From 88850a88bb70ad70e52454dc393d2b73b6b2985d Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Mon, 28 Jan 2019 14:28:25 +0100 Subject: [PATCH] resolv: Enable full ICMP error reporting in stub resolver (#1670028) --- glibc-rh1670028.patch | 57 +++++++++++++++++++++++++++++++++++++++++++ glibc.spec | 6 ++++- 2 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 glibc-rh1670028.patch diff --git a/glibc-rh1670028.patch b/glibc-rh1670028.patch new file mode 100644 index 0000000..f7b6d13 --- /dev/null +++ b/glibc-rh1670028.patch @@ -0,0 +1,57 @@ +resolv: Enable full ICMP error reporting for UDP DNS sockets + +The Linux kernel suppresses some ICMP error messages by default for UDP +sockets. This commit enables full ICMP error reporting, hopefully +resulting in faster timeouts. + +diff --git a/resolv/Makefile b/resolv/Makefile +index 8f22e6a154621238..ebe1b733f294a97c 100644 +--- a/resolv/Makefile ++++ b/resolv/Makefile +@@ -105,7 +105,7 @@ libresolv-routines := res_comp res_debug \ + res_data res_mkquery res_query res_send \ + inet_net_ntop inet_net_pton inet_neta base64 \ + ns_parse ns_name ns_netint ns_ttl ns_print \ +- ns_samedomain ns_date \ ++ ns_samedomain ns_date res_enable_icmp \ + compat-hooks compat-gethnamaddr + + libanl-routines := gai_cancel gai_error gai_misc gai_notify gai_suspend \ +diff --git a/resolv/res_send.c b/resolv/res_send.c +index fa040c1198fadce5..0f6ec83a7ba05986 100644 +--- a/resolv/res_send.c ++++ b/resolv/res_send.c +@@ -943,6 +943,18 @@ reopen (res_state statp, int *terrno, int ns) + return (-1); + } + ++ /* Enable full ICMP error reporting for this ++ socket. */ ++ if (__res_enable_icmp (nsap->sa_family, ++ EXT (statp).nssocks[ns]) < 0) ++ { ++ int saved_errno = errno; ++ __res_iclose (statp, false); ++ __set_errno (saved_errno); ++ *terrno = saved_errno; ++ return -1; ++ } ++ + /* + * On a 4.3BSD+ machine (client and server, + * actually), sending to a nameserver datagram +diff --git a/resolv/resolv-internal.h b/resolv/resolv-internal.h +index 6ab8f2af09a7ce0b..1500adc607f2ce3e 100644 +--- a/resolv/resolv-internal.h ++++ b/resolv/resolv-internal.h +@@ -100,4 +100,10 @@ libc_hidden_proto (__inet_pton_length) + /* Called as part of the thread shutdown sequence. */ + void __res_thread_freeres (void) attribute_hidden; + ++/* The Linux kernel does not enable all ICMP messages on a UDP socket ++ by default. A call this function enables full error reporting for ++ the socket FD. FAMILY must be AF_INET or AF_INET6. Returns 0 on ++ success, -1 on failure. */ ++int __res_enable_icmp (int family, int fd) attribute_hidden; ++ + #endif /* _RESOLV_INTERNAL_H */ diff --git a/glibc.spec b/glibc.spec index 06b3ce6..52104eb 100644 --- a/glibc.spec +++ b/glibc.spec @@ -1,6 +1,6 @@ %define glibcsrcdir glibc-2.28.9000-590-g83e6b59625 %define glibcversion 2.28.9000 -%define glibcrelease 35%{?dist} +%define glibcrelease 36%{?dist} # Pre-release tarballs are pulled in from git using a command that is # effectively: # @@ -158,6 +158,7 @@ Patch17: glibc-cs-path.patch Patch18: glibc-c-utf8-locale.patch Patch23: glibc-python3.patch Patch28: glibc-rh1615608.patch +Patch29: glibc-rh1670028.patch ############################################################################## # Continued list of core "glibc" package information: @@ -1889,6 +1890,9 @@ fi %files -f compat-libpthread-nonshared.filelist -n compat-libpthread-nonshared %changelog +* Mon Jan 28 2019 Florian Weimer - 2.28.9000-36 +- resolv: Enable full ICMP error reporting in stub resolver (#1670028) + * Mon Jan 28 2019 Florian Weimer - 2.28.9000-35 - Remove obsolete scriptlets