diff --git a/.gitignore b/.gitignore index ca4d2bf..a4c4dfc 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -/nss-mdns-0.15.1.tar.gz +SOURCES/nss-mdns-0.15.1.tar.gz diff --git a/.nss-mdns.metadata b/.nss-mdns.metadata new file mode 100644 index 0000000..3b0dd12 --- /dev/null +++ b/.nss-mdns.metadata @@ -0,0 +1 @@ +b3549c609ac45b8fbd9f3b718d38a74193134e5c SOURCES/nss-mdns-0.15.1.tar.gz diff --git a/SOURCES/nss-mdns-local-heuristic-unit.patch b/SOURCES/nss-mdns-local-heuristic-unit.patch new file mode 100644 index 0000000..4b702b1 --- /dev/null +++ b/SOURCES/nss-mdns-local-heuristic-unit.patch @@ -0,0 +1,112 @@ +From 6ff47454ff413e3033a77d4d9c09b914c78ab3a0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Wed, 7 Dec 2022 22:56:47 +0100 +Subject: [PATCH] Add unit test parts for new autodetection + +Use new enum to specify forced present or missing .local SOA record. Use +from production code auto value, but use forced values from unit test. +Add few different results to unit test. +--- + src/nss.c | 3 ++- + src/util.c | 7 +++++-- + src/util.h | 9 ++++++++- + tests/check_util.c | 18 ++++++++++++++++++ + 4 files changed, 33 insertions(+), 4 deletions(-) + +diff --git a/src/nss.c b/src/nss.c +index 7f9230e..2e1a90b 100644 +--- a/src/nss.c ++++ b/src/nss.c +@@ -118,7 +118,8 @@ enum nss_status _nss_mdns_gethostbyname_impl(const char* name, int af, + #ifndef MDNS_MINIMAL + mdns_allow_file = fopen(MDNS_ALLOW_FILE, "r"); + #endif +- result = verify_name_allowed_with_soa(name, mdns_allow_file); ++ result = verify_name_allowed_with_soa(name, mdns_allow_file, ++ TEST_LOCAL_SOA_AUTO); + #ifndef MDNS_MINIMAL + if (mdns_allow_file) + fclose(mdns_allow_file); +diff --git a/src/util.c b/src/util.c +index 4eacf07..0a1c28a 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -55,14 +55,17 @@ int ends_with(const char* name, const char* suffix) { + return strcasecmp(name + ln - ls, suffix) == 0; + } + +-use_name_result_t verify_name_allowed_with_soa(const char* name, FILE* mdns_allow_file) { ++use_name_result_t verify_name_allowed_with_soa(const char* name, ++ FILE* mdns_allow_file, ++ test_local_soa_t test) { + switch (verify_name_allowed(name, mdns_allow_file)) { + case VERIFY_NAME_RESULT_NOT_ALLOWED: + return USE_NAME_RESULT_SKIP; + case VERIFY_NAME_RESULT_ALLOWED: + return USE_NAME_RESULT_AUTHORITATIVE; + case VERIFY_NAME_RESULT_ALLOWED_IF_NO_LOCAL_SOA: +- if (local_soa()) ++ if (test == TEST_LOCAL_SOA_YES || ++ (test == TEST_LOCAL_SOA_AUTO && local_soa()) ) + /* Make multicast resolution not authoritative for .local zone. + * Allow continuing to unicast resolution after multicast had not worked. */ + return USE_NAME_RESULT_OPTIONAL; +diff --git a/src/util.h b/src/util.h +index 76809d4..80527e3 100644 +--- a/src/util.h ++++ b/src/util.h +@@ -67,6 +67,12 @@ typedef enum { + USE_NAME_RESULT_OPTIONAL, + } use_name_result_t; + ++typedef enum { ++ TEST_LOCAL_SOA_NO, ++ TEST_LOCAL_SOA_YES, ++ TEST_LOCAL_SOA_AUTO, ++} test_local_soa_t; ++ + // Returns true if we should try to resolve the name with mDNS. + // + // If mdns_allow_file is NULL, then this implements the "local" SOA +@@ -78,7 +84,8 @@ typedef enum { + // The two heuristics described above are disabled if mdns_allow_file + // is not NULL. + use_name_result_t