diff options
author | David Howells <dhowells@redhat.com> | 2020-04-14 16:07:26 +0100 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2020-07-06 17:21:18 +0100 |
commit | 75e7568dc516db698093b33ea273e1b4a30b70be (patch) | |
tree | 3f615a1f9aa9ec35b87d43d9f69f1f3cd7a5372c /key.dns.h | |
parent | d44a41376b17450c3908978b123e1f05a361885f (diff) | |
download | keyutils-75e7568dc516db698093b33ea273e1b4a30b70be.tar.gz |
dns: Apply a default TTL to records obtained from getaddrinfo()
Address records obtained from getaddrinfo() don't come with any TTL
information, even if they're obtained from the DNS, with the result that
key.dns_resolver upcall program doesn't set an expiry time on dns_resolver
records unless they include a component obtained directly from the DNS,
such as an SRV or AFSDB record.
Fix this to apply a default TTL of 10mins in the event that we haven't got
one. This can be configured in /etc/keyutils/key.dns_resolver.conf by
adding the line:
default_ttl = <number-of-seconds>
to the file.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Ben Boeckel <me@benboeckel.net>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Diffstat (limited to 'key.dns.h')
-rw-r--r-- | key.dns.h | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -29,6 +29,7 @@ #include <stdlib.h> #include <unistd.h> #include <time.h> +#include <ctype.h> #define MAX_VLS 15 /* Max Volume Location Servers Per-Cell */ #define INET_IP4_ONLY 0x1 @@ -42,6 +43,7 @@ extern key_serial_t key; extern int debug_mode; extern unsigned mask; +extern unsigned int key_expiry; #define N_PAYLOAD 256 extern struct iovec payload[N_PAYLOAD]; @@ -52,6 +54,8 @@ void error(const char *fmt, ...); extern __attribute__((format(printf, 1, 2))) void _error(const char *fmt, ...); extern __attribute__((format(printf, 1, 2))) +void warning(const char *fmt, ...); +extern __attribute__((format(printf, 1, 2))) void info(const char *fmt, ...); extern __attribute__((noreturn)) void nsError(int err, const char *domain); |