Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 12 Jun 2018 08:54:13 +0800 (CST)
From: 王志强 <00107082@....com>
To: musl@...ts.openwall.com
Subject: musl dns search domain stop when current search got some error

Guys,

I have a alpine container running with following resolv conf:
# cat /etc/resolv.conf
nameserver 10.254.0.100
search default.svc.enn.cn svc.enn.cn default.pod.enn.cn pod.enn.cn enn.cn lan.davidkarlsen.com
options ndots:5

When I try to resolve some domain in the alpine container, say baidu.com, it would fail if some search search domain return code 0 without answers.
I think the cause  is that  name_from_dns would return error code,  but name_from_dns_search would return whenever a error received from name_from_dns
I tried following code change, and it seems fix it
diff --git a/src/network/lookup_name.c b/src/network/lookup_name.c
index 209c20f..abb7da5 100644
--- a/src/network/lookup_name.c
+++ b/src/network/lookup_name.c
@@ -202,7 +202,7 @@ static int name_from_dns_search(struct address buf[static MAXADDRS], char canon[
                        memcpy(canon+l+1, p, z-p);
                        canon[z-p+1+l] = 0;
                        int cnt = name_from_dns(buf, canon, canon, family, &conf);
-                       if (cnt) return cnt;
+                       if (cnt > 0 || cnt == EAI_AGAIN) return cnt;
                }
        }

DNS server would sometimes send back a response with return code 0 as following tcpdump shows, sometimes it would return SERVFAIL or REFUSED. (Not sure why though...)

00:36:13.165567 IP 10.254.0.100.domain > slave-2.55437: 2953 0/1/0 (106)    0x0000:  4500 0086 ab87 4000 3e11 bb6b 0afe 0064  E.....@.>..k...d
    0x0010:  ac10 1e02 0035 d88d 0072 a95c 0b89 8180  .....5...r.\....
    0x0020:  0001 0000 0001 0000 0562 6169 6475 0363  .........baidu.c
    0x0030:  6f6d 036c 616e 0c64 6176 6964 6b61 726c  om.lan.davidkarl
    0x0040:  7365 6e03 636f 6d00 001c 0001 c01a 0006  sen.com.........
    0x0050:  0001 0000 0384 002e 036b 656e 026e 730a  .........ken.ns.
    0x0060:  636c 6f75 6466 6c61 7265 c027 0364 6e73  cloudflare.'.dns
    0x0070:  c043 78e1 741a 0000 2710 0000 0960 0009  .Cx.t...'....`..
    0x0080:  3a80 0000 0e10                           :.....
00:36:13.170095 IP 10.254.0.100.domain > slave-2.55437: 2637 0/1/0 (106)
    0x0000:  4500 0086 ab88 4000 3e11 bb6a 0afe 0064  E.....@.>..j...d
    0x0010:  ac10 1e02 0035 d88d 0072 aab3 0a4d 8180  .....5...r...M..
    0x0020:  0001 0000 0001 0000 0562 6169 6475 0363  .........baidu.c
    0x0030:  6f6d 036c 616e 0c64 6176 6964 6b61 726c  om.lan.davidkarl
    0x0040:  7365 6e03 636f 6d00 0001 0001 c01a 0006  sen.com.........
    0x0050:  0001 0000 0384 002e 036b 656e 026e 730a  .........ken.ns.
    0x0060:  636c 6f75 6466 6c61 7265 c027 0364 6e73  cloudflare.'.dns
    0x0070:  c043 78e1 741a 0000 2710 0000 0960 0009  .Cx.t...'....`..



Thanks
David

Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.