verify_name_allowed_with_soa(const char* name, +- FILE* mdns_allow_file); ++ FILE* mdns_allow_file, ++ test_local_soa_t test); + + typedef enum { + VERIFY_NAME_RESULT_NOT_ALLOWED, +diff --git a/tests/check_util.c b/tests/check_util.c +index d600a2e..36f1008 100644 +--- a/tests/check_util.c ++++ b/tests/check_util.c +@@ -50,6 +50,24 @@ START_TEST(test_verify_name_allowed_minimal) { + VERIFY_NAME_RESULT_NOT_ALLOWED); + ck_assert_int_eq(verify_name_allowed(".", NULL), + VERIFY_NAME_RESULT_NOT_ALLOWED); ++ ++ ck_assert_int_eq(verify_name_allowed_with_soa(".", NULL, TEST_LOCAL_SOA_YES), ++ USE_NAME_RESULT_SKIP); ++ ck_assert_int_eq(verify_name_allowed_with_soa(".", NULL, TEST_LOCAL_SOA_NO), ++ USE_NAME_RESULT_SKIP); ++ ck_assert_int_eq(verify_name_allowed_with_soa(".", NULL, TEST_LOCAL_SOA_AUTO), ++ USE_NAME_RESULT_SKIP); ++ ck_assert_int_eq(verify_name_allowed_with_soa("example3.sub.local", ++ NULL, TEST_LOCAL_SOA_YES), USE_NAME_RESULT_SKIP); ++ ck_assert_int_eq(verify_name_allowed_with_soa("example4.sub.local", ++ NULL, TEST_LOCAL_SOA_NO), USE_NAME_RESULT_SKIP); ++ ck_assert_int_eq(verify_name_allowed_with_soa("example4.sub.local", ++ NULL, TEST_LOCAL_SOA_AUTO), USE_NAME_RESULT_SKIP); ++ ck_assert_int_eq(verify_name_allowed_with_soa("example1.local", ++ NULL, TEST_LOCAL_SOA_YES), USE_NAME_RESULT_OPTIONAL); ++ ck_assert_int_eq(verify_name_allowed_with_soa("example2.local", ++ NULL, TEST_LOCAL_SOA_NO), USE_NAME_RESULT_AUTHORITATIVE); ++ /* TEST_LOCAL_SOA_AUTO would test actual DNS on host, skip that. */ + } + END_TEST + +-- +2.38.1 + diff --git a/SOURCES/nss-mdns-local-heuristic.patch b/SOURCES/nss-mdns-local-heuristic.patch new file mode 100644 index 0000000..07eb43f --- /dev/null +++ b/SOURCES/nss-mdns-local-heuristic.patch @@ -0,0 +1,119 @@ +From 0cbe3ff2a64cdddbfb3884ccbe28be9f08077614 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Tue, 6 Dec 2022 20:39:27 +0100 +Subject: [PATCH] Change .local domain heuristic + +Previous way skipped all multicast queries when unicast DNS contains +local. SOA record. Change that behaviour and always request multicast +name. But if local SOA is present, then make missing multicast optional +and continue to DNS plugin. That would make names ending with .local to +take longer resolve on unicast DNS, but should still deliver the answer. +--- + src/nss.c | 11 ++++++++--- + src/util.c | 15 ++++++++++----- + src/util.h | 9 ++++++++- + 3 files changed, 26 insertions(+), 9 deletions(-) + +diff --git a/src/nss.c b/src/nss.c +index 93d140a..7f9230e 100644 +--- a/src/nss.c ++++ b/src/nss.c +@@ -85,8 +85,8 @@ enum nss_status _nss_mdns_gethostbyname_impl(const char* name, int af, + userdata_t* u, int* errnop, + int* h_errnop) { + +- int name_allowed; + FILE* mdns_allow_file = NULL; ++ use_name_result_t result; + + #ifdef NSS_IPV4_ONLY + if (af == AF_UNSPEC) { +@@ -118,13 +118,13 @@ enum nss_status _nss_mdns_gethostbyname_impl(const char* name, int af, + #ifndef MDNS_MINIMAL + mdns_allow_file = fopen(MDNS_ALLOW_FILE, "r"); + #endif +- name_allowed = verify_name_allowed_with_soa(name, mdns_allow_file); ++ result = verify_name_allowed_with_soa(name, mdns_allow_file); + #ifndef MDNS_MINIMAL + if (mdns_allow_file) + fclose(mdns_allow_file); + #endif + +- if (!name_allowed) { ++ if (result == USE_NAME_RESULT_SKIP) { + *errnop = EINVAL; + *h_errnop = NO_RECOVERY; + return NSS_STATUS_UNAVAIL; +@@ -137,6 +137,11 @@ enum nss_status _nss_mdns_gethostbyname_impl(const char* name, int af, + case AVAHI_RESOLVE_RESULT_HOST_NOT_FOUND: + *errnop = ETIMEDOUT; + *h_errnop = HOST_NOT_FOUND; ++ if (result == USE_NAME_RESULT_OPTIONAL) { ++ /* continue to dns plugin if DNS .local zone is detected. */ ++ *h_errnop = TRY_AGAIN; ++ return NSS_STATUS_UNAVAIL; ++ } + return NSS_STATUS_NOTFOUND; + + case AVAHI_RESOLVE_RESULT_UNAVAIL: +diff --git a/src/util.c b/src/util.c +index d5e0290..4eacf07 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -55,16 +55,21 @@ int ends_with(const char* name, const char* suffix) { + return strcasecmp(name + ln - ls, suffix) == 0; + } + +-int verify_name_allowed_with_soa(const char* name, FILE* mdns_allow_file) { ++use_name_result_t verify_name_allowed_with_soa(const char* name, FILE* mdns_allow_file) { + switch (verify_name_allowed(name, mdns_allow_file)) { + case VERIFY_NAME_RESULT_NOT_ALLOWED: +- return 0; ++ return USE_NAME_RESULT_SKIP; + case VERIFY_NAME_RESULT_ALLOWED: +- return 1; ++ return USE_NAME_RESULT_AUTHORITATIVE; + case VERIFY_NAME_RESULT_ALLOWED_IF_NO_LOCAL_SOA: +- return !local_soa(); ++ if (local_soa()) ++ /* Make multicast resolution not authoritative for .local zone. ++ * Allow continuing to unicast resolution after multicast had not worked. */ ++ return USE_NAME_RESULT_OPTIONAL; ++ else ++ return USE_NAME_RESULT_AUTHORITATIVE; + default: +- return 0; ++ return USE_NAME_RESULT_SKIP; + } + } + +diff --git a/src/util.h b/src/util.h +index 218c094..76809d4 100644 +--- a/src/util.h ++++ b/src/util.h +@@ -61,6 +61,12 @@ char* buffer_strdup(buffer_t* buf, const char* str); + int set_cloexec(int fd); + int ends_with(const char* name, const char* suffix); + ++typedef enum { ++ USE_NAME_RESULT_SKIP, ++ USE_NAME_RESULT_AUTHORITATIVE, ++ USE_NAME_RESULT_OPTIONAL, ++} use_name_result_t; ++ + // Returns true if we should try to resolve the name with mDNS. + // + // If mdns_allow_file is NULL, then this implements the "local" SOA +@@ -71,7 +77,8 @@ int ends_with(const char* name, const char* suffix); + // + // The two heuristics described above are disabled if mdns_allow_file + // is not NULL. +-int verify_name_allowed_with_soa(const char* name, FILE* mdns_allow_file); ++use_name_result_t verify_name_allowed_with_soa(const char* name, ++ FILE* mdns_allow_file); + + typedef enum { + VERIFY_NAME_RESULT_NOT_ALLOWED, +-- +2.38.1 + diff --git a/nss-mdns.spec b/SPECS/nss-mdns.spec similarity index 81% rename from nss-mdns.spec rename to SPECS/nss-mdns.spec index 3df9a68..197331e 100644 --- a/nss-mdns.spec +++ b/SPECS/nss-mdns.spec @@ -1,16 +1,21 @@ Name: nss-mdns Version: 0.15.1 -Release: 3.1%{?dist} +Release: 12%{?dist} Summary: glibc plugin for .local name resolution License: LGPLv2+ URL: https://github.com/lathiat/nss-mdns Source0: https://github.com/lathiat/nss-mdns/releases/download/v%{version}/nss-mdns-%{version}.tar.gz +# https://github.com/lathiat/nss-mdns/pull/84 +Patch1: nss-mdns-local-heuristic.patch +Patch2: nss-mdns-local-heuristic-unit.patch + BuildRequires: make BuildRequires: gcc BuildRequires: pkgconfig(check) Requires: avahi +Requires: authselect %description nss-mdns is a plugin for the GNU Name Service Switch (NSS) functionality of @@ -24,7 +29,7 @@ the local host name via mDNS (e.g. Avahi). %prep -%autosetup +%autosetup -p1 %build %configure --libdir=/%{_lib} @@ -42,51 +47,10 @@ rm -rf $RPM_BUILD_ROOT %{?ldconfig} %posttrans -function mod_nss() { - if [ -f "$1" ] ; then - # sed-fu to add mdns4_minimal to the hosts line of /etc/nsswitch.conf - sed -i.bak ' - /^hosts:/ !b - /\/ b - s/\<\(files\( myhostname\)\?