[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.8-11-g87d0ecf
by NIIBE Yutaka
cvs at cvs.gnupg.org
Mon Jun 18 10:28:02 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 87d0ecf8a1b80139a6cab2a79f1ca6e287207999 (commit)
via 699fe4b36f62b0f4d4e21a85ee7c9ae13377d6cb (commit)
via 0c05b08e8b5c1f120fe5f3ed5c061f034f7496a0 (commit)
via 20c289606f89803929948ddd18910acff2acc9eb (commit)
via 13320db678675246f4bb5a3fb6ece143f37c34a4 (commit)
from e8f439e0547463c24f3c10008fee73e6c4259f52 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 87d0ecf8a1b80139a6cab2a79f1ca6e287207999
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Mon Jun 18 10:13:35 2018 +0900
libdns: Fix for non-FQDN hostname.
* dirmngr/dns.c (dns_resconf_open): Clear search[0] for non-FQDN
hostname.
--
Cherry pick from master commit:
a4a054bf14fa855715faee01a152755c4e2a74f7
GnuPG-bug-id: T3803
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/dirmngr/dns.c b/dirmngr/dns.c
index d2445a0..908bf15 100644
--- a/dirmngr/dns.c
+++ b/dirmngr/dns.c
@@ -5371,13 +5371,16 @@ struct dns_resolv_conf *dns_resconf_open(int *error) {
if (0 != gethostname(resconf->search[0], sizeof resconf->search[0]))
goto syerr;
- dns_d_anchor(resconf->search[0], sizeof resconf->search[0], resconf->search[0], strlen(resconf->search[0]));
- dns_d_cleave(resconf->search[0], sizeof resconf->search[0], resconf->search[0], strlen(resconf->search[0]));
-
/*
- * XXX: If gethostname() returned a string without any label
- * separator, then search[0][0] should be NUL.
+ * If gethostname() returned a string without any label
+ * separator, then search[0][0] should be NUL.
*/
+ if (strchr (resconf->search[0], '.')) {
+ dns_d_anchor(resconf->search[0], sizeof resconf->search[0], resconf->search[0], strlen(resconf->search[0]));
+ dns_d_cleave(resconf->search[0], sizeof resconf->search[0], resconf->search[0], strlen(resconf->search[0]));
+ } else {
+ memset (resconf->search[0], 0, sizeof resconf->search[0]);
+ }
dns_resconf_acquire(resconf);
commit 699fe4b36f62b0f4d4e21a85ee7c9ae13377d6cb
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Jun 15 12:58:29 2018 +0900
libdns: Fix connect and try next nameserver when ECONNREFUSED.
* dirmngr/dns.c (dns_so_check): When EINVAL, release the association
by connect with AF_UNSPEC and try again. Also try again for
ECONNREFUSED.
(dns_res_exec): Try next nameserver when ECONNREFUSED.
--
Cherry pick from master commit:
bcdbf8b8ebe9d61160e0b007dabe1b6462ffbc93
GnuPG-bug-id: T3374
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/dirmngr/dns.c b/dirmngr/dns.c
index 178070a..d2445a0 100644
--- a/dirmngr/dns.c
+++ b/dirmngr/dns.c
@@ -7614,8 +7614,23 @@ retry:
so->state++; /* FALL THROUGH */
case DNS_SO_UDP_CONN:
+ udp_connect_retry:
error = dns_connect(so->udp, (struct sockaddr *)&so->remote, dns_sa_len(&so->remote));
dns_trace_sys_connect(so->trace, so->udp, SOCK_DGRAM, (struct sockaddr *)&so->remote, error);
+
+ /* Linux returns EINVAL when address was bound to
+ localhost and it's external IP address now. */
+ if (error == EINVAL) {
+ struct sockaddr unspec_addr;
+ memset (&unspec_addr, 0, sizeof unspec_addr);
+ unspec_addr.sa_family = AF_UNSPEC;
+ connect(so->udp, &unspec_addr, sizeof unspec_addr);
+ goto udp_connect_retry;
+ } else if (error == ECONNREFUSED)
+ /* Error for previous socket operation may
+ be reserverd asynchronously. */
+ goto udp_connect_retry;
+
if (error)
goto error;
@@ -8824,7 +8839,10 @@ exec:
if (dns_so_elapsed(&R->so) >= dns_resconf_timeout(R->resconf))
dgoto(R->sp, DNS_R_FOREACH_A);
- if ((error = dns_so_check(&R->so)))
+ error = dns_so_check(&R->so);
+ if (error == ECONNREFUSED)
+ dgoto(R->sp, DNS_R_FOREACH_A);
+ else if (error)
goto error;
if (!dns_p_setptr(&F->answer, dns_so_fetch(&R->so, &error)))
@@ -8957,7 +8975,10 @@ exec:
if (dns_so_elapsed(&R->so) >= dns_resconf_timeout(R->resconf))
dgoto(R->sp, DNS_R_FOREACH_AAAA);
- if ((error = dns_so_check(&R->so)))
+ error = dns_so_check(&R->so);
+ if (error == ECONNREFUSED)
+ dgoto(R->sp, DNS_R_FOREACH_AAAA);
+ else if (error)
goto error;
if (!dns_p_setptr(&F->answer, dns_so_fetch(&R->so, &error)))
commit 0c05b08e8b5c1f120fe5f3ed5c061f034f7496a0
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Jun 15 10:38:22 2018 +0900
libdns: Clear struct sockaddr_storage by zero.
