diff options
| author | Werner Koch <[email protected]> | 2015-10-25 15:38:07 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2015-10-25 15:47:12 +0000 |
| commit | 5e7ac031f513ad3b60e4f092fa72b3bec0676515 (patch) | |
| tree | 6a791e2b779b16e385864bbca2eb511054fa6c29 /dirmngr/dns-stuff.h | |
| parent | dirmngr: Better handle systems without IPv6 or IPv4. (diff) | |
| download | gnupg-5e7ac031f513ad3b60e4f092fa72b3bec0676515.tar.gz gnupg-5e7ac031f513ad3b60e4f092fa72b3bec0676515.zip | |
dirmngr: Add workaround for broken getaddrinfo.
* dirmngr/dns-stuff.c (resolve_name_standard): On failure retry by
first resolving the CNAME.
(get_dns_cname): New.
* dirmngr/t-dns-stuff.c (main): Add option --cname.
--
At least the getaddrinfo implementation in glibc 2.19-13 from Debian
returns EAI_NONAME if the CNAME points to a too long list of A/AAAA
addresses. Looking at the wire the data is correctly returned from
the server but getaddrinfo seems to get confused by truncation and
retry. To fix this we resolve the CNAME again and call getaddrinfo
again with the canonical name.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'dirmngr/dns-stuff.h')
| -rw-r--r-- | dirmngr/dns-stuff.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h index fd1c43acb..c3effad83 100644 --- a/dirmngr/dns-stuff.h +++ b/dirmngr/dns-stuff.h @@ -110,6 +110,9 @@ gpg_error_t resolve_dns_addr (const struct sockaddr *addr, int addrlen, /* Return true if NAME is a numerical IP address. */ int is_ip_address (const char *name); +/* Get the canonical name for NAME. */ +gpg_error_t get_dns_cname (const char *name, char **r_cname); + /* Return a CERT record or an arbitray RR. */ gpg_error_t get_dns_cert (const char *name, int want_certtype, void **r_key, size_t *r_keylen, |