main/musl: dns: gracefully handle transient failures in the domain search path

3 files changed, 35 insertions, 70 deletions

diff --git a/main/musl/1000-cloudflare-stupidity.patch b/main/musl/1000-cloudflare-stupidity.patch
new file mode 100644
index 0000000000..118b03794a
--- /dev/null
+++ b/main/musl/1000-cloudflare-stupidity.patch
@@ -0,0 +1,31 @@
+From 86e97abb42cd88046c594f6b3baa07081bbcdf13 Mon Sep 17 00:00:00 2001
+From: William Pitcock <nenolod@dereferenced.org>
+Date: Fri, 30 Mar 2018 18:48:53 +0000
+Subject: [PATCH] resolver: only exit the search path loop there are a positive
+ number of results given
+
+In the event of no results being given by any of the lookup modules, EAI_NONAME will still
+be thrown.
+
+This is intended to mitigate problems that occur when zones are hosted by weird DNS servers,
+such as the one Cloudflare have implemented, and appear in the search path.
+---
+ src/network/lookup_name.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/network/lookup_name.c b/src/network/lookup_name.c
+index 209c20f0..b068bb92 100644
+--- a/src/network/lookup_name.c
++++ b/src/network/lookup_name.c
+@@ -202,7 +202,7 @@ static int name_from_dns_search(struct address buf[static MAXADDRS], char canon[
+ 			memcpy(canon+l+1, p, z-p);
+ 			canon[z-p+1+l] = 0;
+ 			int cnt = name_from_dns(buf, canon, canon, family, &conf);
+-			if (cnt) return cnt;
++			if (cnt > 0) return cnt;
+ 		}
+ 	}
+ 
+-- 
+2.16.2
+
diff --git a/main/musl/1000-resolv.conf-shenanigans.patch b/main/musl/1000-resolv.conf-shenanigans.patch
deleted file mode 100644
index d6261572f8..0000000000
--- a/main/musl/1000-resolv.conf-shenanigans.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-From b5fd71a0dfb8e7e32a46458abe701f7cd8ebc77b Mon Sep 17 00:00:00 2001
-From: William Pitcock <nenolod@dereferenced.org>
-Date: Fri, 30 Mar 2018 10:45:01 +0000
-Subject: [PATCH] resolv.conf parser: concatenate multiple search domain lines
-
-Programs such as Docker and Kubernetes write multiple domain search lines, such as
-
-search serious-business.big-data.prod.foo.com
-search big-data.prod.foo.com
-search prod.foo.com
-
-instead of
-
-search serious-business.big-data.prod.foo.com big-data.prod.foo.com prod.foo.com
-
-Accordingly, we concatenate the namelist together so that the search path is
-not truncated.
-
-(Sorry, not sorry, for ruining the "omg Alpine sucks at DNS" talk at Kubecon)
----
- src/network/lookup_name.c | 2 +-
- src/network/resolvconf.c  | 7 ++++++-
- 2 files changed, 7 insertions(+), 2 deletions(-)
-
-diff --git a/src/network/lookup_name.c b/src/network/lookup_name.c
-index 209c20f0..c83c11c5 100644
---- a/src/network/lookup_name.c
-+++ b/src/network/lookup_name.c
-@@ -172,7 +172,7 @@ static int name_from_dns(struct address buf[static MAXADDRS], char canon[static
- 
- static int name_from_dns_search(struct address buf[static MAXADDRS], char canon[static 256], const char *name, int family)
- {
--	char search[256];
-+	char search[2048];
- 	struct resolvconf conf;
- 	size_t l, dots;
- 	char *p, *z;
-diff --git a/src/network/resolvconf.c b/src/network/resolvconf.c
-index 4c3e4c4b..72ed4082 100644
---- a/src/network/resolvconf.c
-+++ b/src/network/resolvconf.c
-@@ -9,6 +9,7 @@ int __get_resolv_conf(struct resolvconf *conf, char *search, size_t search_sz)
- {
- 	char line[256];
- 	unsigned char _buf[256];
-+	char *search_base = search;
- 	FILE *f, _f;
- 	int nns = 0;
- 
-@@ -74,9 +75,13 @@ int __get_resolv_conf(struct resolvconf *conf, char *search, size_t search_sz)
- 			continue;
- 		for (p=line+7; isspace(*p); p++);
- 		size_t l = strlen(p);
-+		ptrdiff_t m = search - search_base;
- 		/* This can never happen anyway with chosen buffer sizes. */
--		if (l >= search_sz) continue;
-+		if (l + m >= search_sz) continue;
- 		memcpy(search, p, l+1);
-+		/* We concatenate the search list as domain1 domain2\0 */
-+		search += l;
-+		*search++ = ' ';
- 	}
- 
- 	__fclose_ca(f);
--- 
-2.16.2
-
diff --git a/main/musl/APKBUILD b/main/musl/APKBUILD
index 067eab0979..6376f45f35 100644
--- a/main/musl/APKBUILD
+++ b/main/musl/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Timo Teräs <timo.teras@iki.fi>
 pkgname=musl
 pkgver=1.1.19
-pkgrel=2
+pkgrel=3
 pkgdesc="the musl c library (libc) implementation"
 url="http://www.musl-libc.org/"
 arch="all"
@@ -19,7 +19,8 @@ esac
 source="http://www.musl-libc.org/releases/musl-$pkgver.tar.gz
 	0001-fix-getopt-wrongly-treating-colons-in-optstring-as-v.patch
 	0002-fix-nl_langinfo_l-CODESET-loc-reporting-wrong-locale.patch
-	1000-resolv.conf-shenanigans.patch
+
+	1000-cloudflare-stupidity.patch
 	2000-pthread-internals-increase-DEFAULT_GUARD_SIZE-to-2-p.patch
 	handle-aux-at_base.patch
 
