r3420 - in glibc-package/trunk/debian: . debhelper.in patches patches/any
Author: aurel32
Date: 2009-04-26 16:20:32 +0000 (Sun, 26 Apr 2009)
New Revision: 3420
Added:
glibc-package/trunk/debian/patches/any/cvs-broken-dns.diff
Modified:
glibc-package/trunk/debian/changelog
glibc-package/trunk/debian/debhelper.in/libc.NEWS
glibc-package/trunk/debian/patches/series
Log:
* any/cvs-broken_dns.diff: new patch from CVS to provide a fallback for
broken DNS server while doing unified IPv4/IPv6 requests. The first lookup
will be slow, but subsequent requests will fallback to the previous
behaviour. This can be enabled by default by setting 'single-request' in
/etc/resolv.conf.
* debhelper.in/libc.NEWS: add entry explaining the new behaviour and the new
option.
* any/local-disable-gethostbyname4.diff: disabled this patch to re-enable
unified IPv4/IPv6 requests. Closes: bug#343140, bug#435646.
Modified: glibc-package/trunk/debian/changelog
===================================================================
--- glibc-package/trunk/debian/changelog 2009-04-26 10:11:45 UTC (rev 3419)
+++ glibc-package/trunk/debian/changelog 2009-04-26 16:20:32 UTC (rev 3420)
@@ -11,7 +11,16 @@
* any/cvs-iconv-utf16.diff: new patch from upstream to reject UTF-8-encoded
UTF-16 surrogates in iconv. Closes: #525299.
* any/local-getaddrinfo-interface.diff: ignore addresses with no interface
- assigned while sorting with rule 7. Closes: #521439.
+ assigned while sorting with rule 7. Closes: #521439.
+ * any/cvs-broken_dns.diff: new patch from CVS to provide a fallback for
+ broken DNS server while doing unified IPv4/IPv6 requests. The first lookup
+ will be slow, but subsequent requests will fallback to the previous
+ behaviour. This can be enabled by default by setting 'single-request' in
+ /etc/resolv.conf.
+ * debhelper.in/libc.NEWS: add entry explaining the new behaviour and the new
+ option.
+ * any/local-disable-gethostbyname4.diff: disabled this patch to re-enable
+ unified IPv4/IPv6 requests. Closes: bug#343140, bug#435646.
[ Petr Salinger ]
* kfreebsd/local-sysdeps.diff: update to revision 2450 (from glibc-bsd).
Modified: glibc-package/trunk/debian/debhelper.in/libc.NEWS
===================================================================
--- glibc-package/trunk/debian/debhelper.in/libc.NEWS 2009-04-26 10:11:45 UTC (rev 3419)
+++ glibc-package/trunk/debian/debhelper.in/libc.NEWS 2009-04-26 16:20:32 UTC (rev 3420)
@@ -1,3 +1,19 @@
+glibc (2.9-8) unstable; urgency=low
+
+ Starting with version 2.9-8, unified IPv4/IPv6 lookup have been enabled
+ in the glibc's resolver. This is faster, fixes numerous of bugs, but is
+ problematic on some broken DNS servers and/or wrongly configured
+ firewalls.
+
+ If such a DNS server is detected, the resolver switches (permanently
+ for that process) to a mode where the second request is sent only when
+ the first answer has been received. This means the first request will
+ be timeout, but subsequent requests should be fast again. This
+ behaviour can be enabled permanently by adding 'single-request' to
+ /etc/resolv.conf.
+
+ -- Aurelien Jarno <aurel32@debian.org> Thu, 23 Apr 2009 21:14:32 +0200
+
glibc (2.6.1-2) unstable; urgency=low
Starting with version 2.6.1, glibc ships a /etc/ld.so.conf.d/libc.conf that
Added: glibc-package/trunk/debian/patches/any/cvs-broken-dns.diff
===================================================================
--- glibc-package/trunk/debian/patches/any/cvs-broken-dns.diff (rev 0)
+++ glibc-package/trunk/debian/patches/any/cvs-broken-dns.diff 2009-04-26 16:20:32 UTC (rev 3420)
@@ -0,0 +1,121 @@
+2009-04-16 Ulrich Drepper <drepper@redhat.com>
+
+ * resolv/res_send.c (send_dg): Don't just ignore the result we got
+ in case we only receive one reply in single-request mode.
+ * resolv/res_send.c (send_dg): Don't switch into single-request
+ mode if we already are in it
+
+2009-04-06 Ulrich Drepper <drepper@redhat.com>
+
+ * resolv/resolv.h (RES_SNGLKUP): Define.
+ * resolv/res_init.c (res_setoptions): Recognize single-request option.
