
||||
goto fallback;
|
||||
|
||||
/* Treat all other error conditions as NOTFOUND, and fail. This includes DNSSEC errors and
|
||||
suchlike. (We don't use UNAVAIL in this case so that the nsswitch.conf configuration can distuingish
|
||||
such executed but negative replies from complete failure to talk to resolved. */
|
||||
ret = NSS_STATUS_NOTFOUND;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
@ -279,12 +284,9 @@ fallback:
|
||||
}
|
||||
|
||||
fail:
|
||||
/* When we arrive here, resolved runs and has answered (fallback to
|
||||
* "dns" is handled earlier). So we have a definitive "no" answer and
|
||||
* should not fall back to subsequent NSS modules via "UNAVAIL". */
|
||||
*errnop = -r;
|
||||
*h_errnop = NO_RECOVERY;
|
||||
return NSS_STATUS_NOTFOUND;
|
||||
return ret;
|
||||
}
|
||||
|
||||
enum nss_status _nss_resolve_gethostbyname3_r(
|
||||
@ -300,6 +302,7 @@ enum nss_status _nss_resolve_gethostbyname3_r(
|
||||
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
||||
char *r_name, *r_aliases, *r_addr, *r_addr_list;
|
||||
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
|
||||
enum nss_status ret = NSS_STATUS_UNAVAIL;
|
||||
size_t l, idx, ms, alen;
|
||||
const char *canonical;
|
||||
int c, r, i = 0;
|
||||
@ -353,6 +356,7 @@ enum nss_status _nss_resolve_gethostbyname3_r(
|
||||
if (bus_error_shall_fallback(&error))
|
||||
goto fallback;
|
||||
|
||||
ret = NSS_STATUS_NOTFOUND;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
@ -479,7 +483,7 @@ fallback:
|
||||
fail:
|
||||
*errnop = -r;
|
||||
*h_errnop = NO_RECOVERY;
|
||||
return NSS_STATUS_NOTFOUND;
|
||||
return ret;
|
||||
}
|
||||
|
||||
enum nss_status _nss_resolve_gethostbyaddr2_r(
|
||||
@ -494,6 +498,7 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
|
||||
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
||||
char *r_name, *r_aliases, *r_addr, *r_addr_list;
|
||||
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
|
||||
enum nss_status ret = NSS_STATUS_UNAVAIL;
|
||||
unsigned c = 0, i = 0;
|
||||
size_t ms = 0, idx;
|
||||
const char *n;
|
||||
@ -560,7 +565,7 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
|
||||
if (bus_error_shall_fallback(&error))
|
||||
goto fallback;
|
||||
|
||||
|
||||
ret = NSS_STATUS_NOTFOUND;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
@ -669,7 +674,7 @@ fallback:
|
||||
fail:
|
||||
*errnop = -r;
|
||||
*h_errnop = NO_RECOVERY;
|
||||
return NSS_STATUS_NOTFOUND;
|
||||
return ret;
|
||||
}
|
||||
|
||||
NSS_GETHOSTBYNAME_FALLBACKS(resolve);
|
||||
|
@ -575,8 +575,7 @@ void dns_server_warn_downgrade(DnsServer *server) {
|
||||
server->warned_downgrade = true;
|
||||
}
|
||||
|
||||
bool dns_server_limited_domains(DnsServer *server)
|
||||
{
|
||||
bool dns_server_limited_domains(DnsServer *server) {
|
||||
DnsSearchDomain *domain;
|
||||
bool domain_restricted = false;
|
||||
|
||||
@ -589,7 +588,7 @@ bool dns_server_limited_domains(DnsServer *server)
|
||||
if (domain->route_only) {
|
||||
domain_restricted = true;
|
||||
/* ~. means "any domain", thus it is a global server */
|
||||
if (streq(DNS_SEARCH_DOMAIN_NAME(domain), "."))
|
||||
if (dns_name_is_root(DNS_SEARCH_DOMAIN_NAME(domain)))
|
||||
return false;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user