[[:blank:]]\+\)/\1mdns4_minimal [NOTFOUND=return] /g - ' "$1" - fi -} - -FILE="$(readlink /etc/nsswitch.conf || echo /etc/nsswitch.conf)" -if [ "$FILE" = "/etc/authselect/nsswitch.conf" ] && authselect check &>/dev/null; then - mod_nss "/etc/authselect/user-nsswitch.conf" - authselect apply-changes &> /dev/null || : -else - mod_nss "$FILE" - # also apply the same changes to user-nsswitch.conf to affect - # possible future authselect configuration - mod_nss "/etc/authselect/user-nsswitch.conf" -fi +authselect enable-feature with-mdns4 &> /dev/null || : %preun -function mod_nss() { - if [ -f "$1" ] ; then - # sed-fu to remove mdns4_minimal from the hosts line of /etc/nsswitch.conf - sed -i.bak ' - /^hosts:/ !b - s/[[:blank:]]\+mdns\(4\|6\)\?\(_minimal\( \[NOTFOUND=return\]\)\?\)\?//g - ' "$1" - fi -} - -if [ "$1" -eq 0 ] ; then - FILE="$(readlink /etc/nsswitch.conf || echo /etc/nsswitch.conf)" - if [ "$FILE" = "/etc/authselect/nsswitch.conf" ] && authselect check &>/dev/null; then - mod_nss "/etc/authselect/user-nsswitch.conf" - authselect apply-changes &> /dev/null || : - else - mod_nss "$FILE" - # also apply the same changes to user-nsswitch.conf to affect - # possible future authselect configuration - mod_nss "/etc/authselect/user-nsswitch.conf" - fi -fi +authselect disable-feature with-mdns4 &> /dev/null || : %ldconfig_postun @@ -98,8 +62,35 @@ fi %changelog -* Tue Nov 16 2021 Pavel Březina - 0.15.1-3.1 -- authselect is too old in RHEL, switch scripts back (#2113979) +* Tue Dec 24 2024 Arkady L. Shane - 0.15.1-12 +- Rebuilt for MSVSphere 10 + +* Thu Jul 18 2024 Fedora Release Engineering - 0.15.1-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu Jan 25 2024 Fedora Release Engineering - 0.15.1-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 0.15.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Jul 20 2023 Fedora Release Engineering - 0.15.1-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Jan 19 2023 Fedora Release Engineering - 0.15.1-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Tue Dec 06 2022 Petr Menšík - 0.15.1-7 +- Attempt to solve local heuristic (#2148500) + +* Fri Jul 22 2022 Fedora Release Engineering - 0.15.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Wed Feb 16 2022 Pavel Březina - 0.15.1-5 +- Require authselect since it is used in scriptlets to auto-enable nss-mdns + +* Thu Jan 20 2022 Fedora Release Engineering - 0.15.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Tue Nov 16 2021 Pavel Březina - 0.15.1-3 - Rely only on authselect for nsswitch.conf changes (#2023745) diff --git a/sources b/sources deleted file mode 100644 index 4de31a8..0000000 --- a/sources +++ /dev/null @@ -1 +0,0 @@ -SHA512 (nss-mdns-0.15.1.tar.gz) = 11a82ae9f209326b4501c7e6d33c9932b370c4dcacb64d6783140e25688ad6391bbd113e51ee470fd8be12669124eac331593cfd02a040383b4f964ed6ec6154