Google Git
Sign in
kernel / pub / scm / linux / kernel / git / dhowells / keyutils / 75e7568dc516db698093b33ea273e1b4a30b70be
commit75e7568dc516db698093b33ea273e1b4a30b70be[log] [tgz]
authorDavid Howells <dhowells@redhat.com>Tue Apr 14 16:07:26 2020 +0100
committerDavid Howells <dhowells@redhat.com>Mon Jul 06 17:21:18 2020 +0100
tree3f615a1f9aa9ec35b87d43d9f69f1f3cd7a5372c
parentd44a41376b17450c3908978b123e1f05a361885f [diff]
dns: Apply a default TTL to records obtained from getaddrinfo()

Address records obtained from getaddrinfo() don't come with any TTL
information, even if they're obtained from the DNS, with the result that
key.dns_resolver upcall program doesn't set an expiry time on dns_resolver
records unless they include a component obtained directly from the DNS,
such as an SRV or AFSDB record.

Fix this to apply a default TTL of 10mins in the event that we haven't got
one.  This can be configured in /etc/keyutils/key.dns_resolver.conf by
adding the line:

	default_ttl = <number-of-seconds>

to the file.

Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Ben Boeckel <me@benboeckel.net>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
6 files changed
tree: 3f615a1f9aa9ec35b87d43d9f69f1f3cd7a5372c
  1. man/
  2. tests/
  3. .gitignore
  4. dns.afsdb.c
  5. key.dns.h
  6. key.dns_resolver.c
  7. keyctl.c
  8. keyctl.h
  9. keyctl_testing.c
  10. keyutils.c
  11. keyutils.h
  12. keyutils.spec
  13. libkeyutils.pc.in
  14. LICENCE.GPL
  15. LICENCE.LGPL
  16. Makefile
  17. README
  18. request-key-debug.sh
  19. request-key.c
  20. request-key.conf
  21. SUBMITTING_PATCHES
  22. version.lds