diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c index 0d896f1ef..bb4d9f3ef 100644 --- a/dirmngr/dirmngr.c +++ b/dirmngr/dirmngr.c @@ -640,6 +640,8 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) return 0; /* Not handled. */ } + set_dns_verbose (opt.verbose, !!DBG_DNS); + return 1; /* Handled. */ } diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c index eae674f5a..08270a617 100644 --- a/dirmngr/dns-stuff.c +++ b/dirmngr/dns-stuff.c @@ -108,6 +108,10 @@ /* The default nameserver used in Tor mode. */ #define DEFAULT_NAMESERVER "8.8.8.8" +/* Two flags to enable verbose and debug mode. */ +static int opt_verbose; +static int opt_debug; + /* If set force the use of the standard resolver. */ static int standard_resolver; @@ -206,6 +210,15 @@ enable_dns_tormode (int new_circuit) } +/* Set verbosity and debug mode for this module. */ +void +set_dns_verbose (int verbose, int debug) +{ + opt_verbose = verbose; + opt_debug = debug; +} + + /* Change the default IP address of the nameserver to IPADDR. The address needs to be a numerical IP address and will be used for the next DNS query. Note that this is only used in Tor mode. */ @@ -558,6 +571,9 @@ libdns_switch_port_p (gpg_error_t err) && libdns_tor_port == TOR_PORT) { /* Switch port and try again. */ + if (opt_debug) + log_debug ("dns: switching from SOCKS port %d to %d\n", + TOR_PORT, TOR_PORT2); libdns_tor_port = TOR_PORT2; libdns_reinit_pending = 1; return 1; @@ -906,22 +922,24 @@ resolve_dns_name (const char *name, unsigned short port, int want_family, int want_socktype, dns_addrinfo_t *r_ai, char **r_canonname) { + gpg_error_t err; + #ifdef USE_LIBDNS if (!standard_resolver) { - gpg_error_t err; - err = resolve_name_libdns (name, port, want_family, want_socktype, r_ai, r_canonname); if (err && libdns_switch_port_p (err)) err = resolve_name_libdns (name, port, want_family, want_socktype, r_ai, r_canonname); - return err; } + else #endif /*USE_LIBDNS*/ - - return resolve_name_standard (name, port, want_family, want_socktype, - r_ai, r_canonname); + err = resolve_name_standard (name, port, want_family, want_socktype, + r_ai, r_canonname); + if (opt_debug) + log_debug ("dns: resolve_dns_name(%s): %s\n", name, gpg_strerror (err)); + return err; } @@ -1407,6 +1425,8 @@ get_dns_cert (const char *name, int want_certtype, void **r_key, size_t *r_keylen, unsigned char **r_fpr, size_t *r_fprlen, char **r_url) { + gpg_error_t err; + if (r_key) *r_key = NULL; if (r_keylen) @@ -1418,19 +1438,20 @@ get_dns_cert (const char *name, int want_certtype, #ifdef USE_LIBDNS if (!standard_resolver) { - gpg_error_t err; - err = get_dns_cert_libdns (name, want_certtype, r_key, r_keylen, r_fpr, r_fprlen, r_url); if (err && libdns_switch_port_p (err)) err = get_dns_cert_libdns (name, want_certtype, r_key, r_keylen, r_fpr, r_fprlen, r_url); - return err; } + else #endif /*USE_LIBDNS*/ + err = get_dns_cert_standard (name, want_certtype, r_key, r_keylen, + r_fpr, r_fprlen, r_url); - return get_dns_cert_standard (name, want_certtype, r_key, r_keylen, - r_fpr, r_fprlen, r_url); + if (opt_debug) + log_debug ("dns: get_dns_cert(%s): %s\n", name, gpg_strerror (err)); + return err; } @@ -1452,7 +1473,7 @@ priosort(const void *a,const void *b) * R_COUNT. */ #ifdef USE_LIBDNS static gpg_error_t -getsrv_libdns (const char *name, struct srventry **list, int *r_count) +getsrv_libdns (const char *name, struct srventry **list, unsigned int *r_count) { gpg_error_t err; struct dns_resolver *res = NULL; @@ -1461,7 +1482,7 @@ getsrv_libdns (const char *name, struct srventry **list, int *r_count) struct dns_rr_i rri; char host[DNS_D_MAXNAME + 1]; int derr; - int srvcount=0; + unsigned int srvcount = 0; err = libdns_res_open (&res); if (err) @@ -1549,7 +1570,8 @@ getsrv_libdns (const char *name, struct srventry **list, int *r_count) * expected that NULL is stored at the address of LIST and 0 is stored * at the address of R_COUNT. */ static gpg_error_t -getsrv_standard (const char *name, struct srventry **list, int *r_count) +getsrv_standard (const char *name, + struct srventry **list, unsigned int *r_count) { #ifdef HAVE_SYSTEM_RESOLVER union { @@ -1561,7 +1583,7 @@ getsrv_standard (const char *name, struct srventry **list, int *r_count) unsigned char *pt, *emsg; int r, rc; u16 dlen; - int srvcount=0; + unsigned int srvcount = 0; u16 count; /* Do not allow a query using the standard resolver in Tor mode. */ @@ -1672,14 +1694,16 @@ getsrv_standard (const char *name, struct srventry **list, int *r_count) } -int -getsrv (const char *name, struct srventry **list) +/* Note that we do not return NONAME but simply store 0 at R_COUNT. */ +gpg_error_t +get_dns_srv (const char *name, struct srventry **list, unsigned int *r_count) { gpg_error_t err; - int srvcount; + unsigned int srvcount; int i; *list = NULL; + *r_count = 0; srvcount = 0; #ifdef USE_LIBDNS if (!standard_resolver) @@ -1693,7 +1717,11 @@ getsrv (const char *name, struct srventry **list) err = getsrv_standard (name, list, &srvcount); if (err) - return -1; /* Ugly. FIXME: Return an error code. */ + { + if (gpg_err_code (err) == GPG_ERR_NO_NAME) + err = 0; + goto leave; + } /* Now we have an array of all the srv records. */ @@ -1768,7 +1796,17 @@ getsrv (const char *name, struct srventry **list) } } - return srvcount; + leave: + if (opt_debug) + { + if (err) + log_debug ("dns: getsrv(%s): %s\n", name, gpg_strerror (err)); + else + log_debug ("dns: getsrv(%s) -> %u records\n", name, srvcount); + } + if (!err) + *r_count = srvcount; + return err; } @@ -1924,13 +1962,13 @@ get_dns_cname_standard (const char *name, char **r_cname) gpg_error_t get_dns_cname (const char *name, char **r_cname) { + gpg_error_t err; + *r_cname = NULL; #ifdef USE_LIBDNS if (!standard_resolver) { - gpg_error_t err; - err = get_dns_cname_libdns (name, r_cname); if (err && libdns_switch_port_p (err)) err = get_dns_cname_libdns (name, r_cname); @@ -1938,5 +1976,10 @@ get_dns_cname (const char *name, char **r_cname) } #endif /*USE_LIBDNS*/ - return get_dns_cname_standard (name, r_cname); + err = get_dns_cname_standard (name, r_cname); + if (opt_debug) + log_debug ("get_dns_cname(%s)%s%s\n", name, + err ? ": " : " -> ", + err ? gpg_strerror (err) : *r_cname); + return err; } diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h index 2be972a53..075aeafab 100644 --- a/dirmngr/dns-stuff.h +++ b/dirmngr/dns-stuff.h @@ -92,6 +92,9 @@ struct srventry }; +/* Set verbosity and debug mode for this module. */ +void set_dns_verbose (int verbose, int debug); + /* Calling this function