dirmngr: Do a DNS lookup even if it is missing from nsswitch.conf.

* dirmngr/dns-stuff.c (libdns_init): Do not print error message for a missing nsswitch.conf. Make sure that tehre is a DNS entry. -- GnuPG-bug-id: 2948 Signed-off-by: Werner Koch <wk@gnupg.org>
2024-12-22 10:19:57 +01:00 · 2017-02-13 20:09:26 +01:00 · 2017-02-13 20:09:26 +01:00 · dee026d761
commit dee026d761
parent 30dac0486b
1 changed files with 21 additions and 6 deletions
--- a/dirmngr/dns-stuff.c
+++ b/dirmngr/dns-stuff.c
@ -498,12 +498,10 @@ libdns_init (void)
        (dns_nssconf_loadpath (ld.resolv_conf, fname));
      if (err)
        {
-          log_error ("failed to load '%s': %s\n", fname, gpg_strerror (err));
-          /* not fatal, nsswitch.conf is not used on all systems; assume
-           * classic behavior instead.  Our dns library states "bf" which tries
-           * DNS then Files, which is not classic; FreeBSD
-           * /usr/src/lib/libc/net/gethostnamadr.c defines default_src[] which
-           * is Files then DNS, which is. */
+          /* This is not a fatal error: nsswitch.conf is not used on
+           * all systems; assume classic behavior instead.  */
+          if (gpg_err_code (err) != GPG_ERR_ENOENT)
+            log_error ("failed to load '%s': %s\n", fname, gpg_strerror (err));
          if (opt_debug)
            log_debug ("dns: fallback resolution order, files then DNS\n");
          ld.resolv_conf->lookup[0] = 'f';
@ -511,6 +509,23 @@ libdns_init (void)
          ld.resolv_conf->lookup[2] = '\0';
          err = GPG_ERR_NO_ERROR;
        }
+      else if (!strchr (ld.resolv_conf->lookup, 'b'))
+        {
+          /* No DNS resulution type found in the list.  This might be
+           * due to systemd based systems which allow for custom
+           * keywords which are not known to us and thus we do not
+           * know whether DNS is wanted or not.  Becuase DNS is
+           * important for our infrastructure, we forcefully append
+           * DNS to the end of the list.  */
+          if (strlen (ld.resolv_conf->lookup)+2 < sizeof ld.resolv_conf->lookup)
+            {
+              if (opt_debug)
+                log_debug ("dns: appending DNS to resolution order\n");
+              strcat (ld.resolv_conf->lookup, "b");
+            }
+          else
+            log_error ("failed to append DNS to resolution order\n");
+        }

 #endif /* Unix */
    }