+ * resolv/res_send.c (send_dg): If we sent two requests at once and
+ only get one reply before timeout switch to mode where we send the
+ second request only after the first answer has been received
+
+diff --git a/resolv/res_send.c b/resolv/res_send.c
+index f75a26e..25a854f 100644
+--- a/resolv/res_send.c
++++ b/resolv/res_send.c
+@@ -915,7 +915,7 @@
+ struct pollfd pfd[1];
+ int ptimeout;
+ struct sockaddr_in6 from;
+- int resplen, seconds, n;
++ int resplen, n;
+
+ if (EXT(statp).nssocks[ns] == -1) {
+ /* only try IPv6 if IPv6 NS and if not failed before */
+@@ -967,11 +967,14 @@
+ /*
+ * Compute time for the total operation.
+ */
+- seconds = (statp->retrans << ns);
++ int seconds = (statp->retrans << ns);
+ if (ns > 0)
+ seconds /= statp->nscount;
+ if (seconds <= 0)
+ seconds = 1;
++ bool single_request = ((statp->options) & RES_SNGLKUP) != 0;// XXX
++ int save_gotsomewhere = *gotsomewhere;
++ retry:
+ evNowTime(&now);
+ evConsTime(&timeout, seconds, 0);
+ evAddTime(&finish, &now, &timeout);
+@@ -995,6 +998,7 @@
+ return (0);
+ }
+ evSubTime(&timeout, &finish, &now);
++ need_recompute = 0;
+ }
+ /* Convert struct timespec in milliseconds. */
+ ptimeout = timeout.tv_sec * 1000 + timeout.tv_nsec / 1000000;
+@@ -1010,6 +1014,20 @@
+ Dprint(statp->options & RES_DEBUG, (stdout, ";; timeout\n"));
+ if (resplen > 1 && (recvresp1 || (buf2 != NULL && recvresp2)))
+ {
++ /* There are quite a few broken name servers out
++ there which don't handle two outstanding
++ requests from the same source. There are also
++ broken firewall settings. If we time out after
++ having received one answer switch to the mode
++ where we send the second request only once we
++ have received the first answer. */
++ if (!single_request)
++ {
++ single_request = true;
++ *gotsomewhere = save_gotsomewhere;
++ goto retry;
++ }
++
+ *resplen2 = 1;
+ return resplen;
+ }
+@@ -1037,7 +1055,7 @@
+ Perror(statp, stderr, "send", errno);
+ goto err_out;
+ }
+- if (nwritten != 0 || buf2 == NULL)
++ if (nwritten != 0 || buf2 == NULL || single_request)
+ pfd[0].events = POLLIN;
+ else
+ pfd[0].events = POLLIN | POLLOUT;
+@@ -1250,8 +1268,11 @@
+ else
+ recvresp2 = 1;
+ /* Repeat waiting if we have a second answer to arrive. */
+- if ((recvresp1 & recvresp2) == 0)
++ if ((recvresp1 & recvresp2) == 0) {
++ if (single_request)
++ pfd[0].events = POLLOUT;
+ goto wait;
++ }
+ /*
+ * All is well, or the error is fatal. Signal that the
+ * next nameserver ought not be tried.
+diff --git a/resolv/res_init.c b/resolv/res_init.c
+index 2bf830c..8841fe9 100644
+--- a/resolv/res_init.c
++++ b/resolv/res_init.c
+@@ -540,6 +540,9 @@ res_setoptions(res_state statp, const char *options, const char *source) {
+ statp->options |= RES_NOCHECKNAME;
+ } else if (!strncmp(cp, "edns0", sizeof("edns0") - 1)) {
+ statp->options |= RES_USE_EDNS0;
++ } else if (!strncmp(cp, "single-request",
++ sizeof("single-request") - 1)) {
++ statp->options |= RES_SNGLKUP;
+ } else {
+ /* XXX - print a warning here? */
+ }
+diff --git a/resolv/resolv.h b/resolv/resolv.h
+index a0de320..c6e695d 100644
+--- a/resolv/resolv.h
++++ b/resolv/resolv.h
+@@ -215,6 +215,7 @@ struct res_sym {
+ #define RES_NOIP6DOTINT 0x00080000 /* Do not use .ip6.int in IPv6
+ reverse lookup */
+ #define RES_USE_EDNS0 0x00100000 /* Use EDNS0. */
++#define RES_SNGLKUP 0x00200000 /* one outstanding request at a time */
+
+ #define RES_DEFAULT (RES_RECURSE|RES_DEFNAMES|RES_DNSRCH|RES_NOIP6DOTINT)
+
Modified: glibc-package/trunk/debian/patches/series
===================================================================
--- glibc-package/trunk/debian/patches/series 2009-04-26 10:11:45 UTC (rev 3419)
+++ glibc-package/trunk/debian/patches/series 2009-04-26 16:20:32 UTC (rev 3420)
@@ -195,8 +195,9 @@
any/local-bashisms.diff
any/submitted-futex_robust_pi.diff
any/cvs-bz7058-nss_nss-nis.diff
-any/local-disable-gethostbyname4.diff
+#any/local-disable-gethostbyname4.diff
any/submitted-getaddrinfo-lo.diff
any/submitted-mount_h.diff
any/cvs-iconv-utf16.diff
any/local-getaddrinfo-interface.diff
+any/cvs-broken-dns.diff
Reply to: