From d4c0187dd93163f12e9f953366adef81ecf526a6 Mon Sep 17 00:00:00 2001 From: Gaetan Bisson Date: Mon, 23 Jan 2017 12:46:35 +0100 Subject: [PATCH] libdns: Hack to skip negation term. * dirmngr/dns.c (dns_nssconf_loadfile): Skip negation terms in nsswitch.conf parser. -- This small patch was submitted along with this comment: We've been having issues over at Arch Linux with the new libdns code. Our /etc/nsswitch.conf contains the following line: hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname And it turns out dirmngr fails to parse the negation statement (the bang in !UNAVAIL). This results in gnupg not being able to resolve any name. Looking at dirmngr/dns.c it was unclear to me how to properly handle such negations. The dns_anyconf_scan calls used in dns_nssconf_loadfile do not allow to store a negation bit easily... In the meantime, I wrote the attached patch which ignores those statements altogether. It makes libdns work as expected for us. Commit log written by wk --- dirmngr/dns.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/dirmngr/dns.c b/dirmngr/dns.c index 016ff44f4..869e7ed2e 100644 --- a/dirmngr/dns.c +++ b/dirmngr/dns.c @@ -6071,7 +6071,15 @@ int dns_nssconf_loadfile(struct dns_resolv_conf *resconf, FILE *fp) { if ('[' == dns_anyconf_peek(fp)) { dns_anyconf_skip("[ \t", fp); - while (dns_anyconf_scan(&cf, "%w_", fp, &error)) { + for (;;) { + if ('!' == dns_anyconf_peek(fp)) { + dns_anyconf_skip("! \t", fp); + /* FIXME: negating statuses; currently not implemented */ + dns_anyconf_skip("^#;]\n", fp); /* skip to end of criteria */ + break; + } + + if (!dns_anyconf_scan(&cf, "%w_", fp, &error)) break; dns_anyconf_skip("= \t", fp); if (!dns_anyconf_scan(&cf, "%w_", fp, &error)) { dns_anyconf_pop(&cf); /* discard status */