This introduces a concept of trusted name servers, for which the
AD bit is passed through to applications. For untrusted name
servers (the default), the AD bit in responses are cleared, to
provide a safe default.
This approach is very similar to the one suggested by Pavel Šimerda
in <https://bugzilla.redhat.com/show_bug.cgi?id=1164339#c15>.
The DNS test framework in support/ is enhanced with support for
setting the AD bit in responses.
Tested on x86_64-linux-gnu.
Change-Id: Ibfe0f7c73ea221c35979842c5c3b6ed486495ccc
The old implementation based on hsearch_r used an ad-hoc C string
encoding and produced an incorrect format on the wire for domain
names which contained bytes which needed escaping when printed.
This commit switches to ns_name_pton for the wire format conversion
(now that we have separate tests for it) and uses a tsearch tree
with a suitable comparison function to locate compression targets.
server_thread_udp_process_one already takes care of calling sendto()
instead of xsendto to be able to ignore the case where the client has
closed the socket. Depending on the TCP/IP stack behavior, this error
could be notified later through recvfrom(), so we need to ignore it
there too.
* support/resolv_test.c (server_thread_udp_process_one): Call recvfrom
instead of xrecvfrom, and ignore ECONNREFUSED errors.
sys/socket.h includes sys/uio.h to get the definition of the iovec
structure.
POSIX allows sys/socket.h to make all sys/uio.h symbols visible.
However, all of sys/uio.h is XSI-shaded, so for non-XSI POSIX this
results in conformtest failures (for sys/socket.h and other headers
that include it):
Namespace violation: "UIO_MAXIOV"
Namespace violation: "readv"
Namespace violation: "writev"
Now, there is some ambiguity in POSIX about what namespace
reservations apply in this case - see
http://austingroupbugs.net/view.php?id=1127 - but glibc convention
would still avoid declaring readv and writev, for example, for feature
test macros that don't include them (if only headers from the relevant
standard are included), even if such declarations are permitted, so
there is a bug here according to glibc conventions.
This patch moves the struct iovec definition to a new
bits/types/struct_iovec.h header and includes that from sys/socket.h
instead of including the whole of sys/uio.h. This fixes the namespace
issue; however, three files in glibc that were relying on the implicit
inclusion needed to be updated to include sys/uio.h explicitly. So
there is a question of whether sys/socket.h should continue to include
sys/uio.h under some conditions, such as __USE_XOPEN or __USE_MISC or
__USE_XOPEN || __USE_MISC, for greater compatibility with code that
(wrongly) expects this optional inclusion to be present there. (I
think the three affected files in glibc should still have explicit
sys/uio.h inclusions added in any case, however.)
Tested for x86_64.
[BZ #21426]
* misc/bits/types/struct_iovec.h: New file.
* misc/Makefile (headers): Add bits/types/struct_iovec.h.
* include/bits/types/struct_iovec.h: New file.
* bits/uio.h (struct iovec): Replace by inclusion of
<bits/types/struct_iovec.h>.
* sysdeps/unix/sysv/linux/bits/uio.h (struct iovec): Likewise.
* socket/sys/socket.h: Include <bits/types/struct_iovec.h> instead
of <sys/uio.h>.
* nptl/tst-cancel4.c: Include <sys/uio.h>
* posix/test-errno.c: Likewise.
* support/resolv_test.c: Likewise.
* conform/Makefile (test-xfail-POSIX2008/arpa/inet.h/conform):
Remove.
(test-xfail-POSIX2008/netdb.h/conform): Likewise.
(test-xfail-POSIX2008/netinet/in.h/conform): Likewise.
(test-xfail-POSIX2008/sys/socket.h/conform): Likewise.