with YES set to True forces the use of the * standard resolver even if dirmngr has been built with support for * an alternative resolver. */ @@ -145,8 +148,9 @@ gpg_error_t get_dns_cert (const char *name, int want_certtype, unsigned char **r_fpr, size_t *r_fprlen, char **r_url); - -int getsrv (const char *name,struct srventry **list); +/* Return an array of SRV records. */ +gpg_error_t get_dns_srv (const char *name, + struct srventry **list, unsigned int *r_count); #endif /*GNUPG_DIRMNGR_DNS_STUFF_H*/ diff --git a/dirmngr/http.c b/dirmngr/http.c index ebf80b12d..619f2f1b4 100644 --- a/dirmngr/http.c +++ b/dirmngr/http.c @@ -2321,7 +2321,7 @@ connect_server (const char *server, unsigned short port, { gpg_error_t err; assuan_fd_t sock = ASSUAN_INVALID_FD; - int srvcount = 0; + unsigned int srvcount = 0; int hostfound = 0; int anyhostaddr = 0; int srv, connected; @@ -2377,8 +2377,12 @@ connect_server (const char *server, unsigned short port, { stpcpy (stpcpy (stpcpy (stpcpy (srvname,"_"), srvtag), "._tcp."), server); - srvcount = getsrv (srvname, &serverlist); + err = get_dns_srv (srvname, &serverlist, &srvcount); xfree (srvname); + if (err) + log_info ("getting SRV '%s' failed: %s\n", + serverlist[srv].target, gpg_strerror (err)); + /* Note that on error SRVCOUNT is zero. */ } } } diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c index 8f5343243..a6c22f8cd 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -428,7 +428,7 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, char *cname; char *srvrecord; struct srventry *srvs; - int srvscount; + unsigned int srvscount; reftblsize = 100; reftbl = xtrymalloc (reftblsize * sizeof *reftbl); @@ -456,11 +456,10 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, return err; } - srvscount = getsrv (srvrecord, &srvs); + err = get_dns_srv (srvrecord, &srvs, &srvscount); xfree (srvrecord); - if (srvscount < 0) + if (err) { - err = gpg_error_from_syserror (); xfree (reftbl); return err; } diff --git a/dirmngr/t-dns-stuff.c b/dirmngr/t-dns-stuff.c index dd8e21e2e..f58f3235a 100644 --- a/dirmngr/t-dns-stuff.c +++ b/dirmngr/t-dns-stuff.c @@ -157,6 +157,7 @@ main (int argc, char **argv) exit (1); } + set_dns_verbose (verbose, debug); init_sockets (); if (opt_tor) @@ -234,19 +235,27 @@ main (int argc, char **argv) else if (opt_srv) { struct srventry *srv; - int rc,i; + unsigned int count; + int i; - rc=getsrv (name? name : "_hkp._tcp.wwwkeys.pgp.net", &srv); - printf("Count=%d\n",rc); - for(i=0;i\n", + gpg_strerror (err), gpg_strsource (err)); + else { - printf("priority=%-8hu ",srv[i].priority); - printf("weight=%-8hu ",srv[i].weight); - printf("port=%-5hu ",srv[i].port); - printf("target=%s\n",srv[i].target); - } + printf ("count=%u\n",count); + for (i=0; i < count; i++) + { + printf("priority=%-8hu ",srv[i].priority); + printf("weight=%-8hu ",srv[i].weight); + printf("port=%-5hu ",srv[i].port); + printf("target=%s\n",srv[i].target); + } - xfree(srv); + xfree(srv); + } } else /* Standard lookup. */ { @@ -289,7 +298,7 @@ main (int argc, char **argv) (opt_bracket? DNS_WITHBRACKET:0), &host); if (err) - printf ("[resolve_dns_addr failed (2): %s]", gpg_strerror (err)); + printf (" [resolve_dns_addr failed (2): %s]", gpg_strerror (err)); else { if (!is_ip_address (host))