@@ -148,7 +149,7 @@ compat() {
 sha512sums="abee52d53af4b3c14c9088866c911a24d2b6ef67dc494f38a7a09dfe77250026f77528c24c52469c89cffa8ced2f0fa95badbdcf8d4460c90faba47e3927bcc5  musl-1.1.19.tar.gz
 7a6480c454ad25d156727818cf61961880e526abcb00382ed81e40256ac5b06af546837652e47187132d64c261d9f01ce91a952762afd439a8faf5825306a880  0001-fix-getopt-wrongly-treating-colons-in-optstring-as-v.patch
 1c649ebd4814ee22364d8766fdf93732e0c0c54361fcfcc994be254b52e9beb276fca5031a1cef9d4f971c96dc3d3774a1738ba3a38263d8e139ea3947c9b7c3  0002-fix-nl_langinfo_l-CODESET-loc-reporting-wrong-locale.patch
-1d1623ceb8c6c873356ce59c60fd5f15960895daa0257a85fdcb296ce64f2232ac43112b4e4ad93fe803a733777319aade7222d9340815ac1154e011d8f634e2  1000-resolv.conf-shenanigans.patch
+86ba902f640fe3a64ad0c3892c14bf8425ca322025f922ef9debb4d52227f929ccb0a8f29986321b3b6da601ea1b6dd291359cbf8cd9a6dba7aa572e9000fa67  1000-cloudflare-stupidity.patch
 2c8e1dde1834238097b2ee8a7bfb53471a0d9cff4a5e38b55f048b567deff1cdd47c170d0578a67b1a039f95a6c5fbb8cff369c75b6a3e4d7ed171e8e86ebb8c  2000-pthread-internals-increase-DEFAULT_GUARD_SIZE-to-2-p.patch
 6a7ff16d95b5d1be77e0a0fbb245491817db192176496a57b22ab037637d97a185ea0b0d19da687da66c2a2f5578e4343d230f399d49fe377d8f008410974238  handle-aux-at_base.patch
 8d3a2d5315fc56fee7da9abb8b89bb38c6046c33d154c10d168fb35bfde6b0cf9f13042a3bceee34daf091bc409d699223735dcf19f382eeee1f6be34154f26f  ldconfig