* dirmngr/dns.c (dns_resconf_pton): Clear SS.
(dns_resconf_setiface): Clear ->IFACE.
(dns_hints_root, send_query): Clear SS.
--
Cherry pick from master commit:
1c0b6681e4f322b88ac35d1f21c03d3cfc35fc23
POSIX requires clear the structure of struct sockaddr_in6. On macOS,
in some case like bind, it is better to clear even for struct
sockaddr_in.
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/dirmngr/dns.c b/dirmngr/dns.c
index 13ef4b8..178070a 100644
--- a/dirmngr/dns.c
+++ b/dirmngr/dns.c
@@ -5549,6 +5549,7 @@ int dns_resconf_pton(struct sockaddr_storage *ss, const char *src) {
unsigned short port = 0;
int ch, af = AF_INET, error;
+ memset(ss, 0, sizeof *ss);
while ((ch = *src++)) {
switch (ch) {
case ' ':
@@ -6311,6 +6312,7 @@ int dns_resconf_setiface(struct dns_resolv_conf *resconf, const char *addr, unsi
int af = (strchr(addr, ':'))? AF_INET6 : AF_INET;
int error;
+ memset(&resconf->iface, 0, sizeof (struct sockaddr_storage));
if ((error = dns_pton(af, addr, dns_sa_addr(af, &resconf->iface, NULL))))
return error;
@@ -6622,6 +6624,7 @@ struct dns_hints *dns_hints_root(struct dns_resolv_conf *resconf, int *error_) {
for (i = 0; i < lengthof(root_hints); i++) {
af = root_hints[i].af;
+ memset(&ss, 0, sizeof ss);
if ((error = dns_pton(af, root_hints[i].addr, dns_sa_addr(af, &ss, NULL))))
goto error;
@@ -10866,6 +10869,7 @@ static int send_query(int argc, char *argv[]) {
struct dns_socket *so;
int error, type;
+ memset(&ss, 0, sizeof ss);
if (argc > 1) {
ss.ss_family = (strchr(argv[1], ':'))? AF_INET6 : AF_INET;
commit 20c289606f89803929948ddd18910acff2acc9eb
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Thu Jun 14 13:10:57 2018 +0900
libdns: Sync to upstream.
* dirmngr/dns.c (dns_nssconf_loadfile): Handle exclamation mark.
--
Cherry pick from master commit:
3e6ad302eaf3a4a9f3e60379133b3dfdbe0e1b2d
Reverting local change, merge upstream's debug-tracing branch.
(commit 21281fc1b63bb74d51762b8e363c49b1a258783d)
Fixes-commit: d4c0187dd93163f12e9f953366adef81ecf526a6
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/dirmngr/dns.c b/dirmngr/dns.c
index 8e8b6db..13ef4b8 100644
--- a/dirmngr/dns.c
+++ b/dirmngr/dns.c
@@ -6096,17 +6096,9 @@ int dns_nssconf_loadfile(struct dns_resolv_conf *resconf, FILE *fp) {
dns_anyconf_skip(" \t", fp);
if ('[' == dns_anyconf_peek(fp)) {
- dns_anyconf_skip("[ \t", fp);
+ dns_anyconf_skip("[! \t", fp);
- for (;;) {
- if ('!' == dns_anyconf_peek(fp)) {
- dns_anyconf_skip("! \t", fp);
- /* FIXME: negating statuses; currently not implemented */
- dns_anyconf_skip("^#;]\n", fp); /* skip to end of criteria */
- break;
- }
-
- if (!dns_anyconf_scan(&cf, "%w_", fp, &error)) break;
+ while (dns_anyconf_scan(&cf, "%w_", fp, &error)) {
dns_anyconf_skip("= \t", fp);
if (!dns_anyconf_scan(&cf, "%w_", fp, &error)) {
dns_anyconf_pop(&cf); /* discard status */
commit 13320db678675246f4bb5a3fb6ece143f37c34a4
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Thu Jun 14 13:01:45 2018 +0900
dirmngr: Fix recursive resolver mode.
* dirmngr/dns-stuff.c (libdns_init): Initialize options.recurse.
--
Cherry pick from master commit:
5b40338f12762cd74238c2d2b3101c33dd2d0ed3
To reproduce an error, run:
./t-dns-stuff --debug --recursive-resolver www.gnupg.org
Then, it returns "No name" error. That's because there was only setup
for root servers, and no setup for recursive query in fact.
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c
index 7324aae..ffac816 100644
--- a/dirmngr/dns-stuff.c
+++ b/dirmngr/dns-stuff.c
@@ -612,6 +612,8 @@ libdns_init (void)
}
}
+ ld.resolv_conf->options.recurse = recursive_resolver_p ();
+
/* dns_hints_local for stub mode, dns_hints_root for recursive. */
ld.hints = (recursive_resolver
? dns_hints_root (ld.resolv_conf, &derr)
-----------------------------------------------------------------------
Summary of changes:
dirmngr/dns-stuff.c | 2 ++
dirmngr/dns.c | 54 ++++++++++++++++++++++++++++++++++++-----------------
2 files changed, 39 insertions(+), 17 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list