Merge pull request #4474 from poettering/nsswitch

various nss module/resolved fixes
2024-11-01 09:21:26 +03:00 · 2016-10-25 08:13:07 +02:00 · 2016-10-25 08:13:07 +02:00 · f70ebf1ce3
commit f70ebf1ce3
parent 8d3eafa161 75555c2824
6 changed files with 18 additions and 14 deletions
--- a/man/nss-myhostname.xml
+++ b/man/nss-myhostname.xml
@ -110,7 +110,7 @@
 group:          compat mymachines systemd
 shadow:         compat
-hosts:          files mymachines resolve <command>myhostname</command>
+hosts:          files mymachines resolve [!UNAVAIL=return] dns <command>myhostname</command>
 networks:       files
 protocols:      db files
--- a/man/nss-mymachines.xml
+++ b/man/nss-mymachines.xml
@ -86,7 +86,7 @@
 group:          compat <command>mymachines</command> systemd
 shadow:         compat
-hosts:          files <command>mymachines</command> resolve myhostname
+hosts:          files <command>mymachines</command> resolve [!UNAVAIL=return] dns myhostname
 networks:       files
 protocols:      db files
--- a/man/nss-resolve.xml
+++ b/man/nss-resolve.xml
@ -85,7 +85,7 @@
 group:          compat mymachines systemd
 shadow:         compat
-hosts:          files mymachines <command>resolve [!UNAVAIL=return]</command> dns
+hosts:          files mymachines <command>resolve [!UNAVAIL=return]</command> dns myhostname
 networks:       files
 protocols:      db files
--- a/man/nss-systemd.xml
+++ b/man/nss-systemd.xml
@ -83,7 +83,7 @@
 group:          compat mymachines <command>systemd</command>
 shadow:         compat
-hosts:          files mymachines resolve myhostname
+hosts:          files mymachines resolve [!UNAVAIL=return] dns myhostname
 networks:       files
 protocols:      db files
--- a/src/nss-resolve/nss-resolve.c
+++ b/src/nss-resolve/nss-resolve.c
@ -121,6 +121,7 @@ enum nss_status _nss_resolve_gethostbyname4_r(
        _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
        struct gaih_addrtuple *r_tuple, *r_tuple_first = NULL;
        _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
        enum nss_status ret = NSS_STATUS_UNAVAIL;
        const char *canonical = NULL;
        size_t l, ms, idx;
        char *r_name;
@ -167,6 +168,10 @@ enum nss_status _nss_resolve_gethostbyname4_r(
                if (bus_error_shall_fallback(&error))
                        goto fallback;
                /* Treat all other error conditions as NOTFOUND, and fail. This includes DNSSEC errors and
                   suchlike. (We don't use UNAVAIL in this case so that the nsswitch.conf configuration can distuingish
                   such executed but negative replies from complete failure to talk to resolved. */
                ret = NSS_STATUS_NOTFOUND;
                goto fail;
        }
@ -279,12 +284,9 @@ fallback:
        }
 fail:
        /* When we arrive here, resolved runs and has answered (fallback to
         * "dns" is handled earlier). So we have a definitive "no" answer and
         * should not fall back to subsequent NSS modules via "UNAVAIL". */
        *errnop = -r;
        *h_errnop = NO_RECOVERY;
-        return NSS_STATUS_NOTFOUND;
+        return ret;
 }
 enum nss_status _nss_resolve_gethostbyname3_r(
@ -300,6 +302,7 @@ enum nss_status _nss_resolve_gethostbyname3_r(
        _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
        char *r_name, *r_aliases, *r_addr, *r_addr_list;
        _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
        enum nss_status ret = NSS_STATUS_UNAVAIL;
        size_t l, idx, ms, alen;
        const char *canonical;
        int c, r, i = 0;
@ -353,6 +356,7 @@ enum nss_status _nss_resolve_gethostbyname3_r(
                if (bus_error_shall_fallback(&error))
                        goto fallback;
                ret = NSS_STATUS_NOTFOUND;
                goto fail;
        }
@ -479,7 +483,7 @@ fallback:
 fail:
        *errnop = -r;
        *h_errnop = NO_RECOVERY;
-        return NSS_STATUS_NOTFOUND;
+        return ret;
 }
 enum nss_status _nss_resolve_gethostbyaddr2_r(
@ -494,6 +498,7 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
        _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
        char *r_name, *r_aliases, *r_addr, *r_addr_list;
        _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
        enum nss_status ret = NSS_STATUS_UNAVAIL;
        unsigned c = 0, i = 0;
        size_t ms = 0, idx;
        const char *n;
@ -560,7 +565,7 @@ enum nss_status _nss_resolve_gethostbyaddr2_r(
                if (bus_error_shall_fallback(&error))
                        goto fallback;
-
+                ret = NSS_STATUS_NOTFOUND;
                goto fail;
        }
@ -669,7 +674,7 @@ fallback:
 fail:
        *errnop = -r;
        *h_errnop = NO_RECOVERY;
-        return NSS_STATUS_NOTFOUND;
+        return ret;
 }
 NSS_GETHOSTBYNAME_FALLBACKS(resolve);
--- a/src/resolve/resolved-dns-server.c
+++ b/src/resolve/resolved-dns-server.c
@ -575,8 +575,7 @@ void dns_server_warn_downgrade(DnsServer *server) {
        server->warned_downgrade = true;
 }
-bool dns_server_limited_domains(DnsServer *server)
+bool dns_server_limited_domains(DnsServer *server) {
 {
        DnsSearchDomain *domain;
        bool domain_restricted = false;
@ -589,7 +588,7 @@ bool dns_server_limited_domains(DnsServer *server)
                if (domain->route_only) {
                        domain_restricted = true;
                        /* ~. means "any domain", thus it is a global server */
-                        if (streq(DNS_SEARCH_DOMAIN_NAME(domain), "."))
+                        if (dns_name_is_root(DNS_SEARCH_DOMAIN_NAME(domain)))
                                return false;
                }