This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
DNAME records are a convenient way to set up RRSIG for an entire subtree of a domain name tree instead of signing each of those records. Querying on such domains result in messages about a mismatch in the query type and returned record type. This patch disables the logging of this message for DNAME records if the DO bit is set. Tested on x86_64. * resolv/gethnamaddr.c (getanswer): Don't log about record type mismatch for DNAME if DNSSEC is requested. * resolv/nss_dns/dns-host.c (getanswer_r): Likewise. --- resolv/gethnamaddr.c | 14 +++++++++++--- resolv/nss_dns/dns-host.c | 11 ++++++++--- 2 files changed, 19 insertions(+), 6 deletions(-) diff --git a/resolv/gethnamaddr.c b/resolv/gethnamaddr.c index 9e0c498..ae55fac 100644 --- a/resolv/gethnamaddr.c +++ b/resolv/gethnamaddr.c @@ -349,10 +349,18 @@ getanswer (const querybuf *answer, int anslen, const char *qname, int qtype) continue; } if (type != qtype) { - syslog(LOG_NOTICE|LOG_AUTH, + /* Skip logging if we received a DNAME when we have set + * the DO bit. DNAME records are a convenient way to + * set up DNSSEC records and such setups can make this + * log message needlessly noisy. + */ + if ((_res.options & RES_USE_DNSSEC) == 0 + || type != T_DNAME) { + syslog(LOG_NOTICE|LOG_AUTH, "gethostby*.getanswer: asked for \"%s %s %s\", got type \"%s\"", - qname, p_class(C_IN), p_type(qtype), - p_type(type)); + qname, p_class(C_IN), p_type(qtype), + p_type(type)); + } cp += n; continue; /* XXX - had_error++ ? */ } diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c index b10c94e..510d388 100644 --- a/resolv/nss_dns/dns-host.c +++ b/resolv/nss_dns/dns-host.c @@ -844,9 +844,14 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype, have_to_map = 1; else if (__glibc_unlikely (type != qtype)) { - syslog (LOG_NOTICE | LOG_AUTH, - "gethostby*.getanswer: asked for \"%s %s %s\", got type \"%s\"", - qname, p_class (C_IN), p_type (qtype), p_type (type)); + /* Skip logging if we received a DNAME when we have set the DO bit. + DNAME records are a convenient way to set up DNSSEC records and + such setups can make this log message needlessly noisy. */ + if ((_res.options & RES_USE_DNSSEC) == 0 || type != T_DNAME) + syslog (LOG_NOTICE | LOG_AUTH, + "gethostby*.getanswer: asked for \"%s %s %s\", " + "got type \"%s\"", + qname, p_class (C_IN), p_type (qtype), p_type (type)); cp += n; continue; /* XXX - had_error++ ? */ } -- 2.1.0
Attachment:
pgpKTATLobH7M.pgp
Description: PGP signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |